github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/applications/kube-prometheus-stack/crds.yaml (about) 1 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml 2 3 --- 4 apiVersion: apiextensions.k8s.io/v1 5 kind: CustomResourceDefinition 6 metadata: 7 annotations: 8 controller-gen.kubebuilder.io/version: v0.6.2 9 creationTimestamp: null 10 name: alertmanagerconfigs.monitoring.coreos.com 11 spec: 12 group: monitoring.coreos.com 13 names: 14 categories: 15 - prometheus-operator 16 kind: AlertmanagerConfig 17 listKind: AlertmanagerConfigList 18 plural: alertmanagerconfigs 19 singular: alertmanagerconfig 20 scope: Namespaced 21 versions: 22 - name: v1alpha1 23 schema: 24 openAPIV3Schema: 25 description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to 26 be aggregated across multiple namespaces configuring one Alertmanager cluster. 27 properties: 28 apiVersion: 29 description: 'APIVersion defines the versioned schema of this representation 30 of an object. Servers should convert recognized schemas to the latest 31 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 32 type: string 33 kind: 34 description: 'Kind is a string value representing the REST resource this 35 object represents. Servers may infer this from the endpoint the client 36 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 37 type: string 38 metadata: 39 type: object 40 spec: 41 description: AlertmanagerConfigSpec is a specification of the desired 42 behavior of the Alertmanager configuration. By definition, the Alertmanager 43 configuration only applies to alerts for which the `namespace` label 44 is equal to the namespace of the AlertmanagerConfig resource. 45 properties: 46 inhibitRules: 47 description: List of inhibition rules. The rules will only apply to 48 alerts matching the resource’s namespace. 49 items: 50 description: InhibitRule defines an inhibition rule that allows 51 to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule 52 properties: 53 equal: 54 description: Labels that must have an equal value in the source 55 and target alert for the inhibition to take effect. 56 items: 57 type: string 58 type: array 59 sourceMatch: 60 description: Matchers for which one or more alerts have to exist 61 for the inhibition to take effect. The operator enforces that 62 the alert matches the resource’s namespace. 63 items: 64 description: Matcher defines how to match on alert's labels. 65 properties: 66 matchType: 67 description: Match operation available with AlertManager 68 >= v0.22.0 and takes precedence over Regex (deprecated) 69 if non-empty. 70 enum: 71 - '!=' 72 - = 73 - =~ 74 - '!~' 75 type: string 76 name: 77 description: Label to match. 78 minLength: 1 79 type: string 80 regex: 81 description: Whether to match on equality (false) or regular-expression 82 (true). Deprecated as of AlertManager >= v0.22.0 where 83 a user should use MatchType instead. 84 type: boolean 85 value: 86 description: Label value to match. 87 type: string 88 required: 89 - name 90 type: object 91 type: array 92 targetMatch: 93 description: Matchers that have to be fulfilled in the alerts 94 to be muted. The operator enforces that the alert matches 95 the resource’s namespace. 96 items: 97 description: Matcher defines how to match on alert's labels. 98 properties: 99 matchType: 100 description: Match operation available with AlertManager 101 >= v0.22.0 and takes precedence over Regex (deprecated) 102 if non-empty. 103 enum: 104 - '!=' 105 - = 106 - =~ 107 - '!~' 108 type: string 109 name: 110 description: Label to match. 111 minLength: 1 112 type: string 113 regex: 114 description: Whether to match on equality (false) or regular-expression 115 (true). Deprecated as of AlertManager >= v0.22.0 where 116 a user should use MatchType instead. 117 type: boolean 118 value: 119 description: Label value to match. 120 type: string 121 required: 122 - name 123 type: object 124 type: array 125 type: object 126 type: array 127 muteTimeIntervals: 128 description: List of MuteTimeInterval specifying when the routes should 129 be muted. 130 items: 131 description: MuteTimeInterval specifies the periods in time when 132 notifications will be muted 133 properties: 134 name: 135 description: Name of the time interval 136 type: string 137 timeIntervals: 138 description: TimeIntervals is a list of TimeInterval 139 items: 140 description: TimeInterval describes intervals of time 141 properties: 142 daysOfMonth: 143 description: DaysOfMonth is a list of DayOfMonthRange 144 items: 145 description: DayOfMonthRange is an inclusive range of 146 days of the month beginning at 1 147 properties: 148 end: 149 description: End of the inclusive range 150 maximum: 31 151 minimum: -31 152 type: integer 153 start: 154 description: Start of the inclusive range 155 maximum: 31 156 minimum: -31 157 type: integer 158 type: object 159 type: array 160 months: 161 description: Months is a list of MonthRange 162 items: 163 description: MonthRange is an inclusive range of months 164 of the year beginning in January Months can be specified 165 by name (e.g 'January') by numerical month (e.g '1') 166 or as an inclusive range (e.g 'January:March', '1:3', 167 '1:March') 168 pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$) 169 type: string 170 type: array 171 times: 172 description: Times is a list of TimeRange 173 items: 174 description: TimeRange defines a start and end time 175 in 24hr format 176 properties: 177 endTime: 178 description: EndTime is the end time in 24hr format. 179 pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) 180 type: string 181 startTime: 182 description: StartTime is the start time in 24hr 183 format. 184 pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) 185 type: string 186 type: object 187 type: array 188 weekdays: 189 description: Weekdays is a list of WeekdayRange 190 items: 191 description: WeekdayRange is an inclusive range of days 192 of the week beginning on Sunday Days can be specified 193 by name (e.g 'Sunday') or as an inclusive range (e.g 194 'Monday:Friday') 195 pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$) 196 type: string 197 type: array 198 years: 199 description: Years is a list of YearRange 200 items: 201 description: YearRange is an inclusive range of years 202 pattern: ^2\d{3}(?::2\d{3}|$) 203 type: string 204 type: array 205 type: object 206 type: array 207 type: object 208 type: array 209 receivers: 210 description: List of receivers. 211 items: 212 description: Receiver defines one or more notification integrations. 213 properties: 214 emailConfigs: 215 description: List of Email configurations. 216 items: 217 description: EmailConfig configures notifications via Email. 218 properties: 219 authIdentity: 220 description: The identity to use for authentication. 221 type: string 222 authPassword: 223 description: The secret's key that contains the password 224 to use for authentication. The secret needs to be in 225 the same namespace as the AlertmanagerConfig object 226 and accessible by the Prometheus Operator. 227 properties: 228 key: 229 description: The key of the secret to select from. Must 230 be a valid secret key. 231 type: string 232 name: 233 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 234 TODO: Add other useful fields. apiVersion, kind, 235 uid?' 236 type: string 237 optional: 238 description: Specify whether the Secret or its key 239 must be defined 240 type: boolean 241 required: 242 - key 243 type: object 244 authSecret: 245 description: The secret's key that contains the CRAM-MD5 246 secret. The secret needs to be in the same namespace 247 as the AlertmanagerConfig object and accessible by the 248 Prometheus Operator. 249 properties: 250 key: 251 description: The key of the secret to select from. Must 252 be a valid secret key. 253 type: string 254 name: 255 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 256 TODO: Add other useful fields. apiVersion, kind, 257 uid?' 258 type: string 259 optional: 260 description: Specify whether the Secret or its key 261 must be defined 262 type: boolean 263 required: 264 - key 265 type: object 266 authUsername: 267 description: The username to use for authentication. 268 type: string 269 from: 270 description: The sender address. 271 type: string 272 headers: 273 description: Further headers email header key/value pairs. 274 Overrides any headers previously set by the notification 275 implementation. 276 items: 277 description: KeyValue defines a (key, value) tuple. 278 properties: 279 key: 280 description: Key of the tuple. 281 minLength: 1 282 type: string 283 value: 284 description: Value of the tuple. 285 type: string 286 required: 287 - key 288 - value 289 type: object 290 type: array 291 hello: 292 description: The hostname to identify to the SMTP server. 293 type: string 294 html: 295 description: The HTML body of the email notification. 296 type: string 297 requireTLS: 298 description: The SMTP TLS requirement. Note that Go does 299 not support unencrypted connections to remote SMTP endpoints. 300 type: boolean 301 sendResolved: 302 description: Whether or not to notify about resolved alerts. 303 type: boolean 304 smarthost: 305 description: The SMTP host and port through which emails 306 are sent. E.g. example.com:25 307 type: string 308 text: 309 description: The text body of the email notification. 310 type: string 311 tlsConfig: 312 description: TLS configuration 313 properties: 314 ca: 315 description: Struct containing the CA cert to use 316 for the targets. 317 properties: 318 configMap: 319 description: ConfigMap containing data to use 320 for the targets. 321 properties: 322 key: 323 description: The key to select. 324 type: string 325 name: 326 description: 'Name of the referent. More info: 327 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 328 TODO: Add other useful fields. apiVersion, 329 kind, uid?' 330 type: string 331 optional: 332 description: Specify whether the ConfigMap 333 or its key must be defined 334 type: boolean 335 required: 336 - key 337 type: object 338 secret: 339 description: Secret containing data to use for 340 the targets. 341 properties: 342 key: 343 description: The key of the secret to select 344 from. Must be a valid secret key. 345 type: string 346 name: 347 description: 'Name of the referent. More info: 348 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 349 TODO: Add other useful fields. apiVersion, 350 kind, uid?' 351 type: string 352 optional: 353 description: Specify whether the Secret or 354 its key must be defined 355 type: boolean 356 required: 357 - key 358 type: object 359 type: object 360 cert: 361 description: Struct containing the client cert file 362 for the targets. 363 properties: 364 configMap: 365 description: ConfigMap containing data to use 366 for the targets. 367 properties: 368 key: 369 description: The key to select. 370 type: string 371 name: 372 description: 'Name of the referent. More info: 373 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 374 TODO: Add other useful fields. apiVersion, 375 kind, uid?' 376 type: string 377 optional: 378 description: Specify whether the ConfigMap 379 or its key must be defined 380 type: boolean 381 required: 382 - key 383 type: object 384 secret: 385 description: Secret containing data to use for 386 the targets. 387 properties: 388 key: 389 description: The key of the secret to select 390 from. Must be a valid secret key. 391 type: string 392 name: 393 description: 'Name of the referent. More info: 394 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 395 TODO: Add other useful fields. apiVersion, 396 kind, uid?' 397 type: string 398 optional: 399 description: Specify whether the Secret or 400 its key must be defined 401 type: boolean 402 required: 403 - key 404 type: object 405 type: object 406 insecureSkipVerify: 407 description: Disable target certificate validation. 408 type: boolean 409 keySecret: 410 description: Secret containing the client key file 411 for the targets. 412 properties: 413 key: 414 description: The key of the secret to select from. Must 415 be a valid secret key. 416 type: string 417 name: 418 description: 'Name of the referent. More info: 419 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 420 TODO: Add other useful fields. apiVersion, kind, 421 uid?' 422 type: string 423 optional: 424 description: Specify whether the Secret or its 425 key must be defined 426 type: boolean 427 required: 428 - key 429 type: object 430 serverName: 431 description: Used to verify the hostname for the targets. 432 type: string 433 type: object 434 to: 435 description: The email address to send notifications to. 436 type: string 437 type: object 438 type: array 439 name: 440 description: Name of the receiver. Must be unique across all 441 items from the list. 442 minLength: 1 443 type: string 444 opsgenieConfigs: 445 description: List of OpsGenie configurations. 446 items: 447 description: OpsGenieConfig configures notifications via OpsGenie. 448 See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config 449 properties: 450 apiKey: 451 description: The secret's key that contains the OpsGenie 452 API key. The secret needs to be in the same namespace 453 as the AlertmanagerConfig object and accessible by the 454 Prometheus Operator. 455 properties: 456 key: 457 description: The key of the secret to select from. Must 458 be a valid secret key. 459 type: string 460 name: 461 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 462 TODO: Add other useful fields. apiVersion, kind, 463 uid?' 464 type: string 465 optional: 466 description: Specify whether the Secret or its key 467 must be defined 468 type: boolean 469 required: 470 - key 471 type: object 472 apiURL: 473 description: The URL to send OpsGenie API requests to. 474 type: string 475 description: 476 description: Description of the incident. 477 type: string 478 details: 479 description: A set of arbitrary key/value pairs that provide 480 further detail about the incident. 481 items: 482 description: KeyValue defines a (key, value) tuple. 483 properties: 484 key: 485 description: Key of the tuple. 486 minLength: 1 487 type: string 488 value: 489 description: Value of the tuple. 490 type: string 491 required: 492 - key 493 - value 494 type: object 495 type: array 496 httpConfig: 497 description: HTTP client configuration. 498 properties: 499 authorization: 500 description: Authorization header configuration for 501 the client. This is mutually exclusive with BasicAuth 502 and is only available starting from Alertmanager 503 v0.22+. 504 properties: 505 credentials: 506 description: The secret's key that contains the 507 credentials of the request 508 properties: 509 key: 510 description: The key of the secret to select 511 from. Must be a valid secret key. 512 type: string 513 name: 514 description: 'Name of the referent. More info: 515 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 516 TODO: Add other useful fields. apiVersion, 517 kind, uid?' 518 type: string 519 optional: 520 description: Specify whether the Secret or 521 its key must be defined 522 type: boolean 523 required: 524 - key 525 type: object 526 type: 527 description: Set the authentication type. Defaults 528 to Bearer, Basic will cause an error 529 type: string 530 type: object 531 basicAuth: 532 description: BasicAuth for the client. This is mutually 533 exclusive with Authorization. If both are defined, 534 BasicAuth takes precedence. 535 properties: 536 password: 537 description: The secret in the service monitor 538 namespace that contains the password for authentication. 539 properties: 540 key: 541 description: The key of the secret to select 542 from. Must be a valid secret key. 543 type: string 544 name: 545 description: 'Name of the referent. More info: 546 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 547 TODO: Add other useful fields. apiVersion, 548 kind, uid?' 549 type: string 550 optional: 551 description: Specify whether the Secret or 552 its key must be defined 553 type: boolean 554 required: 555 - key 556 type: object 557 username: 558 description: The secret in the service monitor 559 namespace that contains the username for authentication. 560 properties: 561 key: 562 description: The key of the secret to select 563 from. Must be a valid secret key. 564 type: string 565 name: 566 description: 'Name of the referent. More info: 567 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 568 TODO: Add other useful fields. apiVersion, 569 kind, uid?' 570 type: string 571 optional: 572 description: Specify whether the Secret or 573 its key must be defined 574 type: boolean 575 required: 576 - key 577 type: object 578 type: object 579 bearerTokenSecret: 580 description: The secret's key that contains the bearer 581 token to be used by the client for authentication. 582 The secret needs to be in the same namespace as 583 the AlertmanagerConfig object and accessible by 584 the Prometheus Operator. 585 properties: 586 key: 587 description: The key of the secret to select from. Must 588 be a valid secret key. 589 type: string 590 name: 591 description: 'Name of the referent. More info: 592 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 593 TODO: Add other useful fields. apiVersion, kind, 594 uid?' 595 type: string 596 optional: 597 description: Specify whether the Secret or its 598 key must be defined 599 type: boolean 600 required: 601 - key 602 type: object 603 proxyURL: 604 description: Optional proxy URL. 605 type: string 606 tlsConfig: 607 description: TLS configuration for the client. 608 properties: 609 ca: 610 description: Struct containing the CA cert to 611 use for the targets. 612 properties: 613 configMap: 614 description: ConfigMap containing data to 615 use for the targets. 616 properties: 617 key: 618 description: The key to select. 619 type: string 620 name: 621 description: 'Name of the referent. More 622 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 623 TODO: Add other useful fields. apiVersion, 624 kind, uid?' 625 type: string 626 optional: 627 description: Specify whether the ConfigMap 628 or its key must be defined 629 type: boolean 630 required: 631 - key 632 type: object 633 secret: 634 description: Secret containing data to use 635 for the targets. 636 properties: 637 key: 638 description: The key of the secret to 639 select from. Must be a valid secret 640 key. 641 type: string 642 name: 643 description: 'Name of the referent. More 644 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 645 TODO: Add other useful fields. apiVersion, 646 kind, uid?' 647 type: string 648 optional: 649 description: Specify whether the Secret 650 or its key must be defined 651 type: boolean 652 required: 653 - key 654 type: object 655 type: object 656 cert: 657 description: Struct containing the client cert 658 file for the targets. 659 properties: 660 configMap: 661 description: ConfigMap containing data to 662 use for the targets. 663 properties: 664 key: 665 description: The key to select. 666 type: string 667 name: 668 description: 'Name of the referent. More 669 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 670 TODO: Add other useful fields. apiVersion, 671 kind, uid?' 672 type: string 673 optional: 674 description: Specify whether the ConfigMap 675 or its key must be defined 676 type: boolean 677 required: 678 - key 679 type: object 680 secret: 681 description: Secret containing data to use 682 for the targets. 683 properties: 684 key: 685 description: The key of the secret to 686 select from. Must be a valid secret 687 key. 688 type: string 689 name: 690 description: 'Name of the referent. More 691 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 692 TODO: Add other useful fields. apiVersion, 693 kind, uid?' 694 type: string 695 optional: 696 description: Specify whether the Secret 697 or its key must be defined 698 type: boolean 699 required: 700 - key 701 type: object 702 type: object 703 insecureSkipVerify: 704 description: Disable target certificate validation. 705 type: boolean 706 keySecret: 707 description: Secret containing the client key 708 file for the targets. 709 properties: 710 key: 711 description: The key of the secret to select 712 from. Must be a valid secret key. 713 type: string 714 name: 715 description: 'Name of the referent. More info: 716 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 717 TODO: Add other useful fields. apiVersion, 718 kind, uid?' 719 type: string 720 optional: 721 description: Specify whether the Secret or 722 its key must be defined 723 type: boolean 724 required: 725 - key 726 type: object 727 serverName: 728 description: Used to verify the hostname for the 729 targets. 730 type: string 731 type: object 732 type: object 733 message: 734 description: Alert text limited to 130 characters. 735 type: string 736 note: 737 description: Additional alert note. 738 type: string 739 priority: 740 description: Priority level of alert. Possible values 741 are P1, P2, P3, P4, and P5. 742 type: string 743 responders: 744 description: List of responders responsible for notifications. 745 items: 746 description: OpsGenieConfigResponder defines a responder 747 to an incident. One of `id`, `name` or `username` 748 has to be defined. 749 properties: 750 id: 751 description: ID of the responder. 752 type: string 753 name: 754 description: Name of the responder. 755 type: string 756 type: 757 description: Type of responder. 758 minLength: 1 759 type: string 760 username: 761 description: Username of the responder. 762 type: string 763 required: 764 - type 765 type: object 766 type: array 767 sendResolved: 768 description: Whether or not to notify about resolved alerts. 769 type: boolean 770 source: 771 description: Backlink to the sender of the notification. 772 type: string 773 tags: 774 description: Comma separated list of tags attached to 775 the notifications. 776 type: string 777 type: object 778 type: array 779 pagerdutyConfigs: 780 description: List of PagerDuty configurations. 781 items: 782 description: PagerDutyConfig configures notifications via 783 PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config 784 properties: 785 class: 786 description: The class/type of the event. 787 type: string 788 client: 789 description: Client identification. 790 type: string 791 clientURL: 792 description: Backlink to the sender of notification. 793 type: string 794 component: 795 description: The part or component of the affected system 796 that is broken. 797 type: string 798 description: 799 description: Description of the incident. 800 type: string 801 details: 802 description: Arbitrary key/value pairs that provide further 803 detail about the incident. 804 items: 805 description: KeyValue defines a (key, value) tuple. 806 properties: 807 key: 808 description: Key of the tuple. 809 minLength: 1 810 type: string 811 value: 812 description: Value of the tuple. 813 type: string 814 required: 815 - key 816 - value 817 type: object 818 type: array 819 group: 820 description: A cluster or grouping of sources. 821 type: string 822 httpConfig: 823 description: HTTP client configuration. 824 properties: 825 authorization: 826 description: Authorization header configuration for 827 the client. This is mutually exclusive with BasicAuth 828 and is only available starting from Alertmanager 829 v0.22+. 830 properties: 831 credentials: 832 description: The secret's key that contains the 833 credentials of the request 834 properties: 835 key: 836 description: The key of the secret to select 837 from. Must be a valid secret key. 838 type: string 839 name: 840 description: 'Name of the referent. More info: 841 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 842 TODO: Add other useful fields. apiVersion, 843 kind, uid?' 844 type: string 845 optional: 846 description: Specify whether the Secret or 847 its key must be defined 848 type: boolean 849 required: 850 - key 851 type: object 852 type: 853 description: Set the authentication type. Defaults 854 to Bearer, Basic will cause an error 855 type: string 856 type: object 857 basicAuth: 858 description: BasicAuth for the client. This is mutually 859 exclusive with Authorization. If both are defined, 860 BasicAuth takes precedence. 861 properties: 862 password: 863 description: The secret in the service monitor 864 namespace that contains the password for authentication. 865 properties: 866 key: 867 description: The key of the secret to select 868 from. Must be a valid secret key. 869 type: string 870 name: 871 description: 'Name of the referent. More info: 872 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 873 TODO: Add other useful fields. apiVersion, 874 kind, uid?' 875 type: string 876 optional: 877 description: Specify whether the Secret or 878 its key must be defined 879 type: boolean 880 required: 881 - key 882 type: object 883 username: 884 description: The secret in the service monitor 885 namespace that contains the username for authentication. 886 properties: 887 key: 888 description: The key of the secret to select 889 from. Must be a valid secret key. 890 type: string 891 name: 892 description: 'Name of the referent. More info: 893 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 894 TODO: Add other useful fields. apiVersion, 895 kind, uid?' 896 type: string 897 optional: 898 description: Specify whether the Secret or 899 its key must be defined 900 type: boolean 901 required: 902 - key 903 type: object 904 type: object 905 bearerTokenSecret: 906 description: The secret's key that contains the bearer 907 token to be used by the client for authentication. 908 The secret needs to be in the same namespace as 909 the AlertmanagerConfig object and accessible by 910 the Prometheus Operator. 911 properties: 912 key: 913 description: The key of the secret to select from. Must 914 be a valid secret key. 915 type: string 916 name: 917 description: 'Name of the referent. More info: 918 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 919 TODO: Add other useful fields. apiVersion, kind, 920 uid?' 921 type: string 922 optional: 923 description: Specify whether the Secret or its 924 key must be defined 925 type: boolean 926 required: 927 - key 928 type: object 929 proxyURL: 930 description: Optional proxy URL. 931 type: string 932 tlsConfig: 933 description: TLS configuration for the client. 934 properties: 935 ca: 936 description: Struct containing the CA cert to 937 use for the targets. 938 properties: 939 configMap: 940 description: ConfigMap containing data to 941 use for the targets. 942 properties: 943 key: 944 description: The key to select. 945 type: string 946 name: 947 description: 'Name of the referent. More 948 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 949 TODO: Add other useful fields. apiVersion, 950 kind, uid?' 951 type: string 952 optional: 953 description: Specify whether the ConfigMap 954 or its key must be defined 955 type: boolean 956 required: 957 - key 958 type: object 959 secret: 960 description: Secret containing data to use 961 for the targets. 962 properties: 963 key: 964 description: The key of the secret to 965 select from. Must be a valid secret 966 key. 967 type: string 968 name: 969 description: 'Name of the referent. More 970 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 971 TODO: Add other useful fields. apiVersion, 972 kind, uid?' 973 type: string 974 optional: 975 description: Specify whether the Secret 976 or its key must be defined 977 type: boolean 978 required: 979 - key 980 type: object 981 type: object 982 cert: 983 description: Struct containing the client cert 984 file for the targets. 985 properties: 986 configMap: 987 description: ConfigMap containing data to 988 use for the targets. 989 properties: 990 key: 991 description: The key to select. 992 type: string 993 name: 994 description: 'Name of the referent. More 995 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 996 TODO: Add other useful fields. apiVersion, 997 kind, uid?' 998 type: string 999 optional: 1000 description: Specify whether the ConfigMap 1001 or its key must be defined 1002 type: boolean 1003 required: 1004 - key 1005 type: object 1006 secret: 1007 description: Secret containing data to use 1008 for the targets. 1009 properties: 1010 key: 1011 description: The key of the secret to 1012 select from. Must be a valid secret 1013 key. 1014 type: string 1015 name: 1016 description: 'Name of the referent. More 1017 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1018 TODO: Add other useful fields. apiVersion, 1019 kind, uid?' 1020 type: string 1021 optional: 1022 description: Specify whether the Secret 1023 or its key must be defined 1024 type: boolean 1025 required: 1026 - key 1027 type: object 1028 type: object 1029 insecureSkipVerify: 1030 description: Disable target certificate validation. 1031 type: boolean 1032 keySecret: 1033 description: Secret containing the client key 1034 file for the targets. 1035 properties: 1036 key: 1037 description: The key of the secret to select 1038 from. Must be a valid secret key. 1039 type: string 1040 name: 1041 description: 'Name of the referent. More info: 1042 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1043 TODO: Add other useful fields. apiVersion, 1044 kind, uid?' 1045 type: string 1046 optional: 1047 description: Specify whether the Secret or 1048 its key must be defined 1049 type: boolean 1050 required: 1051 - key 1052 type: object 1053 serverName: 1054 description: Used to verify the hostname for the 1055 targets. 1056 type: string 1057 type: object 1058 type: object 1059 pagerDutyImageConfigs: 1060 description: A list of image details to attach that provide 1061 further detail about an incident. 1062 items: 1063 description: PagerDutyImageConfig attaches images to 1064 an incident 1065 properties: 1066 alt: 1067 description: Alt is the optional alternative text 1068 for the image. 1069 type: string 1070 href: 1071 description: Optional URL; makes the image a clickable 1072 link. 1073 type: string 1074 src: 1075 description: Src of the image being attached to 1076 the incident 1077 type: string 1078 type: object 1079 type: array 1080 pagerDutyLinkConfigs: 1081 description: A list of link details to attach that provide 1082 further detail about an incident. 1083 items: 1084 description: PagerDutyLinkConfig attaches text links 1085 to an incident 1086 properties: 1087 alt: 1088 description: Text that describes the purpose of 1089 the link, and can be used as the link's text. 1090 type: string 1091 href: 1092 description: Href is the URL of the link to be attached 1093 type: string 1094 type: object 1095 type: array 1096 routingKey: 1097 description: The secret's key that contains the PagerDuty 1098 integration key (when using Events API v2). Either this 1099 field or `serviceKey` needs to be defined. The secret 1100 needs to be in the same namespace as the AlertmanagerConfig 1101 object and accessible by the Prometheus Operator. 1102 properties: 1103 key: 1104 description: The key of the secret to select from. Must 1105 be a valid secret key. 1106 type: string 1107 name: 1108 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1109 TODO: Add other useful fields. apiVersion, kind, 1110 uid?' 1111 type: string 1112 optional: 1113 description: Specify whether the Secret or its key 1114 must be defined 1115 type: boolean 1116 required: 1117 - key 1118 type: object 1119 sendResolved: 1120 description: Whether or not to notify about resolved alerts. 1121 type: boolean 1122 serviceKey: 1123 description: The secret's key that contains the PagerDuty 1124 service key (when using integration type "Prometheus"). 1125 Either this field or `routingKey` needs to be defined. 1126 The secret needs to be in the same namespace as the 1127 AlertmanagerConfig object and accessible by the Prometheus 1128 Operator. 1129 properties: 1130 key: 1131 description: The key of the secret to select from. Must 1132 be a valid secret key. 1133 type: string 1134 name: 1135 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1136 TODO: Add other useful fields. apiVersion, kind, 1137 uid?' 1138 type: string 1139 optional: 1140 description: Specify whether the Secret or its key 1141 must be defined 1142 type: boolean 1143 required: 1144 - key 1145 type: object 1146 severity: 1147 description: Severity of the incident. 1148 type: string 1149 url: 1150 description: The URL to send requests to. 1151 type: string 1152 type: object 1153 type: array 1154 pushoverConfigs: 1155 description: List of Pushover configurations. 1156 items: 1157 description: PushoverConfig configures notifications via Pushover. 1158 See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config 1159 properties: 1160 expire: 1161 description: How long your notification will continue 1162 to be retried for, unless the user acknowledges the 1163 notification. 1164 pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ 1165 type: string 1166 html: 1167 description: Whether notification message is HTML or plain 1168 text. 1169 type: boolean 1170 httpConfig: 1171 description: HTTP client configuration. 1172 properties: 1173 authorization: 1174 description: Authorization header configuration for 1175 the client. This is mutually exclusive with BasicAuth 1176 and is only available starting from Alertmanager 1177 v0.22+. 1178 properties: 1179 credentials: 1180 description: The secret's key that contains the 1181 credentials of the request 1182 properties: 1183 key: 1184 description: The key of the secret to select 1185 from. Must be a valid secret key. 1186 type: string 1187 name: 1188 description: 'Name of the referent. More info: 1189 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1190 TODO: Add other useful fields. apiVersion, 1191 kind, uid?' 1192 type: string 1193 optional: 1194 description: Specify whether the Secret or 1195 its key must be defined 1196 type: boolean 1197 required: 1198 - key 1199 type: object 1200 type: 1201 description: Set the authentication type. Defaults 1202 to Bearer, Basic will cause an error 1203 type: string 1204 type: object 1205 basicAuth: 1206 description: BasicAuth for the client. This is mutually 1207 exclusive with Authorization. If both are defined, 1208 BasicAuth takes precedence. 1209 properties: 1210 password: 1211 description: The secret in the service monitor 1212 namespace that contains the password for authentication. 1213 properties: 1214 key: 1215 description: The key of the secret to select 1216 from. Must be a valid secret key. 1217 type: string 1218 name: 1219 description: 'Name of the referent. More info: 1220 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1221 TODO: Add other useful fields. apiVersion, 1222 kind, uid?' 1223 type: string 1224 optional: 1225 description: Specify whether the Secret or 1226 its key must be defined 1227 type: boolean 1228 required: 1229 - key 1230 type: object 1231 username: 1232 description: The secret in the service monitor 1233 namespace that contains the username for authentication. 1234 properties: 1235 key: 1236 description: The key of the secret to select 1237 from. Must be a valid secret key. 1238 type: string 1239 name: 1240 description: 'Name of the referent. More info: 1241 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1242 TODO: Add other useful fields. apiVersion, 1243 kind, uid?' 1244 type: string 1245 optional: 1246 description: Specify whether the Secret or 1247 its key must be defined 1248 type: boolean 1249 required: 1250 - key 1251 type: object 1252 type: object 1253 bearerTokenSecret: 1254 description: The secret's key that contains the bearer 1255 token to be used by the client for authentication. 1256 The secret needs to be in the same namespace as 1257 the AlertmanagerConfig object and accessible by 1258 the Prometheus Operator. 1259 properties: 1260 key: 1261 description: The key of the secret to select from. Must 1262 be a valid secret key. 1263 type: string 1264 name: 1265 description: 'Name of the referent. More info: 1266 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1267 TODO: Add other useful fields. apiVersion, kind, 1268 uid?' 1269 type: string 1270 optional: 1271 description: Specify whether the Secret or its 1272 key must be defined 1273 type: boolean 1274 required: 1275 - key 1276 type: object 1277 proxyURL: 1278 description: Optional proxy URL. 1279 type: string 1280 tlsConfig: 1281 description: TLS configuration for the client. 1282 properties: 1283 ca: 1284 description: Struct containing the CA cert to 1285 use for the targets. 1286 properties: 1287 configMap: 1288 description: ConfigMap containing data to 1289 use for the targets. 1290 properties: 1291 key: 1292 description: The key to select. 1293 type: string 1294 name: 1295 description: 'Name of the referent. More 1296 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1297 TODO: Add other useful fields. apiVersion, 1298 kind, uid?' 1299 type: string 1300 optional: 1301 description: Specify whether the ConfigMap 1302 or its key must be defined 1303 type: boolean 1304 required: 1305 - key 1306 type: object 1307 secret: 1308 description: Secret containing data to use 1309 for the targets. 1310 properties: 1311 key: 1312 description: The key of the secret to 1313 select from. Must be a valid secret 1314 key. 1315 type: string 1316 name: 1317 description: 'Name of the referent. More 1318 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1319 TODO: Add other useful fields. apiVersion, 1320 kind, uid?' 1321 type: string 1322 optional: 1323 description: Specify whether the Secret 1324 or its key must be defined 1325 type: boolean 1326 required: 1327 - key 1328 type: object 1329 type: object 1330 cert: 1331 description: Struct containing the client cert 1332 file for the targets. 1333 properties: 1334 configMap: 1335 description: ConfigMap containing data to 1336 use for the targets. 1337 properties: 1338 key: 1339 description: The key to select. 1340 type: string 1341 name: 1342 description: 'Name of the referent. More 1343 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1344 TODO: Add other useful fields. apiVersion, 1345 kind, uid?' 1346 type: string 1347 optional: 1348 description: Specify whether the ConfigMap 1349 or its key must be defined 1350 type: boolean 1351 required: 1352 - key 1353 type: object 1354 secret: 1355 description: Secret containing data to use 1356 for the targets. 1357 properties: 1358 key: 1359 description: The key of the secret to 1360 select from. Must be a valid secret 1361 key. 1362 type: string 1363 name: 1364 description: 'Name of the referent. More 1365 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1366 TODO: Add other useful fields. apiVersion, 1367 kind, uid?' 1368 type: string 1369 optional: 1370 description: Specify whether the Secret 1371 or its key must be defined 1372 type: boolean 1373 required: 1374 - key 1375 type: object 1376 type: object 1377 insecureSkipVerify: 1378 description: Disable target certificate validation. 1379 type: boolean 1380 keySecret: 1381 description: Secret containing the client key 1382 file for the targets. 1383 properties: 1384 key: 1385 description: The key of the secret to select 1386 from. Must be a valid secret key. 1387 type: string 1388 name: 1389 description: 'Name of the referent. More info: 1390 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1391 TODO: Add other useful fields. apiVersion, 1392 kind, uid?' 1393 type: string 1394 optional: 1395 description: Specify whether the Secret or 1396 its key must be defined 1397 type: boolean 1398 required: 1399 - key 1400 type: object 1401 serverName: 1402 description: Used to verify the hostname for the 1403 targets. 1404 type: string 1405 type: object 1406 type: object 1407 message: 1408 description: Notification message. 1409 type: string 1410 priority: 1411 description: Priority, see https://pushover.net/api#priority 1412 type: string 1413 retry: 1414 description: How often the Pushover servers will send 1415 the same notification to the user. Must be at least 1416 30 seconds. 1417 pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ 1418 type: string 1419 sendResolved: 1420 description: Whether or not to notify about resolved alerts. 1421 type: boolean 1422 sound: 1423 description: The name of one of the sounds supported by 1424 device clients to override the user's default sound 1425 choice 1426 type: string 1427 title: 1428 description: Notification title. 1429 type: string 1430 token: 1431 description: The secret's key that contains the registered 1432 application’s API token, see https://pushover.net/apps. 1433 The secret needs to be in the same namespace as the 1434 AlertmanagerConfig object and accessible by the Prometheus 1435 Operator. 1436 properties: 1437 key: 1438 description: The key of the secret to select from. Must 1439 be a valid secret key. 1440 type: string 1441 name: 1442 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1443 TODO: Add other useful fields. apiVersion, kind, 1444 uid?' 1445 type: string 1446 optional: 1447 description: Specify whether the Secret or its key 1448 must be defined 1449 type: boolean 1450 required: 1451 - key 1452 type: object 1453 url: 1454 description: A supplementary URL shown alongside the message. 1455 type: string 1456 urlTitle: 1457 description: A title for supplementary URL, otherwise 1458 just the URL is shown 1459 type: string 1460 userKey: 1461 description: The secret's key that contains the recipient 1462 user’s user key. The secret needs to be in the same 1463 namespace as the AlertmanagerConfig object and accessible 1464 by the Prometheus Operator. 1465 properties: 1466 key: 1467 description: The key of the secret to select from. Must 1468 be a valid secret key. 1469 type: string 1470 name: 1471 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1472 TODO: Add other useful fields. apiVersion, kind, 1473 uid?' 1474 type: string 1475 optional: 1476 description: Specify whether the Secret or its key 1477 must be defined 1478 type: boolean 1479 required: 1480 - key 1481 type: object 1482 type: object 1483 type: array 1484 slackConfigs: 1485 description: List of Slack configurations. 1486 items: 1487 description: SlackConfig configures notifications via Slack. 1488 See https://prometheus.io/docs/alerting/latest/configuration/#slack_config 1489 properties: 1490 actions: 1491 description: A list of Slack actions that are sent with 1492 each notification. 1493 items: 1494 description: SlackAction configures a single Slack action 1495 that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields 1496 and https://api.slack.com/docs/message-buttons for 1497 more information. 1498 properties: 1499 confirm: 1500 description: SlackConfirmationField protect users 1501 from destructive actions or particularly distinguished 1502 decisions by asking them to confirm their button 1503 click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields 1504 for more information. 1505 properties: 1506 dismissText: 1507 type: string 1508 okText: 1509 type: string 1510 text: 1511 minLength: 1 1512 type: string 1513 title: 1514 type: string 1515 required: 1516 - text 1517 type: object 1518 name: 1519 type: string 1520 style: 1521 type: string 1522 text: 1523 minLength: 1 1524 type: string 1525 type: 1526 minLength: 1 1527 type: string 1528 url: 1529 type: string 1530 value: 1531 type: string 1532 required: 1533 - text 1534 - type 1535 type: object 1536 type: array 1537 apiURL: 1538 description: The secret's key that contains the Slack 1539 webhook URL. The secret needs to be in the same namespace 1540 as the AlertmanagerConfig object and accessible by the 1541 Prometheus Operator. 1542 properties: 1543 key: 1544 description: The key of the secret to select from. Must 1545 be a valid secret key. 1546 type: string 1547 name: 1548 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1549 TODO: Add other useful fields. apiVersion, kind, 1550 uid?' 1551 type: string 1552 optional: 1553 description: Specify whether the Secret or its key 1554 must be defined 1555 type: boolean 1556 required: 1557 - key 1558 type: object 1559 callbackId: 1560 type: string 1561 channel: 1562 description: The channel or user to send notifications 1563 to. 1564 type: string 1565 color: 1566 type: string 1567 fallback: 1568 type: string 1569 fields: 1570 description: A list of Slack fields that are sent with 1571 each notification. 1572 items: 1573 description: SlackField configures a single Slack field 1574 that is sent with each notification. Each field must 1575 contain a title, value, and optionally, a boolean 1576 value to indicate if the field is short enough to 1577 be displayed next to other fields designated as short. 1578 See https://api.slack.com/docs/message-attachments#fields 1579 for more information. 1580 properties: 1581 short: 1582 type: boolean 1583 title: 1584 minLength: 1 1585 type: string 1586 value: 1587 minLength: 1 1588 type: string 1589 required: 1590 - title 1591 - value 1592 type: object 1593 type: array 1594 footer: 1595 type: string 1596 httpConfig: 1597 description: HTTP client configuration. 1598 properties: 1599 authorization: 1600 description: Authorization header configuration for 1601 the client. This is mutually exclusive with BasicAuth 1602 and is only available starting from Alertmanager 1603 v0.22+. 1604 properties: 1605 credentials: 1606 description: The secret's key that contains the 1607 credentials of the request 1608 properties: 1609 key: 1610 description: The key of the secret to select 1611 from. Must be a valid secret key. 1612 type: string 1613 name: 1614 description: 'Name of the referent. More info: 1615 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1616 TODO: Add other useful fields. apiVersion, 1617 kind, uid?' 1618 type: string 1619 optional: 1620 description: Specify whether the Secret or 1621 its key must be defined 1622 type: boolean 1623 required: 1624 - key 1625 type: object 1626 type: 1627 description: Set the authentication type. Defaults 1628 to Bearer, Basic will cause an error 1629 type: string 1630 type: object 1631 basicAuth: 1632 description: BasicAuth for the client. This is mutually 1633 exclusive with Authorization. If both are defined, 1634 BasicAuth takes precedence. 1635 properties: 1636 password: 1637 description: The secret in the service monitor 1638 namespace that contains the password for authentication. 1639 properties: 1640 key: 1641 description: The key of the secret to select 1642 from. Must be a valid secret key. 1643 type: string 1644 name: 1645 description: 'Name of the referent. More info: 1646 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1647 TODO: Add other useful fields. apiVersion, 1648 kind, uid?' 1649 type: string 1650 optional: 1651 description: Specify whether the Secret or 1652 its key must be defined 1653 type: boolean 1654 required: 1655 - key 1656 type: object 1657 username: 1658 description: The secret in the service monitor 1659 namespace that contains the username for authentication. 1660 properties: 1661 key: 1662 description: The key of the secret to select 1663 from. Must be a valid secret key. 1664 type: string 1665 name: 1666 description: 'Name of the referent. More info: 1667 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1668 TODO: Add other useful fields. apiVersion, 1669 kind, uid?' 1670 type: string 1671 optional: 1672 description: Specify whether the Secret or 1673 its key must be defined 1674 type: boolean 1675 required: 1676 - key 1677 type: object 1678 type: object 1679 bearerTokenSecret: 1680 description: The secret's key that contains the bearer 1681 token to be used by the client for authentication. 1682 The secret needs to be in the same namespace as 1683 the AlertmanagerConfig object and accessible by 1684 the Prometheus Operator. 1685 properties: 1686 key: 1687 description: The key of the secret to select from. Must 1688 be a valid secret key. 1689 type: string 1690 name: 1691 description: 'Name of the referent. More info: 1692 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1693 TODO: Add other useful fields. apiVersion, kind, 1694 uid?' 1695 type: string 1696 optional: 1697 description: Specify whether the Secret or its 1698 key must be defined 1699 type: boolean 1700 required: 1701 - key 1702 type: object 1703 proxyURL: 1704 description: Optional proxy URL. 1705 type: string 1706 tlsConfig: 1707 description: TLS configuration for the client. 1708 properties: 1709 ca: 1710 description: Struct containing the CA cert to 1711 use for the targets. 1712 properties: 1713 configMap: 1714 description: ConfigMap containing data to 1715 use for the targets. 1716 properties: 1717 key: 1718 description: The key to select. 1719 type: string 1720 name: 1721 description: 'Name of the referent. More 1722 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1723 TODO: Add other useful fields. apiVersion, 1724 kind, uid?' 1725 type: string 1726 optional: 1727 description: Specify whether the ConfigMap 1728 or its key must be defined 1729 type: boolean 1730 required: 1731 - key 1732 type: object 1733 secret: 1734 description: Secret containing data to use 1735 for the targets. 1736 properties: 1737 key: 1738 description: The key of the secret to 1739 select from. Must be a valid secret 1740 key. 1741 type: string 1742 name: 1743 description: 'Name of the referent. More 1744 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1745 TODO: Add other useful fields. apiVersion, 1746 kind, uid?' 1747 type: string 1748 optional: 1749 description: Specify whether the Secret 1750 or its key must be defined 1751 type: boolean 1752 required: 1753 - key 1754 type: object 1755 type: object 1756 cert: 1757 description: Struct containing the client cert 1758 file for the targets. 1759 properties: 1760 configMap: 1761 description: ConfigMap containing data to 1762 use for the targets. 1763 properties: 1764 key: 1765 description: The key to select. 1766 type: string 1767 name: 1768 description: 'Name of the referent. More 1769 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1770 TODO: Add other useful fields. apiVersion, 1771 kind, uid?' 1772 type: string 1773 optional: 1774 description: Specify whether the ConfigMap 1775 or its key must be defined 1776 type: boolean 1777 required: 1778 - key 1779 type: object 1780 secret: 1781 description: Secret containing data to use 1782 for the targets. 1783 properties: 1784 key: 1785 description: The key of the secret to 1786 select from. Must be a valid secret 1787 key. 1788 type: string 1789 name: 1790 description: 'Name of the referent. More 1791 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1792 TODO: Add other useful fields. apiVersion, 1793 kind, uid?' 1794 type: string 1795 optional: 1796 description: Specify whether the Secret 1797 or its key must be defined 1798 type: boolean 1799 required: 1800 - key 1801 type: object 1802 type: object 1803 insecureSkipVerify: 1804 description: Disable target certificate validation. 1805 type: boolean 1806 keySecret: 1807 description: Secret containing the client key 1808 file for the targets. 1809 properties: 1810 key: 1811 description: The key of the secret to select 1812 from. Must be a valid secret key. 1813 type: string 1814 name: 1815 description: 'Name of the referent. More info: 1816 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1817 TODO: Add other useful fields. apiVersion, 1818 kind, uid?' 1819 type: string 1820 optional: 1821 description: Specify whether the Secret or 1822 its key must be defined 1823 type: boolean 1824 required: 1825 - key 1826 type: object 1827 serverName: 1828 description: Used to verify the hostname for the 1829 targets. 1830 type: string 1831 type: object 1832 type: object 1833 iconEmoji: 1834 type: string 1835 iconURL: 1836 type: string 1837 imageURL: 1838 type: string 1839 linkNames: 1840 type: boolean 1841 mrkdwnIn: 1842 items: 1843 type: string 1844 type: array 1845 pretext: 1846 type: string 1847 sendResolved: 1848 description: Whether or not to notify about resolved alerts. 1849 type: boolean 1850 shortFields: 1851 type: boolean 1852 text: 1853 type: string 1854 thumbURL: 1855 type: string 1856 title: 1857 type: string 1858 titleLink: 1859 type: string 1860 username: 1861 type: string 1862 type: object 1863 type: array 1864 victoropsConfigs: 1865 description: List of VictorOps configurations. 1866 items: 1867 description: VictorOpsConfig configures notifications via 1868 VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config 1869 properties: 1870 apiKey: 1871 description: The secret's key that contains the API key 1872 to use when talking to the VictorOps API. The secret 1873 needs to be in the same namespace as the AlertmanagerConfig 1874 object and accessible by the Prometheus Operator. 1875 properties: 1876 key: 1877 description: The key of the secret to select from. Must 1878 be a valid secret key. 1879 type: string 1880 name: 1881 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1882 TODO: Add other useful fields. apiVersion, kind, 1883 uid?' 1884 type: string 1885 optional: 1886 description: Specify whether the Secret or its key 1887 must be defined 1888 type: boolean 1889 required: 1890 - key 1891 type: object 1892 apiUrl: 1893 description: The VictorOps API URL. 1894 type: string 1895 customFields: 1896 description: Additional custom fields for notification. 1897 items: 1898 description: KeyValue defines a (key, value) tuple. 1899 properties: 1900 key: 1901 description: Key of the tuple. 1902 minLength: 1 1903 type: string 1904 value: 1905 description: Value of the tuple. 1906 type: string 1907 required: 1908 - key 1909 - value 1910 type: object 1911 type: array 1912 entityDisplayName: 1913 description: Contains summary of the alerted problem. 1914 type: string 1915 httpConfig: 1916 description: The HTTP client's configuration. 1917 properties: 1918 authorization: 1919 description: Authorization header configuration for 1920 the client. This is mutually exclusive with BasicAuth 1921 and is only available starting from Alertmanager 1922 v0.22+. 1923 properties: 1924 credentials: 1925 description: The secret's key that contains the 1926 credentials of the request 1927 properties: 1928 key: 1929 description: The key of the secret to select 1930 from. Must be a valid secret key. 1931 type: string 1932 name: 1933 description: 'Name of the referent. More info: 1934 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1935 TODO: Add other useful fields. apiVersion, 1936 kind, uid?' 1937 type: string 1938 optional: 1939 description: Specify whether the Secret or 1940 its key must be defined 1941 type: boolean 1942 required: 1943 - key 1944 type: object 1945 type: 1946 description: Set the authentication type. Defaults 1947 to Bearer, Basic will cause an error 1948 type: string 1949 type: object 1950 basicAuth: 1951 description: BasicAuth for the client. This is mutually 1952 exclusive with Authorization. If both are defined, 1953 BasicAuth takes precedence. 1954 properties: 1955 password: 1956 description: The secret in the service monitor 1957 namespace that contains the password for authentication. 1958 properties: 1959 key: 1960 description: The key of the secret to select 1961 from. Must be a valid secret key. 1962 type: string 1963 name: 1964 description: 'Name of the referent. More info: 1965 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1966 TODO: Add other useful fields. apiVersion, 1967 kind, uid?' 1968 type: string 1969 optional: 1970 description: Specify whether the Secret or 1971 its key must be defined 1972 type: boolean 1973 required: 1974 - key 1975 type: object 1976 username: 1977 description: The secret in the service monitor 1978 namespace that contains the username for authentication. 1979 properties: 1980 key: 1981 description: The key of the secret to select 1982 from. Must be a valid secret key. 1983 type: string 1984 name: 1985 description: 'Name of the referent. More info: 1986 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1987 TODO: Add other useful fields. apiVersion, 1988 kind, uid?' 1989 type: string 1990 optional: 1991 description: Specify whether the Secret or 1992 its key must be defined 1993 type: boolean 1994 required: 1995 - key 1996 type: object 1997 type: object 1998 bearerTokenSecret: 1999 description: The secret's key that contains the bearer 2000 token to be used by the client for authentication. 2001 The secret needs to be in the same namespace as 2002 the AlertmanagerConfig object and accessible by 2003 the Prometheus Operator. 2004 properties: 2005 key: 2006 description: The key of the secret to select from. Must 2007 be a valid secret key. 2008 type: string 2009 name: 2010 description: 'Name of the referent. More info: 2011 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2012 TODO: Add other useful fields. apiVersion, kind, 2013 uid?' 2014 type: string 2015 optional: 2016 description: Specify whether the Secret or its 2017 key must be defined 2018 type: boolean 2019 required: 2020 - key 2021 type: object 2022 proxyURL: 2023 description: Optional proxy URL. 2024 type: string 2025 tlsConfig: 2026 description: TLS configuration for the client. 2027 properties: 2028 ca: 2029 description: Struct containing the CA cert to 2030 use for the targets. 2031 properties: 2032 configMap: 2033 description: ConfigMap containing data to 2034 use for the targets. 2035 properties: 2036 key: 2037 description: The key to select. 2038 type: string 2039 name: 2040 description: 'Name of the referent. More 2041 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2042 TODO: Add other useful fields. apiVersion, 2043 kind, uid?' 2044 type: string 2045 optional: 2046 description: Specify whether the ConfigMap 2047 or its key must be defined 2048 type: boolean 2049 required: 2050 - key 2051 type: object 2052 secret: 2053 description: Secret containing data to use 2054 for the targets. 2055 properties: 2056 key: 2057 description: The key of the secret to 2058 select from. Must be a valid secret 2059 key. 2060 type: string 2061 name: 2062 description: 'Name of the referent. More 2063 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2064 TODO: Add other useful fields. apiVersion, 2065 kind, uid?' 2066 type: string 2067 optional: 2068 description: Specify whether the Secret 2069 or its key must be defined 2070 type: boolean 2071 required: 2072 - key 2073 type: object 2074 type: object 2075 cert: 2076 description: Struct containing the client cert 2077 file for the targets. 2078 properties: 2079 configMap: 2080 description: ConfigMap containing data to 2081 use for the targets. 2082 properties: 2083 key: 2084 description: The key to select. 2085 type: string 2086 name: 2087 description: 'Name of the referent. More 2088 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2089 TODO: Add other useful fields. apiVersion, 2090 kind, uid?' 2091 type: string 2092 optional: 2093 description: Specify whether the ConfigMap 2094 or its key must be defined 2095 type: boolean 2096 required: 2097 - key 2098 type: object 2099 secret: 2100 description: Secret containing data to use 2101 for the targets. 2102 properties: 2103 key: 2104 description: The key of the secret to 2105 select from. Must be a valid secret 2106 key. 2107 type: string 2108 name: 2109 description: 'Name of the referent. More 2110 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2111 TODO: Add other useful fields. apiVersion, 2112 kind, uid?' 2113 type: string 2114 optional: 2115 description: Specify whether the Secret 2116 or its key must be defined 2117 type: boolean 2118 required: 2119 - key 2120 type: object 2121 type: object 2122 insecureSkipVerify: 2123 description: Disable target certificate validation. 2124 type: boolean 2125 keySecret: 2126 description: Secret containing the client key 2127 file for the targets. 2128 properties: 2129 key: 2130 description: The key of the secret to select 2131 from. Must be a valid secret key. 2132 type: string 2133 name: 2134 description: 'Name of the referent. More info: 2135 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2136 TODO: Add other useful fields. apiVersion, 2137 kind, uid?' 2138 type: string 2139 optional: 2140 description: Specify whether the Secret or 2141 its key must be defined 2142 type: boolean 2143 required: 2144 - key 2145 type: object 2146 serverName: 2147 description: Used to verify the hostname for the 2148 targets. 2149 type: string 2150 type: object 2151 type: object 2152 messageType: 2153 description: Describes the behavior of the alert (CRITICAL, 2154 WARNING, INFO). 2155 type: string 2156 monitoringTool: 2157 description: The monitoring tool the state message is 2158 from. 2159 type: string 2160 routingKey: 2161 description: A key used to map the alert to a team. 2162 type: string 2163 sendResolved: 2164 description: Whether or not to notify about resolved alerts. 2165 type: boolean 2166 stateMessage: 2167 description: Contains long explanation of the alerted 2168 problem. 2169 type: string 2170 type: object 2171 type: array 2172 webhookConfigs: 2173 description: List of webhook configurations. 2174 items: 2175 description: WebhookConfig configures notifications via a 2176 generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config 2177 properties: 2178 httpConfig: 2179 description: HTTP client configuration. 2180 properties: 2181 authorization: 2182 description: Authorization header configuration for 2183 the client. This is mutually exclusive with BasicAuth 2184 and is only available starting from Alertmanager 2185 v0.22+. 2186 properties: 2187 credentials: 2188 description: The secret's key that contains the 2189 credentials of the request 2190 properties: 2191 key: 2192 description: The key of the secret to select 2193 from. Must be a valid secret key. 2194 type: string 2195 name: 2196 description: 'Name of the referent. More info: 2197 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2198 TODO: Add other useful fields. apiVersion, 2199 kind, uid?' 2200 type: string 2201 optional: 2202 description: Specify whether the Secret or 2203 its key must be defined 2204 type: boolean 2205 required: 2206 - key 2207 type: object 2208 type: 2209 description: Set the authentication type. Defaults 2210 to Bearer, Basic will cause an error 2211 type: string 2212 type: object 2213 basicAuth: 2214 description: BasicAuth for the client. This is mutually 2215 exclusive with Authorization. If both are defined, 2216 BasicAuth takes precedence. 2217 properties: 2218 password: 2219 description: The secret in the service monitor 2220 namespace that contains the password for authentication. 2221 properties: 2222 key: 2223 description: The key of the secret to select 2224 from. Must be a valid secret key. 2225 type: string 2226 name: 2227 description: 'Name of the referent. More info: 2228 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2229 TODO: Add other useful fields. apiVersion, 2230 kind, uid?' 2231 type: string 2232 optional: 2233 description: Specify whether the Secret or 2234 its key must be defined 2235 type: boolean 2236 required: 2237 - key 2238 type: object 2239 username: 2240 description: The secret in the service monitor 2241 namespace that contains the username for authentication. 2242 properties: 2243 key: 2244 description: The key of the secret to select 2245 from. Must be a valid secret key. 2246 type: string 2247 name: 2248 description: 'Name of the referent. More info: 2249 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2250 TODO: Add other useful fields. apiVersion, 2251 kind, uid?' 2252 type: string 2253 optional: 2254 description: Specify whether the Secret or 2255 its key must be defined 2256 type: boolean 2257 required: 2258 - key 2259 type: object 2260 type: object 2261 bearerTokenSecret: 2262 description: The secret's key that contains the bearer 2263 token to be used by the client for authentication. 2264 The secret needs to be in the same namespace as 2265 the AlertmanagerConfig object and accessible by 2266 the Prometheus Operator. 2267 properties: 2268 key: 2269 description: The key of the secret to select from. Must 2270 be a valid secret key. 2271 type: string 2272 name: 2273 description: 'Name of the referent. More info: 2274 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2275 TODO: Add other useful fields. apiVersion, kind, 2276 uid?' 2277 type: string 2278 optional: 2279 description: Specify whether the Secret or its 2280 key must be defined 2281 type: boolean 2282 required: 2283 - key 2284 type: object 2285 proxyURL: 2286 description: Optional proxy URL. 2287 type: string 2288 tlsConfig: 2289 description: TLS configuration for the client. 2290 properties: 2291 ca: 2292 description: Struct containing the CA cert to 2293 use for the targets. 2294 properties: 2295 configMap: 2296 description: ConfigMap containing data to 2297 use for the targets. 2298 properties: 2299 key: 2300 description: The key to select. 2301 type: string 2302 name: 2303 description: 'Name of the referent. More 2304 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2305 TODO: Add other useful fields. apiVersion, 2306 kind, uid?' 2307 type: string 2308 optional: 2309 description: Specify whether the ConfigMap 2310 or its key must be defined 2311 type: boolean 2312 required: 2313 - key 2314 type: object 2315 secret: 2316 description: Secret containing data to use 2317 for the targets. 2318 properties: 2319 key: 2320 description: The key of the secret to 2321 select from. Must be a valid secret 2322 key. 2323 type: string 2324 name: 2325 description: 'Name of the referent. More 2326 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2327 TODO: Add other useful fields. apiVersion, 2328 kind, uid?' 2329 type: string 2330 optional: 2331 description: Specify whether the Secret 2332 or its key must be defined 2333 type: boolean 2334 required: 2335 - key 2336 type: object 2337 type: object 2338 cert: 2339 description: Struct containing the client cert 2340 file for the targets. 2341 properties: 2342 configMap: 2343 description: ConfigMap containing data to 2344 use for the targets. 2345 properties: 2346 key: 2347 description: The key to select. 2348 type: string 2349 name: 2350 description: 'Name of the referent. More 2351 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2352 TODO: Add other useful fields. apiVersion, 2353 kind, uid?' 2354 type: string 2355 optional: 2356 description: Specify whether the ConfigMap 2357 or its key must be defined 2358 type: boolean 2359 required: 2360 - key 2361 type: object 2362 secret: 2363 description: Secret containing data to use 2364 for the targets. 2365 properties: 2366 key: 2367 description: The key of the secret to 2368 select from. Must be a valid secret 2369 key. 2370 type: string 2371 name: 2372 description: 'Name of the referent. More 2373 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2374 TODO: Add other useful fields. apiVersion, 2375 kind, uid?' 2376 type: string 2377 optional: 2378 description: Specify whether the Secret 2379 or its key must be defined 2380 type: boolean 2381 required: 2382 - key 2383 type: object 2384 type: object 2385 insecureSkipVerify: 2386 description: Disable target certificate validation. 2387 type: boolean 2388 keySecret: 2389 description: Secret containing the client key 2390 file for the targets. 2391 properties: 2392 key: 2393 description: The key of the secret to select 2394 from. Must be a valid secret key. 2395 type: string 2396 name: 2397 description: 'Name of the referent. More info: 2398 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2399 TODO: Add other useful fields. apiVersion, 2400 kind, uid?' 2401 type: string 2402 optional: 2403 description: Specify whether the Secret or 2404 its key must be defined 2405 type: boolean 2406 required: 2407 - key 2408 type: object 2409 serverName: 2410 description: Used to verify the hostname for the 2411 targets. 2412 type: string 2413 type: object 2414 type: object 2415 maxAlerts: 2416 description: Maximum number of alerts to be sent per webhook 2417 message. When 0, all alerts are included. 2418 format: int32 2419 minimum: 0 2420 type: integer 2421 sendResolved: 2422 description: Whether or not to notify about resolved alerts. 2423 type: boolean 2424 url: 2425 description: The URL to send HTTP POST requests to. `urlSecret` 2426 takes precedence over `url`. One of `urlSecret` and 2427 `url` should be defined. 2428 type: string 2429 urlSecret: 2430 description: The secret's key that contains the webhook 2431 URL to send HTTP requests to. `urlSecret` takes precedence 2432 over `url`. One of `urlSecret` and `url` should be defined. 2433 The secret needs to be in the same namespace as the 2434 AlertmanagerConfig object and accessible by the Prometheus 2435 Operator. 2436 properties: 2437 key: 2438 description: The key of the secret to select from. Must 2439 be a valid secret key. 2440 type: string 2441 name: 2442 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2443 TODO: Add other useful fields. apiVersion, kind, 2444 uid?' 2445 type: string 2446 optional: 2447 description: Specify whether the Secret or its key 2448 must be defined 2449 type: boolean 2450 required: 2451 - key 2452 type: object 2453 type: object 2454 type: array 2455 wechatConfigs: 2456 description: List of WeChat configurations. 2457 items: 2458 description: WeChatConfig configures notifications via WeChat. 2459 See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config 2460 properties: 2461 agentID: 2462 type: string 2463 apiSecret: 2464 description: The secret's key that contains the WeChat 2465 API key. The secret needs to be in the same namespace 2466 as the AlertmanagerConfig object and accessible by the 2467 Prometheus Operator. 2468 properties: 2469 key: 2470 description: The key of the secret to select from. Must 2471 be a valid secret key. 2472 type: string 2473 name: 2474 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2475 TODO: Add other useful fields. apiVersion, kind, 2476 uid?' 2477 type: string 2478 optional: 2479 description: Specify whether the Secret or its key 2480 must be defined 2481 type: boolean 2482 required: 2483 - key 2484 type: object 2485 apiURL: 2486 description: The WeChat API URL. 2487 type: string 2488 corpID: 2489 description: The corp id for authentication. 2490 type: string 2491 httpConfig: 2492 description: HTTP client configuration. 2493 properties: 2494 authorization: 2495 description: Authorization header configuration for 2496 the client. This is mutually exclusive with BasicAuth 2497 and is only available starting from Alertmanager 2498 v0.22+. 2499 properties: 2500 credentials: 2501 description: The secret's key that contains the 2502 credentials of the request 2503 properties: 2504 key: 2505 description: The key of the secret to select 2506 from. Must be a valid secret key. 2507 type: string 2508 name: 2509 description: 'Name of the referent. More info: 2510 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2511 TODO: Add other useful fields. apiVersion, 2512 kind, uid?' 2513 type: string 2514 optional: 2515 description: Specify whether the Secret or 2516 its key must be defined 2517 type: boolean 2518 required: 2519 - key 2520 type: object 2521 type: 2522 description: Set the authentication type. Defaults 2523 to Bearer, Basic will cause an error 2524 type: string 2525 type: object 2526 basicAuth: 2527 description: BasicAuth for the client. This is mutually 2528 exclusive with Authorization. If both are defined, 2529 BasicAuth takes precedence. 2530 properties: 2531 password: 2532 description: The secret in the service monitor 2533 namespace that contains the password for authentication. 2534 properties: 2535 key: 2536 description: The key of the secret to select 2537 from. Must be a valid secret key. 2538 type: string 2539 name: 2540 description: 'Name of the referent. More info: 2541 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2542 TODO: Add other useful fields. apiVersion, 2543 kind, uid?' 2544 type: string 2545 optional: 2546 description: Specify whether the Secret or 2547 its key must be defined 2548 type: boolean 2549 required: 2550 - key 2551 type: object 2552 username: 2553 description: The secret in the service monitor 2554 namespace that contains the username for authentication. 2555 properties: 2556 key: 2557 description: The key of the secret to select 2558 from. Must be a valid secret key. 2559 type: string 2560 name: 2561 description: 'Name of the referent. More info: 2562 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2563 TODO: Add other useful fields. apiVersion, 2564 kind, uid?' 2565 type: string 2566 optional: 2567 description: Specify whether the Secret or 2568 its key must be defined 2569 type: boolean 2570 required: 2571 - key 2572 type: object 2573 type: object 2574 bearerTokenSecret: 2575 description: The secret's key that contains the bearer 2576 token to be used by the client for authentication. 2577 The secret needs to be in the same namespace as 2578 the AlertmanagerConfig object and accessible by 2579 the Prometheus Operator. 2580 properties: 2581 key: 2582 description: The key of the secret to select from. Must 2583 be a valid secret key. 2584 type: string 2585 name: 2586 description: 'Name of the referent. More info: 2587 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2588 TODO: Add other useful fields. apiVersion, kind, 2589 uid?' 2590 type: string 2591 optional: 2592 description: Specify whether the Secret or its 2593 key must be defined 2594 type: boolean 2595 required: 2596 - key 2597 type: object 2598 proxyURL: 2599 description: Optional proxy URL. 2600 type: string 2601 tlsConfig: 2602 description: TLS configuration for the client. 2603 properties: 2604 ca: 2605 description: Struct containing the CA cert to 2606 use for the targets. 2607 properties: 2608 configMap: 2609 description: ConfigMap containing data to 2610 use for the targets. 2611 properties: 2612 key: 2613 description: The key to select. 2614 type: string 2615 name: 2616 description: 'Name of the referent. More 2617 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2618 TODO: Add other useful fields. apiVersion, 2619 kind, uid?' 2620 type: string 2621 optional: 2622 description: Specify whether the ConfigMap 2623 or its key must be defined 2624 type: boolean 2625 required: 2626 - key 2627 type: object 2628 secret: 2629 description: Secret containing data to use 2630 for the targets. 2631 properties: 2632 key: 2633 description: The key of the secret to 2634 select from. Must be a valid secret 2635 key. 2636 type: string 2637 name: 2638 description: 'Name of the referent. More 2639 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2640 TODO: Add other useful fields. apiVersion, 2641 kind, uid?' 2642 type: string 2643 optional: 2644 description: Specify whether the Secret 2645 or its key must be defined 2646 type: boolean 2647 required: 2648 - key 2649 type: object 2650 type: object 2651 cert: 2652 description: Struct containing the client cert 2653 file for the targets. 2654 properties: 2655 configMap: 2656 description: ConfigMap containing data to 2657 use for the targets. 2658 properties: 2659 key: 2660 description: The key to select. 2661 type: string 2662 name: 2663 description: 'Name of the referent. More 2664 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2665 TODO: Add other useful fields. apiVersion, 2666 kind, uid?' 2667 type: string 2668 optional: 2669 description: Specify whether the ConfigMap 2670 or its key must be defined 2671 type: boolean 2672 required: 2673 - key 2674 type: object 2675 secret: 2676 description: Secret containing data to use 2677 for the targets. 