github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/config/crd/preflight/troubleshoot.sh_preflights.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.9.0 7 creationTimestamp: null 8 name: preflights.troubleshoot.sh 9 spec: 10 group: troubleshoot.sh 11 names: 12 kind: Preflight 13 listKind: PreflightList 14 plural: preflights 15 singular: preflight 16 scope: Namespaced 17 versions: 18 - name: v1beta2 19 schema: 20 openAPIV3Schema: 21 description: Preflight is the Schema for the preflights API 22 properties: 23 apiVersion: 24 description: 'APIVersion defines the versioned schema of this representation 25 of an object. Servers should convert recognized schemas to the latest 26 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 27 type: string 28 kind: 29 description: 'Kind is a string value representing the REST resource this 30 object represents. Servers may infer this from the endpoint the client 31 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 32 type: string 33 metadata: 34 type: object 35 spec: 36 description: PreflightSpec defines the desired state of Preflight 37 properties: 38 analyzers: 39 items: 40 properties: 41 cephStatus: 42 properties: 43 annotations: 44 additionalProperties: 45 type: string 46 type: object 47 checkName: 48 type: string 49 collectorName: 50 type: string 51 exclude: 52 type: BoolString 53 namespace: 54 type: string 55 outcomes: 56 items: 57 properties: 58 fail: 59 properties: 60 message: 61 type: string 62 uri: 63 type: string 64 when: 65 type: string 66 type: object 67 pass: 68 properties: 69 message: 70 type: string 71 uri: 72 type: string 73 when: 74 type: string 75 type: object 76 warn: 77 properties: 78 message: 79 type: string 80 uri: 81 type: string 82 when: 83 type: string 84 type: object 85 type: object 86 type: array 87 strict: 88 type: BoolString 89 required: 90 - namespace 91 - outcomes 92 type: object 93 clusterPodStatuses: 94 properties: 95 annotations: 96 additionalProperties: 97 type: string 98 type: object 99 checkName: 100 type: string 101 exclude: 102 type: BoolString 103 namespaces: 104 items: 105 type: string 106 type: array 107 outcomes: 108 items: 109 properties: 110 fail: 111 properties: 112 message: 113 type: string 114 uri: 115 type: string 116 when: 117 type: string 118 type: object 119 pass: 120 properties: 121 message: 122 type: string 123 uri: 124 type: string 125 when: 126 type: string 127 type: object 128 warn: 129 properties: 130 message: 131 type: string 132 uri: 133 type: string 134 when: 135 type: string 136 type: object 137 type: object 138 type: array 139 strict: 140 type: BoolString 141 required: 142 - outcomes 143 type: object 144 clusterResource: 145 properties: 146 annotations: 147 additionalProperties: 148 type: string 149 type: object 150 checkName: 151 type: string 152 clusterScoped: 153 type: boolean 154 collectorName: 155 type: string 156 exclude: 157 type: BoolString 158 expectedValue: 159 type: string 160 kind: 161 type: string 162 name: 163 type: string 164 namespace: 165 type: string 166 outcomes: 167 items: 168 properties: 169 fail: 170 properties: 171 message: 172 type: string 173 uri: 174 type: string 175 when: 176 type: string 177 type: object 178 pass: 179 properties: 180 message: 181 type: string 182 uri: 183 type: string 184 when: 185 type: string 186 type: object 187 warn: 188 properties: 189 message: 190 type: string 191 uri: 192 type: string 193 when: 194 type: string 195 type: object 196 type: object 197 type: array 198 strict: 199 type: BoolString 200 yamlPath: 201 type: string 202 required: 203 - clusterScoped 204 - kind 205 - name 206 - outcomes 207 - yamlPath 208 type: object 209 clusterVersion: 210 properties: 211 annotations: 212 additionalProperties: 213 type: string 214 type: object 215 checkName: 216 type: string 217 exclude: 218 type: BoolString 219 outcomes: 220 items: 221 properties: 222 fail: 223 properties: 224 message: 225 type: string 226 uri: 227 type: string 228 when: 229 type: string 230 type: object 231 pass: 232 properties: 233 message: 234 type: string 235 uri: 236 type: string 237 when: 238 type: string 239 type: object 240 warn: 241 properties: 242 message: 243 type: string 244 uri: 245 type: string 246 when: 247 type: string 248 type: object 249 type: object 250 type: array 251 strict: 252 type: BoolString 253 required: 254 - outcomes 255 type: object 256 configMap: 257 properties: 258 annotations: 259 additionalProperties: 260 type: string 261 type: object 262 checkName: 263 type: string 264 configMapName: 265 type: string 266 exclude: 267 type: BoolString 268 key: 269 type: string 270 namespace: 271 type: string 272 outcomes: 273 items: 274 properties: 275 fail: 276 properties: 277 message: 278 type: string 279 uri: 280 type: string 281 when: 282 type: string 283 type: object 284 pass: 285 properties: 286 message: 287 type: string 288 uri: 289 type: string 290 when: 291 type: string 292 type: object 293 warn: 294 properties: 295 message: 296 type: string 297 uri: 298 type: string 299 when: 300 type: string 301 type: object 302 type: object 303 type: array 304 strict: 305 type: BoolString 306 required: 307 - configMapName 308 - namespace 309 - outcomes 310 type: object 311 containerRuntime: 312 properties: 313 annotations: 314 additionalProperties: 315 type: string 316 type: object 317 checkName: 318 type: string 319 exclude: 320 type: BoolString 321 outcomes: 322 items: 323 properties: 324 fail: 325 properties: 326 message: 327 type: string 328 uri: 329 type: string 330 when: 331 type: string 332 type: object 333 pass: 334 properties: 335 message: 336 type: string 337 uri: 338 type: string 339 when: 340 type: string 341 type: object 342 warn: 343 properties: 344 message: 345 type: string 346 uri: 347 type: string 348 when: 349 type: string 350 type: object 351 type: object 352 type: array 353 strict: 354 type: BoolString 355 required: 356 - outcomes 357 type: object 358 customResourceDefinition: 359 properties: 360 annotations: 361 additionalProperties: 362 type: string 363 type: object 364 checkName: 365 type: string 366 customResourceDefinitionName: 367 type: string 368 exclude: 369 type: BoolString 370 outcomes: 371 items: 372 properties: 373 fail: 374 properties: 375 message: 376 type: string 377 uri: 378 type: string 379 when: 380 type: string 381 type: object 382 pass: 383 properties: 384 message: 385 type: string 386 uri: 387 type: string 388 when: 389 type: string 390 type: object 391 warn: 392 properties: 393 message: 394 type: string 395 uri: 396 type: string 397 when: 398 type: string 399 type: object 400 type: object 401 type: array 402 strict: 403 type: BoolString 404 required: 405 - customResourceDefinitionName 406 - outcomes 407 type: object 408 deploymentStatus: 409 properties: 410 annotations: 411 additionalProperties: 412 type: string 413 type: object 414 checkName: 415 type: string 416 exclude: 417 type: BoolString 418 name: 419 type: string 420 namespace: 421 type: string 422 namespaces: 423 items: 424 type: string 425 type: array 426 outcomes: 427 items: 428 properties: 429 fail: 430 properties: 431 message: 432 type: string 433 uri: 434 type: string 435 when: 436 type: string 437 type: object 438 pass: 439 properties: 440 message: 441 type: string 442 uri: 443 type: string 444 when: 445 type: string 446 type: object 447 warn: 448 properties: 449 message: 450 type: string 451 uri: 452 type: string 453 when: 454 type: string 455 type: object 456 type: object 457 type: array 458 strict: 459 type: BoolString 460 required: 461 - name 462 - outcomes 463 type: object 464 distribution: 465 properties: 466 annotations: 467 additionalProperties: 468 type: string 469 type: object 470 checkName: 471 type: string 472 exclude: 473 type: BoolString 474 outcomes: 475 items: 476 properties: 477 fail: 478 properties: 479 message: 480 type: string 481 uri: 482 type: string 483 when: 484 type: string 485 type: object 486 pass: 487 properties: 488 message: 489 type: string 490 uri: 491 type: string 492 when: 493 type: string 494 type: object 495 warn: 496 properties: 497 message: 498 type: string 499 uri: 500 type: string 501 when: 502 type: string 503 type: object 504 type: object 505 type: array 506 strict: 507 type: BoolString 508 required: 509 - outcomes 510 type: object 511 imagePullSecret: 512 properties: 513 annotations: 514 additionalProperties: 515 type: string 516 type: object 517 checkName: 518 type: string 519 exclude: 520 type: BoolString 521 outcomes: 522 items: 523 properties: 524 fail: 525 properties: 526 message: 527 type: string 528 uri: 529 type: string 530 when: 531 type: string 532 type: object 533 pass: 534 properties: 535 message: 536 type: string 537 uri: 538 type: string 539 when: 540 type: string 541 type: object 542 warn: 543 properties: 544 message: 545 type: string 546 uri: 547 type: string 548 when: 549 type: string 550 type: object 551 type: object 552 type: array 553 registryName: 554 type: string 555 strict: 556 type: BoolString 557 required: 558 - outcomes 559 - registryName 560 type: object 561 ingress: 562 properties: 563 annotations: 564 additionalProperties: 565 type: string 566 type: object 567 checkName: 568 type: string 569 exclude: 570 type: BoolString 571 ingressName: 572 type: string 573 namespace: 574 type: string 575 outcomes: 576 items: 577 properties: 578 fail: 579 properties: 580 message: 581 type: string 582 uri: 583 type: string 584 when: 585 type: string 586 type: object 587 pass: 588 properties: 589 message: 590 type: string 591 uri: 592 type: string 593 when: 594 type: string 595 type: object 596 warn: 597 properties: 598 message: 599 type: string 600 uri: 601 type: string 602 when: 603 type: string 604 type: object 605 type: object 606 type: array 607 strict: 608 type: BoolString 609 required: 610 - ingressName 611 - namespace 612 - outcomes 613 type: object 614 jobStatus: 615 properties: 616 annotations: 617 additionalProperties: 618 type: string 619 type: object 620 checkName: 621 type: string 622 exclude: 623 type: BoolString 624 name: 625 type: string 626 namespace: 627 type: string 628 namespaces: 629 items: 630 type: string 631 type: array 632 outcomes: 633 items: 634 properties: 635 fail: 636 properties: 637 message: 638 type: string 639 uri: 640 type: string 641 when: 642 type: string 643 type: object 644 pass: 645 properties: 646 message: 647 type: string 648 uri: 649 type: string 650 when: 651 type: string 652 type: object 653 warn: 654 properties: 655 message: 656 type: string 657 uri: 658 type: string 659 when: 660 type: string 661 type: object 662 type: object 663 type: array 664 strict: 665 type: BoolString 666 required: 667 - name 668 - outcomes 669 type: object 670 jsonCompare: 671 properties: 672 annotations: 673 additionalProperties: 674 type: string 675 type: object 676 checkName: 677 type: string 678 collectorName: 679 type: string 680 exclude: 681 type: BoolString 682 fileName: 683 type: string 684 outcomes: 685 items: 686 properties: 687 fail: 688 properties: 689 message: 690 type: string 691 uri: 692 type: string 693 when: 694 type: string 695 type: object 696 pass: 697 properties: 698 message: 699 type: string 700 uri: 701 type: string 702 when: 703 type: string 704 type: object 705 warn: 706 properties: 707 message: 708 type: string 709 uri: 710 type: string 711 when: 712 type: string 713 type: object 714 type: object 715 type: array 716 path: 717 type: string 718 strict: 719 type: BoolString 720 value: 721 type: string 722 required: 723 - outcomes 724 type: object 725 longhorn: 726 properties: 727 annotations: 728 additionalProperties: 729 type: string 730 type: object 731 checkName: 732 type: string 733 collectorName: 734 type: string 735 exclude: 736 type: BoolString 737 namespace: 738 type: string 739 outcomes: 740 items: 741 properties: 742 fail: 743 properties: 744 message: 745 type: string 746 uri: 747 type: string 748 when: 749 type: string 750 type: object 751 pass: 752 properties: 753 message: 754 type: string 755 uri: 756 type: string 757 when: 758 type: string 759 type: object 760 warn: 761 properties: 762 message: 763 type: string 764 uri: 765 type: string 766 when: 767 type: string 768 type: object 769 type: object 770 type: array 771 strict: 772 type: BoolString 773 required: 774 - namespace 775 - outcomes 776 type: object 777 mysql: 778 properties: 779 annotations: 780 additionalProperties: 781 type: string 782 type: object 783 checkName: 784 type: string 785 collectorName: 786 type: string 787 exclude: 788 type: BoolString 789 fileName: 790 type: string 791 outcomes: 792 items: 793 properties: 794 fail: 795 properties: 796 message: 797 type: string 798 uri: 799 type: string 800 when: 801 type: string 802 type: object 803 pass: 804 properties: 805 message: 806 type: string 807 uri: 808 type: string 809 when: 810 type: string 811 type: object 812 warn: 813 properties: 814 message: 815 type: string 816 uri: 817 type: string 818 when: 819 type: string 820 type: object 821 type: object 822 type: array 823 strict: 824 type: BoolString 825 required: 826 - collectorName 827 - outcomes 828 type: object 829 nodeResources: 830 properties: 831 annotations: 832 additionalProperties: 833 type: string 834 type: object 835 checkName: 836 type: string 837 exclude: 838 type: BoolString 839 filters: 840 properties: 841 architecture: 842 type: string 843 cpuAllocatable: 844 type: string 845 cpuCapacity: 846 type: string 847 ephemeralStorageAllocatable: 848 type: string 849 ephemeralStorageCapacity: 850 type: string 851 memoryAllocatable: 852 type: string 853 memoryCapacity: 854 type: string 855 podAllocatable: 856 type: string 857 podCapacity: 858 type: string 859 selector: 860 properties: 861 matchLabel: 862 additionalProperties: 863 type: string 864 type: object 865 type: object 866 type: object 867 outcomes: 868 items: 869 properties: 870 fail: 871 properties: 872 message: 873 type: string 874 uri: 875 type: string 876 when: 877 type: string 878 type: object 879 pass: 880 properties: 881 message: 882 type: string 883 uri: 884 type: string 885 when: 886 type: string 887 type: object 888 warn: 889 properties: 890 message: 891 type: string 892 uri: 893 type: string 894 when: 895 type: string 896 type: object 897 type: object 898 type: array 899 strict: 900 type: BoolString 901 required: 902 - outcomes 903 type: object 904 postgres: 905 properties: 906 annotations: 907 additionalProperties: 908 type: string 909 type: object 910 checkName: 911 type: string 912 collectorName: 913 type: string 914 exclude: 915 type: BoolString 916 fileName: 917 type: string 918 outcomes: 919 items: 920 properties: 921 fail: 922 properties: 923 message: 924 type: string 925 uri: 926 type: string 927 when: 928 type: string 929 type: object 930 pass: 931 properties: 932 message: 933 type: string 934 uri: 935 type: string 936 when: 937 type: string 938 type: object 939 warn: 940 properties: 941 message: 942 type: string 943 uri: 944 type: string 945 when: 946 type: string 947 type: object 948 type: object 949 type: array 950 strict: 951 type: BoolString 952 required: 953 - collectorName 954 - outcomes 955 type: object 956 redis: 957 properties: 958 annotations: 959 additionalProperties: 960 type: string 961 type: object 962 checkName: 963 type: string 964 collectorName: 965 type: string 966 exclude: 967 type: BoolString 968 fileName: 969 type: string 970 outcomes: 971 items: 972 properties: 973 fail: 974 properties: 975 message: 976 type: string 977 uri: 978 type: string 979 when: 980 type: string 981 type: object 982 pass: 983 properties: 984 message: 985 type: string 986 uri: 987 type: string 988 when: 989 type: string 990 type: object 991 warn: 992 properties: 993 message: 994 type: string 995 uri: 996 type: string 997 when: 998 type: string 999 type: object 1000 type: object 1001 type: array 1002 strict: 1003 type: BoolString 1004 required: 1005 - collectorName 1006 - outcomes 1007 type: object 1008 registryImages: 1009 properties: 1010 annotations: 1011 additionalProperties: 1012 type: string 1013 type: object 1014 checkName: 1015 type: string 1016 collectorName: 1017 type: string 1018 exclude: 1019 type: BoolString 1020 outcomes: 1021 items: 1022 properties: 1023 fail: 1024 properties: 1025 message: 1026 type: string 1027 uri: 1028 type: string 1029 when: 1030 type: string 1031 type: object 1032 pass: 1033 properties: 1034 message: 1035 type: string 1036 uri: 1037 type: string 1038 when: 1039 type: string 1040 type: object 1041 warn: 1042 properties: 1043 message: 1044 type: string 1045 uri: 1046 type: string 1047 when: 1048 type: string 1049 type: object 1050 type: object 1051 type: array 1052 strict: 1053 type: BoolString 1054 required: 1055 - collectorName 1056 - outcomes 1057 type: object 1058 replicasetStatus: 1059 properties: 1060 annotations: 1061 additionalProperties: 1062 type: string 1063 type: object 1064 checkName: 1065 type: string 1066 exclude: 1067 type: BoolString 1068 name: 1069 type: string 1070 namespace: 1071 type: string 1072 namespaces: 1073 items: 1074 type: string 1075 type: array 1076 outcomes: 1077 items: 1078 properties: 1079 fail: 1080 properties: 1081 message: 1082 type: string 1083 uri: 1084 type: string 1085 when: 1086 type: string 1087 type: object 1088 pass: 1089 properties: 1090 message: 1091 type: string 1092 uri: 1093 type: string 1094 when: 1095 type: string 1096 type: object 1097 warn: 1098 properties: 1099 message: 1100 type: string 1101 uri: 1102 type: string 1103 when: 1104 type: string 1105 type: object 1106 type: object 1107 type: array 1108 selector: 1109 items: 1110 type: string 1111 type: array 1112 strict: 1113 type: BoolString 1114 required: 1115 - name 1116 - outcomes 1117 - selector 1118 type: object 1119 secret: 1120 properties: 1121 annotations: 1122 additionalProperties: 1123 type: string 1124 type: object 1125 checkName: 1126 type: string 1127 exclude: 1128 type: BoolString 1129 key: 1130 type: string 1131 namespace: 1132 type: string 1133 outcomes: 1134 items: 1135 properties: 1136 fail: 1137 properties: 1138 message: 1139 type: string 1140 uri: 1141 type: string 1142 when: 1143 type: string 1144 type: object 1145 pass: 1146 properties: 1147 message: 1148 type: string 1149 uri: 1150 type: string 1151 when: 1152 type: string 1153 type: object 1154 warn: 1155 properties: 1156 message: 1157 type: string 1158 uri: 1159 type: string 1160 when: 1161 type: string 1162 type: object 1163 type: object 1164 type: array 1165 secretName: 1166 type: string 1167 strict: 1168 type: BoolString 1169 required: 1170 - namespace 1171 - outcomes 1172 - secretName 1173 type: object 1174 statefulsetStatus: 1175 properties: 1176 annotations: 1177 additionalProperties: 1178 type: string 1179 type: object 1180 checkName: 1181 type: string 1182 exclude: 1183 type: BoolString 1184 name: 1185 type: string 1186 namespace: 1187 type: string 1188 namespaces: 1189 items: 1190 type: string 1191 type: array 1192 outcomes: 1193 items: 1194 properties: 1195 fail: 1196 properties: 1197 message: 1198 type: string 1199 uri: 1200 type: string 1201 when: 1202 type: string 1203 type: object 1204 pass: 1205 properties: 1206 message: 1207 type: string 1208 uri: 1209 type: string 1210 when: 1211 type: string 1212 type: object 1213 warn: 1214 properties: 1215 message: 1216 type: string 1217 uri: 1218 type: string 1219 when: 1220 type: string 1221 type: object 1222 type: object 1223 type: array 1224 strict: 1225 type: BoolString 1226 required: 1227 - name 1228 - outcomes 1229 type: object 1230 storageClass: 1231 properties: 1232 annotations: 1233 additionalProperties: 1234 type: string 1235 type: object 1236 checkName: 1237 type: string 1238 exclude: 1239 type: BoolString 1240 outcomes: 1241 items: 1242 properties: 1243 fail: 1244 properties: 1245 message: 1246 type: string 1247 uri: 1248 type: string 1249 when: 1250 type: string 1251 type: object 1252 pass: 1253 properties: 1254 message: 1255 type: string 1256 uri: 1257 type: string 1258 when: 1259 type: string 1260 type: object 1261 warn: 1262 properties: 1263 message: 1264 type: string 1265 uri: 1266 type: string 1267 when: 1268 type: string 1269 type: object 1270 type: object 1271 type: array 1272 storageClassName: 1273 type: string 1274 strict: 1275 type: BoolString 1276 required: 1277 - outcomes 1278 type: object 1279 sysctl: 1280 properties: 1281 annotations: 1282 additionalProperties: 1283 type: string 1284 type: object 1285 checkName: 1286 type: string 1287 exclude: 1288 type: BoolString 1289 outcomes: 1290 items: 1291 properties: 1292 fail: 1293 properties: 1294 message: 1295 type: string 1296 uri: 1297 type: string 1298 when: 1299 type: string 1300 type: object 1301 pass: 1302 properties: 1303 message: 1304 type: string 1305 uri: 1306 type: string 1307 when: 1308 type: string 1309 type: object 1310 warn: 1311 properties: 1312 message: 1313 type: string 1314 uri: 1315 type: string 1316 when: 1317 type: string 1318 type: object 1319 type: object 1320 type: array 1321 strict: 1322 type: BoolString 1323 required: 1324 - outcomes 1325 type: object 1326 textAnalyze: 1327 properties: 1328 annotations: 1329 additionalProperties: 1330 type: string 1331 type: object 1332 checkName: 1333 type: string 1334 collectorName: 1335 type: string 1336 exclude: 1337 type: BoolString 1338 excludeFiles: 1339 items: 1340 type: string 1341 type: array 1342 fileName: 1343 type: string 1344 ignoreIfNoFiles: 1345 type: boolean 1346 outcomes: 1347 items: 1348 properties: 1349 fail: 1350 properties: 1351 message: 1352 type: string 1353 uri: 1354 type: string 1355 when: 1356 type: string 1357 type: object 1358 pass: 1359 properties: 1360 message: 1361 type: string 1362 uri: 1363 type: string 1364 when: 1365 type: string 1366 type: object 1367 warn: 1368 properties: 1369 message: 1370 type: string 1371 uri: 1372 type: string 1373 when: 1374 type: string 1375 type: object 1376 type: object 1377 type: array 1378 regex: 1379 type: string 1380 regexGroups: 1381 type: string 1382 strict: 1383 type: BoolString 1384 required: 1385 - outcomes 1386 type: object 1387 weaveReport: 1388 properties: 1389 annotations: 1390 additionalProperties: 1391 type: string 1392 type: object 1393 checkName: 1394 type: string 1395 exclude: 1396 type: BoolString 1397 reportFileGlob: 1398 type: string 1399 strict: 1400 type: BoolString 1401 required: 1402 - reportFileGlob 1403 type: object 1404 yamlCompare: 1405 properties: 1406 annotations: 1407 additionalProperties: 1408 type: string 1409 type: object 1410 checkName: 1411 type: string 1412 collectorName: 1413 type: string 1414 exclude: 1415 type: BoolString 1416 fileName: 1417 type: string 1418 outcomes: 1419 items: 1420 properties: 1421 fail: 1422 properties: 1423 message: 1424 type: string 1425 uri: 1426 type: string 1427 when: 1428 type: string 1429 type: object 1430 pass: 1431 properties: 1432 message: 1433 type: string 1434 uri: 1435 type: string 1436 when: 1437 type: string 1438 type: object 1439 warn: 1440 properties: 1441 message: 1442 type: string 1443 uri: 1444 type: string 1445 when: 1446 type: string 1447 type: object 1448 type: object 1449 type: array 1450 path: 1451 type: string 1452 strict: 1453 type: BoolString 1454 value: 1455 type: string 1456 required: 1457 - outcomes 1458 type: object 1459 type: object 1460 type: array 1461 collectors: 1462 items: 1463 properties: 1464 ceph: 1465 properties: 1466 collectorName: 1467 type: string 1468 exclude: 1469 type: BoolString 1470 namespace: 1471 type: string 1472 timeout: 1473 type: string 1474 required: 1475 - namespace 1476 type: object 1477 clusterInfo: 1478 properties: 1479 collectorName: 1480 type: string 1481 exclude: 1482 type: BoolString 1483 type: object 1484 clusterResources: 1485 properties: 1486 collectorName: 1487 type: string 1488 exclude: 1489 type: BoolString 1490 ignoreRBAC: 1491 type: boolean 1492 namespaces: 1493 items: 1494 type: string 1495 type: array 1496 type: object 1497 collectd: 1498 properties: 1499 collectorName: 1500 type: string 1501 exclude: 1502 type: BoolString 1503 hostPath: 1504 type: string 1505 image: 1506 type: string 1507 imagePullPolicy: 1508 type: string 1509 imagePullSecret: 1510 properties: 1511 data: 1512 additionalProperties: 1513 type: string 1514 type: object 1515 name: 1516 type: string 1517 type: 1518 type: string 1519 type: object 1520 namespace: 1521 type: string 1522 timeout: 1523 type: string 1524 required: 1525 - hostPath 1526 - image 1527 - namespace 1528 type: object 1529 configMap: 1530 properties: 1531 collectorName: 1532 type: string 1533 exclude: 1534 type: BoolString 1535 includeAllData: 1536 type: boolean 1537 includeValue: 1538 type: boolean 1539 key: 1540 type: string 1541 name: 1542 type: string 1543 namespace: 1544 type: string 1545 selector: 1546 items: 1547 type: string 1548 type: array 1549 type: object 1550 copy: 1551 properties: 1552 collectorName: 1553 type: string 1554 containerName: 1555 type: string 1556 containerPath: 1557 type: string 1558 exclude: 1559 type: BoolString 1560 extractArchive: 1561 type: boolean 1562 name: 1563 type: string 1564 namespace: 1565 type: string 1566 selector: 1567 items: 1568 type: string 1569 type: array 1570 required: 1571 - containerPath 1572 - namespace 1573 - selector 1574 type: object 1575 copyFromHost: 1576 properties: 1577 collectorName: 1578 type: string 1579 exclude: 1580 type: BoolString 1581 extractArchive: 1582 type: boolean 1583 hostPath: 1584 type: string 1585 image: 1586 type: string 1587 imagePullPolicy: 1588 type: string 1589 imagePullSecret: 1590 properties: 1591 data: 1592 additionalProperties: 1593 type: string 1594 type: object 1595 name: 1596 type: string 1597 type: 1598 type: string 1599 type: object 1600 name: 1601 type: string 1602 namespace: 1603 type: string 1604 timeout: 1605 type: string 1606 required: 1607 - hostPath 1608 - image 1609 - namespace 1610 type: object 1611 data: 1612 properties: 1613 collectorName: 1614 type: string 1615 data: 1616 type: string 1617 exclude: 1618 type: BoolString 1619 name: 1620 type: string 1621 required: 1622 - data 1623 type: object 1624 exec: 1625 properties: 1626 args: 1627 items: 1628 type: string 1629 type: array 1630 collectorName: 1631 type: string 1632 command: 1633 items: 1634 type: string 1635 type: array 1636 containerName: 1637 type: string 1638 exclude: 1639 type: BoolString 1640 name: 1641 type: string 1642 namespace: 1643 type: string 1644 selector: 1645 items: 1646 type: string 1647 type: array 1648 timeout: 1649 type: string 1650 required: 1651 - namespace 1652 - selector 1653 type: object 1654 http: 1655 properties: 1656 collectorName: 1657 type: string 1658 exclude: 1659 type: BoolString 1660 get: 1661 properties: 1662 headers: 1663 additionalProperties: 1664 type: string 1665 type: object 1666 insecureSkipVerify: 1667 type: boolean 1668 url: 1669 type: string 1670 required: 1671 - url 1672 type: object 1673 name: 1674 type: string 1675 post: 1676 properties: 1677 body: 1678 type: string 1679 headers: 1680 additionalProperties: 1681 type: string 1682 type: object 1683 insecureSkipVerify: 1684 type: boolean 1685 url: 1686 type: string 1687 required: 1688 - url 1689 type: object 1690 put: 1691 properties: 1692 body: 1693 type: string 1694 headers: 1695 additionalProperties: 1696 type: string 1697 type: object 1698 insecureSkipVerify: 1699 type: boolean 1700 url: 1701 type: string 1702 required: 1703 - url 1704 type: object 1705 type: object 1706 logs: 1707 properties: 1708 collectorName: 1709 type: string 1710 containerNames: 1711 items: 1712 type: string 1713 type: array 1714 exclude: 1715 type: BoolString 1716 limits: 1717 properties: 1718 maxAge: 1719 type: string 1720 maxBytes: 1721 format: int64 1722 type: integer 1723 maxLines: 1724 format: int64 1725 type: integer 1726 sinceTime: 1727 format: date-time 1728 type: string 1729 type: object 1730 name: 1731 type: string 1732 namespace: 1733 type: string 1734 selector: 1735 items: 1736 type: string 1737 type: array 1738 required: 1739 - selector 1740 type: object 1741 longhorn: 1742 properties: 1743 collectorName: 1744 type: string 1745 exclude: 1746 type: BoolString 1747 namespace: 1748 type: string 1749 timeout: 1750 type: string 1751 required: 1752 - namespace 1753 type: object 1754 mysql: 1755 properties: 1756 collectorName: 1757 type: string 1758 exclude: 1759 type: BoolString 1760 parameters: 1761 items: 1762 type: string 1763 type: array 1764 tls: 1765 properties: 1766 cacert: 1767 type: string 1768 clientCert: 1769 type: string 1770 clientKey: 1771 type: string 1772 secret: 1773 properties: 1774 name: 1775 type: string 1776 namespace: 1777 type: string 1778 required: 1779 - name 1780 - namespace 1781 type: object 1782 skipVerify: 1783 type: boolean 1784 type: object 1785 uri: 1786 type: string 1787 required: 1788 - uri 1789 type: object 1790 postgres: 1791 properties: 1792 collectorName: 1793 type: string 1794 exclude: 1795 type: BoolString 1796 parameters: 1797 items: 1798 type: string 1799 type: array 1800 tls: 1801 properties: 1802 cacert: 1803 type: string 1804 clientCert: 1805 type: string 1806 clientKey: 1807 type: string 1808 secret: 1809 properties: 1810 name: 1811 type: string 1812 namespace: 1813 type: string 1814 required: 1815 - name 1816 - namespace 1817 type: object 1818 skipVerify: 1819 type: boolean 1820 type: object 1821 uri: 1822 type: string 1823 required: 1824 - uri 1825 type: object 1826 redis: 1827 properties: 1828 collectorName: 1829 type: string 1830 exclude: 1831 type: BoolString 1832 parameters: 1833 items: 1834 type: string 1835 type: array 1836 tls: 1837 properties: 1838 cacert: 1839 type: string 1840 clientCert: 1841 type: string 1842 clientKey: 1843 type: string 1844 secret: 1845 properties: 1846 name: 1847 type: string 1848 namespace: 1849 type: string 1850 required: 1851 - name 1852 - namespace 1853 type: object 1854 skipVerify: 1855 type: boolean 1856 type: object 1857 uri: 1858 type: string 1859 required: 1860 - uri 1861 type: object 1862 registryImages: 1863 properties: 1864 collectorName: 1865 type: string 1866 exclude: 1867 type: BoolString 1868 imagePullSecret: 1869 properties: 1870 data: 1871 additionalProperties: 1872 type: string 1873 type: object 1874 name: 1875 type: string 1876 type: 1877 type: string 1878 type: object 1879 images: 1880 items: 1881 type: string 1882 type: array 1883 namespace: 1884 type: string 1885 required: 1886 - images 1887 - namespace 1888 type: object 1889 run: 1890 properties: 1891 args: 1892 items: 1893 type: string 1894 type: array 1895 collectorName: 1896 type: string 1897 command: 1898 items: 1899 type: string 1900 type: array 1901 exclude: 1902 type: BoolString 1903 image: 1904 type: string 1905 imagePullPolicy: 1906 type: string 1907 imagePullSecret: 1908 properties: 1909 data: 1910 additionalProperties: 1911 type: string 1912 type: object 1913 name: 1914 type: string 1915 type: 1916 type: string 1917 type: object 1918 name: 1919 type: string 1920 namespace: 1921 type: string 1922 serviceAccountName: 1923 type: string 1924 timeout: 1925 type: string 1926 required: 1927 - image 1928 - namespace 1929 type: object 1930 runPod: 1931 properties: 1932 collectorName: 1933 type: string 1934 exclude: 1935 type: BoolString 1936 imagePullSecret: 1937 properties: 1938 data: 1939 additionalProperties: 1940 type: string 1941 type: object 1942 name: 1943 type: string 1944 type: 1945 type: string 1946 type: object 1947 name: 1948 type: string 1949 namespace: 1950 type: string 1951 podSpec: 1952 description: PodSpec is a description of a pod. 1953 properties: 1954 activeDeadlineSeconds: 1955 description: Optional duration in seconds the pod may 1956 be active on the node relative to StartTime before 1957 the system will actively try to mark it failed and 1958 kill associated containers. Value must be a positive 1959 integer. 1960 format: int64 1961 type: integer 1962 affinity: 1963 description: If specified, the pod's scheduling constraints 1964 properties: 1965 nodeAffinity: 1966 description: Describes node affinity scheduling 1967 rules for the pod. 1968 properties: 1969 preferredDuringSchedulingIgnoredDuringExecution: 1970 description: The scheduler will prefer to schedule 1971 pods to nodes that satisfy the affinity expressions 1972 specified by this field, but it may choose 1973 a node that violates one or more of the expressions. 1974 The node that is most preferred is the one 1975 with the greatest sum of weights, i.e. for 1976 each node that meets all of the scheduling 1977 requirements (resource request, requiredDuringScheduling 1978 affinity expressions, etc.), compute a sum 1979 by iterating through the elements of this 1980 field and adding "weight" to the sum if the 1981 node matches the corresponding matchExpressions; 1982 the node(s) with the highest sum are the most 1983 preferred. 1984 items: 1985 description: An empty preferred scheduling 1986 term matches all objects with implicit weight 1987 0 (i.e. it's a no-op). A null preferred 1988 scheduling term matches no objects (i.e. 1989 is also a no-op). 1990 properties: 1991 preference: 1992 description: A node selector term, associated 1993 with the corresponding weight. 1994 properties: 1995 matchExpressions: 1996 description: A list of node selector 1997 requirements by node's labels. 1998 items: 1999 description: A node selector requirement 2000 is a selector that contains values, 2001 a key, and an operator that relates 2002 the key and values. 2003 properties: 2004 key: 2005 description: The label key that 2006 the selector applies to. 2007 type: string 2008 operator: 2009 description: Represents a key's 2010 relationship to a set of values. 2011 Valid operators are In, NotIn, 2012 Exists, DoesNotExist. Gt, 2013 and Lt. 2014 type: string 2015 values: 2016 description: An array of string 2017 values. If the operator is 2018 In or NotIn, the values array 2019 must be non-empty. If the 2020 operator is Exists or DoesNotExist, 2021 the values array must be empty. 2022 If the operator is Gt or Lt, 2023 the values array must have 2024 a single element, which will 2025 be interpreted as an integer. 2026 This array is replaced during 2027 a strategic merge patch. 2028 items: 2029 type: string 2030 type: array 2031 required: 2032 - key 2033 - operator 2034 type: object 2035 type: array 2036 matchFields: 2037 description: A list of node selector 2038 requirements by node's fields. 2039 items: 2040 description: A node selector requirement 2041 is a selector that contains values, 2042 a key, and an operator that relates 2043 the key and values. 2044 properties: 2045 key: 2046 description: The label key that 2047 the selector applies to. 2048 type: string 2049 operator: 2050 description: Represents a key's 2051 relationship to a set of values. 2052 Valid operators are In, NotIn, 2053 Exists, DoesNotExist. Gt, 2054 and Lt. 2055 type: string 2056 values: 2057 description: An array of string 2058 values. If the operator is 2059 In or NotIn, the values array 2060 must be non-empty. If the 2061 operator is Exists or DoesNotExist, 2062 the values array must be empty. 2063 If the operator is Gt or Lt, 2064 the values array must have 2065 a single element, which will 2066 be interpreted as an integer. 2067 This array is replaced during 2068 a strategic merge patch. 2069 items: 2070 type: string 2071 type: array 2072 required: 2073 - key 2074 - operator 2075 type: object 2076 type: array 2077 type: object 2078 weight: 2079 description: Weight associated with matching 2080 the corresponding nodeSelectorTerm, 2081 in the range 1-100. 2082 format: int32 2083 type: integer 2084 required: 2085 - preference 2086 - weight 2087 type: object 2088 type: array 2089 requiredDuringSchedulingIgnoredDuringExecution: 2090 description: If the affinity requirements specified 2091 by this field are not met at scheduling time, 2092 the pod will not be scheduled onto the node. 2093 If the affinity requirements specified by 2094 this field cease to be met at some point during 2095 pod execution (e.g. due to an update), the 2096 system may or may not try to eventually evict 2097 the pod from its node. 2098 properties: 2099 nodeSelectorTerms: 2100 description: Required. A list of node selector 2101 terms. The terms are ORed. 2102 items: 2103 description: A null or empty node selector 2104 term matches no objects. The requirements 2105 of them are ANDed. The TopologySelectorTerm 2106 type implements a subset of the NodeSelectorTerm. 2107 properties: 2108 matchExpressions: 2109 description: A list of node selector 2110 requirements by node's labels. 2111 items: 2112 description: A node selector requirement 2113 is a selector that contains values, 2114 a key, and an operator that relates 2115 the key and values. 2116 properties: 2117 key: 2118 description: The label key that 2119 the selector applies to. 2120 type: string 2121 operator: 2122 description: Represents a key's 2123 relationship to a set of values. 2124 Valid operators are In, NotIn, 2125 Exists, DoesNotExist. Gt, 2126 and Lt. 2127 type: string 2128 values: 2129 description: An array of string 2130 values. If the operator is 2131 In or NotIn, the values array 2132 must be non-empty. If the 2133 operator is Exists or DoesNotExist, 2134 the values array must be empty. 2135 If the operator is Gt or Lt, 2136 the values array must have 2137 a single element, which will 2138 be interpreted as an integer. 2139 This array is replaced during 2140 a strategic merge patch. 2141 items: 2142 type: string 2143 type: array 2144 required: 2145 - key 2146 - operator 2147 type: object 2148 type: array 2149 matchFields: 2150 description: A list of node selector 2151 requirements by node's fields. 2152 items: 2153 description: A node selector requirement 2154 is a selector that contains values, 2155 a key, and an operator that relates 2156 the key and values. 2157 properties: 2158 key: 2159 description: The label key that 2160 the selector applies to. 2161 type: string 2162 operator: 2163 description: Represents a key's 2164 relationship to a set of values. 