2678 properties: 2679 key: 2680 description: The key of the secret to 2681 select from. Must be a valid secret 2682 key. 2683 type: string 2684 name: 2685 description: 'Name of the referent. More 2686 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2687 TODO: Add other useful fields. apiVersion, 2688 kind, uid?' 2689 type: string 2690 optional: 2691 description: Specify whether the Secret 2692 or its key must be defined 2693 type: boolean 2694 required: 2695 - key 2696 type: object 2697 type: object 2698 insecureSkipVerify: 2699 description: Disable target certificate validation. 2700 type: boolean 2701 keySecret: 2702 description: Secret containing the client key 2703 file for the targets. 2704 properties: 2705 key: 2706 description: The key of the secret to select 2707 from. Must be a valid secret key. 2708 type: string 2709 name: 2710 description: 'Name of the referent. More info: 2711 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2712 TODO: Add other useful fields. apiVersion, 2713 kind, uid?' 2714 type: string 2715 optional: 2716 description: Specify whether the Secret or 2717 its key must be defined 2718 type: boolean 2719 required: 2720 - key 2721 type: object 2722 serverName: 2723 description: Used to verify the hostname for the 2724 targets. 2725 type: string 2726 type: object 2727 type: object 2728 message: 2729 description: API request data as defined by the WeChat 2730 API. 2731 type: string 2732 messageType: 2733 type: string 2734 sendResolved: 2735 description: Whether or not to notify about resolved alerts. 2736 type: boolean 2737 toParty: 2738 type: string 2739 toTag: 2740 type: string 2741 toUser: 2742 type: string 2743 type: object 2744 type: array 2745 required: 2746 - name 2747 type: object 2748 type: array 2749 route: 2750 description: The Alertmanager route definition for alerts matching 2751 the resource’s namespace. If present, it will be added to the generated 2752 Alertmanager configuration as a first-level route. 2753 properties: 2754 continue: 2755 description: Boolean indicating whether an alert should continue 2756 matching subsequent sibling nodes. It will always be overridden 2757 to true for the first-level route by the Prometheus operator. 2758 type: boolean 2759 groupBy: 2760 description: List of labels to group by. Labels must not be repeated 2761 (unique list). Special label "..." (aggregate by all possible 2762 labels), if provided, must be the only element in the list. 2763 items: 2764 type: string 2765 type: array 2766 groupInterval: 2767 description: 'How long to wait before sending an updated notification. 2768 Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` 2769 Example: "5m"' 2770 type: string 2771 groupWait: 2772 description: 'How long to wait before sending the initial notification. 2773 Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` 2774 Example: "30s"' 2775 type: string 2776 matchers: 2777 description: 'List of matchers that the alert’s labels should 2778 match. For the first level route, the operator removes any existing 2779 equality and regexp matcher on the `namespace` label and adds 2780 a `namespace: <object namespace>` matcher.' 2781 items: 2782 description: Matcher defines how to match on alert's labels. 2783 properties: 2784 matchType: 2785 description: Match operation available with AlertManager 2786 >= v0.22.0 and takes precedence over Regex (deprecated) 2787 if non-empty. 2788 enum: 2789 - '!=' 2790 - = 2791 - =~ 2792 - '!~' 2793 type: string 2794 name: 2795 description: Label to match. 2796 minLength: 1 2797 type: string 2798 regex: 2799 description: Whether to match on equality (false) or regular-expression 2800 (true). Deprecated as of AlertManager >= v0.22.0 where 2801 a user should use MatchType instead. 2802 type: boolean 2803 value: 2804 description: Label value to match. 2805 type: string 2806 required: 2807 - name 2808 type: object 2809 type: array 2810 muteTimeIntervals: 2811 description: 'Note: this comment applies to the field definition 2812 above but appears below otherwise it gets included in the generated 2813 manifest. CRD schema doesn''t support self-referential types 2814 for now (see https://github.com/kubernetes/kubernetes/issues/62872). 2815 We have to use an alternative type to circumvent the limitation. 2816 The downside is that the Kube API can''t validate the data beyond 2817 the fact that it is a valid JSON representation. MuteTimeIntervals 2818 is a list of MuteTimeInterval names that will mute this route 2819 when matched,' 2820 items: 2821 type: string 2822 type: array 2823 receiver: 2824 description: Name of the receiver for this route. If not empty, 2825 it should be listed in the `receivers` field. 2826 type: string 2827 repeatInterval: 2828 description: 'How long to wait before repeating the last notification. 2829 Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` 2830 Example: "4h"' 2831 type: string 2832 routes: 2833 description: Child routes. 2834 items: 2835 x-kubernetes-preserve-unknown-fields: true 2836 type: array 2837 type: object 2838 type: object 2839 required: 2840 - spec 2841 type: object 2842 served: true 2843 storage: true 2844 status: 2845 acceptedNames: 2846 kind: "" 2847 plural: "" 2848 conditions: [] 2849 storedVersions: [] 2850 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml 2851 2852 --- 2853 apiVersion: apiextensions.k8s.io/v1 2854 kind: CustomResourceDefinition 2855 metadata: 2856 annotations: 2857 controller-gen.kubebuilder.io/version: v0.6.2 2858 creationTimestamp: null 2859 name: alertmanagers.monitoring.coreos.com 2860 spec: 2861 group: monitoring.coreos.com 2862 names: 2863 categories: 2864 - prometheus-operator 2865 kind: Alertmanager 2866 listKind: AlertmanagerList 2867 plural: alertmanagers 2868 singular: alertmanager 2869 scope: Namespaced 2870 versions: 2871 - additionalPrinterColumns: 2872 - description: The version of Alertmanager 2873 jsonPath: .spec.version 2874 name: Version 2875 type: string 2876 - description: The desired replicas number of Alertmanagers 2877 jsonPath: .spec.replicas 2878 name: Replicas 2879 type: integer 2880 - jsonPath: .metadata.creationTimestamp 2881 name: Age 2882 type: date 2883 name: v1 2884 schema: 2885 openAPIV3Schema: 2886 description: Alertmanager describes an Alertmanager cluster. 2887 properties: 2888 apiVersion: 2889 description: 'APIVersion defines the versioned schema of this representation 2890 of an object. Servers should convert recognized schemas to the latest 2891 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2892 type: string 2893 kind: 2894 description: 'Kind is a string value representing the REST resource this 2895 object represents. Servers may infer this from the endpoint the client 2896 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2897 type: string 2898 metadata: 2899 type: object 2900 spec: 2901 description: 'Specification of the desired behavior of the Alertmanager 2902 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 2903 properties: 2904 additionalPeers: 2905 description: AdditionalPeers allows injecting a set of additional 2906 Alertmanagers to peer with to form a highly available cluster. 2907 items: 2908 type: string 2909 type: array 2910 affinity: 2911 description: If specified, the pod's scheduling constraints. 2912 properties: 2913 nodeAffinity: 2914 description: Describes node affinity scheduling rules for the 2915 pod. 2916 properties: 2917 preferredDuringSchedulingIgnoredDuringExecution: 2918 description: The scheduler will prefer to schedule pods to 2919 nodes that satisfy the affinity expressions specified by 2920 this field, but it may choose a node that violates one or 2921 more of the expressions. The node that is most preferred 2922 is the one with the greatest sum of weights, i.e. for each 2923 node that meets all of the scheduling requirements (resource 2924 request, requiredDuringScheduling affinity expressions, 2925 etc.), compute a sum by iterating through the elements of 2926 this field and adding "weight" to the sum if the node matches 2927 the corresponding matchExpressions; the node(s) with the 2928 highest sum are the most preferred. 2929 items: 2930 description: An empty preferred scheduling term matches 2931 all objects with implicit weight 0 (i.e. it's a no-op). 2932 A null preferred scheduling term matches no objects (i.e. 2933 is also a no-op). 2934 properties: 2935 preference: 2936 description: A node selector term, associated with the 2937 corresponding weight. 2938 properties: 2939 matchExpressions: 2940 description: A list of node selector requirements 2941 by node's labels. 2942 items: 2943 description: A node selector requirement is a 2944 selector that contains values, a key, and an 2945 operator that relates the key and values. 2946 properties: 2947 key: 2948 description: The label key that the selector 2949 applies to. 2950 type: string 2951 operator: 2952 description: Represents a key's relationship 2953 to a set of values. Valid operators are 2954 In, NotIn, Exists, DoesNotExist. Gt, and 2955 Lt. 2956 type: string 2957 values: 2958 description: An array of string values. If 2959 the operator is In or NotIn, the values 2960 array must be non-empty. If the operator 2961 is Exists or DoesNotExist, the values array 2962 must be empty. If the operator is Gt or 2963 Lt, the values array must have a single 2964 element, which will be interpreted as an 2965 integer. This array is replaced during a 2966 strategic merge patch. 2967 items: 2968 type: string 2969 type: array 2970 required: 2971 - key 2972 - operator 2973 type: object 2974 type: array 2975 matchFields: 2976 description: A list of node selector requirements 2977 by node's fields. 2978 items: 2979 description: A node selector requirement is a 2980 selector that contains values, a key, and an 2981 operator that relates the key and values. 2982 properties: 2983 key: 2984 description: The label key that the selector 2985 applies to. 2986 type: string 2987 operator: 2988 description: Represents a key's relationship 2989 to a set of values. Valid operators are 2990 In, NotIn, Exists, DoesNotExist. Gt, and 2991 Lt. 2992 type: string 2993 values: 2994 description: An array of string values. If 2995 the operator is In or NotIn, the values 2996 array must be non-empty. If the operator 2997 is Exists or DoesNotExist, the values array 2998 must be empty. If the operator is Gt or 2999 Lt, the values array must have a single 3000 element, which will be interpreted as an 3001 integer. This array is replaced during a 3002 strategic merge patch. 3003 items: 3004 type: string 3005 type: array 3006 required: 3007 - key 3008 - operator 3009 type: object 3010 type: array 3011 type: object 3012 weight: 3013 description: Weight associated with matching the corresponding 3014 nodeSelectorTerm, in the range 1-100. 3015 format: int32 3016 type: integer 3017 required: 3018 - preference 3019 - weight 3020 type: object 3021 type: array 3022 requiredDuringSchedulingIgnoredDuringExecution: 3023 description: If the affinity requirements specified by this 3024 field are not met at scheduling time, the pod will not be 3025 scheduled onto the node. If the affinity requirements specified 3026 by this field cease to be met at some point during pod execution 3027 (e.g. due to an update), the system may or may not try to 3028 eventually evict the pod from its node. 3029 properties: 3030 nodeSelectorTerms: 3031 description: Required. A list of node selector terms. 3032 The terms are ORed. 3033 items: 3034 description: A null or empty node selector term matches 3035 no objects. The requirements of them are ANDed. The 3036 TopologySelectorTerm type implements a subset of the 3037 NodeSelectorTerm. 3038 properties: 3039 matchExpressions: 3040 description: A list of node selector requirements 3041 by node's labels. 3042 items: 3043 description: A node selector requirement is a 3044 selector that contains values, a key, and an 3045 operator that relates the key and values. 3046 properties: 3047 key: 3048 description: The label key that the selector 3049 applies to. 3050 type: string 3051 operator: 3052 description: Represents a key's relationship 3053 to a set of values. Valid operators are 3054 In, NotIn, Exists, DoesNotExist. Gt, and 3055 Lt. 3056 type: string 3057 values: 3058 description: An array of string values. If 3059 the operator is In or NotIn, the values 3060 array must be non-empty. If the operator 3061 is Exists or DoesNotExist, the values array 3062 must be empty. If the operator is Gt or 3063 Lt, the values array must have a single 3064 element, which will be interpreted as an 3065 integer. This array is replaced during a 3066 strategic merge patch. 3067 items: 3068 type: string 3069 type: array 3070 required: 3071 - key 3072 - operator 3073 type: object 3074 type: array 3075 matchFields: 3076 description: A list of node selector requirements 3077 by node's fields. 3078 items: 3079 description: A node selector requirement is a 3080 selector that contains values, a key, and an 3081 operator that relates the key and values. 3082 properties: 3083 key: 3084 description: The label key that the selector 3085 applies to. 3086 type: string 3087 operator: 3088 description: Represents a key's relationship 3089 to a set of values. Valid operators are 3090 In, NotIn, Exists, DoesNotExist. Gt, and 3091 Lt. 3092 type: string 3093 values: 3094 description: An array of string values. If 3095 the operator is In or NotIn, the values 3096 array must be non-empty. If the operator 3097 is Exists or DoesNotExist, the values array 3098 must be empty. If the operator is Gt or 3099 Lt, the values array must have a single 3100 element, which will be interpreted as an 3101 integer. This array is replaced during a 3102 strategic merge patch. 3103 items: 3104 type: string 3105 type: array 3106 required: 3107 - key 3108 - operator 3109 type: object 3110 type: array 3111 type: object 3112 type: array 3113 required: 3114 - nodeSelectorTerms 3115 type: object 3116 type: object 3117 podAffinity: 3118 description: Describes pod affinity scheduling rules (e.g. co-locate 3119 this pod in the same node, zone, etc. as some other pod(s)). 3120 properties: 3121 preferredDuringSchedulingIgnoredDuringExecution: 3122 description: The scheduler will prefer to schedule pods to 3123 nodes that satisfy the affinity expressions specified by 3124 this field, but it may choose a node that violates one or 3125 more of the expressions. The node that is most preferred 3126 is the one with the greatest sum of weights, i.e. for each 3127 node that meets all of the scheduling requirements (resource 3128 request, requiredDuringScheduling affinity expressions, 3129 etc.), compute a sum by iterating through the elements of 3130 this field and adding "weight" to the sum if the node has 3131 pods which matches the corresponding podAffinityTerm; the 3132 node(s) with the highest sum are the most preferred. 3133 items: 3134 description: The weights of all of the matched WeightedPodAffinityTerm 3135 fields are added per-node to find the most preferred node(s) 3136 properties: 3137 podAffinityTerm: 3138 description: Required. A pod affinity term, associated 3139 with the corresponding weight. 3140 properties: 3141 labelSelector: 3142 description: A label query over a set of resources, 3143 in this case pods. 3144 properties: 3145 matchExpressions: 3146 description: matchExpressions is a list of label 3147 selector requirements. The requirements are 3148 ANDed. 3149 items: 3150 description: A label selector requirement 3151 is a selector that contains values, a key, 3152 and an operator that relates the key and 3153 values. 3154 properties: 3155 key: 3156 description: key is the label key that 3157 the selector applies to. 3158 type: string 3159 operator: 3160 description: operator represents a key's 3161 relationship to a set of values. Valid 3162 operators are In, NotIn, Exists and 3163 DoesNotExist. 3164 type: string 3165 values: 3166 description: values is an array of string 3167 values. If the operator is In or NotIn, 3168 the values array must be non-empty. 3169 If the operator is Exists or DoesNotExist, 3170 the values array must be empty. This 3171 array is replaced during a strategic 3172 merge patch. 3173 items: 3174 type: string 3175 type: array 3176 required: 3177 - key 3178 - operator 3179 type: object 3180 type: array 3181 matchLabels: 3182 additionalProperties: 3183 type: string 3184 description: matchLabels is a map of {key,value} 3185 pairs. A single {key,value} in the matchLabels 3186 map is equivalent to an element of matchExpressions, 3187 whose key field is "key", the operator is 3188 "In", and the values array contains only "value". 3189 The requirements are ANDed. 3190 type: object 3191 type: object 3192 namespaceSelector: 3193 description: A label query over the set of namespaces 3194 that the term applies to. The term is applied 3195 to the union of the namespaces selected by this 3196 field and the ones listed in the namespaces field. 3197 null selector and null or empty namespaces list 3198 means "this pod's namespace". An empty selector 3199 ({}) matches all namespaces. This field is beta-level 3200 and is only honored when PodAffinityNamespaceSelector 3201 feature is enabled. 3202 properties: 3203 matchExpressions: 3204 description: matchExpressions is a list of label 3205 selector requirements. The requirements are 3206 ANDed. 3207 items: 3208 description: A label selector requirement 3209 is a selector that contains values, a key, 3210 and an operator that relates the key and 3211 values. 3212 properties: 3213 key: 3214 description: key is the label key that 3215 the selector applies to. 3216 type: string 3217 operator: 3218 description: operator represents a key's 3219 relationship to a set of values. Valid 3220 operators are In, NotIn, Exists and 3221 DoesNotExist. 3222 type: string 3223 values: 3224 description: values is an array of string 3225 values. If the operator is In or NotIn, 3226 the values array must be non-empty. 3227 If the operator is Exists or DoesNotExist, 3228 the values array must be empty. This 3229 array is replaced during a strategic 3230 merge patch. 3231 items: 3232 type: string 3233 type: array 3234 required: 3235 - key 3236 - operator 3237 type: object 3238 type: array 3239 matchLabels: 3240 additionalProperties: 3241 type: string 3242 description: matchLabels is a map of {key,value} 3243 pairs. A single {key,value} in the matchLabels 3244 map is equivalent to an element of matchExpressions, 3245 whose key field is "key", the operator is 3246 "In", and the values array contains only "value". 3247 The requirements are ANDed. 3248 type: object 3249 type: object 3250 namespaces: 3251 description: namespaces specifies a static list 3252 of namespace names that the term applies to. The 3253 term is applied to the union of the namespaces 3254 listed in this field and the ones selected by 3255 namespaceSelector. null or empty namespaces list 3256 and null namespaceSelector means "this pod's namespace" 3257 items: 3258 type: string 3259 type: array 3260 topologyKey: 3261 description: This pod should be co-located (affinity) 3262 or not co-located (anti-affinity) with the pods 3263 matching the labelSelector in the specified namespaces, 3264 where co-located is defined as running on a node 3265 whose value of the label with key topologyKey 3266 matches that of any node on which any of the selected 3267 pods is running. Empty topologyKey is not allowed. 3268 type: string 3269 required: 3270 - topologyKey 3271 type: object 3272 weight: 3273 description: weight associated with matching the corresponding 3274 podAffinityTerm, in the range 1-100. 3275 format: int32 3276 type: integer 3277 required: 3278 - podAffinityTerm 3279 - weight 3280 type: object 3281 type: array 3282 requiredDuringSchedulingIgnoredDuringExecution: 3283 description: If the affinity requirements specified by this 3284 field are not met at scheduling time, the pod will not be 3285 scheduled onto the node. If the affinity requirements specified 3286 by this field cease to be met at some point during pod execution 3287 (e.g. due to a pod label update), the system may or may 3288 not try to eventually evict the pod from its node. When 3289 there are multiple elements, the lists of nodes corresponding 3290 to each podAffinityTerm are intersected, i.e. all terms 3291 must be satisfied. 3292 items: 3293 description: Defines a set of pods (namely those matching 3294 the labelSelector relative to the given namespace(s)) 3295 that this pod should be co-located (affinity) or not co-located 3296 (anti-affinity) with, where co-located is defined as running 3297 on a node whose value of the label with key <topologyKey> 3298 matches that of any node on which a pod of the set of 3299 pods is running 3300 properties: 3301 labelSelector: 3302 description: A label query over a set of resources, 3303 in this case pods. 3304 properties: 3305 matchExpressions: 3306 description: matchExpressions is a list of label 3307 selector requirements. The requirements are ANDed. 3308 items: 3309 description: A label selector requirement is a 3310 selector that contains values, a key, and an 3311 operator that relates the key and values. 3312 properties: 3313 key: 3314 description: key is the label key that the 3315 selector applies to. 3316 type: string 3317 operator: 3318 description: operator represents a key's relationship 3319 to a set of values. Valid operators are 3320 In, NotIn, Exists and DoesNotExist. 3321 type: string 3322 values: 3323 description: values is an array of string 3324 values. If the operator is In or NotIn, 3325 the values array must be non-empty. If the 3326 operator is Exists or DoesNotExist, the 3327 values array must be empty. This array is 3328 replaced during a strategic merge patch. 3329 items: 3330 type: string 3331 type: array 3332 required: 3333 - key 3334 - operator 3335 type: object 3336 type: array 3337 matchLabels: 3338 additionalProperties: 3339 type: string 3340 description: matchLabels is a map of {key,value} 3341 pairs. A single {key,value} in the matchLabels 3342 map is equivalent to an element of matchExpressions, 3343 whose key field is "key", the operator is "In", 3344 and the values array contains only "value". The 3345 requirements are ANDed. 3346 type: object 3347 type: object 3348 namespaceSelector: 3349 description: A label query over the set of namespaces 3350 that the term applies to. The term is applied to the 3351 union of the namespaces selected by this field and 3352 the ones listed in the namespaces field. null selector 3353 and null or empty namespaces list means "this pod's 3354 namespace". An empty selector ({}) matches all namespaces. 3355 This field is beta-level and is only honored when 3356 PodAffinityNamespaceSelector feature is enabled. 3357 properties: 3358 matchExpressions: 3359 description: matchExpressions is a list of label 3360 selector requirements. The requirements are ANDed. 3361 items: 3362 description: A label selector requirement is a 3363 selector that contains values, a key, and an 3364 operator that relates the key and values. 3365 properties: 3366 key: 3367 description: key is the label key that the 3368 selector applies to. 3369 type: string 3370 operator: 3371 description: operator represents a key's relationship 3372 to a set of values. Valid operators are 3373 In, NotIn, Exists and DoesNotExist. 3374 type: string 3375 values: 3376 description: values is an array of string 3377 values. If the operator is In or NotIn, 3378 the values array must be non-empty. If the 3379 operator is Exists or DoesNotExist, the 3380 values array must be empty. This array is 3381 replaced during a strategic merge patch. 3382 items: 3383 type: string 3384 type: array 3385 required: 3386 - key 3387 - operator 3388 type: object 3389 type: array 3390 matchLabels: 3391 additionalProperties: 3392 type: string 3393 description: matchLabels is a map of {key,value} 3394 pairs. A single {key,value} in the matchLabels 3395 map is equivalent to an element of matchExpressions, 3396 whose key field is "key", the operator is "In", 3397 and the values array contains only "value". The 3398 requirements are ANDed. 3399 type: object 3400 type: object 3401 namespaces: 3402 description: namespaces specifies a static list of namespace 3403 names that the term applies to. The term is applied 3404 to the union of the namespaces listed in this field 3405 and the ones selected by namespaceSelector. null or 3406 empty namespaces list and null namespaceSelector means 3407 "this pod's namespace" 3408 items: 3409 type: string 3410 type: array 3411 topologyKey: 3412 description: This pod should be co-located (affinity) 3413 or not co-located (anti-affinity) with the pods matching 3414 the labelSelector in the specified namespaces, where 3415 co-located is defined as running on a node whose value 3416 of the label with key topologyKey matches that of 3417 any node on which any of the selected pods is running. 3418 Empty topologyKey is not allowed. 3419 type: string 3420 required: 3421 - topologyKey 3422 type: object 3423 type: array 3424 type: object 3425 podAntiAffinity: 3426 description: Describes pod anti-affinity scheduling rules (e.g. 3427 avoid putting this pod in the same node, zone, etc. as some 3428 other pod(s)). 3429 properties: 3430 preferredDuringSchedulingIgnoredDuringExecution: 3431 description: The scheduler will prefer to schedule pods to 3432 nodes that satisfy the anti-affinity expressions specified 3433 by this field, but it may choose a node that violates one 3434 or more of the expressions. The node that is most preferred 3435 is the one with the greatest sum of weights, i.e. for each 3436 node that meets all of the scheduling requirements (resource 3437 request, requiredDuringScheduling anti-affinity expressions, 3438 etc.), compute a sum by iterating through the elements of 3439 this field and adding "weight" to the sum if the node has 3440 pods which matches the corresponding podAffinityTerm; the 3441 node(s) with the highest sum are the most preferred. 3442 items: 3443 description: The weights of all of the matched WeightedPodAffinityTerm 3444 fields are added per-node to find the most preferred node(s) 3445 properties: 3446 podAffinityTerm: 3447 description: Required. A pod affinity term, associated 3448 with the corresponding weight. 3449 properties: 3450 labelSelector: 3451 description: A label query over a set of resources, 3452 in this case pods. 3453 properties: 3454 matchExpressions: 3455 description: matchExpressions is a list of label 3456 selector requirements. The requirements are 3457 ANDed. 3458 items: 3459 description: A label selector requirement 3460 is a selector that contains values, a key, 3461 and an operator that relates the key and 3462 values. 3463 properties: 3464 key: 3465 description: key is the label key that 3466 the selector applies to. 3467 type: string 3468 operator: 3469 description: operator represents a key's 3470 relationship to a set of values. Valid 3471 operators are In, NotIn, Exists and 3472 DoesNotExist. 3473 type: string 3474 values: 3475 description: values is an array of string 3476 values. If the operator is In or NotIn, 3477 the values array must be non-empty. 3478 If the operator is Exists or DoesNotExist, 3479 the values array must be empty. This 3480 array is replaced during a strategic 3481 merge patch. 3482 items: 3483 type: string 3484 type: array 3485 required: 3486 - key 3487 - operator 3488 type: object 3489 type: array 3490 matchLabels: 3491 additionalProperties: 3492 type: string 3493 description: matchLabels is a map of {key,value} 3494 pairs. A single {key,value} in the matchLabels 3495 map is equivalent to an element of matchExpressions, 3496 whose key field is "key", the operator is 3497 "In", and the values array contains only "value". 3498 The requirements are ANDed. 3499 type: object 3500 type: object 3501 namespaceSelector: 3502 description: A label query over the set of namespaces 3503 that the term applies to. The term is applied 3504 to the union of the namespaces selected by this 3505 field and the ones listed in the namespaces field. 3506 null selector and null or empty namespaces list 3507 means "this pod's namespace". An empty selector 3508 ({}) matches all namespaces. This field is beta-level 3509 and is only honored when PodAffinityNamespaceSelector 3510 feature is enabled. 3511 properties: 3512 matchExpressions: 3513 description: matchExpressions is a list of label 3514 selector requirements. The requirements are 3515 ANDed. 3516 items: 3517 description: A label selector requirement 3518 is a selector that contains values, a key, 3519 and an operator that relates the key and 3520 values. 3521 properties: 3522 key: 3523 description: key is the label key that 3524 the selector applies to. 3525 type: string 3526 operator: 3527 description: operator represents a key's 3528 relationship to a set of values. Valid 3529 operators are In, NotIn, Exists and 3530 DoesNotExist. 3531 type: string 3532 values: 3533 description: values is an array of string 3534 values. If the operator is In or NotIn, 3535 the values array must be non-empty. 3536 If the operator is Exists or DoesNotExist, 3537 the values array must be empty. This 3538 array is replaced during a strategic 3539 merge patch. 3540 items: 3541 type: string 3542 type: array 3543 required: 3544 - key 3545 - operator 3546 type: object 3547 type: array 3548 matchLabels: 3549 additionalProperties: 3550 type: string 3551 description: matchLabels is a map of {key,value} 3552 pairs. A single {key,value} in the matchLabels 3553 map is equivalent to an element of matchExpressions, 3554 whose key field is "key", the operator is 3555 "In", and the values array contains only "value". 3556 The requirements are ANDed. 3557 type: object 3558 type: object 3559 namespaces: 3560 description: namespaces specifies a static list 3561 of namespace names that the term applies to. The 3562 term is applied to the union of the namespaces 3563 listed in this field and the ones selected by 3564 namespaceSelector. null or empty namespaces list 3565 and null namespaceSelector means "this pod's namespace" 3566 items: 3567 type: string 3568 type: array 3569 topologyKey: 3570 description: This pod should be co-located (affinity) 3571 or not co-located (anti-affinity) with the pods 3572 matching the labelSelector in the specified namespaces, 3573 where co-located is defined as running on a node 3574 whose value of the label with key topologyKey 3575 matches that of any node on which any of the selected 3576 pods is running. Empty topologyKey is not allowed. 3577 type: string 3578 required: 3579 - topologyKey 3580 type: object 3581 weight: 3582 description: weight associated with matching the corresponding 3583 podAffinityTerm, in the range 1-100. 3584 format: int32 3585 type: integer 3586 required: 3587 - podAffinityTerm 3588 - weight 3589 type: object 3590 type: array 3591 requiredDuringSchedulingIgnoredDuringExecution: 3592 description: If the anti-affinity requirements specified by 3593 this field are not met at scheduling time, the pod will 3594 not be scheduled onto the node. If the anti-affinity requirements 3595 specified by this field cease to be met at some point during 3596 pod execution (e.g. due to a pod label update), the system 3597 may or may not try to eventually evict the pod from its 3598 node. When there are multiple elements, the lists of nodes 3599 corresponding to each podAffinityTerm are intersected, i.e. 3600 all terms must be satisfied. 3601 items: 3602 description: Defines a set of pods (namely those matching 3603 the labelSelector relative to the given namespace(s)) 3604 that this pod should be co-located (affinity) or not co-located 3605 (anti-affinity) with, where co-located is defined as running 3606 on a node whose value of the label with key <topologyKey> 3607 matches that of any node on which a pod of the set of 3608 pods is running 3609 properties: 3610 labelSelector: 3611 description: A label query over a set of resources, 3612 in this case pods. 3613 properties: 3614 matchExpressions: 3615 description: matchExpressions is a list of label 3616 selector requirements. The requirements are ANDed. 3617 items: 3618 description: A label selector requirement is a 3619 selector that contains values, a key, and an 3620 operator that relates the key and values. 3621 properties: 3622 key: 3623 description: key is the label key that the 3624 selector applies to. 3625 type: string 3626 operator: 3627 description: operator represents a key's relationship 3628 to a set of values. Valid operators are 3629 In, NotIn, Exists and DoesNotExist. 3630 type: string 3631 values: 3632 description: values is an array of string 3633 values. If the operator is In or NotIn, 3634 the values array must be non-empty. If the 3635 operator is Exists or DoesNotExist, the 3636 values array must be empty. This array is 3637 replaced during a strategic merge patch. 3638 items: 3639 type: string 3640 type: array 3641 required: 3642 - key 3643 - operator 3644 type: object 3645 type: array 3646 matchLabels: 3647 additionalProperties: 3648 type: string 3649 description: matchLabels is a map of {key,value} 3650 pairs. A single {key,value} in the matchLabels 3651 map is equivalent to an element of matchExpressions, 3652 whose key field is "key", the operator is "In", 3653 and the values array contains only "value". The 3654 requirements are ANDed. 3655 type: object 3656 type: object 3657 namespaceSelector: 3658 description: A label query over the set of namespaces 3659 that the term applies to. The term is applied to the 3660 union of the namespaces selected by this field and 3661 the ones listed in the namespaces field. null selector 3662 and null or empty namespaces list means "this pod's 3663 namespace". An empty selector ({}) matches all namespaces. 3664 This field is beta-level and is only honored when 3665 PodAffinityNamespaceSelector feature is enabled. 3666 properties: 3667 matchExpressions: 3668 description: matchExpressions is a list of label 3669 selector requirements. The requirements are ANDed. 3670 items: 3671 description: A label selector requirement is a 3672 selector that contains values, a key, and an 3673 operator that relates the key and values. 3674 properties: 3675 key: 3676 description: key is the label key that the 3677 selector applies to. 3678 type: string 3679 operator: 3680 description: operator represents a key's relationship 3681 to a set of values. Valid operators are 3682 In, NotIn, Exists and DoesNotExist. 3683 type: string 3684 values: 3685 description: values is an array of string 3686 values. If the operator is In or NotIn, 3687 the values array must be non-empty. If the 3688 operator is Exists or DoesNotExist, the 3689 values array must be empty. This array is 3690 replaced during a strategic merge patch. 3691 items: 3692 type: string 3693 type: array 3694 required: 3695 - key 3696 - operator 3697 type: object 3698 type: array 3699 matchLabels: 3700 additionalProperties: 3701 type: string 3702 description: matchLabels is a map of {key,value} 3703 pairs. A single {key,value} in the matchLabels 3704 map is equivalent to an element of matchExpressions, 3705 whose key field is "key", the operator is "In", 3706 and the values array contains only "value". The 3707 requirements are ANDed. 3708 type: object 3709 type: object 3710 namespaces: 3711 description: namespaces specifies a static list of namespace 3712 names that the term applies to. The term is applied 3713 to the union of the namespaces listed in this field 3714 and the ones selected by namespaceSelector. null or 3715 empty namespaces list and null namespaceSelector means 3716 "this pod's namespace" 3717 items: 3718 type: string 3719 type: array 3720 topologyKey: 3721 description: This pod should be co-located (affinity) 3722 or not co-located (anti-affinity) with the pods matching 3723 the labelSelector in the specified namespaces, where 3724 co-located is defined as running on a node whose value 3725 of the label with key topologyKey matches that of 3726 any node on which any of the selected pods is running. 3727 Empty topologyKey is not allowed. 3728 type: string 3729 required: 3730 - topologyKey 3731 type: object 3732 type: array 3733 type: object 3734 type: object 3735 alertmanagerConfigNamespaceSelector: 3736 description: Namespaces to be selected for AlertmanagerConfig discovery. 3737 If nil, only check own namespace. 3738 properties: 3739 matchExpressions: 3740 description: matchExpressions is a list of label selector requirements. 3741 The requirements are ANDed. 3742 items: 3743 description: A label selector requirement is a selector that 3744 contains values, a key, and an operator that relates the key 3745 and values. 3746 properties: 3747 key: 3748 description: key is the label key that the selector applies 3749 to. 3750 type: string 3751 operator: 3752 description: operator represents a key's relationship to 3753 a set of values. Valid operators are In, NotIn, Exists 3754 and DoesNotExist. 3755 type: string 3756 values: 3757 description: values is an array of string values. If the 3758 operator is In or NotIn, the values array must be non-empty. 3759 If the operator is Exists or DoesNotExist, the values 3760 array must be empty. This array is replaced during a strategic 3761 merge patch. 3762 items: 3763 type: string 3764 type: array 3765 required: 3766 - key 3767 - operator 3768 type: object 3769 type: array 3770 matchLabels: 3771 additionalProperties: 3772 type: string 3773 description: matchLabels is a map of {key,value} pairs. A single 3774 {key,value} in the matchLabels map is equivalent to an element 3775 of matchExpressions, whose key field is "key", the operator 3776 is "In", and the values array contains only "value". The requirements 3777 are ANDed. 3778 type: object 3779 type: object 3780 alertmanagerConfigSelector: 3781 description: AlertmanagerConfigs to be selected for to merge and configure 3782 Alertmanager with. 3783 properties: 3784 matchExpressions: 3785 description: matchExpressions is a list of label selector requirements. 3786 The requirements are ANDed. 3787 items: 3788 description: A label selector requirement is a selector that 3789 contains values, a key, and an operator that relates the key 3790 and values. 3791 properties: 3792 key: 3793 description: key is the label key that the selector applies 3794 to. 3795 type: string 3796 operator: 3797 description: operator represents a key's relationship to 3798 a set of values. Valid operators are In, NotIn, Exists 3799 and DoesNotExist. 3800 type: string 3801 values: 3802 description: values is an array of string values. If the 3803 operator is In or NotIn, the values array must be non-empty. 3804 If the operator is Exists or DoesNotExist, the values 3805 array must be empty. This array is replaced during a strategic 3806 merge patch. 3807 items: 3808 type: string 3809 type: array 3810 required: 3811 - key 3812 - operator 3813 type: object 3814 type: array 3815 matchLabels: 3816 additionalProperties: 3817 type: string 3818 description: matchLabels is a map of {key,value} pairs. A single 3819 {key,value} in the matchLabels map is equivalent to an element 3820 of matchExpressions, whose key field is "key", the operator 3821 is "In", and the values array contains only "value". The requirements 3822 are ANDed. 3823 type: object 3824 type: object 3825 baseImage: 3826 description: 'Base image that is used to deploy pods, without tag. 3827 Deprecated: use ''image'' instead' 3828 type: string 3829 clusterAdvertiseAddress: 3830 description: 'ClusterAdvertiseAddress is the explicit address to advertise 3831 in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. 3832 [1] RFC1918: https://tools.ietf.org/html/rfc1918' 3833 type: string 3834 clusterGossipInterval: 3835 description: Interval between gossip attempts. 3836 type: string 3837 clusterPeerTimeout: 3838 description: Timeout for cluster peering. 3839 type: string 3840 clusterPushpullInterval: 3841 description: Interval between pushpull attempts. 3842 type: string 3843 configMaps: 3844 description: ConfigMaps is a list of ConfigMaps in the same namespace 3845 as the Alertmanager object, which shall be mounted into the Alertmanager 3846 Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/<configmap-name>. 3847 items: 3848 type: string 3849 type: array 3850 configSecret: 3851 description: ConfigSecret is the name of a Kubernetes Secret in the 3852 same namespace as the Alertmanager object, which contains configuration 3853 for this Alertmanager instance. Defaults to 'alertmanager-<alertmanager-name>' 3854 The secret is mounted into /etc/alertmanager/config. 3855 type: string 3856 containers: 3857 description: 'Containers allows injecting additional containers. This 3858 is meant to allow adding an authentication proxy to an Alertmanager 3859 pod. Containers described here modify an operator generated container 3860 if they share the same name and modifications are done via a strategic 3861 merge patch. The current container names are: `alertmanager` and 3862 `config-reloader`. Overriding containers is entirely outside the 3863 scope of what the maintainers will support and by doing so, you 3864 accept that this behaviour may break at any time without notice.' 3865 items: 3866 description: A single application container that you want to run 3867 within a pod. 3868 properties: 3869 args: 3870 description: 'Arguments to the entrypoint. The docker image''s 3871 CMD is used if this is not provided. Variable references $(VAR_NAME) 3872 are expanded using the container''s environment. If a variable 3873 cannot be resolved, the reference in the input string will 3874 be unchanged. Double $$ are reduced to a single $, which allows 3875 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 3876 produce the string literal "$(VAR_NAME)". Escaped references 3877 will never be expanded, regardless of whether the variable 3878 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3879 items: 3880 type: string 3881 type: array 3882 command: 3883 description: 'Entrypoint array. Not executed within a shell. 3884 The docker image''s ENTRYPOINT is used if this is not provided. 3885 Variable references $(VAR_NAME) are expanded using the container''s 3886 environment. If a variable cannot be resolved, the reference 3887 in the input string will be unchanged. Double $$ are reduced 3888 to a single $, which allows for escaping the $(VAR_NAME) syntax: 3889 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 3890 Escaped references will never be expanded, regardless of whether 3891 the variable exists or not. Cannot be updated. More info: 3892 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3893 items: 3894 type: string 3895 type: array 3896 env: 3897 description: List of environment variables to set in the container. 3898 Cannot be updated. 3899 items: 3900 description: EnvVar represents an environment variable present 3901 in a Container. 3902 properties: 3903 name: 3904 description: Name of the environment variable. Must be 3905 a C_IDENTIFIER. 3906 type: string 3907 value: 3908 description: 'Variable references $(VAR_NAME) are expanded 3909 using the previously defined environment variables in 3910 the container and any service environment variables. 3911 If a variable cannot be resolved, the reference in the 3912 input string will be unchanged. Double $$ are reduced 3913 to a single $, which allows for escaping the $(VAR_NAME) 3914 syntax: i.e. "$$(VAR_NAME)" will produce the string 3915 literal "$(VAR_NAME)". Escaped references will never 3916 be expanded, regardless of whether the variable exists 3917 or not. Defaults to "".' 3918 type: string 3919 valueFrom: 3920 description: Source for the environment variable's value. 3921 Cannot be used if value is not empty. 3922 properties: 3923 configMapKeyRef: 3924 description: Selects a key of a ConfigMap. 3925 properties: 3926 key: 3927 description: The key to select. 3928 type: string 3929 name: 3930 description: 'Name of the referent. More info: 3931 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3932 TODO: Add other useful fields. apiVersion, kind, 3933 uid?' 3934 type: string 3935 optional: 3936 description: Specify whether the ConfigMap or 3937 its key must be defined 3938 type: boolean 3939 required: 3940 - key 3941 type: object 3942 fieldRef: 3943 description: 'Selects a field of the pod: supports 3944 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 3945 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3946 spec.serviceAccountName, status.hostIP, status.podIP, 3947 status.podIPs.' 3948 properties: 3949 apiVersion: 3950 description: Version of the schema the FieldPath 3951 is written in terms of, defaults to "v1". 3952 type: string 3953 fieldPath: 3954 description: Path of the field to select in the 3955 specified API version. 3956 type: string 3957 required: 3958 - fieldPath 3959 type: object 3960 resourceFieldRef: 3961 description: 'Selects a resource of the container: 3962 only resources limits and requests (limits.cpu, 3963 limits.memory, limits.ephemeral-storage, requests.cpu, 3964 requests.memory and requests.ephemeral-storage) 3965 are currently supported.' 3966 properties: 3967 containerName: 3968 description: 'Container name: required for volumes, 3969 optional for env vars' 3970 type: string 3971 divisor: 3972 anyOf: 3973 - type: integer 3974 - type: string 3975 description: Specifies the output format of the 3976 exposed resources, defaults to "1" 3977 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3978 x-kubernetes-int-or-string: true 3979 resource: 3980 description: 'Required: resource to select' 3981 type: string 3982 required: 3983 - resource 3984 type: object 3985 secretKeyRef: 3986 description: Selects a key of a secret in the pod's 3987 namespace 3988 properties: 3989 key: 3990 description: The key of the secret to select from. Must 3991 be a valid secret key. 3992 type: string 3993 name: 3994 description: 'Name of the referent. More info: 3995 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3996 TODO: Add other useful fields. apiVersion, kind, 3997 uid?' 3998 type: string 3999 optional: 4000 description: Specify whether the Secret or its 4001 key must be defined 4002 type: boolean 4003 required: 4004 - key 4005 type: object 4006 type: object 4007 required: 4008 - name 4009 type: object 4010 type: array 4011 envFrom: 4012 description: List of sources to populate environment variables 4013 in the container. The keys defined within a source must be 4014 a C_IDENTIFIER. All invalid keys will be reported as an event 4015 when the container is starting. When a key exists in multiple 4016 sources, the value associated with the last source will take 4017 precedence. Values defined by an Env with a duplicate key 4018 will take precedence. Cannot be updated. 4019 items: 4020 description: EnvFromSource represents the source of a set 4021 of ConfigMaps 4022 properties: 4023 configMapRef: 4024 description: The ConfigMap to select from 4025 properties: 4026 name: 4027 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4028 TODO: Add other useful fields. apiVersion, kind, 4029 uid?' 4030 type: string 4031 optional: 4032 description: Specify whether the ConfigMap must be 4033 defined 4034 type: boolean 4035 type: object 4036 prefix: 4037 description: An optional identifier to prepend to each 4038 key in the ConfigMap. Must be a C_IDENTIFIER. 4039 type: string 4040 secretRef: 4041 description: The Secret to select from 4042 properties: 4043 name: 4044 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4045 TODO: Add other useful fields. apiVersion, kind, 4046 uid?' 4047 type: string 4048 optional: 4049 description: Specify whether the Secret must be defined 4050 type: boolean 4051 type: object 4052 type: object 4053 type: array 4054 image: 4055 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4056 This field is optional to allow higher level config management 4057 to default or override container images in workload controllers 4058 like Deployments and StatefulSets.' 4059 type: string 4060 imagePullPolicy: 4061 description: 'Image pull policy. One of Always, Never, IfNotPresent. 4062 Defaults to Always if :latest tag is specified, or IfNotPresent 4063 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4064 type: string 4065 lifecycle: 4066 description: Actions that the management system should take 4067 in response to container lifecycle events. Cannot be updated. 4068 properties: 4069 postStart: 4070 description: 'PostStart is called immediately after a container 4071 is created. If the handler fails, the container is terminated 4072 and restarted according to its restart policy. Other management 4073 of the container blocks until the hook completes. More 4074 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4075 properties: 4076 exec: 4077 description: Exec specifies the action to take. 4078 properties: 4079 command: 4080 description: Command is the command line to execute 4081 inside the container, the working directory for 4082 the command is root ('/') in the container's 4083 filesystem. The command is simply exec'd, it is 4084 not run inside a shell, so traditional shell instructions 4085 ('|', etc) won't work. To use a shell, you need 4086 to explicitly call out to that shell. Exit status 4087 of 0 is treated as live/healthy and non-zero is 4088 unhealthy. 4089 items: 4090 type: string 4091 type: array 4092 type: object 4093 httpGet: 4094 description: HTTPGet specifies the http request to perform. 4095 properties: 4096 host: 4097 description: Host name to connect to, defaults to 4098 the pod IP. You probably want to set "Host" in 4099 httpHeaders instead. 4100 type: string 4101 httpHeaders: 4102 description: Custom headers to set in the request. 4103 HTTP allows repeated headers. 4104 items: 4105 description: HTTPHeader describes a custom header 4106 to be used in HTTP probes 4107 properties: 4108 name: 4109 description: The header field name 4110 type: string 4111 value: 4112 description: The header field value 4113 type: string 4114 required: 4115 - name 4116 - value 4117 type: object 4118 type: array 4119 path: 4120 description: Path to access on the HTTP server. 4121 type: string 4122 port: 4123 anyOf: 4124 - type: integer 4125 - type: string 4126 description: Name or number of the port to access 4127 on the container. Number must be in the range 4128 1 to 65535. Name must be an IANA_SVC_NAME. 4129 x-kubernetes-int-or-string: true 4130 scheme: 4131 description: Scheme to use for connecting to the 4132 host. Defaults to HTTP. 4133 type: string 4134 required: 4135 - port 4136 type: object 4137 tcpSocket: 4138 description: Deprecated. TCPSocket is NOT supported 4139 as a LifecycleHandler and kept for the backward compatibility. 4140 There are no validation of this field and lifecycle 4141 hooks will fail in runtime when tcp handler is specified. 4142 properties: 4143 host: 4144 description: 'Optional: Host name to connect to, 4145 defaults to the pod IP.' 4146 type: string 4147 port: 4148 anyOf: 4149 - type: integer 4150 - type: string 4151 description: Number or name of the port to access 4152 on the container. Number must be in the range 4153 1 to 65535. Name must be an IANA_SVC_NAME. 4154 x-kubernetes-int-or-string: true 4155 required: 4156 - port 4157 type: object 4158 type: object 4159 preStop: 4160 description: 'PreStop is called immediately before a container 4161 is terminated due to an API request or management event 4162 such as liveness/startup probe failure, preemption, resource 4163 contention, etc. The handler is not called if the container 4164 crashes or exits. The Pod''s termination grace period 4165 countdown begins before the PreStop hook is executed. 4166 Regardless of the outcome of the handler, the container 4167 will eventually terminate within the Pod''s termination 4168 grace period (unless delayed by finalizers). Other management 4169 of the container blocks until the hook completes or until 4170 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4171 properties: 4172 exec: 4173 description: Exec specifies the action to take. 4174 properties: 4175 command: 4176 description: Command is the command line to execute 4177 inside the container, the working directory for 4178 the command is root ('/') in the container's 4179 filesystem. The command is simply exec'd, it is 4180 not run inside a shell, so traditional shell instructions 4181 ('|', etc) won't work. To use a shell, you need 4182 to explicitly call out to that shell. Exit status 4183 of 0 is treated as live/healthy and non-zero is 4184 unhealthy. 4185 items: 4186 type: string 4187 type: array 4188 type: object 4189 httpGet: 4190 description: HTTPGet specifies the http request to perform. 4191 properties: 4192 host: 4193 description: Host name to connect to, defaults to 4194 the pod IP. You probably want to set "Host" in 4195 httpHeaders instead. 4196 type: string 4197 httpHeaders: 4198 description: Custom headers to set in the request. 4199 HTTP allows repeated headers. 4200 items: 4201 description: HTTPHeader describes a custom header 4202 to be used in HTTP probes 4203 properties: 4204 name: 4205 description: The header field name 4206 type: string 4207 value: 4208 description: The header field value 4209 type: string 4210 required: 4211 - name 4212 - value 4213 type: object 4214 type: array 4215 path: 4216 description: Path to access on the HTTP server. 4217 type: string 4218 port: 4219 anyOf: 4220 - type: integer 4221 - type: string 4222 description: Name or number of the port to access 4223 on the container. Number must be in the range 4224 1 to 65535. Name must be an IANA_SVC_NAME. 4225 x-kubernetes-int-or-string: true 4226 scheme: 4227 description: Scheme to use for connecting to the 4228 host. Defaults to HTTP. 4229 type: string 4230 required: 4231 - port 4232 type: object 4233 tcpSocket: 4234 description: Deprecated. TCPSocket is NOT supported 4235 as a LifecycleHandler and kept for the backward compatibility. 4236 There are no validation of this field and lifecycle 4237 hooks will fail in runtime when tcp handler is specified. 4238 properties: 4239 host: 4240 description: 'Optional: Host name to connect to, 4241 defaults to the pod IP.' 4242 type: string 4243 port: 4244 anyOf: 4245 - type: integer 4246 - type: string 4247 description: Number or name of the port to access 4248 on the container. Number must be in the range 4249 1 to 65535. Name must be an IANA_SVC_NAME. 4250 x-kubernetes-int-or-string: true 4251 required: 4252 - port 4253 type: object 4254 type: object 4255 type: object 4256 livenessProbe: 4257 description: 'Periodic probe of container liveness. Container 4258 will be restarted if the probe fails. Cannot be updated. More 4259 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4260 properties: 4261 exec: 4262 description: Exec specifies the action to take. 4263 properties: 4264 command: 4265 description: Command is the command line to execute 4266 inside the container, the working directory for the 4267 command is root ('/') in the container's filesystem. 4268 The command is simply exec'd, it is not run inside 4269 a shell, so traditional shell instructions ('|', etc) 4270 won't work. To use a shell, you need to explicitly 4271 call out to that shell. Exit status of 0 is treated 4272 as live/healthy and non-zero is unhealthy. 4273 items: 4274 type: string 4275 type: array 4276 type: object 4277 failureThreshold: 4278 description: Minimum consecutive failures for the probe 4279 to be considered failed after having succeeded. Defaults 4280 to 3. Minimum value is 1. 4281 format: int32 4282 type: integer 4283 grpc: 4284 description: GRPC specifies an action involving a GRPC port. 4285 This is an alpha field and requires enabling GRPCContainerProbe 4286 feature gate. 4287 properties: 4288 port: 4289 description: Port number of the gRPC service. Number 4290 must be in the range 1 to 65535. 4291 format: int32 4292 type: integer 4293 service: 4294 description: "Service is the name of the service to 4295 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4296 \n If this is not specified, the default behavior 4297 is defined by gRPC." 4298 type: string 4299 required: 4300 - port 4301 type: object 4302 httpGet: 4303 description: HTTPGet specifies the http request to perform. 4304 properties: 4305 host: 4306 description: Host name to connect to, defaults to the 4307 pod IP. You probably want to set "Host" in httpHeaders 4308 instead. 4309 type: string 4310 httpHeaders: 4311 description: Custom headers to set in the request. HTTP 4312 allows repeated headers. 4313 items: 4314 description: HTTPHeader describes a custom header 4315 to be used in HTTP probes 4316 properties: 4317 name: 4318 description: The header field name 4319 type: string 4320 value: 4321 description: The header field value 4322 type: string 4323 required: 4324 - name 4325 - value 4326 type: object 4327 type: array 4328 path: 4329 description: Path to access on the HTTP server. 4330 type: string 4331 port: 4332 anyOf: 4333 - type: integer 4334 - type: string 4335 description: Name or number of the port to access on 4336 the container. Number must be in the range 1 to 65535. 4337 Name must be an IANA_SVC_NAME. 4338 x-kubernetes-int-or-string: true 4339 scheme: 4340 description: Scheme to use for connecting to the host. 4341 Defaults to HTTP. 4342 type: string 4343 required: 4344 - port 4345 type: object 4346 initialDelaySeconds: 4347 description: 'Number of seconds after the container has 4348 started before liveness probes are initiated. More info: 4349 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4350 format: int32 4351 type: integer 4352 periodSeconds: 4353 description: How often (in seconds) to perform the probe. 4354 Default to 10 seconds. Minimum value is 1. 4355 format: int32 4356 type: integer 4357 successThreshold: 4358 description: Minimum consecutive successes for the probe 4359 to be considered successful after having failed. Defaults 4360 to 1. Must be 1 for liveness and startup. Minimum value 4361 is 1. 4362 format: int32 4363 type: integer 4364 tcpSocket: 4365 description: TCPSocket specifies an action involving a TCP 4366 port. 4367 properties: 4368 host: 4369 description: 'Optional: Host name to connect to, defaults 4370 to the pod IP.' 4371 type: string 4372 port: 4373 anyOf: 4374 - type: integer 4375 - type: string 4376 description: Number or name of the port to access on 4377 the container. Number must be in the range 1 to 65535. 4378 Name must be an IANA_SVC_NAME. 4379 x-kubernetes-int-or-string: true 4380 required: 4381 - port 4382 type: object 4383 terminationGracePeriodSeconds: 4384 description: Optional duration in seconds the pod needs 4385 to terminate gracefully upon probe failure. The grace 4386 period is the duration in seconds after the processes 4387 running in the pod are sent a termination signal and the 4388 time when the processes are forcibly halted with a kill 4389 signal. Set this value longer than the expected cleanup 4390 time for your process. If this value is nil, the pod's 4391 terminationGracePeriodSeconds will be used. Otherwise, 4392 this value overrides the value provided by the pod spec. 4393 Value must be non-negative integer. The value zero indicates 4394 stop immediately via the kill signal (no opportunity to 4395 shut down). This is a beta field and requires enabling 4396 ProbeTerminationGracePeriod feature gate. Minimum value 4397 is 1. spec.terminationGracePeriodSeconds is used if unset. 4398 format: int64 4399 type: integer 4400 timeoutSeconds: 4401 description: 'Number of seconds after which the probe times 4402 out. Defaults to 1 second. Minimum value is 1. More info: 4403 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4404 format: int32 4405 type: integer 4406 type: object 4407 name: 4408 description: Name of the container specified as a DNS_LABEL. 4409 Each container in a pod must have a unique name (DNS_LABEL). 4410 Cannot be updated. 4411 type: string 4412 ports: 4413 description: List of ports to expose from the container. Exposing 4414 a port here gives the system additional information about 4415 the network connections a container uses, but is primarily 4416 informational. Not specifying a port here DOES NOT prevent 4417 that port from being exposed. Any port which is listening 4418 on the default "0.0.0.0" address inside a container will be 4419 accessible from the network. Cannot be updated. 4420 items: 4421 description: ContainerPort represents a network port in a 4422 single container. 4423 properties: 4424 containerPort: 4425 description: Number of port to expose on the pod's IP 4426 address. This must be a valid port number, 0 < x < 65536. 4427 format: int32 4428 type: integer 4429 hostIP: 4430 description: What host IP to bind the external port to. 4431 type: string 4432 hostPort: 4433 description: Number of port to expose on the host. If 4434 specified, this must be a valid port number, 0 < x < 4435 65536. If HostNetwork is specified, this must match 4436 ContainerPort. Most containers do not need this. 4437 format: int32 4438 type: integer 4439 name: 4440 description: If specified, this must be an IANA_SVC_NAME 4441 and unique within the pod. Each named port in a pod 4442 must have a unique name. Name for the port that can 4443 be referred to by services. 4444 type: string 4445 protocol: 4446 default: TCP 4447 description: Protocol for port. Must be UDP, TCP, or SCTP. 4448 Defaults to "TCP". 4449 type: string 4450 required: 4451 - containerPort 4452 type: object 4453 type: array 4454 x-kubernetes-list-map-keys: 4455 - containerPort 4456 - protocol 4457 x-kubernetes-list-type: map 4458 readinessProbe: 4459 description: 'Periodic probe of container service readiness. 4460 Container will be removed from service endpoints if the probe 4461 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4462 properties: 4463 exec: 4464 description: Exec specifies the action to take. 4465 properties: 4466 command: 4467 description: Command is the command line to execute 4468 inside the container, the working directory for the 4469 command is root ('/') in the container's filesystem. 4470 The command is simply exec'd, it is not run inside 4471 a shell, so traditional shell instructions ('|', etc) 4472 won't work. To use a shell, you need to explicitly 4473 call out to that shell. Exit status of 0 is treated 4474 as live/healthy and non-zero is unhealthy. 4475 items: 4476 type: string 4477 type: array 4478 type: object 4479 failureThreshold: 4480 description: Minimum consecutive failures for the probe 4481 to be considered failed after having succeeded. Defaults 4482 to 3. Minimum value is 1. 4483 format: int32 4484 type: integer 4485 grpc: 4486 description: GRPC specifies an action involving a GRPC port. 4487 This is an alpha field and requires enabling GRPCContainerProbe 4488 feature gate. 4489 properties: 4490 port: 4491 description: Port number of the gRPC service. Number 4492 must be in the range 1 to 65535. 4493 format: int32 4494 type: integer 4495 service: 4496 description: "Service is the name of the service to 4497 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4498 \n If this is not specified, the default behavior 4499 is defined by gRPC." 4500 type: string 4501 required: 4502 - port 4503 type: object 4504 httpGet: 4505 description: HTTPGet specifies the http request to perform. 4506 properties: 4507 host: 4508 description: Host name to connect to, defaults to the 4509 pod IP. You probably want to set "Host" in httpHeaders 4510 instead. 4511 type: string 4512 httpHeaders: 4513 description: Custom headers to set in the request. HTTP 4514 allows repeated headers. 4515 items: 4516 description: HTTPHeader describes a custom header 4517 to be used in HTTP probes 4518 properties: 4519 name: 4520 description: The header field name 4521 type: string 4522 value: 4523 description: The header field value 4524 type: string 4525 required: 4526 - name 4527 - value 4528 type: object 4529 type: array 4530 path: 4531 description: Path to access on the HTTP server. 4532 type: string 4533 port: 4534 anyOf: 4535 - type: integer 4536 - type: string 4537 description: Name or number of the port to access on 4538 the container. Number must be in the range 1 to 65535. 4539 Name must be an IANA_SVC_NAME. 4540 x-kubernetes-int-or-string: true 4541 scheme: 4542 description: Scheme to use for connecting to the host. 4543 Defaults to HTTP. 4544 type: string 4545 required: 4546 - port 4547 type: object 4548 initialDelaySeconds: 4549 description: 'Number of seconds after the container has 4550 started before liveness probes are initiated. More info: 4551 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4552 format: int32 4553 type: integer 4554 periodSeconds: 4555 description: How often (in seconds) to perform the probe. 4556 Default to 10 seconds. Minimum value is 1. 4557 format: int32 4558 type: integer 4559 successThreshold: 4560 description: Minimum consecutive successes for the probe 4561 to be considered successful after having failed. Defaults 4562 to 1. Must be 1 for liveness and startup. Minimum value 4563 is 1. 4564 format: int32 4565 type: integer 4566 tcpSocket: 4567 description: TCPSocket specifies an action involving a TCP 4568 port. 4569 properties: 4570 host: 4571 description: 'Optional: Host name to connect to, defaults 4572 to the pod IP.' 4573 type: string 4574 port: 4575 anyOf: 4576 - type: integer 4577 - type: string 4578 description: Number or name of the port to access on 4579 the container. Number must be in the range 1 to 65535. 4580 Name must be an IANA_SVC_NAME. 4581 x-kubernetes-int-or-string: true 4582 required: 4583 - port 4584 type: object 4585 terminationGracePeriodSeconds: 4586 description: Optional duration in seconds the pod needs 4587 to terminate gracefully upon probe failure. The grace 4588 period is the duration in seconds after the processes 4589 running in the pod are sent a termination signal and the 4590 time when the processes are forcibly halted with a kill 4591 signal. Set this value longer than the expected cleanup 4592 time for your process. If this value is nil, the pod's 4593 terminationGracePeriodSeconds will be used. Otherwise, 4594 this value overrides the value provided by the pod spec. 4595 Value must be non-negative integer. The value zero indicates 4596 stop immediately via the kill signal (no opportunity to 4597 shut down). This is a beta field and requires enabling 4598 ProbeTerminationGracePeriod feature gate. Minimum value 4599 is 1. spec.terminationGracePeriodSeconds is used if unset. 4600 format: int64 4601 type: integer 4602 timeoutSeconds: 4603 description: 'Number of seconds after which the probe times 4604 out. Defaults to 1 second. Minimum value is 1. More info: 4605 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4606 format: int32 4607 type: integer 4608 type: object 4609 resources: 4610 description: 'Compute Resources required by this container. 4611 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4612 properties: 4613 limits: 4614 additionalProperties: 4615 anyOf: 4616 - type: integer 4617 - type: string 4618 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4619 x-kubernetes-int-or-string: true 4620 description: 'Limits describes the maximum amount of compute 4621 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4622 type: object 4623 requests: 4624 additionalProperties: 4625 anyOf: 4626 - type: integer 4627 - type: string 4628 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4629 x-kubernetes-int-or-string: true 4630 description: 'Requests describes the minimum amount of compute 4631 resources required. If Requests is omitted for a container, 4632 it defaults to Limits if that is explicitly specified, 4633 otherwise to an implementation-defined value. More info: 4634 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4635 type: object 4636 type: object 4637 securityContext: 4638 description: 'SecurityContext defines the security options the 4639 container should be run with. If set, the fields of SecurityContext 4640 override the equivalent fields of PodSecurityContext. More 4641 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 4642 properties: 4643 allowPrivilegeEscalation: 4644 description: 'AllowPrivilegeEscalation controls whether 4645 a process can gain more privileges than its parent process. 4646 This bool directly controls if the no_new_privs flag will 4647 be set on the container process. AllowPrivilegeEscalation 4648 is true always when the container is: 1) run as Privileged 4649 2) has CAP_SYS_ADMIN Note that this field cannot be set 4650 when spec.os.name is windows.' 4651 type: boolean 4652 capabilities: 4653 description: The capabilities to add/drop when running containers. 4654 Defaults to the default set of capabilities granted by 4655 the container runtime. Note that this field cannot be 4656 set when spec.os.name is windows. 4657 properties: 4658 add: 4659 description: Added capabilities 4660 items: 4661 description: Capability represent POSIX capabilities 4662 type 4663 type: string 4664 type: array 4665 drop: 4666 description: Removed capabilities 4667 items: 4668 description: Capability represent POSIX capabilities 4669 type 4670 type: string 4671 type: array 4672 type: object 4673 privileged: 4674 description: Run container in privileged mode. Processes 4675 in privileged containers are essentially equivalent to 4676 root on the host. Defaults to false. Note that this field 4677 cannot be set when spec.os.name is windows. 4678 type: boolean 4679 procMount: 4680 description: procMount denotes the type of proc mount to 4681 use for the containers. The default is DefaultProcMount 4682 which uses the container runtime defaults for readonly 4683 paths and masked paths. This requires the ProcMountType 4684 feature flag to be enabled. Note that this field cannot 4685 be set when spec.os.name is windows. 4686 type: string 4687 readOnlyRootFilesystem: 4688 description: Whether this container has a read-only root 4689 filesystem. Default is false. Note that this field cannot 4690 be set when spec.os.name is windows. 4691 type: boolean 4692 runAsGroup: 4693 description: The GID to run the entrypoint of the container 4694 process. Uses runtime default if unset. May also be set 4695 in PodSecurityContext. If set in both SecurityContext 4696 and PodSecurityContext, the value specified in SecurityContext 4697 takes precedence. Note that this field cannot be set when 4698 spec.os.name is windows. 4699 format: int64 4700 type: integer 4701 runAsNonRoot: 4702 description: Indicates that the container must run as a 4703 non-root user. If true, the Kubelet will validate the 4704 image at runtime to ensure that it does not run as UID 4705 0 (root) and fail to start the container if it does. If 4706 unset or false, no such validation will be performed. 4707 May also be set in PodSecurityContext. If set in both 4708 SecurityContext and PodSecurityContext, the value specified 4709 in SecurityContext takes precedence. 4710 type: boolean 4711 runAsUser: 4712 description: The UID to run the entrypoint of the container 4713 process. Defaults to user specified in image metadata 4714 if unspecified. May also be set in PodSecurityContext. If 4715 set in both SecurityContext and PodSecurityContext, the 4716 value specified in SecurityContext takes precedence. Note 4717 that this field cannot be set when spec.os.name is windows. 4718 format: int64 4719 type: integer 4720 seLinuxOptions: 4721 description: The SELinux context to be applied to the container. 4722 If unspecified, the container runtime will allocate a 4723 random SELinux context for each container. May also be 4724 set in PodSecurityContext. If set in both SecurityContext 4725 and PodSecurityContext, the value specified in SecurityContext 4726 takes precedence. Note that this field cannot be set when 4727 spec.os.name is windows. 4728 properties: 4729 level: 4730 description: Level is SELinux level label that applies 4731 to the container. 4732 type: string 4733 role: 4734 description: Role is a SELinux role label that applies 4735 to the container. 4736 type: string 4737 type: 4738 description: Type is a SELinux type label that applies 4739 to the container. 4740 type: string 4741 user: 4742 description: User is a SELinux user label that applies 4743 to the container. 4744 type: string 4745 type: object 4746 seccompProfile: 4747 description: The seccomp options to use by this container. 4748 If seccomp options are provided at both the pod & container 4749 level, the container options override the pod options. 4750 Note that this field cannot be set when spec.os.name is 4751 windows. 4752 properties: 4753 localhostProfile: 4754 description: localhostProfile indicates a profile defined 4755 in a file on the node should be used. The profile 4756 must be preconfigured on the node to work. Must be 4757 a descending path, relative to the kubelet's configured 4758 seccomp profile location. Must only be set if type 4759 is "Localhost". 4760 type: string 4761 type: 4762 description: "type indicates which kind of seccomp profile 4763 will be applied. Valid options are: \n Localhost - 4764 a profile defined in a file on the node should be 4765 used. RuntimeDefault - the container runtime default 4766 profile should be used. Unconfined - no profile should 4767 be applied." 4768 type: string 4769 required: 4770 - type 4771 type: object 4772 windowsOptions: 4773 description: The Windows specific settings applied to all 4774 containers. If unspecified, the options from the PodSecurityContext 4775 will be used. If set in both SecurityContext and PodSecurityContext, 4776 the value specified in SecurityContext takes precedence. 4777 Note that this field cannot be set when spec.os.name is 4778 linux. 4779 properties: 4780 gmsaCredentialSpec: 4781 description: GMSACredentialSpec is where the GMSA admission 4782 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4783 inlines the contents of the GMSA credential spec named 4784 by the GMSACredentialSpecName field. 4785 type: string 4786 gmsaCredentialSpecName: 4787 description: GMSACredentialSpecName is the name of the 4788 GMSA credential spec to use. 4789 type: string 4790 hostProcess: 4791 description: HostProcess determines if a container should 4792 be run as a 'Host Process' container. This field is 4793 alpha-level and will only be honored by components 4794 that enable the WindowsHostProcessContainers feature 4795 flag. Setting this field without the feature flag 4796 will result in errors when validating the Pod. All 4797 of a Pod's containers must have the same effective 4798 HostProcess value (it is not allowed to have a mix 4799 of HostProcess containers and non-HostProcess containers). In 4800 addition, if HostProcess is true then HostNetwork 4801 must also be set to true. 4802 type: boolean 4803 runAsUserName: 4804 description: The UserName in Windows to run the entrypoint 4805 of the container process. Defaults to the user specified 4806 in image metadata if unspecified. May also be set 4807 in PodSecurityContext. If set in both SecurityContext 4808 and PodSecurityContext, the value specified in SecurityContext 4809 takes precedence. 4810 type: string 4811 type: object 4812 type: object 4813 startupProbe: 4814 description: 'StartupProbe indicates that the Pod has successfully 4815 initialized. If specified, no other probes are executed until 4816 this completes successfully. If this probe fails, the Pod 4817 will be restarted, just as if the livenessProbe failed. This 4818 can be used to provide different probe parameters at the beginning 4819 of a Pod''s lifecycle, when it might take a long time to load 4820 data or warm a cache, than during steady-state operation. 4821 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4822 properties: 4823 exec: 4824 description: Exec specifies the action to take. 4825 properties: 4826 command: 4827 description: Command is the command line to execute 4828 inside the container, the working directory for the 4829 command is root ('/') in the container's filesystem. 4830 The command is simply exec'd, it is not run inside 4831 a shell, so traditional shell instructions ('|', etc) 4832 won't work. To use a shell, you need to explicitly 4833 call out to that shell. Exit status of 0 is treated 4834 as live/healthy and non-zero is unhealthy. 4835 items: 4836 type: string 4837 type: array 4838 type: object 4839 failureThreshold: 4840 description: Minimum consecutive failures for the probe 4841 to be considered failed after having succeeded. Defaults 4842 to 3. Minimum value is 1. 4843 format: int32 4844 type: integer 4845 grpc: 4846 description: GRPC specifies an action involving a GRPC port. 4847 This is an alpha field and requires enabling GRPCContainerProbe 4848 feature gate. 4849 properties: 4850 port: 4851 description: Port number of the gRPC service. Number 4852 must be in the range 1 to 65535. 4853 format: int32 4854 type: integer 4855 service: 4856 description: "Service is the name of the service to 4857 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4858 \n If this is not specified, the default behavior 4859 is defined by gRPC." 4860 type: string 4861 required: 4862 - port 4863 type: object 4864 httpGet: 4865 description: HTTPGet specifies the http request to perform. 4866 properties: 4867 host: 4868 description: Host name to connect to, defaults to the 4869 pod IP. You probably want to set "Host" in httpHeaders 4870 instead. 4871 type: string 4872 httpHeaders: 4873 description: Custom headers to set in the request. HTTP 4874 allows repeated headers. 4875 items: 4876 description: HTTPHeader describes a custom header 4877 to be used in HTTP probes 4878 properties: 4879 name: 4880 description: The header field name 4881 type: string 4882 value: 4883 description: The header field value 4884 type: string 4885 required: 4886 - name 4887 - value 4888 type: object 4889 type: array 4890 path: 4891 description: Path to access on the HTTP server. 4892 type: string 4893 port: 4894 anyOf: 4895 - type: integer 4896 - type: string 4897 description: Name or number of the port to access on 4898 the container. Number must be in the range 1 to 65535. 4899 Name must be an IANA_SVC_NAME. 4900 x-kubernetes-int-or-string: true 4901 scheme: 4902 description: Scheme to use for connecting to the host. 4903 Defaults to HTTP. 4904 type: string 4905 required: 4906 - port 4907 type: object 4908 initialDelaySeconds: 4909 description: 'Number of seconds after the container has 4910 started before liveness probes are initiated. More info: 4911 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4912 format: int32 4913 type: integer 4914 periodSeconds: 4915 description: How often (in seconds) to perform the probe. 4916 Default to 10 seconds. Minimum value is 1. 4917 format: int32 4918 type: integer 4919 successThreshold: 4920 description: Minimum consecutive successes for the probe 4921 to be considered successful after having failed. Defaults 4922 to 1. Must be 1 for liveness and startup. Minimum value 4923 is 1. 4924 format: int32 4925 type: integer 4926 tcpSocket: 4927 description: TCPSocket specifies an action involving a TCP 4928 port. 4929 properties: 4930 host: 4931 description: 'Optional: Host name to connect to, defaults 4932 to the pod IP.' 4933 type: string 4934 port: 4935 anyOf: 4936 - type: integer 4937 - type: string 4938 description: Number or name of the port to access on 4939 the container. Number must be in the range 1 to 65535. 4940 Name must be an IANA_SVC_NAME. 4941 x-kubernetes-int-or-string: true 4942 required: 4943 - port 4944 type: object 4945 terminationGracePeriodSeconds: 4946 description: Optional duration in seconds the pod needs 4947 to terminate gracefully upon probe failure. The grace 4948 period is the duration in seconds after the processes 4949 running in the pod are sent a termination signal and the 4950 time when the processes are forcibly halted with a kill 4951 signal. Set this value longer than the expected cleanup 4952 time for your process. If this value is nil, the pod's 4953 terminationGracePeriodSeconds will be used. Otherwise, 4954 this value overrides the value provided by the pod spec. 4955 Value must be non-negative integer. The value zero indicates 4956 stop immediately via the kill signal (no opportunity to 4957 shut down). This is a beta field and requires enabling 4958 ProbeTerminationGracePeriod feature gate. Minimum value 4959 is 1. spec.terminationGracePeriodSeconds is used if unset. 4960 format: int64 4961 type: integer 4962 timeoutSeconds: 4963 description: 'Number of seconds after which the probe times 4964 out. Defaults to 1 second. Minimum value is 1. More info: 4965 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4966 format: int32 4967 type: integer 4968 type: object 4969 stdin: 4970 description: Whether this container should allocate a buffer 4971 for stdin in the container runtime. If this is not set, reads 4972 from stdin in the container will always result in EOF. Default 4973 is false. 4974 type: boolean 4975 stdinOnce: 4976 description: Whether the container runtime should close the 4977 stdin channel after it has been opened by a single attach. 4978 When stdin is true the stdin stream will remain open across 4979 multiple attach sessions. If stdinOnce is set to true, stdin 4980 is opened on container start, is empty until the first client 4981 attaches to stdin, and then remains open and accepts data 4982 until the client disconnects, at which time stdin is closed 4983 and remains closed until the container is restarted. If this 4984 flag is false, a container processes that reads from stdin 4985 will never receive an EOF. Default is false 4986 type: boolean 4987 terminationMessagePath: 4988 description: 'Optional: Path at which the file to which the 4989 container''s termination message will be written is mounted 4990 into the container''s filesystem. Message written is intended 4991 to be brief final status, such as an assertion failure message. 4992 Will be truncated by the node if greater than 4096 bytes. 4993 The total message length across all containers will be limited 4994 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 4995 type: string 4996 terminationMessagePolicy: 4997 description: Indicate how the termination message should be 4998 populated. File will use the contents of terminationMessagePath 4999 to populate the container status message on both success and 5000 failure. FallbackToLogsOnError will use the last chunk of 5001 container log output if the termination message file is empty 5002 and the container exited with an error. The log output is 5003 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 5004 to File. Cannot be updated. 5005 type: string 5006 tty: 5007 description: Whether this container should allocate a TTY for 5008 itself, also requires 'stdin' to be true. Default is false. 5009 type: boolean 5010 volumeDevices: 5011 description: volumeDevices is the list of block devices to be 5012 used by the container. 5013 items: 5014 description: volumeDevice describes a mapping of a raw block 5015 device within a container. 5016 properties: 5017 devicePath: 5018 description: devicePath is the path inside of the container 5019 that the device will be mapped to. 5020 type: string 5021 name: 5022 description: name must match the name of a persistentVolumeClaim 5023 in the pod 5024 type: string 5025 required: 5026 - devicePath 5027 - name 5028 type: object 5029 type: array 5030 volumeMounts: 5031 description: Pod volumes to mount into the container's filesystem. 5032 Cannot be updated. 5033 items: 5034 description: VolumeMount describes a mounting of a Volume 5035 within a container. 5036 properties: 5037 mountPath: 5038 description: Path within the container at which the volume 5039 should be mounted. Must not contain ':'. 5040 type: string 5041 mountPropagation: 5042 description: mountPropagation determines how mounts are 5043 propagated from the host to container and the other 5044 way around. When not set, MountPropagationNone is used. 5045 This field is beta in 1.10. 5046 type: string 5047 name: 5048 description: This must match the Name of a Volume. 5049 type: string 5050 readOnly: 5051 description: Mounted read-only if true, read-write otherwise 5052 (false or unspecified). Defaults to false. 5053 type: boolean 5054 subPath: 5055 description: Path within the volume from which the container's 5056 volume should be mounted. Defaults to "" (volume's root). 5057 type: string 5058 subPathExpr: 5059 description: Expanded path within the volume from which 5060 the container's volume should be mounted. Behaves similarly 5061 to SubPath but environment variable references $(VAR_NAME) 5062 are expanded using the container's environment. Defaults 5063 to "" (volume's root). SubPathExpr and SubPath are mutually 5064 exclusive. 5065 type: string 5066 required: 5067 - mountPath 5068 - name 5069 type: object 5070 type: array 5071 workingDir: 5072 description: Container's working directory. If not specified, 5073 the container runtime's default will be used, which might 5074 be configured in the container image. Cannot be updated. 5075 type: string 5076 required: 5077 - name 5078 type: object 5079 type: array 5080 externalUrl: 5081 description: The external URL the Alertmanager instances will be available 5082 under. This is necessary to generate correct URLs. This is necessary 5083 if Alertmanager is not served from root of a DNS name. 5084 type: string 5085 forceEnableClusterMode: 5086 description: ForceEnableClusterMode ensures Alertmanager does not 5087 deactivate the cluster mode when running with a single replica. 5088 Use case is e.g. spanning an Alertmanager cluster across Kubernetes 5089 clusters with a single replica in each. 5090 type: boolean 5091 image: 5092 description: Image if specified has precedence over baseImage, tag 5093 and sha combinations. Specifying the version is still necessary 5094 to ensure the Prometheus Operator knows what version of Alertmanager 5095 is being configured. 5096 type: string 5097 imagePullSecrets: 5098 description: An optional list of references to secrets in the same 5099 namespace to use for pulling prometheus and alertmanager images 5100 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 5101 items: 5102 description: LocalObjectReference contains enough information to 5103 let you locate the referenced object inside the same namespace. 5104 properties: 5105 name: 5106 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5107 TODO: Add other useful fields. apiVersion, kind, uid?' 5108 type: string 5109 type: object 5110 type: array 5111 initContainers: 5112 description: 'InitContainers allows adding initContainers to the pod 5113 definition. Those can be used to e.g. fetch secrets for injection 5114 into the Alertmanager configuration from external sources. Any errors 5115 during the execution of an initContainer will lead to a restart 5116 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 5117 Using initContainers for any use case other then secret fetching 5118 is entirely outside the scope of what the maintainers will support 5119 and by doing so, you accept that this behaviour may break at any 5120 time without notice.' 5121 items: 5122 description: A single application container that you want to run 5123 within a pod. 5124 properties: 5125 args: 5126 description: 'Arguments to the entrypoint. The docker image''s 5127 CMD is used if this is not provided. Variable references $(VAR_NAME) 5128 are expanded using the container''s environment. If a variable 5129 cannot be resolved, the reference in the input string will 5130 be unchanged. Double $$ are reduced to a single $, which allows 5131 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 5132 produce the string literal "$(VAR_NAME)". Escaped references 5133 will never be expanded, regardless of whether the variable 5134 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 5135 items: 5136 type: string 5137 type: array 5138 command: 5139 description: 'Entrypoint array. Not executed within a shell. 5140 The docker image''s ENTRYPOINT is used if this is not provided. 5141 Variable references $(VAR_NAME) are expanded using the container''s 5142 environment. If a variable cannot be resolved, the reference 5143 in the input string will be unchanged. Double $$ are reduced 5144 to a single $, which allows for escaping the $(VAR_NAME) syntax: 5145 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 5146 Escaped references will never be expanded, regardless of whether 5147 the variable exists or not. Cannot be updated. More info: 5148 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 5149 items: 5150 type: string 5151 type: array 5152 env: 5153 description: List of environment variables to set in the container. 5154 Cannot be updated. 5155 items: 5156 description: EnvVar represents an environment variable present 5157 in a Container. 5158 properties: 5159 name: 5160 description: Name of the environment variable. Must be 5161 a C_IDENTIFIER. 5162 type: string 5163 value: 5164 description: 'Variable references $(VAR_NAME) are expanded 5165 using the previously defined environment variables in 5166 the container and any service environment variables. 5167 If a variable cannot be resolved, the reference in the 5168 input string will be unchanged. Double $$ are reduced 5169 to a single $, which allows for escaping the $(VAR_NAME) 5170 syntax: i.e. "$$(VAR_NAME)" will produce the string 5171 literal "$(VAR_NAME)". Escaped references will never 5172 be expanded, regardless of whether the variable exists 5173 or not. Defaults to "".' 5174 type: string 5175 valueFrom: 5176 description: Source for the environment variable's value. 5177 Cannot be used if value is not empty. 5178 properties: 5179 configMapKeyRef: 5180 description: Selects a key of a ConfigMap. 5181 properties: 5182 key: 5183 description: The key to select. 5184 type: string 5185 name: 5186 description: 'Name of the referent. More info: 5187 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5188 TODO: Add other useful fields. apiVersion, kind, 5189 uid?' 5190 type: string 5191 optional: 5192 description: Specify whether the ConfigMap or 5193 its key must be defined 5194 type: boolean 5195 required: 5196 - key 5197 type: object 5198 fieldRef: 5199 description: 'Selects a field of the pod: supports 5200 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 5201 `metadata.annotations[''<KEY>'']`, spec.nodeName, 5202 spec.serviceAccountName, status.hostIP, status.podIP, 5203 status.podIPs.' 5204 properties: 5205 apiVersion: 5206 description: Version of the schema the FieldPath 5207 is written in terms of, defaults to "v1". 5208 type: string 5209 fieldPath: 5210 description: Path of the field to select in the 5211 specified API version. 5212 type: string 5213 required: 5214 - fieldPath 5215 type: object 5216 resourceFieldRef: 5217 description: 'Selects a resource of the container: 5218 only resources limits and requests (limits.cpu, 5219 limits.memory, limits.ephemeral-storage, requests.cpu, 5220 requests.memory and requests.ephemeral-storage) 5221 are currently supported.' 5222 properties: 5223 containerName: 5224 description: 'Container name: required for volumes, 5225 optional for env vars' 5226 type: string 5227 divisor: 5228 anyOf: 5229 - type: integer 5230 - type: string 5231 description: Specifies the output format of the 5232 exposed resources, defaults to "1" 5233 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5234 x-kubernetes-int-or-string: true 5235 resource: 5236 description: 'Required: resource to select' 5237 type: string 5238 required: 5239 - resource 5240 type: object 5241 secretKeyRef: 5242 description: Selects a key of a secret in the pod's 5243 namespace 5244 properties: 5245 key: 5246 description: The key of the secret to select from. Must 5247 be a valid secret key. 5248 type: string 5249 name: 5250 description: 'Name of the referent. More info: 5251 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5252 TODO: Add other useful fields. apiVersion, kind, 5253 uid?' 5254 type: string 5255 optional: 5256 description: Specify whether the Secret or its 5257 key must be defined 5258 type: boolean 5259 required: 5260 - key 5261 type: object 5262 type: object 5263 required: 5264 - name 5265 type: object 5266 type: array 5267 envFrom: 5268 description: List of sources to populate environment variables 5269 in the container. The keys defined within a source must be 5270 a C_IDENTIFIER. All invalid keys will be reported as an event 5271 when the container is starting. When a key exists in multiple 5272 sources, the value associated with the last source will take 5273 precedence. Values defined by an Env with a duplicate key 5274 will take precedence. Cannot be updated. 5275 items: 5276 description: EnvFromSource represents the source of a set 5277 of ConfigMaps 5278 properties: 5279 configMapRef: 5280 description: The ConfigMap to select from 5281 properties: 5282 name: 5283 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5284 TODO: Add other useful fields. apiVersion, kind, 5285 uid?' 5286 type: string 5287 optional: 5288 description: Specify whether the ConfigMap must be 5289 defined 5290 type: boolean 5291 type: object 5292 prefix: 5293 description: An optional identifier to prepend to each 5294 key in the ConfigMap. Must be a C_IDENTIFIER. 5295 type: string 5296 secretRef: 5297 description: The Secret to select from 5298 properties: 5299 name: 5300 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5301 TODO: Add other useful fields. apiVersion, kind, 5302 uid?' 5303 type: string 5304 optional: 5305 description: Specify whether the Secret must be defined 5306 type: boolean 5307 type: object 5308 type: object 5309 type: array 5310 image: 5311 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5312 This field is optional to allow higher level config management 5313 to default or override container images in workload controllers 5314 like Deployments and StatefulSets.' 5315 type: string 5316 imagePullPolicy: 5317 description: 'Image pull policy. One of Always, Never, IfNotPresent. 5318 Defaults to Always if :latest tag is specified, or IfNotPresent 5319 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 5320 type: string 5321 lifecycle: 5322 description: Actions that the management system should take 5323 in response to container lifecycle events. Cannot be updated. 5324 properties: 5325 postStart: 5326 description: 'PostStart is called immediately after a container 5327 is created. If the handler fails, the container is terminated 5328 and restarted according to its restart policy. Other management 5329 of the container blocks until the hook completes. More 5330 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5331 properties: 5332 exec: 5333 description: Exec specifies the action to take. 5334 properties: 5335 command: 5336 description: Command is the command line to execute 5337 inside the container, the working directory for 5338 the command is root ('/') in the container's 5339 filesystem. The command is simply exec'd, it is 5340 not run inside a shell, so traditional shell instructions 5341 ('|', etc) won't work. To use a shell, you need 5342 to explicitly call out to that shell. Exit status 5343 of 0 is treated as live/healthy and non-zero is 5344 unhealthy. 5345 items: 5346 type: string 5347 type: array 5348 type: object 5349 httpGet: 5350 description: HTTPGet specifies the http request to perform. 5351 properties: 5352 host: 5353 description: Host name to connect to, defaults to 5354 the pod IP. You probably want to set "Host" in 5355 httpHeaders instead. 5356 type: string 5357 httpHeaders: 5358 description: Custom headers to set in the request. 5359 HTTP allows repeated headers. 5360 items: 5361 description: HTTPHeader describes a custom header 5362 to be used in HTTP probes 5363 properties: 5364 name: 5365 description: The header field name 5366 type: string 5367 value: 5368 description: The header field value 5369 type: string 5370 required: 5371 - name 5372 - value 5373 type: object 5374 type: array 5375 path: 5376 description: Path to access on the HTTP server. 5377 type: string 5378 port: 5379 anyOf: 5380 - type: integer 5381 - type: string 5382 description: Name or number of the port to access 5383 on the container. Number must be in the range 5384 1 to 65535. Name must be an IANA_SVC_NAME. 5385 x-kubernetes-int-or-string: true 5386 scheme: 5387 description: Scheme to use for connecting to the 5388 host. Defaults to HTTP. 5389 type: string 5390 required: 5391 - port 5392 type: object 5393 tcpSocket: 5394 description: Deprecated. TCPSocket is NOT supported 5395 as a LifecycleHandler and kept for the backward compatibility. 5396 There are no validation of this field and lifecycle 5397 hooks will fail in runtime when tcp handler is specified. 5398 properties: 5399 host: 5400 description: 'Optional: Host name to connect to, 5401 defaults to the pod IP.' 5402 type: string 5403 port: 5404 anyOf: 5405 - type: integer 5406 - type: string 5407 description: Number or name of the port to access 5408 on the container. Number must be in the range 5409 1 to 65535. Name must be an IANA_SVC_NAME. 5410 x-kubernetes-int-or-string: true 5411 required: 5412 - port 5413 type: object 5414 type: object 5415 preStop: 5416 description: 'PreStop is called immediately before a container 5417 is terminated due to an API request or management event 5418 such as liveness/startup probe failure, preemption, resource 5419 contention, etc. The handler is not called if the container 5420 crashes or exits. The Pod''s termination grace period 5421 countdown begins before the PreStop hook is executed. 5422 Regardless of the outcome of the handler, the container 5423 will eventually terminate within the Pod''s termination 5424 grace period (unless delayed by finalizers). Other management 5425 of the container blocks until the hook completes or until 5426 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5427 properties: 5428 exec: 5429 description: Exec specifies the action to take. 5430 properties: 5431 command: 5432 description: Command is the command line to execute 5433 inside the container, the working directory for 5434 the command is root ('/') in the container's 5435 filesystem. The command is simply exec'd, it is 5436 not run inside a shell, so traditional shell instructions 5437 ('|', etc) won't work. To use a shell, you need 5438 to explicitly call out to that shell. Exit status 5439 of 0 is treated as live/healthy and non-zero is 5440 unhealthy. 5441 items: 5442 type: string 5443 type: array 5444 type: object 5445 httpGet: 5446 description: HTTPGet specifies the http request to perform. 5447 properties: 5448 host: 5449 description: Host name to connect to, defaults to 5450 the pod IP. You probably want to set "Host" in 5451 httpHeaders instead. 5452 type: string 5453 httpHeaders: 5454 description: Custom headers to set in the request. 5455 HTTP allows repeated headers. 5456 items: 5457 description: HTTPHeader describes a custom header 5458 to be used in HTTP probes 5459 properties: 5460 name: 5461 description: The header field name 5462 type: string 5463 value: 5464 description: The header field value 5465 type: string 5466 required: 5467 - name 5468 - value 5469 type: object 5470 type: array 5471 path: 5472 description: Path to access on the HTTP server. 5473 type: string 5474 port: 5475 anyOf: 5476 - type: integer 5477 - type: string 5478 description: Name or number of the port to access 5479 on the container. Number must be in the range 5480 1 to 65535. Name must be an IANA_SVC_NAME. 5481 x-kubernetes-int-or-string: true 5482 scheme: 5483 description: Scheme to use for connecting to the 5484 host. Defaults to HTTP. 5485 type: string 5486 required: 5487 - port 5488 type: object 5489 tcpSocket: 5490 description: Deprecated. TCPSocket is NOT supported 5491 as a LifecycleHandler and kept for the backward compatibility. 5492 There are no validation of this field and lifecycle 5493 hooks will fail in runtime when tcp handler is specified. 5494 properties: 5495 host: 5496 description: 'Optional: Host name to connect to, 5497 defaults to the pod IP.' 5498 type: string 5499 port: 5500 anyOf: 5501 - type: integer 5502 - type: string 5503 description: Number or name of the port to access 5504 on the container. Number must be in the range 5505 1 to 65535. Name must be an IANA_SVC_NAME. 5506 x-kubernetes-int-or-string: true 5507 required: 5508 - port 5509 type: object 5510 type: object 5511 type: object 5512 livenessProbe: 5513 description: 'Periodic probe of container liveness. Container 5514 will be restarted if the probe fails. Cannot be updated. More 5515 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5516 properties: 5517 exec: 5518 description: Exec specifies the action to take. 5519 properties: 5520 command: 5521 description: Command is the command line to execute 5522 inside the container, the working directory for the 5523 command is root ('/') in the container's filesystem. 5524 The command is simply exec'd, it is not run inside 5525 a shell, so traditional shell instructions ('|', etc) 5526 won't work. To use a shell, you need to explicitly 5527 call out to that shell. Exit status of 0 is treated 5528 as live/healthy and non-zero is unhealthy. 5529 items: 5530 type: string 5531 type: array 5532 type: object 5533 failureThreshold: 5534 description: Minimum consecutive failures for the probe 5535 to be considered failed after having succeeded. Defaults 5536 to 3. Minimum value is 1. 5537 format: int32 5538 type: integer 5539 grpc: 5540 description: GRPC specifies an action involving a GRPC port. 5541 This is an alpha field and requires enabling GRPCContainerProbe 5542 feature gate. 5543 properties: 5544 port: 5545 description: Port number of the gRPC service. Number 5546 must be in the range 1 to 65535. 5547 format: int32 5548 type: integer 5549 service: 5550 description: "Service is the name of the service to 5551 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5552 \n If this is not specified, the default behavior 5553 is defined by gRPC." 5554 type: string 5555 required: 5556 - port 5557 type: object 5558 httpGet: 5559 description: HTTPGet specifies the http request to perform. 5560 properties: 5561 host: 5562 description: Host name to connect to, defaults to the 5563 pod IP. You probably want to set "Host" in httpHeaders 5564 instead. 5565 type: string 5566 httpHeaders: 5567 description: Custom headers to set in the request. HTTP 5568 allows repeated headers. 5569 items: 5570 description: HTTPHeader describes a custom header 5571 to be used in HTTP probes 5572 properties: 5573 name: 5574 description: The header field name 5575 type: string 5576 value: 5577 description: The header field value 5578 type: string 5579 required: 5580 - name 5581 - value 5582 type: object 5583 type: array 5584 path: 5585 description: Path to access on the HTTP server. 5586 type: string 5587 port: 5588 anyOf: 5589 - type: integer 5590 - type: string 5591 description: Name or number of the port to access on 5592 the container. Number must be in the range 1 to 65535. 5593 Name must be an IANA_SVC_NAME. 5594 x-kubernetes-int-or-string: true 5595 scheme: 5596 description: Scheme to use for connecting to the host. 5597 Defaults to HTTP. 5598 type: string 5599 required: 5600 - port 5601 type: object 5602 initialDelaySeconds: 5603 description: 'Number of seconds after the container has 5604 started before liveness probes are initiated. More info: 5605 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5606 format: int32 5607 type: integer 5608 periodSeconds: 5609 description: How often (in seconds) to perform the probe. 5610 Default to 10 seconds. Minimum value is 1. 5611 format: int32 5612 type: integer 5613 successThreshold: 5614 description: Minimum consecutive successes for the probe 5615 to be considered successful after having failed. Defaults 5616 to 1. Must be 1 for liveness and startup. Minimum value 5617 is 1. 5618 format: int32 5619 type: integer 5620 tcpSocket: 5621 description: TCPSocket specifies an action involving a TCP 5622 port. 5623 properties: 5624 host: 5625 description: 'Optional: Host name to connect to, defaults 5626 to the pod IP.' 5627 type: string 5628 port: 5629 anyOf: 5630 - type: integer 5631 - type: string 5632 description: Number or name of the port to access on 5633 the container. Number must be in the range 1 to 65535. 5634 Name must be an IANA_SVC_NAME. 5635 x-kubernetes-int-or-string: true 5636 required: 5637 - port 5638 type: object 5639 terminationGracePeriodSeconds: 5640 description: Optional duration in seconds the pod needs 5641 to terminate gracefully upon probe failure. The grace 5642 period is the duration in seconds after the processes 5643 running in the pod are sent a termination signal and the 5644 time when the processes are forcibly halted with a kill 5645 signal. Set this value longer than the expected cleanup 5646 time for your process. If this value is nil, the pod's 5647 terminationGracePeriodSeconds will be used. Otherwise, 5648 this value overrides the value provided by the pod spec. 5649 Value must be non-negative integer. The value zero indicates 5650 stop immediately via the kill signal (no opportunity to 5651 shut down). This is a beta field and requires enabling 5652 ProbeTerminationGracePeriod feature gate. Minimum value 5653 is 1. spec.terminationGracePeriodSeconds is used if unset. 5654 format: int64 5655 type: integer 5656 timeoutSeconds: 5657 description: 'Number of seconds after which the probe times 5658 out. Defaults to 1 second. Minimum value is 1. More info: 5659 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5660 format: int32 5661 type: integer 5662 type: object 5663 name: 5664 description: Name of the container specified as a DNS_LABEL. 5665 Each container in a pod must have a unique name (DNS_LABEL). 5666 Cannot be updated. 5667 type: string 5668 ports: 5669 description: List of ports to expose from the container. Exposing 5670 a port here gives the system additional information about 5671 the network connections a container uses, but is primarily 5672 informational. Not specifying a port here DOES NOT prevent 5673 that port from being exposed. Any port which is listening 5674 on the default "0.0.0.0" address inside a container will be 5675 accessible from the network. Cannot be updated. 5676 items: 5677 description: ContainerPort represents a network port in a 5678 single container. 5679 properties: 5680 containerPort: 5681 description: Number of port to expose on the pod's IP 5682 address. This must be a valid port number, 0 < x < 65536. 5683 format: int32 5684 type: integer 5685 hostIP: 5686 description: What host IP to bind the external port to. 5687 type: string 5688 hostPort: 5689 description: Number of port to expose on the host. If 5690 specified, this must be a valid port number, 0 < x < 5691 65536. If HostNetwork is specified, this must match 5692 ContainerPort. Most containers do not need this. 5693 format: int32 5694 type: integer 5695 name: 5696 description: If specified, this must be an IANA_SVC_NAME 5697 and unique within the pod. Each named port in a pod 5698 must have a unique name. Name for the port that can 5699 be referred to by services. 5700 type: string 5701 protocol: 5702 default: TCP 5703 description: Protocol for port. Must be UDP, TCP, or SCTP. 5704 Defaults to "TCP". 5705 type: string 5706 required: 5707 - containerPort 5708 type: object 5709 type: array 5710 x-kubernetes-list-map-keys: 5711 - containerPort 5712 - protocol 5713 x-kubernetes-list-type: map 5714 readinessProbe: 5715 description: 'Periodic probe of container service readiness. 5716 Container will be removed from service endpoints if the probe 5717 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5718 properties: 5719 exec: 5720 description: Exec specifies the action to take. 5721 properties: 5722 command: 5723 description: Command is the command line to execute 5724 inside the container, the working directory for the 5725 command is root ('/') in the container's filesystem. 5726 The command is simply exec'd, it is not run inside 5727 a shell, so traditional shell instructions ('|', etc) 5728 won't work. To use a shell, you need to explicitly 5729 call out to that shell. Exit status of 0 is treated 5730 as live/healthy and non-zero is unhealthy. 5731 items: 5732 type: string 5733 type: array 5734 type: object 5735 failureThreshold: 5736 description: Minimum consecutive failures for the probe 5737 to be considered failed after having succeeded. Defaults 5738 to 3. Minimum value is 1. 5739 format: int32 5740 type: integer 5741 grpc: 5742 description: GRPC specifies an action involving a GRPC port. 5743 This is an alpha field and requires enabling GRPCContainerProbe 5744 feature gate. 5745 properties: 5746 port: 5747 description: Port number of the gRPC service. Number 5748 must be in the range 1 to 65535. 5749 format: int32 5750 type: integer 5751 service: 5752 description: "Service is the name of the service to 5753 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5754 \n If this is not specified, the default behavior 5755 is defined by gRPC." 5756 type: string 5757 required: 5758 - port 5759 type: object 5760 httpGet: 5761 description: HTTPGet specifies the http request to perform. 5762 properties: 5763 host: 5764 description: Host name to connect to, defaults to the 5765 pod IP. You probably want to set "Host" in httpHeaders 5766 instead. 5767 type: string 5768 httpHeaders: 5769 description: Custom headers to set in the request. HTTP 5770 allows repeated headers. 5771 items: 5772 description: HTTPHeader describes a custom header 5773 to be used in HTTP probes 5774 properties: 5775 name: 5776 description: The header field name 5777 type: string 5778 value: 5779 description: The header field value 5780 type: string 5781 required: 5782 - name 5783 - value 5784 type: object 5785 type: array 5786 path: 5787 description: Path to access on the HTTP server. 5788 type: string 5789 port: 5790 anyOf: 5791 - type: integer 5792 - type: string 5793 description: Name or number of the port to access on 5794 the container. Number must be in the range 1 to 65535. 5795 Name must be an IANA_SVC_NAME. 5796 x-kubernetes-int-or-string: true 5797 scheme: 5798 description: Scheme to use for connecting to the host. 5799 Defaults to HTTP. 5800 type: string 5801 required: 5802 - port 5803 type: object 5804 initialDelaySeconds: 5805 description: 'Number of seconds after the container has 5806 started before liveness probes are initiated. More info: 5807 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5808 format: int32 5809 type: integer 5810 periodSeconds: 5811 description: How often (in seconds) to perform the probe. 5812 Default to 10 seconds. Minimum value is 1. 5813 format: int32 5814 type: integer 5815 successThreshold: 5816 description: Minimum consecutive successes for the probe 5817 to be considered successful after having failed. Defaults 5818 to 1. Must be 1 for liveness and startup. Minimum value 5819 is 1. 5820 format: int32 5821 type: integer 5822 tcpSocket: 5823 description: TCPSocket specifies an action involving a TCP 5824 port. 5825 properties: 5826 host: 5827 description: 'Optional: Host name to connect to, defaults 5828 to the pod IP.' 5829 type: string 5830 port: 5831 anyOf: 5832 - type: integer 5833 - type: string 5834 description: Number or name of the port to access on 5835 the container. Number must be in the range 1 to 65535. 5836 Name must be an IANA_SVC_NAME. 5837 x-kubernetes-int-or-string: true 5838 required: 5839 - port 5840 type: object 5841 terminationGracePeriodSeconds: 5842 description: Optional duration in seconds the pod needs 5843 to terminate gracefully upon probe failure. The grace 5844 period is the duration in seconds after the processes 5845 running in the pod are sent a termination signal and the 5846 time when the processes are forcibly halted with a kill 5847 signal. Set this value longer than the expected cleanup 5848 time for your process. If this value is nil, the pod's 5849 terminationGracePeriodSeconds will be used. Otherwise, 5850 this value overrides the value provided by the pod spec. 5851 Value must be non-negative integer. The value zero indicates 5852 stop immediately via the kill signal (no opportunity to 5853 shut down). This is a beta field and requires enabling 5854 ProbeTerminationGracePeriod feature gate. Minimum value 5855 is 1. spec.terminationGracePeriodSeconds is used if unset. 5856 format: int64 5857 type: integer 5858 timeoutSeconds: 5859 description: 'Number of seconds after which the probe times 5860 out. Defaults to 1 second. Minimum value is 1. More info: 5861 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5862 format: int32 5863 type: integer 5864 type: object 5865 resources: 5866 description: 'Compute Resources required by this container. 5867 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5868 properties: 5869 limits: 5870 additionalProperties: 5871 anyOf: 5872 - type: integer 5873 - type: string 5874 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5875 x-kubernetes-int-or-string: true 5876 description: 'Limits describes the maximum amount of compute 5877 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5878 type: object 5879 requests: 5880 additionalProperties: 5881 anyOf: 5882 - type: integer 5883 - type: string 5884 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5885 x-kubernetes-int-or-string: true 5886 description: 'Requests describes the minimum amount of compute 5887 resources required. If Requests is omitted for a container, 5888 it defaults to Limits if that is explicitly specified, 5889 otherwise to an implementation-defined value. More info: 5890 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5891 type: object 5892 type: object 5893 securityContext: 5894 description: 'SecurityContext defines the security options the 5895 container should be run with. If set, the fields of SecurityContext 5896 override the equivalent fields of PodSecurityContext. More 5897 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 5898 properties: 5899 allowPrivilegeEscalation: 5900 description: 'AllowPrivilegeEscalation controls whether 5901 a process can gain more privileges than its parent process. 5902 This bool directly controls if the no_new_privs flag will 5903 be set on the container process. AllowPrivilegeEscalation 5904 is true always when the container is: 1) run as Privileged 5905 2) has CAP_SYS_ADMIN Note that this field cannot be set 5906 when spec.os.name is windows.' 5907 type: boolean 5908 capabilities: 5909 description: The capabilities to add/drop when running containers. 5910 Defaults to the default set of capabilities granted by 5911 the container runtime. Note that this field cannot be 5912 set when spec.os.name is windows. 5913 properties: 5914 add: 5915 description: Added capabilities 5916 items: 5917 description: Capability represent POSIX capabilities 5918 type 5919 type: string 5920 type: array 5921 drop: 5922 description: Removed capabilities 5923 items: 5924 description: Capability represent POSIX capabilities 5925 type 5926 type: string 5927 type: array 5928 type: object 5929 privileged: 5930 description: Run container in privileged mode. Processes 5931 in privileged containers are essentially equivalent to 5932 root on the host. Defaults to false. Note that this field 5933 cannot be set when spec.os.name is windows. 5934 type: boolean 5935 procMount: 5936 description: procMount denotes the type of proc mount to 5937 use for the containers. The default is DefaultProcMount 5938 which uses the container runtime defaults for readonly 5939 paths and masked paths. This requires the ProcMountType 5940 feature flag to be enabled. Note that this field cannot 5941 be set when spec.os.name is windows. 5942 type: string 5943 readOnlyRootFilesystem: 5944 description: Whether this container has a read-only root 5945 filesystem. Default is false. Note that this field cannot 5946 be set when spec.os.name is windows. 5947 type: boolean 5948 runAsGroup: 5949 description: The GID to run the entrypoint of the container 5950 process. Uses runtime default if unset. May also be set 5951 in PodSecurityContext. If set in both SecurityContext 5952 and PodSecurityContext, the value specified in SecurityContext 5953 takes precedence. Note that this field cannot be set when 5954 spec.os.name is windows. 5955 format: int64 5956 type: integer 5957 runAsNonRoot: 5958 description: Indicates that the container must run as a 5959 non-root user. If true, the Kubelet will validate the 5960 image at runtime to ensure that it does not run as UID 5961 0 (root) and fail to start the container if it does. If 5962 unset or false, no such validation will be performed. 5963 May also be set in PodSecurityContext. If set in both 5964 SecurityContext and PodSecurityContext, the value specified 5965 in SecurityContext takes precedence. 5966 type: boolean 5967 runAsUser: 5968 description: The UID to run the entrypoint of the container 5969 process. Defaults to user specified in image metadata 5970 if unspecified. May also be set in PodSecurityContext. If 5971 set in both SecurityContext and PodSecurityContext, the 5972 value specified in SecurityContext takes precedence. Note 5973 that this field cannot be set when spec.os.name is windows. 5974 format: int64 5975 type: integer 5976 seLinuxOptions: 5977 description: The SELinux context to be applied to the container. 5978 If unspecified, the container runtime will allocate a 5979 random SELinux context for each container. May also be 5980 set in PodSecurityContext. If set in both SecurityContext 5981 and PodSecurityContext, the value specified in SecurityContext 5982 takes precedence. Note that this field cannot be set when 5983 spec.os.name is windows. 5984 properties: 5985 level: 5986 description: Level is SELinux level label that applies 5987 to the container. 5988 type: string 5989 role: 5990 description: Role is a SELinux role label that applies 5991 to the container. 5992 type: string 5993 type: 5994 description: Type is a SELinux type label that applies 5995 to the container. 5996 type: string 5997 user: 5998 description: User is a SELinux user label that applies 5999 to the container. 6000 type: string 6001 type: object 6002 seccompProfile: 6003 description: The seccomp options to use by this container. 6004 If seccomp options are provided at both the pod & container 6005 level, the container options override the pod options. 6006 Note that this field cannot be set when spec.os.name is 6007 windows. 6008 properties: 6009 localhostProfile: 6010 description: localhostProfile indicates a profile defined 6011 in a file on the node should be used. The profile 6012 must be preconfigured on the node to work. Must be 6013 a descending path, relative to the kubelet's configured 6014 seccomp profile location. Must only be set if type 6015 is "Localhost". 6016 type: string 6017 type: 6018 description: "type indicates which kind of seccomp profile 6019 will be applied. Valid options are: \n Localhost - 6020 a profile defined in a file on the node should be 6021 used. RuntimeDefault - the container runtime default 6022 profile should be used. Unconfined - no profile should 6023 be applied." 6024 type: string 6025 required: 6026 - type 6027 type: object 6028 windowsOptions: 6029 description: The Windows specific settings applied to all 6030 containers. If unspecified, the options from the PodSecurityContext 6031 will be used. If set in both SecurityContext and PodSecurityContext, 6032 the value specified in SecurityContext takes precedence. 6033 Note that this field cannot be set when spec.os.name is 6034 linux. 6035 properties: 6036 gmsaCredentialSpec: 6037 description: GMSACredentialSpec is where the GMSA admission 6038 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6039 inlines the contents of the GMSA credential spec named 6040 by the GMSACredentialSpecName field. 6041 type: string 6042 gmsaCredentialSpecName: 6043 description: GMSACredentialSpecName is the name of the 6044 GMSA credential spec to use. 6045 type: string 6046 hostProcess: 6047 description: HostProcess determines if a container should 6048 be run as a 'Host Process' container. This field is 6049 alpha-level and will only be honored by components 6050 that enable the WindowsHostProcessContainers feature 6051 flag. Setting this field without the feature flag 6052 will result in errors when validating the Pod. All 6053 of a Pod's containers must have the same effective 6054 HostProcess value (it is not allowed to have a mix 6055 of HostProcess containers and non-HostProcess containers). In 6056 addition, if HostProcess is true then HostNetwork 6057 must also be set to true. 6058 type: boolean 6059 runAsUserName: 6060 description: The UserName in Windows to run the entrypoint 6061 of the container process. Defaults to the user specified 6062 in image metadata if unspecified. May also be set 6063 in PodSecurityContext. If set in both SecurityContext 6064 and PodSecurityContext, the value specified in SecurityContext 6065 takes precedence. 6066 type: string 6067 type: object 6068 type: object 6069 startupProbe: 6070 description: 'StartupProbe indicates that the Pod has successfully 6071 initialized. If specified, no other probes are executed until 6072 this completes successfully. If this probe fails, the Pod 6073 will be restarted, just as if the livenessProbe failed. This 6074 can be used to provide different probe parameters at the beginning 6075 of a Pod''s lifecycle, when it might take a long time to load 6076 data or warm a cache, than during steady-state operation. 6077 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6078 properties: 6079 exec: 6080 description: Exec specifies the action to take. 6081 properties: 6082 command: 6083 description: Command is the command line to execute 6084 inside the container, the working directory for the 6085 command is root ('/') in the container's filesystem. 6086 The command is simply exec'd, it is not run inside 6087 a shell, so traditional shell instructions ('|', etc) 6088 won't work. To use a shell, you need to explicitly 6089 call out to that shell. Exit status of 0 is treated 6090 as live/healthy and non-zero is unhealthy. 6091 items: 6092 type: string 6093 type: array 6094 type: object 6095 failureThreshold: 6096 description: Minimum consecutive failures for the probe 6097 to be considered failed after having succeeded. Defaults 6098 to 3. Minimum value is 1. 6099 format: int32 6100 type: integer 6101 grpc: 6102 description: GRPC specifies an action involving a GRPC port. 6103 This is an alpha field and requires enabling GRPCContainerProbe 6104 feature gate. 6105 properties: 6106 port: 6107 description: Port number of the gRPC service. Number 6108 must be in the range 1 to 65535. 6109 format: int32 6110 type: integer 6111 service: 6112 description: "Service is the name of the service to 6113 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 6114 \n If this is not specified, the default behavior 6115 is defined by gRPC." 6116 type: string 6117 required: 6118 - port 6119 type: object 6120 httpGet: 6121 description: HTTPGet specifies the http request to perform. 6122 properties: 6123 host: 6124 description: Host name to connect to, defaults to the 6125 pod IP. You probably want to set "Host" in httpHeaders 6126 instead. 6127 type: string 6128 httpHeaders: 6129 description: Custom headers to set in the request. HTTP 6130 allows repeated headers. 6131 items: 6132 description: HTTPHeader describes a custom header 6133 to be used in HTTP probes 6134 properties: 6135 name: 6136 description: The header field name 6137 type: string 6138 value: 6139 description: The header field value 6140 type: string 6141 required: 6142 - name 6143 - value 6144 type: object 6145 type: array 6146 path: 6147 description: Path to access on the HTTP server. 6148 type: string 6149 port: 6150 anyOf: 6151 - type: integer 6152 - type: string 6153 description: Name or number of the port to access on 6154 the container. Number must be in the range 1 to 65535. 6155 Name must be an IANA_SVC_NAME. 6156 x-kubernetes-int-or-string: true 6157 scheme: 6158 description: Scheme to use for connecting to the host. 6159 Defaults to HTTP. 6160 type: string 6161 required: 6162 - port 6163 type: object 6164 initialDelaySeconds: 6165 description: 'Number of seconds after the container has 6166 started before liveness probes are initiated. More info: 6167 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6168 format: int32 6169 type: integer 6170 periodSeconds: 6171 description: How often (in seconds) to perform the probe. 6172 Default to 10 seconds. Minimum value is 1. 6173 format: int32 6174 type: integer 6175 successThreshold: 6176 description: Minimum consecutive successes for the probe 6177 to be considered successful after having failed. Defaults 6178 to 1. Must be 1 for liveness and startup. Minimum value 6179 is 1. 6180 format: int32 6181 type: integer 6182 tcpSocket: 6183 description: TCPSocket specifies an action involving a TCP 6184 port. 6185 properties: 6186 host: 6187 description: 'Optional: Host name to connect to, defaults 6188 to the pod IP.' 6189 type: string 6190 port: 6191 anyOf: 6192 - type: integer 6193 - type: string 6194 description: Number or name of the port to access on 6195 the container. Number must be in the range 1 to 65535. 6196 Name must be an IANA_SVC_NAME. 6197 x-kubernetes-int-or-string: true 6198 required: 6199 - port 6200 type: object 6201 terminationGracePeriodSeconds: 6202 description: Optional duration in seconds the pod needs 6203 to terminate gracefully upon probe failure. The grace 6204 period is the duration in seconds after the processes 6205 running in the pod are sent a termination signal and the 6206 time when the processes are forcibly halted with a kill 6207 signal. Set this value longer than the expected cleanup 6208 time for your process. If this value is nil, the pod's 6209 terminationGracePeriodSeconds will be used. Otherwise, 6210 this value overrides the value provided by the pod spec. 6211 Value must be non-negative integer. The value zero indicates 6212 stop immediately via the kill signal (no opportunity to 6213 shut down). This is a beta field and requires enabling 6214 ProbeTerminationGracePeriod feature gate. Minimum value 6215 is 1. spec.terminationGracePeriodSeconds is used if unset. 6216 format: int64 6217 type: integer 6218 timeoutSeconds: 6219 description: 'Number of seconds after which the probe times 6220 out. Defaults to 1 second. Minimum value is 1. More info: 6221 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6222 format: int32 6223 type: integer 6224 type: object 6225 stdin: 6226 description: Whether this container should allocate a buffer 6227 for stdin in the container runtime. If this is not set, reads 6228 from stdin in the container will always result in EOF. Default 6229 is false. 6230 type: boolean 6231 stdinOnce: 6232 description: Whether the container runtime should close the 6233 stdin channel after it has been opened by a single attach. 6234 When stdin is true the stdin stream will remain open across 6235 multiple attach sessions. If stdinOnce is set to true, stdin 6236 is opened on container start, is empty until the first client 6237 attaches to stdin, and then remains open and accepts data 6238 until the client disconnects, at which time stdin is closed 6239 and remains closed until the container is restarted. If this 6240 flag is false, a container processes that reads from stdin 6241 will never receive an EOF. Default is false 6242 type: boolean 6243 terminationMessagePath: 6244 description: 'Optional: Path at which the file to which the 6245 container''s termination message will be written is mounted 6246 into the container''s filesystem. Message written is intended 6247 to be brief final status, such as an assertion failure message. 6248 Will be truncated by the node if greater than 4096 bytes. 6249 The total message length across all containers will be limited 6250 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 6251 type: string 6252 terminationMessagePolicy: 6253 description: Indicate how the termination message should be 6254 populated. File will use the contents of terminationMessagePath 6255 to populate the container status message on both success and 6256 failure. FallbackToLogsOnError will use the last chunk of 6257 container log output if the termination message file is empty 6258 and the container exited with an error. The log output is 6259 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 6260 to File. Cannot be updated. 6261 type: string 6262 tty: 6263 description: Whether this container should allocate a TTY for 6264 itself, also requires 'stdin' to be true. Default is false. 6265 type: boolean 6266 volumeDevices: 6267 description: volumeDevices is the list of block devices to be 6268 used by the container. 6269 items: 6270 description: volumeDevice describes a mapping of a raw block 6271 device within a container. 6272 properties: 6273 devicePath: 6274 description: devicePath is the path inside of the container 6275 that the device will be mapped to. 6276 type: string 6277 name: 6278 description: name must match the name of a persistentVolumeClaim 6279 in the pod 6280 type: string 6281 required: 6282 - devicePath 6283 - name 6284 type: object 6285 type: array 6286 volumeMounts: 6287 description: Pod volumes to mount into the container's filesystem. 6288 Cannot be updated. 6289 items: 6290 description: VolumeMount describes a mounting of a Volume 6291 within a container. 6292 properties: 6293 mountPath: 6294 description: Path within the container at which the volume 6295 should be mounted. Must not contain ':'. 6296 type: string 6297 mountPropagation: 6298 description: mountPropagation determines how mounts are 6299 propagated from the host to container and the other 6300 way around. When not set, MountPropagationNone is used. 6301 This field is beta in 1.10. 6302 type: string 6303 name: 6304 description: This must match the Name of a Volume. 6305 type: string 6306 readOnly: 6307 description: Mounted read-only if true, read-write otherwise 6308 (false or unspecified). Defaults to false. 6309 type: boolean 6310 subPath: 6311 description: Path within the volume from which the container's 6312 volume should be mounted. Defaults to "" (volume's root). 6313 type: string 6314 subPathExpr: 6315 description: Expanded path within the volume from which 6316 the container's volume should be mounted. Behaves similarly 6317 to SubPath but environment variable references $(VAR_NAME) 6318 are expanded using the container's environment. Defaults 6319 to "" (volume's root). SubPathExpr and SubPath are mutually 6320 exclusive. 6321 type: string 6322 required: 6323 - mountPath 6324 - name 6325 type: object 6326 type: array 6327 workingDir: 6328 description: Container's working directory. If not specified, 6329 the container runtime's default will be used, which might 6330 be configured in the container image. Cannot be updated. 6331 type: string 6332 required: 6333 - name 6334 type: object 6335 type: array 6336 listenLocal: 6337 description: ListenLocal makes the Alertmanager server listen on loopback, 6338 so that it does not bind against the Pod IP. Note this is only for 6339 the Alertmanager UI, not the gossip communication. 6340 type: boolean 6341 logFormat: 6342 description: Log format for Alertmanager to be configured with. 6343 type: string 6344 logLevel: 6345 description: Log level for Alertmanager to be configured with. 6346 type: string 6347 minReadySeconds: 6348 description: Minimum number of seconds for which a newly created pod 6349 should be ready without any of its container crashing for it to 6350 be considered available. Defaults to 0 (pod will be considered available 6351 as soon as it is ready) This is an alpha field and requires enabling 6352 StatefulSetMinReadySeconds feature gate. 6353 format: int32 6354 type: integer 6355 nodeSelector: 6356 additionalProperties: 6357 type: string 6358 description: Define which Nodes the Pods are scheduled on. 6359 type: object 6360 paused: 6361 description: If set to true all actions on the underlying managed 6362 objects are not goint to be performed, except for delete actions. 6363 type: boolean 6364 podMetadata: 6365 description: PodMetadata configures Labels and Annotations which are 6366 propagated to the alertmanager pods. 6367 properties: 6368 annotations: 6369 additionalProperties: 6370 type: string 6371 description: 'Annotations is an unstructured key value map stored 6372 with a resource that may be set by external tools to store and 6373 retrieve arbitrary metadata. They are not queryable and should 6374 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 6375 type: object 6376 labels: 6377 additionalProperties: 6378 type: string 6379 description: 'Map of string keys and values that can be used to 6380 organize and categorize (scope and select) objects. May match 6381 selectors of replication controllers and services. More info: 6382 http://kubernetes.io/docs/user-guide/labels' 6383 type: object 6384 name: 6385 description: 'Name must be unique within a namespace. Is required 6386 when creating resources, although some resources may allow a 6387 client to request the generation of an appropriate name automatically. 6388 Name is primarily intended for creation idempotence and configuration 6389 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 6390 type: string 6391 type: object 6392 portName: 6393 description: Port name used for the pods and governing service. This 6394 defaults to web 6395 type: string 6396 priorityClassName: 6397 description: Priority class assigned to the Pods 6398 type: string 6399 replicas: 6400 description: Size is the expected size of the alertmanager cluster. 6401 The controller will eventually make the size of the running cluster 6402 equal to the expected size. 6403 format: int32 6404 type: integer 6405 resources: 6406 description: Define resources requests and limits for single Pods. 6407 properties: 6408 limits: 6409 additionalProperties: 6410 anyOf: 6411 - type: integer 6412 - type: string 6413 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6414 x-kubernetes-int-or-string: true 6415 description: 'Limits describes the maximum amount of compute resources 6416 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6417 type: object 6418 requests: 6419 additionalProperties: 6420 anyOf: 6421 - type: integer 6422 - type: string 6423 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6424 x-kubernetes-int-or-string: true 6425 description: 'Requests describes the minimum amount of compute 6426 resources required. If Requests is omitted for a container, 6427 it defaults to Limits if that is explicitly specified, otherwise 6428 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6429 type: object 6430 type: object 6431 retention: 6432 description: Time duration Alertmanager shall retain data for. Default 6433 is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` 6434 (milliseconds seconds minutes hours). 6435 type: string 6436 routePrefix: 6437 description: The route prefix Alertmanager registers HTTP handlers 6438 for. This is useful, if using ExternalURL and a proxy is rewriting 6439 HTTP routes of a request, and the actual ExternalURL is still true, 6440 but the server serves requests under a different route prefix. For 6441 example for use with `kubectl proxy`. 6442 type: string 6443 secrets: 6444 description: Secrets is a list of Secrets in the same namespace as 6445 the Alertmanager object, which shall be mounted into the Alertmanager 6446 Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>. 6447 items: 6448 type: string 6449 type: array 6450 securityContext: 6451 description: SecurityContext holds pod-level security attributes and 6452 common container settings. This defaults to the default PodSecurityContext. 6453 properties: 6454 fsGroup: 6455 description: "A special supplemental group that applies to all 6456 containers in a pod. Some volume types allow the Kubelet to 6457 change the ownership of that volume to be owned by the pod: 6458 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 6459 set (new files created in the volume will be owned by FSGroup) 6460 3. The permission bits are OR'd with rw-rw---- \n If unset, 6461 the Kubelet will not modify the ownership and permissions of 6462 any volume. Note that this field cannot be set when spec.os.name 6463 is windows." 6464 format: int64 6465 type: integer 6466 fsGroupChangePolicy: 6467 description: 'fsGroupChangePolicy defines behavior of changing 6468 ownership and permission of the volume before being exposed 6469 inside Pod. This field will only apply to volume types which 6470 support fsGroup based ownership(and permissions). It will have 6471 no effect on ephemeral volume types such as: secret, configmaps 6472 and emptydir. Valid values are "OnRootMismatch" and "Always". 6473 If not specified, "Always" is used. Note that this field cannot 6474 be set when spec.os.name is windows.' 6475 type: string 6476 runAsGroup: 6477 description: The GID to run the entrypoint of the container process. 6478 Uses runtime default if unset. May also be set in SecurityContext. If 6479 set in both SecurityContext and PodSecurityContext, the value 6480 specified in SecurityContext takes precedence for that container. 6481 Note that this field cannot be set when spec.os.name is windows. 6482 format: int64 6483 type: integer 6484 runAsNonRoot: 6485 description: Indicates that the container must run as a non-root 6486 user. If true, the Kubelet will validate the image at runtime 6487 to ensure that it does not run as UID 0 (root) and fail to start 6488 the container if it does. If unset or false, no such validation 6489 will be performed. May also be set in SecurityContext. If set 6490 in both SecurityContext and PodSecurityContext, the value specified 6491 in SecurityContext takes precedence. 6492 type: boolean 6493 runAsUser: 6494 description: The UID to run the entrypoint of the container process. 6495 Defaults to user specified in image metadata if unspecified. 6496 May also be set in SecurityContext. If set in both SecurityContext 6497 and PodSecurityContext, the value specified in SecurityContext 6498 takes precedence for that container. Note that this field cannot 6499 be set when spec.os.name is windows. 6500 format: int64 6501 type: integer 6502 seLinuxOptions: 6503 description: The SELinux context to be applied to all containers. 6504 If unspecified, the container runtime will allocate a random 6505 SELinux context for each container. May also be set in SecurityContext. If 6506 set in both SecurityContext and PodSecurityContext, the value 6507 specified in SecurityContext takes precedence for that container. 6508 Note that this field cannot be set when spec.os.name is windows. 6509 properties: 6510 level: 6511 description: Level is SELinux level label that applies to 6512 the container. 6513 type: string 6514 role: 6515 description: Role is a SELinux role label that applies to 6516 the container. 6517 type: string 6518 type: 6519 description: Type is a SELinux type label that applies to 6520 the container. 6521 type: string 6522 user: 6523 description: User is a SELinux user label that applies to 6524 the container. 6525 type: string 6526 type: object 6527 seccompProfile: 6528 description: The seccomp options to use by the containers in this 6529 pod. Note that this field cannot be set when spec.os.name is 6530 windows. 6531 properties: 6532 localhostProfile: 6533 description: localhostProfile indicates a profile defined 6534 in a file on the node should be used. The profile must be 6535 preconfigured on the node to work. Must be a descending 6536 path, relative to the kubelet's configured seccomp profile 6537 location. Must only be set if type is "Localhost". 6538 type: string 6539 type: 6540 description: "type indicates which kind of seccomp profile 6541 will be applied. Valid options are: \n Localhost - a profile 6542 defined in a file on the node should be used. RuntimeDefault 6543 - the container runtime default profile should be used. 6544 Unconfined - no profile should be applied." 6545 type: string 6546 required: 6547 - type 6548 type: object 6549 supplementalGroups: 6550 description: A list of groups applied to the first process run 6551 in each container, in addition to the container's primary GID. If 6552 unspecified, no groups will be added to any container. Note 6553 that this field cannot be set when spec.os.name is windows. 6554 items: 6555 format: int64 6556 type: integer 6557 type: array 6558 sysctls: 6559 description: Sysctls hold a list of namespaced sysctls used for 6560 the pod. Pods with unsupported sysctls (by the container runtime) 6561 might fail to launch. Note that this field cannot be set when 6562 spec.os.name is windows. 6563 items: 6564 description: Sysctl defines a kernel parameter to be set 6565 properties: 6566 name: 6567 description: Name of a property to set 6568 type: string 6569 value: 6570 description: Value of a property to set 6571 type: string 6572 required: 6573 - name 6574 - value 6575 type: object 6576 type: array 6577 windowsOptions: 6578 description: The Windows specific settings applied to all containers. 6579 If unspecified, the options within a container's SecurityContext 6580 will be used. If set in both SecurityContext and PodSecurityContext, 6581 the value specified in SecurityContext takes precedence. Note 6582 that this field cannot be set when spec.os.name is linux. 6583 properties: 6584 gmsaCredentialSpec: 6585 description: GMSACredentialSpec is where the GMSA admission 6586 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6587 inlines the contents of the GMSA credential spec named by 6588 the GMSACredentialSpecName field. 6589 type: string 6590 gmsaCredentialSpecName: 6591 description: GMSACredentialSpecName is the name of the GMSA 6592 credential spec to use. 6593 type: string 6594 hostProcess: 6595 description: HostProcess determines if a container should 6596 be run as a 'Host Process' container. This field is alpha-level 6597 and will only be honored by components that enable the WindowsHostProcessContainers 6598 feature flag. Setting this field without the feature flag 6599 will result in errors when validating the Pod. All of a 6600 Pod's containers must have the same effective HostProcess 6601 value (it is not allowed to have a mix of HostProcess containers 6602 and non-HostProcess containers). In addition, if HostProcess 6603 is true then HostNetwork must also be set to true. 6604 type: boolean 6605 runAsUserName: 6606 description: The UserName in Windows to run the entrypoint 6607 of the container process. Defaults to the user specified 6608 in image metadata if unspecified. May also be set in PodSecurityContext. 6609 If set in both SecurityContext and PodSecurityContext, the 6610 value specified in SecurityContext takes precedence. 6611 type: string 6612 type: object 6613 type: object 6614 serviceAccountName: 6615 description: ServiceAccountName is the name of the ServiceAccount 6616 to use to run the Prometheus Pods. 6617 type: string 6618 sha: 6619 description: 'SHA of Alertmanager container image to be deployed. 6620 Defaults to the value of `version`. Similar to a tag, but the SHA 6621 explicitly deploys an immutable container image. Version and Tag 6622 are ignored if SHA is set. Deprecated: use ''image'' instead. The 6623 image digest can be specified as part of the image URL.' 6624 type: string 6625 storage: 6626 description: Storage is the definition of how storage will be used 6627 by the Alertmanager instances. 6628 properties: 6629 disableMountSubPath: 6630 description: 'Deprecated: subPath usage will be disabled by default 6631 in a future release, this option will become unnecessary. DisableMountSubPath 6632 allows to remove any subPath usage in volume mounts.' 6633 type: boolean 6634 emptyDir: 6635 description: 'EmptyDirVolumeSource to be used by the Prometheus 6636 StatefulSets. If specified, used in place of any volumeClaimTemplate. 6637 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 6638 properties: 6639 medium: 6640 description: 'What type of storage medium should back this 6641 directory. The default is "" which means to use the node''s 6642 default medium. Must be an empty string (default) or Memory. 6643 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6644 type: string 6645 sizeLimit: 6646 anyOf: 6647 - type: integer 6648 - type: string 6649 description: 'Total amount of local storage required for this 6650 EmptyDir volume. The size limit is also applicable for memory 6651 medium. The maximum usage on memory medium EmptyDir would 6652 be the minimum value between the SizeLimit specified here 6653 and the sum of memory limits of all containers in a pod. 6654 The default is nil which means that the limit is undefined. 6655 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 6656 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6657 x-kubernetes-int-or-string: true 6658 type: object 6659 ephemeral: 6660 description: 'EphemeralVolumeSource to be used by the Prometheus 6661 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 6662 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 6663 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 6664 properties: 6665 volumeClaimTemplate: 6666 description: "Will be used to create a stand-alone PVC to 6667 provision the volume. The pod in which this EphemeralVolumeSource 6668 is embedded will be the owner of the PVC, i.e. the PVC will 6669 be deleted together with the pod. The name of the PVC will 6670 be `<pod name>-<volume name>` where `<volume name>` is the 6671 name from the `PodSpec.Volumes` array entry. Pod validation 6672 will reject the pod if the concatenated name is not valid 6673 for a PVC (for example, too long). \n An existing PVC with 6674 that name that is not owned by the pod will *not* be used 6675 for the pod to avoid using an unrelated volume by mistake. 6676 Starting the pod is then blocked until the unrelated PVC 6677 is removed. If such a pre-created PVC is meant to be used 6678 by the pod, the PVC has to updated with an owner reference 6679 to the pod once the pod exists. Normally this should not 6680 be necessary, but it may be useful when manually reconstructing 6681 a broken cluster. \n This field is read-only and no changes 6682 will be made by Kubernetes to the PVC after it has been 6683 created. \n Required, must not be nil." 6684 properties: 6685 metadata: 6686 description: May contain labels and annotations that will 6687 be copied into the PVC when creating it. No other fields 6688 are allowed and will be rejected during validation. 6689 type: object 6690 spec: 6691 description: The specification for the PersistentVolumeClaim. 6692 The entire content is copied unchanged into the PVC 6693 that gets created from this template. The same fields 6694 as in a PersistentVolumeClaim are also valid here. 6695 properties: 6696 accessModes: 6697 description: 'AccessModes contains the desired access 6698 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6699 items: 6700 type: string 6701 type: array 6702 dataSource: 6703 description: 'This field can be used to specify either: 6704 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6705 * An existing PVC (PersistentVolumeClaim) If the 6706 provisioner or an external controller can support 6707 the specified data source, it will create a new 6708 volume based on the contents of the specified data 6709 source. If the AnyVolumeDataSource feature gate 6710 is enabled, this field will always have the same 6711 contents as the DataSourceRef field.' 6712 properties: 6713 apiGroup: 6714 description: APIGroup is the group for the resource 6715 being referenced. If APIGroup is not specified, 6716 the specified Kind must be in the core API group. 6717 For any other third-party types, APIGroup is 6718 required. 6719 type: string 6720 kind: 6721 description: Kind is the type of resource being 6722 referenced 6723 type: string 6724 name: 6725 description: Name is the name of resource being 6726 referenced 6727 type: string 6728 required: 6729 - kind 6730 - name 6731 type: object 6732 dataSourceRef: 6733 description: 'Specifies the object from which to populate 6734 the volume with data, if a non-empty volume is desired. 6735 This may be any local object from a non-empty API 6736 group (non core object) or a PersistentVolumeClaim 6737 object. When this field is specified, volume binding 6738 will only succeed if the type of the specified object 6739 matches some installed volume populator or dynamic 6740 provisioner. This field will replace the functionality 6741 of the DataSource field and as such if both fields 6742 are non-empty, they must have the same value. For 6743 backwards compatibility, both fields (DataSource 6744 and DataSourceRef) will be set to the same value 6745 automatically if one of them is empty and the other 6746 is non-empty. There are two important differences 6747 between DataSource and DataSourceRef: * While DataSource 6748 only allows two specific types of objects, DataSourceRef allows 6749 any non-core object, as well as PersistentVolumeClaim 6750 objects. * While DataSource ignores disallowed values 6751 (dropping them), DataSourceRef preserves all values, 6752 and generates an error if a disallowed value is specified. 6753 (Alpha) Using this field requires the AnyVolumeDataSource 6754 feature gate to be enabled.' 6755 properties: 6756 apiGroup: 6757 description: APIGroup is the group for the resource 6758 being referenced. If APIGroup is not specified, 6759 the specified Kind must be in the core API group. 6760 For any other third-party types, APIGroup is 6761 required. 6762 type: string 6763 kind: 6764 description: Kind is the type of resource being 6765 referenced 6766 type: string 6767 name: 6768 description: Name is the name of resource being 6769 referenced 6770 type: string 6771 required: 6772 - kind 6773 - name 6774 type: object 6775 resources: 6776 description: 'Resources represents the minimum resources 6777 the volume should have. If RecoverVolumeExpansionFailure 6778 feature is enabled users are allowed to specify 6779 resource requirements that are lower than previous 6780 value but must still be higher than capacity recorded 6781 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6782 properties: 6783 limits: 6784 additionalProperties: 6785 anyOf: 6786 - type: integer 6787 - type: string 6788 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6789 x-kubernetes-int-or-string: true 6790 description: 'Limits describes the maximum amount 6791 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6792 type: object 6793 requests: 6794 additionalProperties: 6795 anyOf: 6796 - type: integer 6797 - type: string 6798 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6799 x-kubernetes-int-or-string: true 6800 description: 'Requests describes the minimum amount 6801 of compute resources required. If Requests is 6802 omitted for a container, it defaults to Limits 6803 if that is explicitly specified, otherwise to 6804 an implementation-defined value. More info: 6805 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6806 type: object 6807 type: object 6808 selector: 6809 description: A label query over volumes to consider 6810 for binding. 