2165 Valid operators are In, NotIn, 2166 Exists, DoesNotExist. Gt, 2167 and Lt. 2168 type: string 2169 values: 2170 description: An array of string 2171 values. If the operator is 2172 In or NotIn, the values array 2173 must be non-empty. If the 2174 operator is Exists or DoesNotExist, 2175 the values array must be empty. 2176 If the operator is Gt or Lt, 2177 the values array must have 2178 a single element, which will 2179 be interpreted as an integer. 2180 This array is replaced during 2181 a strategic merge patch. 2182 items: 2183 type: string 2184 type: array 2185 required: 2186 - key 2187 - operator 2188 type: object 2189 type: array 2190 type: object 2191 type: array 2192 required: 2193 - nodeSelectorTerms 2194 type: object 2195 type: object 2196 podAffinity: 2197 description: Describes pod affinity scheduling rules 2198 (e.g. co-locate this pod in the same node, zone, 2199 etc. as some other pod(s)). 2200 properties: 2201 preferredDuringSchedulingIgnoredDuringExecution: 2202 description: The scheduler will prefer to schedule 2203 pods to nodes that satisfy the affinity expressions 2204 specified by this field, but it may choose 2205 a node that violates one or more of the expressions. 2206 The node that is most preferred is the one 2207 with the greatest sum of weights, i.e. for 2208 each node that meets all of the scheduling 2209 requirements (resource request, requiredDuringScheduling 2210 affinity expressions, etc.), compute a sum 2211 by iterating through the elements of this 2212 field and adding "weight" to the sum if the 2213 node has pods which matches the corresponding 2214 podAffinityTerm; the node(s) with the highest 2215 sum are the most preferred. 2216 items: 2217 description: The weights of all of the matched 2218 WeightedPodAffinityTerm fields are added 2219 per-node to find the most preferred node(s) 2220 properties: 2221 podAffinityTerm: 2222 description: Required. A pod affinity 2223 term, associated with the corresponding 2224 weight. 2225 properties: 2226 labelSelector: 2227 description: A label query over a 2228 set of resources, in this case pods. 2229 properties: 2230 matchExpressions: 2231 description: matchExpressions 2232 is a list of label selector 2233 requirements. The requirements 2234 are ANDed. 2235 items: 2236 description: A label selector 2237 requirement is a selector 2238 that contains values, a key, 2239 and an operator that relates 2240 the key and values. 2241 properties: 2242 key: 2243 description: key is the 2244 label key that the selector 2245 applies to. 2246 type: string 2247 operator: 2248 description: operator represents 2249 a key's relationship to 2250 a set of values. Valid 2251 operators are In, NotIn, 2252 Exists and DoesNotExist. 2253 type: string 2254 values: 2255 description: values is an 2256 array of string values. 2257 If the operator is In 2258 or NotIn, the values array 2259 must be non-empty. If 2260 the operator is Exists 2261 or DoesNotExist, the values 2262 array must be empty. This 2263 array is replaced during 2264 a strategic merge patch. 2265 items: 2266 type: string 2267 type: array 2268 required: 2269 - key 2270 - operator 2271 type: object 2272 type: array 2273 matchLabels: 2274 additionalProperties: 2275 type: string 2276 description: matchLabels is a 2277 map of {key,value} pairs. A 2278 single {key,value} in the matchLabels 2279 map is equivalent to an element 2280 of matchExpressions, whose key 2281 field is "key", the operator 2282 is "In", and the values array 2283 contains only "value". The requirements 2284 are ANDed. 2285 type: object 2286 type: object 2287 namespaceSelector: 2288 description: A label query over the 2289 set of namespaces that the term 2290 applies to. The term is applied 2291 to the union of the namespaces selected 2292 by this field and the ones listed 2293 in the namespaces field. null selector 2294 and null or empty namespaces list 2295 means "this pod's namespace". An 2296 empty selector ({}) matches all 2297 namespaces. 2298 properties: 2299 matchExpressions: 2300 description: matchExpressions 2301 is a list of label selector 2302 requirements. The requirements 2303 are ANDed. 2304 items: 2305 description: A label selector 2306 requirement is a selector 2307 that contains values, a key, 2308 and an operator that relates 2309 the key and values. 2310 properties: 2311 key: 2312 description: key is the 2313 label key that the selector 2314 applies to. 2315 type: string 2316 operator: 2317 description: operator represents 2318 a key's relationship to 2319 a set of values. Valid 2320 operators are In, NotIn, 2321 Exists and DoesNotExist. 2322 type: string 2323 values: 2324 description: values is an 2325 array of string values. 2326 If the operator is In 2327 or NotIn, the values array 2328 must be non-empty. If 2329 the operator is Exists 2330 or DoesNotExist, the values 2331 array must be empty. This 2332 array is replaced during 2333 a strategic merge patch. 2334 items: 2335 type: string 2336 type: array 2337 required: 2338 - key 2339 - operator 2340 type: object 2341 type: array 2342 matchLabels: 2343 additionalProperties: 2344 type: string 2345 description: matchLabels is a 2346 map of {key,value} pairs. A 2347 single {key,value} in the matchLabels 2348 map is equivalent to an element 2349 of matchExpressions, whose key 2350 field is "key", the operator 2351 is "In", and the values array 2352 contains only "value". The requirements 2353 are ANDed. 2354 type: object 2355 type: object 2356 namespaces: 2357 description: namespaces specifies 2358 a static list of namespace names 2359 that the term applies to. The term 2360 is applied to the union of the namespaces 2361 listed in this field and the ones 2362 selected by namespaceSelector. null 2363 or empty namespaces list and null 2364 namespaceSelector means "this pod's 2365 namespace". 2366 items: 2367 type: string 2368 type: array 2369 topologyKey: 2370 description: This pod should be co-located 2371 (affinity) or not co-located (anti-affinity) 2372 with the pods matching the labelSelector 2373 in the specified namespaces, where 2374 co-located is defined as running 2375 on a node whose value of the label 2376 with key topologyKey matches that 2377 of any node on which any of the 2378 selected pods is running. Empty 2379 topologyKey is not allowed. 2380 type: string 2381 required: 2382 - topologyKey 2383 type: object 2384 weight: 2385 description: weight associated with matching 2386 the corresponding podAffinityTerm, in 2387 the range 1-100. 2388 format: int32 2389 type: integer 2390 required: 2391 - podAffinityTerm 2392 - weight 2393 type: object 2394 type: array 2395 requiredDuringSchedulingIgnoredDuringExecution: 2396 description: If the affinity requirements specified 2397 by this field are not met at scheduling time, 2398 the pod will not be scheduled onto the node. 2399 If the affinity requirements specified by 2400 this field cease to be met at some point during 2401 pod execution (e.g. due to a pod label update), 2402 the system may or may not try to eventually 2403 evict the pod from its node. When there are 2404 multiple elements, the lists of nodes corresponding 2405 to each podAffinityTerm are intersected, i.e. 2406 all terms must be satisfied. 2407 items: 2408 description: Defines a set of pods (namely 2409 those matching the labelSelector relative 2410 to the given namespace(s)) that this pod 2411 should be co-located (affinity) or not co-located 2412 (anti-affinity) with, where co-located is 2413 defined as running on a node whose value 2414 of the label with key <topologyKey> matches 2415 that of any node on which a pod of the set 2416 of pods is running 2417 properties: 2418 labelSelector: 2419 description: A label query over a set 2420 of resources, in this case pods. 2421 properties: 2422 matchExpressions: 2423 description: matchExpressions is a 2424 list of label selector requirements. 2425 The requirements are ANDed. 2426 items: 2427 description: A label selector requirement 2428 is a selector that contains values, 2429 a key, and an operator that relates 2430 the key and values. 2431 properties: 2432 key: 2433 description: key is the label 2434 key that the selector applies 2435 to. 2436 type: string 2437 operator: 2438 description: operator represents 2439 a key's relationship to a 2440 set of values. Valid operators 2441 are In, NotIn, Exists and 2442 DoesNotExist. 2443 type: string 2444 values: 2445 description: values is an array 2446 of string values. If the operator 2447 is In or NotIn, the values 2448 array must be non-empty. If 2449 the operator is Exists or 2450 DoesNotExist, the values array 2451 must be empty. This array 2452 is replaced during a strategic 2453 merge patch. 2454 items: 2455 type: string 2456 type: array 2457 required: 2458 - key 2459 - operator 2460 type: object 2461 type: array 2462 matchLabels: 2463 additionalProperties: 2464 type: string 2465 description: matchLabels is a map 2466 of {key,value} pairs. A single {key,value} 2467 in the matchLabels map is equivalent 2468 to an element of matchExpressions, 2469 whose key field is "key", the operator 2470 is "In", and the values array contains 2471 only "value". The requirements are 2472 ANDed. 2473 type: object 2474 type: object 2475 namespaceSelector: 2476 description: A label query over the set 2477 of namespaces that the term applies 2478 to. The term is applied to the union 2479 of the namespaces selected by this field 2480 and the ones listed in the namespaces 2481 field. null selector and null or empty 2482 namespaces list means "this pod's namespace". 2483 An empty selector ({}) matches all namespaces. 2484 properties: 2485 matchExpressions: 2486 description: matchExpressions is a 2487 list of label selector requirements. 2488 The requirements are ANDed. 2489 items: 2490 description: A label selector requirement 2491 is a selector that contains values, 2492 a key, and an operator that relates 2493 the key and values. 2494 properties: 2495 key: 2496 description: key is the label 2497 key that the selector applies 2498 to. 2499 type: string 2500 operator: 2501 description: operator represents 2502 a key's relationship to a 2503 set of values. Valid operators 2504 are In, NotIn, Exists and 2505 DoesNotExist. 2506 type: string 2507 values: 2508 description: values is an array 2509 of string values. If the operator 2510 is In or NotIn, the values 2511 array must be non-empty. If 2512 the operator is Exists or 2513 DoesNotExist, the values array 2514 must be empty. This array 2515 is replaced during a strategic 2516 merge patch. 2517 items: 2518 type: string 2519 type: array 2520 required: 2521 - key 2522 - operator 2523 type: object 2524 type: array 2525 matchLabels: 2526 additionalProperties: 2527 type: string 2528 description: matchLabels is a map 2529 of {key,value} pairs. A single {key,value} 2530 in the matchLabels map is equivalent 2531 to an element of matchExpressions, 2532 whose key field is "key", the operator 2533 is "In", and the values array contains 2534 only "value". The requirements are 2535 ANDed. 2536 type: object 2537 type: object 2538 namespaces: 2539 description: namespaces specifies a static 2540 list of namespace names that the term 2541 applies to. The term is applied to the 2542 union of the namespaces listed in this 2543 field and the ones selected by namespaceSelector. 2544 null or empty namespaces list and null 2545 namespaceSelector means "this pod's 2546 namespace". 2547 items: 2548 type: string 2549 type: array 2550 topologyKey: 2551 description: This pod should be co-located 2552 (affinity) or not co-located (anti-affinity) 2553 with the pods matching the labelSelector 2554 in the specified namespaces, where co-located 2555 is defined as running on a node whose 2556 value of the label with key topologyKey 2557 matches that of any node on which any 2558 of the selected pods is running. Empty 2559 topologyKey is not allowed. 2560 type: string 2561 required: 2562 - topologyKey 2563 type: object 2564 type: array 2565 type: object 2566 podAntiAffinity: 2567 description: Describes pod anti-affinity scheduling 2568 rules (e.g. avoid putting this pod in the same 2569 node, zone, etc. as some other pod(s)). 2570 properties: 2571 preferredDuringSchedulingIgnoredDuringExecution: 2572 description: The scheduler will prefer to schedule 2573 pods to nodes that satisfy the anti-affinity 2574 expressions specified by this field, but it 2575 may choose a node that violates one or more 2576 of the expressions. The node that is most 2577 preferred is the one with the greatest sum 2578 of weights, i.e. for each node that meets 2579 all of the scheduling requirements (resource 2580 request, requiredDuringScheduling anti-affinity 2581 expressions, etc.), compute a sum by iterating 2582 through the elements of this field and adding 2583 "weight" to the sum if the node has pods which 2584 matches the corresponding podAffinityTerm; 2585 the node(s) with the highest sum are the most 2586 preferred. 2587 items: 2588 description: The weights of all of the matched 2589 WeightedPodAffinityTerm fields are added 2590 per-node to find the most preferred node(s) 2591 properties: 2592 podAffinityTerm: 2593 description: Required. A pod affinity 2594 term, associated with the corresponding 2595 weight. 2596 properties: 2597 labelSelector: 2598 description: A label query over a 2599 set of resources, in this case pods. 2600 properties: 2601 matchExpressions: 2602 description: matchExpressions 2603 is a list of label selector 2604 requirements. The requirements 2605 are ANDed. 2606 items: 2607 description: A label selector 2608 requirement is a selector 2609 that contains values, a key, 2610 and an operator that relates 2611 the key and values. 2612 properties: 2613 key: 2614 description: key is the 2615 label key that the selector 2616 applies to. 2617 type: string 2618 operator: 2619 description: operator represents 2620 a key's relationship to 2621 a set of values. Valid 2622 operators are In, NotIn, 2623 Exists and DoesNotExist. 2624 type: string 2625 values: 2626 description: values is an 2627 array of string values. 2628 If the operator is In 2629 or NotIn, the values array 2630 must be non-empty. If 2631 the operator is Exists 2632 or DoesNotExist, the values 2633 array must be empty. This 2634 array is replaced during 2635 a strategic merge patch. 2636 items: 2637 type: string 2638 type: array 2639 required: 2640 - key 2641 - operator 2642 type: object 2643 type: array 2644 matchLabels: 2645 additionalProperties: 2646 type: string 2647 description: matchLabels is a 2648 map of {key,value} pairs. A 2649 single {key,value} in the matchLabels 2650 map is equivalent to an element 2651 of matchExpressions, whose key 2652 field is "key", the operator 2653 is "In", and the values array 2654 contains only "value". The requirements 2655 are ANDed. 2656 type: object 2657 type: object 2658 namespaceSelector: 2659 description: A label query over the 2660 set of namespaces that the term 2661 applies to. The term is applied 2662 to the union of the namespaces selected 2663 by this field and the ones listed 2664 in the namespaces field. null selector 2665 and null or empty namespaces list 2666 means "this pod's namespace". An 2667 empty selector ({}) matches all 2668 namespaces. 2669 properties: 2670 matchExpressions: 2671 description: matchExpressions 2672 is a list of label selector 2673 requirements. The requirements 2674 are ANDed. 2675 items: 2676 description: A label selector 2677 requirement is a selector 2678 that contains values, a key, 2679 and an operator that relates 2680 the key and values. 2681 properties: 2682 key: 2683 description: key is the 2684 label key that the selector 2685 applies to. 2686 type: string 2687 operator: 2688 description: operator represents 2689 a key's relationship to 2690 a set of values. Valid 2691 operators are In, NotIn, 2692 Exists and DoesNotExist. 2693 type: string 2694 values: 2695 description: values is an 2696 array of string values. 2697 If the operator is In 2698 or NotIn, the values array 2699 must be non-empty. If 2700 the operator is Exists 2701 or DoesNotExist, the values 2702 array must be empty. This 2703 array is replaced during 2704 a strategic merge patch. 2705 items: 2706 type: string 2707 type: array 2708 required: 2709 - key 2710 - operator 2711 type: object 2712 type: array 2713 matchLabels: 2714 additionalProperties: 2715 type: string 2716 description: matchLabels is a 2717 map of {key,value} pairs. A 2718 single {key,value} in the matchLabels 2719 map is equivalent to an element 2720 of matchExpressions, whose key 2721 field is "key", the operator 2722 is "In", and the values array 2723 contains only "value". The requirements 2724 are ANDed. 2725 type: object 2726 type: object 2727 namespaces: 2728 description: namespaces specifies 2729 a static list of namespace names 2730 that the term applies to. The term 2731 is applied to the union of the namespaces 2732 listed in this field and the ones 2733 selected by namespaceSelector. null 2734 or empty namespaces list and null 2735 namespaceSelector means "this pod's 2736 namespace". 2737 items: 2738 type: string 2739 type: array 2740 topologyKey: 2741 description: This pod should be co-located 2742 (affinity) or not co-located (anti-affinity) 2743 with the pods matching the labelSelector 2744 in the specified namespaces, where 2745 co-located is defined as running 2746 on a node whose value of the label 2747 with key topologyKey matches that 2748 of any node on which any of the 2749 selected pods is running. Empty 2750 topologyKey is not allowed. 2751 type: string 2752 required: 2753 - topologyKey 2754 type: object 2755 weight: 2756 description: weight associated with matching 2757 the corresponding podAffinityTerm, in 2758 the range 1-100. 2759 format: int32 2760 type: integer 2761 required: 2762 - podAffinityTerm 2763 - weight 2764 type: object 2765 type: array 2766 requiredDuringSchedulingIgnoredDuringExecution: 2767 description: If the anti-affinity requirements 2768 specified by this field are not met at scheduling 2769 time, the pod will not be scheduled onto the 2770 node. If the anti-affinity requirements specified 2771 by this field cease to be met at some point 2772 during pod execution (e.g. due to a pod label 2773 update), the system may or may not try to 2774 eventually evict the pod from its node. When 2775 there are multiple elements, the lists of 2776 nodes corresponding to each podAffinityTerm 2777 are intersected, i.e. all terms must be satisfied. 2778 items: 2779 description: Defines a set of pods (namely 2780 those matching the labelSelector relative 2781 to the given namespace(s)) that this pod 2782 should be co-located (affinity) or not co-located 2783 (anti-affinity) with, where co-located is 2784 defined as running on a node whose value 2785 of the label with key <topologyKey> matches 2786 that of any node on which a pod of the set 2787 of pods is running 2788 properties: 2789 labelSelector: 2790 description: A label query over a set 2791 of resources, in this case pods. 2792 properties: 2793 matchExpressions: 2794 description: matchExpressions is a 2795 list of label selector requirements. 2796 The requirements are ANDed. 2797 items: 2798 description: A label selector requirement 2799 is a selector that contains values, 2800 a key, and an operator that relates 2801 the key and values. 2802 properties: 2803 key: 2804 description: key is the label 2805 key that the selector applies 2806 to. 2807 type: string 2808 operator: 2809 description: operator represents 2810 a key's relationship to a 2811 set of values. Valid operators 2812 are In, NotIn, Exists and 2813 DoesNotExist. 2814 type: string 2815 values: 2816 description: values is an array 2817 of string values. If the operator 2818 is In or NotIn, the values 2819 array must be non-empty. If 2820 the operator is Exists or 2821 DoesNotExist, the values array 2822 must be empty. This array 2823 is replaced during a strategic 2824 merge patch. 2825 items: 2826 type: string 2827 type: array 2828 required: 2829 - key 2830 - operator 2831 type: object 2832 type: array 2833 matchLabels: 2834 additionalProperties: 2835 type: string 2836 description: matchLabels is a map 2837 of {key,value} pairs. A single {key,value} 2838 in the matchLabels map is equivalent 2839 to an element of matchExpressions, 2840 whose key field is "key", the operator 2841 is "In", and the values array contains 2842 only "value". The requirements are 2843 ANDed. 2844 type: object 2845 type: object 2846 namespaceSelector: 2847 description: A label query over the set 2848 of namespaces that the term applies 2849 to. The term is applied to the union 2850 of the namespaces selected by this field 2851 and the ones listed in the namespaces 2852 field. null selector and null or empty 2853 namespaces list means "this pod's namespace". 2854 An empty selector ({}) matches all namespaces. 2855 properties: 2856 matchExpressions: 2857 description: matchExpressions is a 2858 list of label selector requirements. 2859 The requirements are ANDed. 2860 items: 2861 description: A label selector requirement 2862 is a selector that contains values, 2863 a key, and an operator that relates 2864 the key and values. 2865 properties: 2866 key: 2867 description: key is the label 2868 key that the selector applies 2869 to. 2870 type: string 2871 operator: 2872 description: operator represents 2873 a key's relationship to a 2874 set of values. Valid operators 2875 are In, NotIn, Exists and 2876 DoesNotExist. 2877 type: string 2878 values: 2879 description: values is an array 2880 of string values. If the operator 2881 is In or NotIn, the values 2882 array must be non-empty. If 2883 the operator is Exists or 2884 DoesNotExist, the values array 2885 must be empty. This array 2886 is replaced during a strategic 2887 merge patch. 2888 items: 2889 type: string 2890 type: array 2891 required: 2892 - key 2893 - operator 2894 type: object 2895 type: array 2896 matchLabels: 2897 additionalProperties: 2898 type: string 2899 description: matchLabels is a map 2900 of {key,value} pairs. A single {key,value} 2901 in the matchLabels map is equivalent 2902 to an element of matchExpressions, 2903 whose key field is "key", the operator 2904 is "In", and the values array contains 2905 only "value". The requirements are 2906 ANDed. 2907 type: object 2908 type: object 2909 namespaces: 2910 description: namespaces specifies a static 2911 list of namespace names that the term 2912 applies to. The term is applied to the 2913 union of the namespaces listed in this 2914 field and the ones selected by namespaceSelector. 2915 null or empty namespaces list and null 2916 namespaceSelector means "this pod's 2917 namespace". 2918 items: 2919 type: string 2920 type: array 2921 topologyKey: 2922 description: This pod should be co-located 2923 (affinity) or not co-located (anti-affinity) 2924 with the pods matching the labelSelector 2925 in the specified namespaces, where co-located 2926 is defined as running on a node whose 2927 value of the label with key topologyKey 2928 matches that of any node on which any 2929 of the selected pods is running. Empty 2930 topologyKey is not allowed. 2931 type: string 2932 required: 2933 - topologyKey 2934 type: object 2935 type: array 2936 type: object 2937 type: object 2938 automountServiceAccountToken: 2939 description: AutomountServiceAccountToken indicates 2940 whether a service account token should be automatically 2941 mounted. 2942 type: boolean 2943 containers: 2944 description: List of containers belonging to the pod. 2945 Containers cannot currently be added or removed. There 2946 must be at least one container in a Pod. Cannot be 2947 updated. 2948 items: 2949 description: A single application container that you 2950 want to run within a pod. 2951 properties: 2952 args: 2953 description: 'Arguments to the entrypoint. The 2954 container image''s CMD is used if this is not 2955 provided. Variable references $(VAR_NAME) are 2956 expanded using the container''s environment. 2957 If a variable cannot be resolved, the reference 2958 in the input string will be unchanged. Double 2959 $$ are reduced to a single $, which allows for 2960 escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2961 will produce the string literal "$(VAR_NAME)". 2962 Escaped references will never be expanded, regardless 2963 of whether the variable exists or not. Cannot 2964 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2965 items: 2966 type: string 2967 type: array 2968 command: 2969 description: 'Entrypoint array. Not executed within 2970 a shell. The container image''s ENTRYPOINT is 2971 used if this is not provided. Variable references 2972 $(VAR_NAME) are expanded using the container''s 2973 environment. If a variable cannot be resolved, 2974 the reference in the input string will be unchanged. 2975 Double $$ are reduced to a single $, which allows 2976 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2977 will produce the string literal "$(VAR_NAME)". 2978 Escaped references will never be expanded, regardless 2979 of whether the variable exists or not. Cannot 2980 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2981 items: 2982 type: string 2983 type: array 2984 env: 2985 description: List of environment variables to 2986 set in the container. Cannot be updated. 2987 items: 2988 description: EnvVar represents an environment 2989 variable present in a Container. 2990 properties: 2991 name: 2992 description: Name of the environment variable. 2993 Must be a C_IDENTIFIER. 2994 type: string 2995 value: 2996 description: 'Variable references $(VAR_NAME) 2997 are expanded using the previously defined 2998 environment variables in the container 2999 and any service environment variables. 3000 If a variable cannot be resolved, the 3001 reference in the input string will be 3002 unchanged. Double $$ are reduced to a 3003 single $, which allows for escaping the 3004 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3005 will produce the string literal "$(VAR_NAME)". 3006 Escaped references will never be expanded, 3007 regardless of whether the variable exists 3008 or not. Defaults to "".' 3009 type: string 3010 valueFrom: 3011 description: Source for the environment 3012 variable's value. Cannot be used if value 3013 is not empty. 3014 properties: 3015 configMapKeyRef: 3016 description: Selects a key of a ConfigMap. 3017 properties: 3018 key: 3019 description: The key to select. 3020 type: string 3021 name: 3022 description: 'Name of the referent. 3023 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3024 TODO: Add other useful fields. 3025 apiVersion, kind, uid?' 3026 type: string 3027 optional: 3028 description: Specify whether the 3029 ConfigMap or its key must be defined 3030 type: boolean 3031 required: 3032 - key 3033 type: object 3034 fieldRef: 3035 description: 'Selects a field of the 3036 pod: supports metadata.name, metadata.namespace, 3037 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 3038 spec.nodeName, spec.serviceAccountName, 3039 status.hostIP, status.podIP, status.podIPs.' 3040 properties: 3041 apiVersion: 3042 description: Version of the schema 3043 the FieldPath is written in terms 3044 of, defaults to "v1". 3045 type: string 3046 fieldPath: 3047 description: Path of the field to 3048 select in the specified API version. 3049 type: string 3050 required: 3051 - fieldPath 3052 type: object 3053 resourceFieldRef: 3054 description: 'Selects a resource of 3055 the container: only resources limits 3056 and requests (limits.cpu, limits.memory, 3057 limits.ephemeral-storage, requests.cpu, 3058 requests.memory and requests.ephemeral-storage) 3059 are currently supported.' 3060 properties: 3061 containerName: 3062 description: 'Container name: required 3063 for volumes, optional for env 3064 vars' 3065 type: string 3066 divisor: 3067 anyOf: 3068 - type: integer 3069 - type: string 3070 description: Specifies the output 3071 format of the exposed resources, 3072 defaults to "1" 3073 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3074 x-kubernetes-int-or-string: true 3075 resource: 3076 description: 'Required: resource 3077 to select' 3078 type: string 3079 required: 3080 - resource 3081 type: object 3082 secretKeyRef: 3083 description: Selects a key of a secret 3084 in the pod's namespace 3085 properties: 3086 key: 3087 description: The key of the secret 3088 to select from. Must be a valid 3089 secret key. 3090 type: string 3091 name: 3092 description: 'Name of the referent. 3093 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3094 TODO: Add other useful fields. 3095 apiVersion, kind, uid?' 3096 type: string 3097 optional: 3098 description: Specify whether the 3099 Secret or its key must be defined 3100 type: boolean 3101 required: 3102 - key 3103 type: object 3104 type: object 3105 required: 3106 - name 3107 type: object 3108 type: array 3109 envFrom: 3110 description: List of sources to populate environment 3111 variables in the container. The keys defined 3112 within a source must be a C_IDENTIFIER. All 3113 invalid keys will be reported as an event when 3114 the container is starting. When a key exists 3115 in multiple sources, the value associated with 3116 the last source will take precedence. Values 3117 defined by an Env with a duplicate key will 3118 take precedence. Cannot be updated. 3119 items: 3120 description: EnvFromSource represents the source 3121 of a set of ConfigMaps 3122 properties: 3123 configMapRef: 3124 description: The ConfigMap to select from 3125 properties: 3126 name: 3127 description: 'Name of the referent. 3128 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3129 TODO: Add other useful fields. apiVersion, 3130 kind, uid?' 3131 type: string 3132 optional: 3133 description: Specify whether the ConfigMap 3134 must be defined 3135 type: boolean 3136 type: object 3137 prefix: 3138 description: An optional identifier to prepend 3139 to each key in the ConfigMap. Must be 3140 a C_IDENTIFIER. 3141 type: string 3142 secretRef: 3143 description: The Secret to select from 3144 properties: 3145 name: 3146 description: 'Name of the referent. 3147 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3148 TODO: Add other useful fields. apiVersion, 3149 kind, uid?' 3150 type: string 3151 optional: 3152 description: Specify whether the Secret 3153 must be defined 3154 type: boolean 3155 type: object 3156 type: object 3157 type: array 3158 image: 3159 description: 'Container image name. More info: 3160 https://kubernetes.io/docs/concepts/containers/images 3161 This field is optional to allow higher level 3162 config management to default or override container 3163 images in workload controllers like Deployments 3164 and StatefulSets.' 3165 type: string 3166 imagePullPolicy: 3167 description: 'Image pull policy. One of Always, 3168 Never, IfNotPresent. Defaults to Always if :latest 3169 tag is specified, or IfNotPresent otherwise. 3170 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3171 type: string 3172 lifecycle: 3173 description: Actions that the management system 3174 should take in response to container lifecycle 3175 events. Cannot be updated. 3176 properties: 3177 postStart: 3178 description: 'PostStart is called immediately 3179 after a container is created. If the handler 3180 fails, the container is terminated and restarted 3181 according to its restart policy. Other management 3182 of the container blocks until the hook completes. 3183 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3184 properties: 3185 exec: 3186 description: Exec specifies the action 3187 to take. 3188 properties: 3189 command: 3190 description: Command is the command 3191 line to execute inside the container, 3192 the working directory for the command is 3193 root ('/') in the container's filesystem. 3194 The command is simply exec'd, it 3195 is not run inside a shell, so traditional 3196 shell instructions ('|', etc) won't 3197 work. To use a shell, you need to 3198 explicitly call out to that shell. 3199 Exit status of 0 is treated as live/healthy 3200 and non-zero is unhealthy. 3201 items: 3202 type: string 3203 type: array 3204 type: object 3205 httpGet: 3206 description: HTTPGet specifies the http 3207 request to perform. 3208 properties: 3209 host: 3210 description: Host name to connect 3211 to, defaults to the pod IP. You 3212 probably want to set "Host" in httpHeaders 3213 instead. 3214 type: string 3215 httpHeaders: 3216 description: Custom headers to set 3217 in the request. HTTP allows repeated 3218 headers. 3219 items: 3220 description: HTTPHeader describes 3221 a custom header to be used in 3222 HTTP probes 3223 properties: 3224 name: 3225 description: The header field 3226 name 3227 type: string 3228 value: 3229 description: The header field 3230 value 3231 type: string 3232 required: 3233 - name 3234 - value 3235 type: object 3236 type: array 3237 path: 3238 description: Path to access on the 3239 HTTP server. 3240 type: string 3241 port: 3242 anyOf: 3243 - type: integer 3244 - type: string 3245 description: Name or number of the 3246 port to access on the container. 3247 Number must be in the range 1 to 3248 65535. Name must be an IANA_SVC_NAME. 3249 x-kubernetes-int-or-string: true 3250 scheme: 3251 description: Scheme to use for connecting 3252 to the host. Defaults to HTTP. 3253 type: string 3254 required: 3255 - port 3256 type: object 3257 tcpSocket: 3258 description: Deprecated. TCPSocket is 3259 NOT supported as a LifecycleHandler 3260 and kept for the backward compatibility. 3261 There are no validation of this field 3262 and lifecycle hooks will fail in runtime 3263 when tcp handler is specified. 3264 properties: 3265 host: 3266 description: 'Optional: Host name 3267 to connect to, defaults to the pod 3268 IP.' 3269 type: string 3270 port: 3271 anyOf: 3272 - type: integer 3273 - type: string 3274 description: Number or name of the 3275 port to access on the container. 3276 Number must be in the range 1 to 3277 65535. Name must be an IANA_SVC_NAME. 3278 x-kubernetes-int-or-string: true 3279 required: 3280 - port 3281 type: object 3282 type: object 3283 preStop: 3284 description: 'PreStop is called immediately 3285 before a container is terminated due to 3286 an API request or management event such 3287 as liveness/startup probe failure, preemption, 3288 resource contention, etc. The handler is 3289 not called if the container crashes or exits. 3290 The Pod''s termination grace period countdown 3291 begins before the PreStop hook is executed. 3292 Regardless of the outcome of the handler, 3293 the container will eventually terminate 3294 within the Pod''s termination grace period 3295 (unless delayed by finalizers). Other management 3296 of the container blocks until the hook completes 3297 or until the termination grace period is 3298 reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3299 properties: 3300 exec: 3301 description: Exec specifies the action 3302 to take. 3303 properties: 3304 command: 3305 description: Command is the command 3306 line to execute inside the container, 3307 the working directory for the command is 3308 root ('/') in the container's filesystem. 3309 The command is simply exec'd, it 3310 is not run inside a shell, so traditional 3311 shell instructions ('|', etc) won't 3312 work. To use a shell, you need to 3313 explicitly call out to that shell. 3314 Exit status of 0 is treated as live/healthy 3315 and non-zero is unhealthy. 3316 items: 3317 type: string 3318 type: array 3319 type: object 3320 httpGet: 3321 description: HTTPGet specifies the http 3322 request to perform. 3323 properties: 3324 host: 3325 description: Host name to connect 3326 to, defaults to the pod IP. You 3327 probably want to set "Host" in httpHeaders 3328 instead. 3329 type: string 3330 httpHeaders: 3331 description: Custom headers to set 3332 in the request. HTTP allows repeated 3333 headers. 3334 items: 3335 description: HTTPHeader describes 3336 a custom header to be used in 3337 HTTP probes 3338 properties: 3339 name: 3340 description: The header field 3341 name 3342 type: string 3343 value: 3344 description: The header field 3345 value 3346 type: string 3347 required: 3348 - name 3349 - value 3350 type: object 3351 type: array 3352 path: 3353 description: Path to access on the 3354 HTTP server. 3355 type: string 3356 port: 3357 anyOf: 3358 - type: integer 3359 - type: string 3360 description: Name or number of the 3361 port to access on the container. 3362 Number must be in the range 1 to 3363 65535. Name must be an IANA_SVC_NAME. 3364 x-kubernetes-int-or-string: true 3365 scheme: 3366 description: Scheme to use for connecting 3367 to the host. Defaults to HTTP. 3368 type: string 3369 required: 3370 - port 3371 type: object 3372 tcpSocket: 3373 description: Deprecated. TCPSocket is 3374 NOT supported as a LifecycleHandler 3375 and kept for the backward compatibility. 3376 There are no validation of this field 3377 and lifecycle hooks will fail in runtime 3378 when tcp handler is specified. 3379 properties: 3380 host: 3381 description: 'Optional: Host name 3382 to connect to, defaults to the pod 3383 IP.' 3384 type: string 3385 port: 3386 anyOf: 3387 - type: integer 3388 - type: string 3389 description: Number or name of the 3390 port to access on the container. 3391 Number must be in the range 1 to 3392 65535. Name must be an IANA_SVC_NAME. 3393 x-kubernetes-int-or-string: true 3394 required: 3395 - port 3396 type: object 3397 type: object 3398 type: object 3399 livenessProbe: 3400 description: 'Periodic probe of container liveness. 3401 Container will be restarted if the probe fails. 3402 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3403 properties: 3404 exec: 3405 description: Exec specifies the action to 3406 take. 3407 properties: 3408 command: 3409 description: Command is the command line 3410 to execute inside the container, the 3411 working directory for the command is 3412 root ('/') in the container's filesystem. 3413 The command is simply exec'd, it is 3414 not run inside a shell, so traditional 3415 shell instructions ('|', etc) won't 3416 work. To use a shell, you need to explicitly 3417 call out to that shell. Exit status 3418 of 0 is treated as live/healthy and 3419 non-zero is unhealthy. 3420 items: 3421 type: string 3422 type: array 3423 type: object 3424 failureThreshold: 3425 description: Minimum consecutive failures 3426 for the probe to be considered failed after 3427 having succeeded. Defaults to 3. Minimum 3428 value is 1. 3429 format: int32 3430 type: integer 3431 grpc: 3432 description: GRPC specifies an action involving 3433 a GRPC port. This is a beta field and requires 3434 enabling GRPCContainerProbe feature gate. 3435 properties: 3436 port: 3437 description: Port number of the gRPC service. 3438 Number must be in the range 1 to 65535. 3439 format: int32 3440 type: integer 3441 service: 3442 description: "Service is the name of the 3443 service to place in the gRPC HealthCheckRequest 3444 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3445 \n If this is not specified, the default 3446 behavior is defined by gRPC." 3447 type: string 3448 required: 3449 - port 3450 type: object 3451 httpGet: 3452 description: HTTPGet specifies the http request 3453 to perform. 3454 properties: 3455 host: 3456 description: Host name to connect to, 3457 defaults to the pod IP. You probably 3458 want to set "Host" in httpHeaders instead. 3459 type: string 3460 httpHeaders: 3461 description: Custom headers to set in 3462 the request. HTTP allows repeated headers. 3463 items: 3464 description: HTTPHeader describes a 3465 custom header to be used in HTTP probes 3466 properties: 3467 name: 3468 description: The header field name 3469 type: string 3470 value: 3471 description: The header field value 3472 type: string 3473 required: 3474 - name 3475 - value 3476 type: object 3477 type: array 3478 path: 3479 description: Path to access on the HTTP 3480 server. 3481 type: string 3482 port: 3483 anyOf: 3484 - type: integer 3485 - type: string 3486 description: Name or number of the port 3487 to access on the container. Number must 3488 be in the range 1 to 65535. Name must 3489 be an IANA_SVC_NAME. 3490 x-kubernetes-int-or-string: true 3491 scheme: 3492 description: Scheme to use for connecting 3493 to the host. Defaults to HTTP. 3494 type: string 3495 required: 3496 - port 3497 type: object 3498 initialDelaySeconds: 3499 description: 'Number of seconds after the 3500 container has started before liveness probes 3501 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3502 format: int32 3503 type: integer 3504 periodSeconds: 3505 description: How often (in seconds) to perform 3506 the probe. Default to 10 seconds. Minimum 3507 value is 1. 3508 format: int32 3509 type: integer 3510 successThreshold: 3511 description: Minimum consecutive successes 3512 for the probe to be considered successful 3513 after having failed. Defaults to 1. Must 3514 be 1 for liveness and startup. Minimum value 3515 is 1. 3516 format: int32 3517 type: integer 3518 tcpSocket: 3519 description: TCPSocket specifies an action 3520 involving a TCP port. 3521 properties: 3522 host: 3523 description: 'Optional: Host name to connect 3524 to, defaults to the pod IP.' 3525 type: string 3526 port: 3527 anyOf: 3528 - type: integer 3529 - type: string 3530 description: Number or name of the port 3531 to access on the container. Number must 3532 be in the range 1 to 65535. Name must 3533 be an IANA_SVC_NAME. 3534 x-kubernetes-int-or-string: true 3535 required: 3536 - port 3537 type: object 3538 terminationGracePeriodSeconds: 3539 description: Optional duration in seconds 3540 the pod needs to terminate gracefully upon 3541 probe failure. The grace period is the duration 3542 in seconds after the processes running in 3543 the pod are sent a termination signal and 3544 the time when the processes are forcibly 3545 halted with a kill signal. Set this value 3546 longer than the expected cleanup time for 3547 your process. If this value is nil, the 3548 pod's terminationGracePeriodSeconds will 3549 be used. Otherwise, this value overrides 3550 the value provided by the pod spec. Value 3551 must be non-negative integer. The value 3552 zero indicates stop immediately via the 3553 kill signal (no opportunity to shut down). 3554 This is a beta field and requires enabling 3555 ProbeTerminationGracePeriod feature gate. 3556 Minimum value is 1. spec.terminationGracePeriodSeconds 3557 is used if unset. 3558 format: int64 3559 type: integer 3560 timeoutSeconds: 3561 description: 'Number of seconds after which 3562 the probe times out. Defaults to 1 second. 3563 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3564 format: int32 3565 type: integer 3566 type: object 3567 name: 3568 description: Name of the container specified as 3569 a DNS_LABEL. Each container in a pod must have 3570 a unique name (DNS_LABEL). Cannot be updated. 3571 type: string 3572 ports: 3573 description: List of ports to expose from the 3574 container. Not specifying a port here DOES NOT 3575 prevent that port from being exposed. Any port 3576 which is listening on the default "0.0.0.0" 3577 address inside a container will be accessible 3578 from the network. Modifying this array with 3579 strategic merge patch may corrupt the data. 3580 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 3581 Cannot be updated. 3582 items: 3583 description: ContainerPort represents a network 3584 port in a single container. 3585 properties: 3586 containerPort: 3587 description: Number of port to expose on 3588 the pod's IP address. This must be a valid 3589 port number, 0 < x < 65536. 3590 format: int32 3591 type: integer 3592 hostIP: 3593 description: What host IP to bind the external 3594 port to. 3595 type: string 3596 hostPort: 3597 description: Number of port to expose on 3598 the host. If specified, this must be a 3599 valid port number, 0 < x < 65536. If HostNetwork 3600 is specified, this must match ContainerPort. 3601 Most containers do not need this. 3602 format: int32 3603 type: integer 3604 name: 3605 description: If specified, this must be 3606 an IANA_SVC_NAME and unique within the 3607 pod. Each named port in a pod must have 3608 a unique name. Name for the port that 3609 can be referred to by services. 3610 type: string 3611 protocol: 3612 default: TCP 3613 description: Protocol for port. Must be 3614 UDP, TCP, or SCTP. Defaults to "TCP". 3615 type: string 3616 required: 3617 - containerPort 3618 type: object 3619 type: array 3620 x-kubernetes-list-map-keys: 3621 - containerPort 3622 - protocol 3623 x-kubernetes-list-type: map 3624 readinessProbe: 3625 description: 'Periodic probe of container service 3626 readiness. Container will be removed from service 3627 endpoints if the probe fails. Cannot be updated. 3628 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3629 properties: 3630 exec: 3631 description: Exec specifies the action to 3632 take. 3633 properties: 3634 command: 3635 description: Command is the command line 3636 to execute inside the container, the 3637 working directory for the command is 3638 root ('/') in the container's filesystem. 3639 The command is simply exec'd, it is 3640 not run inside a shell, so traditional 3641 shell instructions ('|', etc) won't 3642 work. To use a shell, you need to explicitly 3643 call out to that shell. Exit status 3644 of 0 is treated as live/healthy and 3645 non-zero is unhealthy. 3646 items: 3647 type: string 3648 type: array 3649 type: object 3650 failureThreshold: 3651 description: Minimum consecutive failures 3652 for the probe to be considered failed after 3653 having succeeded. Defaults to 3. Minimum 3654 value is 1. 3655 format: int32 3656 type: integer 3657 grpc: 3658 description: GRPC specifies an action involving 3659 a GRPC port. This is a beta field and requires 3660 enabling GRPCContainerProbe feature gate. 3661 properties: 3662 port: 3663 description: Port number of the gRPC service. 3664 Number must be in the range 1 to 65535. 3665 format: int32 3666 type: integer 3667 service: 3668 description: "Service is the name of the 3669 service to place in the gRPC HealthCheckRequest 3670 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3671 \n If this is not specified, the default 3672 behavior is defined by gRPC." 3673 type: string 3674 required: 3675 - port 3676 type: object 3677 httpGet: 3678 description: HTTPGet specifies the http request 3679 to perform. 3680 properties: 3681 host: 3682 description: Host name to connect to, 3683 defaults to the pod IP. You probably 3684 want to set "Host" in httpHeaders instead. 3685 type: string 3686 httpHeaders: 3687 description: Custom headers to set in 3688 the request. HTTP allows repeated headers. 3689 items: 3690 description: HTTPHeader describes a 3691 custom header to be used in HTTP probes 3692 properties: 3693 name: 3694 description: The header field name 3695 type: string 3696 value: 3697 description: The header field value 3698 type: string 3699 required: 3700 - name 3701 - value 3702 type: object 3703 type: array 3704 path: 3705 description: Path to access on the HTTP 3706 server. 3707 type: string 3708 port: 3709 anyOf: 3710 - type: integer 3711 - type: string 3712 description: Name or number of the port 3713 to access on the container. Number must 3714 be in the range 1 to 65535. Name must 3715 be an IANA_SVC_NAME. 3716 x-kubernetes-int-or-string: true 3717 scheme: 3718 description: Scheme to use for connecting 3719 to the host. Defaults to HTTP. 3720 type: string 3721 required: 3722 - port 3723 type: object 3724 initialDelaySeconds: 3725 description: 'Number of seconds after the 3726 container has started before liveness probes 3727 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3728 format: int32 3729 type: integer 3730 periodSeconds: 3731 description: How often (in seconds) to perform 3732 the probe. Default to 10 seconds. Minimum 3733 value is 1. 3734 format: int32 3735 type: integer 3736 successThreshold: 3737 description: Minimum consecutive successes 3738 for the probe to be considered successful 3739 after having failed. Defaults to 1. Must 3740 be 1 for liveness and startup. Minimum value 3741 is 1. 3742 format: int32 3743 type: integer 3744 tcpSocket: 3745 description: TCPSocket specifies an action 3746 involving a TCP port. 3747 properties: 3748 host: 3749 description: 'Optional: Host name to connect 3750 to, defaults to the pod IP.' 3751 type: string 3752 port: 3753 anyOf: 3754 - type: integer 3755 - type: string 3756 description: Number or name of the port 3757 to access on the container. Number must 3758 be in the range 1 to 65535. Name must 3759 be an IANA_SVC_NAME. 3760 x-kubernetes-int-or-string: true 3761 required: 3762 - port 3763 type: object 3764 terminationGracePeriodSeconds: 3765 description: Optional duration in seconds 3766 the pod needs to terminate gracefully upon 3767 probe failure. The grace period is the duration 3768 in seconds after the processes running in 3769 the pod are sent a termination signal and 3770 the time when the processes are forcibly 3771 halted with a kill signal. Set this value 3772 longer than the expected cleanup time for 3773 your process. If this value is nil, the 3774 pod's terminationGracePeriodSeconds will 3775 be used. Otherwise, this value overrides 3776 the value provided by the pod spec. Value 3777 must be non-negative integer. The value 3778 zero indicates stop immediately via the 3779 kill signal (no opportunity to shut down). 3780 This is a beta field and requires enabling 3781 ProbeTerminationGracePeriod feature gate. 3782 Minimum value is 1. spec.terminationGracePeriodSeconds 3783 is used if unset. 3784 format: int64 3785 type: integer 3786 timeoutSeconds: 3787 description: 'Number of seconds after which 3788 the probe times out. Defaults to 1 second. 3789 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3790 format: int32 3791 type: integer 3792 type: object 3793 resources: 3794 description: 'Compute Resources required by this 3795 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3796 properties: 3797 claims: 3798 description: "Claims lists the names of resources, 3799 defined in spec.resourceClaims, that are 3800 used by this container. \n This is an alpha 3801 field and requires enabling the DynamicResourceAllocation 3802 feature gate. \n This field is immutable." 3803 items: 3804 description: ResourceClaim references one 3805 entry in PodSpec.ResourceClaims. 3806 properties: 3807 name: 3808 description: Name must match the name 3809 of one entry in pod.spec.resourceClaims 3810 of the Pod where this field is used. 3811 It makes that resource available inside 3812 a container. 3813 type: string 3814 required: 3815 - name 3816 type: object 3817 type: array 3818 x-kubernetes-list-map-keys: 3819 - name 3820 x-kubernetes-list-type: map 3821 limits: 3822 additionalProperties: 3823 anyOf: 3824 - type: integer 3825 - type: string 3826 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3827 x-kubernetes-int-or-string: true 3828 description: 'Limits describes the maximum 3829 amount of compute resources allowed. More 3830 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3831 type: object 3832 requests: 3833 additionalProperties: 3834 anyOf: 3835 - type: integer 3836 - type: string 3837 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3838 x-kubernetes-int-or-string: true 3839 description: 'Requests describes the minimum 3840 amount of compute resources required. If 3841 Requests is omitted for a container, it 3842 defaults to Limits if that is explicitly 3843 specified, otherwise to an implementation-defined 3844 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3845 type: object 3846 type: object 3847 securityContext: 3848 description: 'SecurityContext defines the security 3849 options the container should be run with. If 3850 set, the fields of SecurityContext override 3851 the equivalent fields of PodSecurityContext. 3852 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3853 properties: 3854 allowPrivilegeEscalation: 3855 description: 'AllowPrivilegeEscalation controls 3856 whether a process can gain more privileges 3857 than its parent process. This bool directly 3858 controls if the no_new_privs flag will be 3859 set on the container process. AllowPrivilegeEscalation 3860 is true always when the container is: 1) 3861 run as Privileged 2) has CAP_SYS_ADMIN Note 3862 that this field cannot be set when spec.os.name 3863 is windows.' 3864 type: boolean 3865 capabilities: 3866 description: The capabilities to add/drop 3867 when running containers. Defaults to the 3868 default set of capabilities granted by the 3869 container runtime. Note that this field 3870 cannot be set when spec.os.name is windows. 3871 properties: 3872 add: 3873 description: Added capabilities 3874 items: 3875 description: Capability represent POSIX 3876 capabilities type 3877 type: string 3878 type: array 3879 drop: 3880 description: Removed capabilities 3881 items: 3882 description: Capability represent POSIX 3883 capabilities type 3884 type: string 3885 type: array 3886 type: object 3887 privileged: 3888 description: Run container in privileged mode. 3889 Processes in privileged containers are essentially 3890 equivalent to root on the host. Defaults 3891 to false. Note that this field cannot be 3892 set when spec.os.name is windows. 3893 type: boolean 3894 procMount: 3895 description: procMount denotes the type of 3896 proc mount to use for the containers. The 3897 default is DefaultProcMount which uses the 3898 container runtime defaults for readonly 3899 paths and masked paths. This requires the 3900 ProcMountType feature flag to be enabled. 3901 Note that this field cannot be set when 3902 spec.os.name is windows. 3903 type: string 3904 readOnlyRootFilesystem: 3905 description: Whether this container has a 3906 read-only root filesystem. Default is false. 3907 Note that this field cannot be set when 3908 spec.os.name is windows. 3909 type: boolean 3910 runAsGroup: 3911 description: The GID to run the entrypoint 3912 of the container process. Uses runtime default 3913 if unset. May also be set in PodSecurityContext. If 3914 set in both SecurityContext and PodSecurityContext, 3915 the value specified in SecurityContext takes 3916 precedence. Note that this field cannot 3917 be set when spec.os.name is windows. 3918 format: int64 3919 type: integer 3920 runAsNonRoot: 3921 description: Indicates that the container 3922 must run as a non-root user. If true, the 3923 Kubelet will validate the image at runtime 3924 to ensure that it does not run as UID 0 3925 (root) and fail to start the container if 3926 it does. If unset or false, no such validation 3927 will be performed. May also be set in PodSecurityContext. If 3928 set in both SecurityContext and PodSecurityContext, 3929 the value specified in SecurityContext takes 3930 precedence. 3931 type: boolean 3932 runAsUser: 3933 description: The UID to run the entrypoint 3934 of the container process. Defaults to user 3935 specified in image metadata if unspecified. 3936 May also be set in PodSecurityContext. If 3937 set in both SecurityContext and PodSecurityContext, 3938 the value specified in SecurityContext takes 3939 precedence. Note that this field cannot 3940 be set when spec.os.name is windows. 3941 format: int64 3942 type: integer 3943 seLinuxOptions: 3944 description: The SELinux context to be applied 3945 to the container. If unspecified, the container 3946 runtime will allocate a random SELinux context 3947 for each container. May also be set in 3948 PodSecurityContext. If set in both SecurityContext 3949 and PodSecurityContext, the value specified 3950 in SecurityContext takes precedence. Note 3951 that this field cannot be set when spec.os.name 3952 is windows. 3953 properties: 3954 level: 3955 description: Level is SELinux level label 3956 that applies to the container. 3957 type: string 3958 role: 3959 description: Role is a SELinux role label 3960 that applies to the container. 3961 type: string 3962 type: 3963 description: Type is a SELinux type label 3964 that applies to the container. 3965 type: string 3966 user: 3967 description: User is a SELinux user label 3968 that applies to the container. 3969 type: string 3970 type: object 3971 seccompProfile: 3972 description: The seccomp options to use by 3973 this container. If seccomp options are provided 3974 at both the pod & container level, the container 3975 options override the pod options. Note that 3976 this field cannot be set when spec.os.name 3977 is windows. 3978 properties: 3979 localhostProfile: 3980 description: localhostProfile indicates 3981 a profile defined in a file on the node 3982 should be used. The profile must be 3983 preconfigured on the node to work. Must 3984 be a descending path, relative to the 3985 kubelet's configured seccomp profile 3986 location. Must only be set if type is 3987 "Localhost". 3988 type: string 3989 type: 3990 description: "type indicates which kind 3991 of seccomp profile will be applied. 3992 Valid options are: \n Localhost - a 3993 profile defined in a file on the node 3994 should be used. RuntimeDefault - the 3995 container runtime default profile should 3996 be used. Unconfined - no profile should 3997 be applied." 3998 type: string 3999 required: 4000 - type 4001 type: object 4002 windowsOptions: 4003 description: The Windows specific settings 4004 applied to all containers. If unspecified, 4005 the options from the PodSecurityContext 4006 will be used. If set in both SecurityContext 4007 and PodSecurityContext, the value specified 4008 in SecurityContext takes precedence. Note 4009 that this field cannot be set when spec.os.name 4010 is linux. 4011 properties: 4012 gmsaCredentialSpec: 4013 description: GMSACredentialSpec is where 4014 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4015 inlines the contents of the GMSA credential 4016 spec named by the GMSACredentialSpecName 4017 field. 4018 type: string 4019 gmsaCredentialSpecName: 4020 description: GMSACredentialSpecName is 4021 the name of the GMSA credential spec 4022 to use. 4023 type: string 4024 hostProcess: 4025 description: HostProcess determines if 4026 a container should be run as a 'Host 4027 Process' container. This field is alpha-level 4028 and will only be honored by components 4029 that enable the WindowsHostProcessContainers 4030 feature flag. Setting this field without 4031 the feature flag will result in errors 4032 when validating the Pod. All of a Pod's 4033 containers must have the same effective 4034 HostProcess value (it is not allowed 4035 to have a mix of HostProcess containers 4036 and non-HostProcess containers). In 4037 addition, if HostProcess is true then 4038 HostNetwork must also be set to true. 4039 type: boolean 4040 runAsUserName: 4041 description: The UserName in Windows to 4042 run the entrypoint of the container 4043 process. Defaults to the user specified 4044 in image metadata if unspecified. May 4045 also be set in PodSecurityContext. If 4046 set in both SecurityContext and PodSecurityContext, 4047 the value specified in SecurityContext 4048 takes precedence. 4049 type: string 4050 type: object 4051 type: object 4052 startupProbe: 4053 description: 'StartupProbe indicates that the 4054 Pod has successfully initialized. If specified, 4055 no other probes are executed until this completes 4056 successfully. If this probe fails, the Pod will 4057 be restarted, just as if the livenessProbe failed. 4058 This can be used to provide different probe 4059 parameters at the beginning of a Pod''s lifecycle, 4060 when it might take a long time to load data 4061 or warm a cache, than during steady-state operation. 4062 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4063 properties: 4064 exec: 4065 description: Exec specifies the action to 4066 take. 4067 properties: 4068 command: 4069 description: Command is the command line 4070 to execute inside the container, the 4071 working directory for the command is 4072 root ('/') in the container's filesystem. 4073 The command is simply exec'd, it is 4074 not run inside a shell, so traditional 4075 shell instructions ('|', etc) won't 4076 work. To use a shell, you need to explicitly 4077 call out to that shell. Exit status 4078 of 0 is treated as live/healthy and 4079 non-zero is unhealthy. 4080 items: 4081 type: string 4082 type: array 4083 type: object 4084 failureThreshold: 4085 description: Minimum consecutive failures 4086 for the probe to be considered failed after 4087 having succeeded. Defaults to 3. Minimum 4088 value is 1. 4089 format: int32 4090 type: integer 4091 grpc: 4092 description: GRPC specifies an action involving 4093 a GRPC port. This is a beta field and requires 4094 enabling GRPCContainerProbe feature gate. 4095 properties: 4096 port: 4097 description: Port number of the gRPC service. 4098 Number must be in the range 1 to 65535. 4099 format: int32 4100 type: integer 4101 service: 4102 description: "Service is the name of the 4103 service to place in the gRPC HealthCheckRequest 4104 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4105 \n If this is not specified, the default 4106 behavior is defined by gRPC." 4107 type: string 4108 required: 4109 - port 4110 type: object 4111 httpGet: 4112 description: HTTPGet specifies the http request 4113 to perform. 4114 properties: 4115 host: 4116 description: Host name to connect to, 4117 defaults to the pod IP. You probably 4118 want to set "Host" in httpHeaders instead. 4119 type: string 4120 httpHeaders: 4121 description: Custom headers to set in 4122 the request. HTTP allows repeated headers. 4123 items: 4124 description: HTTPHeader describes a 4125 custom header to be used in HTTP probes 4126 properties: 4127 name: 4128 description: The header field name 4129 type: string 4130 value: 4131 description: The header field value 4132 type: string 4133 required: 4134 - name 4135 - value 4136 type: object 4137 type: array 4138 path: 4139 description: Path to access on the HTTP 4140 server. 4141 type: string 4142 port: 4143 anyOf: 4144 - type: integer 4145 - type: string 4146 description: Name or number of the port 4147 to access on the container. Number must 4148 be in the range 1 to 65535. Name must 4149 be an IANA_SVC_NAME. 4150 x-kubernetes-int-or-string: true 4151 scheme: 4152 description: Scheme to use for connecting 4153 to the host. Defaults to HTTP. 4154 type: string 4155 required: 4156 - port 4157 type: object 4158 initialDelaySeconds: 4159 description: 'Number of seconds after the 4160 container has started before liveness probes 4161 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4162 format: int32 4163 type: integer 4164 periodSeconds: 4165 description: How often (in seconds) to perform 4166 the probe. Default to 10 seconds. Minimum 4167 value is 1. 4168 format: int32 4169 type: integer 4170 successThreshold: 4171 description: Minimum consecutive successes 4172 for the probe to be considered successful 4173 after having failed. Defaults to 1. Must 4174 be 1 for liveness and startup. Minimum value 4175 is 1. 4176 format: int32 4177 type: integer 4178 tcpSocket: 4179 description: TCPSocket specifies an action 4180 involving a TCP port. 4181 properties: 4182 host: 4183 description: 'Optional: Host name to connect 4184 to, defaults to the pod IP.' 4185 type: string 4186 port: 4187 anyOf: 4188 - type: integer 4189 - type: string 4190 description: Number or name of the port 4191 to access on the container. Number must 4192 be in the range 1 to 65535. Name must 4193 be an IANA_SVC_NAME. 4194 x-kubernetes-int-or-string: true 4195 required: 4196 - port 4197 type: object 4198 terminationGracePeriodSeconds: 4199 description: Optional duration in seconds 4200 the pod needs to terminate gracefully upon 4201 probe failure. The grace period is the duration 4202 in seconds after the processes running in 4203 the pod are sent a termination signal and 4204 the time when the processes are forcibly 4205 halted with a kill signal. Set this value 4206 longer than the expected cleanup time for 4207 your process. If this value is nil, the 4208 pod's terminationGracePeriodSeconds will 4209 be used. Otherwise, this value overrides 4210 the value provided by the pod spec. Value 4211 must be non-negative integer. The value 4212 zero indicates stop immediately via the 4213 kill signal (no opportunity to shut down). 4214 This is a beta field and requires enabling 4215 ProbeTerminationGracePeriod feature gate. 4216 Minimum value is 1. spec.terminationGracePeriodSeconds 4217 is used if unset. 4218 format: int64 4219 type: integer 4220 timeoutSeconds: 4221 description: 'Number of seconds after which 4222 the probe times out. Defaults to 1 second. 4223 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4224 format: int32 4225 type: integer 4226 type: object 4227 stdin: 4228 description: Whether this container should allocate 4229 a buffer for stdin in the container runtime. 4230 If this is not set, reads from stdin in the 4231 container will always result in EOF. Default 4232 is false. 4233 type: boolean 4234 stdinOnce: 4235 description: Whether the container runtime should 4236 close the stdin channel after it has been opened 4237 by a single attach. When stdin is true the stdin 4238 stream will remain open across multiple attach 4239 sessions. If stdinOnce is set to true, stdin 4240 is opened on container start, is empty until 4241 the first client attaches to stdin, and then 4242 remains open and accepts data until the client 4243 disconnects, at which time stdin is closed and 4244 remains closed until the container is restarted. 4245 If this flag is false, a container processes 4246 that reads from stdin will never receive an 4247 EOF. Default is false 4248 type: boolean 4249 terminationMessagePath: 4250 description: 'Optional: Path at which the file 4251 to which the container''s termination message 4252 will be written is mounted into the container''s 4253 filesystem. Message written is intended to be 4254 brief final status, such as an assertion failure 4255 message. Will be truncated by the node if greater 4256 than 4096 bytes. The total message length across 4257 all containers will be limited to 12kb. Defaults 4258 to /dev/termination-log. Cannot be updated.' 4259 type: string 4260 terminationMessagePolicy: 4261 description: Indicate how the termination message 4262 should be populated. File will use the contents 4263 of terminationMessagePath to populate the container 4264 status message on both success and failure. 4265 FallbackToLogsOnError will use the last chunk 4266 of container log output if the termination message 4267 file is empty and the container exited with 4268 an error. The log output is limited to 2048 4269 bytes or 80 lines, whichever is smaller. Defaults 4270 to File. Cannot be updated. 4271 type: string 4272 tty: 4273 description: Whether this container should allocate 4274 a TTY for itself, also requires 'stdin' to be 4275 true. Default is false. 4276 type: boolean 4277 volumeDevices: 4278 description: volumeDevices is the list of block 4279 devices to be used by the container. 4280 items: 4281 description: volumeDevice describes a mapping 4282 of a raw block device within a container. 4283 properties: 4284 devicePath: 4285 description: devicePath is the path inside 4286 of the container that the device will 4287 be mapped to. 4288 type: string 4289 name: 4290 description: name must match the name of 4291 a persistentVolumeClaim in the pod 4292 type: string 4293 required: 4294 - devicePath 4295 - name 4296 type: object 4297 type: array 4298 volumeMounts: 4299 description: Pod volumes to mount into the container's 4300 filesystem. Cannot be updated. 4301 items: 4302 description: VolumeMount describes a mounting 4303 of a Volume within a container. 4304 properties: 4305 mountPath: 4306 description: Path within the container at 4307 which the volume should be mounted. Must 4308 not contain ':'. 4309 type: string 4310 mountPropagation: 4311 description: mountPropagation determines 4312 how mounts are propagated from the host 4313 to container and the other way around. 4314 When not set, MountPropagationNone is 4315 used. This field is beta in 1.10. 4316 type: string 4317 name: 4318 description: This must match the Name of 4319 a Volume. 4320 type: string 4321 readOnly: 4322 description: Mounted read-only if true, 4323 read-write otherwise (false or unspecified). 4324 Defaults to false. 4325 type: boolean 4326 subPath: 4327 description: Path within the volume from 4328 which the container's volume should be 4329 mounted. Defaults to "" (volume's root). 4330 type: string 4331 subPathExpr: 4332 description: Expanded path within the volume 4333 from which the container's volume should 4334 be mounted. Behaves similarly to SubPath 4335 but environment variable references $(VAR_NAME) 4336 are expanded using the container's environment. 4337 Defaults to "" (volume's root). SubPathExpr 4338 and SubPath are mutually exclusive. 4339 type: string 4340 required: 4341 - mountPath 4342 - name 4343 type: object 4344 type: array 4345 workingDir: 4346 description: Container's working directory. If 4347 not specified, the container runtime's default 4348 will be used, which might be configured in the 4349 container image. Cannot be updated. 4350 type: string 4351 required: 4352 - name 4353 type: object 4354 type: array 4355 dnsConfig: 4356 description: Specifies the DNS parameters of a pod. 4357 Parameters specified here will be merged to the generated 4358 DNS configuration based on DNSPolicy. 4359 properties: 4360 nameservers: 4361 description: A list of DNS name server IP addresses. 4362 This will be appended to the base nameservers 4363 generated from DNSPolicy. Duplicated nameservers 4364 will be removed. 4365 items: 4366 type: string 4367 type: array 4368 options: 4369 description: A list of DNS resolver options. This 4370 will be merged with the base options generated 4371 from DNSPolicy. Duplicated entries will be removed. 4372 Resolution options given in Options will override 4373 those that appear in the base DNSPolicy. 4374 items: 4375 description: PodDNSConfigOption defines DNS resolver 4376 options of a pod. 4377 properties: 4378 name: 4379 description: Required. 4380 type: string 4381 value: 4382 type: string 4383 type: object 4384 type: array 4385 searches: 4386 description: A list of DNS search domains for host-name 4387 lookup. This will be appended to the base search 4388 paths generated from DNSPolicy. Duplicated search 4389 paths will be removed. 4390 items: 4391 type: string 4392 type: array 4393 type: object 4394 dnsPolicy: 4395 description: Set DNS policy for the pod. Defaults to 4396 "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 4397 'ClusterFirst', 'Default' or 'None'. DNS parameters 4398 given in DNSConfig will be merged with the policy 4399 selected with DNSPolicy. To have DNS options set along 4400 with hostNetwork, you have to specify DNS policy explicitly 4401 to 'ClusterFirstWithHostNet'. 4402 type: string 4403 enableServiceLinks: 4404 description: 'EnableServiceLinks indicates whether information 4405 about services should be injected into pod''s environment 4406 variables, matching the syntax of Docker links. Optional: 4407 Defaults to true.' 4408 type: boolean 4409 ephemeralContainers: 4410 description: List of ephemeral containers run in this 4411 pod. Ephemeral containers may be run in an existing 4412 pod to perform user-initiated actions such as debugging. 4413 This list cannot be specified when creating a pod, 4414 and it cannot be modified by updating the pod spec. 4415 In order to add an ephemeral container to an existing 4416 pod, use the pod's ephemeralcontainers subresource. 4417 items: 4418 description: "An EphemeralContainer is a temporary 4419 container that you may add to an existing Pod for 4420 user-initiated activities such as debugging. Ephemeral 4421 containers have no resource or scheduling guarantees, 4422 and they will not be restarted when they exit or 4423 when a Pod is removed or restarted. The kubelet 4424 may evict a Pod if an ephemeral container causes 4425 the Pod to exceed its resource allocation. \n To 4426 add an ephemeral container, use the ephemeralcontainers 4427 subresource of an existing Pod. Ephemeral containers 4428 may not be removed or restarted." 4429 properties: 4430 args: 4431 description: 'Arguments to the entrypoint. The 4432 image''s CMD is used if this is not provided. 4433 Variable references $(VAR_NAME) are expanded 4434 using the container''s environment. If a variable 4435 cannot be resolved, the reference in the input 4436 string will be unchanged. Double $$ are reduced 4437 to a single $, which allows for escaping the 4438 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 4439 produce the string literal "$(VAR_NAME)". Escaped 4440 references will never be expanded, regardless 4441 of whether the variable exists or not. Cannot 4442 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4443 items: 4444 type: string 4445 type: array 4446 command: 4447 description: 'Entrypoint array. Not executed within 4448 a shell. The image''s ENTRYPOINT is used if 4449 this is not provided. Variable references $(VAR_NAME) 4450 are expanded using the container''s environment. 4451 If a variable cannot be resolved, the reference 4452 in the input string will be unchanged. Double 4453 $$ are reduced to a single $, which allows for 4454 escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4455 will produce the string literal "$(VAR_NAME)". 4456 Escaped references will never be expanded, regardless 4457 of whether the variable exists or not. Cannot 4458 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4459 items: 4460 type: string 4461 type: array 4462 env: 4463 description: List of environment variables to 4464 set in the container. Cannot be updated. 4465 items: 4466 description: EnvVar represents an environment 4467 variable present in a Container. 4468 properties: 4469 name: 4470 description: Name of the environment variable. 4471 Must be a C_IDENTIFIER. 4472 type: string 4473 value: 4474 description: 'Variable references $(VAR_NAME) 4475 are expanded using the previously defined 4476 environment variables in the container 4477 and any service environment variables. 4478 If a variable cannot be resolved, the 4479 reference in the input string will be 4480 unchanged. Double $$ are reduced to a 4481 single $, which allows for escaping the 4482 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4483 will produce the string literal "$(VAR_NAME)". 4484 Escaped references will never be expanded, 4485 regardless of whether the variable exists 4486 or not. Defaults to "".' 4487 type: string 4488 valueFrom: 4489 description: Source for the environment 4490 variable's value. Cannot be used if value 4491 is not empty. 4492 properties: 4493 configMapKeyRef: 4494 description: Selects a key of a ConfigMap. 4495 properties: 4496 key: 4497 description: The key to select. 4498 type: string 4499 name: 4500 description: 'Name of the referent. 4501 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4502 TODO: Add other useful fields. 4503 apiVersion, kind, uid?' 4504 type: string 4505 optional: 4506 description: Specify whether the 4507 ConfigMap or its key must be defined 4508 type: boolean 4509 required: 4510 - key 4511 type: object 4512 fieldRef: 4513 description: 'Selects a field of the 4514 pod: supports metadata.name, metadata.namespace, 4515 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4516 spec.nodeName, spec.serviceAccountName, 4517 status.hostIP, status.podIP, status.podIPs.' 