6811 properties: 6812 matchExpressions: 6813 description: matchExpressions is a list of label 6814 selector requirements. The requirements are 6815 ANDed. 6816 items: 6817 description: A label selector requirement is 6818 a selector that contains values, a key, and 6819 an operator that relates the key and values. 6820 properties: 6821 key: 6822 description: key is the label key that the 6823 selector applies to. 6824 type: string 6825 operator: 6826 description: operator represents a key's 6827 relationship to a set of values. Valid 6828 operators are In, NotIn, Exists and DoesNotExist. 6829 type: string 6830 values: 6831 description: values is an array of string 6832 values. If the operator is In or NotIn, 6833 the values array must be non-empty. If 6834 the operator is Exists or DoesNotExist, 6835 the values array must be empty. This array 6836 is replaced during a strategic merge patch. 6837 items: 6838 type: string 6839 type: array 6840 required: 6841 - key 6842 - operator 6843 type: object 6844 type: array 6845 matchLabels: 6846 additionalProperties: 6847 type: string 6848 description: matchLabels is a map of {key,value} 6849 pairs. A single {key,value} in the matchLabels 6850 map is equivalent to an element of matchExpressions, 6851 whose key field is "key", the operator is "In", 6852 and the values array contains only "value". 6853 The requirements are ANDed. 6854 type: object 6855 type: object 6856 storageClassName: 6857 description: 'Name of the StorageClass required by 6858 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6859 type: string 6860 volumeMode: 6861 description: volumeMode defines what type of volume 6862 is required by the claim. Value of Filesystem is 6863 implied when not included in claim spec. 6864 type: string 6865 volumeName: 6866 description: VolumeName is the binding reference to 6867 the PersistentVolume backing this claim. 6868 type: string 6869 type: object 6870 required: 6871 - spec 6872 type: object 6873 type: object 6874 volumeClaimTemplate: 6875 description: A PVC spec to be used by the Prometheus StatefulSets. 6876 properties: 6877 apiVersion: 6878 description: 'APIVersion defines the versioned schema of this 6879 representation of an object. Servers should convert recognized 6880 schemas to the latest internal value, and may reject unrecognized 6881 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6882 type: string 6883 kind: 6884 description: 'Kind is a string value representing the REST 6885 resource this object represents. Servers may infer this 6886 from the endpoint the client submits requests to. Cannot 6887 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6888 type: string 6889 metadata: 6890 description: EmbeddedMetadata contains metadata relevant to 6891 an EmbeddedResource. 6892 properties: 6893 annotations: 6894 additionalProperties: 6895 type: string 6896 description: 'Annotations is an unstructured key value 6897 map stored with a resource that may be set by external 6898 tools to store and retrieve arbitrary metadata. They 6899 are not queryable and should be preserved when modifying 6900 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 6901 type: object 6902 labels: 6903 additionalProperties: 6904 type: string 6905 description: 'Map of string keys and values that can be 6906 used to organize and categorize (scope and select) objects. 6907 May match selectors of replication controllers and services. 6908 More info: http://kubernetes.io/docs/user-guide/labels' 6909 type: object 6910 name: 6911 description: 'Name must be unique within a namespace. 6912 Is required when creating resources, although some resources 6913 may allow a client to request the generation of an appropriate 6914 name automatically. Name is primarily intended for creation 6915 idempotence and configuration definition. Cannot be 6916 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 6917 type: string 6918 type: object 6919 spec: 6920 description: 'Spec defines the desired characteristics of 6921 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6922 properties: 6923 accessModes: 6924 description: 'AccessModes contains the desired access 6925 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6926 items: 6927 type: string 6928 type: array 6929 dataSource: 6930 description: 'This field can be used to specify either: 6931 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6932 * An existing PVC (PersistentVolumeClaim) If the provisioner 6933 or an external controller can support the specified 6934 data source, it will create a new volume based on the 6935 contents of the specified data source. If the AnyVolumeDataSource 6936 feature gate is enabled, this field will always have 6937 the same contents as the DataSourceRef field.' 6938 properties: 6939 apiGroup: 6940 description: APIGroup is the group for the resource 6941 being referenced. If APIGroup is not specified, 6942 the specified Kind must be in the core API group. 6943 For any other third-party types, APIGroup is required. 6944 type: string 6945 kind: 6946 description: Kind is the type of resource being referenced 6947 type: string 6948 name: 6949 description: Name is the name of resource being referenced 6950 type: string 6951 required: 6952 - kind 6953 - name 6954 type: object 6955 dataSourceRef: 6956 description: 'Specifies the object from which to populate 6957 the volume with data, if a non-empty volume is desired. 6958 This may be any local object from a non-empty API group 6959 (non core object) or a PersistentVolumeClaim object. 6960 When this field is specified, volume binding will only 6961 succeed if the type of the specified object matches 6962 some installed volume populator or dynamic provisioner. 6963 This field will replace the functionality of the DataSource 6964 field and as such if both fields are non-empty, they 6965 must have the same value. For backwards compatibility, 6966 both fields (DataSource and DataSourceRef) will be set 6967 to the same value automatically if one of them is empty 6968 and the other is non-empty. There are two important 6969 differences between DataSource and DataSourceRef: * 6970 While DataSource only allows two specific types of objects, 6971 DataSourceRef allows any non-core object, as well 6972 as PersistentVolumeClaim objects. * While DataSource 6973 ignores disallowed values (dropping them), DataSourceRef preserves 6974 all values, and generates an error if a disallowed value 6975 is specified. (Alpha) Using this field requires the 6976 AnyVolumeDataSource feature gate to be enabled.' 6977 properties: 6978 apiGroup: 6979 description: APIGroup is the group for the resource 6980 being referenced. If APIGroup is not specified, 6981 the specified Kind must be in the core API group. 6982 For any other third-party types, APIGroup is required. 6983 type: string 6984 kind: 6985 description: Kind is the type of resource being referenced 6986 type: string 6987 name: 6988 description: Name is the name of resource being referenced 6989 type: string 6990 required: 6991 - kind 6992 - name 6993 type: object 6994 resources: 6995 description: 'Resources represents the minimum resources 6996 the volume should have. If RecoverVolumeExpansionFailure 6997 feature is enabled users are allowed to specify resource 6998 requirements that are lower than previous value but 6999 must still be higher than capacity recorded in the status 7000 field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7001 properties: 7002 limits: 7003 additionalProperties: 7004 anyOf: 7005 - type: integer 7006 - type: string 7007 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7008 x-kubernetes-int-or-string: true 7009 description: 'Limits describes the maximum amount 7010 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7011 type: object 7012 requests: 7013 additionalProperties: 7014 anyOf: 7015 - type: integer 7016 - type: string 7017 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7018 x-kubernetes-int-or-string: true 7019 description: 'Requests describes the minimum amount 7020 of compute resources required. If Requests is omitted 7021 for a container, it defaults to Limits if that is 7022 explicitly specified, otherwise to an implementation-defined 7023 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7024 type: object 7025 type: object 7026 selector: 7027 description: A label query over volumes to consider for 7028 binding. 7029 properties: 7030 matchExpressions: 7031 description: matchExpressions is a list of label selector 7032 requirements. The requirements are ANDed. 7033 items: 7034 description: A label selector requirement is a selector 7035 that contains values, a key, and an operator that 7036 relates the key and values. 7037 properties: 7038 key: 7039 description: key is the label key that the selector 7040 applies to. 7041 type: string 7042 operator: 7043 description: operator represents a key's relationship 7044 to a set of values. Valid operators are In, 7045 NotIn, Exists and DoesNotExist. 7046 type: string 7047 values: 7048 description: values is an array of string values. 7049 If the operator is In or NotIn, the values 7050 array must be non-empty. If the operator is 7051 Exists or DoesNotExist, the values array must 7052 be empty. This array is replaced during a 7053 strategic merge patch. 7054 items: 7055 type: string 7056 type: array 7057 required: 7058 - key 7059 - operator 7060 type: object 7061 type: array 7062 matchLabels: 7063 additionalProperties: 7064 type: string 7065 description: matchLabels is a map of {key,value} pairs. 7066 A single {key,value} in the matchLabels map is equivalent 7067 to an element of matchExpressions, whose key field 7068 is "key", the operator is "In", and the values array 7069 contains only "value". The requirements are ANDed. 7070 type: object 7071 type: object 7072 storageClassName: 7073 description: 'Name of the StorageClass required by the 7074 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7075 type: string 7076 volumeMode: 7077 description: volumeMode defines what type of volume is 7078 required by the claim. Value of Filesystem is implied 7079 when not included in claim spec. 7080 type: string 7081 volumeName: 7082 description: VolumeName is the binding reference to the 7083 PersistentVolume backing this claim. 7084 type: string 7085 type: object 7086 status: 7087 description: 'Status represents the current information/status 7088 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7089 properties: 7090 accessModes: 7091 description: 'AccessModes contains the actual access modes 7092 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 7093 items: 7094 type: string 7095 type: array 7096 allocatedResources: 7097 additionalProperties: 7098 anyOf: 7099 - type: integer 7100 - type: string 7101 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7102 x-kubernetes-int-or-string: true 7103 description: The storage resource within AllocatedResources 7104 tracks the capacity allocated to a PVC. It may be larger 7105 than the actual capacity when a volume expansion operation 7106 is requested. For storage quota, the larger value from 7107 allocatedResources and PVC.spec.resources is used. If 7108 allocatedResources is not set, PVC.spec.resources alone 7109 is used for quota calculation. If a volume expansion 7110 capacity request is lowered, allocatedResources is only 7111 lowered if there are no expansion operations in progress 7112 and if the actual volume capacity is equal or lower 7113 than the requested capacity. This is an alpha field 7114 and requires enabling RecoverVolumeExpansionFailure 7115 feature. 7116 type: object 7117 capacity: 7118 additionalProperties: 7119 anyOf: 7120 - type: integer 7121 - type: string 7122 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7123 x-kubernetes-int-or-string: true 7124 description: Represents the actual resources of the underlying 7125 volume. 7126 type: object 7127 conditions: 7128 description: Current Condition of persistent volume claim. 7129 If underlying persistent volume is being resized then 7130 the Condition will be set to 'ResizeStarted'. 7131 items: 7132 description: PersistentVolumeClaimCondition contails 7133 details about state of pvc 7134 properties: 7135 lastProbeTime: 7136 description: Last time we probed the condition. 7137 format: date-time 7138 type: string 7139 lastTransitionTime: 7140 description: Last time the condition transitioned 7141 from one status to another. 7142 format: date-time 7143 type: string 7144 message: 7145 description: Human-readable message indicating details 7146 about last transition. 7147 type: string 7148 reason: 7149 description: Unique, this should be a short, machine 7150 understandable string that gives the reason for 7151 condition's last transition. If it reports "ResizeStarted" 7152 that means the underlying persistent volume is 7153 being resized. 7154 type: string 7155 status: 7156 type: string 7157 type: 7158 description: PersistentVolumeClaimConditionType 7159 is a valid value of PersistentVolumeClaimCondition.Type 7160 type: string 7161 required: 7162 - status 7163 - type 7164 type: object 7165 type: array 7166 phase: 7167 description: Phase represents the current phase of PersistentVolumeClaim. 7168 type: string 7169 resizeStatus: 7170 description: ResizeStatus stores status of resize operation. 7171 ResizeStatus is not set by default but when expansion 7172 is complete resizeStatus is set to empty string by resize 7173 controller or kubelet. This is an alpha field and requires 7174 enabling RecoverVolumeExpansionFailure feature. 7175 type: string 7176 type: object 7177 type: object 7178 type: object 7179 tag: 7180 description: 'Tag of Alertmanager container image to be deployed. 7181 Defaults to the value of `version`. Version is ignored if Tag is 7182 set. Deprecated: use ''image'' instead. The image tag can be specified 7183 as part of the image URL.' 7184 type: string 7185 tolerations: 7186 description: If specified, the pod's tolerations. 7187 items: 7188 description: The pod this Toleration is attached to tolerates any 7189 taint that matches the triple <key,value,effect> using the matching 7190 operator <operator>. 7191 properties: 7192 effect: 7193 description: Effect indicates the taint effect to match. Empty 7194 means match all taint effects. When specified, allowed values 7195 are NoSchedule, PreferNoSchedule and NoExecute. 7196 type: string 7197 key: 7198 description: Key is the taint key that the toleration applies 7199 to. Empty means match all taint keys. If the key is empty, 7200 operator must be Exists; this combination means to match all 7201 values and all keys. 7202 type: string 7203 operator: 7204 description: Operator represents a key's relationship to the 7205 value. Valid operators are Exists and Equal. Defaults to Equal. 7206 Exists is equivalent to wildcard for value, so that a pod 7207 can tolerate all taints of a particular category. 7208 type: string 7209 tolerationSeconds: 7210 description: TolerationSeconds represents the period of time 7211 the toleration (which must be of effect NoExecute, otherwise 7212 this field is ignored) tolerates the taint. By default, it 7213 is not set, which means tolerate the taint forever (do not 7214 evict). Zero and negative values will be treated as 0 (evict 7215 immediately) by the system. 7216 format: int64 7217 type: integer 7218 value: 7219 description: Value is the taint value the toleration matches 7220 to. If the operator is Exists, the value should be empty, 7221 otherwise just a regular string. 7222 type: string 7223 type: object 7224 type: array 7225 topologySpreadConstraints: 7226 description: If specified, the pod's topology spread constraints. 7227 items: 7228 description: TopologySpreadConstraint specifies how to spread matching 7229 pods among the given topology. 7230 properties: 7231 labelSelector: 7232 description: LabelSelector is used to find matching pods. Pods 7233 that match this label selector are counted to determine the 7234 number of pods in their corresponding topology domain. 7235 properties: 7236 matchExpressions: 7237 description: matchExpressions is a list of label selector 7238 requirements. The requirements are ANDed. 7239 items: 7240 description: A label selector requirement is a selector 7241 that contains values, a key, and an operator that relates 7242 the key and values. 7243 properties: 7244 key: 7245 description: key is the label key that the selector 7246 applies to. 7247 type: string 7248 operator: 7249 description: operator represents a key's relationship 7250 to a set of values. Valid operators are In, NotIn, 7251 Exists and DoesNotExist. 7252 type: string 7253 values: 7254 description: values is an array of string values. 7255 If the operator is In or NotIn, the values array 7256 must be non-empty. If the operator is Exists or 7257 DoesNotExist, the values array must be empty. This 7258 array is replaced during a strategic merge patch. 7259 items: 7260 type: string 7261 type: array 7262 required: 7263 - key 7264 - operator 7265 type: object 7266 type: array 7267 matchLabels: 7268 additionalProperties: 7269 type: string 7270 description: matchLabels is a map of {key,value} pairs. 7271 A single {key,value} in the matchLabels map is equivalent 7272 to an element of matchExpressions, whose key field is 7273 "key", the operator is "In", and the values array contains 7274 only "value". The requirements are ANDed. 7275 type: object 7276 type: object 7277 maxSkew: 7278 description: 'MaxSkew describes the degree to which pods may 7279 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 7280 it is the maximum permitted difference between the number 7281 of matching pods in the target topology and the global minimum. 7282 For example, in a 3-zone cluster, MaxSkew is set to 1, and 7283 pods with the same labelSelector spread as 1/1/0: | zone1 7284 | zone2 | zone3 | | P | P | | - if MaxSkew is 7285 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 7286 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 7287 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 7288 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 7289 it is used to give higher precedence to topologies that satisfy 7290 it. It''s a required field. Default value is 1 and 0 is not 7291 allowed.' 7292 format: int32 7293 type: integer 7294 topologyKey: 7295 description: TopologyKey is the key of node labels. Nodes that 7296 have a label with this key and identical values are considered 7297 to be in the same topology. We consider each <key, value> 7298 as a "bucket", and try to put balanced number of pods into 7299 each bucket. It's a required field. 7300 type: string 7301 whenUnsatisfiable: 7302 description: 'WhenUnsatisfiable indicates how to deal with a 7303 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 7304 (default) tells the scheduler not to schedule it. - ScheduleAnyway 7305 tells the scheduler to schedule the pod in any location, but 7306 giving higher precedence to topologies that would help reduce 7307 the skew. A constraint is considered "Unsatisfiable" for 7308 an incoming pod if and only if every possible node assignment 7309 for that pod would violate "MaxSkew" on some topology. For 7310 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 7311 with the same labelSelector spread as 3/1/1: | zone1 | zone2 7312 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 7313 set to DoNotSchedule, incoming pod can only be scheduled to 7314 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 7315 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 7316 can still be imbalanced, but scheduler won''t make it *more* 7317 imbalanced. It''s a required field.' 7318 type: string 7319 required: 7320 - maxSkew 7321 - topologyKey 7322 - whenUnsatisfiable 7323 type: object 7324 type: array 7325 version: 7326 description: Version the cluster should be on. 7327 type: string 7328 volumeMounts: 7329 description: VolumeMounts allows configuration of additional VolumeMounts 7330 on the output StatefulSet definition. VolumeMounts specified will 7331 be appended to other VolumeMounts in the alertmanager container, 7332 that are generated as a result of StorageSpec objects. 7333 items: 7334 description: VolumeMount describes a mounting of a Volume within 7335 a container. 7336 properties: 7337 mountPath: 7338 description: Path within the container at which the volume should 7339 be mounted. Must not contain ':'. 7340 type: string 7341 mountPropagation: 7342 description: mountPropagation determines how mounts are propagated 7343 from the host to container and the other way around. When 7344 not set, MountPropagationNone is used. This field is beta 7345 in 1.10. 7346 type: string 7347 name: 7348 description: This must match the Name of a Volume. 7349 type: string 7350 readOnly: 7351 description: Mounted read-only if true, read-write otherwise 7352 (false or unspecified). Defaults to false. 7353 type: boolean 7354 subPath: 7355 description: Path within the volume from which the container's 7356 volume should be mounted. Defaults to "" (volume's root). 7357 type: string 7358 subPathExpr: 7359 description: Expanded path within the volume from which the 7360 container's volume should be mounted. Behaves similarly to 7361 SubPath but environment variable references $(VAR_NAME) are 7362 expanded using the container's environment. Defaults to "" 7363 (volume's root). SubPathExpr and SubPath are mutually exclusive. 7364 type: string 7365 required: 7366 - mountPath 7367 - name 7368 type: object 7369 type: array 7370 volumes: 7371 description: Volumes allows configuration of additional volumes on 7372 the output StatefulSet definition. Volumes specified will be appended 7373 to other volumes that are generated as a result of StorageSpec objects. 7374 items: 7375 description: Volume represents a named volume in a pod that may 7376 be accessed by any container in the pod. 7377 properties: 7378 awsElasticBlockStore: 7379 description: 'AWSElasticBlockStore represents an AWS Disk resource 7380 that is attached to a kubelet''s host machine and then exposed 7381 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7382 properties: 7383 fsType: 7384 description: 'Filesystem type of the volume that you want 7385 to mount. Tip: Ensure that the filesystem type is supported 7386 by the host operating system. Examples: "ext4", "xfs", 7387 "ntfs". Implicitly inferred to be "ext4" if unspecified. 7388 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 7389 TODO: how do we prevent errors in the filesystem from 7390 compromising the machine' 7391 type: string 7392 partition: 7393 description: 'The partition in the volume that you want 7394 to mount. If omitted, the default is to mount by volume 7395 name. Examples: For volume /dev/sda1, you specify the 7396 partition as "1". Similarly, the volume partition for 7397 /dev/sda is "0" (or you can leave the property empty).' 7398 format: int32 7399 type: integer 7400 readOnly: 7401 description: 'Specify "true" to force and set the ReadOnly 7402 property in VolumeMounts to "true". If omitted, the default 7403 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7404 type: boolean 7405 volumeID: 7406 description: 'Unique ID of the persistent disk resource 7407 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7408 type: string 7409 required: 7410 - volumeID 7411 type: object 7412 azureDisk: 7413 description: AzureDisk represents an Azure Data Disk mount on 7414 the host and bind mount to the pod. 7415 properties: 7416 cachingMode: 7417 description: 'Host Caching mode: None, Read Only, Read Write.' 7418 type: string 7419 diskName: 7420 description: The Name of the data disk in the blob storage 7421 type: string 7422 diskURI: 7423 description: The URI the data disk in the blob storage 7424 type: string 7425 fsType: 7426 description: Filesystem type to mount. Must be a filesystem 7427 type supported by the host operating system. Ex. "ext4", 7428 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 7429 type: string 7430 kind: 7431 description: 'Expected values Shared: multiple blob disks 7432 per storage account Dedicated: single blob disk per storage 7433 account Managed: azure managed data disk (only in managed 7434 availability set). defaults to shared' 7435 type: string 7436 readOnly: 7437 description: Defaults to false (read/write). ReadOnly here 7438 will force the ReadOnly setting in VolumeMounts. 7439 type: boolean 7440 required: 7441 - diskName 7442 - diskURI 7443 type: object 7444 azureFile: 7445 description: AzureFile represents an Azure File Service mount 7446 on the host and bind mount to the pod. 7447 properties: 7448 readOnly: 7449 description: Defaults to false (read/write). ReadOnly here 7450 will force the ReadOnly setting in VolumeMounts. 7451 type: boolean 7452 secretName: 7453 description: the name of secret that contains Azure Storage 7454 Account Name and Key 7455 type: string 7456 shareName: 7457 description: Share Name 7458 type: string 7459 required: 7460 - secretName 7461 - shareName 7462 type: object 7463 cephfs: 7464 description: CephFS represents a Ceph FS mount on the host that 7465 shares a pod's lifetime 7466 properties: 7467 monitors: 7468 description: 'Required: Monitors is a collection of Ceph 7469 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7470 items: 7471 type: string 7472 type: array 7473 path: 7474 description: 'Optional: Used as the mounted root, rather 7475 than the full Ceph tree, default is /' 7476 type: string 7477 readOnly: 7478 description: 'Optional: Defaults to false (read/write). 7479 ReadOnly here will force the ReadOnly setting in VolumeMounts. 7480 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7481 type: boolean 7482 secretFile: 7483 description: 'Optional: SecretFile is the path to key ring 7484 for User, default is /etc/ceph/user.secret More info: 7485 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7486 type: string 7487 secretRef: 7488 description: 'Optional: SecretRef is reference to the authentication 7489 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7490 properties: 7491 name: 7492 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7493 TODO: Add other useful fields. apiVersion, kind, uid?' 7494 type: string 7495 type: object 7496 user: 7497 description: 'Optional: User is the rados user name, default 7498 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7499 type: string 7500 required: 7501 - monitors 7502 type: object 7503 cinder: 7504 description: 'Cinder represents a cinder volume attached and 7505 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7506 properties: 7507 fsType: 7508 description: 'Filesystem type to mount. Must be a filesystem 7509 type supported by the host operating system. Examples: 7510 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 7511 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7512 type: string 7513 readOnly: 7514 description: 'Optional: Defaults to false (read/write). 7515 ReadOnly here will force the ReadOnly setting in VolumeMounts. 7516 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7517 type: boolean 7518 secretRef: 7519 description: 'Optional: points to a secret object containing 7520 parameters used to connect to OpenStack.' 7521 properties: 7522 name: 7523 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7524 TODO: Add other useful fields. apiVersion, kind, uid?' 7525 type: string 7526 type: object 7527 volumeID: 7528 description: 'volume id used to identify the volume in cinder. 7529 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7530 type: string 7531 required: 7532 - volumeID 7533 type: object 7534 configMap: 7535 description: ConfigMap represents a configMap that should populate 7536 this volume 7537 properties: 7538 defaultMode: 7539 description: 'Optional: mode bits used to set permissions 7540 on created files by default. Must be an octal value between 7541 0000 and 0777 or a decimal value between 0 and 511. YAML 7542 accepts both octal and decimal values, JSON requires decimal 7543 values for mode bits. Defaults to 0644. Directories within 7544 the path are not affected by this setting. This might 7545 be in conflict with other options that affect the file 7546 mode, like fsGroup, and the result can be other mode bits 7547 set.' 7548 format: int32 7549 type: integer 7550 items: 7551 description: If unspecified, each key-value pair in the 7552 Data field of the referenced ConfigMap will be projected 7553 into the volume as a file whose name is the key and content 7554 is the value. If specified, the listed keys will be projected 7555 into the specified paths, and unlisted keys will not be 7556 present. If a key is specified which is not present in 7557 the ConfigMap, the volume setup will error unless it is 7558 marked optional. Paths must be relative and may not contain 7559 the '..' path or start with '..'. 7560 items: 7561 description: Maps a string key to a path within a volume. 7562 properties: 7563 key: 7564 description: The key to project. 7565 type: string 7566 mode: 7567 description: 'Optional: mode bits used to set permissions 7568 on this file. Must be an octal value between 0000 7569 and 0777 or a decimal value between 0 and 511. YAML 7570 accepts both octal and decimal values, JSON requires 7571 decimal values for mode bits. If not specified, 7572 the volume defaultMode will be used. This might 7573 be in conflict with other options that affect the 7574 file mode, like fsGroup, and the result can be other 7575 mode bits set.' 7576 format: int32 7577 type: integer 7578 path: 7579 description: The relative path of the file to map 7580 the key to. May not be an absolute path. May not 7581 contain the path element '..'. May not start with 7582 the string '..'. 7583 type: string 7584 required: 7585 - key 7586 - path 7587 type: object 7588 type: array 7589 name: 7590 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7591 TODO: Add other useful fields. apiVersion, kind, uid?' 7592 type: string 7593 optional: 7594 description: Specify whether the ConfigMap or its keys must 7595 be defined 7596 type: boolean 7597 type: object 7598 csi: 7599 description: CSI (Container Storage Interface) represents ephemeral 7600 storage that is handled by certain external CSI drivers (Beta 7601 feature). 7602 properties: 7603 driver: 7604 description: Driver is the name of the CSI driver that handles 7605 this volume. Consult with your admin for the correct name 7606 as registered in the cluster. 7607 type: string 7608 fsType: 7609 description: Filesystem type to mount. Ex. "ext4", "xfs", 7610 "ntfs". If not provided, the empty value is passed to 7611 the associated CSI driver which will determine the default 7612 filesystem to apply. 7613 type: string 7614 nodePublishSecretRef: 7615 description: NodePublishSecretRef is a reference to the 7616 secret object containing sensitive information to pass 7617 to the CSI driver to complete the CSI NodePublishVolume 7618 and NodeUnpublishVolume calls. This field is optional, 7619 and may be empty if no secret is required. If the secret 7620 object contains more than one secret, all secret references 7621 are passed. 7622 properties: 7623 name: 7624 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7625 TODO: Add other useful fields. apiVersion, kind, uid?' 7626 type: string 7627 type: object 7628 readOnly: 7629 description: Specifies a read-only configuration for the 7630 volume. Defaults to false (read/write). 7631 type: boolean 7632 volumeAttributes: 7633 additionalProperties: 7634 type: string 7635 description: VolumeAttributes stores driver-specific properties 7636 that are passed to the CSI driver. Consult your driver's 7637 documentation for supported values. 7638 type: object 7639 required: 7640 - driver 7641 type: object 7642 downwardAPI: 7643 description: DownwardAPI represents downward API about the pod 7644 that should populate this volume 7645 properties: 7646 defaultMode: 7647 description: 'Optional: mode bits to use on created files 7648 by default. Must be a Optional: mode bits used to set 7649 permissions on created files by default. Must be an octal 7650 value between 0000 and 0777 or a decimal value between 7651 0 and 511. YAML accepts both octal and decimal values, 7652 JSON requires decimal values for mode bits. Defaults to 7653 0644. Directories within the path are not affected by 7654 this setting. This might be in conflict with other options 7655 that affect the file mode, like fsGroup, and the result 7656 can be other mode bits set.' 7657 format: int32 7658 type: integer 7659 items: 7660 description: Items is a list of downward API volume file 7661 items: 7662 description: DownwardAPIVolumeFile represents information 7663 to create the file containing the pod field 7664 properties: 7665 fieldRef: 7666 description: 'Required: Selects a field of the pod: 7667 only annotations, labels, name and namespace are 7668 supported.' 7669 properties: 7670 apiVersion: 7671 description: Version of the schema the FieldPath 7672 is written in terms of, defaults to "v1". 7673 type: string 7674 fieldPath: 7675 description: Path of the field to select in the 7676 specified API version. 7677 type: string 7678 required: 7679 - fieldPath 7680 type: object 7681 mode: 7682 description: 'Optional: mode bits used to set permissions 7683 on this file, must be an octal value between 0000 7684 and 0777 or a decimal value between 0 and 511. YAML 7685 accepts both octal and decimal values, JSON requires 7686 decimal values for mode bits. If not specified, 7687 the volume defaultMode will be used. This might 7688 be in conflict with other options that affect the 7689 file mode, like fsGroup, and the result can be other 7690 mode bits set.' 7691 format: int32 7692 type: integer 7693 path: 7694 description: 'Required: Path is the relative path 7695 name of the file to be created. Must not be absolute 7696 or contain the ''..'' path. Must be utf-8 encoded. 7697 The first item of the relative path must not start 7698 with ''..''' 7699 type: string 7700 resourceFieldRef: 7701 description: 'Selects a resource of the container: 7702 only resources limits and requests (limits.cpu, 7703 limits.memory, requests.cpu and requests.memory) 7704 are currently supported.' 7705 properties: 7706 containerName: 7707 description: 'Container name: required for volumes, 7708 optional for env vars' 7709 type: string 7710 divisor: 7711 anyOf: 7712 - type: integer 7713 - type: string 7714 description: Specifies the output format of the 7715 exposed resources, defaults to "1" 7716 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7717 x-kubernetes-int-or-string: true 7718 resource: 7719 description: 'Required: resource to select' 7720 type: string 7721 required: 7722 - resource 7723 type: object 7724 required: 7725 - path 7726 type: object 7727 type: array 7728 type: object 7729 emptyDir: 7730 description: 'EmptyDir represents a temporary directory that 7731 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7732 properties: 7733 medium: 7734 description: 'What type of storage medium should back this 7735 directory. The default is "" which means to use the node''s 7736 default medium. Must be an empty string (default) or Memory. 7737 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7738 type: string 7739 sizeLimit: 7740 anyOf: 7741 - type: integer 7742 - type: string 7743 description: 'Total amount of local storage required for 7744 this EmptyDir volume. The size limit is also applicable 7745 for memory medium. The maximum usage on memory medium 7746 EmptyDir would be the minimum value between the SizeLimit 7747 specified here and the sum of memory limits of all containers 7748 in a pod. The default is nil which means that the limit 7749 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 7750 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7751 x-kubernetes-int-or-string: true 7752 type: object 7753 ephemeral: 7754 description: "Ephemeral represents a volume that is handled 7755 by a cluster storage driver. The volume's lifecycle is tied 7756 to the pod that defines it - it will be created before the 7757 pod starts, and deleted when the pod is removed. \n Use this 7758 if: a) the volume is only needed while the pod runs, b) features 7759 of normal volumes like restoring from snapshot or capacity 7760 \ tracking are needed, c) the storage driver is specified 7761 through a storage class, and d) the storage driver supports 7762 dynamic volume provisioning through a PersistentVolumeClaim 7763 (see EphemeralVolumeSource for more information on the 7764 connection between this volume type and PersistentVolumeClaim). 7765 \n Use PersistentVolumeClaim or one of the vendor-specific 7766 APIs for volumes that persist for longer than the lifecycle 7767 of an individual pod. \n Use CSI for light-weight local ephemeral 7768 volumes if the CSI driver is meant to be used that way - see 7769 the documentation of the driver for more information. \n A 7770 pod can use both types of ephemeral volumes and persistent 7771 volumes at the same time." 7772 properties: 7773 volumeClaimTemplate: 7774 description: "Will be used to create a stand-alone PVC to 7775 provision the volume. The pod in which this EphemeralVolumeSource 7776 is embedded will be the owner of the PVC, i.e. the PVC 7777 will be deleted together with the pod. The name of the 7778 PVC will be `<pod name>-<volume name>` where `<volume 7779 name>` is the name from the `PodSpec.Volumes` array entry. 7780 Pod validation will reject the pod if the concatenated 7781 name is not valid for a PVC (for example, too long). \n 7782 An existing PVC with that name that is not owned by the 7783 pod will *not* be used for the pod to avoid using an unrelated 7784 volume by mistake. Starting the pod is then blocked until 7785 the unrelated PVC is removed. If such a pre-created PVC 7786 is meant to be used by the pod, the PVC has to updated 7787 with an owner reference to the pod once the pod exists. 7788 Normally this should not be necessary, but it may be useful 7789 when manually reconstructing a broken cluster. \n This 7790 field is read-only and no changes will be made by Kubernetes 7791 to the PVC after it has been created. \n Required, must 7792 not be nil." 7793 properties: 7794 metadata: 7795 description: May contain labels and annotations that 7796 will be copied into the PVC when creating it. No other 7797 fields are allowed and will be rejected during validation. 7798 type: object 7799 spec: 7800 description: The specification for the PersistentVolumeClaim. 7801 The entire content is copied unchanged into the PVC 7802 that gets created from this template. The same fields 7803 as in a PersistentVolumeClaim are also valid here. 7804 properties: 7805 accessModes: 7806 description: 'AccessModes contains the desired access 7807 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 7808 items: 7809 type: string 7810 type: array 7811 dataSource: 7812 description: 'This field can be used to specify 7813 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 7814 * An existing PVC (PersistentVolumeClaim) If the 7815 provisioner or an external controller can support 7816 the specified data source, it will create a new 7817 volume based on the contents of the specified 7818 data source. If the AnyVolumeDataSource feature 7819 gate is enabled, this field will always have the 7820 same contents as the DataSourceRef field.' 7821 properties: 7822 apiGroup: 7823 description: APIGroup is the group for the resource 7824 being referenced. If APIGroup is not specified, 7825 the specified Kind must be in the core API 7826 group. For any other third-party types, APIGroup 7827 is required. 7828 type: string 7829 kind: 7830 description: Kind is the type of resource being 7831 referenced 7832 type: string 7833 name: 7834 description: Name is the name of resource being 7835 referenced 7836 type: string 7837 required: 7838 - kind 7839 - name 7840 type: object 7841 dataSourceRef: 7842 description: 'Specifies the object from which to 7843 populate the volume with data, if a non-empty 7844 volume is desired. This may be any local object 7845 from a non-empty API group (non core object) or 7846 a PersistentVolumeClaim object. When this field 7847 is specified, volume binding will only succeed 7848 if the type of the specified object matches some 7849 installed volume populator or dynamic provisioner. 7850 This field will replace the functionality of the 7851 DataSource field and as such if both fields are 7852 non-empty, they must have the same value. For 7853 backwards compatibility, both fields (DataSource 7854 and DataSourceRef) will be set to the same value 7855 automatically if one of them is empty and the 7856 other is non-empty. There are two important differences 7857 between DataSource and DataSourceRef: * While 7858 DataSource only allows two specific types of objects, 7859 DataSourceRef allows any non-core object, as 7860 well as PersistentVolumeClaim objects. * While 7861 DataSource ignores disallowed values (dropping 7862 them), DataSourceRef preserves all values, and 7863 generates an error if a disallowed value is specified. 7864 (Alpha) Using this field requires the AnyVolumeDataSource 7865 feature gate to be enabled.' 7866 properties: 7867 apiGroup: 7868 description: APIGroup is the group for the resource 7869 being referenced. If APIGroup is not specified, 7870 the specified Kind must be in the core API 7871 group. For any other third-party types, APIGroup 7872 is required. 7873 type: string 7874 kind: 7875 description: Kind is the type of resource being 7876 referenced 7877 type: string 7878 name: 7879 description: Name is the name of resource being 7880 referenced 7881 type: string 7882 required: 7883 - kind 7884 - name 7885 type: object 7886 resources: 7887 description: 'Resources represents the minimum resources 7888 the volume should have. If RecoverVolumeExpansionFailure 7889 feature is enabled users are allowed to specify 7890 resource requirements that are lower than previous 7891 value but must still be higher than capacity recorded 7892 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7893 properties: 7894 limits: 7895 additionalProperties: 7896 anyOf: 7897 - type: integer 7898 - type: string 7899 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7900 x-kubernetes-int-or-string: true 7901 description: 'Limits describes the maximum amount 7902 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7903 type: object 7904 requests: 7905 additionalProperties: 7906 anyOf: 7907 - type: integer 7908 - type: string 7909 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7910 x-kubernetes-int-or-string: true 7911 description: 'Requests describes the minimum 7912 amount of compute resources required. If Requests 7913 is omitted for a container, it defaults to 7914 Limits if that is explicitly specified, otherwise 7915 to an implementation-defined value. More info: 7916 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7917 type: object 7918 type: object 7919 selector: 7920 description: A label query over volumes to consider 7921 for binding. 7922 properties: 7923 matchExpressions: 7924 description: matchExpressions is a list of label 7925 selector requirements. The requirements are 7926 ANDed. 7927 items: 7928 description: A label selector requirement 7929 is a selector that contains values, a key, 7930 and an operator that relates the key and 7931 values. 7932 properties: 7933 key: 7934 description: key is the label key that 7935 the selector applies to. 7936 type: string 7937 operator: 7938 description: operator represents a key's 7939 relationship to a set of values. Valid 7940 operators are In, NotIn, Exists and 7941 DoesNotExist. 7942 type: string 7943 values: 7944 description: values is an array of string 7945 values. If the operator is In or NotIn, 7946 the values array must be non-empty. 7947 If the operator is Exists or DoesNotExist, 7948 the values array must be empty. This 7949 array is replaced during a strategic 7950 merge patch. 7951 items: 7952 type: string 7953 type: array 7954 required: 7955 - key 7956 - operator 7957 type: object 7958 type: array 7959 matchLabels: 7960 additionalProperties: 7961 type: string 7962 description: matchLabels is a map of {key,value} 7963 pairs. A single {key,value} in the matchLabels 7964 map is equivalent to an element of matchExpressions, 7965 whose key field is "key", the operator is 7966 "In", and the values array contains only "value". 7967 The requirements are ANDed. 7968 type: object 7969 type: object 7970 storageClassName: 7971 description: 'Name of the StorageClass required 7972 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7973 type: string 7974 volumeMode: 7975 description: volumeMode defines what type of volume 7976 is required by the claim. Value of Filesystem 7977 is implied when not included in claim spec. 7978 type: string 7979 volumeName: 7980 description: VolumeName is the binding reference 7981 to the PersistentVolume backing this claim. 7982 type: string 7983 type: object 7984 required: 7985 - spec 7986 type: object 7987 type: object 7988 fc: 7989 description: FC represents a Fibre Channel resource that is 7990 attached to a kubelet's host machine and then exposed to the 7991 pod. 7992 properties: 7993 fsType: 7994 description: 'Filesystem type to mount. Must be a filesystem 7995 type supported by the host operating system. Ex. "ext4", 7996 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 7997 TODO: how do we prevent errors in the filesystem from 7998 compromising the machine' 7999 type: string 8000 lun: 8001 description: 'Optional: FC target lun number' 8002 format: int32 8003 type: integer 8004 readOnly: 8005 description: 'Optional: Defaults to false (read/write). 8006 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 8007 type: boolean 8008 targetWWNs: 8009 description: 'Optional: FC target worldwide names (WWNs)' 8010 items: 8011 type: string 8012 type: array 8013 wwids: 8014 description: 'Optional: FC volume world wide identifiers 8015 (wwids) Either wwids or combination of targetWWNs and 8016 lun must be set, but not both simultaneously.' 8017 items: 8018 type: string 8019 type: array 8020 type: object 8021 flexVolume: 8022 description: FlexVolume represents a generic volume resource 8023 that is provisioned/attached using an exec based plugin. 8024 properties: 8025 driver: 8026 description: Driver is the name of the driver to use for 8027 this volume. 8028 type: string 8029 fsType: 8030 description: Filesystem type to mount. Must be a filesystem 8031 type supported by the host operating system. Ex. "ext4", 8032 "xfs", "ntfs". The default filesystem depends on FlexVolume 8033 script. 8034 type: string 8035 options: 8036 additionalProperties: 8037 type: string 8038 description: 'Optional: Extra command options if any.' 8039 type: object 8040 readOnly: 8041 description: 'Optional: Defaults to false (read/write). 8042 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 8043 type: boolean 8044 secretRef: 8045 description: 'Optional: SecretRef is reference to the secret 8046 object containing sensitive information to pass to the 8047 plugin scripts. This may be empty if no secret object 8048 is specified. If the secret object contains more than 8049 one secret, all secrets are passed to the plugin scripts.' 8050 properties: 8051 name: 8052 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8053 TODO: Add other useful fields. apiVersion, kind, uid?' 8054 type: string 8055 type: object 8056 required: 8057 - driver 8058 type: object 8059 flocker: 8060 description: Flocker represents a Flocker volume attached to 8061 a kubelet's host machine. This depends on the Flocker control 8062 service being running 8063 properties: 8064 datasetName: 8065 description: Name of the dataset stored as metadata -> name 8066 on the dataset for Flocker should be considered as deprecated 8067 type: string 8068 datasetUUID: 8069 description: UUID of the dataset. This is unique identifier 8070 of a Flocker dataset 8071 type: string 8072 type: object 8073 gcePersistentDisk: 8074 description: 'GCEPersistentDisk represents a GCE Disk resource 8075 that is attached to a kubelet''s host machine and then exposed 8076 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8077 properties: 8078 fsType: 8079 description: 'Filesystem type of the volume that you want 8080 to mount. Tip: Ensure that the filesystem type is supported 8081 by the host operating system. Examples: "ext4", "xfs", 8082 "ntfs". Implicitly inferred to be "ext4" if unspecified. 8083 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 8084 TODO: how do we prevent errors in the filesystem from 8085 compromising the machine' 8086 type: string 8087 partition: 8088 description: 'The partition in the volume that you want 8089 to mount. If omitted, the default is to mount by volume 8090 name. Examples: For volume /dev/sda1, you specify the 8091 partition as "1". Similarly, the volume partition for 8092 /dev/sda is "0" (or you can leave the property empty). 8093 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8094 format: int32 8095 type: integer 8096 pdName: 8097 description: 'Unique name of the PD resource in GCE. Used 8098 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8099 type: string 8100 readOnly: 8101 description: 'ReadOnly here will force the ReadOnly setting 8102 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8103 type: boolean 8104 required: 8105 - pdName 8106 type: object 8107 gitRepo: 8108 description: 'GitRepo represents a git repository at a particular 8109 revision. DEPRECATED: GitRepo is deprecated. To provision 8110 a container with a git repo, mount an EmptyDir into an InitContainer 8111 that clones the repo using git, then mount the EmptyDir into 8112 the Pod''s container.' 8113 properties: 8114 directory: 8115 description: Target directory name. Must not contain or 8116 start with '..'. If '.' is supplied, the volume directory 8117 will be the git repository. Otherwise, if specified, 8118 the volume will contain the git repository in the subdirectory 8119 with the given name. 8120 type: string 8121 repository: 8122 description: Repository URL 8123 type: string 8124 revision: 8125 description: Commit hash for the specified revision. 8126 type: string 8127 required: 8128 - repository 8129 type: object 8130 glusterfs: 8131 description: 'Glusterfs represents a Glusterfs mount on the 8132 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 8133 properties: 8134 endpoints: 8135 description: 'EndpointsName is the endpoint name that details 8136 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8137 type: string 8138 path: 8139 description: 'Path is the Glusterfs volume path. More info: 8140 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8141 type: string 8142 readOnly: 8143 description: 'ReadOnly here will force the Glusterfs volume 8144 to be mounted with read-only permissions. Defaults to 8145 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8146 type: boolean 8147 required: 8148 - endpoints 8149 - path 8150 type: object 8151 hostPath: 8152 description: 'HostPath represents a pre-existing file or directory 8153 on the host machine that is directly exposed to the container. 8154 This is generally used for system agents or other privileged 8155 things that are allowed to see the host machine. Most containers 8156 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 8157 --- TODO(jonesdl) We need to restrict who can use host directory 8158 mounts and who can/can not mount host directories as read/write.' 8159 properties: 8160 path: 8161 description: 'Path of the directory on the host. If the 8162 path is a symlink, it will follow the link to the real 8163 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 8164 type: string 8165 type: 8166 description: 'Type for HostPath Volume Defaults to "" More 8167 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 8168 type: string 8169 required: 8170 - path 8171 type: object 8172 iscsi: 8173 description: 'ISCSI represents an ISCSI Disk resource that is 8174 attached to a kubelet''s host machine and then exposed to 8175 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 8176 properties: 8177 chapAuthDiscovery: 8178 description: whether support iSCSI Discovery CHAP authentication 8179 type: boolean 8180 chapAuthSession: 8181 description: whether support iSCSI Session CHAP authentication 8182 type: boolean 8183 fsType: 8184 description: 'Filesystem type of the volume that you want 8185 to mount. Tip: Ensure that the filesystem type is supported 8186 by the host operating system. Examples: "ext4", "xfs", 8187 "ntfs". Implicitly inferred to be "ext4" if unspecified. 8188 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 8189 TODO: how do we prevent errors in the filesystem from 8190 compromising the machine' 8191 type: string 8192 initiatorName: 8193 description: Custom iSCSI Initiator Name. If initiatorName 8194 is specified with iscsiInterface simultaneously, new iSCSI 8195 interface <target portal>:<volume name> will be created 8196 for the connection. 8197 type: string 8198 iqn: 8199 description: Target iSCSI Qualified Name. 8200 type: string 8201 iscsiInterface: 8202 description: iSCSI Interface Name that uses an iSCSI transport. 8203 Defaults to 'default' (tcp). 8204 type: string 8205 lun: 8206 description: iSCSI Target Lun number. 8207 format: int32 8208 type: integer 8209 portals: 8210 description: iSCSI Target Portal List. The portal is either 8211 an IP or ip_addr:port if the port is other than default 8212 (typically TCP ports 860 and 3260). 8213 items: 8214 type: string 8215 type: array 8216 readOnly: 8217 description: ReadOnly here will force the ReadOnly setting 8218 in VolumeMounts. Defaults to false. 8219 type: boolean 8220 secretRef: 8221 description: CHAP Secret for iSCSI target and initiator 8222 authentication 8223 properties: 8224 name: 8225 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8226 TODO: Add other useful fields. apiVersion, kind, uid?' 8227 type: string 8228 type: object 8229 targetPortal: 8230 description: iSCSI Target Portal. The Portal is either an 8231 IP or ip_addr:port if the port is other than default (typically 8232 TCP ports 860 and 3260). 8233 type: string 8234 required: 8235 - iqn 8236 - lun 8237 - targetPortal 8238 type: object 8239 name: 8240 description: 'Volume''s name. Must be a DNS_LABEL and unique 8241 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 8242 type: string 8243 nfs: 8244 description: 'NFS represents an NFS mount on the host that shares 8245 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8246 properties: 8247 path: 8248 description: 'Path that is exported by the NFS server. More 8249 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8250 type: string 8251 readOnly: 8252 description: 'ReadOnly here will force the NFS export to 8253 be mounted with read-only permissions. Defaults to false. 8254 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8255 type: boolean 8256 server: 8257 description: 'Server is the hostname or IP address of the 8258 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8259 type: string 8260 required: 8261 - path 8262 - server 8263 type: object 8264 persistentVolumeClaim: 8265 description: 'PersistentVolumeClaimVolumeSource represents a 8266 reference to a PersistentVolumeClaim in the same namespace. 8267 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 8268 properties: 8269 claimName: 8270 description: 'ClaimName is the name of a PersistentVolumeClaim 8271 in the same namespace as the pod using this volume. More 8272 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 8273 type: string 8274 readOnly: 8275 description: Will force the ReadOnly setting in VolumeMounts. 8276 Default false. 8277 type: boolean 8278 required: 8279 - claimName 8280 type: object 8281 photonPersistentDisk: 8282 description: PhotonPersistentDisk represents a PhotonController 8283 persistent disk attached and mounted on kubelets host machine 8284 properties: 8285 fsType: 8286 description: Filesystem type to mount. Must be a filesystem 8287 type supported by the host operating system. Ex. "ext4", 8288 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8289 type: string 8290 pdID: 8291 description: ID that identifies Photon Controller persistent 8292 disk 8293 type: string 8294 required: 8295 - pdID 8296 type: object 8297 portworxVolume: 8298 description: PortworxVolume represents a portworx volume attached 8299 and mounted on kubelets host machine 8300 properties: 8301 fsType: 8302 description: FSType represents the filesystem type to mount 8303 Must be a filesystem type supported by the host operating 8304 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 8305 if unspecified. 8306 type: string 8307 readOnly: 8308 description: Defaults to false (read/write). ReadOnly here 8309 will force the ReadOnly setting in VolumeMounts. 8310 type: boolean 8311 volumeID: 8312 description: VolumeID uniquely identifies a Portworx volume 8313 type: string 8314 required: 8315 - volumeID 8316 type: object 8317 projected: 8318 description: Items for all in one resources secrets, configmaps, 8319 and downward API 8320 properties: 8321 defaultMode: 8322 description: Mode bits used to set permissions on created 8323 files by default. Must be an octal value between 0000 8324 and 0777 or a decimal value between 0 and 511. YAML accepts 8325 both octal and decimal values, JSON requires decimal values 8326 for mode bits. Directories within the path are not affected 8327 by this setting. This might be in conflict with other 8328 options that affect the file mode, like fsGroup, and the 8329 result can be other mode bits set. 8330 format: int32 8331 type: integer 8332 sources: 8333 description: list of volume projections 8334 items: 8335 description: Projection that may be projected along with 8336 other supported volume types 8337 properties: 8338 configMap: 8339 description: information about the configMap data 8340 to project 8341 properties: 8342 items: 8343 description: If unspecified, each key-value pair 8344 in the Data field of the referenced ConfigMap 8345 will be projected into the volume as a file 8346 whose name is the key and content is the value. 8347 If specified, the listed keys will be projected 8348 into the specified paths, and unlisted keys 8349 will not be present. If a key is specified which 8350 is not present in the ConfigMap, the volume 8351 setup will error unless it is marked optional. 8352 Paths must be relative and may not contain the 8353 '..' path or start with '..'. 8354 items: 8355 description: Maps a string key to a path within 8356 a volume. 8357 properties: 8358 key: 8359 description: The key to project. 8360 type: string 8361 mode: 8362 description: 'Optional: mode bits used to 8363 set permissions on this file. Must be 8364 an octal value between 0000 and 0777 or 8365 a decimal value between 0 and 511. YAML 8366 accepts both octal and decimal values, 8367 JSON requires decimal values for mode 8368 bits. If not specified, the volume defaultMode 8369 will be used. This might be in conflict 8370 with other options that affect the file 8371 mode, like fsGroup, and the result can 8372 be other mode bits set.' 8373 format: int32 8374 type: integer 8375 path: 8376 description: The relative path of the file 8377 to map the key to. May not be an absolute 8378 path. May not contain the path element 8379 '..'. May not start with the string '..'. 8380 type: string 8381 required: 8382 - key 8383 - path 8384 type: object 8385 type: array 8386 name: 8387 description: 'Name of the referent. More info: 8388 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8389 TODO: Add other useful fields. apiVersion, kind, 8390 uid?' 8391 type: string 8392 optional: 8393 description: Specify whether the ConfigMap or 8394 its keys must be defined 8395 type: boolean 8396 type: object 8397 downwardAPI: 8398 description: information about the downwardAPI data 8399 to project 8400 properties: 8401 items: 8402 description: Items is a list of DownwardAPIVolume 8403 file 8404 items: 8405 description: DownwardAPIVolumeFile represents 8406 information to create the file containing 8407 the pod field 8408 properties: 8409 fieldRef: 8410 description: 'Required: Selects a field 8411 of the pod: only annotations, labels, 8412 name and namespace are supported.' 8413 properties: 8414 apiVersion: 8415 description: Version of the schema the 8416 FieldPath is written in terms of, 8417 defaults to "v1". 8418 type: string 8419 fieldPath: 8420 description: Path of the field to select 8421 in the specified API version. 8422 type: string 8423 required: 8424 - fieldPath 8425 type: object 8426 mode: 8427 description: 'Optional: mode bits used to 8428 set permissions on this file, must be 8429 an octal value between 0000 and 0777 or 8430 a decimal value between 0 and 511. YAML 8431 accepts both octal and decimal values, 8432 JSON requires decimal values for mode 8433 bits. If not specified, the volume defaultMode 8434 will be used. This might be in conflict 8435 with other options that affect the file 8436 mode, like fsGroup, and the result can 8437 be other mode bits set.' 8438 format: int32 8439 type: integer 8440 path: 8441 description: 'Required: Path is the relative 8442 path name of the file to be created. Must 8443 not be absolute or contain the ''..'' 8444 path. Must be utf-8 encoded. The first 8445 item of the relative path must not start 8446 with ''..''' 8447 type: string 8448 resourceFieldRef: 8449 description: 'Selects a resource of the 8450 container: only resources limits and requests 8451 (limits.cpu, limits.memory, requests.cpu 8452 and requests.memory) are currently supported.' 8453 properties: 8454 containerName: 8455 description: 'Container name: required 8456 for volumes, optional for env vars' 8457 type: string 8458 divisor: 8459 anyOf: 8460 - type: integer 8461 - type: string 8462 description: Specifies the output format 8463 of the exposed resources, defaults 8464 to "1" 8465 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8466 x-kubernetes-int-or-string: true 8467 resource: 8468 description: 'Required: resource to 8469 select' 8470 type: string 8471 required: 8472 - resource 8473 type: object 8474 required: 8475 - path 8476 type: object 8477 type: array 8478 type: object 8479 secret: 8480 description: information about the secret data to 8481 project 8482 properties: 8483 items: 8484 description: If unspecified, each key-value pair 8485 in the Data field of the referenced Secret will 8486 be projected into the volume as a file whose 8487 name is the key and content is the value. If 8488 specified, the listed keys will be projected 8489 into the specified paths, and unlisted keys 8490 will not be present. If a key is specified which 8491 is not present in the Secret, the volume setup 8492 will error unless it is marked optional. Paths 8493 must be relative and may not contain the '..' 8494 path or start with '..'. 8495 items: 8496 description: Maps a string key to a path within 8497 a volume. 8498 properties: 8499 key: 8500 description: The key to project. 8501 type: string 8502 mode: 8503 description: 'Optional: mode bits used to 8504 set permissions on this file. Must be 8505 an octal value between 0000 and 0777 or 8506 a decimal value between 0 and 511. YAML 8507 accepts both octal and decimal values, 8508 JSON requires decimal values for mode 8509 bits. If not specified, the volume defaultMode 8510 will be used. This might be in conflict 8511 with other options that affect the file 8512 mode, like fsGroup, and the result can 8513 be other mode bits set.' 8514 format: int32 8515 type: integer 8516 path: 8517 description: The relative path of the file 8518 to map the key to. May not be an absolute 8519 path. May not contain the path element 8520 '..'. May not start with the string '..'. 8521 type: string 8522 required: 8523 - key 8524 - path 8525 type: object 8526 type: array 8527 name: 8528 description: 'Name of the referent. More info: 8529 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8530 TODO: Add other useful fields. apiVersion, kind, 8531 uid?' 8532 type: string 8533 optional: 8534 description: Specify whether the Secret or its 8535 key must be defined 8536 type: boolean 8537 type: object 8538 serviceAccountToken: 8539 description: information about the serviceAccountToken 8540 data to project 8541 properties: 8542 audience: 8543 description: Audience is the intended audience 8544 of the token. A recipient of a token must identify 8545 itself with an identifier specified in the audience 8546 of the token, and otherwise should reject the 8547 token. The audience defaults to the identifier 8548 of the apiserver. 8549 type: string 8550 expirationSeconds: 8551 description: ExpirationSeconds is the requested 8552 duration of validity of the service account 8553 token. As the token approaches expiration, the 8554 kubelet volume plugin will proactively rotate 8555 the service account token. The kubelet will 8556 start trying to rotate the token if the token 8557 is older than 80 percent of its time to live 8558 or if the token is older than 24 hours.Defaults 8559 to 1 hour and must be at least 10 minutes. 8560 format: int64 8561 type: integer 8562 path: 8563 description: Path is the path relative to the 8564 mount point of the file to project the token 8565 into. 8566 type: string 8567 required: 8568 - path 8569 type: object 8570 type: object 8571 type: array 8572 type: object 8573 quobyte: 8574 description: Quobyte represents a Quobyte mount on the host 8575 that shares a pod's lifetime 8576 properties: 8577 group: 8578 description: Group to map volume access to Default is no 8579 group 8580 type: string 8581 readOnly: 8582 description: ReadOnly here will force the Quobyte volume 8583 to be mounted with read-only permissions. Defaults to 8584 false. 8585 type: boolean 8586 registry: 8587 description: Registry represents a single or multiple Quobyte 8588 Registry services specified as a string as host:port pair 8589 (multiple entries are separated with commas) which acts 8590 as the central registry for volumes 8591 type: string 8592 tenant: 8593 description: Tenant owning the given Quobyte volume in the 8594 Backend Used with dynamically provisioned Quobyte volumes, 8595 value is set by the plugin 8596 type: string 8597 user: 8598 description: User to map volume access to Defaults to serivceaccount 8599 user 8600 type: string 8601 volume: 8602 description: Volume is a string that references an already 8603 created Quobyte volume by name. 8604 type: string 8605 required: 8606 - registry 8607 - volume 8608 type: object 8609 rbd: 8610 description: 'RBD represents a Rados Block Device mount on the 8611 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 8612 properties: 8613 fsType: 8614 description: 'Filesystem type of the volume that you want 8615 to mount. Tip: Ensure that the filesystem type is supported 8616 by the host operating system. Examples: "ext4", "xfs", 8617 "ntfs". Implicitly inferred to be "ext4" if unspecified. 8618 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 8619 TODO: how do we prevent errors in the filesystem from 8620 compromising the machine' 8621 type: string 8622 image: 8623 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8624 type: string 8625 keyring: 8626 description: 'Keyring is the path to key ring for RBDUser. 8627 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8628 type: string 8629 monitors: 8630 description: 'A collection of Ceph monitors. More info: 8631 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8632 items: 8633 type: string 8634 type: array 8635 pool: 8636 description: 'The rados pool name. Default is rbd. More 8637 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8638 type: string 8639 readOnly: 8640 description: 'ReadOnly here will force the ReadOnly setting 8641 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8642 type: boolean 8643 secretRef: 8644 description: 'SecretRef is name of the authentication secret 8645 for RBDUser. If provided overrides keyring. Default is 8646 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8647 properties: 8648 name: 8649 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8650 TODO: Add other useful fields. apiVersion, kind, uid?' 8651 type: string 8652 type: object 8653 user: 8654 description: 'The rados user name. Default is admin. More 8655 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8656 type: string 8657 required: 8658 - image 8659 - monitors 8660 type: object 8661 scaleIO: 8662 description: ScaleIO represents a ScaleIO persistent volume 8663 attached and mounted on Kubernetes nodes. 8664 properties: 8665 fsType: 8666 description: Filesystem type to mount. Must be a filesystem 8667 type supported by the host operating system. Ex. "ext4", 8668 "xfs", "ntfs". Default is "xfs". 8669 type: string 8670 gateway: 8671 description: The host address of the ScaleIO API Gateway. 8672 type: string 8673 protectionDomain: 8674 description: The name of the ScaleIO Protection Domain for 8675 the configured storage. 8676 type: string 8677 readOnly: 8678 description: Defaults to false (read/write). ReadOnly here 8679 will force the ReadOnly setting in VolumeMounts. 8680 type: boolean 8681 secretRef: 8682 description: SecretRef references to the secret for ScaleIO 8683 user and other sensitive information. If this is not provided, 8684 Login operation will fail. 8685 properties: 8686 name: 8687 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8688 TODO: Add other useful fields. apiVersion, kind, uid?' 8689 type: string 8690 type: object 8691 sslEnabled: 8692 description: Flag to enable/disable SSL communication with 8693 Gateway, default false 8694 type: boolean 8695 storageMode: 8696 description: Indicates whether the storage for a volume 8697 should be ThickProvisioned or ThinProvisioned. Default 8698 is ThinProvisioned. 8699 type: string 8700 storagePool: 8701 description: The ScaleIO Storage Pool associated with the 8702 protection domain. 8703 type: string 8704 system: 8705 description: The name of the storage system as configured 8706 in ScaleIO. 8707 type: string 8708 volumeName: 8709 description: The name of a volume already created in the 8710 ScaleIO system that is associated with this volume source. 8711 type: string 8712 required: 8713 - gateway 8714 - secretRef 8715 - system 8716 type: object 8717 secret: 8718 description: 'Secret represents a secret that should populate 8719 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8720 properties: 8721 defaultMode: 8722 description: 'Optional: mode bits used to set permissions 8723 on created files by default. Must be an octal value between 8724 0000 and 0777 or a decimal value between 0 and 511. YAML 8725 accepts both octal and decimal values, JSON requires decimal 8726 values for mode bits. Defaults to 0644. Directories within 8727 the path are not affected by this setting. This might 8728 be in conflict with other options that affect the file 8729 mode, like fsGroup, and the result can be other mode bits 8730 set.' 8731 format: int32 8732 type: integer 8733 items: 8734 description: If unspecified, each key-value pair in the 8735 Data field of the referenced Secret will be projected 8736 into the volume as a file whose name is the key and content 8737 is the value. If specified, the listed keys will be projected 8738 into the specified paths, and unlisted keys will not be 8739 present. If a key is specified which is not present in 8740 the Secret, the volume setup will error unless it is marked 8741 optional. Paths must be relative and may not contain the 8742 '..' path or start with '..'. 8743 items: 8744 description: Maps a string key to a path within a volume. 8745 properties: 8746 key: 8747 description: The key to project. 8748 type: string 8749 mode: 8750 description: 'Optional: mode bits used to set permissions 8751 on this file. Must be an octal value between 0000 8752 and 0777 or a decimal value between 0 and 511. YAML 8753 accepts both octal and decimal values, JSON requires 8754 decimal values for mode bits. If not specified, 8755 the volume defaultMode will be used. This might 8756 be in conflict with other options that affect the 8757 file mode, like fsGroup, and the result can be other 8758 mode bits set.' 8759 format: int32 8760 type: integer 8761 path: 8762 description: The relative path of the file to map 8763 the key to. May not be an absolute path. May not 8764 contain the path element '..'. May not start with 8765 the string '..'. 8766 type: string 8767 required: 8768 - key 8769 - path 8770 type: object 8771 type: array 8772 optional: 8773 description: Specify whether the Secret or its keys must 8774 be defined 8775 type: boolean 8776 secretName: 8777 description: 'Name of the secret in the pod''s namespace 8778 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8779 type: string 8780 type: object 8781 storageos: 8782 description: StorageOS represents a StorageOS volume attached 8783 and mounted on Kubernetes nodes. 8784 properties: 8785 fsType: 8786 description: Filesystem type to mount. Must be a filesystem 8787 type supported by the host operating system. Ex. "ext4", 8788 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8789 type: string 8790 readOnly: 8791 description: Defaults to false (read/write). ReadOnly here 8792 will force the ReadOnly setting in VolumeMounts. 8793 type: boolean 8794 secretRef: 8795 description: SecretRef specifies the secret to use for obtaining 8796 the StorageOS API credentials. If not specified, default 8797 values will be attempted. 8798 properties: 8799 name: 8800 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8801 TODO: Add other useful fields. apiVersion, kind, uid?' 8802 type: string 8803 type: object 8804 volumeName: 8805 description: VolumeName is the human-readable name of the 8806 StorageOS volume. Volume names are only unique within 8807 a namespace. 8808 type: string 8809 volumeNamespace: 8810 description: VolumeNamespace specifies the scope of the 8811 volume within StorageOS. If no namespace is specified 8812 then the Pod's namespace will be used. This allows the 8813 Kubernetes name scoping to be mirrored within StorageOS 8814 for tighter integration. Set VolumeName to any name to 8815 override the default behaviour. Set to "default" if you 8816 are not using namespaces within StorageOS. Namespaces 8817 that do not pre-exist within StorageOS will be created. 8818 type: string 8819 type: object 8820 vsphereVolume: 8821 description: VsphereVolume represents a vSphere volume attached 8822 and mounted on kubelets host machine 8823 properties: 8824 fsType: 8825 description: Filesystem type to mount. Must be a filesystem 8826 type supported by the host operating system. Ex. "ext4", 8827 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8828 type: string 8829 storagePolicyID: 8830 description: Storage Policy Based Management (SPBM) profile 8831 ID associated with the StoragePolicyName. 8832 type: string 8833 storagePolicyName: 8834 description: Storage Policy Based Management (SPBM) profile 8835 name. 8836 type: string 8837 volumePath: 8838 description: Path that identifies vSphere volume vmdk 8839 type: string 8840 required: 8841 - volumePath 8842 type: object 8843 required: 8844 - name 8845 type: object 8846 type: array 8847 type: object 8848 status: 8849 description: 'Most recent observed status of the Alertmanager cluster. 