4518 properties: 4519 apiVersion: 4520 description: Version of the schema 4521 the FieldPath is written in terms 4522 of, defaults to "v1". 4523 type: string 4524 fieldPath: 4525 description: Path of the field to 4526 select in the specified API version. 4527 type: string 4528 required: 4529 - fieldPath 4530 type: object 4531 resourceFieldRef: 4532 description: 'Selects a resource of 4533 the container: only resources limits 4534 and requests (limits.cpu, limits.memory, 4535 limits.ephemeral-storage, requests.cpu, 4536 requests.memory and requests.ephemeral-storage) 4537 are currently supported.' 4538 properties: 4539 containerName: 4540 description: 'Container name: required 4541 for volumes, optional for env 4542 vars' 4543 type: string 4544 divisor: 4545 anyOf: 4546 - type: integer 4547 - type: string 4548 description: Specifies the output 4549 format of the exposed resources, 4550 defaults to "1" 4551 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4552 x-kubernetes-int-or-string: true 4553 resource: 4554 description: 'Required: resource 4555 to select' 4556 type: string 4557 required: 4558 - resource 4559 type: object 4560 secretKeyRef: 4561 description: Selects a key of a secret 4562 in the pod's namespace 4563 properties: 4564 key: 4565 description: The key of the secret 4566 to select from. Must be a valid 4567 secret key. 4568 type: string 4569 name: 4570 description: 'Name of the referent. 4571 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4572 TODO: Add other useful fields. 4573 apiVersion, kind, uid?' 4574 type: string 4575 optional: 4576 description: Specify whether the 4577 Secret or its key must be defined 4578 type: boolean 4579 required: 4580 - key 4581 type: object 4582 type: object 4583 required: 4584 - name 4585 type: object 4586 type: array 4587 envFrom: 4588 description: List of sources to populate environment 4589 variables in the container. The keys defined 4590 within a source must be a C_IDENTIFIER. All 4591 invalid keys will be reported as an event when 4592 the container is starting. When a key exists 4593 in multiple sources, the value associated with 4594 the last source will take precedence. Values 4595 defined by an Env with a duplicate key will 4596 take precedence. Cannot be updated. 4597 items: 4598 description: EnvFromSource represents the source 4599 of a set of ConfigMaps 4600 properties: 4601 configMapRef: 4602 description: The ConfigMap to select from 4603 properties: 4604 name: 4605 description: 'Name of the referent. 4606 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4607 TODO: Add other useful fields. apiVersion, 4608 kind, uid?' 4609 type: string 4610 optional: 4611 description: Specify whether the ConfigMap 4612 must be defined 4613 type: boolean 4614 type: object 4615 prefix: 4616 description: An optional identifier to prepend 4617 to each key in the ConfigMap. Must be 4618 a C_IDENTIFIER. 4619 type: string 4620 secretRef: 4621 description: The Secret to select from 4622 properties: 4623 name: 4624 description: 'Name of the referent. 4625 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4626 TODO: Add other useful fields. apiVersion, 4627 kind, uid?' 4628 type: string 4629 optional: 4630 description: Specify whether the Secret 4631 must be defined 4632 type: boolean 4633 type: object 4634 type: object 4635 type: array 4636 image: 4637 description: 'Container image name. More info: 4638 https://kubernetes.io/docs/concepts/containers/images' 4639 type: string 4640 imagePullPolicy: 4641 description: 'Image pull policy. One of Always, 4642 Never, IfNotPresent. Defaults to Always if :latest 4643 tag is specified, or IfNotPresent otherwise. 4644 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4645 type: string 4646 lifecycle: 4647 description: Lifecycle is not allowed for ephemeral 4648 containers. 4649 properties: 4650 postStart: 4651 description: 'PostStart is called immediately 4652 after a container is created. If the handler 4653 fails, the container is terminated and restarted 4654 according to its restart policy. Other management 4655 of the container blocks until the hook completes. 4656 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4657 properties: 4658 exec: 4659 description: Exec specifies the action 4660 to take. 4661 properties: 4662 command: 4663 description: Command is the command 4664 line to execute inside the container, 4665 the working directory for the command is 4666 root ('/') in the container's filesystem. 4667 The command is simply exec'd, it 4668 is not run inside a shell, so traditional 4669 shell instructions ('|', etc) won't 4670 work. To use a shell, you need to 4671 explicitly call out to that shell. 4672 Exit status of 0 is treated as live/healthy 4673 and non-zero is unhealthy. 4674 items: 4675 type: string 4676 type: array 4677 type: object 4678 httpGet: 4679 description: HTTPGet specifies the http 4680 request to perform. 4681 properties: 4682 host: 4683 description: Host name to connect 4684 to, defaults to the pod IP. You 4685 probably want to set "Host" in httpHeaders 4686 instead. 4687 type: string 4688 httpHeaders: 4689 description: Custom headers to set 4690 in the request. HTTP allows repeated 4691 headers. 4692 items: 4693 description: HTTPHeader describes 4694 a custom header to be used in 4695 HTTP probes 4696 properties: 4697 name: 4698 description: The header field 4699 name 4700 type: string 4701 value: 4702 description: The header field 4703 value 4704 type: string 4705 required: 4706 - name 4707 - value 4708 type: object 4709 type: array 4710 path: 4711 description: Path to access on the 4712 HTTP server. 4713 type: string 4714 port: 4715 anyOf: 4716 - type: integer 4717 - type: string 4718 description: Name or number of the 4719 port to access on the container. 4720 Number must be in the range 1 to 4721 65535. Name must be an IANA_SVC_NAME. 4722 x-kubernetes-int-or-string: true 4723 scheme: 4724 description: Scheme to use for connecting 4725 to the host. Defaults to HTTP. 4726 type: string 4727 required: 4728 - port 4729 type: object 4730 tcpSocket: 4731 description: Deprecated. TCPSocket is 4732 NOT supported as a LifecycleHandler 4733 and kept for the backward compatibility. 4734 There are no validation of this field 4735 and lifecycle hooks will fail in runtime 4736 when tcp handler is specified. 4737 properties: 4738 host: 4739 description: 'Optional: Host name 4740 to connect to, defaults to the pod 4741 IP.' 4742 type: string 4743 port: 4744 anyOf: 4745 - type: integer 4746 - type: string 4747 description: Number or name of the 4748 port to access on the container. 4749 Number must be in the range 1 to 4750 65535. Name must be an IANA_SVC_NAME. 4751 x-kubernetes-int-or-string: true 4752 required: 4753 - port 4754 type: object 4755 type: object 4756 preStop: 4757 description: 'PreStop is called immediately 4758 before a container is terminated due to 4759 an API request or management event such 4760 as liveness/startup probe failure, preemption, 4761 resource contention, etc. The handler is 4762 not called if the container crashes or exits. 4763 The Pod''s termination grace period countdown 4764 begins before the PreStop hook is executed. 4765 Regardless of the outcome of the handler, 4766 the container will eventually terminate 4767 within the Pod''s termination grace period 4768 (unless delayed by finalizers). Other management 4769 of the container blocks until the hook completes 4770 or until the termination grace period is 4771 reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4772 properties: 4773 exec: 4774 description: Exec specifies the action 4775 to take. 4776 properties: 4777 command: 4778 description: Command is the command 4779 line to execute inside the container, 4780 the working directory for the command is 4781 root ('/') in the container's filesystem. 4782 The command is simply exec'd, it 4783 is not run inside a shell, so traditional 4784 shell instructions ('|', etc) won't 4785 work. To use a shell, you need to 4786 explicitly call out to that shell. 4787 Exit status of 0 is treated as live/healthy 4788 and non-zero is unhealthy. 4789 items: 4790 type: string 4791 type: array 4792 type: object 4793 httpGet: 4794 description: HTTPGet specifies the http 4795 request to perform. 4796 properties: 4797 host: 4798 description: Host name to connect 4799 to, defaults to the pod IP. You 4800 probably want to set "Host" in httpHeaders 4801 instead. 4802 type: string 4803 httpHeaders: 4804 description: Custom headers to set 4805 in the request. HTTP allows repeated 4806 headers. 4807 items: 4808 description: HTTPHeader describes 4809 a custom header to be used in 4810 HTTP probes 4811 properties: 4812 name: 4813 description: The header field 4814 name 4815 type: string 4816 value: 4817 description: The header field 4818 value 4819 type: string 4820 required: 4821 - name 4822 - value 4823 type: object 4824 type: array 4825 path: 4826 description: Path to access on the 4827 HTTP server. 4828 type: string 4829 port: 4830 anyOf: 4831 - type: integer 4832 - type: string 4833 description: Name or number of the 4834 port to access on the container. 4835 Number must be in the range 1 to 4836 65535. Name must be an IANA_SVC_NAME. 4837 x-kubernetes-int-or-string: true 4838 scheme: 4839 description: Scheme to use for connecting 4840 to the host. Defaults to HTTP. 4841 type: string 4842 required: 4843 - port 4844 type: object 4845 tcpSocket: 4846 description: Deprecated. TCPSocket is 4847 NOT supported as a LifecycleHandler 4848 and kept for the backward compatibility. 4849 There are no validation of this field 4850 and lifecycle hooks will fail in runtime 4851 when tcp handler is specified. 4852 properties: 4853 host: 4854 description: 'Optional: Host name 4855 to connect to, defaults to the pod 4856 IP.' 4857 type: string 4858 port: 4859 anyOf: 4860 - type: integer 4861 - type: string 4862 description: Number or name of the 4863 port to access on the container. 4864 Number must be in the range 1 to 4865 65535. Name must be an IANA_SVC_NAME. 4866 x-kubernetes-int-or-string: true 4867 required: 4868 - port 4869 type: object 4870 type: object 4871 type: object 4872 livenessProbe: 4873 description: Probes are not allowed for ephemeral 4874 containers. 4875 properties: 4876 exec: 4877 description: Exec specifies the action to 4878 take. 4879 properties: 4880 command: 4881 description: Command is the command line 4882 to execute inside the container, the 4883 working directory for the command is 4884 root ('/') in the container's filesystem. 4885 The command is simply exec'd, it is 4886 not run inside a shell, so traditional 4887 shell instructions ('|', etc) won't 4888 work. To use a shell, you need to explicitly 4889 call out to that shell. Exit status 4890 of 0 is treated as live/healthy and 4891 non-zero is unhealthy. 4892 items: 4893 type: string 4894 type: array 4895 type: object 4896 failureThreshold: 4897 description: Minimum consecutive failures 4898 for the probe to be considered failed after 4899 having succeeded. Defaults to 3. Minimum 4900 value is 1. 4901 format: int32 4902 type: integer 4903 grpc: 4904 description: GRPC specifies an action involving 4905 a GRPC port. This is a beta field and requires 4906 enabling GRPCContainerProbe feature gate. 4907 properties: 4908 port: 4909 description: Port number of the gRPC service. 4910 Number must be in the range 1 to 65535. 4911 format: int32 4912 type: integer 4913 service: 4914 description: "Service is the name of the 4915 service to place in the gRPC HealthCheckRequest 4916 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4917 \n If this is not specified, the default 4918 behavior is defined by gRPC." 4919 type: string 4920 required: 4921 - port 4922 type: object 4923 httpGet: 4924 description: HTTPGet specifies the http request 4925 to perform. 4926 properties: 4927 host: 4928 description: Host name to connect to, 4929 defaults to the pod IP. You probably 4930 want to set "Host" in httpHeaders instead. 4931 type: string 4932 httpHeaders: 4933 description: Custom headers to set in 4934 the request. HTTP allows repeated headers. 4935 items: 4936 description: HTTPHeader describes a 4937 custom header to be used in HTTP probes 4938 properties: 4939 name: 4940 description: The header field name 4941 type: string 4942 value: 4943 description: The header field value 4944 type: string 4945 required: 4946 - name 4947 - value 4948 type: object 4949 type: array 4950 path: 4951 description: Path to access on the HTTP 4952 server. 4953 type: string 4954 port: 4955 anyOf: 4956 - type: integer 4957 - type: string 4958 description: Name or number of the port 4959 to access on the container. Number must 4960 be in the range 1 to 65535. Name must 4961 be an IANA_SVC_NAME. 4962 x-kubernetes-int-or-string: true 4963 scheme: 4964 description: Scheme to use for connecting 4965 to the host. Defaults to HTTP. 4966 type: string 4967 required: 4968 - port 4969 type: object 4970 initialDelaySeconds: 4971 description: 'Number of seconds after the 4972 container has started before liveness probes 4973 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4974 format: int32 4975 type: integer 4976 periodSeconds: 4977 description: How often (in seconds) to perform 4978 the probe. Default to 10 seconds. Minimum 4979 value is 1. 4980 format: int32 4981 type: integer 4982 successThreshold: 4983 description: Minimum consecutive successes 4984 for the probe to be considered successful 4985 after having failed. Defaults to 1. Must 4986 be 1 for liveness and startup. Minimum value 4987 is 1. 4988 format: int32 4989 type: integer 4990 tcpSocket: 4991 description: TCPSocket specifies an action 4992 involving a TCP port. 4993 properties: 4994 host: 4995 description: 'Optional: Host name to connect 4996 to, defaults to the pod IP.' 4997 type: string 4998 port: 4999 anyOf: 5000 - type: integer 5001 - type: string 5002 description: Number or name of the port 5003 to access on the container. Number must 5004 be in the range 1 to 65535. Name must 5005 be an IANA_SVC_NAME. 5006 x-kubernetes-int-or-string: true 5007 required: 5008 - port 5009 type: object 5010 terminationGracePeriodSeconds: 5011 description: Optional duration in seconds 5012 the pod needs to terminate gracefully upon 5013 probe failure. The grace period is the duration 5014 in seconds after the processes running in 5015 the pod are sent a termination signal and 5016 the time when the processes are forcibly 5017 halted with a kill signal. Set this value 5018 longer than the expected cleanup time for 5019 your process. If this value is nil, the 5020 pod's terminationGracePeriodSeconds will 5021 be used. Otherwise, this value overrides 5022 the value provided by the pod spec. Value 5023 must be non-negative integer. The value 5024 zero indicates stop immediately via the 5025 kill signal (no opportunity to shut down). 5026 This is a beta field and requires enabling 5027 ProbeTerminationGracePeriod feature gate. 5028 Minimum value is 1. spec.terminationGracePeriodSeconds 5029 is used if unset. 5030 format: int64 5031 type: integer 5032 timeoutSeconds: 5033 description: 'Number of seconds after which 5034 the probe times out. Defaults to 1 second. 5035 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5036 format: int32 5037 type: integer 5038 type: object 5039 name: 5040 description: Name of the ephemeral container specified 5041 as a DNS_LABEL. This name must be unique among 5042 all containers, init containers and ephemeral 5043 containers. 5044 type: string 5045 ports: 5046 description: Ports are not allowed for ephemeral 5047 containers. 5048 items: 5049 description: ContainerPort represents a network 5050 port in a single container. 5051 properties: 5052 containerPort: 5053 description: Number of port to expose on 5054 the pod's IP address. This must be a valid 5055 port number, 0 < x < 65536. 5056 format: int32 5057 type: integer 5058 hostIP: 5059 description: What host IP to bind the external 5060 port to. 5061 type: string 5062 hostPort: 5063 description: Number of port to expose on 5064 the host. If specified, this must be a 5065 valid port number, 0 < x < 65536. If HostNetwork 5066 is specified, this must match ContainerPort. 5067 Most containers do not need this. 5068 format: int32 5069 type: integer 5070 name: 5071 description: If specified, this must be 5072 an IANA_SVC_NAME and unique within the 5073 pod. Each named port in a pod must have 5074 a unique name. Name for the port that 5075 can be referred to by services. 5076 type: string 5077 protocol: 5078 default: TCP 5079 description: Protocol for port. Must be 5080 UDP, TCP, or SCTP. Defaults to "TCP". 5081 type: string 5082 required: 5083 - containerPort 5084 type: object 5085 type: array 5086 x-kubernetes-list-map-keys: 5087 - containerPort 5088 - protocol 5089 x-kubernetes-list-type: map 5090 readinessProbe: 5091 description: Probes are not allowed for ephemeral 5092 containers. 5093 properties: 5094 exec: 5095 description: Exec specifies the action to 5096 take. 5097 properties: 5098 command: 5099 description: Command is the command line 5100 to execute inside the container, the 5101 working directory for the command is 5102 root ('/') in the container's filesystem. 5103 The command is simply exec'd, it is 5104 not run inside a shell, so traditional 5105 shell instructions ('|', etc) won't 5106 work. To use a shell, you need to explicitly 5107 call out to that shell. Exit status 5108 of 0 is treated as live/healthy and 5109 non-zero is unhealthy. 5110 items: 5111 type: string 5112 type: array 5113 type: object 5114 failureThreshold: 5115 description: Minimum consecutive failures 5116 for the probe to be considered failed after 5117 having succeeded. Defaults to 3. Minimum 5118 value is 1. 5119 format: int32 5120 type: integer 5121 grpc: 5122 description: GRPC specifies an action involving 5123 a GRPC port. This is a beta field and requires 5124 enabling GRPCContainerProbe feature gate. 5125 properties: 5126 port: 5127 description: Port number of the gRPC service. 5128 Number must be in the range 1 to 65535. 5129 format: int32 5130 type: integer 5131 service: 5132 description: "Service is the name of the 5133 service to place in the gRPC HealthCheckRequest 5134 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5135 \n If this is not specified, the default 5136 behavior is defined by gRPC." 5137 type: string 5138 required: 5139 - port 5140 type: object 5141 httpGet: 5142 description: HTTPGet specifies the http request 5143 to perform. 5144 properties: 5145 host: 5146 description: Host name to connect to, 5147 defaults to the pod IP. You probably 5148 want to set "Host" in httpHeaders instead. 5149 type: string 5150 httpHeaders: 5151 description: Custom headers to set in 5152 the request. HTTP allows repeated headers. 5153 items: 5154 description: HTTPHeader describes a 5155 custom header to be used in HTTP probes 5156 properties: 5157 name: 5158 description: The header field name 5159 type: string 5160 value: 5161 description: The header field value 5162 type: string 5163 required: 5164 - name 5165 - value 5166 type: object 5167 type: array 5168 path: 5169 description: Path to access on the HTTP 5170 server. 5171 type: string 5172 port: 5173 anyOf: 5174 - type: integer 5175 - type: string 5176 description: Name or number of the port 5177 to access on the container. Number must 5178 be in the range 1 to 65535. Name must 5179 be an IANA_SVC_NAME. 5180 x-kubernetes-int-or-string: true 5181 scheme: 5182 description: Scheme to use for connecting 5183 to the host. Defaults to HTTP. 5184 type: string 5185 required: 5186 - port 5187 type: object 5188 initialDelaySeconds: 5189 description: 'Number of seconds after the 5190 container has started before liveness probes 5191 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5192 format: int32 5193 type: integer 5194 periodSeconds: 5195 description: How often (in seconds) to perform 5196 the probe. Default to 10 seconds. Minimum 5197 value is 1. 5198 format: int32 5199 type: integer 5200 successThreshold: 5201 description: Minimum consecutive successes 5202 for the probe to be considered successful 5203 after having failed. Defaults to 1. Must 5204 be 1 for liveness and startup. Minimum value 5205 is 1. 5206 format: int32 5207 type: integer 5208 tcpSocket: 5209 description: TCPSocket specifies an action 5210 involving a TCP port. 5211 properties: 5212 host: 5213 description: 'Optional: Host name to connect 5214 to, defaults to the pod IP.' 5215 type: string 5216 port: 5217 anyOf: 5218 - type: integer 5219 - type: string 5220 description: Number or name of the port 5221 to access on the container. Number must 5222 be in the range 1 to 65535. Name must 5223 be an IANA_SVC_NAME. 5224 x-kubernetes-int-or-string: true 5225 required: 5226 - port 5227 type: object 5228 terminationGracePeriodSeconds: 5229 description: Optional duration in seconds 5230 the pod needs to terminate gracefully upon 5231 probe failure. The grace period is the duration 5232 in seconds after the processes running in 5233 the pod are sent a termination signal and 5234 the time when the processes are forcibly 5235 halted with a kill signal. Set this value 5236 longer than the expected cleanup time for 5237 your process. If this value is nil, the 5238 pod's terminationGracePeriodSeconds will 5239 be used. Otherwise, this value overrides 5240 the value provided by the pod spec. Value 5241 must be non-negative integer. The value 5242 zero indicates stop immediately via the 5243 kill signal (no opportunity to shut down). 5244 This is a beta field and requires enabling 5245 ProbeTerminationGracePeriod feature gate. 5246 Minimum value is 1. spec.terminationGracePeriodSeconds 5247 is used if unset. 5248 format: int64 5249 type: integer 5250 timeoutSeconds: 5251 description: 'Number of seconds after which 5252 the probe times out. Defaults to 1 second. 5253 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5254 format: int32 5255 type: integer 5256 type: object 5257 resources: 5258 description: Resources are not allowed for ephemeral 5259 containers. Ephemeral containers use spare resources 5260 already allocated to the pod. 5261 properties: 5262 claims: 5263 description: "Claims lists the names of resources, 5264 defined in spec.resourceClaims, that are 5265 used by this container. \n This is an alpha 5266 field and requires enabling the DynamicResourceAllocation 5267 feature gate. \n This field is immutable." 5268 items: 5269 description: ResourceClaim references one 5270 entry in PodSpec.ResourceClaims. 5271 properties: 5272 name: 5273 description: Name must match the name 5274 of one entry in pod.spec.resourceClaims 5275 of the Pod where this field is used. 5276 It makes that resource available inside 5277 a container. 5278 type: string 5279 required: 5280 - name 5281 type: object 5282 type: array 5283 x-kubernetes-list-map-keys: 5284 - name 5285 x-kubernetes-list-type: map 5286 limits: 5287 additionalProperties: 5288 anyOf: 5289 - type: integer 5290 - type: string 5291 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5292 x-kubernetes-int-or-string: true 5293 description: 'Limits describes the maximum 5294 amount of compute resources allowed. More 5295 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5296 type: object 5297 requests: 5298 additionalProperties: 5299 anyOf: 5300 - type: integer 5301 - type: string 5302 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5303 x-kubernetes-int-or-string: true 5304 description: 'Requests describes the minimum 5305 amount of compute resources required. If 5306 Requests is omitted for a container, it 5307 defaults to Limits if that is explicitly 5308 specified, otherwise to an implementation-defined 5309 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5310 type: object 5311 type: object 5312 securityContext: 5313 description: 'Optional: SecurityContext defines 5314 the security options the ephemeral container 5315 should be run with. If set, the fields of SecurityContext 5316 override the equivalent fields of PodSecurityContext.' 5317 properties: 5318 allowPrivilegeEscalation: 5319 description: 'AllowPrivilegeEscalation controls 5320 whether a process can gain more privileges 5321 than its parent process. This bool directly 5322 controls if the no_new_privs flag will be 5323 set on the container process. AllowPrivilegeEscalation 5324 is true always when the container is: 1) 5325 run as Privileged 2) has CAP_SYS_ADMIN Note 5326 that this field cannot be set when spec.os.name 5327 is windows.' 5328 type: boolean 5329 capabilities: 5330 description: The capabilities to add/drop 5331 when running containers. Defaults to the 5332 default set of capabilities granted by the 5333 container runtime. Note that this field 5334 cannot be set when spec.os.name is windows. 5335 properties: 5336 add: 5337 description: Added capabilities 5338 items: 5339 description: Capability represent POSIX 5340 capabilities type 5341 type: string 5342 type: array 5343 drop: 5344 description: Removed capabilities 5345 items: 5346 description: Capability represent POSIX 5347 capabilities type 5348 type: string 5349 type: array 5350 type: object 5351 privileged: 5352 description: Run container in privileged mode. 5353 Processes in privileged containers are essentially 5354 equivalent to root on the host. Defaults 5355 to false. Note that this field cannot be 5356 set when spec.os.name is windows. 5357 type: boolean 5358 procMount: 5359 description: procMount denotes the type of 5360 proc mount to use for the containers. The 5361 default is DefaultProcMount which uses the 5362 container runtime defaults for readonly 5363 paths and masked paths. This requires the 5364 ProcMountType feature flag to be enabled. 5365 Note that this field cannot be set when 5366 spec.os.name is windows. 5367 type: string 5368 readOnlyRootFilesystem: 5369 description: Whether this container has a 5370 read-only root filesystem. Default is false. 5371 Note that this field cannot be set when 5372 spec.os.name is windows. 5373 type: boolean 5374 runAsGroup: 5375 description: The GID to run the entrypoint 5376 of the container process. Uses runtime default 5377 if unset. May also be set in PodSecurityContext. If 5378 set in both SecurityContext and PodSecurityContext, 5379 the value specified in SecurityContext takes 5380 precedence. Note that this field cannot 5381 be set when spec.os.name is windows. 5382 format: int64 5383 type: integer 5384 runAsNonRoot: 5385 description: Indicates that the container 5386 must run as a non-root user. If true, the 5387 Kubelet will validate the image at runtime 5388 to ensure that it does not run as UID 0 5389 (root) and fail to start the container if 5390 it does. If unset or false, no such validation 5391 will be performed. May also be set in PodSecurityContext. If 5392 set in both SecurityContext and PodSecurityContext, 5393 the value specified in SecurityContext takes 5394 precedence. 5395 type: boolean 5396 runAsUser: 5397 description: The UID to run the entrypoint 5398 of the container process. Defaults to user 5399 specified in image metadata if unspecified. 5400 May also be set in PodSecurityContext. If 5401 set in both SecurityContext and PodSecurityContext, 5402 the value specified in SecurityContext takes 5403 precedence. Note that this field cannot 5404 be set when spec.os.name is windows. 5405 format: int64 5406 type: integer 5407 seLinuxOptions: 5408 description: The SELinux context to be applied 5409 to the container. If unspecified, the container 5410 runtime will allocate a random SELinux context 5411 for each container. May also be set in 5412 PodSecurityContext. If set in both SecurityContext 5413 and PodSecurityContext, the value specified 5414 in SecurityContext takes precedence. Note 5415 that this field cannot be set when spec.os.name 5416 is windows. 5417 properties: 5418 level: 5419 description: Level is SELinux level label 5420 that applies to the container. 5421 type: string 5422 role: 5423 description: Role is a SELinux role label 5424 that applies to the container. 5425 type: string 5426 type: 5427 description: Type is a SELinux type label 5428 that applies to the container. 5429 type: string 5430 user: 5431 description: User is a SELinux user label 5432 that applies to the container. 5433 type: string 5434 type: object 5435 seccompProfile: 5436 description: The seccomp options to use by 5437 this container. If seccomp options are provided 5438 at both the pod & container level, the container 5439 options override the pod options. Note that 5440 this field cannot be set when spec.os.name 5441 is windows. 5442 properties: 5443 localhostProfile: 5444 description: localhostProfile indicates 5445 a profile defined in a file on the node 5446 should be used. The profile must be 5447 preconfigured on the node to work. Must 5448 be a descending path, relative to the 5449 kubelet's configured seccomp profile 5450 location. Must only be set if type is 5451 "Localhost". 5452 type: string 5453 type: 5454 description: "type indicates which kind 5455 of seccomp profile will be applied. 5456 Valid options are: \n Localhost - a 5457 profile defined in a file on the node 5458 should be used. RuntimeDefault - the 5459 container runtime default profile should 5460 be used. Unconfined - no profile should 5461 be applied." 5462 type: string 5463 required: 5464 - type 5465 type: object 5466 windowsOptions: 5467 description: The Windows specific settings 5468 applied to all containers. If unspecified, 5469 the options from the PodSecurityContext 5470 will be used. If set in both SecurityContext 5471 and PodSecurityContext, the value specified 5472 in SecurityContext takes precedence. Note 5473 that this field cannot be set when spec.os.name 5474 is linux. 5475 properties: 5476 gmsaCredentialSpec: 5477 description: GMSACredentialSpec is where 5478 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5479 inlines the contents of the GMSA credential 5480 spec named by the GMSACredentialSpecName 5481 field. 5482 type: string 5483 gmsaCredentialSpecName: 5484 description: GMSACredentialSpecName is 5485 the name of the GMSA credential spec 5486 to use. 5487 type: string 5488 hostProcess: 5489 description: HostProcess determines if 5490 a container should be run as a 'Host 5491 Process' container. This field is alpha-level 5492 and will only be honored by components 5493 that enable the WindowsHostProcessContainers 5494 feature flag. Setting this field without 5495 the feature flag will result in errors 5496 when validating the Pod. All of a Pod's 5497 containers must have the same effective 5498 HostProcess value (it is not allowed 5499 to have a mix of HostProcess containers 5500 and non-HostProcess containers). In 5501 addition, if HostProcess is true then 5502 HostNetwork must also be set to true. 5503 type: boolean 5504 runAsUserName: 5505 description: The UserName in Windows to 5506 run the entrypoint of the container 5507 process. Defaults to the user specified 5508 in image metadata if unspecified. May 5509 also be set in PodSecurityContext. If 5510 set in both SecurityContext and PodSecurityContext, 5511 the value specified in SecurityContext 5512 takes precedence. 5513 type: string 5514 type: object 5515 type: object 5516 startupProbe: 5517 description: Probes are not allowed for ephemeral 5518 containers. 5519 properties: 5520 exec: 5521 description: Exec specifies the action to 5522 take. 5523 properties: 5524 command: 5525 description: Command is the command line 5526 to execute inside the container, the 5527 working directory for the command is 5528 root ('/') in the container's filesystem. 5529 The command is simply exec'd, it is 5530 not run inside a shell, so traditional 5531 shell instructions ('|', etc) won't 5532 work. To use a shell, you need to explicitly 5533 call out to that shell. Exit status 5534 of 0 is treated as live/healthy and 5535 non-zero is unhealthy. 5536 items: 5537 type: string 5538 type: array 5539 type: object 5540 failureThreshold: 5541 description: Minimum consecutive failures 5542 for the probe to be considered failed after 5543 having succeeded. Defaults to 3. Minimum 5544 value is 1. 5545 format: int32 5546 type: integer 5547 grpc: 5548 description: GRPC specifies an action involving 5549 a GRPC port. This is a beta field and requires 5550 enabling GRPCContainerProbe feature gate. 5551 properties: 5552 port: 5553 description: Port number of the gRPC service. 5554 Number must be in the range 1 to 65535. 5555 format: int32 5556 type: integer 5557 service: 5558 description: "Service is the name of the 5559 service to place in the gRPC HealthCheckRequest 5560 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5561 \n If this is not specified, the default 5562 behavior is defined by gRPC." 5563 type: string 5564 required: 5565 - port 5566 type: object 5567 httpGet: 5568 description: HTTPGet specifies the http request 5569 to perform. 5570 properties: 5571 host: 5572 description: Host name to connect to, 5573 defaults to the pod IP. You probably 5574 want to set "Host" in httpHeaders instead. 5575 type: string 5576 httpHeaders: 5577 description: Custom headers to set in 5578 the request. HTTP allows repeated headers. 5579 items: 5580 description: HTTPHeader describes a 5581 custom header to be used in HTTP probes 5582 properties: 5583 name: 5584 description: The header field name 5585 type: string 5586 value: 5587 description: The header field value 5588 type: string 5589 required: 5590 - name 5591 - value 5592 type: object 5593 type: array 5594 path: 5595 description: Path to access on the HTTP 5596 server. 5597 type: string 5598 port: 5599 anyOf: 5600 - type: integer 5601 - type: string 5602 description: Name or number of the port 5603 to access on the container. Number must 5604 be in the range 1 to 65535. Name must 5605 be an IANA_SVC_NAME. 5606 x-kubernetes-int-or-string: true 5607 scheme: 5608 description: Scheme to use for connecting 5609 to the host. Defaults to HTTP. 5610 type: string 5611 required: 5612 - port 5613 type: object 5614 initialDelaySeconds: 5615 description: 'Number of seconds after the 5616 container has started before liveness probes 5617 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5618 format: int32 5619 type: integer 5620 periodSeconds: 5621 description: How often (in seconds) to perform 5622 the probe. Default to 10 seconds. Minimum 5623 value is 1. 5624 format: int32 5625 type: integer 5626 successThreshold: 5627 description: Minimum consecutive successes 5628 for the probe to be considered successful 5629 after having failed. Defaults to 1. Must 5630 be 1 for liveness and startup. Minimum value 5631 is 1. 5632 format: int32 5633 type: integer 5634 tcpSocket: 5635 description: TCPSocket specifies an action 5636 involving a TCP port. 5637 properties: 5638 host: 5639 description: 'Optional: Host name to connect 5640 to, defaults to the pod IP.' 5641 type: string 5642 port: 5643 anyOf: 5644 - type: integer 5645 - type: string 5646 description: Number or name of the port 5647 to access on the container. Number must 5648 be in the range 1 to 65535. Name must 5649 be an IANA_SVC_NAME. 5650 x-kubernetes-int-or-string: true 5651 required: 5652 - port 5653 type: object 5654 terminationGracePeriodSeconds: 5655 description: Optional duration in seconds 5656 the pod needs to terminate gracefully upon 5657 probe failure. The grace period is the duration 5658 in seconds after the processes running in 5659 the pod are sent a termination signal and 5660 the time when the processes are forcibly 5661 halted with a kill signal. Set this value 5662 longer than the expected cleanup time for 5663 your process. If this value is nil, the 5664 pod's terminationGracePeriodSeconds will 5665 be used. Otherwise, this value overrides 5666 the value provided by the pod spec. Value 5667 must be non-negative integer. The value 5668 zero indicates stop immediately via the 5669 kill signal (no opportunity to shut down). 5670 This is a beta field and requires enabling 5671 ProbeTerminationGracePeriod feature gate. 5672 Minimum value is 1. spec.terminationGracePeriodSeconds 5673 is used if unset. 5674 format: int64 5675 type: integer 5676 timeoutSeconds: 5677 description: 'Number of seconds after which 5678 the probe times out. Defaults to 1 second. 5679 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5680 format: int32 5681 type: integer 5682 type: object 5683 stdin: 5684 description: Whether this container should allocate 5685 a buffer for stdin in the container runtime. 5686 If this is not set, reads from stdin in the 5687 container will always result in EOF. Default 5688 is false. 5689 type: boolean 5690 stdinOnce: 5691 description: Whether the container runtime should 5692 close the stdin channel after it has been opened 5693 by a single attach. When stdin is true the stdin 5694 stream will remain open across multiple attach 5695 sessions. If stdinOnce is set to true, stdin 5696 is opened on container start, is empty until 5697 the first client attaches to stdin, and then 5698 remains open and accepts data until the client 5699 disconnects, at which time stdin is closed and 5700 remains closed until the container is restarted. 5701 If this flag is false, a container processes 5702 that reads from stdin will never receive an 5703 EOF. Default is false 5704 type: boolean 5705 targetContainerName: 5706 description: "If set, the name of the container 5707 from PodSpec that this ephemeral container targets. 5708 The ephemeral container will be run in the namespaces 5709 (IPC, PID, etc) of this container. If not set 5710 then the ephemeral container uses the namespaces 5711 configured in the Pod spec. \n The container 5712 runtime must implement support for this feature. 5713 If the runtime does not support namespace targeting 5714 then the result of setting this field is undefined." 5715 type: string 5716 terminationMessagePath: 5717 description: 'Optional: Path at which the file 5718 to which the container''s termination message 5719 will be written is mounted into the container''s 5720 filesystem. Message written is intended to be 5721 brief final status, such as an assertion failure 5722 message. Will be truncated by the node if greater 5723 than 4096 bytes. The total message length across 5724 all containers will be limited to 12kb. Defaults 5725 to /dev/termination-log. Cannot be updated.' 5726 type: string 5727 terminationMessagePolicy: 5728 description: Indicate how the termination message 5729 should be populated. File will use the contents 5730 of terminationMessagePath to populate the container 5731 status message on both success and failure. 5732 FallbackToLogsOnError will use the last chunk 5733 of container log output if the termination message 5734 file is empty and the container exited with 5735 an error. The log output is limited to 2048 5736 bytes or 80 lines, whichever is smaller. Defaults 5737 to File. Cannot be updated. 5738 type: string 5739 tty: 5740 description: Whether this container should allocate 5741 a TTY for itself, also requires 'stdin' to be 5742 true. Default is false. 5743 type: boolean 5744 volumeDevices: 5745 description: volumeDevices is the list of block 5746 devices to be used by the container. 5747 items: 5748 description: volumeDevice describes a mapping 5749 of a raw block device within a container. 5750 properties: 5751 devicePath: 5752 description: devicePath is the path inside 5753 of the container that the device will 5754 be mapped to. 5755 type: string 5756 name: 5757 description: name must match the name of 5758 a persistentVolumeClaim in the pod 5759 type: string 5760 required: 5761 - devicePath 5762 - name 5763 type: object 5764 type: array 5765 volumeMounts: 5766 description: Pod volumes to mount into the container's 5767 filesystem. Subpath mounts are not allowed for 5768 ephemeral containers. Cannot be updated. 5769 items: 5770 description: VolumeMount describes a mounting 5771 of a Volume within a container. 5772 properties: 5773 mountPath: 5774 description: Path within the container at 5775 which the volume should be mounted. Must 5776 not contain ':'. 5777 type: string 5778 mountPropagation: 5779 description: mountPropagation determines 5780 how mounts are propagated from the host 5781 to container and the other way around. 5782 When not set, MountPropagationNone is 5783 used. This field is beta in 1.10. 5784 type: string 5785 name: 5786 description: This must match the Name of 5787 a Volume. 5788 type: string 5789 readOnly: 5790 description: Mounted read-only if true, 5791 read-write otherwise (false or unspecified). 5792 Defaults to false. 5793 type: boolean 5794 subPath: 5795 description: Path within the volume from 5796 which the container's volume should be 5797 mounted. Defaults to "" (volume's root). 5798 type: string 5799 subPathExpr: 5800 description: Expanded path within the volume 5801 from which the container's volume should 5802 be mounted. Behaves similarly to SubPath 5803 but environment variable references $(VAR_NAME) 5804 are expanded using the container's environment. 5805 Defaults to "" (volume's root). SubPathExpr 5806 and SubPath are mutually exclusive. 5807 type: string 5808 required: 5809 - mountPath 5810 - name 5811 type: object 5812 type: array 5813 workingDir: 5814 description: Container's working directory. If 5815 not specified, the container runtime's default 5816 will be used, which might be configured in the 5817 container image. Cannot be updated. 5818 type: string 5819 required: 5820 - name 5821 type: object 5822 type: array 5823 hostAliases: 5824 description: HostAliases is an optional list of hosts 5825 and IPs that will be injected into the pod's hosts 5826 file if specified. This is only valid for non-hostNetwork 5827 pods. 5828 items: 5829 description: HostAlias holds the mapping between IP 5830 and hostnames that will be injected as an entry 5831 in the pod's hosts file. 5832 properties: 5833 hostnames: 5834 description: Hostnames for the above IP address. 5835 items: 5836 type: string 5837 type: array 5838 ip: 5839 description: IP address of the host file entry. 5840 type: string 5841 type: object 5842 type: array 5843 hostIPC: 5844 description: 'Use the host''s ipc namespace. Optional: 5845 Default to false.' 5846 type: boolean 5847 hostNetwork: 5848 description: Host networking requested for this pod. 5849 Use the host's network namespace. If this option is 5850 set, the ports that will be used must be specified. 5851 Default to false. 5852 type: boolean 5853 hostPID: 5854 description: 'Use the host''s pid namespace. Optional: 5855 Default to false.' 5856 type: boolean 5857 hostUsers: 5858 description: 'Use the host''s user namespace. Optional: 5859 Default to true. If set to true or not present, the 5860 pod will be run in the host user namespace, useful 5861 for when the pod needs a feature only available to 5862 the host user namespace, such as loading a kernel 5863 module with CAP_SYS_MODULE. When set to false, a new 5864 userns is created for the pod. Setting false is useful 5865 for mitigating container breakout vulnerabilities 5866 even allowing users to run their containers as root 5867 without actually having root privileges on the host. 5868 This field is alpha-level and is only honored by servers 5869 that enable the UserNamespacesSupport feature.' 5870 type: boolean 5871 hostname: 5872 description: Specifies the hostname of the Pod If not 5873 specified, the pod's hostname will be set to a system-defined 5874 value. 5875 type: string 5876 imagePullSecrets: 5877 description: 'ImagePullSecrets is an optional list of 5878 references to secrets in the same namespace to use 5879 for pulling any of the images used by this PodSpec. 5880 If specified, these secrets will be passed to individual 5881 puller implementations for them to use. More info: 5882 https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 5883 items: 5884 description: LocalObjectReference contains enough 5885 information to let you locate the referenced object 5886 inside the same namespace. 5887 properties: 5888 name: 5889 description: 'Name of the referent. More info: 5890 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5891 TODO: Add other useful fields. apiVersion, kind, 5892 uid?' 5893 type: string 5894 type: object 5895 type: array 5896 initContainers: 5897 description: 'List of initialization containers belonging 5898 to the pod. Init containers are executed in order 5899 prior to containers being started. If any init container 5900 fails, the pod is considered to have failed and is 5901 handled according to its restartPolicy. The name for 5902 an init container or normal container must be unique 5903 among all containers. Init containers may not have 5904 Lifecycle actions, Readiness probes, Liveness probes, 5905 or Startup probes. The resourceRequirements of an 5906 init container are taken into account during scheduling 5907 by finding the highest request/limit for each resource 5908 type, and then using the max of of that value or the 5909 sum of the normal containers. Limits are applied to 5910 init containers in a similar fashion. Init containers 5911 cannot currently be added or removed. Cannot be updated. 5912 More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' 5913 items: 5914 description: A single application container that you 5915 want to run within a pod. 5916 properties: 5917 args: 5918 description: 'Arguments to the entrypoint. The 5919 container image''s CMD is used if this is not 5920 provided. Variable references $(VAR_NAME) are 5921 expanded using the container''s environment. 5922 If a variable cannot be resolved, the reference 5923 in the input string will be unchanged. Double 5924 $$ are reduced to a single $, which allows for 5925 escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 5926 will produce the string literal "$(VAR_NAME)". 5927 Escaped references will never be expanded, regardless 5928 of whether the variable exists or not. Cannot 5929 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 5930 items: 5931 type: string 5932 type: array 5933 command: 5934 description: 'Entrypoint array. Not executed within 5935 a shell. The container image''s ENTRYPOINT is 5936 used if this is not provided. Variable references 5937 $(VAR_NAME) are expanded using the container''s 5938 environment. If a variable cannot be resolved, 5939 the reference in the input string will be unchanged. 5940 Double $$ are reduced to a single $, which allows 5941 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 5942 will produce the string literal "$(VAR_NAME)". 5943 Escaped references will never be expanded, regardless 5944 of whether the variable exists or not. Cannot 5945 be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 5946 items: 5947 type: string 5948 type: array 5949 env: 5950 description: List of environment variables to 5951 set in the container. Cannot be updated. 5952 items: 5953 description: EnvVar represents an environment 5954 variable present in a Container. 5955 properties: 5956 name: 5957 description: Name of the environment variable. 5958 Must be a C_IDENTIFIER. 5959 type: string 5960 value: 5961 description: 'Variable references $(VAR_NAME) 5962 are expanded using the previously defined 5963 environment variables in the container 5964 and any service environment variables. 5965 If a variable cannot be resolved, the 5966 reference in the input string will be 5967 unchanged. Double $$ are reduced to a 5968 single $, which allows for escaping the 5969 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 5970 will produce the string literal "$(VAR_NAME)". 5971 Escaped references will never be expanded, 5972 regardless of whether the variable exists 5973 or not. Defaults to "".' 5974 type: string 5975 valueFrom: 5976 description: Source for the environment 5977 variable's value. Cannot be used if value 5978 is not empty. 5979 properties: 5980 configMapKeyRef: 5981 description: Selects a key of a ConfigMap. 5982 properties: 5983 key: 5984 description: The key to select. 5985 type: string 5986 name: 5987 description: 'Name of the referent. 5988 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5989 TODO: Add other useful fields. 5990 apiVersion, kind, uid?' 5991 type: string 5992 optional: 5993 description: Specify whether the 5994 ConfigMap or its key must be defined 5995 type: boolean 5996 required: 5997 - key 5998 type: object 5999 fieldRef: 6000 description: 'Selects a field of the 6001 pod: supports metadata.name, metadata.namespace, 6002 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 6003 spec.nodeName, spec.serviceAccountName, 6004 status.hostIP, status.podIP, status.podIPs.' 6005 properties: 6006 apiVersion: 6007 description: Version of the schema 6008 the FieldPath is written in terms 6009 of, defaults to "v1". 6010 type: string 6011 fieldPath: 6012 description: Path of the field to 6013 select in the specified API version. 6014 type: string 6015 required: 6016 - fieldPath 6017 type: object 6018 resourceFieldRef: 6019 description: 'Selects a resource of 6020 the container: only resources limits 6021 and requests (limits.cpu, limits.memory, 6022 limits.ephemeral-storage, requests.cpu, 6023 requests.memory and requests.ephemeral-storage) 6024 are currently supported.' 6025 properties: 6026 containerName: 6027 description: 'Container name: required 6028 for volumes, optional for env 6029 vars' 6030 type: string 6031 divisor: 6032 anyOf: 6033 - type: integer 6034 - type: string 6035 description: Specifies the output 6036 format of the exposed resources, 6037 defaults to "1" 6038 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6039 x-kubernetes-int-or-string: true 6040 resource: 6041 description: 'Required: resource 6042 to select' 6043 type: string 6044 required: 6045 - resource 6046 type: object 6047 secretKeyRef: 6048 description: Selects a key of a secret 6049 in the pod's namespace 6050 properties: 6051 key: 6052 description: The key of the secret 6053 to select from. Must be a valid 6054 secret key. 6055 type: string 6056 name: 6057 description: 'Name of the referent. 6058 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6059 TODO: Add other useful fields. 6060 apiVersion, kind, uid?' 6061 type: string 6062 optional: 6063 description: Specify whether the 6064 Secret or its key must be defined 6065 type: boolean 6066 required: 6067 - key 6068 type: object 6069 type: object 6070 required: 6071 - name 6072 type: object 6073 type: array 6074 envFrom: 6075 description: List of sources to populate environment 6076 variables in the container. The keys defined 6077 within a source must be a C_IDENTIFIER. All 6078 invalid keys will be reported as an event when 6079 the container is starting. When a key exists 6080 in multiple sources, the value associated with 6081 the last source will take precedence. Values 6082 defined by an Env with a duplicate key will 6083 take precedence. Cannot be updated. 6084 items: 6085 description: EnvFromSource represents the source 6086 of a set of ConfigMaps 6087 properties: 6088 configMapRef: 6089 description: The ConfigMap to select from 6090 properties: 6091 name: 6092 description: 'Name of the referent. 6093 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6094 TODO: Add other useful fields. apiVersion, 6095 kind, uid?' 6096 type: string 6097 optional: 6098 description: Specify whether the ConfigMap 6099 must be defined 6100 type: boolean 6101 type: object 6102 prefix: 6103 description: An optional identifier to prepend 6104 to each key in the ConfigMap. Must be 6105 a C_IDENTIFIER. 6106 type: string 6107 secretRef: 6108 description: The Secret to select from 6109 properties: 6110 name: 6111 description: 'Name of the referent. 6112 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6113 TODO: Add other useful fields. apiVersion, 6114 kind, uid?' 6115 type: string 6116 optional: 6117 description: Specify whether the Secret 6118 must be defined 6119 type: boolean 6120 type: object 6121 type: object 6122 type: array 6123 image: 6124 description: 'Container image name. More info: 6125 https://kubernetes.io/docs/concepts/containers/images 6126 This field is optional to allow higher level 6127 config management to default or override container 6128 images in workload controllers like Deployments 6129 and StatefulSets.' 6130 type: string 6131 imagePullPolicy: 6132 description: 'Image pull policy. One of Always, 6133 Never, IfNotPresent. Defaults to Always if :latest 6134 tag is specified, or IfNotPresent otherwise. 6135 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 6136 type: string 6137 lifecycle: 6138 description: Actions that the management system 6139 should take in response to container lifecycle 6140 events. Cannot be updated. 6141 properties: 6142 postStart: 6143 description: 'PostStart is called immediately 6144 after a container is created. If the handler 6145 fails, the container is terminated and restarted 6146 according to its restart policy. Other management 6147 of the container blocks until the hook completes. 6148 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 6149 properties: 6150 exec: 6151 description: Exec specifies the action 6152 to take. 6153 properties: 6154 command: 6155 description: Command is the command 6156 line to execute inside the container, 6157 the working directory for the command is 6158 root ('/') in the container's filesystem. 6159 The command is simply exec'd, it 6160 is not run inside a shell, so traditional 6161 shell instructions ('|', etc) won't 6162 work. To use a shell, you need to 6163 explicitly call out to that shell. 6164 Exit status of 0 is treated as live/healthy 6165 and non-zero is unhealthy. 6166 items: 6167 type: string 6168 type: array 6169 type: object 6170 httpGet: 6171 description: HTTPGet specifies the http 6172 request to perform. 6173 properties: 6174 host: 6175 description: Host name to connect 6176 to, defaults to the pod IP. You 6177 probably want to set "Host" in httpHeaders 6178 instead. 6179 type: string 6180 httpHeaders: 6181 description: Custom headers to set 6182 in the request. HTTP allows repeated 6183 headers. 6184 items: 6185 description: HTTPHeader describes 6186 a custom header to be used in 6187 HTTP probes 6188 properties: 6189 name: 6190 description: The header field 6191 name 6192 type: string 6193 value: 6194 description: The header field 6195 value 6196 type: string 6197 required: 6198 - name 6199 - value 6200 type: object 6201 type: array 6202 path: 6203 description: Path to access on the 6204 HTTP server. 6205 type: string 6206 port: 6207 anyOf: 6208 - type: integer 6209 - type: string 6210 description: Name or number of the 6211 port to access on the container. 6212 Number must be in the range 1 to 6213 65535. Name must be an IANA_SVC_NAME. 6214 x-kubernetes-int-or-string: true 6215 scheme: 6216 description: Scheme to use for connecting 6217 to the host. Defaults to HTTP. 6218 type: string 6219 required: 6220 - port 6221 type: object 6222 tcpSocket: 6223 description: Deprecated. TCPSocket is 6224 NOT supported as a LifecycleHandler 6225 and kept for the backward compatibility. 6226 There are no validation of this field 6227 and lifecycle hooks will fail in runtime 6228 when tcp handler is specified. 6229 properties: 6230 host: 6231 description: 'Optional: Host name 6232 to connect to, defaults to the pod 6233 IP.' 6234 type: string 6235 port: 6236 anyOf: 6237 - type: integer 6238 - type: string 6239 description: Number or name of the 6240 port to access on the container. 6241 Number must be in the range 1 to 6242 65535. Name must be an IANA_SVC_NAME. 6243 x-kubernetes-int-or-string: true 6244 required: 6245 - port 6246 type: object 6247 type: object 6248 preStop: 6249 description: 'PreStop is called immediately 6250 before a container is terminated due to 6251 an API request or management event such 6252 as liveness/startup probe failure, preemption, 6253 resource contention, etc. The handler is 6254 not called if the container crashes or exits. 6255 The Pod''s termination grace period countdown 6256 begins before the PreStop hook is executed. 6257 Regardless of the outcome of the handler, 6258 the container will eventually terminate 6259 within the Pod''s termination grace period 6260 (unless delayed by finalizers). Other management 6261 of the container blocks until the hook completes 6262 or until the termination grace period is 6263 reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 6264 properties: 6265 exec: 6266 description: Exec specifies the action 6267 to take. 6268 properties: 6269 command: 6270 description: Command is the command 6271 line to execute inside the container, 6272 the working directory for the command is 6273 root ('/') in the container's filesystem. 6274 The command is simply exec'd, it 6275 is not run inside a shell, so traditional 6276 shell instructions ('|', etc) won't 6277 work. To use a shell, you need to 6278 explicitly call out to that shell. 6279 Exit status of 0 is treated as live/healthy 6280 and non-zero is unhealthy. 6281 items: 6282 type: string 6283 type: array 6284 type: object 6285 httpGet: 6286 description: HTTPGet specifies the http 6287 request to perform. 6288 properties: 6289 host: 6290 description: Host name to connect 6291 to, defaults to the pod IP. You 6292 probably want to set "Host" in httpHeaders 6293 instead. 6294 type: string 6295 httpHeaders: 6296 description: Custom headers to set 6297 in the request. HTTP allows repeated 6298 headers. 6299 items: 6300 description: HTTPHeader describes 6301 a custom header to be used in 6302 HTTP probes 6303 properties: 6304 name: 6305 description: The header field 6306 name 6307 type: string 6308 value: 6309 description: The header field 6310 value 6311 type: string 6312 required: 6313 - name 6314 - value 6315 type: object 6316 type: array 6317 path: 6318 description: Path to access on the 6319 HTTP server. 6320 type: string 6321 port: 6322 anyOf: 6323 - type: integer 6324 - type: string 6325 description: Name or number of the 6326 port to access on the container. 6327 Number must be in the range 1 to 6328 65535. Name must be an IANA_SVC_NAME. 6329 x-kubernetes-int-or-string: true 6330 scheme: 6331 description: Scheme to use for connecting 6332 to the host. Defaults to HTTP. 6333 type: string 6334 required: 6335 - port 6336 type: object 6337 tcpSocket: 6338 description: Deprecated. TCPSocket is 6339 NOT supported as a LifecycleHandler 6340 and kept for the backward compatibility. 6341 There are no validation of this field 6342 and lifecycle hooks will fail in runtime 6343 when tcp handler is specified. 6344 properties: 6345 host: 6346 description: 'Optional: Host name 6347 to connect to, defaults to the pod 6348 IP.' 6349 type: string 6350 port: 6351 anyOf: 6352 - type: integer 6353 - type: string 6354 description: Number or name of the 6355 port to access on the container. 6356 Number must be in the range 1 to 6357 65535. Name must be an IANA_SVC_NAME. 6358 x-kubernetes-int-or-string: true 6359 required: 6360 - port 6361 type: object 6362 type: object 6363 type: object 6364 livenessProbe: 6365 description: 'Periodic probe of container liveness. 6366 Container will be restarted if the probe fails. 6367 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6368 properties: 6369 exec: 6370 description: Exec specifies the action to 6371 take. 6372 properties: 6373 command: 6374 description: Command is the command line 6375 to execute inside the container, the 6376 working directory for the command is 6377 root ('/') in the container's filesystem. 6378 The command is simply exec'd, it is 6379 not run inside a shell, so traditional 6380 shell instructions ('|', etc) won't 6381 work. To use a shell, you need to explicitly 6382 call out to that shell. Exit status 6383 of 0 is treated as live/healthy and 6384 non-zero is unhealthy. 6385 items: 6386 type: string 6387 type: array 6388 type: object 6389 failureThreshold: 6390 description: Minimum consecutive failures 6391 for the probe to be considered failed after 6392 having succeeded. Defaults to 3. Minimum 6393 value is 1. 6394 format: int32 6395 type: integer 6396 grpc: 6397 description: GRPC specifies an action involving 6398 a GRPC port. This is a beta field and requires 6399 enabling GRPCContainerProbe feature gate. 6400 properties: 6401 port: 6402 description: Port number of the gRPC service. 6403 Number must be in the range 1 to 65535. 6404 format: int32 6405 type: integer 6406 service: 6407 description: "Service is the name of the 6408 service to place in the gRPC HealthCheckRequest 6409 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 6410 \n If this is not specified, the default 6411 behavior is defined by gRPC." 6412 type: string 6413 required: 6414 - port 6415 type: object 6416 httpGet: 6417 description: HTTPGet specifies the http request 6418 to perform. 6419 properties: 6420 host: 6421 description: Host name to connect to, 6422 defaults to the pod IP. You probably 6423 want to set "Host" in httpHeaders instead. 6424 type: string 6425 httpHeaders: 6426 description: Custom headers to set in 6427 the request. HTTP allows repeated headers. 6428 items: 6429 description: HTTPHeader describes a 6430 custom header to be used in HTTP probes 6431 properties: 6432 name: 6433 description: The header field name 6434 type: string 6435 value: 6436 description: The header field value 6437 type: string 6438 required: 6439 - name 6440 - value 6441 type: object 6442 type: array 6443 path: 6444 description: Path to access on the HTTP 6445 server. 6446 type: string 6447 port: 6448 anyOf: 6449 - type: integer 6450 - type: string 6451 description: Name or number of the port 6452 to access on the container. Number must 6453 be in the range 1 to 65535. Name must 6454 be an IANA_SVC_NAME. 6455 x-kubernetes-int-or-string: true 6456 scheme: 6457 description: Scheme to use for connecting 6458 to the host. Defaults to HTTP. 6459 type: string 6460 required: 6461 - port 6462 type: object 6463 initialDelaySeconds: 6464 description: 'Number of seconds after the 6465 container has started before liveness probes 6466 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6467 format: int32 6468 type: integer 6469 periodSeconds: 6470 description: How often (in seconds) to perform 6471 the probe. Default to 10 seconds. Minimum 6472 value is 1. 6473 format: int32 6474 type: integer 6475 successThreshold: 6476 description: Minimum consecutive successes 6477 for the probe to be considered successful 6478 after having failed. Defaults to 1. Must 6479 be 1 for liveness and startup. Minimum value 6480 is 1. 6481 format: int32 6482 type: integer 6483 tcpSocket: 6484 description: TCPSocket specifies an action 6485 involving a TCP port. 6486 properties: 6487 host: 6488 description: 'Optional: Host name to connect 6489 to, defaults to the pod IP.' 6490 type: string 6491 port: 6492 anyOf: 6493 - type: integer 6494 - type: string 6495 description: Number or name of the port 6496 to access on the container. Number must 6497 be in the range 1 to 65535. Name must 6498 be an IANA_SVC_NAME. 6499 x-kubernetes-int-or-string: true 6500 required: 6501 - port 6502 type: object 6503 terminationGracePeriodSeconds: 6504 description: Optional duration in seconds 6505 the pod needs to terminate gracefully upon 6506 probe failure. The grace period is the duration 6507 in seconds after the processes running in 6508 the pod are sent a termination signal and 6509 the time when the processes are forcibly 6510 halted with a kill signal. Set this value 6511 longer than the expected cleanup time for 6512 your process. If this value is nil, the 6513 pod's terminationGracePeriodSeconds will 6514 be used. Otherwise, this value overrides 6515 the value provided by the pod spec. Value 6516 must be non-negative integer. The value 6517 zero indicates stop immediately via the 6518 kill signal (no opportunity to shut down). 6519 This is a beta field and requires enabling 6520 ProbeTerminationGracePeriod feature gate. 6521 Minimum value is 1. spec.terminationGracePeriodSeconds 6522 is used if unset. 6523 format: int64 6524 type: integer 6525 timeoutSeconds: 6526 description: 'Number of seconds after which 6527 the probe times out. Defaults to 1 second. 6528 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6529 format: int32 6530 type: integer 6531 type: object 6532 name: 6533 description: Name of the container specified as 6534 a DNS_LABEL. Each container in a pod must have 6535 a unique name (DNS_LABEL). Cannot be updated. 6536 type: string 6537 ports: 6538 description: List of ports to expose from the 6539 container. Not specifying a port here DOES NOT 6540 prevent that port from being exposed. Any port 6541 which is listening on the default "0.0.0.0" 6542 address inside a container will be accessible 6543 from the network. Modifying this array with 6544 strategic merge patch may corrupt the data. 6545 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 6546 Cannot be updated. 6547 items: 6548 description: ContainerPort represents a network 6549 port in a single container. 6550 properties: 6551 containerPort: 6552 description: Number of port to expose on 6553 the pod's IP address. This must be a valid 6554 port number, 0 < x < 65536. 6555 format: int32 6556 type: integer 6557 hostIP: 6558 description: What host IP to bind the external 6559 port to. 6560 type: string 6561 hostPort: 6562 description: Number of port to expose on 6563 the host. If specified, this must be a 6564 valid port number, 0 < x < 65536. If HostNetwork 6565 is specified, this must match ContainerPort. 6566 Most containers do not need this. 6567 format: int32 6568 type: integer 6569 name: 6570 description: If specified, this must be 6571 an IANA_SVC_NAME and unique within the 6572 pod. Each named port in a pod must have 6573 a unique name. Name for the port that 6574 can be referred to by services. 6575 type: string 6576 protocol: 6577 default: TCP 6578 description: Protocol for port. Must be 6579 UDP, TCP, or SCTP. Defaults to "TCP". 6580 type: string 6581 required: 6582 - containerPort 6583 type: object 6584 type: array 6585 x-kubernetes-list-map-keys: 6586 - containerPort 6587 - protocol 6588 x-kubernetes-list-type: map 6589 readinessProbe: 6590 description: 'Periodic probe of container service 6591 readiness. Container will be removed from service 6592 endpoints if the probe fails. Cannot be updated. 6593 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6594 properties: 6595 exec: 6596 description: Exec specifies the action to 6597 take. 6598 properties: 6599 command: 6600 description: Command is the command line 6601 to execute inside the container, the 6602 working directory for the command is 6603 root ('/') in the container's filesystem. 6604 The command is simply exec'd, it is 6605 not run inside a shell, so traditional 6606 shell instructions ('|', etc) won't 6607 work. To use a shell, you need to explicitly 6608 call out to that shell. Exit status 6609 of 0 is treated as live/healthy and 6610 non-zero is unhealthy. 6611 items: 6612 type: string 6613 type: array 6614 type: object 6615 failureThreshold: 6616 description: Minimum consecutive failures 6617 for the probe to be considered failed after 6618 having succeeded. Defaults to 3. Minimum 6619 value is 1. 6620 format: int32 6621 type: integer 6622 grpc: 6623 description: GRPC specifies an action involving 6624 a GRPC port. This is a beta field and requires 6625 enabling GRPCContainerProbe feature gate. 6626 properties: 6627 port: 6628 description: Port number of the gRPC service. 6629 Number must be in the range 1 to 65535. 6630 format: int32 6631 type: integer 6632 service: 6633 description: "Service is the name of the 6634 service to place in the gRPC HealthCheckRequest 6635 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 6636 \n If this is not specified, the default 6637 behavior is defined by gRPC." 6638 type: string 6639 required: 6640 - port 6641 type: object 6642 httpGet: 6643 description: HTTPGet specifies the http request 6644 to perform. 6645 properties: 6646 host: 6647 description: Host name to connect to, 6648 defaults to the pod IP. You probably 6649 want to set "Host" in httpHeaders instead. 6650 type: string 6651 httpHeaders: 6652 description: Custom headers to set in 6653 the request. HTTP allows repeated headers. 6654 items: 6655 description: HTTPHeader describes a 6656 custom header to be used in HTTP probes 6657 properties: 6658 name: 6659 description: The header field name 6660 type: string 6661 value: 6662 description: The header field value 6663 type: string 6664 required: 6665 - name 6666 - value 6667 type: object 6668 type: array 6669 path: 6670 description: Path to access on the HTTP 6671 server. 6672 type: string 6673 port: 6674 anyOf: 6675 - type: integer 6676 - type: string 6677 description: Name or number of the port 6678 to access on the container. Number must 6679 be in the range 1 to 65535. Name must 6680 be an IANA_SVC_NAME. 6681 x-kubernetes-int-or-string: true 6682 scheme: 6683 description: Scheme to use for connecting 6684 to the host. Defaults to HTTP. 6685 type: string 6686 required: 6687 - port 6688 type: object 6689 initialDelaySeconds: 6690 description: 'Number of seconds after the 6691 container has started before liveness probes 6692 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6693 format: int32 6694 type: integer 6695 periodSeconds: 6696 description: How often (in seconds) to perform 6697 the probe. Default to 10 seconds. Minimum 6698 value is 1. 6699 format: int32 6700 type: integer 6701 successThreshold: 6702 description: Minimum consecutive successes 6703 for the probe to be considered successful 6704 after having failed. Defaults to 1. Must 6705 be 1 for liveness and startup. Minimum value 6706 is 1. 6707 format: int32 6708 type: integer 6709 tcpSocket: 6710 description: TCPSocket specifies an action 6711 involving a TCP port. 6712 properties: 6713 host: 6714 description: 'Optional: Host name to connect 6715 to, defaults to the pod IP.' 6716 type: string 6717 port: 6718 anyOf: 6719 - type: integer 6720 - type: string 6721 description: Number or name of the port 6722 to access on the container. Number must 6723 be in the range 1 to 65535. Name must 6724 be an IANA_SVC_NAME. 6725 x-kubernetes-int-or-string: true 6726 required: 6727 - port 6728 type: object 6729 terminationGracePeriodSeconds: 6730 description: Optional duration in seconds 6731 the pod needs to terminate gracefully upon 6732 probe failure. The grace period is the duration 6733 in seconds after the processes running in 6734 the pod are sent a termination signal and 6735 the time when the processes are forcibly 6736 halted with a kill signal. Set this value 6737 longer than the expected cleanup time for 6738 your process. If this value is nil, the 6739 pod's terminationGracePeriodSeconds will 6740 be used. Otherwise, this value overrides 6741 the value provided by the pod spec. Value 6742 must be non-negative integer. The value 6743 zero indicates stop immediately via the 6744 kill signal (no opportunity to shut down). 6745 This is a beta field and requires enabling 6746 ProbeTerminationGracePeriod feature gate. 6747 Minimum value is 1. spec.terminationGracePeriodSeconds 6748 is used if unset. 6749 format: int64 6750 type: integer 6751 timeoutSeconds: 6752 description: 'Number of seconds after which 6753 the probe times out. Defaults to 1 second. 6754 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6755 format: int32 6756 type: integer 6757 type: object 6758 resources: 6759 description: 'Compute Resources required by this 6760 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6761 properties: 6762 claims: 6763 description: "Claims lists the names of resources, 6764 defined in spec.resourceClaims, that are 6765 used by this container. \n This is an alpha 6766 field and requires enabling the DynamicResourceAllocation 6767 feature gate. \n This field is immutable." 6768 items: 6769 description: ResourceClaim references one 6770 entry in PodSpec.ResourceClaims. 6771 properties: 6772 name: 6773 description: Name must match the name 6774 of one entry in pod.spec.resourceClaims 6775 of the Pod where this field is used. 6776 It makes that resource available inside 6777 a container. 6778 type: string 6779 required: 6780 - name 6781 type: object 6782 type: array 6783 x-kubernetes-list-map-keys: 6784 - name 6785 x-kubernetes-list-type: map 6786 limits: 6787 additionalProperties: 6788 anyOf: 6789 - type: integer 6790 - type: string 6791 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6792 x-kubernetes-int-or-string: true 6793 description: 'Limits describes the maximum 6794 amount of compute resources allowed. More 6795 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6796 type: object 6797 requests: 6798 additionalProperties: 6799 anyOf: 6800 - type: integer 6801 - type: string 6802 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6803 x-kubernetes-int-or-string: true 6804 description: 'Requests describes the minimum 6805 amount of compute resources required. If 6806 Requests is omitted for a container, it 6807 defaults to Limits if that is explicitly 6808 specified, otherwise to an implementation-defined 6809 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6810 type: object 6811 type: object 6812 securityContext: 6813 description: 'SecurityContext defines the security 6814 options the container should be run with. If 6815 set, the fields of SecurityContext override 6816 the equivalent fields of PodSecurityContext. 6817 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 6818 properties: 6819 allowPrivilegeEscalation: 6820 description: 'AllowPrivilegeEscalation controls 6821 whether a process can gain more privileges 6822 than its parent process. This bool directly 6823 controls if the no_new_privs flag will be 6824 set on the container process. AllowPrivilegeEscalation 6825 is true always when the container is: 1) 6826 run as Privileged 2) has CAP_SYS_ADMIN Note 6827 that this field cannot be set when spec.os.name 6828 is windows.' 6829 type: boolean 6830 capabilities: 6831 description: The capabilities to add/drop 6832 when running containers. Defaults to the 6833 default set of capabilities granted by the 6834 container runtime. Note that this field 6835 cannot be set when spec.os.name is windows. 6836 properties: 6837 add: 6838 description: Added capabilities 6839 items: 6840 description: Capability represent POSIX 6841 capabilities type 6842 type: string 6843 type: array 6844 drop: 6845 description: Removed capabilities 6846 items: 6847 description: Capability represent POSIX 6848 capabilities type 6849 type: string 6850 type: array 6851 type: object 6852 privileged: 6853 description: Run container in privileged mode. 6854 Processes in privileged containers are essentially 6855 equivalent to root on the host. Defaults 6856 to false. Note that this field cannot be 6857 set when spec.os.name is windows. 6858 type: boolean 6859 procMount: 6860 description: procMount denotes the type of 6861 proc mount to use for the containers. The 6862 default is DefaultProcMount which uses the 6863 container runtime defaults for readonly 6864 paths and masked paths. This requires the 6865 ProcMountType feature flag to be enabled. 6866 Note that this field cannot be set when 6867 spec.os.name is windows. 