8850 Read-only. Not included when requesting from the apiserver, only from 8851 the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 8852 properties: 8853 availableReplicas: 8854 description: Total number of available pods (ready for at least minReadySeconds) 8855 targeted by this Alertmanager cluster. 8856 format: int32 8857 type: integer 8858 paused: 8859 description: Represents whether any actions on the underlying managed 8860 objects are being performed. Only delete actions will be performed. 8861 type: boolean 8862 replicas: 8863 description: Total number of non-terminated pods targeted by this 8864 Alertmanager cluster (their labels match the selector). 8865 format: int32 8866 type: integer 8867 unavailableReplicas: 8868 description: Total number of unavailable pods targeted by this Alertmanager 8869 cluster. 8870 format: int32 8871 type: integer 8872 updatedReplicas: 8873 description: Total number of non-terminated pods targeted by this 8874 Alertmanager cluster that have the desired version spec. 8875 format: int32 8876 type: integer 8877 required: 8878 - availableReplicas 8879 - paused 8880 - replicas 8881 - unavailableReplicas 8882 - updatedReplicas 8883 type: object 8884 required: 8885 - spec 8886 type: object 8887 served: true 8888 storage: true 8889 subresources: {} 8890 status: 8891 acceptedNames: 8892 kind: "" 8893 plural: "" 8894 conditions: [] 8895 storedVersions: [] 8896 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml 8897 8898 --- 8899 apiVersion: apiextensions.k8s.io/v1 8900 kind: CustomResourceDefinition 8901 metadata: 8902 annotations: 8903 controller-gen.kubebuilder.io/version: v0.6.2 8904 creationTimestamp: null 8905 name: podmonitors.monitoring.coreos.com 8906 spec: 8907 group: monitoring.coreos.com 8908 names: 8909 categories: 8910 - prometheus-operator 8911 kind: PodMonitor 8912 listKind: PodMonitorList 8913 plural: podmonitors 8914 singular: podmonitor 8915 scope: Namespaced 8916 versions: 8917 - name: v1 8918 schema: 8919 openAPIV3Schema: 8920 description: PodMonitor defines monitoring for a set of pods. 8921 properties: 8922 apiVersion: 8923 description: 'APIVersion defines the versioned schema of this representation 8924 of an object. Servers should convert recognized schemas to the latest 8925 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 8926 type: string 8927 kind: 8928 description: 'Kind is a string value representing the REST resource this 8929 object represents. Servers may infer this from the endpoint the client 8930 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 8931 type: string 8932 metadata: 8933 type: object 8934 spec: 8935 description: Specification of desired Pod selection for target discovery 8936 by Prometheus. 8937 properties: 8938 jobLabel: 8939 description: The label to use to retrieve the job name from. 8940 type: string 8941 labelLimit: 8942 description: Per-scrape limit on number of labels that will be accepted 8943 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 8944 format: int64 8945 type: integer 8946 labelNameLengthLimit: 8947 description: Per-scrape limit on length of labels name that will be 8948 accepted for a sample. Only valid in Prometheus versions 2.27.0 8949 and newer. 8950 format: int64 8951 type: integer 8952 labelValueLengthLimit: 8953 description: Per-scrape limit on length of labels value that will 8954 be accepted for a sample. Only valid in Prometheus versions 2.27.0 8955 and newer. 8956 format: int64 8957 type: integer 8958 namespaceSelector: 8959 description: Selector to select which namespaces the Endpoints objects 8960 are discovered from. 8961 properties: 8962 any: 8963 description: Boolean describing whether all namespaces are selected 8964 in contrast to a list restricting them. 8965 type: boolean 8966 matchNames: 8967 description: List of namespace names. 8968 items: 8969 type: string 8970 type: array 8971 type: object 8972 podMetricsEndpoints: 8973 description: A list of endpoints allowed as part of this PodMonitor. 8974 items: 8975 description: PodMetricsEndpoint defines a scrapeable endpoint of 8976 a Kubernetes Pod serving Prometheus metrics. 8977 properties: 8978 authorization: 8979 description: Authorization section for this endpoint 8980 properties: 8981 credentials: 8982 description: The secret's key that contains the credentials 8983 of the request 8984 properties: 8985 key: 8986 description: The key of the secret to select from. Must 8987 be a valid secret key. 8988 type: string 8989 name: 8990 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8991 TODO: Add other useful fields. apiVersion, kind, uid?' 8992 type: string 8993 optional: 8994 description: Specify whether the Secret or its key must 8995 be defined 8996 type: boolean 8997 required: 8998 - key 8999 type: object 9000 type: 9001 description: Set the authentication type. Defaults to Bearer, 9002 Basic will cause an error 9003 type: string 9004 type: object 9005 basicAuth: 9006 description: 'BasicAuth allow an endpoint to authenticate over 9007 basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' 9008 properties: 9009 password: 9010 description: The secret in the service monitor namespace 9011 that contains the password for authentication. 9012 properties: 9013 key: 9014 description: The key of the secret to select from. Must 9015 be a valid secret key. 9016 type: string 9017 name: 9018 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9019 TODO: Add other useful fields. apiVersion, kind, uid?' 9020 type: string 9021 optional: 9022 description: Specify whether the Secret or its key must 9023 be defined 9024 type: boolean 9025 required: 9026 - key 9027 type: object 9028 username: 9029 description: The secret in the service monitor namespace 9030 that contains the username for authentication. 9031 properties: 9032 key: 9033 description: The key of the secret to select from. Must 9034 be a valid secret key. 9035 type: string 9036 name: 9037 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9038 TODO: Add other useful fields. apiVersion, kind, uid?' 9039 type: string 9040 optional: 9041 description: Specify whether the Secret or its key must 9042 be defined 9043 type: boolean 9044 required: 9045 - key 9046 type: object 9047 type: object 9048 bearerTokenSecret: 9049 description: Secret to mount to read bearer token for scraping 9050 targets. The secret needs to be in the same namespace as the 9051 pod monitor and accessible by the Prometheus Operator. 9052 properties: 9053 key: 9054 description: The key of the secret to select from. Must 9055 be a valid secret key. 9056 type: string 9057 name: 9058 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9059 TODO: Add other useful fields. apiVersion, kind, uid?' 9060 type: string 9061 optional: 9062 description: Specify whether the Secret or its key must 9063 be defined 9064 type: boolean 9065 required: 9066 - key 9067 type: object 9068 honorLabels: 9069 description: HonorLabels chooses the metric's labels on collisions 9070 with target labels. 9071 type: boolean 9072 honorTimestamps: 9073 description: HonorTimestamps controls whether Prometheus respects 9074 the timestamps present in scraped data. 9075 type: boolean 9076 interval: 9077 description: Interval at which metrics should be scraped 9078 type: string 9079 metricRelabelings: 9080 description: MetricRelabelConfigs to apply to samples before 9081 ingestion. 9082 items: 9083 description: 'RelabelConfig allows dynamic rewriting of the 9084 label set, being applied to samples before ingestion. It 9085 defines `<metric_relabel_configs>`-section of Prometheus 9086 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9087 properties: 9088 action: 9089 description: Action to perform based on regex matching. 9090 Default is 'replace' 9091 type: string 9092 modulus: 9093 description: Modulus to take of the hash of the source 9094 label values. 9095 format: int64 9096 type: integer 9097 regex: 9098 description: Regular expression against which the extracted 9099 value is matched. Default is '(.*)' 9100 type: string 9101 replacement: 9102 description: Replacement value against which a regex replace 9103 is performed if the regular expression matches. Regex 9104 capture groups are available. Default is '$1' 9105 type: string 9106 separator: 9107 description: Separator placed between concatenated source 9108 label values. default is ';'. 9109 type: string 9110 sourceLabels: 9111 description: The source labels select values from existing 9112 labels. Their content is concatenated using the configured 9113 separator and matched against the configured regular 9114 expression for the replace, keep, and drop actions. 9115 items: 9116 type: string 9117 type: array 9118 targetLabel: 9119 description: Label to which the resulting value is written 9120 in a replace action. It is mandatory for replace actions. 9121 Regex capture groups are available. 9122 type: string 9123 type: object 9124 type: array 9125 oauth2: 9126 description: OAuth2 for the URL. Only valid in Prometheus versions 9127 2.27.0 and newer. 9128 properties: 9129 clientId: 9130 description: The secret or configmap containing the OAuth2 9131 client id 9132 properties: 9133 configMap: 9134 description: ConfigMap containing data to use for the 9135 targets. 9136 properties: 9137 key: 9138 description: The key to select. 9139 type: string 9140 name: 9141 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9142 TODO: Add other useful fields. apiVersion, kind, 9143 uid?' 9144 type: string 9145 optional: 9146 description: Specify whether the ConfigMap or its 9147 key must be defined 9148 type: boolean 9149 required: 9150 - key 9151 type: object 9152 secret: 9153 description: Secret containing data to use for the targets. 9154 properties: 9155 key: 9156 description: The key of the secret to select from. Must 9157 be a valid secret key. 9158 type: string 9159 name: 9160 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9161 TODO: Add other useful fields. apiVersion, kind, 9162 uid?' 9163 type: string 9164 optional: 9165 description: Specify whether the Secret or its key 9166 must be defined 9167 type: boolean 9168 required: 9169 - key 9170 type: object 9171 type: object 9172 clientSecret: 9173 description: The secret containing the OAuth2 client secret 9174 properties: 9175 key: 9176 description: The key of the secret to select from. Must 9177 be a valid secret key. 9178 type: string 9179 name: 9180 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9181 TODO: Add other useful fields. apiVersion, kind, uid?' 9182 type: string 9183 optional: 9184 description: Specify whether the Secret or its key must 9185 be defined 9186 type: boolean 9187 required: 9188 - key 9189 type: object 9190 endpointParams: 9191 additionalProperties: 9192 type: string 9193 description: Parameters to append to the token URL 9194 type: object 9195 scopes: 9196 description: OAuth2 scopes used for the token request 9197 items: 9198 type: string 9199 type: array 9200 tokenUrl: 9201 description: The URL to fetch the token from 9202 minLength: 1 9203 type: string 9204 required: 9205 - clientId 9206 - clientSecret 9207 - tokenUrl 9208 type: object 9209 params: 9210 additionalProperties: 9211 items: 9212 type: string 9213 type: array 9214 description: Optional HTTP URL parameters 9215 type: object 9216 path: 9217 description: HTTP path to scrape for metrics. 9218 type: string 9219 port: 9220 description: Name of the pod port this endpoint refers to. Mutually 9221 exclusive with targetPort. 9222 type: string 9223 proxyUrl: 9224 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 9225 to proxy through this endpoint. 9226 type: string 9227 relabelings: 9228 description: 'RelabelConfigs to apply to samples before scraping. 9229 Prometheus Operator automatically adds relabelings for a few 9230 standard Kubernetes fields and replaces original scrape job 9231 name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 9232 items: 9233 description: 'RelabelConfig allows dynamic rewriting of the 9234 label set, being applied to samples before ingestion. It 9235 defines `<metric_relabel_configs>`-section of Prometheus 9236 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9237 properties: 9238 action: 9239 description: Action to perform based on regex matching. 9240 Default is 'replace' 9241 type: string 9242 modulus: 9243 description: Modulus to take of the hash of the source 9244 label values. 9245 format: int64 9246 type: integer 9247 regex: 9248 description: Regular expression against which the extracted 9249 value is matched. Default is '(.*)' 9250 type: string 9251 replacement: 9252 description: Replacement value against which a regex replace 9253 is performed if the regular expression matches. Regex 9254 capture groups are available. Default is '$1' 9255 type: string 9256 separator: 9257 description: Separator placed between concatenated source 9258 label values. default is ';'. 9259 type: string 9260 sourceLabels: 9261 description: The source labels select values from existing 9262 labels. Their content is concatenated using the configured 9263 separator and matched against the configured regular 9264 expression for the replace, keep, and drop actions. 9265 items: 9266 type: string 9267 type: array 9268 targetLabel: 9269 description: Label to which the resulting value is written 9270 in a replace action. It is mandatory for replace actions. 9271 Regex capture groups are available. 9272 type: string 9273 type: object 9274 type: array 9275 scheme: 9276 description: HTTP scheme to use for scraping. 9277 type: string 9278 scrapeTimeout: 9279 description: Timeout after which the scrape is ended 9280 type: string 9281 targetPort: 9282 anyOf: 9283 - type: integer 9284 - type: string 9285 description: 'Deprecated: Use ''port'' instead.' 9286 x-kubernetes-int-or-string: true 9287 tlsConfig: 9288 description: TLS configuration to use when scraping the endpoint. 9289 properties: 9290 ca: 9291 description: Struct containing the CA cert to use for the 9292 targets. 9293 properties: 9294 configMap: 9295 description: ConfigMap containing data to use for the 9296 targets. 9297 properties: 9298 key: 9299 description: The key to select. 9300 type: string 9301 name: 9302 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9303 TODO: Add other useful fields. apiVersion, kind, 9304 uid?' 9305 type: string 9306 optional: 9307 description: Specify whether the ConfigMap or its 9308 key must be defined 9309 type: boolean 9310 required: 9311 - key 9312 type: object 9313 secret: 9314 description: Secret containing data to use for the targets. 9315 properties: 9316 key: 9317 description: The key of the secret to select from. Must 9318 be a valid secret key. 9319 type: string 9320 name: 9321 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9322 TODO: Add other useful fields. apiVersion, kind, 9323 uid?' 9324 type: string 9325 optional: 9326 description: Specify whether the Secret or its key 9327 must be defined 9328 type: boolean 9329 required: 9330 - key 9331 type: object 9332 type: object 9333 cert: 9334 description: Struct containing the client cert file for 9335 the targets. 9336 properties: 9337 configMap: 9338 description: ConfigMap containing data to use for the 9339 targets. 9340 properties: 9341 key: 9342 description: The key to select. 9343 type: string 9344 name: 9345 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9346 TODO: Add other useful fields. apiVersion, kind, 9347 uid?' 9348 type: string 9349 optional: 9350 description: Specify whether the ConfigMap or its 9351 key must be defined 9352 type: boolean 9353 required: 9354 - key 9355 type: object 9356 secret: 9357 description: Secret containing data to use for the targets. 9358 properties: 9359 key: 9360 description: The key of the secret to select from. Must 9361 be a valid secret key. 9362 type: string 9363 name: 9364 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9365 TODO: Add other useful fields. apiVersion, kind, 9366 uid?' 9367 type: string 9368 optional: 9369 description: Specify whether the Secret or its key 9370 must be defined 9371 type: boolean 9372 required: 9373 - key 9374 type: object 9375 type: object 9376 insecureSkipVerify: 9377 description: Disable target certificate validation. 9378 type: boolean 9379 keySecret: 9380 description: Secret containing the client key file for the 9381 targets. 9382 properties: 9383 key: 9384 description: The key of the secret to select from. Must 9385 be a valid secret key. 9386 type: string 9387 name: 9388 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9389 TODO: Add other useful fields. apiVersion, kind, uid?' 9390 type: string 9391 optional: 9392 description: Specify whether the Secret or its key must 9393 be defined 9394 type: boolean 9395 required: 9396 - key 9397 type: object 9398 serverName: 9399 description: Used to verify the hostname for the targets. 9400 type: string 9401 type: object 9402 type: object 9403 type: array 9404 podTargetLabels: 9405 description: PodTargetLabels transfers labels on the Kubernetes Pod 9406 onto the target. 9407 items: 9408 type: string 9409 type: array 9410 sampleLimit: 9411 description: SampleLimit defines per-scrape limit on number of scraped 9412 samples that will be accepted. 9413 format: int64 9414 type: integer 9415 selector: 9416 description: Selector to select Pod objects. 9417 properties: 9418 matchExpressions: 9419 description: matchExpressions is a list of label selector requirements. 9420 The requirements are ANDed. 9421 items: 9422 description: A label selector requirement is a selector that 9423 contains values, a key, and an operator that relates the key 9424 and values. 9425 properties: 9426 key: 9427 description: key is the label key that the selector applies 9428 to. 9429 type: string 9430 operator: 9431 description: operator represents a key's relationship to 9432 a set of values. Valid operators are In, NotIn, Exists 9433 and DoesNotExist. 9434 type: string 9435 values: 9436 description: values is an array of string values. If the 9437 operator is In or NotIn, the values array must be non-empty. 9438 If the operator is Exists or DoesNotExist, the values 9439 array must be empty. This array is replaced during a strategic 9440 merge patch. 9441 items: 9442 type: string 9443 type: array 9444 required: 9445 - key 9446 - operator 9447 type: object 9448 type: array 9449 matchLabels: 9450 additionalProperties: 9451 type: string 9452 description: matchLabels is a map of {key,value} pairs. A single 9453 {key,value} in the matchLabels map is equivalent to an element 9454 of matchExpressions, whose key field is "key", the operator 9455 is "In", and the values array contains only "value". The requirements 9456 are ANDed. 9457 type: object 9458 type: object 9459 targetLimit: 9460 description: TargetLimit defines a limit on the number of scraped 9461 targets that will be accepted. 9462 format: int64 9463 type: integer 9464 required: 9465 - podMetricsEndpoints 9466 - selector 9467 type: object 9468 required: 9469 - spec 9470 type: object 9471 served: true 9472 storage: true 9473 status: 9474 acceptedNames: 9475 kind: "" 9476 plural: "" 9477 conditions: [] 9478 storedVersions: [] 9479 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml 9480 9481 --- 9482 apiVersion: apiextensions.k8s.io/v1 9483 kind: CustomResourceDefinition 9484 metadata: 9485 annotations: 9486 controller-gen.kubebuilder.io/version: v0.6.2 9487 creationTimestamp: null 9488 name: probes.monitoring.coreos.com 9489 spec: 9490 group: monitoring.coreos.com 9491 names: 9492 categories: 9493 - prometheus-operator 9494 kind: Probe 9495 listKind: ProbeList 9496 plural: probes 9497 singular: probe 9498 scope: Namespaced 9499 versions: 9500 - name: v1 9501 schema: 9502 openAPIV3Schema: 9503 description: Probe defines monitoring for a set of static targets or ingresses. 9504 properties: 9505 apiVersion: 9506 description: 'APIVersion defines the versioned schema of this representation 9507 of an object. Servers should convert recognized schemas to the latest 9508 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9509 type: string 9510 kind: 9511 description: 'Kind is a string value representing the REST resource this 9512 object represents. Servers may infer this from the endpoint the client 9513 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9514 type: string 9515 metadata: 9516 type: object 9517 spec: 9518 description: Specification of desired Ingress selection for target discovery 9519 by Prometheus. 9520 properties: 9521 authorization: 9522 description: Authorization section for this endpoint 9523 properties: 9524 credentials: 9525 description: The secret's key that contains the credentials of 9526 the request 9527 properties: 9528 key: 9529 description: The key of the secret to select from. Must be 9530 a valid secret key. 9531 type: string 9532 name: 9533 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9534 TODO: Add other useful fields. apiVersion, kind, uid?' 9535 type: string 9536 optional: 9537 description: Specify whether the Secret or its key must be 9538 defined 9539 type: boolean 9540 required: 9541 - key 9542 type: object 9543 type: 9544 description: Set the authentication type. Defaults to Bearer, 9545 Basic will cause an error 9546 type: string 9547 type: object 9548 basicAuth: 9549 description: 'BasicAuth allow an endpoint to authenticate over basic 9550 authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' 9551 properties: 9552 password: 9553 description: The secret in the service monitor namespace that 9554 contains the password for authentication. 9555 properties: 9556 key: 9557 description: The key of the secret to select from. Must be 9558 a valid secret key. 9559 type: string 9560 name: 9561 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9562 TODO: Add other useful fields. apiVersion, kind, uid?' 9563 type: string 9564 optional: 9565 description: Specify whether the Secret or its key must be 9566 defined 9567 type: boolean 9568 required: 9569 - key 9570 type: object 9571 username: 9572 description: The secret in the service monitor namespace that 9573 contains the username for authentication. 9574 properties: 9575 key: 9576 description: The key of the secret to select from. Must be 9577 a valid secret key. 9578 type: string 9579 name: 9580 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9581 TODO: Add other useful fields. apiVersion, kind, uid?' 9582 type: string 9583 optional: 9584 description: Specify whether the Secret or its key must be 9585 defined 9586 type: boolean 9587 required: 9588 - key 9589 type: object 9590 type: object 9591 bearerTokenSecret: 9592 description: Secret to mount to read bearer token for scraping targets. 9593 The secret needs to be in the same namespace as the probe and accessible 9594 by the Prometheus Operator. 9595 properties: 9596 key: 9597 description: The key of the secret to select from. Must be a 9598 valid secret key. 9599 type: string 9600 name: 9601 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9602 TODO: Add other useful fields. apiVersion, kind, uid?' 9603 type: string 9604 optional: 9605 description: Specify whether the Secret or its key must be defined 9606 type: boolean 9607 required: 9608 - key 9609 type: object 9610 interval: 9611 description: Interval at which targets are probed using the configured 9612 prober. If not specified Prometheus' global scrape interval is used. 9613 type: string 9614 jobName: 9615 description: The job name assigned to scraped metrics by default. 9616 type: string 9617 labelLimit: 9618 description: Per-scrape limit on number of labels that will be accepted 9619 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 9620 format: int64 9621 type: integer 9622 labelNameLengthLimit: 9623 description: Per-scrape limit on length of labels name that will be 9624 accepted for a sample. Only valid in Prometheus versions 2.27.0 9625 and newer. 9626 format: int64 9627 type: integer 9628 labelValueLengthLimit: 9629 description: Per-scrape limit on length of labels value that will 9630 be accepted for a sample. Only valid in Prometheus versions 2.27.0 9631 and newer. 9632 format: int64 9633 type: integer 9634 metricRelabelings: 9635 description: MetricRelabelConfigs to apply to samples before ingestion. 9636 items: 9637 description: 'RelabelConfig allows dynamic rewriting of the label 9638 set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section 9639 of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9640 properties: 9641 action: 9642 description: Action to perform based on regex matching. Default 9643 is 'replace' 9644 type: string 9645 modulus: 9646 description: Modulus to take of the hash of the source label 9647 values. 9648 format: int64 9649 type: integer 9650 regex: 9651 description: Regular expression against which the extracted 9652 value is matched. Default is '(.*)' 9653 type: string 9654 replacement: 9655 description: Replacement value against which a regex replace 9656 is performed if the regular expression matches. Regex capture 9657 groups are available. Default is '$1' 9658 type: string 9659 separator: 9660 description: Separator placed between concatenated source label 9661 values. default is ';'. 9662 type: string 9663 sourceLabels: 9664 description: The source labels select values from existing labels. 9665 Their content is concatenated using the configured separator 9666 and matched against the configured regular expression for 9667 the replace, keep, and drop actions. 9668 items: 9669 type: string 9670 type: array 9671 targetLabel: 9672 description: Label to which the resulting value is written in 9673 a replace action. It is mandatory for replace actions. Regex 9674 capture groups are available. 9675 type: string 9676 type: object 9677 type: array 9678 module: 9679 description: 'The module to use for probing specifying how to probe 9680 the target. Example module configuring in the blackbox exporter: 9681 https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' 9682 type: string 9683 oauth2: 9684 description: OAuth2 for the URL. Only valid in Prometheus versions 9685 2.27.0 and newer. 9686 properties: 9687 clientId: 9688 description: The secret or configmap containing the OAuth2 client 9689 id 9690 properties: 9691 configMap: 9692 description: ConfigMap containing data to use for the targets. 9693 properties: 9694 key: 9695 description: The key to select. 9696 type: string 9697 name: 9698 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9699 TODO: Add other useful fields. apiVersion, kind, uid?' 9700 type: string 9701 optional: 9702 description: Specify whether the ConfigMap or its key 9703 must be defined 9704 type: boolean 9705 required: 9706 - key 9707 type: object 9708 secret: 9709 description: Secret containing data to use for the targets. 9710 properties: 9711 key: 9712 description: The key of the secret to select from. Must 9713 be a valid secret key. 9714 type: string 9715 name: 9716 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9717 TODO: Add other useful fields. apiVersion, kind, uid?' 9718 type: string 9719 optional: 9720 description: Specify whether the Secret or its key must 9721 be defined 9722 type: boolean 9723 required: 9724 - key 9725 type: object 9726 type: object 9727 clientSecret: 9728 description: The secret containing the OAuth2 client secret 9729 properties: 9730 key: 9731 description: The key of the secret to select from. Must be 9732 a valid secret key. 9733 type: string 9734 name: 9735 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9736 TODO: Add other useful fields. apiVersion, kind, uid?' 9737 type: string 9738 optional: 9739 description: Specify whether the Secret or its key must be 9740 defined 9741 type: boolean 9742 required: 9743 - key 9744 type: object 9745 endpointParams: 9746 additionalProperties: 9747 type: string 9748 description: Parameters to append to the token URL 9749 type: object 9750 scopes: 9751 description: OAuth2 scopes used for the token request 9752 items: 9753 type: string 9754 type: array 9755 tokenUrl: 9756 description: The URL to fetch the token from 9757 minLength: 1 9758 type: string 9759 required: 9760 - clientId 9761 - clientSecret 9762 - tokenUrl 9763 type: object 9764 prober: 9765 description: Specification for the prober to use for probing targets. 9766 The prober.URL parameter is required. Targets cannot be probed if 9767 left empty. 9768 properties: 9769 path: 9770 description: Path to collect metrics from. Defaults to `/probe`. 9771 type: string 9772 proxyUrl: 9773 description: Optional ProxyURL. 9774 type: string 9775 scheme: 9776 description: HTTP scheme to use for scraping. Defaults to `http`. 9777 type: string 9778 url: 9779 description: Mandatory URL of the prober. 9780 type: string 9781 required: 9782 - url 9783 type: object 9784 sampleLimit: 9785 description: SampleLimit defines per-scrape limit on number of scraped 9786 samples that will be accepted. 9787 format: int64 9788 type: integer 9789 scrapeTimeout: 9790 description: Timeout for scraping metrics from the Prometheus exporter. 9791 type: string 9792 targetLimit: 9793 description: TargetLimit defines a limit on the number of scraped 9794 targets that will be accepted. 9795 format: int64 9796 type: integer 9797 targets: 9798 description: Targets defines a set of static and/or dynamically discovered 9799 targets to be probed using the prober. 9800 properties: 9801 ingress: 9802 description: Ingress defines the set of dynamically discovered 9803 ingress objects which hosts are considered for probing. 9804 properties: 9805 namespaceSelector: 9806 description: Select Ingress objects by namespace. 9807 properties: 9808 any: 9809 description: Boolean describing whether all namespaces 9810 are selected in contrast to a list restricting them. 9811 type: boolean 9812 matchNames: 9813 description: List of namespace names. 9814 items: 9815 type: string 9816 type: array 9817 type: object 9818 relabelingConfigs: 9819 description: 'RelabelConfigs to apply to samples before ingestion. 9820 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 9821 items: 9822 description: 'RelabelConfig allows dynamic rewriting of 9823 the label set, being applied to samples before ingestion. 9824 It defines `<metric_relabel_configs>`-section of Prometheus 9825 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9826 properties: 9827 action: 9828 description: Action to perform based on regex matching. 9829 Default is 'replace' 9830 type: string 9831 modulus: 9832 description: Modulus to take of the hash of the source 9833 label values. 9834 format: int64 9835 type: integer 9836 regex: 9837 description: Regular expression against which the extracted 9838 value is matched. Default is '(.*)' 9839 type: string 9840 replacement: 9841 description: Replacement value against which a regex 9842 replace is performed if the regular expression matches. 9843 Regex capture groups are available. Default is '$1' 9844 type: string 9845 separator: 9846 description: Separator placed between concatenated source 9847 label values. default is ';'. 9848 type: string 9849 sourceLabels: 9850 description: The source labels select values from existing 9851 labels. Their content is concatenated using the configured 9852 separator and matched against the configured regular 9853 expression for the replace, keep, and drop actions. 9854 items: 9855 type: string 9856 type: array 9857 targetLabel: 9858 description: Label to which the resulting value is written 9859 in a replace action. It is mandatory for replace actions. 9860 Regex capture groups are available. 9861 type: string 9862 type: object 9863 type: array 9864 selector: 9865 description: Select Ingress objects by labels. 9866 properties: 9867 matchExpressions: 9868 description: matchExpressions is a list of label selector 9869 requirements. The requirements are ANDed. 9870 items: 9871 description: A label selector requirement is a selector 9872 that contains values, a key, and an operator that 9873 relates the key and values. 9874 properties: 9875 key: 9876 description: key is the label key that the selector 9877 applies to. 9878 type: string 9879 operator: 9880 description: operator represents a key's relationship 9881 to a set of values. Valid operators are In, NotIn, 9882 Exists and DoesNotExist. 9883 type: string 9884 values: 9885 description: values is an array of string values. 9886 If the operator is In or NotIn, the values array 9887 must be non-empty. If the operator is Exists or 9888 DoesNotExist, the values array must be empty. 9889 This array is replaced during a strategic merge 9890 patch. 9891 items: 9892 type: string 9893 type: array 9894 required: 9895 - key 9896 - operator 9897 type: object 9898 type: array 9899 matchLabels: 9900 additionalProperties: 9901 type: string 9902 description: matchLabels is a map of {key,value} pairs. 9903 A single {key,value} in the matchLabels map is equivalent 9904 to an element of matchExpressions, whose key field is 9905 "key", the operator is "In", and the values array contains 9906 only "value". The requirements are ANDed. 9907 type: object 9908 type: object 9909 type: object 9910 staticConfig: 9911 description: 'StaticConfig defines static targets which are considers 9912 for probing. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' 9913 properties: 9914 labels: 9915 additionalProperties: 9916 type: string 9917 description: Labels assigned to all metrics scraped from the 9918 targets. 9919 type: object 9920 relabelingConfigs: 9921 description: 'RelabelConfigs to apply to samples before ingestion. 9922 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 9923 items: 9924 description: 'RelabelConfig allows dynamic rewriting of 9925 the label set, being applied to samples before ingestion. 9926 It defines `<metric_relabel_configs>`-section of Prometheus 9927 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9928 properties: 9929 action: 9930 description: Action to perform based on regex matching. 9931 Default is 'replace' 9932 type: string 9933 modulus: 9934 description: Modulus to take of the hash of the source 9935 label values. 9936 format: int64 9937 type: integer 9938 regex: 9939 description: Regular expression against which the extracted 9940 value is matched. Default is '(.*)' 9941 type: string 9942 replacement: 9943 description: Replacement value against which a regex 9944 replace is performed if the regular expression matches. 9945 Regex capture groups are available. Default is '$1' 9946 type: string 9947 separator: 9948 description: Separator placed between concatenated source 9949 label values. default is ';'. 9950 type: string 9951 sourceLabels: 9952 description: The source labels select values from existing 9953 labels. Their content is concatenated using the configured 9954 separator and matched against the configured regular 9955 expression for the replace, keep, and drop actions. 9956 items: 9957 type: string 9958 type: array 9959 targetLabel: 9960 description: Label to which the resulting value is written 9961 in a replace action. It is mandatory for replace actions. 9962 Regex capture groups are available. 9963 type: string 9964 type: object 9965 type: array 9966 static: 9967 description: Targets is a list of URLs to probe using the 9968 configured prober. 9969 items: 9970 type: string 9971 type: array 9972 type: object 9973 type: object 9974 tlsConfig: 9975 description: TLS configuration to use when scraping the endpoint. 9976 properties: 9977 ca: 9978 description: Struct containing the CA cert to use for the targets. 9979 properties: 9980 configMap: 9981 description: ConfigMap containing data to use for the targets. 9982 properties: 9983 key: 9984 description: The key to select. 9985 type: string 9986 name: 9987 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9988 TODO: Add other useful fields. apiVersion, kind, uid?' 9989 type: string 9990 optional: 9991 description: Specify whether the ConfigMap or its key 9992 must be defined 9993 type: boolean 9994 required: 9995 - key 9996 type: object 9997 secret: 9998 description: Secret containing data to use for the targets. 9999 properties: 10000 key: 10001 description: The key of the secret to select from. Must 10002 be a valid secret key. 10003 type: string 10004 name: 10005 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10006 TODO: Add other useful fields. apiVersion, kind, uid?' 10007 type: string 10008 optional: 10009 description: Specify whether the Secret or its key must 10010 be defined 10011 type: boolean 10012 required: 10013 - key 10014 type: object 10015 type: object 10016 cert: 10017 description: Struct containing the client cert file for the targets. 10018 properties: 10019 configMap: 10020 description: ConfigMap containing data to use for the targets. 10021 properties: 10022 key: 10023 description: The key to select. 10024 type: string 10025 name: 10026 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10027 TODO: Add other useful fields. apiVersion, kind, uid?' 10028 type: string 10029 optional: 10030 description: Specify whether the ConfigMap or its key 10031 must be defined 10032 type: boolean 10033 required: 10034 - key 10035 type: object 10036 secret: 10037 description: Secret containing data to use for the targets. 10038 properties: 10039 key: 10040 description: The key of the secret to select from. Must 10041 be a valid secret key. 10042 type: string 10043 name: 10044 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10045 TODO: Add other useful fields. apiVersion, kind, uid?' 10046 type: string 10047 optional: 10048 description: Specify whether the Secret or its key must 10049 be defined 10050 type: boolean 10051 required: 10052 - key 10053 type: object 10054 type: object 10055 insecureSkipVerify: 10056 description: Disable target certificate validation. 10057 type: boolean 10058 keySecret: 10059 description: Secret containing the client key file for the targets. 10060 properties: 10061 key: 10062 description: The key of the secret to select from. Must be 10063 a valid secret key. 10064 type: string 10065 name: 10066 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10067 TODO: Add other useful fields. apiVersion, kind, uid?' 10068 type: string 10069 optional: 10070 description: Specify whether the Secret or its key must be 10071 defined 10072 type: boolean 10073 required: 10074 - key 10075 type: object 10076 serverName: 10077 description: Used to verify the hostname for the targets. 10078 type: string 10079 type: object 10080 type: object 10081 required: 10082 - spec 10083 type: object 10084 served: true 10085 storage: true 10086 status: 10087 acceptedNames: 10088 kind: "" 10089 plural: "" 10090 conditions: [] 10091 storedVersions: [] 10092 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml 10093 10094 --- 10095 apiVersion: apiextensions.k8s.io/v1 10096 kind: CustomResourceDefinition 10097 metadata: 10098 annotations: 10099 controller-gen.kubebuilder.io/version: v0.6.2 10100 creationTimestamp: null 10101 name: prometheuses.monitoring.coreos.com 10102 spec: 10103 group: monitoring.coreos.com 10104 names: 10105 categories: 10106 - prometheus-operator 10107 kind: Prometheus 10108 listKind: PrometheusList 10109 plural: prometheuses 10110 singular: prometheus 10111 scope: Namespaced 10112 versions: 10113 - additionalPrinterColumns: 10114 - description: The version of Prometheus 10115 jsonPath: .spec.version 10116 name: Version 10117 type: string 10118 - description: The desired replicas number of Prometheuses 10119 jsonPath: .spec.replicas 10120 name: Replicas 10121 type: integer 10122 - jsonPath: .metadata.creationTimestamp 10123 name: Age 10124 type: date 10125 name: v1 10126 schema: 10127 openAPIV3Schema: 10128 description: Prometheus defines a Prometheus deployment. 10129 properties: 10130 apiVersion: 10131 description: 'APIVersion defines the versioned schema of this representation 10132 of an object. Servers should convert recognized schemas to the latest 10133 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 10134 type: string 10135 kind: 10136 description: 'Kind is a string value representing the REST resource this 10137 object represents. Servers may infer this from the endpoint the client 10138 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 10139 type: string 10140 metadata: 10141 type: object 10142 spec: 10143 description: 'Specification of the desired behavior of the Prometheus 10144 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 10145 properties: 10146 additionalAlertManagerConfigs: 10147 description: 'AdditionalAlertManagerConfigs allows specifying a key 10148 of a Secret containing additional Prometheus AlertManager configurations. 10149 AlertManager configurations specified are appended to the configurations 10150 generated by the Prometheus Operator. Job configurations specified 10151 must have the form as specified in the official Prometheus documentation: 10152 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. 10153 As AlertManager configs are appended, the user is responsible to 10154 make sure it is valid. Note that using this feature may expose the 10155 possibility to break upgrades of Prometheus. It is advised to review 10156 Prometheus release notes to ensure that no incompatible AlertManager 10157 configs are going to break Prometheus after the upgrade.' 10158 properties: 10159 key: 10160 description: The key of the secret to select from. Must be a 10161 valid secret key. 10162 type: string 10163 name: 10164 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10165 TODO: Add other useful fields. apiVersion, kind, uid?' 10166 type: string 10167 optional: 10168 description: Specify whether the Secret or its key must be defined 10169 type: boolean 10170 required: 10171 - key 10172 type: object 10173 additionalAlertRelabelConfigs: 10174 description: 'AdditionalAlertRelabelConfigs allows specifying a key 10175 of a Secret containing additional Prometheus alert relabel configurations. 10176 Alert relabel configurations specified are appended to the configurations 10177 generated by the Prometheus Operator. Alert relabel configurations 10178 specified must have the form as specified in the official Prometheus 10179 documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. 10180 As alert relabel configs are appended, the user is responsible to 10181 make sure it is valid. Note that using this feature may expose the 10182 possibility to break upgrades of Prometheus. It is advised to review 10183 Prometheus release notes to ensure that no incompatible alert relabel 10184 configs are going to break Prometheus after the upgrade.' 10185 properties: 10186 key: 10187 description: The key of the secret to select from. Must be a 10188 valid secret key. 10189 type: string 10190 name: 10191 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10192 TODO: Add other useful fields. apiVersion, kind, uid?' 10193 type: string 10194 optional: 10195 description: Specify whether the Secret or its key must be defined 10196 type: boolean 10197 required: 10198 - key 10199 type: object 10200 additionalScrapeConfigs: 10201 description: 'AdditionalScrapeConfigs allows specifying a key of a 10202 Secret containing additional Prometheus scrape configurations. Scrape 10203 configurations specified are appended to the configurations generated 10204 by the Prometheus Operator. Job configurations specified must have 10205 the form as specified in the official Prometheus documentation: 10206 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. 10207 As scrape configs are appended, the user is responsible to make 10208 sure it is valid. Note that using this feature may expose the possibility 10209 to break upgrades of Prometheus. It is advised to review Prometheus 10210 release notes to ensure that no incompatible scrape configs are 10211 going to break Prometheus after the upgrade.' 10212 properties: 10213 key: 10214 description: The key of the secret to select from. Must be a 10215 valid secret key. 10216 type: string 10217 name: 10218 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10219 TODO: Add other useful fields. apiVersion, kind, uid?' 10220 type: string 10221 optional: 10222 description: Specify whether the Secret or its key must be defined 10223 type: boolean 10224 required: 10225 - key 10226 type: object 10227 affinity: 10228 description: If specified, the pod's scheduling constraints. 10229 properties: 10230 nodeAffinity: 10231 description: Describes node affinity scheduling rules for the 10232 pod. 10233 properties: 10234 preferredDuringSchedulingIgnoredDuringExecution: 10235 description: The scheduler will prefer to schedule pods to 10236 nodes that satisfy the affinity expressions specified by 10237 this field, but it may choose a node that violates one or 10238 more of the expressions. The node that is most preferred 10239 is the one with the greatest sum of weights, i.e. for each 10240 node that meets all of the scheduling requirements (resource 10241 request, requiredDuringScheduling affinity expressions, 10242 etc.), compute a sum by iterating through the elements of 10243 this field and adding "weight" to the sum if the node matches 10244 the corresponding matchExpressions; the node(s) with the 10245 highest sum are the most preferred. 10246 items: 10247 description: An empty preferred scheduling term matches 10248 all objects with implicit weight 0 (i.e. it's a no-op). 10249 A null preferred scheduling term matches no objects (i.e. 10250 is also a no-op). 10251 properties: 10252 preference: 10253 description: A node selector term, associated with the 10254 corresponding weight. 10255 properties: 10256 matchExpressions: 10257 description: A list of node selector requirements 10258 by node's labels. 10259 items: 10260 description: A node selector requirement is a 10261 selector that contains values, a key, and an 10262 operator that relates the key and values. 10263 properties: 10264 key: 10265 description: The label key that the selector 10266 applies to. 10267 type: string 10268 operator: 10269 description: Represents a key's relationship 10270 to a set of values. Valid operators are 10271 In, NotIn, Exists, DoesNotExist. Gt, and 10272 Lt. 10273 type: string 10274 values: 10275 description: An array of string values. If 10276 the operator is In or NotIn, the values 10277 array must be non-empty. If the operator 10278 is Exists or DoesNotExist, the values array 10279 must be empty. If the operator is Gt or 10280 Lt, the values array must have a single 10281 element, which will be interpreted as an 10282 integer. This array is replaced during a 10283 strategic merge patch. 10284 items: 10285 type: string 10286 type: array 10287 required: 10288 - key 10289 - operator 10290 type: object 10291 type: array 10292 matchFields: 10293 description: A list of node selector requirements 10294 by node's fields. 10295 items: 10296 description: A node selector requirement is a 10297 selector that contains values, a key, and an 10298 operator that relates the key and values. 10299 properties: 10300 key: 10301 description: The label key that the selector 10302 applies to. 10303 type: string 10304 operator: 10305 description: Represents a key's relationship 10306 to a set of values. Valid operators are 10307 In, NotIn, Exists, DoesNotExist. Gt, and 10308 Lt. 10309 type: string 10310 values: 10311 description: An array of string values. If 10312 the operator is In or NotIn, the values 10313 array must be non-empty. If the operator 10314 is Exists or DoesNotExist, the values array 10315 must be empty. If the operator is Gt or 10316 Lt, the values array must have a single 10317 element, which will be interpreted as an 10318 integer. This array is replaced during a 10319 strategic merge patch. 10320 items: 10321 type: string 10322 type: array 10323 required: 10324 - key 10325 - operator 10326 type: object 10327 type: array 10328 type: object 10329 weight: 10330 description: Weight associated with matching the corresponding 10331 nodeSelectorTerm, in the range 1-100. 10332 format: int32 10333 type: integer 10334 required: 10335 - preference 10336 - weight 10337 type: object 10338 type: array 10339 requiredDuringSchedulingIgnoredDuringExecution: 10340 description: If the affinity requirements specified by this 10341 field are not met at scheduling time, the pod will not be 10342 scheduled onto the node. If the affinity requirements specified 10343 by this field cease to be met at some point during pod execution 10344 (e.g. due to an update), the system may or may not try to 10345 eventually evict the pod from its node. 10346 properties: 10347 nodeSelectorTerms: 10348 description: Required. A list of node selector terms. 10349 The terms are ORed. 10350 items: 10351 description: A null or empty node selector term matches 10352 no objects. The requirements of them are ANDed. The 10353 TopologySelectorTerm type implements a subset of the 10354 NodeSelectorTerm. 10355 properties: 10356 matchExpressions: 10357 description: A list of node selector requirements 10358 by node's labels. 10359 items: 10360 description: A node selector requirement is a 10361 selector that contains values, a key, and an 10362 operator that relates the key and values. 10363 properties: 10364 key: 10365 description: The label key that the selector 10366 applies to. 10367 type: string 10368 operator: 10369 description: Represents a key's relationship 10370 to a set of values. Valid operators are 10371 In, NotIn, Exists, DoesNotExist. Gt, and 10372 Lt. 10373 type: string 10374 values: 10375 description: An array of string values. If 10376 the operator is In or NotIn, the values 10377 array must be non-empty. If the operator 10378 is Exists or DoesNotExist, the values array 10379 must be empty. If the operator is Gt or 10380 Lt, the values array must have a single 10381 element, which will be interpreted as an 10382 integer. This array is replaced during a 10383 strategic merge patch. 10384 items: 10385 type: string 10386 type: array 10387 required: 10388 - key 10389 - operator 10390 type: object 10391 type: array 10392 matchFields: 10393 description: A list of node selector requirements 10394 by node's fields. 10395 items: 10396 description: A node selector requirement is a 10397 selector that contains values, a key, and an 10398 operator that relates the key and values. 10399 properties: 10400 key: 10401 description: The label key that the selector 10402 applies to. 10403 type: string 10404 operator: 10405 description: Represents a key's relationship 10406 to a set of values. Valid operators are 10407 In, NotIn, Exists, DoesNotExist. Gt, and 10408 Lt. 10409 type: string 10410 values: 10411 description: An array of string values. If 10412 the operator is In or NotIn, the values 10413 array must be non-empty. If the operator 10414 is Exists or DoesNotExist, the values array 10415 must be empty. If the operator is Gt or 10416 Lt, the values array must have a single 10417 element, which will be interpreted as an 10418 integer. This array is replaced during a 10419 strategic merge patch. 10420 items: 10421 type: string 10422 type: array 10423 required: 10424 - key 10425 - operator 10426 type: object 10427 type: array 10428 type: object 10429 type: array 10430 required: 10431 - nodeSelectorTerms 10432 type: object 10433 type: object 10434 podAffinity: 10435 description: Describes pod affinity scheduling rules (e.g. co-locate 10436 this pod in the same node, zone, etc. as some other pod(s)). 10437 properties: 10438 preferredDuringSchedulingIgnoredDuringExecution: 10439 description: The scheduler will prefer to schedule pods to 10440 nodes that satisfy the affinity expressions specified by 10441 this field, but it may choose a node that violates one or 10442 more of the expressions. The node that is most preferred 10443 is the one with the greatest sum of weights, i.e. for each 10444 node that meets all of the scheduling requirements (resource 10445 request, requiredDuringScheduling affinity expressions, 10446 etc.), compute a sum by iterating through the elements of 10447 this field and adding "weight" to the sum if the node has 10448 pods which matches the corresponding podAffinityTerm; the 10449 node(s) with the highest sum are the most preferred. 10450 items: 10451 description: The weights of all of the matched WeightedPodAffinityTerm 10452 fields are added per-node to find the most preferred node(s) 10453 properties: 10454 podAffinityTerm: 10455 description: Required. A pod affinity term, associated 10456 with the corresponding weight. 10457 properties: 10458 labelSelector: 10459 description: A label query over a set of resources, 10460 in this case pods. 10461 properties: 10462 matchExpressions: 10463 description: matchExpressions is a list of label 10464 selector requirements. The requirements are 10465 ANDed. 10466 items: 10467 description: A label selector requirement 10468 is a selector that contains values, a key, 10469 and an operator that relates the key and 10470 values. 10471 properties: 10472 key: 10473 description: key is the label key that 10474 the selector applies to. 10475 type: string 10476 operator: 10477 description: operator represents a key's 10478 relationship to a set of values. Valid 10479 operators are In, NotIn, Exists and 10480 DoesNotExist. 10481 type: string 10482 values: 10483 description: values is an array of string 10484 values. If the operator is In or NotIn, 10485 the values array must be non-empty. 10486 If the operator is Exists or DoesNotExist, 10487 the values array must be empty. This 10488 array is replaced during a strategic 10489 merge patch. 10490 items: 10491 type: string 10492 type: array 10493 required: 10494 - key 10495 - operator 10496 type: object 10497 type: array 10498 matchLabels: 10499 additionalProperties: 10500 type: string 10501 description: matchLabels is a map of {key,value} 10502 pairs. A single {key,value} in the matchLabels 10503 map is equivalent to an element of matchExpressions, 10504 whose key field is "key", the operator is 10505 "In", and the values array contains only "value". 10506 The requirements are ANDed. 10507 type: object 10508 type: object 10509 namespaceSelector: 10510 description: A label query over the set of namespaces 10511 that the term applies to. The term is applied 10512 to the union of the namespaces selected by this 10513 field and the ones listed in the namespaces field. 10514 null selector and null or empty namespaces list 10515 means "this pod's namespace". An empty selector 10516 ({}) matches all namespaces. This field is beta-level 10517 and is only honored when PodAffinityNamespaceSelector 10518 feature is enabled. 10519 properties: 10520 matchExpressions: 10521 description: matchExpressions is a list of label 10522 selector requirements. The requirements are 10523 ANDed. 10524 items: 10525 description: A label selector requirement 10526 is a selector that contains values, a key, 10527 and an operator that relates the key and 10528 values. 10529 properties: 10530 key: 10531 description: key is the label key that 10532 the selector applies to. 10533 type: string 10534 operator: 10535 description: operator represents a key's 10536 relationship to a set of values. Valid 10537 operators are In, NotIn, Exists and 10538 DoesNotExist. 10539 type: string 10540 values: 10541 description: values is an array of string 10542 values. If the operator is In or NotIn, 10543 the values array must be non-empty. 10544 If the operator is Exists or DoesNotExist, 10545 the values array must be empty. This 10546 array is replaced during a strategic 10547 merge patch. 10548 items: 10549 type: string 10550 type: array 10551 required: 10552 - key 10553 - operator 10554 type: object 10555 type: array 10556 matchLabels: 10557 additionalProperties: 10558 type: string 10559 description: matchLabels is a map of {key,value} 10560 pairs. A single {key,value} in the matchLabels 10561 map is equivalent to an element of matchExpressions, 10562 whose key field is "key", the operator is 10563 "In", and the values array contains only "value". 10564 The requirements are ANDed. 10565 type: object 10566 type: object 10567 namespaces: 10568 description: namespaces specifies a static list 10569 of namespace names that the term applies to. The 10570 term is applied to the union of the namespaces 10571 listed in this field and the ones selected by 10572 namespaceSelector. null or empty namespaces list 10573 and null namespaceSelector means "this pod's namespace" 10574 items: 10575 type: string 10576 type: array 10577 topologyKey: 10578 description: This pod should be co-located (affinity) 10579 or not co-located (anti-affinity) with the pods 10580 matching the labelSelector in the specified namespaces, 10581 where co-located is defined as running on a node 10582 whose value of the label with key topologyKey 10583 matches that of any node on which any of the selected 10584 pods is running. Empty topologyKey is not allowed. 10585 type: string 10586 required: 10587 - topologyKey 10588 type: object 10589 weight: 10590 description: weight associated with matching the corresponding 10591 podAffinityTerm, in the range 1-100. 10592 format: int32 10593 type: integer 10594 required: 10595 - podAffinityTerm 10596 - weight 10597 type: object 10598 type: array 10599 requiredDuringSchedulingIgnoredDuringExecution: 10600 description: If the affinity requirements specified by this 10601 field are not met at scheduling time, the pod will not be 10602 scheduled onto the node. If the affinity requirements specified 10603 by this field cease to be met at some point during pod execution 10604 (e.g. due to a pod label update), the system may or may 10605 not try to eventually evict the pod from its node. When 10606 there are multiple elements, the lists of nodes corresponding 10607 to each podAffinityTerm are intersected, i.e. all terms 10608 must be satisfied. 10609 items: 10610 description: Defines a set of pods (namely those matching 10611 the labelSelector relative to the given namespace(s)) 10612 that this pod should be co-located (affinity) or not co-located 10613 (anti-affinity) with, where co-located is defined as running 10614 on a node whose value of the label with key <topologyKey> 10615 matches that of any node on which a pod of the set of 10616 pods is running 10617 properties: 10618 labelSelector: 10619 description: A label query over a set of resources, 10620 in this case pods. 10621 properties: 10622 matchExpressions: 10623 description: matchExpressions is a list of label 10624 selector requirements. The requirements are ANDed. 10625 items: 10626 description: A label selector requirement is a 10627 selector that contains values, a key, and an 10628 operator that relates the key and values. 10629 properties: 10630 key: 10631 description: key is the label key that the 10632 selector applies to. 10633 type: string 10634 operator: 10635 description: operator represents a key's relationship 10636 to a set of values. Valid operators are 10637 In, NotIn, Exists and DoesNotExist. 10638 type: string 10639 values: 10640 description: values is an array of string 10641 values. If the operator is In or NotIn, 10642 the values array must be non-empty. If the 10643 operator is Exists or DoesNotExist, the 10644 values array must be empty. This array is 10645 replaced during a strategic merge patch. 10646 items: 10647 type: string 10648 type: array 10649 required: 10650 - key 10651 - operator 10652 type: object 10653 type: array 10654 matchLabels: 10655 additionalProperties: 10656 type: string 10657 description: matchLabels is a map of {key,value} 10658 pairs. A single {key,value} in the matchLabels 10659 map is equivalent to an element of matchExpressions, 10660 whose key field is "key", the operator is "In", 10661 and the values array contains only "value". The 10662 requirements are ANDed. 10663 type: object 10664 type: object 10665 namespaceSelector: 10666 description: A label query over the set of namespaces 10667 that the term applies to. The term is applied to the 10668 union of the namespaces selected by this field and 10669 the ones listed in the namespaces field. null selector 10670 and null or empty namespaces list means "this pod's 10671 namespace". An empty selector ({}) matches all namespaces. 10672 This field is beta-level and is only honored when 10673 PodAffinityNamespaceSelector feature is enabled. 10674 properties: 10675 matchExpressions: 10676 description: matchExpressions is a list of label 10677 selector requirements. The requirements are ANDed. 10678 items: 10679 description: A label selector requirement is a 10680 selector that contains values, a key, and an 10681 operator that relates the key and values. 10682 properties: 10683 key: 10684 description: key is the label key that the 10685 selector applies to. 10686 type: string 10687 operator: 10688 description: operator represents a key's relationship 10689 to a set of values. Valid operators are 10690 In, NotIn, Exists and DoesNotExist. 10691 type: string 10692 values: 10693 description: values is an array of string 10694 values. If the operator is In or NotIn, 10695 the values array must be non-empty. If the 10696 operator is Exists or DoesNotExist, the 10697 values array must be empty. This array is 10698 replaced during a strategic merge patch. 10699 items: 10700 type: string 10701 type: array 10702 required: 10703 - key 10704 - operator 10705 type: object 10706 type: array 10707 matchLabels: 10708 additionalProperties: 10709 type: string 10710 description: matchLabels is a map of {key,value} 10711 pairs. A single {key,value} in the matchLabels 10712 map is equivalent to an element of matchExpressions, 10713 whose key field is "key", the operator is "In", 10714 and the values array contains only "value". The 10715 requirements are ANDed. 10716 type: object 10717 type: object 10718 namespaces: 10719 description: namespaces specifies a static list of namespace 10720 names that the term applies to. The term is applied 10721 to the union of the namespaces listed in this field 10722 and the ones selected by namespaceSelector. null or 10723 empty namespaces list and null namespaceSelector means 10724 "this pod's namespace" 10725 items: 10726 type: string 10727 type: array 10728 topologyKey: 10729 description: This pod should be co-located (affinity) 10730 or not co-located (anti-affinity) with the pods matching 10731 the labelSelector in the specified namespaces, where 10732 co-located is defined as running on a node whose value 10733 of the label with key topologyKey matches that of 10734 any node on which any of the selected pods is running. 10735 Empty topologyKey is not allowed. 10736 type: string 10737 required: 10738 - topologyKey 10739 type: object 10740 type: array 10741 type: object 10742 podAntiAffinity: 10743 description: Describes pod anti-affinity scheduling rules (e.g. 10744 avoid putting this pod in the same node, zone, etc. as some 10745 other pod(s)). 10746 properties: 10747 preferredDuringSchedulingIgnoredDuringExecution: 10748 description: The scheduler will prefer to schedule pods to 10749 nodes that satisfy the anti-affinity expressions specified 10750 by this field, but it may choose a node that violates one 10751 or more of the expressions. The node that is most preferred 10752 is the one with the greatest sum of weights, i.e. for each 10753 node that meets all of the scheduling requirements (resource 10754 request, requiredDuringScheduling anti-affinity expressions, 10755 etc.), compute a sum by iterating through the elements of 10756 this field and adding "weight" to the sum if the node has 10757 pods which matches the corresponding podAffinityTerm; the 10758 node(s) with the highest sum are the most preferred. 10759 items: 10760 description: The weights of all of the matched WeightedPodAffinityTerm 10761 fields are added per-node to find the most preferred node(s) 10762 properties: 10763 podAffinityTerm: 10764 description: Required. A pod affinity term, associated 10765 with the corresponding weight. 10766 properties: 10767 labelSelector: 10768 description: A label query over a set of resources, 10769 in this case pods. 10770 properties: 10771 matchExpressions: 10772 description: matchExpressions is a list of label 10773 selector requirements. The requirements are 10774 ANDed. 10775 items: 10776 description: A label selector requirement 10777 is a selector that contains values, a key, 10778 and an operator that relates the key and 10779 values. 10780 properties: 10781 key: 10782 description: key is the label key that 10783 the selector applies to. 10784 type: string 10785 operator: 10786 description: operator represents a key's 10787 relationship to a set of values. Valid 10788 operators are In, NotIn, Exists and 10789 DoesNotExist. 10790 type: string 10791 values: 10792 description: values is an array of string 10793 values. If the operator is In or NotIn, 10794 the values array must be non-empty. 10795 If the operator is Exists or DoesNotExist, 10796 the values array must be empty. This 10797 array is replaced during a strategic 10798 merge patch. 10799 items: 10800 type: string 10801 type: array 10802 required: 10803 - key 10804 - operator 10805 type: object 10806 type: array 10807 matchLabels: 10808 additionalProperties: 10809 type: string 10810 description: matchLabels is a map of {key,value} 10811 pairs. A single {key,value} in the matchLabels 10812 map is equivalent to an element of matchExpressions, 10813 whose key field is "key", the operator is 10814 "In", and the values array contains only "value". 10815 The requirements are ANDed. 10816 type: object 10817 type: object 10818 namespaceSelector: 10819 description: A label query over the set of namespaces 10820 that the term applies to. The term is applied 10821 to the union of the namespaces selected by this 10822 field and the ones listed in the namespaces field. 10823 null selector and null or empty namespaces list 10824 means "this pod's namespace". An empty selector 10825 ({}) matches all namespaces. This field is beta-level 10826 and is only honored when PodAffinityNamespaceSelector 10827 feature is enabled. 10828 properties: 10829 matchExpressions: 10830 description: matchExpressions is a list of label 10831 selector requirements. The requirements are 10832 ANDed. 10833 items: 10834 description: A label selector requirement 10835 is a selector that contains values, a key, 10836 and an operator that relates the key and 10837 values. 10838 properties: 10839 key: 10840 description: key is the label key that 10841 the selector applies to. 10842 type: string 10843 operator: 10844 description: operator represents a key's 10845 relationship to a set of values. Valid 10846 operators are In, NotIn, Exists and 10847 DoesNotExist. 10848 type: string 10849 values: 10850 description: values is an array of string 10851 values. If the operator is In or NotIn, 10852 the values array must be non-empty. 10853 If the operator is Exists or DoesNotExist, 10854 the values array must be empty. This 10855 array is replaced during a strategic 10856 merge patch. 10857 items: 10858 type: string 10859 type: array 10860 required: 10861 - key 10862 - operator 10863 type: object 10864 type: array 10865 matchLabels: 10866 additionalProperties: 10867 type: string 10868 description: matchLabels is a map of {key,value} 10869 pairs. A single {key,value} in the matchLabels 10870 map is equivalent to an element of matchExpressions, 10871 whose key field is "key", the operator is 10872 "In", and the values array contains only "value". 10873 The requirements are ANDed. 10874 type: object 10875 type: object 10876 namespaces: 10877 description: namespaces specifies a static list 10878 of namespace names that the term applies to. The 10879 term is applied to the union of the namespaces 10880 listed in this field and the ones selected by 10881 namespaceSelector. null or empty namespaces list 10882 and null namespaceSelector means "this pod's namespace" 10883 items: 10884 type: string 10885 type: array 10886 topologyKey: 10887 description: This pod should be co-located (affinity) 10888 or not co-located (anti-affinity) with the pods 10889 matching the labelSelector in the specified namespaces, 10890 where co-located is defined as running on a node 10891 whose value of the label with key topologyKey 10892 matches that of any node on which any of the selected 10893 pods is running. Empty topologyKey is not allowed. 10894 type: string 10895 required: 10896 - topologyKey 10897 type: object 10898 weight: 10899 description: weight associated with matching the corresponding 10900 podAffinityTerm, in the range 1-100. 10901 format: int32 10902 type: integer 10903 required: 10904 - podAffinityTerm 10905 - weight 10906 type: object 10907 type: array 10908 requiredDuringSchedulingIgnoredDuringExecution: 10909 description: If the anti-affinity requirements specified by 10910 this field are not met at scheduling time, the pod will 10911 not be scheduled onto the node. If the anti-affinity requirements 10912 specified by this field cease to be met at some point during 10913 pod execution (e.g. due to a pod label update), the system 10914 may or may not try to eventually evict the pod from its 10915 node. When there are multiple elements, the lists of nodes 10916 corresponding to each podAffinityTerm are intersected, i.e. 10917 all terms must be satisfied. 10918 items: 10919 description: Defines a set of pods (namely those matching 10920 the labelSelector relative to the given namespace(s)) 10921 that this pod should be co-located (affinity) or not co-located 10922 (anti-affinity) with, where co-located is defined as running 10923 on a node whose value of the label with key <topologyKey> 10924 matches that of any node on which a pod of the set of 10925 pods is running 10926 properties: 10927 labelSelector: 10928 description: A label query over a set of resources, 10929 in this case pods. 10930 properties: 10931 matchExpressions: 10932 description: matchExpressions is a list of label 10933 selector requirements. The requirements are ANDed. 10934 items: 10935 description: A label selector requirement is a 10936 selector that contains values, a key, and an 10937 operator that relates the key and values. 10938 properties: 10939 key: 10940 description: key is the label key that the 10941 selector applies to. 10942 type: string 10943 operator: 10944 description: operator represents a key's relationship 10945 to a set of values. Valid operators are 10946 In, NotIn, Exists and DoesNotExist. 10947 type: string 10948 values: 10949 description: values is an array of string 10950 values. If the operator is In or NotIn, 10951 the values array must be non-empty. If the 10952 operator is Exists or DoesNotExist, the 10953 values array must be empty. This array is 10954 replaced during a strategic merge patch. 10955 items: 10956 type: string 10957 type: array 10958 required: 10959 - key 10960 - operator 10961 type: object 10962 type: array 10963 matchLabels: 10964 additionalProperties: 10965 type: string 10966 description: matchLabels is a map of {key,value} 10967 pairs. A single {key,value} in the matchLabels 10968 map is equivalent to an element of matchExpressions, 10969 whose key field is "key", the operator is "In", 10970 and the values array contains only "value". The 10971 requirements are ANDed. 10972 type: object 10973 type: object 10974 namespaceSelector: 10975 description: A label query over the set of namespaces 10976 that the term applies to. The term is applied to the 10977 union of the namespaces selected by this field and 10978 the ones listed in the namespaces field. null selector 10979 and null or empty namespaces list means "this pod's 10980 namespace". An empty selector ({}) matches all namespaces. 10981 This field is beta-level and is only honored when 10982 PodAffinityNamespaceSelector feature is enabled. 10983 properties: 10984 matchExpressions: 10985 description: matchExpressions is a list of label 10986 selector requirements. The requirements are ANDed. 10987 items: 10988 description: A label selector requirement is a 10989 selector that contains values, a key, and an 10990 operator that relates the key and values. 10991 properties: 10992 key: 10993 description: key is the label key that the 10994 selector applies to. 10995 type: string 10996 operator: 10997 description: operator represents a key's relationship 10998 to a set of values. Valid operators are 10999 In, NotIn, Exists and DoesNotExist. 11000 type: string 11001 values: 11002 description: values is an array of string 11003 values. If the operator is In or NotIn, 11004 the values array must be non-empty. If the 11005 operator is Exists or DoesNotExist, the 11006 values array must be empty. This array is 11007 replaced during a strategic merge patch. 11008 items: 11009 type: string 11010 type: array 11011 required: 11012 - key 11013 - operator 11014 type: object 11015 type: array 11016 matchLabels: 11017 additionalProperties: 11018 type: string 11019 description: matchLabels is a map of {key,value} 11020 pairs. A single {key,value} in the matchLabels 11021 map is equivalent to an element of matchExpressions, 11022 whose key field is "key", the operator is "In", 11023 and the values array contains only "value". The 11024 requirements are ANDed. 11025 type: object 11026 type: object 11027 namespaces: 11028 description: namespaces specifies a static list of namespace 11029 names that the term applies to. The term is applied 11030 to the union of the namespaces listed in this field 11031 and the ones selected by namespaceSelector. null or 11032 empty namespaces list and null namespaceSelector means 11033 "this pod's namespace" 11034 items: 11035 type: string 11036 type: array 11037 topologyKey: 11038 description: This pod should be co-located (affinity) 11039 or not co-located (anti-affinity) with the pods matching 11040 the labelSelector in the specified namespaces, where 11041 co-located is defined as running on a node whose value 11042 of the label with key topologyKey matches that of 11043 any node on which any of the selected pods is running. 11044 Empty topologyKey is not allowed. 11045 type: string 11046 required: 11047 - topologyKey 11048 type: object 11049 type: array 11050 type: object 11051 type: object 11052 alerting: 11053 description: Define details regarding alerting. 11054 properties: 11055 alertmanagers: 11056 description: AlertmanagerEndpoints Prometheus should fire alerts 11057 against. 11058 items: 11059 description: AlertmanagerEndpoints defines a selection of a 11060 single Endpoints object containing alertmanager IPs to fire 11061 alerts against. 11062 properties: 11063 apiVersion: 11064 description: Version of the Alertmanager API that Prometheus 11065 uses to send alerts. It can be "v1" or "v2". 11066 type: string 11067 authorization: 11068 description: Authorization section for this alertmanager 11069 endpoint 11070 properties: 11071 credentials: 11072 description: The secret's key that contains the credentials 11073 of the request 11074 properties: 11075 key: 11076 description: The key of the secret to select from. Must 11077 be a valid secret key. 11078 type: string 11079 name: 11080 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11081 TODO: Add other useful fields. apiVersion, kind, 11082 uid?' 11083 type: string 11084 optional: 11085 description: Specify whether the Secret or its key 11086 must be defined 11087 type: boolean 11088 required: 11089 - key 11090 type: object 11091 type: 11092 description: Set the authentication type. Defaults to 11093 Bearer, Basic will cause an error 11094 type: string 11095 type: object 11096 bearerTokenFile: 11097 description: BearerTokenFile to read from filesystem to 11098 use when authenticating to Alertmanager. 11099 type: string 11100 name: 11101 description: Name of Endpoints object in Namespace. 