6868 type: string 6869 readOnlyRootFilesystem: 6870 description: Whether this container has a 6871 read-only root filesystem. Default is false. 6872 Note that this field cannot be set when 6873 spec.os.name is windows. 6874 type: boolean 6875 runAsGroup: 6876 description: The GID to run the entrypoint 6877 of the container process. Uses runtime default 6878 if unset. May also be set in PodSecurityContext. If 6879 set in both SecurityContext and PodSecurityContext, 6880 the value specified in SecurityContext takes 6881 precedence. Note that this field cannot 6882 be set when spec.os.name is windows. 6883 format: int64 6884 type: integer 6885 runAsNonRoot: 6886 description: Indicates that the container 6887 must run as a non-root user. If true, the 6888 Kubelet will validate the image at runtime 6889 to ensure that it does not run as UID 0 6890 (root) and fail to start the container if 6891 it does. If unset or false, no such validation 6892 will be performed. May also be set in PodSecurityContext. If 6893 set in both SecurityContext and PodSecurityContext, 6894 the value specified in SecurityContext takes 6895 precedence. 6896 type: boolean 6897 runAsUser: 6898 description: The UID to run the entrypoint 6899 of the container process. Defaults to user 6900 specified in image metadata if unspecified. 6901 May also be set in PodSecurityContext. If 6902 set in both SecurityContext and PodSecurityContext, 6903 the value specified in SecurityContext takes 6904 precedence. Note that this field cannot 6905 be set when spec.os.name is windows. 6906 format: int64 6907 type: integer 6908 seLinuxOptions: 6909 description: The SELinux context to be applied 6910 to the container. If unspecified, the container 6911 runtime will allocate a random SELinux context 6912 for each container. May also be set in 6913 PodSecurityContext. If set in both SecurityContext 6914 and PodSecurityContext, the value specified 6915 in SecurityContext takes precedence. Note 6916 that this field cannot be set when spec.os.name 6917 is windows. 6918 properties: 6919 level: 6920 description: Level is SELinux level label 6921 that applies to the container. 6922 type: string 6923 role: 6924 description: Role is a SELinux role label 6925 that applies to the container. 6926 type: string 6927 type: 6928 description: Type is a SELinux type label 6929 that applies to the container. 6930 type: string 6931 user: 6932 description: User is a SELinux user label 6933 that applies to the container. 6934 type: string 6935 type: object 6936 seccompProfile: 6937 description: The seccomp options to use by 6938 this container. If seccomp options are provided 6939 at both the pod & container level, the container 6940 options override the pod options. Note that 6941 this field cannot be set when spec.os.name 6942 is windows. 6943 properties: 6944 localhostProfile: 6945 description: localhostProfile indicates 6946 a profile defined in a file on the node 6947 should be used. The profile must be 6948 preconfigured on the node to work. Must 6949 be a descending path, relative to the 6950 kubelet's configured seccomp profile 6951 location. Must only be set if type is 6952 "Localhost". 6953 type: string 6954 type: 6955 description: "type indicates which kind 6956 of seccomp profile will be applied. 6957 Valid options are: \n Localhost - a 6958 profile defined in a file on the node 6959 should be used. RuntimeDefault - the 6960 container runtime default profile should 6961 be used. Unconfined - no profile should 6962 be applied." 6963 type: string 6964 required: 6965 - type 6966 type: object 6967 windowsOptions: 6968 description: The Windows specific settings 6969 applied to all containers. If unspecified, 6970 the options from the PodSecurityContext 6971 will be used. If set in both SecurityContext 6972 and PodSecurityContext, the value specified 6973 in SecurityContext takes precedence. Note 6974 that this field cannot be set when spec.os.name 6975 is linux. 6976 properties: 6977 gmsaCredentialSpec: 6978 description: GMSACredentialSpec is where 6979 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6980 inlines the contents of the GMSA credential 6981 spec named by the GMSACredentialSpecName 6982 field. 6983 type: string 6984 gmsaCredentialSpecName: 6985 description: GMSACredentialSpecName is 6986 the name of the GMSA credential spec 6987 to use. 6988 type: string 6989 hostProcess: 6990 description: HostProcess determines if 6991 a container should be run as a 'Host 6992 Process' container. This field is alpha-level 6993 and will only be honored by components 6994 that enable the WindowsHostProcessContainers 6995 feature flag. Setting this field without 6996 the feature flag will result in errors 6997 when validating the Pod. All of a Pod's 6998 containers must have the same effective 6999 HostProcess value (it is not allowed 7000 to have a mix of HostProcess containers 7001 and non-HostProcess containers). In 7002 addition, if HostProcess is true then 7003 HostNetwork must also be set to true. 7004 type: boolean 7005 runAsUserName: 7006 description: The UserName in Windows to 7007 run the entrypoint of the container 7008 process. Defaults to the user specified 7009 in image metadata if unspecified. May 7010 also be set in PodSecurityContext. If 7011 set in both SecurityContext and PodSecurityContext, 7012 the value specified in SecurityContext 7013 takes precedence. 7014 type: string 7015 type: object 7016 type: object 7017 startupProbe: 7018 description: 'StartupProbe indicates that the 7019 Pod has successfully initialized. If specified, 7020 no other probes are executed until this completes 7021 successfully. If this probe fails, the Pod will 7022 be restarted, just as if the livenessProbe failed. 7023 This can be used to provide different probe 7024 parameters at the beginning of a Pod''s lifecycle, 7025 when it might take a long time to load data 7026 or warm a cache, than during steady-state operation. 7027 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 7028 properties: 7029 exec: 7030 description: Exec specifies the action to 7031 take. 7032 properties: 7033 command: 7034 description: Command is the command line 7035 to execute inside the container, the 7036 working directory for the command is 7037 root ('/') in the container's filesystem. 7038 The command is simply exec'd, it is 7039 not run inside a shell, so traditional 7040 shell instructions ('|', etc) won't 7041 work. To use a shell, you need to explicitly 7042 call out to that shell. Exit status 7043 of 0 is treated as live/healthy and 7044 non-zero is unhealthy. 7045 items: 7046 type: string 7047 type: array 7048 type: object 7049 failureThreshold: 7050 description: Minimum consecutive failures 7051 for the probe to be considered failed after 7052 having succeeded. Defaults to 3. Minimum 7053 value is 1. 7054 format: int32 7055 type: integer 7056 grpc: 7057 description: GRPC specifies an action involving 7058 a GRPC port. This is a beta field and requires 7059 enabling GRPCContainerProbe feature gate. 7060 properties: 7061 port: 7062 description: Port number of the gRPC service. 7063 Number must be in the range 1 to 65535. 7064 format: int32 7065 type: integer 7066 service: 7067 description: "Service is the name of the 7068 service to place in the gRPC HealthCheckRequest 7069 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 7070 \n If this is not specified, the default 7071 behavior is defined by gRPC." 7072 type: string 7073 required: 7074 - port 7075 type: object 7076 httpGet: 7077 description: HTTPGet specifies the http request 7078 to perform. 7079 properties: 7080 host: 7081 description: Host name to connect to, 7082 defaults to the pod IP. You probably 7083 want to set "Host" in httpHeaders instead. 7084 type: string 7085 httpHeaders: 7086 description: Custom headers to set in 7087 the request. HTTP allows repeated headers. 7088 items: 7089 description: HTTPHeader describes a 7090 custom header to be used in HTTP probes 7091 properties: 7092 name: 7093 description: The header field name 7094 type: string 7095 value: 7096 description: The header field value 7097 type: string 7098 required: 7099 - name 7100 - value 7101 type: object 7102 type: array 7103 path: 7104 description: Path to access on the HTTP 7105 server. 7106 type: string 7107 port: 7108 anyOf: 7109 - type: integer 7110 - type: string 7111 description: Name or number of the port 7112 to access on the container. Number must 7113 be in the range 1 to 65535. Name must 7114 be an IANA_SVC_NAME. 7115 x-kubernetes-int-or-string: true 7116 scheme: 7117 description: Scheme to use for connecting 7118 to the host. Defaults to HTTP. 7119 type: string 7120 required: 7121 - port 7122 type: object 7123 initialDelaySeconds: 7124 description: 'Number of seconds after the 7125 container has started before liveness probes 7126 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 7127 format: int32 7128 type: integer 7129 periodSeconds: 7130 description: How often (in seconds) to perform 7131 the probe. Default to 10 seconds. Minimum 7132 value is 1. 7133 format: int32 7134 type: integer 7135 successThreshold: 7136 description: Minimum consecutive successes 7137 for the probe to be considered successful 7138 after having failed. Defaults to 1. Must 7139 be 1 for liveness and startup. Minimum value 7140 is 1. 7141 format: int32 7142 type: integer 7143 tcpSocket: 7144 description: TCPSocket specifies an action 7145 involving a TCP port. 7146 properties: 7147 host: 7148 description: 'Optional: Host name to connect 7149 to, defaults to the pod IP.' 7150 type: string 7151 port: 7152 anyOf: 7153 - type: integer 7154 - type: string 7155 description: Number or name of the port 7156 to access on the container. Number must 7157 be in the range 1 to 65535. Name must 7158 be an IANA_SVC_NAME. 7159 x-kubernetes-int-or-string: true 7160 required: 7161 - port 7162 type: object 7163 terminationGracePeriodSeconds: 7164 description: Optional duration in seconds 7165 the pod needs to terminate gracefully upon 7166 probe failure. The grace period is the duration 7167 in seconds after the processes running in 7168 the pod are sent a termination signal and 7169 the time when the processes are forcibly 7170 halted with a kill signal. Set this value 7171 longer than the expected cleanup time for 7172 your process. If this value is nil, the 7173 pod's terminationGracePeriodSeconds will 7174 be used. Otherwise, this value overrides 7175 the value provided by the pod spec. Value 7176 must be non-negative integer. The value 7177 zero indicates stop immediately via the 7178 kill signal (no opportunity to shut down). 7179 This is a beta field and requires enabling 7180 ProbeTerminationGracePeriod feature gate. 7181 Minimum value is 1. spec.terminationGracePeriodSeconds 7182 is used if unset. 7183 format: int64 7184 type: integer 7185 timeoutSeconds: 7186 description: 'Number of seconds after which 7187 the probe times out. Defaults to 1 second. 7188 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 7189 format: int32 7190 type: integer 7191 type: object 7192 stdin: 7193 description: Whether this container should allocate 7194 a buffer for stdin in the container runtime. 7195 If this is not set, reads from stdin in the 7196 container will always result in EOF. Default 7197 is false. 7198 type: boolean 7199 stdinOnce: 7200 description: Whether the container runtime should 7201 close the stdin channel after it has been opened 7202 by a single attach. When stdin is true the stdin 7203 stream will remain open across multiple attach 7204 sessions. If stdinOnce is set to true, stdin 7205 is opened on container start, is empty until 7206 the first client attaches to stdin, and then 7207 remains open and accepts data until the client 7208 disconnects, at which time stdin is closed and 7209 remains closed until the container is restarted. 7210 If this flag is false, a container processes 7211 that reads from stdin will never receive an 7212 EOF. Default is false 7213 type: boolean 7214 terminationMessagePath: 7215 description: 'Optional: Path at which the file 7216 to which the container''s termination message 7217 will be written is mounted into the container''s 7218 filesystem. Message written is intended to be 7219 brief final status, such as an assertion failure 7220 message. Will be truncated by the node if greater 7221 than 4096 bytes. The total message length across 7222 all containers will be limited to 12kb. Defaults 7223 to /dev/termination-log. Cannot be updated.' 7224 type: string 7225 terminationMessagePolicy: 7226 description: Indicate how the termination message 7227 should be populated. File will use the contents 7228 of terminationMessagePath to populate the container 7229 status message on both success and failure. 7230 FallbackToLogsOnError will use the last chunk 7231 of container log output if the termination message 7232 file is empty and the container exited with 7233 an error. The log output is limited to 2048 7234 bytes or 80 lines, whichever is smaller. Defaults 7235 to File. Cannot be updated. 7236 type: string 7237 tty: 7238 description: Whether this container should allocate 7239 a TTY for itself, also requires 'stdin' to be 7240 true. Default is false. 7241 type: boolean 7242 volumeDevices: 7243 description: volumeDevices is the list of block 7244 devices to be used by the container. 7245 items: 7246 description: volumeDevice describes a mapping 7247 of a raw block device within a container. 7248 properties: 7249 devicePath: 7250 description: devicePath is the path inside 7251 of the container that the device will 7252 be mapped to. 7253 type: string 7254 name: 7255 description: name must match the name of 7256 a persistentVolumeClaim in the pod 7257 type: string 7258 required: 7259 - devicePath 7260 - name 7261 type: object 7262 type: array 7263 volumeMounts: 7264 description: Pod volumes to mount into the container's 7265 filesystem. Cannot be updated. 7266 items: 7267 description: VolumeMount describes a mounting 7268 of a Volume within a container. 7269 properties: 7270 mountPath: 7271 description: Path within the container at 7272 which the volume should be mounted. Must 7273 not contain ':'. 7274 type: string 7275 mountPropagation: 7276 description: mountPropagation determines 7277 how mounts are propagated from the host 7278 to container and the other way around. 7279 When not set, MountPropagationNone is 7280 used. This field is beta in 1.10. 7281 type: string 7282 name: 7283 description: This must match the Name of 7284 a Volume. 7285 type: string 7286 readOnly: 7287 description: Mounted read-only if true, 7288 read-write otherwise (false or unspecified). 7289 Defaults to false. 7290 type: boolean 7291 subPath: 7292 description: Path within the volume from 7293 which the container's volume should be 7294 mounted. Defaults to "" (volume's root). 7295 type: string 7296 subPathExpr: 7297 description: Expanded path within the volume 7298 from which the container's volume should 7299 be mounted. Behaves similarly to SubPath 7300 but environment variable references $(VAR_NAME) 7301 are expanded using the container's environment. 7302 Defaults to "" (volume's root). SubPathExpr 7303 and SubPath are mutually exclusive. 7304 type: string 7305 required: 7306 - mountPath 7307 - name 7308 type: object 7309 type: array 7310 workingDir: 7311 description: Container's working directory. If 7312 not specified, the container runtime's default 7313 will be used, which might be configured in the 7314 container image. Cannot be updated. 7315 type: string 7316 required: 7317 - name 7318 type: object 7319 type: array 7320 nodeName: 7321 description: NodeName is a request to schedule this 7322 pod onto a specific node. If it is non-empty, the 7323 scheduler simply schedules this pod onto that node, 7324 assuming that it fits resource requirements. 7325 type: string 7326 nodeSelector: 7327 additionalProperties: 7328 type: string 7329 description: 'NodeSelector is a selector which must 7330 be true for the pod to fit on a node. Selector which 7331 must match a node''s labels for the pod to be scheduled 7332 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 7333 type: object 7334 x-kubernetes-map-type: atomic 7335 os: 7336 description: "Specifies the OS of the containers in 7337 the pod. Some pod and container fields are restricted 7338 if this is set. \n If the OS field is set to linux, 7339 the following fields must be unset: -securityContext.windowsOptions 7340 \n If the OS field is set to windows, following fields 7341 must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers 7342 - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile 7343 - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy 7344 - spec.securityContext.sysctls - spec.shareProcessNamespace 7345 - spec.securityContext.runAsUser - spec.securityContext.runAsGroup 7346 - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions 7347 - spec.containers[*].securityContext.seccompProfile 7348 - spec.containers[*].securityContext.capabilities 7349 - spec.containers[*].securityContext.readOnlyRootFilesystem 7350 - spec.containers[*].securityContext.privileged - 7351 spec.containers[*].securityContext.allowPrivilegeEscalation 7352 - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser 7353 - spec.containers[*].securityContext.runAsGroup" 7354 properties: 7355 name: 7356 description: 'Name is the name of the operating 7357 system. The currently supported values are linux 7358 and windows. Additional value may be defined in 7359 future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration 7360 Clients should expect to handle additional values 7361 and treat unrecognized values in this field as 7362 os: null' 7363 type: string 7364 required: 7365 - name 7366 type: object 7367 overhead: 7368 additionalProperties: 7369 anyOf: 7370 - type: integer 7371 - type: string 7372 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7373 x-kubernetes-int-or-string: true 7374 description: 'Overhead represents the resource overhead 7375 associated with running a pod for a given RuntimeClass. 7376 This field will be autopopulated at admission time 7377 by the RuntimeClass admission controller. If the RuntimeClass 7378 admission controller is enabled, overhead must not 7379 be set in Pod create requests. The RuntimeClass admission 7380 controller will reject Pod create requests which have 7381 the overhead already set. If RuntimeClass is configured 7382 and selected in the PodSpec, Overhead will be set 7383 to the value defined in the corresponding RuntimeClass, 7384 otherwise it will remain unset and treated as zero. 7385 More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' 7386 type: object 7387 preemptionPolicy: 7388 description: PreemptionPolicy is the Policy for preempting 7389 pods with lower priority. One of Never, PreemptLowerPriority. 7390 Defaults to PreemptLowerPriority if unset. 7391 type: string 7392 priority: 7393 description: The priority value. Various system components 7394 use this field to find the priority of the pod. When 7395 Priority Admission Controller is enabled, it prevents 7396 users from setting this field. The admission controller 7397 populates this field from PriorityClassName. The higher 7398 the value, the higher the priority. 7399 format: int32 7400 type: integer 7401 priorityClassName: 7402 description: If specified, indicates the pod's priority. 7403 "system-node-critical" and "system-cluster-critical" 7404 are two special keywords which indicate the highest 7405 priorities with the former being the highest priority. 7406 Any other name must be defined by creating a PriorityClass 7407 object with that name. If not specified, the pod priority 7408 will be default or zero if there is no default. 7409 type: string 7410 readinessGates: 7411 description: 'If specified, all readiness gates will 7412 be evaluated for pod readiness. A pod is ready when 7413 all its containers are ready AND all conditions specified 7414 in the readiness gates have status equal to "True" 7415 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' 7416 items: 7417 description: PodReadinessGate contains the reference 7418 to a pod condition 7419 properties: 7420 conditionType: 7421 description: ConditionType refers to a condition 7422 in the pod's condition list with matching type. 7423 type: string 7424 required: 7425 - conditionType 7426 type: object 7427 type: array 7428 resourceClaims: 7429 description: "ResourceClaims defines which ResourceClaims 7430 must be allocated and reserved before the Pod is allowed 7431 to start. The resources will be made available to 7432 those containers which consume them by name. \n This 7433 is an alpha field and requires enabling the DynamicResourceAllocation 7434 feature gate. \n This field is immutable." 7435 items: 7436 description: PodResourceClaim references exactly one 7437 ResourceClaim through a ClaimSource. It adds a name 7438 to it that uniquely identifies the ResourceClaim 7439 inside the Pod. Containers that need access to the 7440 ResourceClaim reference it with this name. 7441 properties: 7442 name: 7443 description: Name uniquely identifies this resource 7444 claim inside the pod. This must be a DNS_LABEL. 7445 type: string 7446 source: 7447 description: Source describes where to find the 7448 ResourceClaim. 7449 properties: 7450 resourceClaimName: 7451 description: ResourceClaimName is the name 7452 of a ResourceClaim object in the same namespace 7453 as this pod. 7454 type: string 7455 resourceClaimTemplateName: 7456 description: "ResourceClaimTemplateName is 7457 the name of a ResourceClaimTemplate object 7458 in the same namespace as this pod. \n The 7459 template will be used to create a new ResourceClaim, 7460 which will be bound to this pod. When this 7461 pod is deleted, the ResourceClaim will also 7462 be deleted. The name of the ResourceClaim 7463 will be <pod name>-<resource name>, where 7464 <resource name> is the PodResourceClaim.Name. 7465 Pod validation will reject the pod if the 7466 concatenated name is not valid for a ResourceClaim 7467 (e.g. too long). \n An existing ResourceClaim 7468 with that name that is not owned by the 7469 pod will not be used for the pod to avoid 7470 using an unrelated resource by mistake. 7471 Scheduling and pod startup are then blocked 7472 until the unrelated ResourceClaim is removed. 7473 \n This field is immutable and no changes 7474 will be made to the corresponding ResourceClaim 7475 by the control plane after creating the 7476 ResourceClaim." 7477 type: string 7478 type: object 7479 required: 7480 - name 7481 type: object 7482 type: array 7483 x-kubernetes-list-map-keys: 7484 - name 7485 x-kubernetes-list-type: map 7486 restartPolicy: 7487 description: 'Restart policy for all containers within 7488 the pod. One of Always, OnFailure, Never. Default 7489 to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 7490 type: string 7491 runtimeClassName: 7492 description: 'RuntimeClassName refers to a RuntimeClass 7493 object in the node.k8s.io group, which should be used 7494 to run this pod. If no RuntimeClass resource matches 7495 the named class, the pod will not be run. If unset 7496 or empty, the "legacy" RuntimeClass will be used, 7497 which is an implicit class with an empty definition 7498 that uses the default runtime handler. More info: 7499 https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' 7500 type: string 7501 schedulerName: 7502 description: If specified, the pod will be dispatched 7503 by specified scheduler. If not specified, the pod 7504 will be dispatched by default scheduler. 7505 type: string 7506 schedulingGates: 7507 description: "SchedulingGates is an opaque list of values 7508 that if specified will block scheduling the pod. More 7509 info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. 7510 \n This is an alpha-level feature enabled by PodSchedulingReadiness 7511 feature gate." 7512 items: 7513 description: PodSchedulingGate is associated to a 7514 Pod to guard its scheduling. 7515 properties: 7516 name: 7517 description: Name of the scheduling gate. Each 7518 scheduling gate must have a unique name field. 7519 type: string 7520 required: 7521 - name 7522 type: object 7523 type: array 7524 x-kubernetes-list-map-keys: 7525 - name 7526 x-kubernetes-list-type: map 7527 securityContext: 7528 description: 'SecurityContext holds pod-level security 7529 attributes and common container settings. Optional: 7530 Defaults to empty. See type description for default 7531 values of each field.' 7532 properties: 7533 fsGroup: 7534 description: "A special supplemental group that 7535 applies to all containers in a pod. Some volume 7536 types allow the Kubelet to change the ownership 7537 of that volume to be owned by the pod: \n 1. The 7538 owning GID will be the FSGroup 2. The setgid bit 7539 is set (new files created in the volume will be 7540 owned by FSGroup) 3. The permission bits are OR'd 7541 with rw-rw---- \n If unset, the Kubelet will not 7542 modify the ownership and permissions of any volume. 7543 Note that this field cannot be set when spec.os.name 7544 is windows." 7545 format: int64 7546 type: integer 7547 fsGroupChangePolicy: 7548 description: 'fsGroupChangePolicy defines behavior 7549 of changing ownership and permission of the volume 7550 before being exposed inside Pod. This field will 7551 only apply to volume types which support fsGroup 7552 based ownership(and permissions). It will have 7553 no effect on ephemeral volume types such as: secret, 7554 configmaps and emptydir. Valid values are "OnRootMismatch" 7555 and "Always". If not specified, "Always" is used. 7556 Note that this field cannot be set when spec.os.name 7557 is windows.' 7558 type: string 7559 runAsGroup: 7560 description: The GID to run the entrypoint of the 7561 container process. Uses runtime default if unset. 7562 May also be set in SecurityContext. If set in 7563 both SecurityContext and PodSecurityContext, the 7564 value specified in SecurityContext takes precedence 7565 for that container. Note that this field cannot 7566 be set when spec.os.name is windows. 7567 format: int64 7568 type: integer 7569 runAsNonRoot: 7570 description: Indicates that the container must run 7571 as a non-root user. If true, the Kubelet will 7572 validate the image at runtime to ensure that it 7573 does not run as UID 0 (root) and fail to start 7574 the container if it does. If unset or false, no 7575 such validation will be performed. May also be 7576 set in SecurityContext. If set in both SecurityContext 7577 and PodSecurityContext, the value specified in 7578 SecurityContext takes precedence. 7579 type: boolean 7580 runAsUser: 7581 description: The UID to run the entrypoint of the 7582 container process. Defaults to user specified 7583 in image metadata if unspecified. May also be 7584 set in SecurityContext. If set in both SecurityContext 7585 and PodSecurityContext, the value specified in 7586 SecurityContext takes precedence for that container. 7587 Note that this field cannot be set when spec.os.name 7588 is windows. 7589 format: int64 7590 type: integer 7591 seLinuxOptions: 7592 description: The SELinux context to be applied to 7593 all containers. If unspecified, the container 7594 runtime will allocate a random SELinux context 7595 for each container. May also be set in SecurityContext. If 7596 set in both SecurityContext and PodSecurityContext, 7597 the value specified in SecurityContext takes precedence 7598 for that container. Note that this field cannot 7599 be set when spec.os.name is windows. 7600 properties: 7601 level: 7602 description: Level is SELinux level label that 7603 applies to the container. 7604 type: string 7605 role: 7606 description: Role is a SELinux role label that 7607 applies to the container. 7608 type: string 7609 type: 7610 description: Type is a SELinux type label that 7611 applies to the container. 7612 type: string 7613 user: 7614 description: User is a SELinux user label that 7615 applies to the container. 7616 type: string 7617 type: object 7618 seccompProfile: 7619 description: The seccomp options to use by the containers 7620 in this pod. Note that this field cannot be set 7621 when spec.os.name is windows. 7622 properties: 7623 localhostProfile: 7624 description: localhostProfile indicates a profile 7625 defined in a file on the node should be used. 7626 The profile must be preconfigured on the node 7627 to work. Must be a descending path, relative 7628 to the kubelet's configured seccomp profile 7629 location. Must only be set if type is "Localhost". 7630 type: string 7631 type: 7632 description: "type indicates which kind of seccomp 7633 profile will be applied. Valid options are: 7634 \n Localhost - a profile defined in a file 7635 on the node should be used. RuntimeDefault 7636 - the container runtime default profile should 7637 be used. Unconfined - no profile should be 7638 applied." 7639 type: string 7640 required: 7641 - type 7642 type: object 7643 supplementalGroups: 7644 description: A list of groups applied to the first 7645 process run in each container, in addition to 7646 the container's primary GID, the fsGroup (if specified), 7647 and group memberships defined in the container 7648 image for the uid of the container process. If 7649 unspecified, no additional groups are added to 7650 any container. Note that group memberships defined 7651 in the container image for the uid of the container 7652 process are still effective, even if they are 7653 not included in this list. Note that this field 7654 cannot be set when spec.os.name is windows. 7655 items: 7656 format: int64 7657 type: integer 7658 type: array 7659 sysctls: 7660 description: Sysctls hold a list of namespaced sysctls 7661 used for the pod. Pods with unsupported sysctls 7662 (by the container runtime) might fail to launch. 7663 Note that this field cannot be set when spec.os.name 7664 is windows. 7665 items: 7666 description: Sysctl defines a kernel parameter 7667 to be set 7668 properties: 7669 name: 7670 description: Name of a property to set 7671 type: string 7672 value: 7673 description: Value of a property to set 7674 type: string 7675 required: 7676 - name 7677 - value 7678 type: object 7679 type: array 7680 windowsOptions: 7681 description: The Windows specific settings applied 7682 to all containers. If unspecified, the options 7683 within a container's SecurityContext will be used. 7684 If set in both SecurityContext and PodSecurityContext, 7685 the value specified in SecurityContext takes precedence. 7686 Note that this field cannot be set when spec.os.name 7687 is linux. 7688 properties: 7689 gmsaCredentialSpec: 7690 description: GMSACredentialSpec is where the 7691 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 7692 inlines the contents of the GMSA credential 7693 spec named by the GMSACredentialSpecName field. 7694 type: string 7695 gmsaCredentialSpecName: 7696 description: GMSACredentialSpecName is the name 7697 of the GMSA credential spec to use. 7698 type: string 7699 hostProcess: 7700 description: HostProcess determines if a container 7701 should be run as a 'Host Process' container. 7702 This field is alpha-level and will only be 7703 honored by components that enable the WindowsHostProcessContainers 7704 feature flag. Setting this field without the 7705 feature flag will result in errors when validating 7706 the Pod. All of a Pod's containers must have 7707 the same effective HostProcess value (it is 7708 not allowed to have a mix of HostProcess containers 7709 and non-HostProcess containers). In addition, 7710 if HostProcess is true then HostNetwork must 7711 also be set to true. 7712 type: boolean 7713 runAsUserName: 7714 description: The UserName in Windows to run 7715 the entrypoint of the container process. Defaults 7716 to the user specified in image metadata if 7717 unspecified. May also be set in PodSecurityContext. 7718 If set in both SecurityContext and PodSecurityContext, 7719 the value specified in SecurityContext takes 7720 precedence. 7721 type: string 7722 type: object 7723 type: object 7724 serviceAccount: 7725 description: 'DeprecatedServiceAccount is a depreciated 7726 alias for ServiceAccountName. Deprecated: Use serviceAccountName 7727 instead.' 7728 type: string 7729 serviceAccountName: 7730 description: 'ServiceAccountName is the name of the 7731 ServiceAccount to use to run this pod. More info: 7732 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 7733 type: string 7734 setHostnameAsFQDN: 7735 description: If true the pod's hostname will be configured 7736 as the pod's FQDN, rather than the leaf name (the 7737 default). In Linux containers, this means setting 7738 the FQDN in the hostname field of the kernel (the 7739 nodename field of struct utsname). In Windows containers, 7740 this means setting the registry value of hostname 7741 for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters 7742 to FQDN. If a pod does not have FQDN, this has no 7743 effect. Default to false. 7744 type: boolean 7745 shareProcessNamespace: 7746 description: 'Share a single process namespace between 7747 all of the containers in a pod. When this is set containers 7748 will be able to view and signal processes from other 7749 containers in the same pod, and the first process 7750 in each container will not be assigned PID 1. HostPID 7751 and ShareProcessNamespace cannot both be set. Optional: 7752 Default to false.' 7753 type: boolean 7754 subdomain: 7755 description: If specified, the fully qualified Pod hostname 7756 will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 7757 domain>". If not specified, the pod will not have 7758 a domainname at all. 7759 type: string 7760 terminationGracePeriodSeconds: 7761 description: Optional duration in seconds the pod needs 7762 to terminate gracefully. May be decreased in delete 7763 request. Value must be non-negative integer. The value 7764 zero indicates stop immediately via the kill signal 7765 (no opportunity to shut down). If this value is nil, 7766 the default grace period will be used instead. The 7767 grace period is the duration in seconds after the 7768 processes running in the pod are sent a termination 7769 signal and the time when the processes are forcibly 7770 halted with a kill signal. Set this value longer than 7771 the expected cleanup time for your process. Defaults 7772 to 30 seconds. 7773 format: int64 7774 type: integer 7775 tolerations: 7776 description: If specified, the pod's tolerations. 7777 items: 7778 description: The pod this Toleration is attached to 7779 tolerates any taint that matches the triple <key,value,effect> 7780 using the matching operator <operator>. 7781 properties: 7782 effect: 7783 description: Effect indicates the taint effect 7784 to match. Empty means match all taint effects. 7785 When specified, allowed values are NoSchedule, 7786 PreferNoSchedule and NoExecute. 7787 type: string 7788 key: 7789 description: Key is the taint key that the toleration 7790 applies to. Empty means match all taint keys. 7791 If the key is empty, operator must be Exists; 7792 this combination means to match all values and 7793 all keys. 7794 type: string 7795 operator: 7796 description: Operator represents a key's relationship 7797 to the value. Valid operators are Exists and 7798 Equal. Defaults to Equal. Exists is equivalent 7799 to wildcard for value, so that a pod can tolerate 7800 all taints of a particular category. 7801 type: string 7802 tolerationSeconds: 7803 description: TolerationSeconds represents the 7804 period of time the toleration (which must be 7805 of effect NoExecute, otherwise this field is 7806 ignored) tolerates the taint. By default, it 7807 is not set, which means tolerate the taint forever 7808 (do not evict). Zero and negative values will 7809 be treated as 0 (evict immediately) by the system. 7810 format: int64 7811 type: integer 7812 value: 7813 description: Value is the taint value the toleration 7814 matches to. If the operator is Exists, the value 7815 should be empty, otherwise just a regular string. 7816 type: string 7817 type: object 7818 type: array 7819 topologySpreadConstraints: 7820 description: TopologySpreadConstraints describes how 7821 a group of pods ought to spread across topology domains. 7822 Scheduler will schedule pods in a way which abides 7823 by the constraints. All topologySpreadConstraints 7824 are ANDed. 7825 items: 7826 description: TopologySpreadConstraint specifies how 7827 to spread matching pods among the given topology. 7828 properties: 7829 labelSelector: 7830 description: LabelSelector is used to find matching 7831 pods. Pods that match this label selector are 7832 counted to determine the number of pods in their 7833 corresponding topology domain. 7834 properties: 7835 matchExpressions: 7836 description: matchExpressions is a list of 7837 label selector requirements. The requirements 7838 are ANDed. 7839 items: 7840 description: A label selector requirement 7841 is a selector that contains values, a 7842 key, and an operator that relates the 7843 key and values. 7844 properties: 7845 key: 7846 description: key is the label key that 7847 the selector applies to. 7848 type: string 7849 operator: 7850 description: operator represents a key's 7851 relationship to a set of values. Valid 7852 operators are In, NotIn, Exists and 7853 DoesNotExist. 7854 type: string 7855 values: 7856 description: values is an array of string 7857 values. If the operator is In or NotIn, 7858 the values array must be non-empty. 7859 If the operator is Exists or DoesNotExist, 7860 the values array must be empty. This 7861 array is replaced during a strategic 7862 merge patch. 7863 items: 7864 type: string 7865 type: array 7866 required: 7867 - key 7868 - operator 7869 type: object 7870 type: array 7871 matchLabels: 7872 additionalProperties: 7873 type: string 7874 description: matchLabels is a map of {key,value} 7875 pairs. A single {key,value} in the matchLabels 7876 map is equivalent to an element of matchExpressions, 7877 whose key field is "key", the operator is 7878 "In", and the values array contains only 7879 "value". The requirements are ANDed. 7880 type: object 7881 type: object 7882 matchLabelKeys: 7883 description: MatchLabelKeys is a set of pod label 7884 keys to select the pods over which spreading 7885 will be calculated. The keys are used to lookup 7886 values from the incoming pod labels, those key-value 7887 labels are ANDed with labelSelector to select 7888 the group of existing pods over which spreading 7889 will be calculated for the incoming pod. Keys 7890 that don't exist in the incoming pod labels 7891 will be ignored. A null or empty list means 7892 only match against labelSelector. 7893 items: 7894 type: string 7895 type: array 7896 x-kubernetes-list-type: atomic 7897 maxSkew: 7898 description: 'MaxSkew describes the degree to 7899 which pods may be unevenly distributed. When 7900 `whenUnsatisfiable=DoNotSchedule`, it is the 7901 maximum permitted difference between the number 7902 of matching pods in the target topology and 7903 the global minimum. The global minimum is the 7904 minimum number of matching pods in an eligible 7905 domain or zero if the number of eligible domains 7906 is less than MinDomains. For example, in a 3-zone 7907 cluster, MaxSkew is set to 1, and pods with 7908 the same labelSelector spread as 2/2/1: In this 7909 case, the global minimum is 1. | zone1 | zone2 7910 | zone3 | | P P | P P | P | - if MaxSkew 7911 is 1, incoming pod can only be scheduled to 7912 zone3 to become 2/2/2; scheduling it onto zone1(zone2) 7913 would make the ActualSkew(3-1) on zone1(zone2) 7914 violate MaxSkew(1). - if MaxSkew is 2, incoming 7915 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 7916 it is used to give higher precedence to topologies 7917 that satisfy it. It''s a required field. Default 7918 value is 1 and 0 is not allowed.' 7919 format: int32 7920 type: integer 7921 minDomains: 7922 description: "MinDomains indicates a minimum number 7923 of eligible domains. When the number of eligible 7924 domains with matching topology keys is less 7925 than minDomains, Pod Topology Spread treats 7926 \"global minimum\" as 0, and then the calculation 7927 of Skew is performed. And when the number of 7928 eligible domains with matching topology keys 7929 equals or greater than minDomains, this value 7930 has no effect on scheduling. As a result, when 7931 the number of eligible domains is less than 7932 minDomains, scheduler won't schedule more than 7933 maxSkew Pods to those domains. If value is nil, 7934 the constraint behaves as if MinDomains is equal 7935 to 1. Valid values are integers greater than 7936 0. When value is not nil, WhenUnsatisfiable 7937 must be DoNotSchedule. \n For example, in a 7938 3-zone cluster, MaxSkew is set to 2, MinDomains 7939 is set to 5 and pods with the same labelSelector 7940 spread as 2/2/2: | zone1 | zone2 | zone3 | | 7941 \ P P | P P | P P | The number of domains 7942 is less than 5(MinDomains), so \"global minimum\" 7943 is treated as 0. In this situation, new pod 7944 with the same labelSelector cannot be scheduled, 7945 because computed skew will be 3(3 - 0) if new 7946 Pod is scheduled to any of the three zones, 7947 it will violate MaxSkew. \n This is a beta field 7948 and requires the MinDomainsInPodTopologySpread 7949 feature gate to be enabled (enabled by default)." 7950 format: int32 7951 type: integer 7952 nodeAffinityPolicy: 7953 description: "NodeAffinityPolicy indicates how 7954 we will treat Pod's nodeAffinity/nodeSelector 7955 when calculating pod topology spread skew. Options 7956 are: - Honor: only nodes matching nodeAffinity/nodeSelector 7957 are included in the calculations. - Ignore: 7958 nodeAffinity/nodeSelector are ignored. All nodes 7959 are included in the calculations. \n If this 7960 value is nil, the behavior is equivalent to 7961 the Honor policy. This is a beta-level feature 7962 default enabled by the NodeInclusionPolicyInPodTopologySpread 7963 feature flag." 7964 type: string 7965 nodeTaintsPolicy: 7966 description: "NodeTaintsPolicy indicates how we 7967 will treat node taints when calculating pod 7968 topology spread skew. Options are: - Honor: 7969 nodes without taints, along with tainted nodes 7970 for which the incoming pod has a toleration, 7971 are included. - Ignore: node taints are ignored. 7972 All nodes are included. \n If this value is 7973 nil, the behavior is equivalent to the Ignore 7974 policy. This is a beta-level feature default 7975 enabled by the NodeInclusionPolicyInPodTopologySpread 7976 feature flag." 7977 type: string 7978 topologyKey: 7979 description: TopologyKey is the key of node labels. 7980 Nodes that have a label with this key and identical 7981 values are considered to be in the same topology. 7982 We consider each <key, value> as a "bucket", 7983 and try to put balanced number of pods into 7984 each bucket. We define a domain as a particular 7985 instance of a topology. Also, we define an eligible 7986 domain as a domain whose nodes meet the requirements 7987 of nodeAffinityPolicy and nodeTaintsPolicy. 7988 e.g. If TopologyKey is "kubernetes.io/hostname", 7989 each Node is a domain of that topology. And, 7990 if TopologyKey is "topology.kubernetes.io/zone", 7991 each zone is a domain of that topology. It's 7992 a required field. 7993 type: string 7994 whenUnsatisfiable: 7995 description: 'WhenUnsatisfiable indicates how 7996 to deal with a pod if it doesn''t satisfy the 7997 spread constraint. - DoNotSchedule (default) 7998 tells the scheduler not to schedule it. - ScheduleAnyway 7999 tells the scheduler to schedule the pod in any 8000 location, but giving higher precedence to topologies 8001 that would help reduce the skew. A constraint 8002 is considered "Unsatisfiable" for an incoming 8003 pod if and only if every possible node assignment 8004 for that pod would violate "MaxSkew" on some 8005 topology. For example, in a 3-zone cluster, 8006 MaxSkew is set to 1, and pods with the same 8007 labelSelector spread as 3/1/1: | zone1 | zone2 8008 | zone3 | | P P P | P | P | If WhenUnsatisfiable 8009 is set to DoNotSchedule, incoming pod can only 8010 be scheduled to zone2(zone3) to become 3/2/1(3/1/2) 8011 as ActualSkew(2-1) on zone2(zone3) satisfies 8012 MaxSkew(1). In other words, the cluster can 8013 still be imbalanced, but scheduler won''t make 8014 it *more* imbalanced. It''s a required field.' 8015 type: string 8016 required: 8017 - maxSkew 8018 - topologyKey 8019 - whenUnsatisfiable 8020 type: object 8021 type: array 8022 x-kubernetes-list-map-keys: 8023 - topologyKey 8024 - whenUnsatisfiable 8025 x-kubernetes-list-type: map 8026 volumes: 8027 description: 'List of volumes that can be mounted by 8028 containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 8029 items: 8030 description: Volume represents a named volume in a 8031 pod that may be accessed by any container in the 8032 pod. 8033 properties: 8034 awsElasticBlockStore: 8035 description: 'awsElasticBlockStore represents 8036 an AWS Disk resource that is attached to a kubelet''s 8037 host machine and then exposed to the pod. More 8038 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 8039 properties: 8040 fsType: 8041 description: 'fsType is the filesystem type 8042 of the volume that you want to mount. Tip: 8043 Ensure that the filesystem type is supported 8044 by the host operating system. Examples: 8045 "ext4", "xfs", "ntfs". Implicitly inferred 8046 to be "ext4" if unspecified. More info: 8047 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 8048 TODO: how do we prevent errors in the filesystem 8049 from compromising the machine' 8050 type: string 8051 partition: 8052 description: 'partition is the partition in 8053 the volume that you want to mount. If omitted, 8054 the default is to mount by volume name. 8055 Examples: For volume /dev/sda1, you specify 8056 the partition as "1". Similarly, the volume 8057 partition for /dev/sda is "0" (or you can 8058 leave the property empty).' 8059 format: int32 8060 type: integer 8061 readOnly: 8062 description: 'readOnly value true will force 8063 the readOnly setting in VolumeMounts. More 8064 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 8065 type: boolean 8066 volumeID: 8067 description: 'volumeID is unique ID of the 8068 persistent disk resource in AWS (Amazon 8069 EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 8070 type: string 8071 required: 8072 - volumeID 8073 type: object 8074 azureDisk: 8075 description: azureDisk represents an Azure Data 8076 Disk mount on the host and bind mount to the 8077 pod. 8078 properties: 8079 cachingMode: 8080 description: 'cachingMode is the Host Caching 8081 mode: None, Read Only, Read Write.' 8082 type: string 8083 diskName: 8084 description: diskName is the Name of the data 8085 disk in the blob storage 8086 type: string 8087 diskURI: 8088 description: diskURI is the URI of data disk 8089 in the blob storage 8090 type: string 8091 fsType: 8092 description: fsType is Filesystem type to 8093 mount. Must be a filesystem type supported 8094 by the host operating system. Ex. "ext4", 8095 "xfs", "ntfs". Implicitly inferred to be 8096 "ext4" if unspecified. 8097 type: string 8098 kind: 8099 description: 'kind expected values are Shared: 8100 multiple blob disks per storage account Dedicated: 8101 single blob disk per storage account Managed: 8102 azure managed data disk (only in managed 8103 availability set). defaults to shared' 8104 type: string 8105 readOnly: 8106 description: readOnly Defaults to false (read/write). 8107 ReadOnly here will force the ReadOnly setting 8108 in VolumeMounts. 8109 type: boolean 8110 required: 8111 - diskName 8112 - diskURI 8113 type: object 8114 azureFile: 8115 description: azureFile represents an Azure File 8116 Service mount on the host and bind mount to 8117 the pod. 8118 properties: 8119 readOnly: 8120 description: readOnly defaults to false (read/write). 8121 ReadOnly here will force the ReadOnly setting 8122 in VolumeMounts. 8123 type: boolean 8124 secretName: 8125 description: secretName is the name of secret 8126 that contains Azure Storage Account Name 8127 and Key 8128 type: string 8129 shareName: 8130 description: shareName is the azure share 8131 Name 8132 type: string 8133 required: 8134 - secretName 8135 - shareName 8136 type: object 8137 cephfs: 8138 description: cephFS represents a Ceph FS mount 8139 on the host that shares a pod's lifetime 8140 properties: 8141 monitors: 8142 description: 'monitors is Required: Monitors 8143 is a collection of Ceph monitors More info: 8144 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 8145 items: 8146 type: string 8147 type: array 8148 path: 8149 description: 'path is Optional: Used as the 8150 mounted root, rather than the full Ceph 8151 tree, default is /' 8152 type: string 8153 readOnly: 8154 description: 'readOnly is Optional: Defaults 8155 to false (read/write). ReadOnly here will 8156 force the ReadOnly setting in VolumeMounts. 8157 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 8158 type: boolean 8159 secretFile: 8160 description: 'secretFile is Optional: SecretFile 8161 is the path to key ring for User, default 8162 is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 8163 type: string 8164 secretRef: 8165 description: 'secretRef is Optional: SecretRef 8166 is reference to the authentication secret 8167 for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 8168 properties: 8169 name: 8170 description: 'Name of the referent. More 8171 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8172 TODO: Add other useful fields. apiVersion, 8173 kind, uid?' 8174 type: string 8175 type: object 8176 user: 8177 description: 'user is optional: User is the 8178 rados user name, default is admin More info: 8179 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 8180 type: string 8181 required: 8182 - monitors 8183 type: object 8184 cinder: 8185 description: 'cinder represents a cinder volume 8186 attached and mounted on kubelets host machine. 8187 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 8188 properties: 8189 fsType: 8190 description: 'fsType is the filesystem type 8191 to mount. Must be a filesystem type supported 8192 by the host operating system. Examples: 8193 "ext4", "xfs", "ntfs". Implicitly inferred 8194 to be "ext4" if unspecified. More info: 8195 https://examples.k8s.io/mysql-cinder-pd/README.md' 8196 type: string 8197 readOnly: 8198 description: 'readOnly defaults to false (read/write). 8199 ReadOnly here will force the ReadOnly setting 8200 in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 8201 type: boolean 8202 secretRef: 8203 description: 'secretRef is optional: points 8204 to a secret object containing parameters 8205 used to connect to OpenStack.' 8206 properties: 8207 name: 8208 description: 'Name of the referent. More 8209 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8210 TODO: Add other useful fields. apiVersion, 8211 kind, uid?' 8212 type: string 8213 type: object 8214 volumeID: 8215 description: 'volumeID used to identify the 8216 volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 8217 type: string 8218 required: 8219 - volumeID 8220 type: object 8221 configMap: 8222 description: configMap represents a configMap 8223 that should populate this volume 8224 properties: 8225 defaultMode: 8226 description: 'defaultMode is optional: mode 8227 bits used to set permissions on created 8228 files by default. Must be an octal value 8229 between 0000 and 0777 or a decimal value 8230 between 0 and 511. YAML accepts both octal 8231 and decimal values, JSON requires decimal 8232 values for mode bits. Defaults to 0644. 8233 Directories within the path are not affected 8234 by this setting. This might be in conflict 8235 with other options that affect the file 8236 mode, like fsGroup, and the result can be 8237 other mode bits set.' 8238 format: int32 8239 type: integer 8240 items: 8241 description: items if unspecified, each key-value 8242 pair in the Data field of the referenced 8243 ConfigMap will be projected into the volume 8244 as a file whose name is the key and content 8245 is the value. If specified, the listed keys 8246 will be projected into the specified paths, 8247 and unlisted keys will not be present. If 8248 a key is specified which is not present 8249 in the ConfigMap, the volume setup will 8250 error unless it is marked optional. Paths 8251 must be relative and may not contain the 8252 '..' path or start with '..'. 8253 items: 8254 description: Maps a string key to a path 8255 within a volume. 8256 properties: 8257 key: 8258 description: key is the key to project. 8259 type: string 8260 mode: 8261 description: 'mode is Optional: mode 8262 bits used to set permissions on this 8263 file. Must be an octal value between 8264 0000 and 0777 or a decimal value between 8265 0 and 511. YAML accepts both octal 8266 and decimal values, JSON requires 8267 decimal values for mode bits. If not 8268 specified, the volume defaultMode 8269 will be used. This might be in conflict 8270 with other options that affect the 8271 file mode, like fsGroup, and the result 8272 can be other mode bits set.' 8273 format: int32 8274 type: integer 8275 path: 8276 description: path is the relative path 8277 of the file to map the key to. May 8278 not be an absolute path. May not contain 8279 the path element '..'. May not start 8280 with the string '..'. 8281 type: string 8282 required: 8283 - key 8284 - path 8285 type: object 8286 type: array 8287 name: 8288 description: 'Name of the referent. More info: 8289 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8290 TODO: Add other useful fields. apiVersion, 8291 kind, uid?' 8292 type: string 8293 optional: 8294 description: optional specify whether the 8295 ConfigMap or its keys must be defined 8296 type: boolean 8297 type: object 8298 csi: 8299 description: csi (Container Storage Interface) 8300 represents ephemeral storage that is handled 8301 by certain external CSI drivers (Beta feature). 8302 properties: 8303 driver: 8304 description: driver is the name of the CSI 8305 driver that handles this volume. Consult 8306 with your admin for the correct name as 8307 registered in the cluster. 8308 type: string 8309 fsType: 8310 description: fsType to mount. Ex. "ext4", 8311 "xfs", "ntfs". If not provided, the empty 8312 value is passed to the associated CSI driver 8313 which will determine the default filesystem 8314 to apply. 8315 type: string 8316 nodePublishSecretRef: 8317 description: nodePublishSecretRef is a reference 8318 to the secret object containing sensitive 8319 information to pass to the CSI driver to 8320 complete the CSI NodePublishVolume and NodeUnpublishVolume 8321 calls. This field is optional, and may 8322 be empty if no secret is required. If the 8323 secret object contains more than one secret, 8324 all secret references are passed. 8325 properties: 8326 name: 8327 description: 'Name of the referent. More 8328 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8329 TODO: Add other useful fields. apiVersion, 8330 kind, uid?' 8331 type: string 8332 type: object 8333 readOnly: 8334 description: readOnly specifies a read-only 8335 configuration for the volume. Defaults to 8336 false (read/write). 8337 type: boolean 8338 volumeAttributes: 8339 additionalProperties: 8340 type: string 8341 description: volumeAttributes stores driver-specific 8342 properties that are passed to the CSI driver. 8343 Consult your driver's documentation for 8344 supported values. 8345 type: object 8346 required: 8347 - driver 8348 type: object 8349 downwardAPI: 8350 description: downwardAPI represents downward API 8351 about the pod that should populate this volume 8352 properties: 8353 defaultMode: 8354 description: 'Optional: mode bits to use on 8355 created files by default. Must be a Optional: 8356 mode bits used to set permissions on created 8357 files by default. Must be an octal value 8358 between 0000 and 0777 or a decimal value 8359 between 0 and 511. YAML accepts both octal 8360 and decimal values, JSON requires decimal 8361 values for mode bits. Defaults to 0644. 8362 Directories within the path are not affected 8363 by this setting. This might be in conflict 8364 with other options that affect the file 8365 mode, like fsGroup, and the result can be 8366 other mode bits set.' 8367 format: int32 8368 type: integer 8369 items: 8370 description: Items is a list of downward API 8371 volume file 8372 items: 8373 description: DownwardAPIVolumeFile represents 8374 information to create the file containing 8375 the pod field 8376 properties: 8377 fieldRef: 8378 description: 'Required: Selects a field 8379 of the pod: only annotations, labels, 8380 name and namespace are supported.' 8381 properties: 8382 apiVersion: 8383 description: Version of the schema 8384 the FieldPath is written in terms 8385 of, defaults to "v1". 8386 type: string 8387 fieldPath: 8388 description: Path of the field to 8389 select in the specified API version. 8390 type: string 8391 required: 8392 - fieldPath 8393 type: object 8394 mode: 8395 description: 'Optional: mode bits used 8396 to set permissions on this file, must 8397 be an octal value between 0000 and 8398 0777 or a decimal value between 0 8399 and 511. YAML accepts both octal and 8400 decimal values, JSON requires decimal 8401 values for mode bits. If not specified, 8402 the volume defaultMode will be used. 8403 This might be in conflict with other 8404 options that affect the file mode, 8405 like fsGroup, and the result can be 8406 other mode bits set.' 8407 format: int32 8408 type: integer 8409 path: 8410 description: 'Required: Path is the 8411 relative path name of the file to 8412 be created. Must not be absolute or 8413 contain the ''..'' path. Must be utf-8 8414 encoded. The first item of the relative 8415 path must not start with ''..''' 8416 type: string 8417 resourceFieldRef: 8418 description: 'Selects a resource of 8419 the container: only resources limits 8420 and requests (limits.cpu, limits.memory, 8421 requests.cpu and requests.memory) 8422 are currently supported.' 8423 properties: 8424 containerName: 8425 description: 'Container name: required 8426 for volumes, optional for env 8427 vars' 8428 type: string 8429 divisor: 8430 anyOf: 8431 - type: integer 8432 - type: string 8433 description: Specifies the output 8434 format of the exposed resources, 8435 defaults to "1" 8436 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8437 x-kubernetes-int-or-string: true 8438 resource: 8439 description: 'Required: resource 8440 to select' 8441 type: string 8442 required: 8443 - resource 8444 type: object 8445 required: 8446 - path 8447 type: object 8448 type: array 8449 type: object 8450 emptyDir: 8451 description: 'emptyDir represents a temporary 8452 directory that shares a pod''s lifetime. More 8453 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 8454 properties: 8455 medium: 8456 description: 'medium represents what type 8457 of storage medium should back this directory. 8458 The default is "" which means to use the 8459 node''s default medium. Must be an empty 8460 string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 8461 type: string 8462 sizeLimit: 8463 anyOf: 8464 - type: integer 8465 - type: string 8466 description: 'sizeLimit is the total amount 8467 of local storage required for this EmptyDir 8468 volume. The size limit is also applicable 8469 for memory medium. The maximum usage on 8470 memory medium EmptyDir would be the minimum 8471 value between the SizeLimit specified here 8472 and the sum of memory limits of all containers 8473 in a pod. The default is nil which means 8474 that the limit is undefined. More info: 8475 http://kubernetes.io/docs/user-guide/volumes#emptydir' 8476 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8477 x-kubernetes-int-or-string: true 8478 type: object 8479 ephemeral: 8480 description: "ephemeral represents a volume that 8481 is handled by a cluster storage driver. The 8482 volume's lifecycle is tied to the pod that defines 8483 it - it will be created before the pod starts, 8484 and deleted when the pod is removed. \n Use 8485 this if: a) the volume is only needed while 8486 the pod runs, b) features of normal volumes 8487 like restoring from snapshot or capacity tracking 8488 are needed, c) the storage driver is specified 8489 through a storage class, and d) the storage 8490 driver supports dynamic volume provisioning 8491 through a PersistentVolumeClaim (see EphemeralVolumeSource 8492 for more information on the connection between 8493 this volume type and PersistentVolumeClaim). 8494 \n Use PersistentVolumeClaim or one of the vendor-specific 8495 APIs for volumes that persist for longer than 8496 the lifecycle of an individual pod. \n Use CSI 8497 for light-weight local ephemeral volumes if 8498 the CSI driver is meant to be used that way 8499 - see the documentation of the driver for more 8500 information. \n A pod can use both types of 8501 ephemeral volumes and persistent volumes at 8502 the same time." 8503 properties: 8504 volumeClaimTemplate: 8505 description: "Will be used to create a stand-alone 8506 PVC to provision the volume. The pod in 8507 which this EphemeralVolumeSource is embedded 8508 will be the owner of the PVC, i.e. the PVC 8509 will be deleted together with the pod. The 8510 name of the PVC will be `<pod name>-<volume 8511 name>` where `<volume name>` is the name 8512 from the `PodSpec.Volumes` array entry. 8513 Pod validation will reject the pod if the 8514 concatenated name is not valid for a PVC 8515 (for example, too long). \n An existing 8516 PVC with that name that is not owned by 8517 the pod will *not* be used for the pod to 8518 avoid using an unrelated volume by mistake. 8519 Starting the pod is then blocked until the 8520 unrelated PVC is removed. If such a pre-created 8521 PVC is meant to be used by the pod, the 8522 PVC has to updated with an owner reference 8523 to the pod once the pod exists. Normally 8524 this should not be necessary, but it may 8525 be useful when manually reconstructing a 8526 broken cluster. \n This field is read-only 8527 and no changes will be made by Kubernetes 8528 to the PVC after it has been created. \n 8529 Required, must not be nil." 8530 properties: 8531 metadata: 8532 description: May contain labels and annotations 8533 that will be copied into the PVC when 8534 creating it. No other fields are allowed 8535 and will be rejected during validation. 8536 properties: 8537 annotations: 8538 additionalProperties: 8539 type: string 8540 type: object 8541 finalizers: 8542 items: 8543 type: string 8544 type: array 8545 labels: 8546 additionalProperties: 8547 type: string 8548 type: object 8549 name: 8550 type: string 8551 namespace: 8552 type: string 8553 type: object 8554 spec: 8555 description: The specification for the 8556 PersistentVolumeClaim. The entire content 8557 is copied unchanged into the PVC that 8558 gets created from this template. The 8559 same fields as in a PersistentVolumeClaim 8560 are also valid here. 8561 properties: 8562 accessModes: 8563 description: 'accessModes contains 8564 the desired access modes the volume 8565 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 8566 items: 8567 type: string 8568 type: array 8569 dataSource: 8570 description: 'dataSource field can 8571 be used to specify either: * An 8572 existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 8573 * An existing PVC (PersistentVolumeClaim) 8574 If the provisioner or an external 8575 controller can support the specified 8576 data source, it will create a new 8577 volume based on the contents of 8578 the specified data source. When 8579 the AnyVolumeDataSource feature 8580 gate is enabled, dataSource contents 8581 will be copied to dataSourceRef, 8582 and dataSourceRef contents will 8583 be copied to dataSource when dataSourceRef.namespace 8584 is not specified. If the namespace 8585 is specified, then dataSourceRef 8586 will not be copied to dataSource.' 8587 properties: 8588 apiGroup: 8589 description: APIGroup is the group 8590 for the resource being referenced. 8591 If APIGroup is not specified, 8592 the specified Kind must be in 8593 the core API group. For any 8594 other third-party types, APIGroup 8595 is required. 8596 type: string 8597 kind: 8598 description: Kind is the type 8599 of resource being referenced 8600 type: string 8601 name: 8602 description: Name is the name 8603 of resource being referenced 8604 type: string 8605 required: 8606 - kind 8607 - name 8608 type: object 8609 dataSourceRef: 8610 description: 'dataSourceRef specifies 8611 the object from which to populate 8612 the volume with data, if a non-empty 8613 volume is desired. This may be any 8614 object from a non-empty API group 8615 (non core object) or a PersistentVolumeClaim 8616 object. When this field is specified, 8617 volume binding will only succeed 8618 if the type of the specified object 8619 matches some installed volume populator 8620 or dynamic provisioner. This field 8621 will replace the functionality of 8622 the dataSource field and as such 8623 if both fields are non-empty, they 8624 must have the same value. For backwards 8625 compatibility, when namespace isn''t 8626 specified in dataSourceRef, both 8627 fields (dataSource and dataSourceRef) 8628 will be set to the same value automatically 8629 if one of them is empty and the 8630 other is non-empty. When namespace 8631 is specified in dataSourceRef, dataSource 8632 isn''t set to the same value and 8633 must be empty. There are three important 8634 differences between dataSource and 8635 dataSourceRef: * While dataSource 8636 only allows two specific types of 8637 objects, dataSourceRef allows any 8638 non-core object, as well as PersistentVolumeClaim 8639 objects. * While dataSource ignores 8640 disallowed values (dropping them), 8641 dataSourceRef preserves all values, 8642 and generates an error if a disallowed 8643 value is specified. * While dataSource 8644 only allows local objects, dataSourceRef 8645 allows objects in any namespaces. 8646 (Beta) Using this field requires 8647 the AnyVolumeDataSource feature 8648 gate to be enabled. (Alpha) Using 8649 the namespace field of dataSourceRef 8650 requires the CrossNamespaceVolumeDataSource 8651 feature gate to be enabled.' 8652 properties: 8653 apiGroup: 8654 description: APIGroup is the group 8655 for the resource being referenced. 8656 If APIGroup is not specified, 8657 the specified Kind must be in 8658 the core API group. For any 8659 other third-party types, APIGroup 8660 is required. 8661 type: string 8662 kind: 8663 description: Kind is the type 8664 of resource being referenced 8665 type: string 8666 name: 8667 description: Name is the name 8668 of resource being referenced 8669 type: string 8670 namespace: 8671 description: Namespace is the 8672 namespace of resource being 8673 referenced Note that when a 8674 namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 8675 object is required in the referent 8676 namespace to allow that namespace's 8677 owner to accept the reference. 8678 See the ReferenceGrant documentation 8679 for details. (Alpha) This field 8680 requires the CrossNamespaceVolumeDataSource 8681 feature gate to be enabled. 8682 type: string 8683 required: 8684 - kind 8685 - name 8686 type: object 8687 resources: 8688 description: 'resources represents 8689 the minimum resources the volume 8690 should have. If RecoverVolumeExpansionFailure 8691 feature is enabled users are allowed 8692 to specify resource requirements 8693 that are lower than previous value 8694 but must still be higher than capacity 8695 recorded in the status field of 8696 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 8697 properties: 8698 claims: 8699 description: "Claims lists the 8700 names of resources, defined 8701 in spec.resourceClaims, that 8702 are used by this container. 8703 \n This is an alpha field and 8704 requires enabling the DynamicResourceAllocation 8705 feature gate. \n This field 8706 is immutable." 8707 items: 8708 description: ResourceClaim references 8709 one entry in PodSpec.ResourceClaims. 8710 properties: 8711 name: 8712 description: Name must match 8713 the name of one entry 8714 in pod.spec.resourceClaims 8715 of the Pod where this 8716 field is used. It makes 8717 that resource available 8718 inside a container. 8719 type: string 8720 required: 8721 - name 8722 type: object 8723 type: array 8724 x-kubernetes-list-map-keys: 8725 - name 8726 x-kubernetes-list-type: map 8727 limits: 8728 additionalProperties: 8729 anyOf: 8730 - type: integer 8731 - type: string 8732 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8733 x-kubernetes-int-or-string: true 8734 description: 'Limits describes 8735 the maximum amount of compute 8736 resources allowed. More info: 8737 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8738 type: object 8739 requests: 8740 additionalProperties: 8741 anyOf: 8742 - type: integer 8743 - type: string 8744 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8745 x-kubernetes-int-or-string: true 8746 description: 'Requests describes 8747 the minimum amount of compute 8748 resources required. If Requests 8749 is omitted for a container, 8750 it defaults to Limits if that 8751 is explicitly specified, otherwise 8752 to an implementation-defined 8753 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8754 type: object 8755 type: object 8756 selector: 8757 description: selector is a label query 8758 over volumes to consider for binding. 8759 properties: 8760 matchExpressions: 8761 description: matchExpressions 8762 is a list of label selector 8763 requirements. The requirements 8764 are ANDed. 8765 items: 8766 description: A label selector 8767 requirement is a selector 8768 that contains values, a key, 8769 and an operator that relates 8770 the key and values. 8771 properties: 8772 key: 8773 description: key is the 8774 label key that the selector 8775 applies to. 8776 type: string 8777 operator: 8778 description: operator represents 8779 a key's relationship to 8780 a set of values. Valid 8781 operators are In, NotIn, 8782 Exists and DoesNotExist. 8783 type: string 8784 values: 8785 description: values is an 8786 array of string values. 8787 If the operator is In 8788 or NotIn, the values array 8789 must be non-empty. If 8790 the operator is Exists 8791 or DoesNotExist, the values 8792 array must be empty. This 8793 array is replaced during 8794 a strategic merge patch. 8795 items: 8796 type: string 8797 type: array 8798 required: 8799 - key 8800 - operator 8801 type: object 8802 type: array 8803 matchLabels: 8804 additionalProperties: 8805 type: string 8806 description: matchLabels is a 8807 map of {key,value} pairs. A 8808 single {key,value} in the matchLabels 8809 map is equivalent to an element 8810 of matchExpressions, whose key 8811 field is "key", the operator 8812 is "In", and the values array 8813 contains only "value". The requirements 8814 are ANDed. 8815 type: object 8816 type: object 8817 storageClassName: 8818 description: 'storageClassName is 8819 the name of the StorageClass required 8820 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 8821 type: string 8822 volumeMode: 8823 description: volumeMode defines what 8824 type of volume is required by the 8825 claim. Value of Filesystem is implied 8826 when not included in claim spec. 8827 type: string 8828 volumeName: 8829 description: volumeName is the binding 8830 reference to the PersistentVolume 8831 backing this claim. 8832 type: string 8833 type: object 8834 required: 8835 - spec 8836 type: object 8837 type: object 8838 fc: 8839 description: fc represents a Fibre Channel resource 8840 that is attached to a kubelet's host machine 8841 and then exposed to the pod. 8842 properties: 8843 fsType: 8844 description: 'fsType is the filesystem type 8845 to mount. Must be a filesystem type supported 8846 by the host operating system. Ex. "ext4", 8847 "xfs", "ntfs". Implicitly inferred to be 8848 "ext4" if unspecified. TODO: how do we prevent 8849 errors in the filesystem from compromising 8850 the machine' 8851 type: string 8852 lun: 8853 description: 'lun is Optional: FC target lun 8854 number' 8855 format: int32 8856 type: integer 8857 readOnly: 8858 description: 'readOnly is Optional: Defaults 8859 to false (read/write). ReadOnly here will 8860 force the ReadOnly setting in VolumeMounts.' 8861 type: boolean 8862 targetWWNs: 8863 description: 'targetWWNs is Optional: FC target 8864 worldwide names (WWNs)' 8865 items: 8866 type: string 8867 type: array 8868 wwids: 8869 description: 'wwids Optional: FC volume world 8870 wide identifiers (wwids) Either wwids or 8871 combination of targetWWNs and lun must be 8872 set, but not both simultaneously.' 8873 items: 8874 type: string 8875 type: array 8876 type: object 8877 flexVolume: 8878 description: flexVolume represents a generic volume 8879 resource that is provisioned/attached using 8880 an exec based plugin. 8881 properties: 8882 driver: 8883 description: driver is the name of the driver 8884 to use for this volume. 8885 type: string 8886 fsType: 8887 description: fsType is the filesystem type 8888 to mount. Must be a filesystem type supported 8889 by the host operating system. Ex. "ext4", 8890 "xfs", "ntfs". The default filesystem depends 8891 on FlexVolume script. 8892 type: string 8893 options: 8894 additionalProperties: 8895 type: string 8896 description: 'options is Optional: this field 8897 holds extra command options if any.' 8898 type: object 8899 readOnly: 8900 description: 'readOnly is Optional: defaults 8901 to false (read/write). ReadOnly here will 8902 force the ReadOnly setting in VolumeMounts.' 8903 type: boolean 8904 secretRef: 8905 description: 'secretRef is Optional: secretRef 8906 is reference to the secret object containing 8907 sensitive information to pass to the plugin 8908 scripts. This may be empty if no secret 8909 object is specified. If the secret object 8910 contains more than one secret, all secrets 8911 are passed to the plugin scripts.' 8912 properties: 8913 name: 8914 description: 'Name of the referent. More 8915 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8916 TODO: Add other useful fields. apiVersion, 8917 kind, uid?' 8918 type: string 8919 type: object 8920 required: 8921 - driver 8922 type: object 8923 flocker: 8924 description: flocker represents a Flocker volume 8925 attached to a kubelet's host machine. This depends 8926 on the Flocker control service being running 8927 properties: 8928 datasetName: 8929 description: datasetName is Name of the dataset 8930 stored as metadata -> name on the dataset 8931 for Flocker should be considered as deprecated 8932 type: string 8933 datasetUUID: 8934 description: datasetUUID is the UUID of the 8935 dataset. This is unique identifier of a 8936 Flocker dataset 8937 type: string 8938 type: object 8939 gcePersistentDisk: 8940 description: 'gcePersistentDisk represents a GCE 8941 Disk resource that is attached to a kubelet''s 8942 host machine and then exposed to the pod. More 8943 info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8944 properties: 8945 fsType: 8946 description: 'fsType is filesystem type of 8947 the volume that you want to mount. Tip: 8948 Ensure that the filesystem type is supported 8949 by the host operating system. Examples: 8950 "ext4", "xfs", "ntfs". Implicitly inferred 8951 to be "ext4" if unspecified. More info: 8952 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 8953 TODO: how do we prevent errors in the filesystem 8954 from compromising the machine' 8955 type: string 8956 partition: 8957 description: 'partition is the partition in 8958 the volume that you want to mount. If omitted, 8959 the default is to mount by volume name. 8960 Examples: For volume /dev/sda1, you specify 8961 the partition as "1". Similarly, the volume 8962 partition for /dev/sda is "0" (or you can 8963 leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8964 format: int32 8965 type: integer 8966 pdName: 8967 description: 'pdName is unique name of the 8968 PD resource in GCE. Used to identify the 8969 disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8970 type: string 8971 readOnly: 8972 description: 'readOnly here will force the 8973 ReadOnly setting in VolumeMounts. Defaults 8974 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8975 type: boolean 8976 required: 8977 - pdName 8978 type: object 8979 gitRepo: 8980 description: 'gitRepo represents a git repository 8981 at a particular revision. DEPRECATED: GitRepo 8982 is deprecated. To provision a container with 8983 a git repo, mount an EmptyDir into an InitContainer 8984 that clones the repo using git, then mount the 8985 EmptyDir into the Pod''s container.' 