11102 type: string 11103 namespace: 11104 description: Namespace of Endpoints object. 11105 type: string 11106 pathPrefix: 11107 description: Prefix for the HTTP path alerts are pushed 11108 to. 11109 type: string 11110 port: 11111 anyOf: 11112 - type: integer 11113 - type: string 11114 description: Port the Alertmanager API is exposed on. 11115 x-kubernetes-int-or-string: true 11116 scheme: 11117 description: Scheme to use when firing alerts. 11118 type: string 11119 timeout: 11120 description: Timeout is a per-target Alertmanager timeout 11121 when pushing alerts. 11122 type: string 11123 tlsConfig: 11124 description: TLS Config to use for alertmanager connection. 11125 properties: 11126 ca: 11127 description: Struct containing the CA cert to use for 11128 the targets. 11129 properties: 11130 configMap: 11131 description: ConfigMap containing data to use for 11132 the targets. 11133 properties: 11134 key: 11135 description: The key to select. 11136 type: string 11137 name: 11138 description: 'Name of the referent. More info: 11139 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11140 TODO: Add other useful fields. apiVersion, 11141 kind, uid?' 11142 type: string 11143 optional: 11144 description: Specify whether the ConfigMap or 11145 its key must be defined 11146 type: boolean 11147 required: 11148 - key 11149 type: object 11150 secret: 11151 description: Secret containing data to use for the 11152 targets. 11153 properties: 11154 key: 11155 description: The key of the secret to select 11156 from. Must be a valid secret key. 11157 type: string 11158 name: 11159 description: 'Name of the referent. More info: 11160 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11161 TODO: Add other useful fields. apiVersion, 11162 kind, uid?' 11163 type: string 11164 optional: 11165 description: Specify whether the Secret or its 11166 key must be defined 11167 type: boolean 11168 required: 11169 - key 11170 type: object 11171 type: object 11172 caFile: 11173 description: Path to the CA cert in the Prometheus container 11174 to use for the targets. 11175 type: string 11176 cert: 11177 description: Struct containing the client cert file 11178 for the targets. 11179 properties: 11180 configMap: 11181 description: ConfigMap containing data to use for 11182 the targets. 11183 properties: 11184 key: 11185 description: The key to select. 11186 type: string 11187 name: 11188 description: 'Name of the referent. More info: 11189 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11190 TODO: Add other useful fields. apiVersion, 11191 kind, uid?' 11192 type: string 11193 optional: 11194 description: Specify whether the ConfigMap or 11195 its key must be defined 11196 type: boolean 11197 required: 11198 - key 11199 type: object 11200 secret: 11201 description: Secret containing data to use for the 11202 targets. 11203 properties: 11204 key: 11205 description: The key of the secret to select 11206 from. Must be a valid secret key. 11207 type: string 11208 name: 11209 description: 'Name of the referent. More info: 11210 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11211 TODO: Add other useful fields. apiVersion, 11212 kind, uid?' 11213 type: string 11214 optional: 11215 description: Specify whether the Secret or its 11216 key must be defined 11217 type: boolean 11218 required: 11219 - key 11220 type: object 11221 type: object 11222 certFile: 11223 description: Path to the client cert file in the Prometheus 11224 container for the targets. 11225 type: string 11226 insecureSkipVerify: 11227 description: Disable target certificate validation. 11228 type: boolean 11229 keyFile: 11230 description: Path to the client key file in the Prometheus 11231 container for the targets. 11232 type: string 11233 keySecret: 11234 description: Secret containing the client key file for 11235 the targets. 11236 properties: 11237 key: 11238 description: The key of the secret to select from. Must 11239 be a valid secret key. 11240 type: string 11241 name: 11242 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11243 TODO: Add other useful fields. apiVersion, kind, 11244 uid?' 11245 type: string 11246 optional: 11247 description: Specify whether the Secret or its key 11248 must be defined 11249 type: boolean 11250 required: 11251 - key 11252 type: object 11253 serverName: 11254 description: Used to verify the hostname for the targets. 11255 type: string 11256 type: object 11257 required: 11258 - name 11259 - namespace 11260 - port 11261 type: object 11262 type: array 11263 required: 11264 - alertmanagers 11265 type: object 11266 allowOverlappingBlocks: 11267 description: AllowOverlappingBlocks enables vertical compaction and 11268 vertical query merge in Prometheus. This is still experimental in 11269 Prometheus so it may change in any upcoming release. 11270 type: boolean 11271 apiserverConfig: 11272 description: APIServerConfig allows specifying a host and auth methods 11273 to access apiserver. If left empty, Prometheus is assumed to run 11274 inside of the cluster and will discover API servers automatically 11275 and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. 11276 properties: 11277 authorization: 11278 description: Authorization section for accessing apiserver 11279 properties: 11280 credentials: 11281 description: The secret's key that contains the credentials 11282 of the request 11283 properties: 11284 key: 11285 description: The key of the secret to select from. Must 11286 be a valid secret key. 11287 type: string 11288 name: 11289 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11290 TODO: Add other useful fields. apiVersion, kind, uid?' 11291 type: string 11292 optional: 11293 description: Specify whether the Secret or its key must 11294 be defined 11295 type: boolean 11296 required: 11297 - key 11298 type: object 11299 credentialsFile: 11300 description: File to read a secret from, mutually exclusive 11301 with Credentials (from SafeAuthorization) 11302 type: string 11303 type: 11304 description: Set the authentication type. Defaults to Bearer, 11305 Basic will cause an error 11306 type: string 11307 type: object 11308 basicAuth: 11309 description: BasicAuth allow an endpoint to authenticate over 11310 basic authentication 11311 properties: 11312 password: 11313 description: The secret in the service monitor namespace that 11314 contains the password for authentication. 11315 properties: 11316 key: 11317 description: The key of the secret to select from. Must 11318 be a valid secret key. 11319 type: string 11320 name: 11321 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11322 TODO: Add other useful fields. apiVersion, kind, uid?' 11323 type: string 11324 optional: 11325 description: Specify whether the Secret or its key must 11326 be defined 11327 type: boolean 11328 required: 11329 - key 11330 type: object 11331 username: 11332 description: The secret in the service monitor namespace that 11333 contains the username for authentication. 11334 properties: 11335 key: 11336 description: The key of the secret to select from. Must 11337 be a valid secret key. 11338 type: string 11339 name: 11340 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11341 TODO: Add other useful fields. apiVersion, kind, uid?' 11342 type: string 11343 optional: 11344 description: Specify whether the Secret or its key must 11345 be defined 11346 type: boolean 11347 required: 11348 - key 11349 type: object 11350 type: object 11351 bearerToken: 11352 description: Bearer token for accessing apiserver. 11353 type: string 11354 bearerTokenFile: 11355 description: File to read bearer token for accessing apiserver. 11356 type: string 11357 host: 11358 description: Host of apiserver. A valid string consisting of a 11359 hostname or IP followed by an optional port number 11360 type: string 11361 tlsConfig: 11362 description: TLS Config to use for accessing apiserver. 11363 properties: 11364 ca: 11365 description: Struct containing the CA cert to use for the 11366 targets. 11367 properties: 11368 configMap: 11369 description: ConfigMap containing data to use for the 11370 targets. 11371 properties: 11372 key: 11373 description: The key to select. 11374 type: string 11375 name: 11376 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11377 TODO: Add other useful fields. apiVersion, kind, 11378 uid?' 11379 type: string 11380 optional: 11381 description: Specify whether the ConfigMap or its 11382 key must be defined 11383 type: boolean 11384 required: 11385 - key 11386 type: object 11387 secret: 11388 description: Secret containing data to use for the targets. 11389 properties: 11390 key: 11391 description: The key of the secret to select from. Must 11392 be a valid secret key. 11393 type: string 11394 name: 11395 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11396 TODO: Add other useful fields. apiVersion, kind, 11397 uid?' 11398 type: string 11399 optional: 11400 description: Specify whether the Secret or its key 11401 must be defined 11402 type: boolean 11403 required: 11404 - key 11405 type: object 11406 type: object 11407 caFile: 11408 description: Path to the CA cert in the Prometheus container 11409 to use for the targets. 11410 type: string 11411 cert: 11412 description: Struct containing the client cert file for the 11413 targets. 11414 properties: 11415 configMap: 11416 description: ConfigMap containing data to use for the 11417 targets. 11418 properties: 11419 key: 11420 description: The key to select. 11421 type: string 11422 name: 11423 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11424 TODO: Add other useful fields. apiVersion, kind, 11425 uid?' 11426 type: string 11427 optional: 11428 description: Specify whether the ConfigMap or its 11429 key must be defined 11430 type: boolean 11431 required: 11432 - key 11433 type: object 11434 secret: 11435 description: Secret containing data to use for the targets. 11436 properties: 11437 key: 11438 description: The key of the secret to select from. Must 11439 be a valid secret key. 11440 type: string 11441 name: 11442 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11443 TODO: Add other useful fields. apiVersion, kind, 11444 uid?' 11445 type: string 11446 optional: 11447 description: Specify whether the Secret or its key 11448 must be defined 11449 type: boolean 11450 required: 11451 - key 11452 type: object 11453 type: object 11454 certFile: 11455 description: Path to the client cert file in the Prometheus 11456 container for the targets. 11457 type: string 11458 insecureSkipVerify: 11459 description: Disable target certificate validation. 11460 type: boolean 11461 keyFile: 11462 description: Path to the client key file in the Prometheus 11463 container for the targets. 11464 type: string 11465 keySecret: 11466 description: Secret containing the client key file for the 11467 targets. 11468 properties: 11469 key: 11470 description: The key of the secret to select from. Must 11471 be a valid secret key. 11472 type: string 11473 name: 11474 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11475 TODO: Add other useful fields. apiVersion, kind, uid?' 11476 type: string 11477 optional: 11478 description: Specify whether the Secret or its key must 11479 be defined 11480 type: boolean 11481 required: 11482 - key 11483 type: object 11484 serverName: 11485 description: Used to verify the hostname for the targets. 11486 type: string 11487 type: object 11488 required: 11489 - host 11490 type: object 11491 arbitraryFSAccessThroughSMs: 11492 description: ArbitraryFSAccessThroughSMs configures whether configuration 11493 based on a service monitor can access arbitrary files on the file 11494 system of the Prometheus container e.g. bearer token files. 11495 properties: 11496 deny: 11497 type: boolean 11498 type: object 11499 baseImage: 11500 description: 'Base image to use for a Prometheus deployment. Deprecated: 11501 use ''image'' instead' 11502 type: string 11503 configMaps: 11504 description: ConfigMaps is a list of ConfigMaps in the same namespace 11505 as the Prometheus object, which shall be mounted into the Prometheus 11506 Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name>. 11507 items: 11508 type: string 11509 type: array 11510 containers: 11511 description: 'Containers allows injecting additional containers or 11512 modifying operator generated containers. This can be used to allow 11513 adding an authentication proxy to a Prometheus pod or to change 11514 the behavior of an operator generated container. Containers described 11515 here modify an operator generated container if they share the same 11516 name and modifications are done via a strategic merge patch. The 11517 current container names are: `prometheus`, `config-reloader`, and 11518 `thanos-sidecar`. Overriding containers is entirely outside the 11519 scope of what the maintainers will support and by doing so, you 11520 accept that this behaviour may break at any time without notice.' 11521 items: 11522 description: A single application container that you want to run 11523 within a pod. 11524 properties: 11525 args: 11526 description: 'Arguments to the entrypoint. The docker image''s 11527 CMD is used if this is not provided. Variable references $(VAR_NAME) 11528 are expanded using the container''s environment. If a variable 11529 cannot be resolved, the reference in the input string will 11530 be unchanged. Double $$ are reduced to a single $, which allows 11531 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 11532 produce the string literal "$(VAR_NAME)". Escaped references 11533 will never be expanded, regardless of whether the variable 11534 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 11535 items: 11536 type: string 11537 type: array 11538 command: 11539 description: 'Entrypoint array. Not executed within a shell. 11540 The docker image''s ENTRYPOINT is used if this is not provided. 11541 Variable references $(VAR_NAME) are expanded using the container''s 11542 environment. If a variable cannot be resolved, the reference 11543 in the input string will be unchanged. Double $$ are reduced 11544 to a single $, which allows for escaping the $(VAR_NAME) syntax: 11545 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 11546 Escaped references will never be expanded, regardless of whether 11547 the variable exists or not. Cannot be updated. More info: 11548 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 11549 items: 11550 type: string 11551 type: array 11552 env: 11553 description: List of environment variables to set in the container. 11554 Cannot be updated. 11555 items: 11556 description: EnvVar represents an environment variable present 11557 in a Container. 11558 properties: 11559 name: 11560 description: Name of the environment variable. Must be 11561 a C_IDENTIFIER. 11562 type: string 11563 value: 11564 description: 'Variable references $(VAR_NAME) are expanded 11565 using the previously defined environment variables in 11566 the container and any service environment variables. 11567 If a variable cannot be resolved, the reference in the 11568 input string will be unchanged. Double $$ are reduced 11569 to a single $, which allows for escaping the $(VAR_NAME) 11570 syntax: i.e. "$$(VAR_NAME)" will produce the string 11571 literal "$(VAR_NAME)". Escaped references will never 11572 be expanded, regardless of whether the variable exists 11573 or not. Defaults to "".' 11574 type: string 11575 valueFrom: 11576 description: Source for the environment variable's value. 11577 Cannot be used if value is not empty. 11578 properties: 11579 configMapKeyRef: 11580 description: Selects a key of a ConfigMap. 11581 properties: 11582 key: 11583 description: The key to select. 11584 type: string 11585 name: 11586 description: 'Name of the referent. More info: 11587 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11588 TODO: Add other useful fields. apiVersion, kind, 11589 uid?' 11590 type: string 11591 optional: 11592 description: Specify whether the ConfigMap or 11593 its key must be defined 11594 type: boolean 11595 required: 11596 - key 11597 type: object 11598 fieldRef: 11599 description: 'Selects a field of the pod: supports 11600 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 11601 `metadata.annotations[''<KEY>'']`, spec.nodeName, 11602 spec.serviceAccountName, status.hostIP, status.podIP, 11603 status.podIPs.' 11604 properties: 11605 apiVersion: 11606 description: Version of the schema the FieldPath 11607 is written in terms of, defaults to "v1". 11608 type: string 11609 fieldPath: 11610 description: Path of the field to select in the 11611 specified API version. 11612 type: string 11613 required: 11614 - fieldPath 11615 type: object 11616 resourceFieldRef: 11617 description: 'Selects a resource of the container: 11618 only resources limits and requests (limits.cpu, 11619 limits.memory, limits.ephemeral-storage, requests.cpu, 11620 requests.memory and requests.ephemeral-storage) 11621 are currently supported.' 11622 properties: 11623 containerName: 11624 description: 'Container name: required for volumes, 11625 optional for env vars' 11626 type: string 11627 divisor: 11628 anyOf: 11629 - type: integer 11630 - type: string 11631 description: Specifies the output format of the 11632 exposed resources, defaults to "1" 11633 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11634 x-kubernetes-int-or-string: true 11635 resource: 11636 description: 'Required: resource to select' 11637 type: string 11638 required: 11639 - resource 11640 type: object 11641 secretKeyRef: 11642 description: Selects a key of a secret in the pod's 11643 namespace 11644 properties: 11645 key: 11646 description: The key of the secret to select from. Must 11647 be a valid secret key. 11648 type: string 11649 name: 11650 description: 'Name of the referent. More info: 11651 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11652 TODO: Add other useful fields. apiVersion, kind, 11653 uid?' 11654 type: string 11655 optional: 11656 description: Specify whether the Secret or its 11657 key must be defined 11658 type: boolean 11659 required: 11660 - key 11661 type: object 11662 type: object 11663 required: 11664 - name 11665 type: object 11666 type: array 11667 envFrom: 11668 description: List of sources to populate environment variables 11669 in the container. The keys defined within a source must be 11670 a C_IDENTIFIER. All invalid keys will be reported as an event 11671 when the container is starting. When a key exists in multiple 11672 sources, the value associated with the last source will take 11673 precedence. Values defined by an Env with a duplicate key 11674 will take precedence. Cannot be updated. 11675 items: 11676 description: EnvFromSource represents the source of a set 11677 of ConfigMaps 11678 properties: 11679 configMapRef: 11680 description: The ConfigMap to select from 11681 properties: 11682 name: 11683 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11684 TODO: Add other useful fields. apiVersion, kind, 11685 uid?' 11686 type: string 11687 optional: 11688 description: Specify whether the ConfigMap must be 11689 defined 11690 type: boolean 11691 type: object 11692 prefix: 11693 description: An optional identifier to prepend to each 11694 key in the ConfigMap. Must be a C_IDENTIFIER. 11695 type: string 11696 secretRef: 11697 description: The Secret to select from 11698 properties: 11699 name: 11700 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11701 TODO: Add other useful fields. apiVersion, kind, 11702 uid?' 11703 type: string 11704 optional: 11705 description: Specify whether the Secret must be defined 11706 type: boolean 11707 type: object 11708 type: object 11709 type: array 11710 image: 11711 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11712 This field is optional to allow higher level config management 11713 to default or override container images in workload controllers 11714 like Deployments and StatefulSets.' 11715 type: string 11716 imagePullPolicy: 11717 description: 'Image pull policy. One of Always, Never, IfNotPresent. 11718 Defaults to Always if :latest tag is specified, or IfNotPresent 11719 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 11720 type: string 11721 lifecycle: 11722 description: Actions that the management system should take 11723 in response to container lifecycle events. Cannot be updated. 11724 properties: 11725 postStart: 11726 description: 'PostStart is called immediately after a container 11727 is created. If the handler fails, the container is terminated 11728 and restarted according to its restart policy. Other management 11729 of the container blocks until the hook completes. More 11730 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 11731 properties: 11732 exec: 11733 description: Exec specifies the action to take. 11734 properties: 11735 command: 11736 description: Command is the command line to execute 11737 inside the container, the working directory for 11738 the command is root ('/') in the container's 11739 filesystem. The command is simply exec'd, it is 11740 not run inside a shell, so traditional shell instructions 11741 ('|', etc) won't work. To use a shell, you need 11742 to explicitly call out to that shell. Exit status 11743 of 0 is treated as live/healthy and non-zero is 11744 unhealthy. 11745 items: 11746 type: string 11747 type: array 11748 type: object 11749 httpGet: 11750 description: HTTPGet specifies the http request to perform. 11751 properties: 11752 host: 11753 description: Host name to connect to, defaults to 11754 the pod IP. You probably want to set "Host" in 11755 httpHeaders instead. 11756 type: string 11757 httpHeaders: 11758 description: Custom headers to set in the request. 11759 HTTP allows repeated headers. 11760 items: 11761 description: HTTPHeader describes a custom header 11762 to be used in HTTP probes 11763 properties: 11764 name: 11765 description: The header field name 11766 type: string 11767 value: 11768 description: The header field value 11769 type: string 11770 required: 11771 - name 11772 - value 11773 type: object 11774 type: array 11775 path: 11776 description: Path to access on the HTTP server. 11777 type: string 11778 port: 11779 anyOf: 11780 - type: integer 11781 - type: string 11782 description: Name or number of the port to access 11783 on the container. Number must be in the range 11784 1 to 65535. Name must be an IANA_SVC_NAME. 11785 x-kubernetes-int-or-string: true 11786 scheme: 11787 description: Scheme to use for connecting to the 11788 host. Defaults to HTTP. 11789 type: string 11790 required: 11791 - port 11792 type: object 11793 tcpSocket: 11794 description: Deprecated. TCPSocket is NOT supported 11795 as a LifecycleHandler and kept for the backward compatibility. 11796 There are no validation of this field and lifecycle 11797 hooks will fail in runtime when tcp handler is specified. 11798 properties: 11799 host: 11800 description: 'Optional: Host name to connect to, 11801 defaults to the pod IP.' 11802 type: string 11803 port: 11804 anyOf: 11805 - type: integer 11806 - type: string 11807 description: Number or name of the port to access 11808 on the container. Number must be in the range 11809 1 to 65535. Name must be an IANA_SVC_NAME. 11810 x-kubernetes-int-or-string: true 11811 required: 11812 - port 11813 type: object 11814 type: object 11815 preStop: 11816 description: 'PreStop is called immediately before a container 11817 is terminated due to an API request or management event 11818 such as liveness/startup probe failure, preemption, resource 11819 contention, etc. The handler is not called if the container 11820 crashes or exits. The Pod''s termination grace period 11821 countdown begins before the PreStop hook is executed. 11822 Regardless of the outcome of the handler, the container 11823 will eventually terminate within the Pod''s termination 11824 grace period (unless delayed by finalizers). Other management 11825 of the container blocks until the hook completes or until 11826 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 11827 properties: 11828 exec: 11829 description: Exec specifies the action to take. 11830 properties: 11831 command: 11832 description: Command is the command line to execute 11833 inside the container, the working directory for 11834 the command is root ('/') in the container's 11835 filesystem. The command is simply exec'd, it is 11836 not run inside a shell, so traditional shell instructions 11837 ('|', etc) won't work. To use a shell, you need 11838 to explicitly call out to that shell. Exit status 11839 of 0 is treated as live/healthy and non-zero is 11840 unhealthy. 11841 items: 11842 type: string 11843 type: array 11844 type: object 11845 httpGet: 11846 description: HTTPGet specifies the http request to perform. 11847 properties: 11848 host: 11849 description: Host name to connect to, defaults to 11850 the pod IP. You probably want to set "Host" in 11851 httpHeaders instead. 11852 type: string 11853 httpHeaders: 11854 description: Custom headers to set in the request. 11855 HTTP allows repeated headers. 11856 items: 11857 description: HTTPHeader describes a custom header 11858 to be used in HTTP probes 11859 properties: 11860 name: 11861 description: The header field name 11862 type: string 11863 value: 11864 description: The header field value 11865 type: string 11866 required: 11867 - name 11868 - value 11869 type: object 11870 type: array 11871 path: 11872 description: Path to access on the HTTP server. 11873 type: string 11874 port: 11875 anyOf: 11876 - type: integer 11877 - type: string 11878 description: Name or number of the port to access 11879 on the container. Number must be in the range 11880 1 to 65535. Name must be an IANA_SVC_NAME. 11881 x-kubernetes-int-or-string: true 11882 scheme: 11883 description: Scheme to use for connecting to the 11884 host. Defaults to HTTP. 11885 type: string 11886 required: 11887 - port 11888 type: object 11889 tcpSocket: 11890 description: Deprecated. TCPSocket is NOT supported 11891 as a LifecycleHandler and kept for the backward compatibility. 11892 There are no validation of this field and lifecycle 11893 hooks will fail in runtime when tcp handler is specified. 11894 properties: 11895 host: 11896 description: 'Optional: Host name to connect to, 11897 defaults to the pod IP.' 11898 type: string 11899 port: 11900 anyOf: 11901 - type: integer 11902 - type: string 11903 description: Number or name of the port to access 11904 on the container. Number must be in the range 11905 1 to 65535. Name must be an IANA_SVC_NAME. 11906 x-kubernetes-int-or-string: true 11907 required: 11908 - port 11909 type: object 11910 type: object 11911 type: object 11912 livenessProbe: 11913 description: 'Periodic probe of container liveness. Container 11914 will be restarted if the probe fails. Cannot be updated. More 11915 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11916 properties: 11917 exec: 11918 description: Exec specifies the action to take. 11919 properties: 11920 command: 11921 description: Command is the command line to execute 11922 inside the container, the working directory for the 11923 command is root ('/') in the container's filesystem. 11924 The command is simply exec'd, it is not run inside 11925 a shell, so traditional shell instructions ('|', etc) 11926 won't work. To use a shell, you need to explicitly 11927 call out to that shell. Exit status of 0 is treated 11928 as live/healthy and non-zero is unhealthy. 11929 items: 11930 type: string 11931 type: array 11932 type: object 11933 failureThreshold: 11934 description: Minimum consecutive failures for the probe 11935 to be considered failed after having succeeded. Defaults 11936 to 3. Minimum value is 1. 11937 format: int32 11938 type: integer 11939 grpc: 11940 description: GRPC specifies an action involving a GRPC port. 11941 This is an alpha field and requires enabling GRPCContainerProbe 11942 feature gate. 11943 properties: 11944 port: 11945 description: Port number of the gRPC service. Number 11946 must be in the range 1 to 65535. 11947 format: int32 11948 type: integer 11949 service: 11950 description: "Service is the name of the service to 11951 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 11952 \n If this is not specified, the default behavior 11953 is defined by gRPC." 11954 type: string 11955 required: 11956 - port 11957 type: object 11958 httpGet: 11959 description: HTTPGet specifies the http request to perform. 11960 properties: 11961 host: 11962 description: Host name to connect to, defaults to the 11963 pod IP. You probably want to set "Host" in httpHeaders 11964 instead. 11965 type: string 11966 httpHeaders: 11967 description: Custom headers to set in the request. HTTP 11968 allows repeated headers. 11969 items: 11970 description: HTTPHeader describes a custom header 11971 to be used in HTTP probes 11972 properties: 11973 name: 11974 description: The header field name 11975 type: string 11976 value: 11977 description: The header field value 11978 type: string 11979 required: 11980 - name 11981 - value 11982 type: object 11983 type: array 11984 path: 11985 description: Path to access on the HTTP server. 11986 type: string 11987 port: 11988 anyOf: 11989 - type: integer 11990 - type: string 11991 description: Name or number of the port to access on 11992 the container. Number must be in the range 1 to 65535. 11993 Name must be an IANA_SVC_NAME. 11994 x-kubernetes-int-or-string: true 11995 scheme: 11996 description: Scheme to use for connecting to the host. 11997 Defaults to HTTP. 11998 type: string 11999 required: 12000 - port 12001 type: object 12002 initialDelaySeconds: 12003 description: 'Number of seconds after the container has 12004 started before liveness probes are initiated. More info: 12005 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12006 format: int32 12007 type: integer 12008 periodSeconds: 12009 description: How often (in seconds) to perform the probe. 12010 Default to 10 seconds. Minimum value is 1. 12011 format: int32 12012 type: integer 12013 successThreshold: 12014 description: Minimum consecutive successes for the probe 12015 to be considered successful after having failed. Defaults 12016 to 1. Must be 1 for liveness and startup. Minimum value 12017 is 1. 12018 format: int32 12019 type: integer 12020 tcpSocket: 12021 description: TCPSocket specifies an action involving a TCP 12022 port. 12023 properties: 12024 host: 12025 description: 'Optional: Host name to connect to, defaults 12026 to the pod IP.' 12027 type: string 12028 port: 12029 anyOf: 12030 - type: integer 12031 - type: string 12032 description: Number or name of the port to access on 12033 the container. Number must be in the range 1 to 65535. 12034 Name must be an IANA_SVC_NAME. 12035 x-kubernetes-int-or-string: true 12036 required: 12037 - port 12038 type: object 12039 terminationGracePeriodSeconds: 12040 description: Optional duration in seconds the pod needs 12041 to terminate gracefully upon probe failure. The grace 12042 period is the duration in seconds after the processes 12043 running in the pod are sent a termination signal and the 12044 time when the processes are forcibly halted with a kill 12045 signal. Set this value longer than the expected cleanup 12046 time for your process. If this value is nil, the pod's 12047 terminationGracePeriodSeconds will be used. Otherwise, 12048 this value overrides the value provided by the pod spec. 12049 Value must be non-negative integer. The value zero indicates 12050 stop immediately via the kill signal (no opportunity to 12051 shut down). This is a beta field and requires enabling 12052 ProbeTerminationGracePeriod feature gate. Minimum value 12053 is 1. spec.terminationGracePeriodSeconds is used if unset. 12054 format: int64 12055 type: integer 12056 timeoutSeconds: 12057 description: 'Number of seconds after which the probe times 12058 out. Defaults to 1 second. Minimum value is 1. More info: 12059 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12060 format: int32 12061 type: integer 12062 type: object 12063 name: 12064 description: Name of the container specified as a DNS_LABEL. 12065 Each container in a pod must have a unique name (DNS_LABEL). 12066 Cannot be updated. 12067 type: string 12068 ports: 12069 description: List of ports to expose from the container. Exposing 12070 a port here gives the system additional information about 12071 the network connections a container uses, but is primarily 12072 informational. Not specifying a port here DOES NOT prevent 12073 that port from being exposed. Any port which is listening 12074 on the default "0.0.0.0" address inside a container will be 12075 accessible from the network. Cannot be updated. 12076 items: 12077 description: ContainerPort represents a network port in a 12078 single container. 12079 properties: 12080 containerPort: 12081 description: Number of port to expose on the pod's IP 12082 address. This must be a valid port number, 0 < x < 65536. 12083 format: int32 12084 type: integer 12085 hostIP: 12086 description: What host IP to bind the external port to. 12087 type: string 12088 hostPort: 12089 description: Number of port to expose on the host. If 12090 specified, this must be a valid port number, 0 < x < 12091 65536. If HostNetwork is specified, this must match 12092 ContainerPort. Most containers do not need this. 12093 format: int32 12094 type: integer 12095 name: 12096 description: If specified, this must be an IANA_SVC_NAME 12097 and unique within the pod. Each named port in a pod 12098 must have a unique name. Name for the port that can 12099 be referred to by services. 12100 type: string 12101 protocol: 12102 default: TCP 12103 description: Protocol for port. Must be UDP, TCP, or SCTP. 12104 Defaults to "TCP". 12105 type: string 12106 required: 12107 - containerPort 12108 type: object 12109 type: array 12110 x-kubernetes-list-map-keys: 12111 - containerPort 12112 - protocol 12113 x-kubernetes-list-type: map 12114 readinessProbe: 12115 description: 'Periodic probe of container service readiness. 12116 Container will be removed from service endpoints if the probe 12117 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12118 properties: 12119 exec: 12120 description: Exec specifies the action to take. 12121 properties: 12122 command: 12123 description: Command is the command line to execute 12124 inside the container, the working directory for the 12125 command is root ('/') in the container's filesystem. 12126 The command is simply exec'd, it is not run inside 12127 a shell, so traditional shell instructions ('|', etc) 12128 won't work. To use a shell, you need to explicitly 12129 call out to that shell. Exit status of 0 is treated 12130 as live/healthy and non-zero is unhealthy. 12131 items: 12132 type: string 12133 type: array 12134 type: object 12135 failureThreshold: 12136 description: Minimum consecutive failures for the probe 12137 to be considered failed after having succeeded. Defaults 12138 to 3. Minimum value is 1. 12139 format: int32 12140 type: integer 12141 grpc: 12142 description: GRPC specifies an action involving a GRPC port. 12143 This is an alpha field and requires enabling GRPCContainerProbe 12144 feature gate. 12145 properties: 12146 port: 12147 description: Port number of the gRPC service. Number 12148 must be in the range 1 to 65535. 12149 format: int32 12150 type: integer 12151 service: 12152 description: "Service is the name of the service to 12153 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 12154 \n If this is not specified, the default behavior 12155 is defined by gRPC." 12156 type: string 12157 required: 12158 - port 12159 type: object 12160 httpGet: 12161 description: HTTPGet specifies the http request to perform. 12162 properties: 12163 host: 12164 description: Host name to connect to, defaults to the 12165 pod IP. You probably want to set "Host" in httpHeaders 12166 instead. 12167 type: string 12168 httpHeaders: 12169 description: Custom headers to set in the request. HTTP 12170 allows repeated headers. 12171 items: 12172 description: HTTPHeader describes a custom header 12173 to be used in HTTP probes 12174 properties: 12175 name: 12176 description: The header field name 12177 type: string 12178 value: 12179 description: The header field value 12180 type: string 12181 required: 12182 - name 12183 - value 12184 type: object 12185 type: array 12186 path: 12187 description: Path to access on the HTTP server. 12188 type: string 12189 port: 12190 anyOf: 12191 - type: integer 12192 - type: string 12193 description: Name or number of the port to access on 12194 the container. Number must be in the range 1 to 65535. 12195 Name must be an IANA_SVC_NAME. 12196 x-kubernetes-int-or-string: true 12197 scheme: 12198 description: Scheme to use for connecting to the host. 12199 Defaults to HTTP. 12200 type: string 12201 required: 12202 - port 12203 type: object 12204 initialDelaySeconds: 12205 description: 'Number of seconds after the container has 12206 started before liveness probes are initiated. More info: 12207 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12208 format: int32 12209 type: integer 12210 periodSeconds: 12211 description: How often (in seconds) to perform the probe. 12212 Default to 10 seconds. Minimum value is 1. 12213 format: int32 12214 type: integer 12215 successThreshold: 12216 description: Minimum consecutive successes for the probe 12217 to be considered successful after having failed. Defaults 12218 to 1. Must be 1 for liveness and startup. Minimum value 12219 is 1. 12220 format: int32 12221 type: integer 12222 tcpSocket: 12223 description: TCPSocket specifies an action involving a TCP 12224 port. 12225 properties: 12226 host: 12227 description: 'Optional: Host name to connect to, defaults 12228 to the pod IP.' 12229 type: string 12230 port: 12231 anyOf: 12232 - type: integer 12233 - type: string 12234 description: Number or name of the port to access on 12235 the container. Number must be in the range 1 to 65535. 12236 Name must be an IANA_SVC_NAME. 12237 x-kubernetes-int-or-string: true 12238 required: 12239 - port 12240 type: object 12241 terminationGracePeriodSeconds: 12242 description: Optional duration in seconds the pod needs 12243 to terminate gracefully upon probe failure. The grace 12244 period is the duration in seconds after the processes 12245 running in the pod are sent a termination signal and the 12246 time when the processes are forcibly halted with a kill 12247 signal. Set this value longer than the expected cleanup 12248 time for your process. If this value is nil, the pod's 12249 terminationGracePeriodSeconds will be used. Otherwise, 12250 this value overrides the value provided by the pod spec. 12251 Value must be non-negative integer. The value zero indicates 12252 stop immediately via the kill signal (no opportunity to 12253 shut down). This is a beta field and requires enabling 12254 ProbeTerminationGracePeriod feature gate. Minimum value 12255 is 1. spec.terminationGracePeriodSeconds is used if unset. 12256 format: int64 12257 type: integer 12258 timeoutSeconds: 12259 description: 'Number of seconds after which the probe times 12260 out. Defaults to 1 second. Minimum value is 1. More info: 12261 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12262 format: int32 12263 type: integer 12264 type: object 12265 resources: 12266 description: 'Compute Resources required by this container. 12267 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 12268 properties: 12269 limits: 12270 additionalProperties: 12271 anyOf: 12272 - type: integer 12273 - type: string 12274 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12275 x-kubernetes-int-or-string: true 12276 description: 'Limits describes the maximum amount of compute 12277 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 12278 type: object 12279 requests: 12280 additionalProperties: 12281 anyOf: 12282 - type: integer 12283 - type: string 12284 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12285 x-kubernetes-int-or-string: true 12286 description: 'Requests describes the minimum amount of compute 12287 resources required. If Requests is omitted for a container, 12288 it defaults to Limits if that is explicitly specified, 12289 otherwise to an implementation-defined value. More info: 12290 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 12291 type: object 12292 type: object 12293 securityContext: 12294 description: 'SecurityContext defines the security options the 12295 container should be run with. If set, the fields of SecurityContext 12296 override the equivalent fields of PodSecurityContext. More 12297 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 12298 properties: 12299 allowPrivilegeEscalation: 12300 description: 'AllowPrivilegeEscalation controls whether 12301 a process can gain more privileges than its parent process. 12302 This bool directly controls if the no_new_privs flag will 12303 be set on the container process. AllowPrivilegeEscalation 12304 is true always when the container is: 1) run as Privileged 12305 2) has CAP_SYS_ADMIN Note that this field cannot be set 12306 when spec.os.name is windows.' 12307 type: boolean 12308 capabilities: 12309 description: The capabilities to add/drop when running containers. 12310 Defaults to the default set of capabilities granted by 12311 the container runtime. Note that this field cannot be 12312 set when spec.os.name is windows. 12313 properties: 12314 add: 12315 description: Added capabilities 12316 items: 12317 description: Capability represent POSIX capabilities 12318 type 12319 type: string 12320 type: array 12321 drop: 12322 description: Removed capabilities 12323 items: 12324 description: Capability represent POSIX capabilities 12325 type 12326 type: string 12327 type: array 12328 type: object 12329 privileged: 12330 description: Run container in privileged mode. Processes 12331 in privileged containers are essentially equivalent to 12332 root on the host. Defaults to false. Note that this field 12333 cannot be set when spec.os.name is windows. 12334 type: boolean 12335 procMount: 12336 description: procMount denotes the type of proc mount to 12337 use for the containers. The default is DefaultProcMount 12338 which uses the container runtime defaults for readonly 12339 paths and masked paths. This requires the ProcMountType 12340 feature flag to be enabled. Note that this field cannot 12341 be set when spec.os.name is windows. 12342 type: string 12343 readOnlyRootFilesystem: 12344 description: Whether this container has a read-only root 12345 filesystem. Default is false. Note that this field cannot 12346 be set when spec.os.name is windows. 12347 type: boolean 12348 runAsGroup: 12349 description: The GID to run the entrypoint of the container 12350 process. Uses runtime default if unset. May also be set 12351 in PodSecurityContext. If set in both SecurityContext 12352 and PodSecurityContext, the value specified in SecurityContext 12353 takes precedence. Note that this field cannot be set when 12354 spec.os.name is windows. 12355 format: int64 12356 type: integer 12357 runAsNonRoot: 12358 description: Indicates that the container must run as a 12359 non-root user. If true, the Kubelet will validate the 12360 image at runtime to ensure that it does not run as UID 12361 0 (root) and fail to start the container if it does. If 12362 unset or false, no such validation will be performed. 12363 May also be set in PodSecurityContext. If set in both 12364 SecurityContext and PodSecurityContext, the value specified 12365 in SecurityContext takes precedence. 12366 type: boolean 12367 runAsUser: 12368 description: The UID to run the entrypoint of the container 12369 process. Defaults to user specified in image metadata 12370 if unspecified. May also be set in PodSecurityContext. If 12371 set in both SecurityContext and PodSecurityContext, the 12372 value specified in SecurityContext takes precedence. Note 12373 that this field cannot be set when spec.os.name is windows. 12374 format: int64 12375 type: integer 12376 seLinuxOptions: 12377 description: The SELinux context to be applied to the container. 12378 If unspecified, the container runtime will allocate a 12379 random SELinux context for each container. May also be 12380 set in PodSecurityContext. If set in both SecurityContext 12381 and PodSecurityContext, the value specified in SecurityContext 12382 takes precedence. Note that this field cannot be set when 12383 spec.os.name is windows. 12384 properties: 12385 level: 12386 description: Level is SELinux level label that applies 12387 to the container. 12388 type: string 12389 role: 12390 description: Role is a SELinux role label that applies 12391 to the container. 12392 type: string 12393 type: 12394 description: Type is a SELinux type label that applies 12395 to the container. 12396 type: string 12397 user: 12398 description: User is a SELinux user label that applies 12399 to the container. 12400 type: string 12401 type: object 12402 seccompProfile: 12403 description: The seccomp options to use by this container. 12404 If seccomp options are provided at both the pod & container 12405 level, the container options override the pod options. 12406 Note that this field cannot be set when spec.os.name is 12407 windows. 12408 properties: 12409 localhostProfile: 12410 description: localhostProfile indicates a profile defined 12411 in a file on the node should be used. The profile 12412 must be preconfigured on the node to work. Must be 12413 a descending path, relative to the kubelet's configured 12414 seccomp profile location. Must only be set if type 12415 is "Localhost". 12416 type: string 12417 type: 12418 description: "type indicates which kind of seccomp profile 12419 will be applied. Valid options are: \n Localhost - 12420 a profile defined in a file on the node should be 12421 used. RuntimeDefault - the container runtime default 12422 profile should be used. Unconfined - no profile should 12423 be applied." 12424 type: string 12425 required: 12426 - type 12427 type: object 12428 windowsOptions: 12429 description: The Windows specific settings applied to all 12430 containers. If unspecified, the options from the PodSecurityContext 12431 will be used. If set in both SecurityContext and PodSecurityContext, 12432 the value specified in SecurityContext takes precedence. 12433 Note that this field cannot be set when spec.os.name is 12434 linux. 12435 properties: 12436 gmsaCredentialSpec: 12437 description: GMSACredentialSpec is where the GMSA admission 12438 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 12439 inlines the contents of the GMSA credential spec named 12440 by the GMSACredentialSpecName field. 12441 type: string 12442 gmsaCredentialSpecName: 12443 description: GMSACredentialSpecName is the name of the 12444 GMSA credential spec to use. 12445 type: string 12446 hostProcess: 12447 description: HostProcess determines if a container should 12448 be run as a 'Host Process' container. This field is 12449 alpha-level and will only be honored by components 12450 that enable the WindowsHostProcessContainers feature 12451 flag. Setting this field without the feature flag 12452 will result in errors when validating the Pod. All 12453 of a Pod's containers must have the same effective 12454 HostProcess value (it is not allowed to have a mix 12455 of HostProcess containers and non-HostProcess containers). In 12456 addition, if HostProcess is true then HostNetwork 12457 must also be set to true. 12458 type: boolean 12459 runAsUserName: 12460 description: The UserName in Windows to run the entrypoint 12461 of the container process. Defaults to the user specified 12462 in image metadata if unspecified. May also be set 12463 in PodSecurityContext. If set in both SecurityContext 12464 and PodSecurityContext, the value specified in SecurityContext 12465 takes precedence. 12466 type: string 12467 type: object 12468 type: object 12469 startupProbe: 12470 description: 'StartupProbe indicates that the Pod has successfully 12471 initialized. If specified, no other probes are executed until 12472 this completes successfully. If this probe fails, the Pod 12473 will be restarted, just as if the livenessProbe failed. This 12474 can be used to provide different probe parameters at the beginning 12475 of a Pod''s lifecycle, when it might take a long time to load 12476 data or warm a cache, than during steady-state operation. 12477 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12478 properties: 12479 exec: 12480 description: Exec specifies the action to take. 12481 properties: 12482 command: 12483 description: Command is the command line to execute 12484 inside the container, the working directory for the 12485 command is root ('/') in the container's filesystem. 12486 The command is simply exec'd, it is not run inside 12487 a shell, so traditional shell instructions ('|', etc) 12488 won't work. To use a shell, you need to explicitly 12489 call out to that shell. Exit status of 0 is treated 12490 as live/healthy and non-zero is unhealthy. 12491 items: 12492 type: string 12493 type: array 12494 type: object 12495 failureThreshold: 12496 description: Minimum consecutive failures for the probe 12497 to be considered failed after having succeeded. Defaults 12498 to 3. Minimum value is 1. 12499 format: int32 12500 type: integer 12501 grpc: 12502 description: GRPC specifies an action involving a GRPC port. 12503 This is an alpha field and requires enabling GRPCContainerProbe 12504 feature gate. 12505 properties: 12506 port: 12507 description: Port number of the gRPC service. Number 12508 must be in the range 1 to 65535. 12509 format: int32 12510 type: integer 12511 service: 12512 description: "Service is the name of the service to 12513 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 12514 \n If this is not specified, the default behavior 12515 is defined by gRPC." 12516 type: string 12517 required: 12518 - port 12519 type: object 12520 httpGet: 12521 description: HTTPGet specifies the http request to perform. 12522 properties: 12523 host: 12524 description: Host name to connect to, defaults to the 12525 pod IP. You probably want to set "Host" in httpHeaders 12526 instead. 12527 type: string 12528 httpHeaders: 12529 description: Custom headers to set in the request. HTTP 12530 allows repeated headers. 12531 items: 12532 description: HTTPHeader describes a custom header 12533 to be used in HTTP probes 12534 properties: 12535 name: 12536 description: The header field name 12537 type: string 12538 value: 12539 description: The header field value 12540 type: string 12541 required: 12542 - name 12543 - value 12544 type: object 12545 type: array 12546 path: 12547 description: Path to access on the HTTP server. 12548 type: string 12549 port: 12550 anyOf: 12551 - type: integer 12552 - type: string 12553 description: Name or number of the port to access on 12554 the container. Number must be in the range 1 to 65535. 12555 Name must be an IANA_SVC_NAME. 12556 x-kubernetes-int-or-string: true 12557 scheme: 12558 description: Scheme to use for connecting to the host. 12559 Defaults to HTTP. 12560 type: string 12561 required: 12562 - port 12563 type: object 12564 initialDelaySeconds: 12565 description: 'Number of seconds after the container has 12566 started before liveness probes are initiated. More info: 12567 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12568 format: int32 12569 type: integer 12570 periodSeconds: 12571 description: How often (in seconds) to perform the probe. 12572 Default to 10 seconds. Minimum value is 1. 12573 format: int32 12574 type: integer 12575 successThreshold: 12576 description: Minimum consecutive successes for the probe 12577 to be considered successful after having failed. Defaults 12578 to 1. Must be 1 for liveness and startup. Minimum value 12579 is 1. 12580 format: int32 12581 type: integer 12582 tcpSocket: 12583 description: TCPSocket specifies an action involving a TCP 12584 port. 12585 properties: 12586 host: 12587 description: 'Optional: Host name to connect to, defaults 12588 to the pod IP.' 12589 type: string 12590 port: 12591 anyOf: 12592 - type: integer 12593 - type: string 12594 description: Number or name of the port to access on 12595 the container. Number must be in the range 1 to 65535. 12596 Name must be an IANA_SVC_NAME. 12597 x-kubernetes-int-or-string: true 12598 required: 12599 - port 12600 type: object 12601 terminationGracePeriodSeconds: 12602 description: Optional duration in seconds the pod needs 12603 to terminate gracefully upon probe failure. The grace 12604 period is the duration in seconds after the processes 12605 running in the pod are sent a termination signal and the 12606 time when the processes are forcibly halted with a kill 12607 signal. Set this value longer than the expected cleanup 12608 time for your process. If this value is nil, the pod's 12609 terminationGracePeriodSeconds will be used. Otherwise, 12610 this value overrides the value provided by the pod spec. 12611 Value must be non-negative integer. The value zero indicates 12612 stop immediately via the kill signal (no opportunity to 12613 shut down). This is a beta field and requires enabling 12614 ProbeTerminationGracePeriod feature gate. Minimum value 12615 is 1. spec.terminationGracePeriodSeconds is used if unset. 12616 format: int64 12617 type: integer 12618 timeoutSeconds: 12619 description: 'Number of seconds after which the probe times 12620 out. Defaults to 1 second. Minimum value is 1. More info: 12621 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12622 format: int32 12623 type: integer 12624 type: object 12625 stdin: 12626 description: Whether this container should allocate a buffer 12627 for stdin in the container runtime. If this is not set, reads 12628 from stdin in the container will always result in EOF. Default 12629 is false. 12630 type: boolean 12631 stdinOnce: 12632 description: Whether the container runtime should close the 12633 stdin channel after it has been opened by a single attach. 12634 When stdin is true the stdin stream will remain open across 12635 multiple attach sessions. If stdinOnce is set to true, stdin 12636 is opened on container start, is empty until the first client 12637 attaches to stdin, and then remains open and accepts data 12638 until the client disconnects, at which time stdin is closed 12639 and remains closed until the container is restarted. If this 12640 flag is false, a container processes that reads from stdin 12641 will never receive an EOF. Default is false 12642 type: boolean 12643 terminationMessagePath: 12644 description: 'Optional: Path at which the file to which the 12645 container''s termination message will be written is mounted 12646 into the container''s filesystem. Message written is intended 12647 to be brief final status, such as an assertion failure message. 12648 Will be truncated by the node if greater than 4096 bytes. 12649 The total message length across all containers will be limited 12650 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 12651 type: string 12652 terminationMessagePolicy: 12653 description: Indicate how the termination message should be 12654 populated. File will use the contents of terminationMessagePath 12655 to populate the container status message on both success and 12656 failure. FallbackToLogsOnError will use the last chunk of 12657 container log output if the termination message file is empty 12658 and the container exited with an error. The log output is 12659 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 12660 to File. Cannot be updated. 12661 type: string 12662 tty: 12663 description: Whether this container should allocate a TTY for 12664 itself, also requires 'stdin' to be true. Default is false. 12665 type: boolean 12666 volumeDevices: 12667 description: volumeDevices is the list of block devices to be 12668 used by the container. 12669 items: 12670 description: volumeDevice describes a mapping of a raw block 12671 device within a container. 12672 properties: 12673 devicePath: 12674 description: devicePath is the path inside of the container 12675 that the device will be mapped to. 12676 type: string 12677 name: 12678 description: name must match the name of a persistentVolumeClaim 12679 in the pod 12680 type: string 12681 required: 12682 - devicePath 12683 - name 12684 type: object 12685 type: array 12686 volumeMounts: 12687 description: Pod volumes to mount into the container's filesystem. 12688 Cannot be updated. 12689 items: 12690 description: VolumeMount describes a mounting of a Volume 12691 within a container. 12692 properties: 12693 mountPath: 12694 description: Path within the container at which the volume 12695 should be mounted. Must not contain ':'. 12696 type: string 12697 mountPropagation: 12698 description: mountPropagation determines how mounts are 12699 propagated from the host to container and the other 12700 way around. When not set, MountPropagationNone is used. 12701 This field is beta in 1.10. 12702 type: string 12703 name: 12704 description: This must match the Name of a Volume. 12705 type: string 12706 readOnly: 12707 description: Mounted read-only if true, read-write otherwise 12708 (false or unspecified). Defaults to false. 12709 type: boolean 12710 subPath: 12711 description: Path within the volume from which the container's 12712 volume should be mounted. Defaults to "" (volume's root). 12713 type: string 12714 subPathExpr: 12715 description: Expanded path within the volume from which 12716 the container's volume should be mounted. Behaves similarly 12717 to SubPath but environment variable references $(VAR_NAME) 12718 are expanded using the container's environment. Defaults 12719 to "" (volume's root). SubPathExpr and SubPath are mutually 12720 exclusive. 12721 type: string 12722 required: 12723 - mountPath 12724 - name 12725 type: object 12726 type: array 12727 workingDir: 12728 description: Container's working directory. If not specified, 12729 the container runtime's default will be used, which might 12730 be configured in the container image. Cannot be updated. 12731 type: string 12732 required: 12733 - name 12734 type: object 12735 type: array 12736 disableCompaction: 12737 description: Disable prometheus compaction. 12738 type: boolean 12739 enableAdminAPI: 12740 description: 'Enable access to prometheus web admin API. Defaults 12741 to the value of `false`. WARNING: Enabling the admin APIs enables 12742 mutating endpoints, to delete data, shutdown Prometheus, and more. 12743 Enabling this should be done with care and the user is advised to 12744 add additional authentication authorization via a proxy to ensure 12745 only clients authorized to perform these actions can do so. For 12746 more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' 12747 type: boolean 12748 enableFeatures: 12749 description: Enable access to Prometheus disabled features. By default, 12750 no features are enabled. Enabling disabled features is entirely 12751 outside the scope of what the maintainers will support and by doing 12752 so, you accept that this behaviour may break at any time without 12753 notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/ 12754 items: 12755 type: string 12756 type: array 12757 enforcedBodySizeLimit: 12758 description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed 12759 response body that will be accepted by Prometheus. Targets responding 12760 with a body larger than this many bytes will cause the scrape to 12761 fail. Example: 100MB. If defined, the limit will apply to all service/pod 12762 monitors and probes. This is an experimental feature, this behaviour 12763 could change or be removed in the future. Only valid in Prometheus 12764 versions 2.28.0 and newer.' 12765 type: string 12766 enforcedLabelLimit: 12767 description: Per-scrape limit on number of labels that will be accepted 12768 for a sample. If more than this number of labels are present post 12769 metric-relabeling, the entire scrape will be treated as failed. 12770 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12771 format: int64 12772 type: integer 12773 enforcedLabelNameLengthLimit: 12774 description: Per-scrape limit on length of labels name that will be 12775 accepted for a sample. If a label name is longer than this number 12776 post metric-relabeling, the entire scrape will be treated as failed. 12777 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12778 format: int64 12779 type: integer 12780 enforcedLabelValueLengthLimit: 12781 description: Per-scrape limit on length of labels value that will 12782 be accepted for a sample. If a label value is longer than this number 12783 post metric-relabeling, the entire scrape will be treated as failed. 12784 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12785 format: int64 12786 type: integer 12787 enforcedNamespaceLabel: 12788 description: "EnforcedNamespaceLabel If set, a label will be added 12789 to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` 12790 and `ProbeConfig` object) and 2. in all `PrometheusRule` objects 12791 (except the ones excluded in `prometheusRulesExcludedFromEnforce`) 12792 to * alerting & recording rules and * the metrics used in 12793 their expressions (`expr`). \n Label name is this field's value. 12794 Label value is the namespace of the created object (mentioned above)." 12795 type: string 12796 enforcedSampleLimit: 12797 description: EnforcedSampleLimit defines global limit on number of 12798 scraped samples that will be accepted. This overrides any SampleLimit 12799 set per ServiceMonitor or/and PodMonitor. It is meant to be used 12800 by admins to enforce the SampleLimit to keep overall number of samples/series 12801 under the desired limit. Note that if SampleLimit is lower that 12802 value will be taken instead. 12803 format: int64 12804 type: integer 12805 enforcedTargetLimit: 12806 description: EnforcedTargetLimit defines a global limit on the number 12807 of scraped targets. This overrides any TargetLimit set per ServiceMonitor 12808 or/and PodMonitor. It is meant to be used by admins to enforce 12809 the TargetLimit to keep the overall number of targets under the 12810 desired limit. Note that if TargetLimit is lower, that value will 12811 be taken instead, except if either value is zero, in which case 12812 the non-zero value will be used. If both values are zero, no limit 12813 is enforced. 12814 format: int64 12815 type: integer 12816 evaluationInterval: 12817 description: 'Interval between consecutive evaluations. Default: `1m`' 12818 type: string 12819 externalLabels: 12820 additionalProperties: 12821 type: string 12822 description: The labels to add to any time series or alerts when communicating 12823 with external systems (federation, remote storage, Alertmanager). 12824 type: object 12825 externalUrl: 12826 description: The external URL the Prometheus instances will be available 12827 under. This is necessary to generate correct URLs. This is necessary 12828 if Prometheus is not served from root of a DNS name. 12829 type: string 12830 ignoreNamespaceSelectors: 12831 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector 12832 settings from the podmonitor and servicemonitor configs, and they 12833 will only discover endpoints within their current namespace. Defaults 12834 to false. 12835 type: boolean 12836 image: 12837 description: Image if specified has precedence over baseImage, tag 12838 and sha combinations. Specifying the version is still necessary 12839 to ensure the Prometheus Operator knows what version of Prometheus 12840 is being configured. 12841 type: string 12842 imagePullSecrets: 12843 description: An optional list of references to secrets in the same 12844 namespace to use for pulling prometheus and alertmanager images 12845 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 12846 items: 12847 description: LocalObjectReference contains enough information to 12848 let you locate the referenced object inside the same namespace. 12849 properties: 12850 name: 12851 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12852 TODO: Add other useful fields. apiVersion, kind, uid?' 12853 type: string 12854 type: object 12855 type: array 12856 initContainers: 12857 description: 'InitContainers allows adding initContainers to the pod 12858 definition. Those can be used to e.g. fetch secrets for injection 12859 into the Prometheus configuration from external sources. Any errors 12860 during the execution of an initContainer will lead to a restart 12861 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 12862 InitContainers described here modify an operator generated init 12863 containers if they share the same name and modifications are done 12864 via a strategic merge patch. The current init container name is: 12865 `init-config-reloader`. Overriding init containers is entirely outside 12866 the scope of what the maintainers will support and by doing so, 12867 you accept that this behaviour may break at any time without notice.' 12868 items: 12869 description: A single application container that you want to run 12870 within a pod. 12871 properties: 12872 args: 12873 description: 'Arguments to the entrypoint. The docker image''s 12874 CMD is used if this is not provided. Variable references $(VAR_NAME) 12875 are expanded using the container''s environment. If a variable 12876 cannot be resolved, the reference in the input string will 12877 be unchanged. Double $$ are reduced to a single $, which allows 12878 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 12879 produce the string literal "$(VAR_NAME)". Escaped references 12880 will never be expanded, regardless of whether the variable 12881 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 12882 items: 12883 type: string 12884 type: array 12885 command: 12886 description: 'Entrypoint array. Not executed within a shell. 12887 The docker image''s ENTRYPOINT is used if this is not provided. 12888 Variable references $(VAR_NAME) are expanded using the container''s 12889 environment. If a variable cannot be resolved, the reference 12890 in the input string will be unchanged. Double $$ are reduced 12891 to a single $, which allows for escaping the $(VAR_NAME) syntax: 12892 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 12893 Escaped references will never be expanded, regardless of whether 12894 the variable exists or not. Cannot be updated. More info: 12895 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 12896 items: 12897 type: string 12898 type: array 12899 env: 12900 description: List of environment variables to set in the container. 12901 Cannot be updated. 12902 items: 12903 description: EnvVar represents an environment variable present 12904 in a Container. 12905 properties: 12906 name: 12907 description: Name of the environment variable. Must be 12908 a C_IDENTIFIER. 12909 type: string 12910 value: 12911 description: 'Variable references $(VAR_NAME) are expanded 12912 using the previously defined environment variables in 12913 the container and any service environment variables. 12914 If a variable cannot be resolved, the reference in the 12915 input string will be unchanged. Double $$ are reduced 12916 to a single $, which allows for escaping the $(VAR_NAME) 12917 syntax: i.e. "$$(VAR_NAME)" will produce the string 12918 literal "$(VAR_NAME)". Escaped references will never 12919 be expanded, regardless of whether the variable exists 12920 or not. Defaults to "".' 12921 type: string 12922 valueFrom: 12923 description: Source for the environment variable's value. 12924 Cannot be used if value is not empty. 12925 properties: 12926 configMapKeyRef: 12927 description: Selects a key of a ConfigMap. 12928 properties: 12929 key: 12930 description: The key to select. 12931 type: string 12932 name: 12933 description: 'Name of the referent. More info: 12934 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12935 TODO: Add other useful fields. apiVersion, kind, 12936 uid?' 12937 type: string 12938 optional: 12939 description: Specify whether the ConfigMap or 12940 its key must be defined 12941 type: boolean 12942 required: 12943 - key 12944 type: object 12945 fieldRef: 12946 description: 'Selects a field of the pod: supports 12947 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 12948 `metadata.annotations[''<KEY>'']`, spec.nodeName, 12949 spec.serviceAccountName, status.hostIP, status.podIP, 12950 status.podIPs.' 12951 properties: 12952 apiVersion: 12953 description: Version of the schema the FieldPath 12954 is written in terms of, defaults to "v1". 12955 type: string 12956 fieldPath: 12957 description: Path of the field to select in the 12958 specified API version. 12959 type: string 12960 required: 12961 - fieldPath 12962 type: object 12963 resourceFieldRef: 12964 description: 'Selects a resource of the container: 12965 only resources limits and requests (limits.cpu, 12966 limits.memory, limits.ephemeral-storage, requests.cpu, 12967 requests.memory and requests.ephemeral-storage) 12968 are currently supported.' 12969 properties: 12970 containerName: 12971 description: 'Container name: required for volumes, 12972 optional for env vars' 12973 type: string 12974 divisor: 12975 anyOf: 12976 - type: integer 12977 - type: string 12978 description: Specifies the output format of the 12979 exposed resources, defaults to "1" 12980 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12981 x-kubernetes-int-or-string: true 12982 resource: 12983 description: 'Required: resource to select' 12984 type: string 12985 required: 12986 - resource 12987 type: object 12988 secretKeyRef: 12989 description: Selects a key of a secret in the pod's 12990 namespace 12991 properties: 12992 key: 12993 description: The key of the secret to select from. Must 12994 be a valid secret key. 12995 type: string 12996 name: 12997 description: 'Name of the referent. More info: 12998 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12999 TODO: Add other useful fields. apiVersion, kind, 13000 uid?' 13001 type: string 13002 optional: 13003 description: Specify whether the Secret or its 13004 key must be defined 13005 type: boolean 13006 required: 13007 - key 13008 type: object 13009 type: object 13010 required: 13011 - name 13012 type: object 13013 type: array 13014 envFrom: 13015 description: List of sources to populate environment variables 13016 in the container. The keys defined within a source must be 13017 a C_IDENTIFIER. All invalid keys will be reported as an event 13018 when the container is starting. When a key exists in multiple 13019 sources, the value associated with the last source will take 13020 precedence. Values defined by an Env with a duplicate key 13021 will take precedence. Cannot be updated. 13022 items: 13023 description: EnvFromSource represents the source of a set 13024 of ConfigMaps 13025 properties: 13026 configMapRef: 13027 description: The ConfigMap to select from 13028 properties: 13029 name: 13030 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13031 TODO: Add other useful fields. apiVersion, kind, 13032 uid?' 13033 type: string 13034 optional: 13035 description: Specify whether the ConfigMap must be 13036 defined 13037 type: boolean 13038 type: object 13039 prefix: 13040 description: An optional identifier to prepend to each 13041 key in the ConfigMap. Must be a C_IDENTIFIER. 13042 type: string 13043 secretRef: 13044 description: The Secret to select from 13045 properties: 13046 name: 13047 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13048 TODO: Add other useful fields. apiVersion, kind, 13049 uid?' 13050 type: string 13051 optional: 13052 description: Specify whether the Secret must be defined 13053 type: boolean 13054 type: object 13055 type: object 13056 type: array 13057 image: 13058 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13059 This field is optional to allow higher level config management 13060 to default or override container images in workload controllers 13061 like Deployments and StatefulSets.' 13062 type: string 13063 imagePullPolicy: 13064 description: 'Image pull policy. One of Always, Never, IfNotPresent. 13065 Defaults to Always if :latest tag is specified, or IfNotPresent 13066 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 13067 type: string 13068 lifecycle: 13069 description: Actions that the management system should take 13070 in response to container lifecycle events. Cannot be updated. 13071 properties: 13072 postStart: 13073 description: 'PostStart is called immediately after a container 13074 is created. If the handler fails, the container is terminated 13075 and restarted according to its restart policy. Other management 13076 of the container blocks until the hook completes. More 13077 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 13078 properties: 13079 exec: 13080 description: Exec specifies the action to take. 13081 properties: 13082 command: 13083 description: Command is the command line to execute 13084 inside the container, the working directory for 13085 the command is root ('/') in the container's 13086 filesystem. The command is simply exec'd, it is 13087 not run inside a shell, so traditional shell instructions 13088 ('|', etc) won't work. To use a shell, you need 13089 to explicitly call out to that shell. Exit status 13090 of 0 is treated as live/healthy and non-zero is 13091 unhealthy. 13092 items: 13093 type: string 13094 type: array 13095 type: object 13096 httpGet: 13097 description: HTTPGet specifies the http request to perform. 13098 properties: 13099 host: 13100 description: Host name to connect to, defaults to 13101 the pod IP. You probably want to set "Host" in 13102 httpHeaders instead. 13103 type: string 13104 httpHeaders: 13105 description: Custom headers to set in the request. 13106 HTTP allows repeated headers. 13107 items: 13108 description: HTTPHeader describes a custom header 13109 to be used in HTTP probes 13110 properties: 13111 name: 13112 description: The header field name 13113 type: string 13114 value: 13115 description: The header field value 13116 type: string 13117 required: 13118 - name 13119 - value 13120 type: object 13121 type: array 13122 path: 13123 description: Path to access on the HTTP server. 13124 type: string 13125 port: 13126 anyOf: 13127 - type: integer 13128 - type: string 13129 description: Name or number of the port to access 13130 on the container. Number must be in the range 13131 1 to 65535. Name must be an IANA_SVC_NAME. 13132 x-kubernetes-int-or-string: true 13133 scheme: 13134 description: Scheme to use for connecting to the 13135 host. Defaults to HTTP. 13136 type: string 13137 required: 13138 - port 13139 type: object 13140 tcpSocket: 13141 description: Deprecated. TCPSocket is NOT supported 13142 as a LifecycleHandler and kept for the backward compatibility. 13143 There are no validation of this field and lifecycle 13144 hooks will fail in runtime when tcp handler is specified. 13145 properties: 13146 host: 13147 description: 'Optional: Host name to connect to, 13148 defaults to the pod IP.' 13149 type: string 13150 port: 13151 anyOf: 13152 - type: integer 13153 - type: string 13154 description: Number or name of the port to access 13155 on the container. Number must be in the range 13156 1 to 65535. Name must be an IANA_SVC_NAME. 13157 x-kubernetes-int-or-string: true 13158 required: 13159 - port 13160 type: object 13161 type: object 13162 preStop: 13163 description: 'PreStop is called immediately before a container 13164 is terminated due to an API request or management event 13165 such as liveness/startup probe failure, preemption, resource 13166 contention, etc. The handler is not called if the container 13167 crashes or exits. The Pod''s termination grace period 13168 countdown begins before the PreStop hook is executed. 13169 Regardless of the outcome of the handler, the container 13170 will eventually terminate within the Pod''s termination 13171 grace period (unless delayed by finalizers). Other management 13172 of the container blocks until the hook completes or until 13173 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 13174 properties: 13175 exec: 13176 description: Exec specifies the action to take. 13177 properties: 13178 command: 13179 description: Command is the command line to execute 13180 inside the container, the working directory for 13181 the command is root ('/') in the container's 13182 filesystem. The command is simply exec'd, it is 13183 not run inside a shell, so traditional shell instructions 13184 ('|', etc) won't work. To use a shell, you need 13185 to explicitly call out to that shell. Exit status 13186 of 0 is treated as live/healthy and non-zero is 13187 unhealthy. 13188 items: 13189 type: string 13190 type: array 13191 type: object 13192 httpGet: 13193 description: HTTPGet specifies the http request to perform. 13194 properties: 13195 host: 13196 description: Host name to connect to, defaults to 13197 the pod IP. You probably want to set "Host" in 13198 httpHeaders instead. 13199 type: string 13200 httpHeaders: 13201 description: Custom headers to set in the request. 13202 HTTP allows repeated headers. 13203 items: 13204 description: HTTPHeader describes a custom header 13205 to be used in HTTP probes 13206 properties: 13207 name: 13208 description: The header field name 13209 type: string 13210 value: 13211 description: The header field value 13212 type: string 13213 required: 13214 - name 13215 - value 13216 type: object 13217 type: array 13218 path: 13219 description: Path to access on the HTTP server. 13220 type: string 13221 port: 13222 anyOf: 13223 - type: integer 13224 - type: string 13225 description: Name or number of the port to access 13226 on the container. Number must be in the range 13227 1 to 65535. Name must be an IANA_SVC_NAME. 13228 x-kubernetes-int-or-string: true 13229 scheme: 13230 description: Scheme to use for connecting to the 13231 host. Defaults to HTTP. 13232 type: string 13233 required: 13234 - port 13235 type: object 13236 tcpSocket: 13237 description: Deprecated. TCPSocket is NOT supported 13238 as a LifecycleHandler and kept for the backward compatibility. 13239 There are no validation of this field and lifecycle 13240 hooks will fail in runtime when tcp handler is specified. 13241 properties: 13242 host: 13243 description: 'Optional: Host name to connect to, 13244 defaults to the pod IP.' 13245 type: string 13246 port: 13247 anyOf: 13248 - type: integer 13249 - type: string 13250 description: Number or name of the port to access 13251 on the container. Number must be in the range 13252 1 to 65535. Name must be an IANA_SVC_NAME. 13253 x-kubernetes-int-or-string: true 13254 required: 13255 - port 13256 type: object 13257 type: object 13258 type: object 13259 livenessProbe: 13260 description: 'Periodic probe of container liveness. Container 13261 will be restarted if the probe fails. Cannot be updated. More 13262 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13263 properties: 13264 exec: 13265 description: Exec specifies the action to take. 13266 properties: 13267 command: 13268 description: Command is the command line to execute 13269 inside the container, the working directory for the 13270 command is root ('/') in the container's filesystem. 13271 The command is simply exec'd, it is not run inside 13272 a shell, so traditional shell instructions ('|', etc) 13273 won't work. To use a shell, you need to explicitly 13274 call out to that shell. Exit status of 0 is treated 13275 as live/healthy and non-zero is unhealthy. 13276 items: 13277 type: string 13278 type: array 13279 type: object 13280 failureThreshold: 13281 description: Minimum consecutive failures for the probe 13282 to be considered failed after having succeeded. Defaults 13283 to 3. Minimum value is 1. 13284 format: int32 13285 type: integer 13286 grpc: 13287 description: GRPC specifies an action involving a GRPC port. 13288 This is an alpha field and requires enabling GRPCContainerProbe 13289 feature gate. 13290 properties: 13291 port: 13292 description: Port number of the gRPC service. Number 13293 must be in the range 1 to 65535. 13294 format: int32 13295 type: integer 13296 service: 13297 description: "Service is the name of the service to 13298 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 13299 \n If this is not specified, the default behavior 13300 is defined by gRPC." 13301 type: string 13302 required: 13303 - port 13304 type: object 13305 httpGet: 13306 description: HTTPGet specifies the http request to perform. 13307 properties: 13308 host: 13309 description: Host name to connect to, defaults to the 13310 pod IP. You probably want to set "Host" in httpHeaders 13311 instead. 13312 type: string 13313 httpHeaders: 13314 description: Custom headers to set in the request. HTTP 13315 allows repeated headers. 13316 items: 13317 description: HTTPHeader describes a custom header 13318 to be used in HTTP probes 13319 properties: 13320 name: 13321 description: The header field name 13322 type: string 13323 value: 13324 description: The header field value 13325 type: string 13326 required: 13327 - name 13328 - value 13329 type: object 13330 type: array 13331 path: 13332 description: Path to access on the HTTP server. 13333 type: string 13334 port: 13335 anyOf: 13336 - type: integer 13337 - type: string 13338 description: Name or number of the port to access on 13339 the container. Number must be in the range 1 to 65535. 13340 Name must be an IANA_SVC_NAME. 13341 x-kubernetes-int-or-string: true 13342 scheme: 13343 description: Scheme to use for connecting to the host. 13344 Defaults to HTTP. 13345 type: string 13346 required: 13347 - port 13348 type: object 13349 initialDelaySeconds: 13350 description: 'Number of seconds after the container has 13351 started before liveness probes are initiated. More info: 13352 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13353 format: int32 13354 type: integer 13355 periodSeconds: 13356 description: How often (in seconds) to perform the probe. 13357 Default to 10 seconds. Minimum value is 1. 13358 format: int32 13359 type: integer 13360 successThreshold: 13361 description: Minimum consecutive successes for the probe 13362 to be considered successful after having failed. Defaults 13363 to 1. Must be 1 for liveness and startup. Minimum value 13364 is 1. 13365 format: int32 13366 type: integer 13367 tcpSocket: 13368 description: TCPSocket specifies an action involving a TCP 13369 port. 13370 properties: 13371 host: 13372 description: 'Optional: Host name to connect to, defaults 13373 to the pod IP.' 13374 type: string 13375 port: 13376 anyOf: 13377 - type: integer 13378 - type: string 13379 description: Number or name of the port to access on 13380 the container. Number must be in the range 1 to 65535. 13381 Name must be an IANA_SVC_NAME. 13382 x-kubernetes-int-or-string: true 13383 required: 13384 - port 13385 type: object 13386 terminationGracePeriodSeconds: 13387 description: Optional duration in seconds the pod needs 13388 to terminate gracefully upon probe failure. The grace 13389 period is the duration in seconds after the processes 13390 running in the pod are sent a termination signal and the 13391 time when the processes are forcibly halted with a kill 13392 signal. Set this value longer than the expected cleanup 13393 time for your process. If this value is nil, the pod's 13394 terminationGracePeriodSeconds will be used. Otherwise, 13395 this value overrides the value provided by the pod spec. 13396 Value must be non-negative integer. The value zero indicates 13397 stop immediately via the kill signal (no opportunity to 13398 shut down). This is a beta field and requires enabling 13399 ProbeTerminationGracePeriod feature gate. Minimum value 13400 is 1. spec.terminationGracePeriodSeconds is used if unset. 13401 format: int64 13402 type: integer 13403 timeoutSeconds: 13404 description: 'Number of seconds after which the probe times 13405 out. Defaults to 1 second. Minimum value is 1. More info: 13406 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13407 format: int32 13408 type: integer 13409 type: object 13410 name: 13411 description: Name of the container specified as a DNS_LABEL. 13412 Each container in a pod must have a unique name (DNS_LABEL). 13413 Cannot be updated. 13414 type: string 13415 ports: 13416 description: List of ports to expose from the container. Exposing 13417 a port here gives the system additional information about 13418 the network connections a container uses, but is primarily 13419 informational. Not specifying a port here DOES NOT prevent 13420 that port from being exposed. Any port which is listening 13421 on the default "0.0.0.0" address inside a container will be 13422 accessible from the network. Cannot be updated. 13423 items: 13424 description: ContainerPort represents a network port in a 13425 single container. 13426 properties: 13427 containerPort: 13428 description: Number of port to expose on the pod's IP 13429 address. This must be a valid port number, 0 < x < 65536. 13430 format: int32 13431 type: integer 13432 hostIP: 13433 description: What host IP to bind the external port to. 13434 type: string 13435 hostPort: 13436 description: Number of port to expose on the host. If 13437 specified, this must be a valid port number, 0 < x < 13438 65536. If HostNetwork is specified, this must match 13439 ContainerPort. Most containers do not need this. 13440 format: int32 13441 type: integer 13442 name: 13443 description: If specified, this must be an IANA_SVC_NAME 13444 and unique within the pod. Each named port in a pod 13445 must have a unique name. Name for the port that can 13446 be referred to by services. 13447 type: string 13448 protocol: 13449 default: TCP 13450 description: Protocol for port. Must be UDP, TCP, or SCTP. 13451 Defaults to "TCP". 13452 type: string 13453 required: 13454 - containerPort 13455 type: object 13456 type: array 13457 x-kubernetes-list-map-keys: 13458 - containerPort 13459 - protocol 13460 x-kubernetes-list-type: map 13461 readinessProbe: 13462 description: 'Periodic probe of container service readiness. 13463 Container will be removed from service endpoints if the probe 13464 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13465 properties: 13466 exec: 13467 description: Exec specifies the action to take. 13468 properties: 13469 command: 13470 description: Command is the command line to execute 13471 inside the container, the working directory for the 13472 command is root ('/') in the container's filesystem. 13473 The command is simply exec'd, it is not run inside 13474 a shell, so traditional shell instructions ('|', etc) 13475 won't work. To use a shell, you need to explicitly 13476 call out to that shell. Exit status of 0 is treated 13477 as live/healthy and non-zero is unhealthy. 13478 items: 13479 type: string 13480 type: array 13481 type: object 13482 failureThreshold: 13483 description: Minimum consecutive failures for the probe 13484 to be considered failed after having succeeded. Defaults 13485 to 3. Minimum value is 1. 13486 format: int32 13487 type: integer 13488 grpc: 13489 description: GRPC specifies an action involving a GRPC port. 13490 This is an alpha field and requires enabling GRPCContainerProbe 13491 feature gate. 13492 properties: 13493 port: 13494 description: Port number of the gRPC service. Number 13495 must be in the range 1 to 65535. 13496 format: int32 13497 type: integer 13498 service: 13499 description: "Service is the name of the service to 13500 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 13501 \n If this is not specified, the default behavior 13502 is defined by gRPC." 13503 type: string 13504 required: 13505 - port 13506 type: object 13507 httpGet: 13508 description: HTTPGet specifies the http request to perform. 13509 properties: 13510 host: 13511 description: Host name to connect to, defaults to the 13512 pod IP. You probably want to set "Host" in httpHeaders 13513 instead. 13514 type: string 13515 httpHeaders: 13516 description: Custom headers to set in the request. HTTP 13517 allows repeated headers. 13518 items: 13519 description: HTTPHeader describes a custom header 13520 to be used in HTTP probes 13521 properties: 13522 name: 13523 description: The header field name 13524 type: string 13525 value: 13526 description: The header field value 13527 type: string 13528 required: 13529 - name 13530 - value 13531 type: object 13532 type: array 13533 path: 13534 description: Path to access on the HTTP server. 13535 type: string 13536 port: 13537 anyOf: 13538 - type: integer 13539 - type: string 13540 description: Name or number of the port to access on 13541 the container. Number must be in the range 1 to 65535. 13542 Name must be an IANA_SVC_NAME. 13543 x-kubernetes-int-or-string: true 13544 scheme: 13545 description: Scheme to use for connecting to the host. 13546 Defaults to HTTP. 13547 type: string 13548 required: 13549 - port 13550 type: object 13551 initialDelaySeconds: 13552 description: 'Number of seconds after the container has 13553 started before liveness probes are initiated. More info: 13554 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13555 format: int32 13556 type: integer 13557 periodSeconds: 13558 description: How often (in seconds) to perform the probe. 13559 Default to 10 seconds. Minimum value is 1. 13560 format: int32 13561 type: integer 13562 successThreshold: 13563 description: Minimum consecutive successes for the probe 13564 to be considered successful after having failed. Defaults 13565 to 1. Must be 1 for liveness and startup. Minimum value 13566 is 1. 13567 format: int32 13568 type: integer 13569 tcpSocket: 13570 description: TCPSocket specifies an action involving a TCP 13571 port. 13572 properties: 13573 host: 13574 description: 'Optional: Host name to connect to, defaults 13575 to the pod IP.' 13576 type: string 13577 port: 13578 anyOf: 13579 - type: integer 13580 - type: string 13581 description: Number or name of the port to access on 13582 the container. Number must be in the range 1 to 65535. 13583 Name must be an IANA_SVC_NAME. 13584 x-kubernetes-int-or-string: true 13585 required: 13586 - port 13587 type: object 13588 terminationGracePeriodSeconds: 13589 description: Optional duration in seconds the pod needs 13590 to terminate gracefully upon probe failure. The grace 13591 period is the duration in seconds after the processes 13592 running in the pod are sent a termination signal and the 13593 time when the processes are forcibly halted with a kill 13594 signal. Set this value longer than the expected cleanup 13595 time for your process. If this value is nil, the pod's 13596 terminationGracePeriodSeconds will be used. Otherwise, 13597 this value overrides the value provided by the pod spec. 13598 Value must be non-negative integer. The value zero indicates 13599 stop immediately via the kill signal (no opportunity to 13600 shut down). This is a beta field and requires enabling 13601 ProbeTerminationGracePeriod feature gate. Minimum value 13602 is 1. spec.terminationGracePeriodSeconds is used if unset. 13603 format: int64 13604 type: integer 13605 timeoutSeconds: 13606 description: 'Number of seconds after which the probe times 13607 out. Defaults to 1 second. Minimum value is 1. More info: 13608 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13609 format: int32 13610 type: integer 13611 type: object 13612 resources: 13613 description: 'Compute Resources required by this container. 13614 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13615 properties: 13616 limits: 13617 additionalProperties: 13618 anyOf: 13619 - type: integer 13620 - type: string 13621 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13622 x-kubernetes-int-or-string: true 13623 description: 'Limits describes the maximum amount of compute 13624 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13625 type: object 13626 requests: 13627 additionalProperties: 13628 anyOf: 13629 - type: integer 13630 - type: string 13631 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13632 x-kubernetes-int-or-string: true 13633 description: 'Requests describes the minimum amount of compute 13634 resources required. If Requests is omitted for a container, 13635 it defaults to Limits if that is explicitly specified, 13636 otherwise to an implementation-defined value. More info: 13637 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13638 type: object 13639 type: object 13640 securityContext: 13641 description: 'SecurityContext defines the security options the 13642 container should be run with. If set, the fields of SecurityContext 13643 override the equivalent fields of PodSecurityContext. More 13644 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 13645 properties: 13646 allowPrivilegeEscalation: 13647 description: 'AllowPrivilegeEscalation controls whether 13648 a process can gain more privileges than its parent process. 13649 This bool directly controls if the no_new_privs flag will 13650 be set on the container process. AllowPrivilegeEscalation 13651 is true always when the container is: 1) run as Privileged 13652 2) has CAP_SYS_ADMIN Note that this field cannot be set 13653 when spec.os.name is windows.' 13654 type: boolean 13655 capabilities: 13656 description: The capabilities to add/drop when running containers. 13657 Defaults to the default set of capabilities granted by 13658 the container runtime. Note that this field cannot be 13659 set when spec.os.name is windows. 13660 properties: 13661 add: 13662 description: Added capabilities 13663 items: 13664 description: Capability represent POSIX capabilities 13665 type 13666 type: string 13667 type: array 13668 drop: 13669 description: Removed capabilities 13670 items: 13671 description: Capability represent POSIX capabilities 13672 type 13673 type: string 13674 type: array 13675 type: object 13676 privileged: 13677 description: Run container in privileged mode. Processes 13678 in privileged containers are essentially equivalent to 13679 root on the host. Defaults to false. Note that this field 13680 cannot be set when spec.os.name is windows. 13681 type: boolean 13682 procMount: 13683 description: procMount denotes the type of proc mount to 13684 use for the containers. The default is DefaultProcMount 13685 which uses the container runtime defaults for readonly 13686 paths and masked paths. This requires the ProcMountType 13687 feature flag to be enabled. Note that this field cannot 13688 be set when spec.os.name is windows. 13689 type: string 13690 readOnlyRootFilesystem: 13691 description: Whether this container has a read-only root 13692 filesystem. Default is false. Note that this field cannot 13693 be set when spec.os.name is windows. 13694 type: boolean 13695 runAsGroup: 13696 description: The GID to run the entrypoint of the container 13697 process. Uses runtime default if unset. May also be set 13698 in PodSecurityContext. If set in both SecurityContext 13699 and PodSecurityContext, the value specified in SecurityContext 13700 takes precedence. Note that this field cannot be set when 13701 spec.os.name is windows. 13702 format: int64 13703 type: integer 13704 runAsNonRoot: 13705 description: Indicates that the container must run as a 13706 non-root user. If true, the Kubelet will validate the 13707 image at runtime to ensure that it does not run as UID 13708 0 (root) and fail to start the container if it does. If 13709 unset or false, no such validation will be performed. 13710 May also be set in PodSecurityContext. If set in both 13711 SecurityContext and PodSecurityContext, the value specified 13712 in SecurityContext takes precedence. 13713 type: boolean 13714 runAsUser: 13715 description: The UID to run the entrypoint of the container 13716 process. Defaults to user specified in image metadata 13717 if unspecified. May also be set in PodSecurityContext. If 13718 set in both SecurityContext and PodSecurityContext, the 13719 value specified in SecurityContext takes precedence. Note 13720 that this field cannot be set when spec.os.name is windows. 13721 format: int64 13722 type: integer 13723 seLinuxOptions: 13724 description: The SELinux context to be applied to the container. 13725 If unspecified, the container runtime will allocate a 13726 random SELinux context for each container. May also be 13727 set in PodSecurityContext. If set in both SecurityContext 13728 and PodSecurityContext, the value specified in SecurityContext 13729 takes precedence. Note that this field cannot be set when 13730 spec.os.name is windows. 13731 properties: 13732 level: 13733 description: Level is SELinux level label that applies 13734 to the container. 13735 type: string 13736 role: 13737 description: Role is a SELinux role label that applies 13738 to the container. 13739 type: string 13740 type: 13741 description: Type is a SELinux type label that applies 13742 to the container. 13743 type: string 13744 user: 13745 description: User is a SELinux user label that applies 13746 to the container. 13747 type: string 13748 type: object 13749 seccompProfile: 13750 description: The seccomp options to use by this container. 13751 If seccomp options are provided at both the pod & container 13752 level, the container options override the pod options. 13753 Note that this field cannot be set when spec.os.name is 13754 windows. 13755 properties: 13756 localhostProfile: 13757 description: localhostProfile indicates a profile defined 13758 in a file on the node should be used. The profile 13759 must be preconfigured on the node to work. Must be 13760 a descending path, relative to the kubelet's configured 13761 seccomp profile location. Must only be set if type 13762 is "Localhost". 13763 type: string 13764 type: 13765 description: "type indicates which kind of seccomp profile 13766 will be applied. Valid options are: \n Localhost - 13767 a profile defined in a file on the node should be 13768 used. RuntimeDefault - the container runtime default 13769 profile should be used. Unconfined - no profile should 13770 be applied." 13771 type: string 13772 required: 13773 - type 13774 type: object 13775 windowsOptions: 13776 description: The Windows specific settings applied to all 13777 containers. If unspecified, the options from the PodSecurityContext 13778 will be used. If set in both SecurityContext and PodSecurityContext, 13779 the value specified in SecurityContext takes precedence. 13780 Note that this field cannot be set when spec.os.name is 13781 linux. 13782 properties: 13783 gmsaCredentialSpec: 13784 description: GMSACredentialSpec is where the GMSA admission 13785 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 13786 inlines the contents of the GMSA credential spec named 13787 by the GMSACredentialSpecName field. 13788 type: string 13789 gmsaCredentialSpecName: 13790 description: GMSACredentialSpecName is the name of the 13791 GMSA credential spec to use. 13792 type: string 13793 hostProcess: 13794 description: HostProcess determines if a container should 13795 be run as a 'Host Process' container. This field is 13796 alpha-level and will only be honored by components 13797 that enable the WindowsHostProcessContainers feature 13798 flag. Setting this field without the feature flag 13799 will result in errors when validating the Pod. All 13800 of a Pod's containers must have the same effective 13801 HostProcess value (it is not allowed to have a mix 13802 of HostProcess containers and non-HostProcess containers). In 13803 addition, if HostProcess is true then HostNetwork 13804 must also be set to true. 13805 type: boolean 13806 runAsUserName: 13807 description: The UserName in Windows to run the entrypoint 13808 of the container process. Defaults to the user specified 13809 in image metadata if unspecified. May also be set 13810 in PodSecurityContext. If set in both SecurityContext 13811 and PodSecurityContext, the value specified in SecurityContext 13812 takes precedence. 13813 type: string 13814 type: object 13815 type: object 13816 startupProbe: 13817 description: 'StartupProbe indicates that the Pod has successfully 13818 initialized. If specified, no other probes are executed until 13819 this completes successfully. If this probe fails, the Pod 13820 will be restarted, just as if the livenessProbe failed. This 13821 can be used to provide different probe parameters at the beginning 13822 of a Pod''s lifecycle, when it might take a long time to load 13823 data or warm a cache, than during steady-state operation. 13824 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13825 properties: 13826 exec: 13827 description: Exec specifies the action to take. 13828 properties: 13829 command: 13830 description: Command is the command line to execute 13831 inside the container, the working directory for the 13832 command is root ('/') in the container's filesystem. 13833 The command is simply exec'd, it is not run inside 13834 a shell, so traditional shell instructions ('|', etc) 13835 won't work. To use a shell, you need to explicitly 13836 call out to that shell. Exit status of 0 is treated 13837 as live/healthy and non-zero is unhealthy. 13838 items: 13839 type: string 13840 type: array 13841 type: object 13842 failureThreshold: 13843 description: Minimum consecutive failures for the probe 13844 to be considered failed after having succeeded. Defaults 13845 to 3. Minimum value is 1. 13846 format: int32 13847 type: integer 13848 grpc: 13849 description: GRPC specifies an action involving a GRPC port. 13850 This is an alpha field and requires enabling GRPCContainerProbe 13851 feature gate. 13852 properties: 13853 port: 13854 description: Port number of the gRPC service. Number 13855 must be in the range 1 to 65535. 13856 format: int32 13857 type: integer 13858 service: 13859 description: "Service is the name of the service to 13860 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 13861 \n If this is not specified, the default behavior 13862 is defined by gRPC." 13863 type: string 13864 required: 13865 - port 13866 type: object 13867 httpGet: 13868 description: HTTPGet specifies the http request to perform. 13869 properties: 13870 host: 13871 description: Host name to connect to, defaults to the 13872 pod IP. You probably want to set "Host" in httpHeaders 13873 instead. 13874 type: string 13875 httpHeaders: 13876 description: Custom headers to set in the request. HTTP 13877 allows repeated headers. 13878 items: 13879 description: HTTPHeader describes a custom header 13880 to be used in HTTP probes 13881 properties: 13882 name: 13883 description: The header field name 13884 type: string 13885 value: 13886 description: The header field value 13887 type: string 13888 required: 13889 - name 13890 - value 13891 type: object 13892 type: array 13893 path: 13894 description: Path to access on the HTTP server. 13895 type: string 13896 port: 13897 anyOf: 13898 - type: integer 13899 - type: string 13900 description: Name or number of the port to access on 13901 the container. Number must be in the range 1 to 65535. 13902 Name must be an IANA_SVC_NAME. 13903 x-kubernetes-int-or-string: true 13904 scheme: 13905 description: Scheme to use for connecting to the host. 13906 Defaults to HTTP. 13907 type: string 13908 required: 13909 - port 13910 type: object 13911 initialDelaySeconds: 13912 description: 'Number of seconds after the container has 13913 started before liveness probes are initiated. More info: 13914 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13915 format: int32 13916 type: integer 13917 periodSeconds: 13918 description: How often (in seconds) to perform the probe. 13919 Default to 10 seconds. Minimum value is 1. 13920 format: int32 13921 type: integer 13922 successThreshold: 13923 description: Minimum consecutive successes for the probe 13924 to be considered successful after having failed. Defaults 13925 to 1. Must be 1 for liveness and startup. Minimum value 13926 is 1. 13927 format: int32 13928 type: integer 13929 tcpSocket: 13930 description: TCPSocket specifies an action involving a TCP 13931 port. 13932 properties: 13933 host: 13934 description: 'Optional: Host name to connect to, defaults 13935 to the pod IP.' 13936 type: string 13937 port: 13938 anyOf: 13939 - type: integer 13940 - type: string 13941 description: Number or name of the port to access on 13942 the container. Number must be in the range 1 to 65535. 13943 Name must be an IANA_SVC_NAME. 13944 x-kubernetes-int-or-string: true 13945 required: 13946 - port 13947 type: object 13948 terminationGracePeriodSeconds: 13949 description: Optional duration in seconds the pod needs 13950 to terminate gracefully upon probe failure. The grace 13951 period is the duration in seconds after the processes 13952 running in the pod are sent a termination signal and the 13953 time when the processes are forcibly halted with a kill 13954 signal. Set this value longer than the expected cleanup 13955 time for your process. If this value is nil, the pod's 13956 terminationGracePeriodSeconds will be used. Otherwise, 13957 this value overrides the value provided by the pod spec. 13958 Value must be non-negative integer. The value zero indicates 13959 stop immediately via the kill signal (no opportunity to 13960 shut down). This is a beta field and requires enabling 13961 ProbeTerminationGracePeriod feature gate. Minimum value 13962 is 1. spec.terminationGracePeriodSeconds is used if unset. 13963 format: int64 13964 type: integer 13965 timeoutSeconds: 13966 description: 'Number of seconds after which the probe times 13967 out. Defaults to 1 second. Minimum value is 1. More info: 13968 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13969 format: int32 13970 type: integer 13971 type: object 13972 stdin: 13973 description: Whether this container should allocate a buffer 13974 for stdin in the container runtime. If this is not set, reads 13975 from stdin in the container will always result in EOF. Default 13976 is false. 13977 type: boolean 13978 stdinOnce: 13979 description: Whether the container runtime should close the 13980 stdin channel after it has been opened by a single attach. 13981 When stdin is true the stdin stream will remain open across 13982 multiple attach sessions. If stdinOnce is set to true, stdin 13983 is opened on container start, is empty until the first client 13984 attaches to stdin, and then remains open and accepts data 13985 until the client disconnects, at which time stdin is closed 13986 and remains closed until the container is restarted. If this 13987 flag is false, a container processes that reads from stdin 13988 will never receive an EOF. Default is false 13989 type: boolean 13990 terminationMessagePath: 13991 description: 'Optional: Path at which the file to which the 13992 container''s termination message will be written is mounted 13993 into the container''s filesystem. Message written is intended 13994 to be brief final status, such as an assertion failure message. 13995 Will be truncated by the node if greater than 4096 bytes. 13996 The total message length across all containers will be limited 13997 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 13998 type: string 13999 terminationMessagePolicy: 14000 description: Indicate how the termination message should be 14001 populated. File will use the contents of terminationMessagePath 14002 to populate the container status message on both success and 14003 failure. FallbackToLogsOnError will use the last chunk of 14004 container log output if the termination message file is empty 14005 and the container exited with an error. The log output is 14006 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 14007 to File. Cannot be updated. 14008 type: string 14009 tty: 14010 description: Whether this container should allocate a TTY for 14011 itself, also requires 'stdin' to be true. Default is false. 14012 type: boolean 14013 volumeDevices: 14014 description: volumeDevices is the list of block devices to be 14015 used by the container. 14016 items: 14017 description: volumeDevice describes a mapping of a raw block 14018 device within a container. 14019 properties: 14020 devicePath: 14021 description: devicePath is the path inside of the container 14022 that the device will be mapped to. 14023 type: string 14024 name: 14025 description: name must match the name of a persistentVolumeClaim 14026 in the pod 14027 type: string 14028 required: 14029 - devicePath 14030 - name 14031 type: object 14032 type: array 14033 volumeMounts: 14034 description: Pod volumes to mount into the container's filesystem. 14035 Cannot be updated. 14036 items: 14037 description: VolumeMount describes a mounting of a Volume 14038 within a container. 14039 properties: 14040 mountPath: 14041 description: Path within the container at which the volume 14042 should be mounted. Must not contain ':'. 14043 type: string 14044 mountPropagation: 14045 description: mountPropagation determines how mounts are 14046 propagated from the host to container and the other 14047 way around. When not set, MountPropagationNone is used. 14048 This field is beta in 1.10. 14049 type: string 14050 name: 14051 description: This must match the Name of a Volume. 14052 type: string 14053 readOnly: 14054 description: Mounted read-only if true, read-write otherwise 14055 (false or unspecified). Defaults to false. 14056 type: boolean 14057 subPath: 14058 description: Path within the volume from which the container's 14059 volume should be mounted. Defaults to "" (volume's root). 14060 type: string 14061 subPathExpr: 14062 description: Expanded path within the volume from which 14063 the container's volume should be mounted. Behaves similarly 14064 to SubPath but environment variable references $(VAR_NAME) 14065 are expanded using the container's environment. Defaults 14066 to "" (volume's root). SubPathExpr and SubPath are mutually 14067 exclusive. 14068 type: string 14069 required: 14070 - mountPath 14071 - name 14072 type: object 14073 type: array 14074 workingDir: 14075 description: Container's working directory. If not specified, 14076 the container runtime's default will be used, which might 14077 be configured in the container image. Cannot be updated. 14078 type: string 14079 required: 14080 - name 14081 type: object 14082 type: array 14083 listenLocal: 14084 description: ListenLocal makes the Prometheus server listen on loopback, 14085 so that it does not bind against the Pod IP. 14086 type: boolean 14087 logFormat: 14088 description: Log format for Prometheus to be configured with. 14089 type: string 14090 logLevel: 14091 description: Log level for Prometheus to be configured with. 14092 type: string 14093 minReadySeconds: 14094 description: Minimum number of seconds for which a newly created pod 14095 should be ready without any of its container crashing for it to 14096 be considered available. Defaults to 0 (pod will be considered available 14097 as soon as it is ready) This is an alpha field and requires enabling 14098 StatefulSetMinReadySeconds feature gate. 14099 format: int32 14100 type: integer 14101 nodeSelector: 14102 additionalProperties: 14103 type: string 14104 description: Define which Nodes the Pods are scheduled on. 14105 type: object 14106 overrideHonorLabels: 14107 description: OverrideHonorLabels if set to true overrides all user 14108 configured honor_labels. If HonorLabels is set in ServiceMonitor 14109 or PodMonitor to true, this overrides honor_labels to false. 14110 type: boolean 14111 overrideHonorTimestamps: 14112 description: OverrideHonorTimestamps allows to globally enforce honoring 14113 timestamps in all scrape configs. 14114 type: boolean 14115 paused: 14116 description: When a Prometheus deployment is paused, no actions except 14117 for deletion will be performed on the underlying objects. 14118 type: boolean 14119 podMetadata: 14120 description: PodMetadata configures Labels and Annotations which are 14121 propagated to the prometheus pods. 14122 properties: 14123 annotations: 14124 additionalProperties: 14125 type: string 14126 description: 'Annotations is an unstructured key value map stored 14127 with a resource that may be set by external tools to store and 14128 retrieve arbitrary metadata. They are not queryable and should 14129 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 14130 type: object 14131 labels: 14132 additionalProperties: 14133 type: string 14134 description: 'Map of string keys and values that can be used to 14135 organize and categorize (scope and select) objects. May match 14136 selectors of replication controllers and services. More info: 14137 http://kubernetes.io/docs/user-guide/labels' 14138 type: object 14139 name: 14140 description: 'Name must be unique within a namespace. Is required 14141 when creating resources, although some resources may allow a 14142 client to request the generation of an appropriate name automatically. 14143 Name is primarily intended for creation idempotence and configuration 14144 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 14145 type: string 14146 type: object 14147 podMonitorNamespaceSelector: 14148 description: Namespace's labels to match for PodMonitor discovery. 14149 If nil, only check own namespace. 14150 properties: 14151 matchExpressions: 14152 description: matchExpressions is a list of label selector requirements. 14153 The requirements are ANDed. 14154 items: 14155 description: A label selector requirement is a selector that 14156 contains values, a key, and an operator that relates the key 14157 and values. 14158 properties: 14159 key: 14160 description: key is the label key that the selector applies 14161 to. 14162 type: string 14163 operator: 14164 description: operator represents a key's relationship to 14165 a set of values. Valid operators are In, NotIn, Exists 14166 and DoesNotExist. 14167 type: string 14168 values: 14169 description: values is an array of string values. If the 14170 operator is In or NotIn, the values array must be non-empty. 14171 If the operator is Exists or DoesNotExist, the values 14172 array must be empty. This array is replaced during a strategic 14173 merge patch. 14174 items: 14175 type: string 14176 type: array 14177 required: 14178 - key 14179 - operator 14180 type: object 14181 type: array 14182 matchLabels: 14183 additionalProperties: 14184 type: string 14185 description: matchLabels is a map of {key,value} pairs. A single 14186 {key,value} in the matchLabels map is equivalent to an element 14187 of matchExpressions, whose key field is "key", the operator 14188 is "In", and the values array contains only "value". The requirements 14189 are ANDed. 14190 type: object 14191 type: object 14192 podMonitorSelector: 14193 description: '*Experimental* PodMonitors to be selected for target 14194 discovery. *Deprecated:* if neither this nor serviceMonitorSelector 14195 are specified, configuration is unmanaged.' 14196 properties: 14197 matchExpressions: 14198 description: matchExpressions is a list of label selector requirements. 14199 The requirements are ANDed. 14200 items: 14201 description: A label selector requirement is a selector that 14202 contains values, a key, and an operator that relates the key 14203 and values. 14204 properties: 14205 key: 14206 description: key is the label key that the selector applies 14207 to. 14208 type: string 14209 operator: 14210 description: operator represents a key's relationship to 14211 a set of values. Valid operators are In, NotIn, Exists 14212 and DoesNotExist. 14213 type: string 14214 values: 14215 description: values is an array of string values. If the 14216 operator is In or NotIn, the values array must be non-empty. 14217 If the operator is Exists or DoesNotExist, the values 14218 array must be empty. This array is replaced during a strategic 14219 merge patch. 14220 items: 14221 type: string 14222 type: array 14223 required: 14224 - key 14225 - operator 14226 type: object 14227 type: array 14228 matchLabels: 14229 additionalProperties: 14230 type: string 14231 description: matchLabels is a map of {key,value} pairs. A single 14232 {key,value} in the matchLabels map is equivalent to an element 14233 of matchExpressions, whose key field is "key", the operator 14234 is "In", and the values array contains only "value". The requirements 14235 are ANDed. 14236 type: object 14237 type: object 14238 portName: 14239 description: Port name used for the pods and governing service. This 14240 defaults to web 14241 type: string 14242 priorityClassName: 14243 description: Priority class assigned to the Pods 14244 type: string 14245 probeNamespaceSelector: 14246 description: '*Experimental* Namespaces to be selected for Probe discovery. 14247 If nil, only check own namespace.' 14248 properties: 14249 matchExpressions: 14250 description: matchExpressions is a list of label selector requirements. 14251 The requirements are ANDed. 14252 items: 14253 description: A label selector requirement is a selector that 14254 contains values, a key, and an operator that relates the key 14255 and values. 14256 properties: 14257 key: 14258 description: key is the label key that the selector applies 14259 to. 14260 type: string 14261 operator: 14262 description: operator represents a key's relationship to 14263 a set of values. Valid operators are In, NotIn, Exists 14264 and DoesNotExist. 14265 type: string 14266 values: 14267 description: values is an array of string values. If the 14268 operator is In or NotIn, the values array must be non-empty. 14269 If the operator is Exists or DoesNotExist, the values 14270 array must be empty. This array is replaced during a strategic 14271 merge patch. 14272 items: 14273 type: string 14274 type: array 14275 required: 14276 - key 14277 - operator 14278 type: object 14279 type: array 14280 matchLabels: 14281 additionalProperties: 14282 type: string 14283 description: matchLabels is a map of {key,value} pairs. A single 14284 {key,value} in the matchLabels map is equivalent to an element 14285 of matchExpressions, whose key field is "key", the operator 14286 is "In", and the values array contains only "value". The requirements 14287 are ANDed. 14288 type: object 14289 type: object 14290 probeSelector: 14291 description: '*Experimental* Probes to be selected for target discovery.' 14292 properties: 14293 matchExpressions: 14294 description: matchExpressions is a list of label selector requirements. 14295 The requirements are ANDed. 14296 items: 14297 description: A label selector requirement is a selector that 14298 contains values, a key, and an operator that relates the key 14299 and values. 14300 properties: 14301 key: 14302 description: key is the label key that the selector applies 14303 to. 14304 type: string 14305 operator: 14306 description: operator represents a key's relationship to 14307 a set of values. Valid operators are In, NotIn, Exists 14308 and DoesNotExist. 14309 type: string 14310 values: 14311 description: values is an array of string values. If the 14312 operator is In or NotIn, the values array must be non-empty. 14313 If the operator is Exists or DoesNotExist, the values 14314 array must be empty. This array is replaced during a strategic 14315 merge patch. 14316 items: 14317 type: string 14318 type: array 14319 required: 14320 - key 14321 - operator 14322 type: object 14323 type: array 14324 matchLabels: 14325 additionalProperties: 14326 type: string 14327 description: matchLabels is a map of {key,value} pairs. A single 14328 {key,value} in the matchLabels map is equivalent to an element 14329 of matchExpressions, whose key field is "key", the operator 14330 is "In", and the values array contains only "value". The requirements 14331 are ANDed. 14332 type: object 14333 type: object 14334 prometheusExternalLabelName: 14335 description: Name of Prometheus external label used to denote Prometheus 14336 instance name. Defaults to the value of `prometheus`. External label 14337 will _not_ be added when value is set to empty string (`""`). 14338 type: string 14339 prometheusRulesExcludedFromEnforce: 14340 description: PrometheusRulesExcludedFromEnforce - list of prometheus 14341 rules to be excluded from enforcing of adding namespace labels. 14342 Works only if enforcedNamespaceLabel set to true. Make sure both 14343 ruleNamespace and ruleName are set for each pair 14344 items: 14345 description: PrometheusRuleExcludeConfig enables users to configure 14346 excluded PrometheusRule names and their namespaces to be ignored 14347 while enforcing namespace label for alerts and metrics. 14348 properties: 14349 ruleName: 14350 description: RuleNamespace - name of excluded rule 14351 type: string 14352 ruleNamespace: 14353 description: RuleNamespace - namespace of excluded rule 14354 type: string 14355 required: 14356 - ruleName 14357 - ruleNamespace 14358 type: object 14359 type: array 14360 query: 14361 description: QuerySpec defines the query command line flags when starting 14362 Prometheus. 14363 properties: 14364 lookbackDelta: 14365 description: The delta difference allowed for retrieving metrics 14366 during expression evaluations. 14367 type: string 14368 maxConcurrency: 14369 description: Number of concurrent queries that can be run at once. 14370 format: int32 14371 type: integer 14372 maxSamples: 14373 description: Maximum number of samples a single query can load 14374 into memory. Note that queries will fail if they would load 14375 more samples than this into memory, so this also limits the 14376 number of samples a query can return. 14377 format: int32 14378 type: integer 14379 timeout: 14380 description: Maximum time a query may take before being aborted. 14381 type: string 14382 type: object 14383 queryLogFile: 14384 description: QueryLogFile specifies the file to which PromQL queries 14385 are logged. Note that this location must be writable, and can be 14386 persisted using an attached volume. Alternatively, the location 14387 can be set to a stdout location such as `/dev/stdout` to log querie 14388 information to the default Prometheus log stream. This is only available 14389 in versions of Prometheus >= 2.16.0. For more details, see the Prometheus 14390 docs (https://prometheus.io/docs/guides/query-log/) 14391 type: string 14392 remoteRead: 14393 description: If specified, the remote_read spec. This is an experimental 14394 feature, it may change in any upcoming release in a breaking way. 14395 items: 14396 description: RemoteReadSpec defines the remote_read configuration 14397 for prometheus. 14398 properties: 14399 authorization: 14400 description: Authorization section for remote read 14401 properties: 14402 credentials: 14403 description: The secret's key that contains the credentials 14404 of the request 14405 properties: 14406 key: 14407 description: The key of the secret to select from. Must 14408 be a valid secret key. 14409 type: string 14410 name: 14411 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14412 TODO: Add other useful fields. apiVersion, kind, uid?' 14413 type: string 14414 optional: 14415 description: Specify whether the Secret or its key must 14416 be defined 14417 type: boolean 14418 required: 14419 - key 14420 type: object 14421 credentialsFile: 14422 description: File to read a secret from, mutually exclusive 14423 with Credentials (from SafeAuthorization) 14424 type: string 14425 type: 14426 description: Set the authentication type. Defaults to Bearer, 14427 Basic will cause an error 14428 type: string 14429 type: object 14430 basicAuth: 14431 description: BasicAuth for the URL. 14432 properties: 14433 password: 14434 description: The secret in the service monitor namespace 14435 that contains the password for authentication. 14436 properties: 14437 key: 14438 description: The key of the secret to select from. Must 14439 be a valid secret key. 14440 type: string 14441 name: 14442 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14443 TODO: Add other useful fields. apiVersion, kind, uid?' 14444 type: string 14445 optional: 14446 description: Specify whether the Secret or its key must 14447 be defined 14448 type: boolean 14449 required: 14450 - key 14451 type: object 14452 username: 14453 description: The secret in the service monitor namespace 14454 that contains the username for authentication. 14455 properties: 14456 key: 14457 description: The key of the secret to select from. Must 14458 be a valid secret key. 14459 type: string 14460 name: 14461 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14462 TODO: Add other useful fields. apiVersion, kind, uid?' 14463 type: string 14464 optional: 14465 description: Specify whether the Secret or its key must 14466 be defined 14467 type: boolean 14468 required: 14469 - key 14470 type: object 14471 type: object 14472 bearerToken: 14473 description: Bearer token for remote read. 14474 type: string 14475 bearerTokenFile: 14476 description: File to read bearer token for remote read. 14477 type: string 14478 headers: 14479 additionalProperties: 14480 type: string 14481 description: Custom HTTP headers to be sent along with each 14482 remote read request. Be aware that headers that are set by 14483 Prometheus itself can't be overwritten. Only valid in Prometheus 14484 versions 2.26.0 and newer. 14485 type: object 14486 name: 14487 description: The name of the remote read queue, must be unique 14488 if specified. The name is used in metrics and logging in order 14489 to differentiate read configurations. Only valid in Prometheus 14490 versions 2.15.0 and newer. 14491 type: string 14492 oauth2: 14493 description: OAuth2 for the URL. Only valid in Prometheus versions 14494 2.27.0 and newer. 14495 properties: 14496 clientId: 14497 description: The secret or configmap containing the OAuth2 14498 client id 14499 properties: 14500 configMap: 14501 description: ConfigMap containing data to use for the 14502 targets. 14503 properties: 14504 key: 14505 description: The key to select. 14506 type: string 14507 name: 14508 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14509 TODO: Add other useful fields. apiVersion, kind, 14510 uid?' 14511 type: string 14512 optional: 14513 description: Specify whether the ConfigMap or its 14514 key must be defined 14515 type: boolean 14516 required: 14517 - key 14518 type: object 14519 secret: 14520 description: Secret containing data to use for the targets. 14521 properties: 14522 key: 14523 description: The key of the secret to select from. Must 14524 be a valid secret key. 14525 type: string 14526 name: 14527 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14528 TODO: Add other useful fields. apiVersion, kind, 14529 uid?' 14530 type: string 14531 optional: 14532 description: Specify whether the Secret or its key 14533 must be defined 14534 type: boolean 14535 required: 14536 - key 14537 type: object 14538 type: object 14539 clientSecret: 14540 description: The secret containing the OAuth2 client secret 14541 properties: 14542 key: 14543 description: The key of the secret to select from. Must 14544 be a valid secret key. 14545 type: string 14546 name: 14547 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14548 TODO: Add other useful fields. apiVersion, kind, uid?' 14549 type: string 14550 optional: 14551 description: Specify whether the Secret or its key must 14552 be defined 14553 type: boolean 14554 required: 14555 - key 14556 type: object 14557 endpointParams: 14558 additionalProperties: 14559 type: string 14560 description: Parameters to append to the token URL 14561 type: object 14562 scopes: 14563 description: OAuth2 scopes used for the token request 14564 items: 14565 type: string 14566 type: array 14567 tokenUrl: 14568 description: The URL to fetch the token from 14569 minLength: 1 14570 type: string 14571 required: 14572 - clientId 14573 - clientSecret 14574 - tokenUrl 14575 type: object 14576 proxyUrl: 14577 description: Optional ProxyURL 14578 type: string 14579 readRecent: 14580 description: Whether reads should be made for queries for time 14581 ranges that the local storage should have complete data for. 14582 type: boolean 14583 remoteTimeout: 14584 description: Timeout for requests to the remote read endpoint. 14585 type: string 14586 requiredMatchers: 14587 additionalProperties: 14588 type: string 14589 description: An optional list of equality matchers which have 14590 to be present in a selector to query the remote read endpoint. 14591 type: object 14592 tlsConfig: 14593 description: TLS Config to use for remote read. 14594 properties: 14595 ca: 14596 description: Struct containing the CA cert to use for the 14597 targets. 14598 properties: 14599 configMap: 14600 description: ConfigMap containing data to use for the 14601 targets. 14602 properties: 14603 key: 14604 description: The key to select. 14605 type: string 14606 name: 14607 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14608 TODO: Add other useful fields. apiVersion, kind, 14609 uid?' 14610 type: string 14611 optional: 14612 description: Specify whether the ConfigMap or its 14613 key must be defined 14614 type: boolean 14615 required: 14616 - key 14617 type: object 14618 secret: 14619 description: Secret containing data to use for the targets. 14620 properties: 14621 key: 14622 description: The key of the secret to select from. Must 14623 be a valid secret key. 14624 type: string 14625 name: 14626 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14627 TODO: Add other useful fields. apiVersion, kind, 14628 uid?' 14629 type: string 14630 optional: 14631 description: Specify whether the Secret or its key 14632 must be defined 14633 type: boolean 14634 required: 14635 - key 14636 type: object 14637 type: object 14638 caFile: 14639 description: Path to the CA cert in the Prometheus container 14640 to use for the targets. 14641 type: string 14642 cert: 14643 description: Struct containing the client cert file for 14644 the targets. 14645 properties: 14646 configMap: 14647 description: ConfigMap containing data to use for the 14648 targets. 14649 properties: 14650 key: 14651 description: The key to select. 14652 type: string 14653 name: 14654 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14655 TODO: Add other useful fields. apiVersion, kind, 14656 uid?' 14657 type: string 14658 optional: 14659 description: Specify whether the ConfigMap or its 14660 key must be defined 14661 type: boolean 14662 required: 14663 - key 14664 type: object 14665 secret: 14666 description: Secret containing data to use for the targets. 14667 properties: 14668 key: 14669 description: The key of the secret to select from. Must 14670 be a valid secret key. 14671 type: string 14672 name: 14673 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14674 TODO: Add other useful fields. apiVersion, kind, 14675 uid?' 14676 type: string 14677 optional: 14678 description: Specify whether the Secret or its key 14679 must be defined 14680 type: boolean 14681 required: 14682 - key 14683 type: object 14684 type: object 14685 certFile: 14686 description: Path to the client cert file in the Prometheus 14687 container for the targets. 14688 type: string 14689 insecureSkipVerify: 14690 description: Disable target certificate validation. 14691 type: boolean 14692 keyFile: 14693 description: Path to the client key file in the Prometheus 14694 container for the targets. 14695 type: string 14696 keySecret: 14697 description: Secret containing the client key file for the 14698 targets. 14699 properties: 14700 key: 14701 description: The key of the secret to select from. Must 14702 be a valid secret key. 14703 type: string 14704 name: 14705 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14706 TODO: Add other useful fields. apiVersion, kind, uid?' 14707 type: string 14708 optional: 14709 description: Specify whether the Secret or its key must 14710 be defined 14711 type: boolean 14712 required: 14713 - key 14714 type: object 14715 serverName: 14716 description: Used to verify the hostname for the targets. 14717 type: string 14718 type: object 14719 url: 14720 description: The URL of the endpoint to send samples to. 14721 type: string 14722 required: 14723 - url 14724 type: object 14725 type: array 14726 remoteWrite: 14727 description: If specified, the remote_write spec. This is an experimental 14728 feature, it may change in any upcoming release in a breaking way. 14729 items: 14730 description: RemoteWriteSpec defines the remote_write configuration 14731 for prometheus. 14732 properties: 14733 authorization: 14734 description: Authorization section for remote write 14735 properties: 14736 credentials: 14737 description: The secret's key that contains the credentials 14738 of the request 14739 properties: 14740 key: 14741 description: The key of the secret to select from. Must 14742 be a valid secret key. 14743 type: string 14744 name: 14745 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14746 TODO: Add other useful fields. apiVersion, kind, uid?' 14747 type: string 14748 optional: 14749 description: Specify whether the Secret or its key must 14750 be defined 14751 type: boolean 14752 required: 14753 - key 14754 type: object 14755 credentialsFile: 14756 description: File to read a secret from, mutually exclusive 14757 with Credentials (from SafeAuthorization) 14758 type: string 14759 type: 14760 description: Set the authentication type. Defaults to Bearer, 14761 Basic will cause an error 14762 type: string 14763 type: object 14764 basicAuth: 14765 description: BasicAuth for the URL. 14766 properties: 14767 password: 14768 description: The secret in the service monitor namespace 14769 that contains the password for authentication. 14770 properties: 14771 key: 14772 description: The key of the secret to select from. Must 14773 be a valid secret key. 14774 type: string 14775 name: 14776 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14777 TODO: Add other useful fields. apiVersion, kind, uid?' 14778 type: string 14779 optional: 14780 description: Specify whether the Secret or its key must 14781 be defined 14782 type: boolean 14783 required: 14784 - key 14785 type: object 14786 username: 14787 description: The secret in the service monitor namespace 14788 that contains the username for authentication. 14789 properties: 14790 key: 14791 description: The key of the secret to select from. Must 14792 be a valid secret key. 14793 type: string 14794 name: 14795 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14796 TODO: Add other useful fields. apiVersion, kind, uid?' 14797 type: string 14798 optional: 14799 description: Specify whether the Secret or its key must 14800 be defined 14801 type: boolean 14802 required: 14803 - key 14804 type: object 14805 type: object 14806 bearerToken: 14807 description: Bearer token for remote write. 14808 type: string 14809 bearerTokenFile: 14810 description: File to read bearer token for remote write. 14811 type: string 14812 headers: 14813 additionalProperties: 14814 type: string 14815 description: Custom HTTP headers to be sent along with each 14816 remote write request. Be aware that headers that are set by 14817 Prometheus itself can't be overwritten. Only valid in Prometheus 14818 versions 2.25.0 and newer. 14819 type: object 14820 metadataConfig: 14821 description: MetadataConfig configures the sending of series 14822 metadata to remote storage. 14823 properties: 14824 send: 14825 description: Whether metric metadata is sent to remote storage 14826 or not. 14827 type: boolean 14828 sendInterval: 14829 description: How frequently metric metadata is sent to remote 14830 storage. 14831 type: string 14832 type: object 14833 name: 14834 description: The name of the remote write queue, must be unique 14835 if specified. The name is used in metrics and logging in order 14836 to differentiate queues. Only valid in Prometheus versions 14837 2.15.0 and newer. 14838 type: string 14839 oauth2: 14840 description: OAuth2 for the URL. Only valid in Prometheus versions 14841 2.27.0 and newer. 14842 properties: 14843 clientId: 14844 description: The secret or configmap containing the OAuth2 14845 client id 14846 properties: 14847 configMap: 14848 description: ConfigMap containing data to use for the 14849 targets. 14850 properties: 14851 key: 14852 description: The key to select. 14853 type: string 14854 name: 14855 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14856 TODO: Add other useful fields. apiVersion, kind, 14857 uid?' 14858 type: string 14859 optional: 14860 description: Specify whether the ConfigMap or its 14861 key must be defined 14862 type: boolean 14863 required: 14864 - key 14865 type: object 14866 secret: 14867 description: Secret containing data to use for the targets. 14868 properties: 14869 key: 14870 description: The key of the secret to select from. Must 14871 be a valid secret key. 14872 type: string 14873 name: 14874 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14875 TODO: Add other useful fields. apiVersion, kind, 14876 uid?' 14877 type: string 14878 optional: 14879 description: Specify whether the Secret or its key 14880 must be defined 14881 type: boolean 14882 required: 14883 - key 14884 type: object 14885 type: object 14886 clientSecret: 14887 description: The secret containing the OAuth2 client secret 14888 properties: 14889 key: 14890 description: The key of the secret to select from. Must 14891 be a valid secret key. 14892 type: string 14893 name: 14894 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14895 TODO: Add other useful fields. apiVersion, kind, uid?' 14896 type: string 14897 optional: 14898 description: Specify whether the Secret or its key must 14899 be defined 14900 type: boolean 14901 required: 14902 - key 14903 type: object 14904 endpointParams: 14905 additionalProperties: 14906 type: string 14907 description: Parameters to append to the token URL 14908 type: object 14909 scopes: 14910 description: OAuth2 scopes used for the token request 14911 items: 14912 type: string 14913 type: array 14914 tokenUrl: 14915 description: The URL to fetch the token from 14916 minLength: 1 14917 type: string 14918 required: 14919 - clientId 14920 - clientSecret 14921 - tokenUrl 14922 type: object 14923 proxyUrl: 14924 description: Optional ProxyURL 14925 type: string 14926 queueConfig: 14927 description: QueueConfig allows tuning of the remote write queue 14928 parameters. 14929 properties: 14930 batchSendDeadline: 14931 description: BatchSendDeadline is the maximum time a sample 14932 will wait in buffer. 14933 type: string 14934 capacity: 14935 description: Capacity is the number of samples to buffer 14936 per shard before we start dropping them. 14937 type: integer 14938 maxBackoff: 14939 description: MaxBackoff is the maximum retry delay. 14940 type: string 14941 maxRetries: 14942 description: MaxRetries is the maximum number of times to 14943 retry a batch on recoverable errors. 14944 type: integer 14945 maxSamplesPerSend: 14946 description: MaxSamplesPerSend is the maximum number of 14947 samples per send. 14948 type: integer 14949 maxShards: 14950 description: MaxShards is the maximum number of shards, 14951 i.e. amount of concurrency. 14952 type: integer 14953 minBackoff: 14954 description: MinBackoff is the initial retry delay. Gets 14955 doubled for every retry. 14956 type: string 14957 minShards: 14958 description: MinShards is the minimum number of shards, 14959 i.e. amount of concurrency. 14960 type: integer 14961 retryOnRateLimit: 14962 description: Retry upon receiving a 429 status code from 14963 the remote-write storage. This is experimental feature 14964 and might change in the future. 14965 type: boolean 14966 type: object 14967 remoteTimeout: 14968 description: Timeout for requests to the remote write endpoint. 14969 type: string 14970 sendExemplars: 14971 description: Enables sending of exemplars over remote write. 14972 Note that exemplar-storage itself must be enabled using the 14973 enableFeature option for exemplars to be scraped in the first 14974 place. Only valid in Prometheus versions 2.27.0 and newer. 14975 type: boolean 14976 sigv4: 14977 description: Sigv4 allows to configures AWS's Signature Verification 14978 4 14979 properties: 14980 accessKey: 14981 description: AccessKey is the AWS API key. If blank, the 14982 environment variable `AWS_ACCESS_KEY_ID` is used. 14983 properties: 14984 key: 14985 description: The key of the secret to select from. Must 14986 be a valid secret key. 14987 type: string 14988 name: 14989 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14990 TODO: Add other useful fields. apiVersion, kind, uid?' 14991 type: string 14992 optional: 14993 description: Specify whether the Secret or its key must 14994 be defined 14995 type: boolean 14996 required: 14997 - key 14998 type: object 14999 profile: 15000 description: Profile is the named AWS profile used to authenticate. 15001 type: string 15002 region: 15003 description: Region is the AWS region. If blank, the region 15004 from the default credentials chain used. 15005 type: string 15006 roleArn: 15007 description: RoleArn is the named AWS profile used to authenticate. 15008 type: string 15009 secretKey: 15010 description: SecretKey is the AWS API secret. If blank, 15011 the environment variable `AWS_SECRET_ACCESS_KEY` is used. 15012 properties: 15013 key: 15014 description: The key of the secret to select from. Must 15015 be a valid secret key. 15016 type: string 15017 name: 15018 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15019 TODO: Add other useful fields. apiVersion, kind, uid?' 15020 type: string 15021 optional: 15022 description: Specify whether the Secret or its key must 15023 be defined 15024 type: boolean 15025 required: 15026 - key 15027 type: object 15028 type: object 15029 tlsConfig: 15030 description: TLS Config to use for remote write. 15031 properties: 15032 ca: 15033 description: Struct containing the CA cert to use for the 15034 targets. 15035 properties: 15036 configMap: 15037 description: ConfigMap containing data to use for the 15038 targets. 15039 properties: 15040 key: 15041 description: The key to select. 15042 type: string 15043 name: 15044 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15045 TODO: Add other useful fields. apiVersion, kind, 15046 uid?' 15047 type: string 15048 optional: 15049 description: Specify whether the ConfigMap or its 15050 key must be defined 15051 type: boolean 15052 required: 15053 - key 15054 type: object 15055 secret: 15056 description: Secret containing data to use for the targets. 15057 properties: 15058 key: 15059 description: The key of the secret to select from. Must 15060 be a valid secret key. 15061 type: string 15062 name: 15063 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15064 TODO: Add other useful fields. apiVersion, kind, 15065 uid?' 15066 type: string 15067 optional: 15068 description: Specify whether the Secret or its key 15069 must be defined 15070 type: boolean 15071 required: 15072 - key 15073 type: object 15074 type: object 15075 caFile: 15076 description: Path to the CA cert in the Prometheus container 15077 to use for the targets. 15078 type: string 15079 cert: 15080 description: Struct containing the client cert file for 15081 the targets. 15082 properties: 15083 configMap: 15084 description: ConfigMap containing data to use for the 15085 targets. 15086 properties: 15087 key: 15088 description: The key to select. 15089 type: string 15090 name: 15091 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15092 TODO: Add other useful fields. apiVersion, kind, 15093 uid?' 15094 type: string 15095 optional: 15096 description: Specify whether the ConfigMap or its 15097 key must be defined 15098 type: boolean 15099 required: 15100 - key 15101 type: object 15102 secret: 15103 description: Secret containing data to use for the targets. 15104 properties: 15105 key: 15106 description: The key of the secret to select from. Must 15107 be a valid secret key. 15108 type: string 15109 name: 15110 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15111 TODO: Add other useful fields. apiVersion, kind, 15112 uid?' 15113 type: string 15114 optional: 15115 description: Specify whether the Secret or its key 15116 must be defined 15117 type: boolean 15118 required: 15119 - key 15120 type: object 15121 type: object 15122 certFile: 15123 description: Path to the client cert file in the Prometheus 15124 container for the targets. 15125 type: string 15126 insecureSkipVerify: 15127 description: Disable target certificate validation. 15128 type: boolean 15129 keyFile: 15130 description: Path to the client key file in the Prometheus 15131 container for the targets. 15132 type: string 15133 keySecret: 15134 description: Secret containing the client key file for the 15135 targets. 15136 properties: 15137 key: 15138 description: The key of the secret to select from. Must 15139 be a valid secret key. 15140 type: string 15141 name: 15142 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15143 TODO: Add other useful fields. apiVersion, kind, uid?' 15144 type: string 15145 optional: 15146 description: Specify whether the Secret or its key must 15147 be defined 15148 type: boolean 15149 required: 15150 - key 15151 type: object 15152 serverName: 15153 description: Used to verify the hostname for the targets. 15154 type: string 15155 type: object 15156 url: 15157 description: The URL of the endpoint to send samples to. 15158 type: string 15159 writeRelabelConfigs: 15160 description: The list of remote write relabel configurations. 15161 items: 15162 description: 'RelabelConfig allows dynamic rewriting of the 15163 label set, being applied to samples before ingestion. It 15164 defines `<metric_relabel_configs>`-section of Prometheus 15165 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 15166 properties: 15167 action: 15168 description: Action to perform based on regex matching. 15169 Default is 'replace' 15170 type: string 15171 modulus: 15172 description: Modulus to take of the hash of the source 15173 label values. 15174 format: int64 15175 type: integer 15176 regex: 15177 description: Regular expression against which the extracted 15178 value is matched. Default is '(.*)' 15179 type: string 15180 replacement: 15181 description: Replacement value against which a regex replace 15182 is performed if the regular expression matches. Regex 15183 capture groups are available. Default is '$1' 15184 type: string 15185 separator: 15186 description: Separator placed between concatenated source 15187 label values. default is ';'. 15188 type: string 15189 sourceLabels: 15190 description: The source labels select values from existing 15191 labels. Their content is concatenated using the configured 15192 separator and matched against the configured regular 15193 expression for the replace, keep, and drop actions. 15194 items: 15195 type: string 15196 type: array 15197 targetLabel: 15198 description: Label to which the resulting value is written 15199 in a replace action. It is mandatory for replace actions. 15200 Regex capture groups are available. 15201 type: string 15202 type: object 15203 type: array 15204 required: 15205 - url 15206 type: object 15207 type: array 15208 replicaExternalLabelName: 15209 description: Name of Prometheus external label used to denote replica 15210 name. Defaults to the value of `prometheus_replica`. External label 15211 will _not_ be added when value is set to empty string (`""`). 15212 type: string 15213 replicas: 15214 description: Number of replicas of each shard to deploy for a Prometheus 15215 deployment. Number of replicas multiplied by shards is the total 15216 number of Pods created. 15217 format: int32 15218 type: integer 15219 resources: 15220 description: Define resources requests and limits for single Pods. 15221 properties: 15222 limits: 15223 additionalProperties: 15224 anyOf: 15225 - type: integer 15226 - type: string 15227 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15228 x-kubernetes-int-or-string: true 15229 description: 'Limits describes the maximum amount of compute resources 15230 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15231 type: object 15232 requests: 15233 additionalProperties: 15234 anyOf: 15235 - type: integer 15236 - type: string 15237 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15238 x-kubernetes-int-or-string: true 15239 description: 'Requests describes the minimum amount of compute 15240 resources required. If Requests is omitted for a container, 15241 it defaults to Limits if that is explicitly specified, otherwise 15242 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15243 type: object 15244 type: object 15245 retention: 15246 description: Time duration Prometheus shall retain data for. Default 15247 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 15248 (milliseconds seconds minutes hours days weeks years). 15249 type: string 15250 retentionSize: 15251 description: 'Maximum amount of disk space used by blocks. Supported 15252 units: B, KB, MB, GB, TB, PB, EB. Ex: `512MB`.' 15253 type: string 15254 routePrefix: 15255 description: The route prefix Prometheus registers HTTP handlers for. 15256 This is useful, if using ExternalURL and a proxy is rewriting HTTP 15257 routes of a request, and the actual ExternalURL is still true, but 15258 the server serves requests under a different route prefix. For example 15259 for use with `kubectl proxy`. 15260 type: string 15261 ruleNamespaceSelector: 15262 description: Namespaces to be selected for PrometheusRules discovery. 15263 If unspecified, only the same namespace as the Prometheus object 15264 is in is used. 15265 properties: 15266 matchExpressions: 15267 description: matchExpressions is a list of label selector requirements. 15268 The requirements are ANDed. 15269 items: 15270 description: A label selector requirement is a selector that 15271 contains values, a key, and an operator that relates the key 15272 and values. 15273 properties: 15274 key: 15275 description: key is the label key that the selector applies 15276 to. 15277 type: string 15278 operator: 15279 description: operator represents a key's relationship to 15280 a set of values. Valid operators are In, NotIn, Exists 15281 and DoesNotExist. 15282 type: string 15283 values: 15284 description: values is an array of string values. If the 15285 operator is In or NotIn, the values array must be non-empty. 15286 If the operator is Exists or DoesNotExist, the values 15287 array must be empty. This array is replaced during a strategic 15288 merge patch. 15289 items: 15290 type: string 15291 type: array 15292 required: 15293 - key 15294 - operator 15295 type: object 15296 type: array 15297 matchLabels: 15298 additionalProperties: 15299 type: string 15300 description: matchLabels is a map of {key,value} pairs. A single 15301 {key,value} in the matchLabels map is equivalent to an element 15302 of matchExpressions, whose key field is "key", the operator 15303 is "In", and the values array contains only "value". The requirements 15304 are ANDed. 15305 type: object 15306 type: object 15307 ruleSelector: 15308 description: A selector to select which PrometheusRules to mount for 15309 loading alerting/recording rules from. Until (excluding) Prometheus 15310 Operator v0.24.0 Prometheus Operator will migrate any legacy rule 15311 ConfigMaps to PrometheusRule custom resources selected by RuleSelector. 15312 Make sure it does not match any config maps that you do not want 15313 to be migrated. 