8986 properties: 8987 directory: 8988 description: directory is the target directory 8989 name. Must not contain or start with '..'. If 8990 '.' is supplied, the volume directory will 8991 be the git repository. Otherwise, if specified, 8992 the volume will contain the git repository 8993 in the subdirectory with the given name. 8994 type: string 8995 repository: 8996 description: repository is the URL 8997 type: string 8998 revision: 8999 description: revision is the commit hash for 9000 the specified revision. 9001 type: string 9002 required: 9003 - repository 9004 type: object 9005 glusterfs: 9006 description: 'glusterfs represents a Glusterfs 9007 mount on the host that shares a pod''s lifetime. 9008 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 9009 properties: 9010 endpoints: 9011 description: 'endpoints is the endpoint name 9012 that details Glusterfs topology. More info: 9013 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 9014 type: string 9015 path: 9016 description: 'path is the Glusterfs volume 9017 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 9018 type: string 9019 readOnly: 9020 description: 'readOnly here will force the 9021 Glusterfs volume to be mounted with read-only 9022 permissions. Defaults to false. More info: 9023 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 9024 type: boolean 9025 required: 9026 - endpoints 9027 - path 9028 type: object 9029 hostPath: 9030 description: 'hostPath represents a pre-existing 9031 file or directory on the host machine that is 9032 directly exposed to the container. This is generally 9033 used for system agents or other privileged things 9034 that are allowed to see the host machine. Most 9035 containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 9036 --- TODO(jonesdl) We need to restrict who can 9037 use host directory mounts and who can/can not 9038 mount host directories as read/write.' 9039 properties: 9040 path: 9041 description: 'path of the directory on the 9042 host. If the path is a symlink, it will 9043 follow the link to the real path. More info: 9044 https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 9045 type: string 9046 type: 9047 description: 'type for HostPath Volume Defaults 9048 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 9049 type: string 9050 required: 9051 - path 9052 type: object 9053 iscsi: 9054 description: 'iscsi represents an ISCSI Disk resource 9055 that is attached to a kubelet''s host machine 9056 and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 9057 properties: 9058 chapAuthDiscovery: 9059 description: chapAuthDiscovery defines whether 9060 support iSCSI Discovery CHAP authentication 9061 type: boolean 9062 chapAuthSession: 9063 description: chapAuthSession defines whether 9064 support iSCSI Session CHAP authentication 9065 type: boolean 9066 fsType: 9067 description: 'fsType is the filesystem type 9068 of the volume that you want to mount. Tip: 9069 Ensure that the filesystem type is supported 9070 by the host operating system. Examples: 9071 "ext4", "xfs", "ntfs". Implicitly inferred 9072 to be "ext4" if unspecified. More info: 9073 https://kubernetes.io/docs/concepts/storage/volumes#iscsi 9074 TODO: how do we prevent errors in the filesystem 9075 from compromising the machine' 9076 type: string 9077 initiatorName: 9078 description: initiatorName is the custom iSCSI 9079 Initiator Name. If initiatorName is specified 9080 with iscsiInterface simultaneously, new 9081 iSCSI interface <target portal>:<volume 9082 name> will be created for the connection. 9083 type: string 9084 iqn: 9085 description: iqn is the target iSCSI Qualified 9086 Name. 9087 type: string 9088 iscsiInterface: 9089 description: iscsiInterface is the interface 9090 Name that uses an iSCSI transport. Defaults 9091 to 'default' (tcp). 9092 type: string 9093 lun: 9094 description: lun represents iSCSI Target Lun 9095 number. 9096 format: int32 9097 type: integer 9098 portals: 9099 description: portals is the iSCSI Target Portal 9100 List. The portal is either an IP or ip_addr:port 9101 if the port is other than default (typically 9102 TCP ports 860 and 3260). 9103 items: 9104 type: string 9105 type: array 9106 readOnly: 9107 description: readOnly here will force the 9108 ReadOnly setting in VolumeMounts. Defaults 9109 to false. 9110 type: boolean 9111 secretRef: 9112 description: secretRef is the CHAP Secret 9113 for iSCSI target and initiator authentication 9114 properties: 9115 name: 9116 description: 'Name of the referent. More 9117 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9118 TODO: Add other useful fields. apiVersion, 9119 kind, uid?' 9120 type: string 9121 type: object 9122 targetPortal: 9123 description: targetPortal is iSCSI Target 9124 Portal. The Portal is either an IP or ip_addr:port 9125 if the port is other than default (typically 9126 TCP ports 860 and 3260). 9127 type: string 9128 required: 9129 - iqn 9130 - lun 9131 - targetPortal 9132 type: object 9133 name: 9134 description: 'name of the volume. Must be a DNS_LABEL 9135 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 9136 type: string 9137 nfs: 9138 description: 'nfs represents an NFS mount on the 9139 host that shares a pod''s lifetime More info: 9140 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 9141 properties: 9142 path: 9143 description: 'path that is exported by the 9144 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 9145 type: string 9146 readOnly: 9147 description: 'readOnly here will force the 9148 NFS export to be mounted with read-only 9149 permissions. Defaults to false. More info: 9150 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 9151 type: boolean 9152 server: 9153 description: 'server is the hostname or IP 9154 address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 9155 type: string 9156 required: 9157 - path 9158 - server 9159 type: object 9160 persistentVolumeClaim: 9161 description: 'persistentVolumeClaimVolumeSource 9162 represents a reference to a PersistentVolumeClaim 9163 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 9164 properties: 9165 claimName: 9166 description: 'claimName is the name of a PersistentVolumeClaim 9167 in the same namespace as the pod using this 9168 volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 9169 type: string 9170 readOnly: 9171 description: readOnly Will force the ReadOnly 9172 setting in VolumeMounts. Default false. 9173 type: boolean 9174 required: 9175 - claimName 9176 type: object 9177 photonPersistentDisk: 9178 description: photonPersistentDisk represents a 9179 PhotonController persistent disk attached and 9180 mounted on kubelets host machine 9181 properties: 9182 fsType: 9183 description: fsType is the filesystem type 9184 to mount. Must be a filesystem type supported 9185 by the host operating system. Ex. "ext4", 9186 "xfs", "ntfs". Implicitly inferred to be 9187 "ext4" if unspecified. 9188 type: string 9189 pdID: 9190 description: pdID is the ID that identifies 9191 Photon Controller persistent disk 9192 type: string 9193 required: 9194 - pdID 9195 type: object 9196 portworxVolume: 9197 description: portworxVolume represents a portworx 9198 volume attached and mounted on kubelets host 9199 machine 9200 properties: 9201 fsType: 9202 description: fSType represents the filesystem 9203 type to mount Must be a filesystem type 9204 supported by the host operating system. 9205 Ex. "ext4", "xfs". Implicitly inferred to 9206 be "ext4" if unspecified. 9207 type: string 9208 readOnly: 9209 description: readOnly defaults to false (read/write). 9210 ReadOnly here will force the ReadOnly setting 9211 in VolumeMounts. 9212 type: boolean 9213 volumeID: 9214 description: volumeID uniquely identifies 9215 a Portworx volume 9216 type: string 9217 required: 9218 - volumeID 9219 type: object 9220 projected: 9221 description: projected items for all in one resources 9222 secrets, configmaps, and downward API 9223 properties: 9224 defaultMode: 9225 description: defaultMode are the mode bits 9226 used to set permissions on created files 9227 by default. Must be an octal value between 9228 0000 and 0777 or a decimal value between 9229 0 and 511. YAML accepts both octal and decimal 9230 values, JSON requires decimal values for 9231 mode bits. Directories within the path are 9232 not affected by this setting. This might 9233 be in conflict with other options that affect 9234 the file mode, like fsGroup, and the result 9235 can be other mode bits set. 9236 format: int32 9237 type: integer 9238 sources: 9239 description: sources is the list of volume 9240 projections 9241 items: 9242 description: Projection that may be projected 9243 along with other supported volume types 9244 properties: 9245 configMap: 9246 description: configMap information about 9247 the configMap data to project 9248 properties: 9249 items: 9250 description: items if unspecified, 9251 each key-value pair in the Data 9252 field of the referenced ConfigMap 9253 will be projected into the volume 9254 as a file whose name is the key 9255 and content is the value. If specified, 9256 the listed keys will be projected 9257 into the specified paths, and 9258 unlisted keys will not be present. 9259 If a key is specified which is 9260 not present in the ConfigMap, 9261 the volume setup will error unless 9262 it is marked optional. Paths must 9263 be relative and may not contain 9264 the '..' path or start with '..'. 9265 items: 9266 description: Maps a string key 9267 to a path within a volume. 9268 properties: 9269 key: 9270 description: key is the key 9271 to project. 9272 type: string 9273 mode: 9274 description: 'mode is Optional: 9275 mode bits used to set permissions 9276 on this file. Must be an 9277 octal value between 0000 9278 and 0777 or a decimal value 9279 between 0 and 511. YAML 9280 accepts both octal and decimal 9281 values, JSON requires decimal 9282 values for mode bits. If 9283 not specified, the volume 9284 defaultMode will be used. 9285 This might be in conflict 9286 with other options that 9287 affect the file mode, like 9288 fsGroup, and the result 9289 can be other mode bits set.' 9290 format: int32 9291 type: integer 9292 path: 9293 description: path is the relative 9294 path of the file to map 9295 the key to. May not be an 9296 absolute path. May not contain 9297 the path element '..'. May 9298 not start with the string 9299 '..'. 9300 type: string 9301 required: 9302 - key 9303 - path 9304 type: object 9305 type: array 9306 name: 9307 description: 'Name of the referent. 9308 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9309 TODO: Add other useful fields. 9310 apiVersion, kind, uid?' 9311 type: string 9312 optional: 9313 description: optional specify whether 9314 the ConfigMap or its keys must 9315 be defined 9316 type: boolean 9317 type: object 9318 downwardAPI: 9319 description: downwardAPI information 9320 about the downwardAPI data to project 9321 properties: 9322 items: 9323 description: Items is a list of 9324 DownwardAPIVolume file 9325 items: 9326 description: DownwardAPIVolumeFile 9327 represents information to create 9328 the file containing the pod 9329 field 9330 properties: 9331 fieldRef: 9332 description: 'Required: Selects 9333 a field of the pod: only 9334 annotations, labels, name 9335 and namespace are supported.' 9336 properties: 9337 apiVersion: 9338 description: Version of 9339 the schema the FieldPath 9340 is written in terms 9341 of, defaults to "v1". 9342 type: string 9343 fieldPath: 9344 description: Path of the 9345 field to select in the 9346 specified API version. 9347 type: string 9348 required: 9349 - fieldPath 9350 type: object 9351 mode: 9352 description: 'Optional: mode 9353 bits used to set permissions 9354 on this file, must be an 9355 octal value between 0000 9356 and 0777 or a decimal value 9357 between 0 and 511. YAML 9358 accepts both octal and decimal 9359 values, JSON requires decimal 9360 values for mode bits. If 9361 not specified, the volume 9362 defaultMode will be used. 9363 This might be in conflict 9364 with other options that 9365 affect the file mode, like 9366 fsGroup, and the result 9367 can be other mode bits set.' 9368 format: int32 9369 type: integer 9370 path: 9371 description: 'Required: Path 9372 is the relative path name 9373 of the file to be created. 9374 Must not be absolute or 9375 contain the ''..'' path. 9376 Must be utf-8 encoded. The 9377 first item of the relative 9378 path must not start with 9379 ''..''' 9380 type: string 9381 resourceFieldRef: 9382 description: 'Selects a resource 9383 of the container: only resources 9384 limits and requests (limits.cpu, 9385 limits.memory, requests.cpu 9386 and requests.memory) are 9387 currently supported.' 9388 properties: 9389 containerName: 9390 description: 'Container 9391 name: required for volumes, 9392 optional for env vars' 9393 type: string 9394 divisor: 9395 anyOf: 9396 - type: integer 9397 - type: string 9398 description: Specifies 9399 the output format of 9400 the exposed resources, 9401 defaults to "1" 9402 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9403 x-kubernetes-int-or-string: true 9404 resource: 9405 description: 'Required: 9406 resource to select' 9407 type: string 9408 required: 9409 - resource 9410 type: object 9411 required: 9412 - path 9413 type: object 9414 type: array 9415 type: object 9416 secret: 9417 description: secret information about 9418 the secret data to project 9419 properties: 9420 items: 9421 description: items if unspecified, 9422 each key-value pair in the Data 9423 field of the referenced Secret 9424 will be projected into the volume 9425 as a file whose name is the key 9426 and content is the value. If specified, 9427 the listed keys will be projected 9428 into the specified paths, and 9429 unlisted keys will not be present. 9430 If a key is specified which is 9431 not present in the Secret, the 9432 volume setup will error unless 9433 it is marked optional. Paths must 9434 be relative and may not contain 9435 the '..' path or start with '..'. 9436 items: 9437 description: Maps a string key 9438 to a path within a volume. 9439 properties: 9440 key: 9441 description: key is the key 9442 to project. 9443 type: string 9444 mode: 9445 description: 'mode is Optional: 9446 mode bits used to set permissions 9447 on this file. Must be an 9448 octal value between 0000 9449 and 0777 or a decimal value 9450 between 0 and 511. YAML 9451 accepts both octal and decimal 9452 values, JSON requires decimal 9453 values for mode bits. If 9454 not specified, the volume 9455 defaultMode will be used. 9456 This might be in conflict 9457 with other options that 9458 affect the file mode, like 9459 fsGroup, and the result 9460 can be other mode bits set.' 9461 format: int32 9462 type: integer 9463 path: 9464 description: path is the relative 9465 path of the file to map 9466 the key to. May not be an 9467 absolute path. May not contain 9468 the path element '..'. May 9469 not start with the string 9470 '..'. 9471 type: string 9472 required: 9473 - key 9474 - path 9475 type: object 9476 type: array 9477 name: 9478 description: 'Name of the referent. 9479 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9480 TODO: Add other useful fields. 9481 apiVersion, kind, uid?' 9482 type: string 9483 optional: 9484 description: optional field specify 9485 whether the Secret or its key 9486 must be defined 9487 type: boolean 9488 type: object 9489 serviceAccountToken: 9490 description: serviceAccountToken is 9491 information about the serviceAccountToken 9492 data to project 9493 properties: 9494 audience: 9495 description: audience is the intended 9496 audience of the token. A recipient 9497 of a token must identify itself 9498 with an identifier specified in 9499 the audience of the token, and 9500 otherwise should reject the token. 9501 The audience defaults to the identifier 9502 of the apiserver. 9503 type: string 9504 expirationSeconds: 9505 description: expirationSeconds is 9506 the requested duration of validity 9507 of the service account token. 9508 As the token approaches expiration, 9509 the kubelet volume plugin will 9510 proactively rotate the service 9511 account token. The kubelet will 9512 start trying to rotate the token 9513 if the token is older than 80 9514 percent of its time to live or 9515 if the token is older than 24 9516 hours.Defaults to 1 hour and must 9517 be at least 10 minutes. 9518 format: int64 9519 type: integer 9520 path: 9521 description: path is the path relative 9522 to the mount point of the file 9523 to project the token into. 9524 type: string 9525 required: 9526 - path 9527 type: object 9528 type: object 9529 type: array 9530 type: object 9531 quobyte: 9532 description: quobyte represents a Quobyte mount 9533 on the host that shares a pod's lifetime 9534 properties: 9535 group: 9536 description: group to map volume access to 9537 Default is no group 9538 type: string 9539 readOnly: 9540 description: readOnly here will force the 9541 Quobyte volume to be mounted with read-only 9542 permissions. Defaults to false. 9543 type: boolean 9544 registry: 9545 description: registry represents a single 9546 or multiple Quobyte Registry services specified 9547 as a string as host:port pair (multiple 9548 entries are separated with commas) which 9549 acts as the central registry for volumes 9550 type: string 9551 tenant: 9552 description: tenant owning the given Quobyte 9553 volume in the Backend Used with dynamically 9554 provisioned Quobyte volumes, value is set 9555 by the plugin 9556 type: string 9557 user: 9558 description: user to map volume access to 9559 Defaults to serivceaccount user 9560 type: string 9561 volume: 9562 description: volume is a string that references 9563 an already created Quobyte volume by name. 9564 type: string 9565 required: 9566 - registry 9567 - volume 9568 type: object 9569 rbd: 9570 description: 'rbd represents a Rados Block Device 9571 mount on the host that shares a pod''s lifetime. 9572 More info: https://examples.k8s.io/volumes/rbd/README.md' 9573 properties: 9574 fsType: 9575 description: 'fsType is the filesystem type 9576 of the volume that you want to mount. Tip: 9577 Ensure that the filesystem type is supported 9578 by the host operating system. Examples: 9579 "ext4", "xfs", "ntfs". Implicitly inferred 9580 to be "ext4" if unspecified. More info: 9581 https://kubernetes.io/docs/concepts/storage/volumes#rbd 9582 TODO: how do we prevent errors in the filesystem 9583 from compromising the machine' 9584 type: string 9585 image: 9586 description: 'image is the rados image name. 9587 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9588 type: string 9589 keyring: 9590 description: 'keyring is the path to key ring 9591 for RBDUser. Default is /etc/ceph/keyring. 9592 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9593 type: string 9594 monitors: 9595 description: 'monitors is a collection of 9596 Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9597 items: 9598 type: string 9599 type: array 9600 pool: 9601 description: 'pool is the rados pool name. 9602 Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9603 type: string 9604 readOnly: 9605 description: 'readOnly here will force the 9606 ReadOnly setting in VolumeMounts. Defaults 9607 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9608 type: boolean 9609 secretRef: 9610 description: 'secretRef is name of the authentication 9611 secret for RBDUser. If provided overrides 9612 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9613 properties: 9614 name: 9615 description: 'Name of the referent. More 9616 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9617 TODO: Add other useful fields. apiVersion, 9618 kind, uid?' 9619 type: string 9620 type: object 9621 user: 9622 description: 'user is the rados user name. 9623 Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 9624 type: string 9625 required: 9626 - image 9627 - monitors 9628 type: object 9629 scaleIO: 9630 description: scaleIO represents a ScaleIO persistent 9631 volume attached and mounted on Kubernetes nodes. 9632 properties: 9633 fsType: 9634 description: fsType is the filesystem type 9635 to mount. Must be a filesystem type supported 9636 by the host operating system. Ex. "ext4", 9637 "xfs", "ntfs". Default is "xfs". 9638 type: string 9639 gateway: 9640 description: gateway is the host address of 9641 the ScaleIO API Gateway. 9642 type: string 9643 protectionDomain: 9644 description: protectionDomain is the name 9645 of the ScaleIO Protection Domain for the 9646 configured storage. 9647 type: string 9648 readOnly: 9649 description: readOnly Defaults to false (read/write). 9650 ReadOnly here will force the ReadOnly setting 9651 in VolumeMounts. 9652 type: boolean 9653 secretRef: 9654 description: secretRef references to the secret 9655 for ScaleIO user and other sensitive information. 9656 If this is not provided, Login operation 9657 will fail. 9658 properties: 9659 name: 9660 description: 'Name of the referent. More 9661 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9662 TODO: Add other useful fields. apiVersion, 9663 kind, uid?' 9664 type: string 9665 type: object 9666 sslEnabled: 9667 description: sslEnabled Flag enable/disable 9668 SSL communication with Gateway, default 9669 false 9670 type: boolean 9671 storageMode: 9672 description: storageMode indicates whether 9673 the storage for a volume should be ThickProvisioned 9674 or ThinProvisioned. Default is ThinProvisioned. 9675 type: string 9676 storagePool: 9677 description: storagePool is the ScaleIO Storage 9678 Pool associated with the protection domain. 9679 type: string 9680 system: 9681 description: system is the name of the storage 9682 system as configured in ScaleIO. 9683 type: string 9684 volumeName: 9685 description: volumeName is the name of a volume 9686 already created in the ScaleIO system that 9687 is associated with this volume source. 9688 type: string 9689 required: 9690 - gateway 9691 - secretRef 9692 - system 9693 type: object 9694 secret: 9695 description: 'secret represents a secret that 9696 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 9697 properties: 9698 defaultMode: 9699 description: 'defaultMode is Optional: mode 9700 bits used to set permissions on created 9701 files by default. Must be an octal value 9702 between 0000 and 0777 or a decimal value 9703 between 0 and 511. YAML accepts both octal 9704 and decimal values, JSON requires decimal 9705 values for mode bits. Defaults to 0644. 9706 Directories within the path are not affected 9707 by this setting. This might be in conflict 9708 with other options that affect the file 9709 mode, like fsGroup, and the result can be 9710 other mode bits set.' 9711 format: int32 9712 type: integer 9713 items: 9714 description: items If unspecified, each key-value 9715 pair in the Data field of the referenced 9716 Secret will be projected into the volume 9717 as a file whose name is the key and content 9718 is the value. If specified, the listed keys 9719 will be projected into the specified paths, 9720 and unlisted keys will not be present. If 9721 a key is specified which is not present 9722 in the Secret, the volume setup will error 9723 unless it is marked optional. Paths must 9724 be relative and may not contain the '..' 9725 path or start with '..'. 9726 items: 9727 description: Maps a string key to a path 9728 within a volume. 9729 properties: 9730 key: 9731 description: key is the key to project. 9732 type: string 9733 mode: 9734 description: 'mode is Optional: mode 9735 bits used to set permissions on this 9736 file. Must be an octal value between 9737 0000 and 0777 or a decimal value between 9738 0 and 511. YAML accepts both octal 9739 and decimal values, JSON requires 9740 decimal values for mode bits. If not 9741 specified, the volume defaultMode 9742 will be used. This might be in conflict 9743 with other options that affect the 9744 file mode, like fsGroup, and the result 9745 can be other mode bits set.' 9746 format: int32 9747 type: integer 9748 path: 9749 description: path is the relative path 9750 of the file to map the key to. May 9751 not be an absolute path. May not contain 9752 the path element '..'. May not start 9753 with the string '..'. 9754 type: string 9755 required: 9756 - key 9757 - path 9758 type: object 9759 type: array 9760 optional: 9761 description: optional field specify whether 9762 the Secret or its keys must be defined 9763 type: boolean 9764 secretName: 9765 description: 'secretName is the name of the 9766 secret in the pod''s namespace to use. More 9767 info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 9768 type: string 9769 type: object 9770 storageos: 9771 description: storageOS represents a StorageOS 9772 volume attached and mounted on Kubernetes nodes. 9773 properties: 9774 fsType: 9775 description: fsType is the filesystem type 9776 to mount. Must be a filesystem type supported 9777 by the host operating system. Ex. "ext4", 9778 "xfs", "ntfs". Implicitly inferred to be 9779 "ext4" if unspecified. 9780 type: string 9781 readOnly: 9782 description: readOnly defaults to false (read/write). 9783 ReadOnly here will force the ReadOnly setting 9784 in VolumeMounts. 9785 type: boolean 9786 secretRef: 9787 description: secretRef specifies the secret 9788 to use for obtaining the StorageOS API credentials. If 9789 not specified, default values will be attempted. 9790 properties: 9791 name: 9792 description: 'Name of the referent. More 9793 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9794 TODO: Add other useful fields. apiVersion, 9795 kind, uid?' 9796 type: string 9797 type: object 9798 volumeName: 9799 description: volumeName is the human-readable 9800 name of the StorageOS volume. Volume names 9801 are only unique within a namespace. 9802 type: string 9803 volumeNamespace: 9804 description: volumeNamespace specifies the 9805 scope of the volume within StorageOS. If 9806 no namespace is specified then the Pod's 9807 namespace will be used. This allows the 9808 Kubernetes name scoping to be mirrored within 9809 StorageOS for tighter integration. Set VolumeName 9810 to any name to override the default behaviour. 9811 Set to "default" if you are not using namespaces 9812 within StorageOS. Namespaces that do not 9813 pre-exist within StorageOS will be created. 9814 type: string 9815 type: object 9816 vsphereVolume: 9817 description: vsphereVolume represents a vSphere 9818 volume attached and mounted on kubelets host 9819 machine 9820 properties: 9821 fsType: 9822 description: fsType is filesystem type to 9823 mount. Must be a filesystem type supported 9824 by the host operating system. Ex. "ext4", 9825 "xfs", "ntfs". Implicitly inferred to be 9826 "ext4" if unspecified. 9827 type: string 9828 storagePolicyID: 9829 description: storagePolicyID is the storage 9830 Policy Based Management (SPBM) profile ID 9831 associated with the StoragePolicyName. 9832 type: string 9833 storagePolicyName: 9834 description: storagePolicyName is the storage 9835 Policy Based Management (SPBM) profile name. 9836 type: string 9837 volumePath: 9838 description: volumePath is the path that identifies 9839 vSphere volume vmdk 9840 type: string 9841 required: 9842 - volumePath 9843 type: object 9844 required: 9845 - name 9846 type: object 9847 type: array 9848 required: 9849 - containers 9850 type: object 9851 timeout: 9852 type: string 9853 required: 9854 - namespace 9855 type: object 9856 secret: 9857 properties: 9858 collectorName: 9859 type: string 9860 exclude: 9861 type: BoolString 9862 includeValue: 9863 type: boolean 9864 key: 9865 type: string 9866 name: 9867 type: string 9868 namespace: 9869 type: string 9870 selector: 9871 items: 9872 type: string 9873 type: array 9874 type: object 9875 sysctl: 9876 properties: 9877 collectorName: 9878 type: string 9879 exclude: 9880 type: BoolString 9881 image: 9882 type: string 9883 imagePullPolicy: 9884 type: string 9885 imagePullSecret: 9886 properties: 9887 data: 9888 additionalProperties: 9889 type: string 9890 type: object 9891 name: 9892 type: string 9893 type: 9894 type: string 9895 type: object 9896 name: 9897 type: string 9898 namespace: 9899 type: string 9900 timeout: 9901 type: string 9902 required: 9903 - image 9904 - namespace 9905 type: object 9906 type: object 9907 type: array 9908 extendAnalyzers: 9909 description: extendAnalyzers extends user defined analyzers by ApeCloud. 9910 items: 9911 properties: 9912 clusterAccess: 9913 description: clusterAccess is to determine the accessibility 9914 of target K8S cluster. 9915 properties: 9916 annotations: 9917 additionalProperties: 9918 type: string 9919 type: object 9920 checkName: 9921 type: string 9922 exclude: 9923 type: BoolString 9924 outcomes: 9925 description: outcomes are expected user defined results. 9926 items: 9927 properties: 9928 fail: 9929 properties: 9930 message: 9931 type: string 9932 uri: 9933 type: string 9934 when: 9935 type: string 9936 type: object 9937 pass: 9938 properties: 9939 message: 9940 type: string 9941 uri: 9942 type: string 9943 when: 9944 type: string 9945 type: object 9946 warn: 9947 properties: 9948 message: 9949 type: string 9950 uri: 9951 type: string 9952 when: 9953 type: string 9954 type: object 9955 type: object 9956 type: array 9957 strict: 9958 type: BoolString 9959 required: 9960 - outcomes 9961 type: object 9962 type: object 9963 type: array 9964 extendCollectors: 9965 description: extendCollectors extends user defined collectors by ApeCloud. 9966 items: 9967 type: object 9968 type: array 9969 remoteCollectors: 9970 items: 9971 properties: 9972 blockDevices: 9973 properties: 9974 collectorName: 9975 type: string 9976 exclude: 9977 type: BoolString 9978 type: object 9979 certificate: 9980 properties: 9981 certificatePath: 9982 type: string 9983 collectorName: 9984 type: string 9985 exclude: 9986 type: BoolString 9987 keyPath: 9988 type: string 9989 required: 9990 - certificatePath 9991 - keyPath 9992 type: object 9993 cpu: 9994 properties: 9995 collectorName: 9996 type: string 9997 exclude: 9998 type: BoolString 9999 type: object 10000 diskUsage: 10001 properties: 10002 collectorName: 10003 type: string 10004 exclude: 10005 type: BoolString 10006 path: 10007 type: string 10008 required: 10009 - path 10010 type: object 10011 filesystemPerformance: 10012 description: RemoteFilesystemPerformance benchmarks sequential 10013 write latency on a single file. The optional background IOPS 10014 feature attempts to mimic real-world conditions by running 10015 read and write workloads prior to and during benchmark execution. 10016 properties: 10017 backgroundIOPSWarmupSeconds: 10018 description: How long to run the background IOPS read and 10019 write workloads prior to starting the benchmarks. 10020 type: integer 10021 backgroundReadIOPS: 10022 description: The target read IOPS to run while benchmarking. 10023 This is a limit and there is no guarantee it will be reached. 10024 This is the total IOPS for all background read jobs. 10025 type: integer 10026 backgroundReadIOPSJobs: 10027 description: Number of threads to use for background read 10028 IOPS. This should be set high enough to reach the target 10029 specified in BackgrounReadIOPS. 10030 type: integer 10031 backgroundWriteIOPS: 10032 description: The target write IOPS to run while benchmarking. 10033 This is a limit and there is no guarantee it will be reached. 10034 This is the total IOPS for all background write jobs. 10035 type: integer 10036 backgroundWriteIOPSJobs: 10037 description: 'Number of threads to use for background write 10038 IOPS. This should be set high enough to reach the target 10039 specified in BackgroundWriteIOPS. Example: If BackgroundWriteIOPS 10040 is 100 and write latency is 10ms then a single job would 10041 barely be able to reach 100 IOPS so this should be at 10042 least 2.' 10043 type: integer 10044 collectorName: 10045 type: string 10046 datasync: 10047 description: Whether to call datasync on the file after 10048 each write. Skipped if Sync is also true. Does not apply 10049 to background IOPS task. 10050 type: boolean 10051 directory: 10052 description: The directory where the benchmark will create 10053 files. 10054 type: string 10055 enableBackgroundIOPS: 10056 description: Enable the background IOPS feature. 10057 type: boolean 10058 exclude: 10059 type: BoolString 10060 fileSize: 10061 description: The size of the file used in the benchmark. 10062 The number of IO operations for the benchmark will be 10063 FileSize / OperationSizeBytes. Accepts valid Kubernetes 10064 resource units such as Mi. 10065 type: string 10066 operationSize: 10067 description: The size of each write operation performed 10068 while benchmarking. This does not apply to the background 10069 IOPS feature if enabled, since those must be fixed at 10070 4096. 10071 format: int64 10072 type: integer 10073 sync: 10074 description: Whether to call sync on the file after each 10075 write. Does not apply to background IOPS task. 10076 type: boolean 10077 timeout: 10078 description: Total timeout, including background IOPS setup 10079 and warmup if enabled. 10080 type: string 10081 required: 10082 - backgroundIOPSWarmupSeconds 10083 - backgroundReadIOPS 10084 - backgroundReadIOPSJobs 10085 - backgroundWriteIOPS 10086 - backgroundWriteIOPSJobs 10087 - enableBackgroundIOPS 10088 type: object 10089 hostServices: 10090 properties: 10091 collectorName: 10092 type: string 10093 exclude: 10094 type: BoolString 10095 type: object 10096 http: 10097 properties: 10098 collectorName: 10099 type: string 10100 exclude: 10101 type: BoolString 10102 get: 10103 properties: 10104 headers: 10105 additionalProperties: 10106 type: string 10107 type: object 10108 insecureSkipVerify: 10109 type: boolean 10110 url: 10111 type: string 10112 required: 10113 - url 10114 type: object 10115 post: 10116 properties: 10117 body: 10118 type: string 10119 headers: 10120 additionalProperties: 10121 type: string 10122 type: object 10123 insecureSkipVerify: 10124 type: boolean 10125 url: 10126 type: string 10127 required: 10128 - url 10129 type: object 10130 put: 10131 properties: 10132 body: 10133 type: string 10134 headers: 10135 additionalProperties: 10136 type: string 10137 type: object 10138 insecureSkipVerify: 10139 type: boolean 10140 url: 10141 type: string 10142 required: 10143 - url 10144 type: object 10145 type: object 10146 httpLoadBalancer: 10147 properties: 10148 address: 10149 type: string 10150 collectorName: 10151 type: string 10152 exclude: 10153 type: BoolString 10154 path: 10155 type: string 10156 port: 10157 type: integer 10158 timeout: 10159 type: string 10160 required: 10161 - address 10162 - path 10163 - port 10164 type: object 10165 ipv4Interfaces: 10166 properties: 10167 collectorName: 10168 type: string 10169 exclude: 10170 type: BoolString 10171 type: object 10172 kernelModules: 10173 properties: 10174 collectorName: 10175 type: string 10176 exclude: 10177 type: BoolString 10178 type: object 10179 memory: 10180 properties: 10181 collectorName: 10182 type: string 10183 exclude: 10184 type: BoolString 10185 type: object 10186 systemPackages: 10187 properties: 10188 collectorName: 10189 type: string 10190 exclude: 10191 type: BoolString 10192 type: object 10193 tcpConnect: 10194 properties: 10195 address: 10196 type: string 10197 collectorName: 10198 type: string 10199 exclude: 10200 type: BoolString 10201 timeout: 10202 type: string 10203 required: 10204 - address 10205 type: object 10206 tcpLoadBalancer: 10207 properties: 10208 address: 10209 type: string 10210 collectorName: 10211 type: string 10212 exclude: 10213 type: BoolString 10214 port: 10215 type: integer 10216 timeout: 10217 type: string 10218 required: 10219 - address 10220 - port 10221 type: object 10222 tcpPortStatus: 10223 properties: 10224 collectorName: 10225 type: string 10226 exclude: 10227 type: BoolString 10228 interface: 10229 type: string 10230 port: 10231 type: integer 10232 required: 10233 - port 10234 type: object 10235 time: 10236 properties: 10237 collectorName: 10238 type: string 10239 exclude: 10240 type: BoolString 10241 type: object 10242 udpPortStatus: 10243 properties: 10244 collectorName: 10245 type: string 10246 exclude: 10247 type: BoolString 10248 interface: 10249 type: string 10250 port: 10251 type: integer 10252 required: 10253 - port 10254 type: object 10255 type: object 10256 type: array 10257 uploadResultsTo: 10258 type: string 10259 type: object 10260 status: 10261 description: PreflightStatus defines the observed state of Preflight 10262 type: object 10263 type: object 10264 served: true 10265 storage: true 10266 subresources: 10267 status: {}