15314 properties: 15315 matchExpressions: 15316 description: matchExpressions is a list of label selector requirements. 15317 The requirements are ANDed. 15318 items: 15319 description: A label selector requirement is a selector that 15320 contains values, a key, and an operator that relates the key 15321 and values. 15322 properties: 15323 key: 15324 description: key is the label key that the selector applies 15325 to. 15326 type: string 15327 operator: 15328 description: operator represents a key's relationship to 15329 a set of values. Valid operators are In, NotIn, Exists 15330 and DoesNotExist. 15331 type: string 15332 values: 15333 description: values is an array of string values. If the 15334 operator is In or NotIn, the values array must be non-empty. 15335 If the operator is Exists or DoesNotExist, the values 15336 array must be empty. This array is replaced during a strategic 15337 merge patch. 15338 items: 15339 type: string 15340 type: array 15341 required: 15342 - key 15343 - operator 15344 type: object 15345 type: array 15346 matchLabels: 15347 additionalProperties: 15348 type: string 15349 description: matchLabels is a map of {key,value} pairs. A single 15350 {key,value} in the matchLabels map is equivalent to an element 15351 of matchExpressions, whose key field is "key", the operator 15352 is "In", and the values array contains only "value". The requirements 15353 are ANDed. 15354 type: object 15355 type: object 15356 rules: 15357 description: /--rules.*/ command-line arguments. 15358 properties: 15359 alert: 15360 description: /--rules.alert.*/ command-line arguments 15361 properties: 15362 forGracePeriod: 15363 description: Minimum duration between alert and restored 'for' 15364 state. This is maintained only for alerts with configured 15365 'for' time greater than grace period. 15366 type: string 15367 forOutageTolerance: 15368 description: Max time to tolerate prometheus outage for restoring 15369 'for' state of alert. 15370 type: string 15371 resendDelay: 15372 description: Minimum amount of time to wait before resending 15373 an alert to Alertmanager. 15374 type: string 15375 type: object 15376 type: object 15377 scrapeInterval: 15378 description: 'Interval between consecutive scrapes. Default: `1m`' 15379 type: string 15380 scrapeTimeout: 15381 description: Number of seconds to wait for target to respond before 15382 erroring. 15383 type: string 15384 secrets: 15385 description: Secrets is a list of Secrets in the same namespace as 15386 the Prometheus object, which shall be mounted into the Prometheus 15387 Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>. 15388 items: 15389 type: string 15390 type: array 15391 securityContext: 15392 description: SecurityContext holds pod-level security attributes and 15393 common container settings. This defaults to the default PodSecurityContext. 15394 properties: 15395 fsGroup: 15396 description: "A special supplemental group that applies to all 15397 containers in a pod. Some volume types allow the Kubelet to 15398 change the ownership of that volume to be owned by the pod: 15399 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 15400 set (new files created in the volume will be owned by FSGroup) 15401 3. The permission bits are OR'd with rw-rw---- \n If unset, 15402 the Kubelet will not modify the ownership and permissions of 15403 any volume. Note that this field cannot be set when spec.os.name 15404 is windows." 15405 format: int64 15406 type: integer 15407 fsGroupChangePolicy: 15408 description: 'fsGroupChangePolicy defines behavior of changing 15409 ownership and permission of the volume before being exposed 15410 inside Pod. This field will only apply to volume types which 15411 support fsGroup based ownership(and permissions). It will have 15412 no effect on ephemeral volume types such as: secret, configmaps 15413 and emptydir. Valid values are "OnRootMismatch" and "Always". 15414 If not specified, "Always" is used. Note that this field cannot 15415 be set when spec.os.name is windows.' 15416 type: string 15417 runAsGroup: 15418 description: The GID to run the entrypoint of the container process. 15419 Uses runtime default if unset. May also be set in SecurityContext. If 15420 set in both SecurityContext and PodSecurityContext, the value 15421 specified in SecurityContext takes precedence for that container. 15422 Note that this field cannot be set when spec.os.name is windows. 15423 format: int64 15424 type: integer 15425 runAsNonRoot: 15426 description: Indicates that the container must run as a non-root 15427 user. If true, the Kubelet will validate the image at runtime 15428 to ensure that it does not run as UID 0 (root) and fail to start 15429 the container if it does. If unset or false, no such validation 15430 will be performed. May also be set in SecurityContext. If set 15431 in both SecurityContext and PodSecurityContext, the value specified 15432 in SecurityContext takes precedence. 15433 type: boolean 15434 runAsUser: 15435 description: The UID to run the entrypoint of the container process. 15436 Defaults to user specified in image metadata if unspecified. 15437 May also be set in SecurityContext. If set in both SecurityContext 15438 and PodSecurityContext, the value specified in SecurityContext 15439 takes precedence for that container. Note that this field cannot 15440 be set when spec.os.name is windows. 15441 format: int64 15442 type: integer 15443 seLinuxOptions: 15444 description: The SELinux context to be applied to all containers. 15445 If unspecified, the container runtime will allocate a random 15446 SELinux context for each container. May also be set in SecurityContext. If 15447 set in both SecurityContext and PodSecurityContext, the value 15448 specified in SecurityContext takes precedence for that container. 15449 Note that this field cannot be set when spec.os.name is windows. 15450 properties: 15451 level: 15452 description: Level is SELinux level label that applies to 15453 the container. 15454 type: string 15455 role: 15456 description: Role is a SELinux role label that applies to 15457 the container. 15458 type: string 15459 type: 15460 description: Type is a SELinux type label that applies to 15461 the container. 15462 type: string 15463 user: 15464 description: User is a SELinux user label that applies to 15465 the container. 15466 type: string 15467 type: object 15468 seccompProfile: 15469 description: The seccomp options to use by the containers in this 15470 pod. Note that this field cannot be set when spec.os.name is 15471 windows. 15472 properties: 15473 localhostProfile: 15474 description: localhostProfile indicates a profile defined 15475 in a file on the node should be used. The profile must be 15476 preconfigured on the node to work. Must be a descending 15477 path, relative to the kubelet's configured seccomp profile 15478 location. Must only be set if type is "Localhost". 15479 type: string 15480 type: 15481 description: "type indicates which kind of seccomp profile 15482 will be applied. Valid options are: \n Localhost - a profile 15483 defined in a file on the node should be used. RuntimeDefault 15484 - the container runtime default profile should be used. 15485 Unconfined - no profile should be applied." 15486 type: string 15487 required: 15488 - type 15489 type: object 15490 supplementalGroups: 15491 description: A list of groups applied to the first process run 15492 in each container, in addition to the container's primary GID. If 15493 unspecified, no groups will be added to any container. Note 15494 that this field cannot be set when spec.os.name is windows. 15495 items: 15496 format: int64 15497 type: integer 15498 type: array 15499 sysctls: 15500 description: Sysctls hold a list of namespaced sysctls used for 15501 the pod. Pods with unsupported sysctls (by the container runtime) 15502 might fail to launch. Note that this field cannot be set when 15503 spec.os.name is windows. 15504 items: 15505 description: Sysctl defines a kernel parameter to be set 15506 properties: 15507 name: 15508 description: Name of a property to set 15509 type: string 15510 value: 15511 description: Value of a property to set 15512 type: string 15513 required: 15514 - name 15515 - value 15516 type: object 15517 type: array 15518 windowsOptions: 15519 description: The Windows specific settings applied to all containers. 15520 If unspecified, the options within a container's SecurityContext 15521 will be used. If set in both SecurityContext and PodSecurityContext, 15522 the value specified in SecurityContext takes precedence. Note 15523 that this field cannot be set when spec.os.name is linux. 15524 properties: 15525 gmsaCredentialSpec: 15526 description: GMSACredentialSpec is where the GMSA admission 15527 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 15528 inlines the contents of the GMSA credential spec named by 15529 the GMSACredentialSpecName field. 15530 type: string 15531 gmsaCredentialSpecName: 15532 description: GMSACredentialSpecName is the name of the GMSA 15533 credential spec to use. 15534 type: string 15535 hostProcess: 15536 description: HostProcess determines if a container should 15537 be run as a 'Host Process' container. This field is alpha-level 15538 and will only be honored by components that enable the WindowsHostProcessContainers 15539 feature flag. Setting this field without the feature flag 15540 will result in errors when validating the Pod. All of a 15541 Pod's containers must have the same effective HostProcess 15542 value (it is not allowed to have a mix of HostProcess containers 15543 and non-HostProcess containers). In addition, if HostProcess 15544 is true then HostNetwork must also be set to true. 15545 type: boolean 15546 runAsUserName: 15547 description: The UserName in Windows to run the entrypoint 15548 of the container process. Defaults to the user specified 15549 in image metadata if unspecified. May also be set in PodSecurityContext. 15550 If set in both SecurityContext and PodSecurityContext, the 15551 value specified in SecurityContext takes precedence. 15552 type: string 15553 type: object 15554 type: object 15555 serviceAccountName: 15556 description: ServiceAccountName is the name of the ServiceAccount 15557 to use to run the Prometheus Pods. 15558 type: string 15559 serviceMonitorNamespaceSelector: 15560 description: Namespace's labels to match for ServiceMonitor discovery. 15561 If nil, only check own namespace. 15562 properties: 15563 matchExpressions: 15564 description: matchExpressions is a list of label selector requirements. 15565 The requirements are ANDed. 15566 items: 15567 description: A label selector requirement is a selector that 15568 contains values, a key, and an operator that relates the key 15569 and values. 15570 properties: 15571 key: 15572 description: key is the label key that the selector applies 15573 to. 15574 type: string 15575 operator: 15576 description: operator represents a key's relationship to 15577 a set of values. Valid operators are In, NotIn, Exists 15578 and DoesNotExist. 15579 type: string 15580 values: 15581 description: values is an array of string values. If the 15582 operator is In or NotIn, the values array must be non-empty. 15583 If the operator is Exists or DoesNotExist, the values 15584 array must be empty. This array is replaced during a strategic 15585 merge patch. 15586 items: 15587 type: string 15588 type: array 15589 required: 15590 - key 15591 - operator 15592 type: object 15593 type: array 15594 matchLabels: 15595 additionalProperties: 15596 type: string 15597 description: matchLabels is a map of {key,value} pairs. A single 15598 {key,value} in the matchLabels map is equivalent to an element 15599 of matchExpressions, whose key field is "key", the operator 15600 is "In", and the values array contains only "value". The requirements 15601 are ANDed. 15602 type: object 15603 type: object 15604 serviceMonitorSelector: 15605 description: ServiceMonitors to be selected for target discovery. 15606 *Deprecated:* if neither this nor podMonitorSelector are specified, 15607 configuration is unmanaged. 15608 properties: 15609 matchExpressions: 15610 description: matchExpressions is a list of label selector requirements. 15611 The requirements are ANDed. 15612 items: 15613 description: A label selector requirement is a selector that 15614 contains values, a key, and an operator that relates the key 15615 and values. 15616 properties: 15617 key: 15618 description: key is the label key that the selector applies 15619 to. 15620 type: string 15621 operator: 15622 description: operator represents a key's relationship to 15623 a set of values. Valid operators are In, NotIn, Exists 15624 and DoesNotExist. 15625 type: string 15626 values: 15627 description: values is an array of string values. If the 15628 operator is In or NotIn, the values array must be non-empty. 15629 If the operator is Exists or DoesNotExist, the values 15630 array must be empty. This array is replaced during a strategic 15631 merge patch. 15632 items: 15633 type: string 15634 type: array 15635 required: 15636 - key 15637 - operator 15638 type: object 15639 type: array 15640 matchLabels: 15641 additionalProperties: 15642 type: string 15643 description: matchLabels is a map of {key,value} pairs. A single 15644 {key,value} in the matchLabels map is equivalent to an element 15645 of matchExpressions, whose key field is "key", the operator 15646 is "In", and the values array contains only "value". The requirements 15647 are ANDed. 15648 type: object 15649 type: object 15650 sha: 15651 description: 'SHA of Prometheus container image to be deployed. Defaults 15652 to the value of `version`. Similar to a tag, but the SHA explicitly 15653 deploys an immutable container image. Version and Tag are ignored 15654 if SHA is set. Deprecated: use ''image'' instead. The image digest 15655 can be specified as part of the image URL.' 15656 type: string 15657 shards: 15658 description: 'EXPERIMENTAL: Number of shards to distribute targets 15659 onto. Number of replicas multiplied by shards is the total number 15660 of Pods created. Note that scaling down shards will not reshard 15661 data onto remaining instances, it must be manually moved. Increasing 15662 shards will not reshard data either but it will continue to be available 15663 from the same instances. To query globally use Thanos sidecar and 15664 Thanos querier or remote write data to a central location. Sharding 15665 is done on the content of the `__address__` target meta-label.' 15666 format: int32 15667 type: integer 15668 storage: 15669 description: Storage spec to specify how storage shall be used. 15670 properties: 15671 disableMountSubPath: 15672 description: 'Deprecated: subPath usage will be disabled by default 15673 in a future release, this option will become unnecessary. DisableMountSubPath 15674 allows to remove any subPath usage in volume mounts.' 15675 type: boolean 15676 emptyDir: 15677 description: 'EmptyDirVolumeSource to be used by the Prometheus 15678 StatefulSets. If specified, used in place of any volumeClaimTemplate. 15679 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 15680 properties: 15681 medium: 15682 description: 'What type of storage medium should back this 15683 directory. The default is "" which means to use the node''s 15684 default medium. Must be an empty string (default) or Memory. 15685 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 15686 type: string 15687 sizeLimit: 15688 anyOf: 15689 - type: integer 15690 - type: string 15691 description: 'Total amount of local storage required for this 15692 EmptyDir volume. The size limit is also applicable for memory 15693 medium. The maximum usage on memory medium EmptyDir would 15694 be the minimum value between the SizeLimit specified here 15695 and the sum of memory limits of all containers in a pod. 15696 The default is nil which means that the limit is undefined. 15697 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 15698 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15699 x-kubernetes-int-or-string: true 15700 type: object 15701 ephemeral: 15702 description: 'EphemeralVolumeSource to be used by the Prometheus 15703 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 15704 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 15705 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 15706 properties: 15707 volumeClaimTemplate: 15708 description: "Will be used to create a stand-alone PVC to 15709 provision the volume. The pod in which this EphemeralVolumeSource 15710 is embedded will be the owner of the PVC, i.e. the PVC will 15711 be deleted together with the pod. The name of the PVC will 15712 be `<pod name>-<volume name>` where `<volume name>` is the 15713 name from the `PodSpec.Volumes` array entry. Pod validation 15714 will reject the pod if the concatenated name is not valid 15715 for a PVC (for example, too long). \n An existing PVC with 15716 that name that is not owned by the pod will *not* be used 15717 for the pod to avoid using an unrelated volume by mistake. 15718 Starting the pod is then blocked until the unrelated PVC 15719 is removed. If such a pre-created PVC is meant to be used 15720 by the pod, the PVC has to updated with an owner reference 15721 to the pod once the pod exists. Normally this should not 15722 be necessary, but it may be useful when manually reconstructing 15723 a broken cluster. \n This field is read-only and no changes 15724 will be made by Kubernetes to the PVC after it has been 15725 created. \n Required, must not be nil." 15726 properties: 15727 metadata: 15728 description: May contain labels and annotations that will 15729 be copied into the PVC when creating it. No other fields 15730 are allowed and will be rejected during validation. 15731 type: object 15732 spec: 15733 description: The specification for the PersistentVolumeClaim. 15734 The entire content is copied unchanged into the PVC 15735 that gets created from this template. The same fields 15736 as in a PersistentVolumeClaim are also valid here. 15737 properties: 15738 accessModes: 15739 description: 'AccessModes contains the desired access 15740 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 15741 items: 15742 type: string 15743 type: array 15744 dataSource: 15745 description: 'This field can be used to specify either: 15746 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 15747 * An existing PVC (PersistentVolumeClaim) If the 15748 provisioner or an external controller can support 15749 the specified data source, it will create a new 15750 volume based on the contents of the specified data 15751 source. If the AnyVolumeDataSource feature gate 15752 is enabled, this field will always have the same 15753 contents as the DataSourceRef field.' 15754 properties: 15755 apiGroup: 15756 description: APIGroup is the group for the resource 15757 being referenced. If APIGroup is not specified, 15758 the specified Kind must be in the core API group. 15759 For any other third-party types, APIGroup is 15760 required. 15761 type: string 15762 kind: 15763 description: Kind is the type of resource being 15764 referenced 15765 type: string 15766 name: 15767 description: Name is the name of resource being 15768 referenced 15769 type: string 15770 required: 15771 - kind 15772 - name 15773 type: object 15774 dataSourceRef: 15775 description: 'Specifies the object from which to populate 15776 the volume with data, if a non-empty volume is desired. 15777 This may be any local object from a non-empty API 15778 group (non core object) or a PersistentVolumeClaim 15779 object. When this field is specified, volume binding 15780 will only succeed if the type of the specified object 15781 matches some installed volume populator or dynamic 15782 provisioner. This field will replace the functionality 15783 of the DataSource field and as such if both fields 15784 are non-empty, they must have the same value. For 15785 backwards compatibility, both fields (DataSource 15786 and DataSourceRef) will be set to the same value 15787 automatically if one of them is empty and the other 15788 is non-empty. There are two important differences 15789 between DataSource and DataSourceRef: * While DataSource 15790 only allows two specific types of objects, DataSourceRef allows 15791 any non-core object, as well as PersistentVolumeClaim 15792 objects. * While DataSource ignores disallowed values 15793 (dropping them), DataSourceRef preserves all values, 15794 and generates an error if a disallowed value is specified. 15795 (Alpha) Using this field requires the AnyVolumeDataSource 15796 feature gate to be enabled.' 15797 properties: 15798 apiGroup: 15799 description: APIGroup is the group for the resource 15800 being referenced. If APIGroup is not specified, 15801 the specified Kind must be in the core API group. 15802 For any other third-party types, APIGroup is 15803 required. 15804 type: string 15805 kind: 15806 description: Kind is the type of resource being 15807 referenced 15808 type: string 15809 name: 15810 description: Name is the name of resource being 15811 referenced 15812 type: string 15813 required: 15814 - kind 15815 - name 15816 type: object 15817 resources: 15818 description: 'Resources represents the minimum resources 15819 the volume should have. If RecoverVolumeExpansionFailure 15820 feature is enabled users are allowed to specify 15821 resource requirements that are lower than previous 15822 value but must still be higher than capacity recorded 15823 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 15824 properties: 15825 limits: 15826 additionalProperties: 15827 anyOf: 15828 - type: integer 15829 - type: string 15830 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15831 x-kubernetes-int-or-string: true 15832 description: 'Limits describes the maximum amount 15833 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15834 type: object 15835 requests: 15836 additionalProperties: 15837 anyOf: 15838 - type: integer 15839 - type: string 15840 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15841 x-kubernetes-int-or-string: true 15842 description: 'Requests describes the minimum amount 15843 of compute resources required. If Requests is 15844 omitted for a container, it defaults to Limits 15845 if that is explicitly specified, otherwise to 15846 an implementation-defined value. More info: 15847 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15848 type: object 15849 type: object 15850 selector: 15851 description: A label query over volumes to consider 15852 for binding. 15853 properties: 15854 matchExpressions: 15855 description: matchExpressions is a list of label 15856 selector requirements. The requirements are 15857 ANDed. 15858 items: 15859 description: A label selector requirement is 15860 a selector that contains values, a key, and 15861 an operator that relates the key and values. 15862 properties: 15863 key: 15864 description: key is the label key that the 15865 selector applies to. 15866 type: string 15867 operator: 15868 description: operator represents a key's 15869 relationship to a set of values. Valid 15870 operators are In, NotIn, Exists and DoesNotExist. 15871 type: string 15872 values: 15873 description: values is an array of string 15874 values. If the operator is In or NotIn, 15875 the values array must be non-empty. If 15876 the operator is Exists or DoesNotExist, 15877 the values array must be empty. This array 15878 is replaced during a strategic merge patch. 15879 items: 15880 type: string 15881 type: array 15882 required: 15883 - key 15884 - operator 15885 type: object 15886 type: array 15887 matchLabels: 15888 additionalProperties: 15889 type: string 15890 description: matchLabels is a map of {key,value} 15891 pairs. A single {key,value} in the matchLabels 15892 map is equivalent to an element of matchExpressions, 15893 whose key field is "key", the operator is "In", 15894 and the values array contains only "value". 15895 The requirements are ANDed. 15896 type: object 15897 type: object 15898 storageClassName: 15899 description: 'Name of the StorageClass required by 15900 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 15901 type: string 15902 volumeMode: 15903 description: volumeMode defines what type of volume 15904 is required by the claim. Value of Filesystem is 15905 implied when not included in claim spec. 15906 type: string 15907 volumeName: 15908 description: VolumeName is the binding reference to 15909 the PersistentVolume backing this claim. 15910 type: string 15911 type: object 15912 required: 15913 - spec 15914 type: object 15915 type: object 15916 volumeClaimTemplate: 15917 description: A PVC spec to be used by the Prometheus StatefulSets. 15918 properties: 15919 apiVersion: 15920 description: 'APIVersion defines the versioned schema of this 15921 representation of an object. Servers should convert recognized 15922 schemas to the latest internal value, and may reject unrecognized 15923 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15924 type: string 15925 kind: 15926 description: 'Kind is a string value representing the REST 15927 resource this object represents. Servers may infer this 15928 from the endpoint the client submits requests to. Cannot 15929 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15930 type: string 15931 metadata: 15932 description: EmbeddedMetadata contains metadata relevant to 15933 an EmbeddedResource. 15934 properties: 15935 annotations: 15936 additionalProperties: 15937 type: string 15938 description: 'Annotations is an unstructured key value 15939 map stored with a resource that may be set by external 15940 tools to store and retrieve arbitrary metadata. They 15941 are not queryable and should be preserved when modifying 15942 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 15943 type: object 15944 labels: 15945 additionalProperties: 15946 type: string 15947 description: 'Map of string keys and values that can be 15948 used to organize and categorize (scope and select) objects. 15949 May match selectors of replication controllers and services. 15950 More info: http://kubernetes.io/docs/user-guide/labels' 15951 type: object 15952 name: 15953 description: 'Name must be unique within a namespace. 15954 Is required when creating resources, although some resources 15955 may allow a client to request the generation of an appropriate 15956 name automatically. Name is primarily intended for creation 15957 idempotence and configuration definition. Cannot be 15958 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 15959 type: string 15960 type: object 15961 spec: 15962 description: 'Spec defines the desired characteristics of 15963 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 15964 properties: 15965 accessModes: 15966 description: 'AccessModes contains the desired access 15967 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 15968 items: 15969 type: string 15970 type: array 15971 dataSource: 15972 description: 'This field can be used to specify either: 15973 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 15974 * An existing PVC (PersistentVolumeClaim) If the provisioner 15975 or an external controller can support the specified 15976 data source, it will create a new volume based on the 15977 contents of the specified data source. If the AnyVolumeDataSource 15978 feature gate is enabled, this field will always have 15979 the same contents as the DataSourceRef field.' 15980 properties: 15981 apiGroup: 15982 description: APIGroup is the group for the resource 15983 being referenced. If APIGroup is not specified, 15984 the specified Kind must be in the core API group. 15985 For any other third-party types, APIGroup is required. 15986 type: string 15987 kind: 15988 description: Kind is the type of resource being referenced 15989 type: string 15990 name: 15991 description: Name is the name of resource being referenced 15992 type: string 15993 required: 15994 - kind 15995 - name 15996 type: object 15997 dataSourceRef: 15998 description: 'Specifies the object from which to populate 15999 the volume with data, if a non-empty volume is desired. 16000 This may be any local object from a non-empty API group 16001 (non core object) or a PersistentVolumeClaim object. 16002 When this field is specified, volume binding will only 16003 succeed if the type of the specified object matches 16004 some installed volume populator or dynamic provisioner. 16005 This field will replace the functionality of the DataSource 16006 field and as such if both fields are non-empty, they 16007 must have the same value. For backwards compatibility, 16008 both fields (DataSource and DataSourceRef) will be set 16009 to the same value automatically if one of them is empty 16010 and the other is non-empty. There are two important 16011 differences between DataSource and DataSourceRef: * 16012 While DataSource only allows two specific types of objects, 16013 DataSourceRef allows any non-core object, as well 16014 as PersistentVolumeClaim objects. * While DataSource 16015 ignores disallowed values (dropping them), DataSourceRef preserves 16016 all values, and generates an error if a disallowed value 16017 is specified. (Alpha) Using this field requires the 16018 AnyVolumeDataSource feature gate to be enabled.' 16019 properties: 16020 apiGroup: 16021 description: APIGroup is the group for the resource 16022 being referenced. If APIGroup is not specified, 16023 the specified Kind must be in the core API group. 16024 For any other third-party types, APIGroup is required. 16025 type: string 16026 kind: 16027 description: Kind is the type of resource being referenced 16028 type: string 16029 name: 16030 description: Name is the name of resource being referenced 16031 type: string 16032 required: 16033 - kind 16034 - name 16035 type: object 16036 resources: 16037 description: 'Resources represents the minimum resources 16038 the volume should have. If RecoverVolumeExpansionFailure 16039 feature is enabled users are allowed to specify resource 16040 requirements that are lower than previous value but 16041 must still be higher than capacity recorded in the status 16042 field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 16043 properties: 16044 limits: 16045 additionalProperties: 16046 anyOf: 16047 - type: integer 16048 - type: string 16049 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16050 x-kubernetes-int-or-string: true 16051 description: 'Limits describes the maximum amount 16052 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16053 type: object 16054 requests: 16055 additionalProperties: 16056 anyOf: 16057 - type: integer 16058 - type: string 16059 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16060 x-kubernetes-int-or-string: true 16061 description: 'Requests describes the minimum amount 16062 of compute resources required. If Requests is omitted 16063 for a container, it defaults to Limits if that is 16064 explicitly specified, otherwise to an implementation-defined 16065 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16066 type: object 16067 type: object 16068 selector: 16069 description: A label query over volumes to consider for 16070 binding. 16071 properties: 16072 matchExpressions: 16073 description: matchExpressions is a list of label selector 16074 requirements. The requirements are ANDed. 16075 items: 16076 description: A label selector requirement is a selector 16077 that contains values, a key, and an operator that 16078 relates the key and values. 16079 properties: 16080 key: 16081 description: key is the label key that the selector 16082 applies to. 16083 type: string 16084 operator: 16085 description: operator represents a key's relationship 16086 to a set of values. Valid operators are In, 16087 NotIn, Exists and DoesNotExist. 16088 type: string 16089 values: 16090 description: values is an array of string values. 16091 If the operator is In or NotIn, the values 16092 array must be non-empty. If the operator is 16093 Exists or DoesNotExist, the values array must 16094 be empty. This array is replaced during a 16095 strategic merge patch. 16096 items: 16097 type: string 16098 type: array 16099 required: 16100 - key 16101 - operator 16102 type: object 16103 type: array 16104 matchLabels: 16105 additionalProperties: 16106 type: string 16107 description: matchLabels is a map of {key,value} pairs. 16108 A single {key,value} in the matchLabels map is equivalent 16109 to an element of matchExpressions, whose key field 16110 is "key", the operator is "In", and the values array 16111 contains only "value". The requirements are ANDed. 16112 type: object 16113 type: object 16114 storageClassName: 16115 description: 'Name of the StorageClass required by the 16116 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 16117 type: string 16118 volumeMode: 16119 description: volumeMode defines what type of volume is 16120 required by the claim. Value of Filesystem is implied 16121 when not included in claim spec. 16122 type: string 16123 volumeName: 16124 description: VolumeName is the binding reference to the 16125 PersistentVolume backing this claim. 16126 type: string 16127 type: object 16128 status: 16129 description: 'Status represents the current information/status 16130 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 16131 properties: 16132 accessModes: 16133 description: 'AccessModes contains the actual access modes 16134 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 16135 items: 16136 type: string 16137 type: array 16138 allocatedResources: 16139 additionalProperties: 16140 anyOf: 16141 - type: integer 16142 - type: string 16143 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16144 x-kubernetes-int-or-string: true 16145 description: The storage resource within AllocatedResources 16146 tracks the capacity allocated to a PVC. It may be larger 16147 than the actual capacity when a volume expansion operation 16148 is requested. For storage quota, the larger value from 16149 allocatedResources and PVC.spec.resources is used. If 16150 allocatedResources is not set, PVC.spec.resources alone 16151 is used for quota calculation. If a volume expansion 16152 capacity request is lowered, allocatedResources is only 16153 lowered if there are no expansion operations in progress 16154 and if the actual volume capacity is equal or lower 16155 than the requested capacity. This is an alpha field 16156 and requires enabling RecoverVolumeExpansionFailure 16157 feature. 16158 type: object 16159 capacity: 16160 additionalProperties: 16161 anyOf: 16162 - type: integer 16163 - type: string 16164 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16165 x-kubernetes-int-or-string: true 16166 description: Represents the actual resources of the underlying 16167 volume. 16168 type: object 16169 conditions: 16170 description: Current Condition of persistent volume claim. 16171 If underlying persistent volume is being resized then 16172 the Condition will be set to 'ResizeStarted'. 16173 items: 16174 description: PersistentVolumeClaimCondition contails 16175 details about state of pvc 16176 properties: 16177 lastProbeTime: 16178 description: Last time we probed the condition. 16179 format: date-time 16180 type: string 16181 lastTransitionTime: 16182 description: Last time the condition transitioned 16183 from one status to another. 16184 format: date-time 16185 type: string 16186 message: 16187 description: Human-readable message indicating details 16188 about last transition. 16189 type: string 16190 reason: 16191 description: Unique, this should be a short, machine 16192 understandable string that gives the reason for 16193 condition's last transition. If it reports "ResizeStarted" 16194 that means the underlying persistent volume is 16195 being resized. 16196 type: string 16197 status: 16198 type: string 16199 type: 16200 description: PersistentVolumeClaimConditionType 16201 is a valid value of PersistentVolumeClaimCondition.Type 16202 type: string 16203 required: 16204 - status 16205 - type 16206 type: object 16207 type: array 16208 phase: 16209 description: Phase represents the current phase of PersistentVolumeClaim. 16210 type: string 16211 resizeStatus: 16212 description: ResizeStatus stores status of resize operation. 16213 ResizeStatus is not set by default but when expansion 16214 is complete resizeStatus is set to empty string by resize 16215 controller or kubelet. This is an alpha field and requires 16216 enabling RecoverVolumeExpansionFailure feature. 16217 type: string 16218 type: object 16219 type: object 16220 type: object 16221 tag: 16222 description: 'Tag of Prometheus container image to be deployed. Defaults 16223 to the value of `version`. Version is ignored if Tag is set. Deprecated: 16224 use ''image'' instead. The image tag can be specified as part of 16225 the image URL.' 16226 type: string 16227 thanos: 16228 description: "Thanos configuration allows configuring various aspects 16229 of a Prometheus server in a Thanos environment. \n This section 16230 is experimental, it may change significantly without deprecation 16231 notice in any release. \n This is experimental and may change significantly 16232 without backward compatibility in any release." 16233 properties: 16234 baseImage: 16235 description: 'Thanos base image if other than default. Deprecated: 16236 use ''image'' instead' 16237 type: string 16238 grpcServerTlsConfig: 16239 description: 'GRPCServerTLSConfig configures the gRPC server from 16240 which Thanos Querier reads recorded rule data. Note: Currently 16241 only the CAFile, CertFile, and KeyFile fields are supported. 16242 Maps to the ''--grpc-server-tls-*'' CLI args.' 16243 properties: 16244 ca: 16245 description: Struct containing the CA cert to use for the 16246 targets. 16247 properties: 16248 configMap: 16249 description: ConfigMap containing data to use for the 16250 targets. 16251 properties: 16252 key: 16253 description: The key to select. 16254 type: string 16255 name: 16256 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16257 TODO: Add other useful fields. apiVersion, kind, 16258 uid?' 16259 type: string 16260 optional: 16261 description: Specify whether the ConfigMap or its 16262 key must be defined 16263 type: boolean 16264 required: 16265 - key 16266 type: object 16267 secret: 16268 description: Secret containing data to use for the targets. 16269 properties: 16270 key: 16271 description: The key of the secret to select from. Must 16272 be a valid secret key. 16273 type: string 16274 name: 16275 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16276 TODO: Add other useful fields. apiVersion, kind, 16277 uid?' 16278 type: string 16279 optional: 16280 description: Specify whether the Secret or its key 16281 must be defined 16282 type: boolean 16283 required: 16284 - key 16285 type: object 16286 type: object 16287 caFile: 16288 description: Path to the CA cert in the Prometheus container 16289 to use for the targets. 16290 type: string 16291 cert: 16292 description: Struct containing the client cert file for the 16293 targets. 16294 properties: 16295 configMap: 16296 description: ConfigMap containing data to use for the 16297 targets. 16298 properties: 16299 key: 16300 description: The key to select. 16301 type: string 16302 name: 16303 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16304 TODO: Add other useful fields. apiVersion, kind, 16305 uid?' 16306 type: string 16307 optional: 16308 description: Specify whether the ConfigMap or its 16309 key must be defined 16310 type: boolean 16311 required: 16312 - key 16313 type: object 16314 secret: 16315 description: Secret containing data to use for the targets. 16316 properties: 16317 key: 16318 description: The key of the secret to select from. Must 16319 be a valid secret key. 16320 type: string 16321 name: 16322 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16323 TODO: Add other useful fields. apiVersion, kind, 16324 uid?' 16325 type: string 16326 optional: 16327 description: Specify whether the Secret or its key 16328 must be defined 16329 type: boolean 16330 required: 16331 - key 16332 type: object 16333 type: object 16334 certFile: 16335 description: Path to the client cert file in the Prometheus 16336 container for the targets. 16337 type: string 16338 insecureSkipVerify: 16339 description: Disable target certificate validation. 16340 type: boolean 16341 keyFile: 16342 description: Path to the client key file in the Prometheus 16343 container for the targets. 16344 type: string 16345 keySecret: 16346 description: Secret containing the client key file for the 16347 targets. 16348 properties: 16349 key: 16350 description: The key of the secret to select from. Must 16351 be a valid secret key. 16352 type: string 16353 name: 16354 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16355 TODO: Add other useful fields. apiVersion, kind, uid?' 16356 type: string 16357 optional: 16358 description: Specify whether the Secret or its key must 16359 be defined 16360 type: boolean 16361 required: 16362 - key 16363 type: object 16364 serverName: 16365 description: Used to verify the hostname for the targets. 16366 type: string 16367 type: object 16368 image: 16369 description: Image if specified has precedence over baseImage, 16370 tag and sha combinations. Specifying the version is still necessary 16371 to ensure the Prometheus Operator knows what version of Thanos 16372 is being configured. 16373 type: string 16374 listenLocal: 16375 description: ListenLocal makes the Thanos sidecar listen on loopback, 16376 so that it does not bind against the Pod IP. 16377 type: boolean 16378 logFormat: 16379 description: LogFormat for Thanos sidecar to be configured with. 16380 type: string 16381 logLevel: 16382 description: LogLevel for Thanos sidecar to be configured with. 16383 type: string 16384 minTime: 16385 description: MinTime for Thanos sidecar to be configured with. 16386 Option can be a constant time in RFC3339 format or time duration 16387 relative to current time, such as -1d or 2h45m. Valid duration 16388 units are ms, s, m, h, d, w, y. 16389 type: string 16390 objectStorageConfig: 16391 description: ObjectStorageConfig configures object storage in 16392 Thanos. Alternative to ObjectStorageConfigFile, and lower order 16393 priority. 16394 properties: 16395 key: 16396 description: The key of the secret to select from. Must be 16397 a valid secret key. 16398 type: string 16399 name: 16400 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16401 TODO: Add other useful fields. apiVersion, kind, uid?' 16402 type: string 16403 optional: 16404 description: Specify whether the Secret or its key must be 16405 defined 16406 type: boolean 16407 required: 16408 - key 16409 type: object 16410 objectStorageConfigFile: 16411 description: ObjectStorageConfigFile specifies the path of the 16412 object storage configuration file. When used alongside with 16413 ObjectStorageConfig, ObjectStorageConfigFile takes precedence. 16414 type: string 16415 readyTimeout: 16416 description: ReadyTimeout is the maximum time Thanos sidecar will 16417 wait for Prometheus to start. Eg 10m 16418 type: string 16419 resources: 16420 description: Resources defines the resource requirements for the 16421 Thanos sidecar. If not provided, no requests/limits will be 16422 set 16423 properties: 16424 limits: 16425 additionalProperties: 16426 anyOf: 16427 - type: integer 16428 - type: string 16429 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16430 x-kubernetes-int-or-string: true 16431 description: 'Limits describes the maximum amount of compute 16432 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16433 type: object 16434 requests: 16435 additionalProperties: 16436 anyOf: 16437 - type: integer 16438 - type: string 16439 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16440 x-kubernetes-int-or-string: true 16441 description: 'Requests describes the minimum amount of compute 16442 resources required. If Requests is omitted for a container, 16443 it defaults to Limits if that is explicitly specified, otherwise 16444 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16445 type: object 16446 type: object 16447 sha: 16448 description: 'SHA of Thanos container image to be deployed. Defaults 16449 to the value of `version`. Similar to a tag, but the SHA explicitly 16450 deploys an immutable container image. Version and Tag are ignored 16451 if SHA is set. Deprecated: use ''image'' instead. The image 16452 digest can be specified as part of the image URL.' 16453 type: string 16454 tag: 16455 description: 'Tag of Thanos sidecar container image to be deployed. 16456 Defaults to the value of `version`. Version is ignored if Tag 16457 is set. Deprecated: use ''image'' instead. The image tag can 16458 be specified as part of the image URL.' 16459 type: string 16460 tracingConfig: 16461 description: TracingConfig configures tracing in Thanos. This 16462 is an experimental feature, it may change in any upcoming release 16463 in a breaking way. 16464 properties: 16465 key: 16466 description: The key of the secret to select from. Must be 16467 a valid secret key. 16468 type: string 16469 name: 16470 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16471 TODO: Add other useful fields. apiVersion, kind, uid?' 16472 type: string 16473 optional: 16474 description: Specify whether the Secret or its key must be 16475 defined 16476 type: boolean 16477 required: 16478 - key 16479 type: object 16480 tracingConfigFile: 16481 description: TracingConfig specifies the path of the tracing configuration 16482 file. When used alongside with TracingConfig, TracingConfigFile 16483 takes precedence. 16484 type: string 16485 version: 16486 description: Version describes the version of Thanos to use. 16487 type: string 16488 volumeMounts: 16489 description: VolumeMounts allows configuration of additional VolumeMounts 16490 on the output StatefulSet definition. VolumeMounts specified 16491 will be appended to other VolumeMounts in the thanos-sidecar 16492 container. 16493 items: 16494 description: VolumeMount describes a mounting of a Volume within 16495 a container. 16496 properties: 16497 mountPath: 16498 description: Path within the container at which the volume 16499 should be mounted. Must not contain ':'. 16500 type: string 16501 mountPropagation: 16502 description: mountPropagation determines how mounts are 16503 propagated from the host to container and the other way 16504 around. When not set, MountPropagationNone is used. This 16505 field is beta in 1.10. 16506 type: string 16507 name: 16508 description: This must match the Name of a Volume. 16509 type: string 16510 readOnly: 16511 description: Mounted read-only if true, read-write otherwise 16512 (false or unspecified). Defaults to false. 16513 type: boolean 16514 subPath: 16515 description: Path within the volume from which the container's 16516 volume should be mounted. Defaults to "" (volume's root). 16517 type: string 16518 subPathExpr: 16519 description: Expanded path within the volume from which 16520 the container's volume should be mounted. Behaves similarly 16521 to SubPath but environment variable references $(VAR_NAME) 16522 are expanded using the container's environment. Defaults 16523 to "" (volume's root). SubPathExpr and SubPath are mutually 16524 exclusive. 16525 type: string 16526 required: 16527 - mountPath 16528 - name 16529 type: object 16530 type: array 16531 type: object 16532 tolerations: 16533 description: If specified, the pod's tolerations. 16534 items: 16535 description: The pod this Toleration is attached to tolerates any 16536 taint that matches the triple <key,value,effect> using the matching 16537 operator <operator>. 16538 properties: 16539 effect: 16540 description: Effect indicates the taint effect to match. Empty 16541 means match all taint effects. When specified, allowed values 16542 are NoSchedule, PreferNoSchedule and NoExecute. 16543 type: string 16544 key: 16545 description: Key is the taint key that the toleration applies 16546 to. Empty means match all taint keys. If the key is empty, 16547 operator must be Exists; this combination means to match all 16548 values and all keys. 16549 type: string 16550 operator: 16551 description: Operator represents a key's relationship to the 16552 value. Valid operators are Exists and Equal. Defaults to Equal. 16553 Exists is equivalent to wildcard for value, so that a pod 16554 can tolerate all taints of a particular category. 16555 type: string 16556 tolerationSeconds: 16557 description: TolerationSeconds represents the period of time 16558 the toleration (which must be of effect NoExecute, otherwise 16559 this field is ignored) tolerates the taint. By default, it 16560 is not set, which means tolerate the taint forever (do not 16561 evict). Zero and negative values will be treated as 0 (evict 16562 immediately) by the system. 16563 format: int64 16564 type: integer 16565 value: 16566 description: Value is the taint value the toleration matches 16567 to. If the operator is Exists, the value should be empty, 16568 otherwise just a regular string. 16569 type: string 16570 type: object 16571 type: array 16572 topologySpreadConstraints: 16573 description: If specified, the pod's topology spread constraints. 16574 items: 16575 description: TopologySpreadConstraint specifies how to spread matching 16576 pods among the given topology. 16577 properties: 16578 labelSelector: 16579 description: LabelSelector is used to find matching pods. Pods 16580 that match this label selector are counted to determine the 16581 number of pods in their corresponding topology domain. 16582 properties: 16583 matchExpressions: 16584 description: matchExpressions is a list of label selector 16585 requirements. The requirements are ANDed. 16586 items: 16587 description: A label selector requirement is a selector 16588 that contains values, a key, and an operator that relates 16589 the key and values. 16590 properties: 16591 key: 16592 description: key is the label key that the selector 16593 applies to. 16594 type: string 16595 operator: 16596 description: operator represents a key's relationship 16597 to a set of values. Valid operators are In, NotIn, 16598 Exists and DoesNotExist. 16599 type: string 16600 values: 16601 description: values is an array of string values. 16602 If the operator is In or NotIn, the values array 16603 must be non-empty. If the operator is Exists or 16604 DoesNotExist, the values array must be empty. This 16605 array is replaced during a strategic merge patch. 16606 items: 16607 type: string 16608 type: array 16609 required: 16610 - key 16611 - operator 16612 type: object 16613 type: array 16614 matchLabels: 16615 additionalProperties: 16616 type: string 16617 description: matchLabels is a map of {key,value} pairs. 16618 A single {key,value} in the matchLabels map is equivalent 16619 to an element of matchExpressions, whose key field is 16620 "key", the operator is "In", and the values array contains 16621 only "value". The requirements are ANDed. 16622 type: object 16623 type: object 16624 maxSkew: 16625 description: 'MaxSkew describes the degree to which pods may 16626 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 16627 it is the maximum permitted difference between the number 16628 of matching pods in the target topology and the global minimum. 16629 For example, in a 3-zone cluster, MaxSkew is set to 1, and 16630 pods with the same labelSelector spread as 1/1/0: | zone1 16631 | zone2 | zone3 | | P | P | | - if MaxSkew is 16632 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 16633 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 16634 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 16635 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 16636 it is used to give higher precedence to topologies that satisfy 16637 it. It''s a required field. Default value is 1 and 0 is not 16638 allowed.' 16639 format: int32 16640 type: integer 16641 topologyKey: 16642 description: TopologyKey is the key of node labels. Nodes that 16643 have a label with this key and identical values are considered 16644 to be in the same topology. We consider each <key, value> 16645 as a "bucket", and try to put balanced number of pods into 16646 each bucket. It's a required field. 16647 type: string 16648 whenUnsatisfiable: 16649 description: 'WhenUnsatisfiable indicates how to deal with a 16650 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 16651 (default) tells the scheduler not to schedule it. - ScheduleAnyway 16652 tells the scheduler to schedule the pod in any location, but 16653 giving higher precedence to topologies that would help reduce 16654 the skew. A constraint is considered "Unsatisfiable" for 16655 an incoming pod if and only if every possible node assignment 16656 for that pod would violate "MaxSkew" on some topology. For 16657 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 16658 with the same labelSelector spread as 3/1/1: | zone1 | zone2 16659 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 16660 set to DoNotSchedule, incoming pod can only be scheduled to 16661 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 16662 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 16663 can still be imbalanced, but scheduler won''t make it *more* 16664 imbalanced. It''s a required field.' 16665 type: string 16666 required: 16667 - maxSkew 16668 - topologyKey 16669 - whenUnsatisfiable 16670 type: object 16671 type: array 16672 version: 16673 description: Version of Prometheus to be deployed. 16674 type: string 16675 volumeMounts: 16676 description: VolumeMounts allows configuration of additional VolumeMounts 16677 on the output StatefulSet definition. VolumeMounts specified will 16678 be appended to other VolumeMounts in the prometheus container, that 16679 are generated as a result of StorageSpec objects. 16680 items: 16681 description: VolumeMount describes a mounting of a Volume within 16682 a container. 16683 properties: 16684 mountPath: 16685 description: Path within the container at which the volume should 16686 be mounted. Must not contain ':'. 16687 type: string 16688 mountPropagation: 16689 description: mountPropagation determines how mounts are propagated 16690 from the host to container and the other way around. When 16691 not set, MountPropagationNone is used. This field is beta 16692 in 1.10. 16693 type: string 16694 name: 16695 description: This must match the Name of a Volume. 16696 type: string 16697 readOnly: 16698 description: Mounted read-only if true, read-write otherwise 16699 (false or unspecified). Defaults to false. 16700 type: boolean 16701 subPath: 16702 description: Path within the volume from which the container's 16703 volume should be mounted. Defaults to "" (volume's root). 16704 type: string 16705 subPathExpr: 16706 description: Expanded path within the volume from which the 16707 container's volume should be mounted. Behaves similarly to 16708 SubPath but environment variable references $(VAR_NAME) are 16709 expanded using the container's environment. Defaults to "" 16710 (volume's root). SubPathExpr and SubPath are mutually exclusive. 16711 type: string 16712 required: 16713 - mountPath 16714 - name 16715 type: object 16716 type: array 16717 volumes: 16718 description: Volumes allows configuration of additional volumes on 16719 the output StatefulSet definition. Volumes specified will be appended 16720 to other volumes that are generated as a result of StorageSpec objects. 16721 items: 16722 description: Volume represents a named volume in a pod that may 16723 be accessed by any container in the pod. 16724 properties: 16725 awsElasticBlockStore: 16726 description: 'AWSElasticBlockStore represents an AWS Disk resource 16727 that is attached to a kubelet''s host machine and then exposed 16728 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16729 properties: 16730 fsType: 16731 description: 'Filesystem type of the volume that you want 16732 to mount. Tip: Ensure that the filesystem type is supported 16733 by the host operating system. Examples: "ext4", "xfs", 16734 "ntfs". Implicitly inferred to be "ext4" if unspecified. 16735 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 16736 TODO: how do we prevent errors in the filesystem from 16737 compromising the machine' 16738 type: string 16739 partition: 16740 description: 'The partition in the volume that you want 16741 to mount. If omitted, the default is to mount by volume 16742 name. Examples: For volume /dev/sda1, you specify the 16743 partition as "1". Similarly, the volume partition for 16744 /dev/sda is "0" (or you can leave the property empty).' 16745 format: int32 16746 type: integer 16747 readOnly: 16748 description: 'Specify "true" to force and set the ReadOnly 16749 property in VolumeMounts to "true". If omitted, the default 16750 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16751 type: boolean 16752 volumeID: 16753 description: 'Unique ID of the persistent disk resource 16754 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16755 type: string 16756 required: 16757 - volumeID 16758 type: object 16759 azureDisk: 16760 description: AzureDisk represents an Azure Data Disk mount on 16761 the host and bind mount to the pod. 16762 properties: 16763 cachingMode: 16764 description: 'Host Caching mode: None, Read Only, Read Write.' 16765 type: string 16766 diskName: 16767 description: The Name of the data disk in the blob storage 16768 type: string 16769 diskURI: 16770 description: The URI the data disk in the blob storage 16771 type: string 16772 fsType: 16773 description: Filesystem type to mount. Must be a filesystem 16774 type supported by the host operating system. Ex. "ext4", 16775 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 16776 type: string 16777 kind: 16778 description: 'Expected values Shared: multiple blob disks 16779 per storage account Dedicated: single blob disk per storage 16780 account Managed: azure managed data disk (only in managed 16781 availability set). defaults to shared' 16782 type: string 16783 readOnly: 16784 description: Defaults to false (read/write). ReadOnly here 16785 will force the ReadOnly setting in VolumeMounts. 16786 type: boolean 16787 required: 16788 - diskName 16789 - diskURI 16790 type: object 16791 azureFile: 16792 description: AzureFile represents an Azure File Service mount 16793 on the host and bind mount to the pod. 16794 properties: 16795 readOnly: 16796 description: Defaults to false (read/write). ReadOnly here 16797 will force the ReadOnly setting in VolumeMounts. 16798 type: boolean 16799 secretName: 16800 description: the name of secret that contains Azure Storage 16801 Account Name and Key 16802 type: string 16803 shareName: 16804 description: Share Name 16805 type: string 16806 required: 16807 - secretName 16808 - shareName 16809 type: object 16810 cephfs: 16811 description: CephFS represents a Ceph FS mount on the host that 16812 shares a pod's lifetime 16813 properties: 16814 monitors: 16815 description: 'Required: Monitors is a collection of Ceph 16816 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16817 items: 16818 type: string 16819 type: array 16820 path: 16821 description: 'Optional: Used as the mounted root, rather 16822 than the full Ceph tree, default is /' 16823 type: string 16824 readOnly: 16825 description: 'Optional: Defaults to false (read/write). 16826 ReadOnly here will force the ReadOnly setting in VolumeMounts. 16827 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16828 type: boolean 16829 secretFile: 16830 description: 'Optional: SecretFile is the path to key ring 16831 for User, default is /etc/ceph/user.secret More info: 16832 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16833 type: string 16834 secretRef: 16835 description: 'Optional: SecretRef is reference to the authentication 16836 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16837 properties: 16838 name: 16839 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16840 TODO: Add other useful fields. apiVersion, kind, uid?' 16841 type: string 16842 type: object 16843 user: 16844 description: 'Optional: User is the rados user name, default 16845 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16846 type: string 16847 required: 16848 - monitors 16849 type: object 16850 cinder: 16851 description: 'Cinder represents a cinder volume attached and 16852 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16853 properties: 16854 fsType: 16855 description: 'Filesystem type to mount. Must be a filesystem 16856 type supported by the host operating system. Examples: 16857 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 16858 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16859 type: string 16860 readOnly: 16861 description: 'Optional: Defaults to false (read/write). 16862 ReadOnly here will force the ReadOnly setting in VolumeMounts. 16863 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16864 type: boolean 16865 secretRef: 16866 description: 'Optional: points to a secret object containing 16867 parameters used to connect to OpenStack.' 16868 properties: 16869 name: 16870 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16871 TODO: Add other useful fields. apiVersion, kind, uid?' 16872 type: string 16873 type: object 16874 volumeID: 16875 description: 'volume id used to identify the volume in cinder. 16876 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16877 type: string 16878 required: 16879 - volumeID 16880 type: object 16881 configMap: 16882 description: ConfigMap represents a configMap that should populate 16883 this volume 16884 properties: 16885 defaultMode: 16886 description: 'Optional: mode bits used to set permissions 16887 on created files by default. Must be an octal value between 16888 0000 and 0777 or a decimal value between 0 and 511. YAML 16889 accepts both octal and decimal values, JSON requires decimal 16890 values for mode bits. Defaults to 0644. Directories within 16891 the path are not affected by this setting. This might 16892 be in conflict with other options that affect the file 16893 mode, like fsGroup, and the result can be other mode bits 16894 set.' 16895 format: int32 16896 type: integer 16897 items: 16898 description: If unspecified, each key-value pair in the 16899 Data field of the referenced ConfigMap will be projected 16900 into the volume as a file whose name is the key and content 16901 is the value. If specified, the listed keys will be projected 16902 into the specified paths, and unlisted keys will not be 16903 present. If a key is specified which is not present in 16904 the ConfigMap, the volume setup will error unless it is 16905 marked optional. Paths must be relative and may not contain 16906 the '..' path or start with '..'. 16907 items: 16908 description: Maps a string key to a path within a volume. 16909 properties: 16910 key: 16911 description: The key to project. 16912 type: string 16913 mode: 16914 description: 'Optional: mode bits used to set permissions 16915 on this file. Must be an octal value between 0000 16916 and 0777 or a decimal value between 0 and 511. YAML 16917 accepts both octal and decimal values, JSON requires 16918 decimal values for mode bits. If not specified, 16919 the volume defaultMode will be used. This might 16920 be in conflict with other options that affect the 16921 file mode, like fsGroup, and the result can be other 16922 mode bits set.' 16923 format: int32 16924 type: integer 16925 path: 16926 description: The relative path of the file to map 16927 the key to. May not be an absolute path. May not 16928 contain the path element '..'. May not start with 16929 the string '..'. 16930 type: string 16931 required: 16932 - key 16933 - path 16934 type: object 16935 type: array 16936 name: 16937 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16938 TODO: Add other useful fields. apiVersion, kind, uid?' 16939 type: string 16940 optional: 16941 description: Specify whether the ConfigMap or its keys must 16942 be defined 16943 type: boolean 16944 type: object 16945 csi: 16946 description: CSI (Container Storage Interface) represents ephemeral 16947 storage that is handled by certain external CSI drivers (Beta 16948 feature). 16949 properties: 16950 driver: 16951 description: Driver is the name of the CSI driver that handles 16952 this volume. Consult with your admin for the correct name 16953 as registered in the cluster. 16954 type: string 16955 fsType: 16956 description: Filesystem type to mount. Ex. "ext4", "xfs", 16957 "ntfs". If not provided, the empty value is passed to 16958 the associated CSI driver which will determine the default 16959 filesystem to apply. 16960 type: string 16961 nodePublishSecretRef: 16962 description: NodePublishSecretRef is a reference to the 16963 secret object containing sensitive information to pass 16964 to the CSI driver to complete the CSI NodePublishVolume 16965 and NodeUnpublishVolume calls. This field is optional, 16966 and may be empty if no secret is required. If the secret 16967 object contains more than one secret, all secret references 16968 are passed. 16969 properties: 16970 name: 16971 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16972 TODO: Add other useful fields. apiVersion, kind, uid?' 16973 type: string 16974 type: object 16975 readOnly: 16976 description: Specifies a read-only configuration for the 16977 volume. Defaults to false (read/write). 16978 type: boolean 16979 volumeAttributes: 16980 additionalProperties: 16981 type: string 16982 description: VolumeAttributes stores driver-specific properties 16983 that are passed to the CSI driver. Consult your driver's 16984 documentation for supported values. 16985 type: object 16986 required: 16987 - driver 16988 type: object 16989 downwardAPI: 16990 description: DownwardAPI represents downward API about the pod 16991 that should populate this volume 16992 properties: 16993 defaultMode: 16994 description: 'Optional: mode bits to use on created files 16995 by default. Must be a Optional: mode bits used to set 16996 permissions on created files by default. Must be an octal 16997 value between 0000 and 0777 or a decimal value between 16998 0 and 511. YAML accepts both octal and decimal values, 16999 JSON requires decimal values for mode bits. Defaults to 17000 0644. Directories within the path are not affected by 17001 this setting. This might be in conflict with other options 17002 that affect the file mode, like fsGroup, and the result 17003 can be other mode bits set.' 17004 format: int32 17005 type: integer 17006 items: 17007 description: Items is a list of downward API volume file 17008 items: 17009 description: DownwardAPIVolumeFile represents information 17010 to create the file containing the pod field 17011 properties: 17012 fieldRef: 17013 description: 'Required: Selects a field of the pod: 17014 only annotations, labels, name and namespace are 17015 supported.' 17016 properties: 17017 apiVersion: 17018 description: Version of the schema the FieldPath 17019 is written in terms of, defaults to "v1". 17020 type: string 17021 fieldPath: 17022 description: Path of the field to select in the 17023 specified API version. 17024 type: string 17025 required: 17026 - fieldPath 17027 type: object 17028 mode: 17029 description: 'Optional: mode bits used to set permissions 17030 on this file, must be an octal value between 0000 17031 and 0777 or a decimal value between 0 and 511. YAML 17032 accepts both octal and decimal values, JSON requires 17033 decimal values for mode bits. If not specified, 17034 the volume defaultMode will be used. This might 17035 be in conflict with other options that affect the 17036 file mode, like fsGroup, and the result can be other 17037 mode bits set.' 17038 format: int32 17039 type: integer 17040 path: 17041 description: 'Required: Path is the relative path 17042 name of the file to be created. Must not be absolute 17043 or contain the ''..'' path. Must be utf-8 encoded. 17044 The first item of the relative path must not start 17045 with ''..''' 17046 type: string 17047 resourceFieldRef: 17048 description: 'Selects a resource of the container: 17049 only resources limits and requests (limits.cpu, 17050 limits.memory, requests.cpu and requests.memory) 17051 are currently supported.' 17052 properties: 17053 containerName: 17054 description: 'Container name: required for volumes, 17055 optional for env vars' 17056 type: string 17057 divisor: 17058 anyOf: 17059 - type: integer 17060 - type: string 17061 description: Specifies the output format of the 17062 exposed resources, defaults to "1" 17063 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17064 x-kubernetes-int-or-string: true 17065 resource: 17066 description: 'Required: resource to select' 17067 type: string 17068 required: 17069 - resource 17070 type: object 17071 required: 17072 - path 17073 type: object 17074 type: array 17075 type: object 17076 emptyDir: 17077 description: 'EmptyDir represents a temporary directory that 17078 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 17079 properties: 17080 medium: 17081 description: 'What type of storage medium should back this 17082 directory. The default is "" which means to use the node''s 17083 default medium. Must be an empty string (default) or Memory. 17084 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 17085 type: string 17086 sizeLimit: 17087 anyOf: 17088 - type: integer 17089 - type: string 17090 description: 'Total amount of local storage required for 17091 this EmptyDir volume. The size limit is also applicable 17092 for memory medium. The maximum usage on memory medium 17093 EmptyDir would be the minimum value between the SizeLimit 17094 specified here and the sum of memory limits of all containers 17095 in a pod. The default is nil which means that the limit 17096 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 17097 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17098 x-kubernetes-int-or-string: true 17099 type: object 17100 ephemeral: 17101 description: "Ephemeral represents a volume that is handled 17102 by a cluster storage driver. The volume's lifecycle is tied 17103 to the pod that defines it - it will be created before the 17104 pod starts, and deleted when the pod is removed. \n Use this 17105 if: a) the volume is only needed while the pod runs, b) features 17106 of normal volumes like restoring from snapshot or capacity 17107 \ tracking are needed, c) the storage driver is specified 17108 through a storage class, and d) the storage driver supports 17109 dynamic volume provisioning through a PersistentVolumeClaim 17110 (see EphemeralVolumeSource for more information on the 17111 connection between this volume type and PersistentVolumeClaim). 17112 \n Use PersistentVolumeClaim or one of the vendor-specific 17113 APIs for volumes that persist for longer than the lifecycle 17114 of an individual pod. \n Use CSI for light-weight local ephemeral 17115 volumes if the CSI driver is meant to be used that way - see 17116 the documentation of the driver for more information. \n A 17117 pod can use both types of ephemeral volumes and persistent 17118 volumes at the same time." 17119 properties: 17120 volumeClaimTemplate: 17121 description: "Will be used to create a stand-alone PVC to 17122 provision the volume. The pod in which this EphemeralVolumeSource 17123 is embedded will be the owner of the PVC, i.e. the PVC 17124 will be deleted together with the pod. The name of the 17125 PVC will be `<pod name>-<volume name>` where `<volume 17126 name>` is the name from the `PodSpec.Volumes` array entry. 17127 Pod validation will reject the pod if the concatenated 17128 name is not valid for a PVC (for example, too long). \n 17129 An existing PVC with that name that is not owned by the 17130 pod will *not* be used for the pod to avoid using an unrelated 17131 volume by mistake. Starting the pod is then blocked until 17132 the unrelated PVC is removed. If such a pre-created PVC 17133 is meant to be used by the pod, the PVC has to updated 17134 with an owner reference to the pod once the pod exists. 17135 Normally this should not be necessary, but it may be useful 17136 when manually reconstructing a broken cluster. \n This 17137 field is read-only and no changes will be made by Kubernetes 17138 to the PVC after it has been created. \n Required, must 17139 not be nil." 17140 properties: 17141 metadata: 17142 description: May contain labels and annotations that 17143 will be copied into the PVC when creating it. No other 17144 fields are allowed and will be rejected during validation. 17145 type: object 17146 spec: 17147 description: The specification for the PersistentVolumeClaim. 17148 The entire content is copied unchanged into the PVC 17149 that gets created from this template. The same fields 17150 as in a PersistentVolumeClaim are also valid here. 17151 properties: 17152 accessModes: 17153 description: 'AccessModes contains the desired access 17154 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 17155 items: 17156 type: string 17157 type: array 17158 dataSource: 17159 description: 'This field can be used to specify 17160 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 17161 * An existing PVC (PersistentVolumeClaim) If the 17162 provisioner or an external controller can support 17163 the specified data source, it will create a new 17164 volume based on the contents of the specified 17165 data source. If the AnyVolumeDataSource feature 17166 gate is enabled, this field will always have the 17167 same contents as the DataSourceRef field.' 17168 properties: 17169 apiGroup: 17170 description: APIGroup is the group for the resource 17171 being referenced. If APIGroup is not specified, 17172 the specified Kind must be in the core API 17173 group. For any other third-party types, APIGroup 17174 is required. 17175 type: string 17176 kind: 17177 description: Kind is the type of resource being 17178 referenced 17179 type: string 17180 name: 17181 description: Name is the name of resource being 17182 referenced 17183 type: string 17184 required: 17185 - kind 17186 - name 17187 type: object 17188 dataSourceRef: 17189 description: 'Specifies the object from which to 17190 populate the volume with data, if a non-empty 17191 volume is desired. This may be any local object 17192 from a non-empty API group (non core object) or 17193 a PersistentVolumeClaim object. When this field 17194 is specified, volume binding will only succeed 17195 if the type of the specified object matches some 17196 installed volume populator or dynamic provisioner. 17197 This field will replace the functionality of the 17198 DataSource field and as such if both fields are 17199 non-empty, they must have the same value. For 17200 backwards compatibility, both fields (DataSource 17201 and DataSourceRef) will be set to the same value 17202 automatically if one of them is empty and the 17203 other is non-empty. There are two important differences 17204 between DataSource and DataSourceRef: * While 17205 DataSource only allows two specific types of objects, 17206 DataSourceRef allows any non-core object, as 17207 well as PersistentVolumeClaim objects. * While 17208 DataSource ignores disallowed values (dropping 17209 them), DataSourceRef preserves all values, and 17210 generates an error if a disallowed value is specified. 17211 (Alpha) Using this field requires the AnyVolumeDataSource 17212 feature gate to be enabled.' 17213 properties: 17214 apiGroup: 17215 description: APIGroup is the group for the resource 17216 being referenced. If APIGroup is not specified, 17217 the specified Kind must be in the core API 17218 group. For any other third-party types, APIGroup 17219 is required. 17220 type: string 17221 kind: 17222 description: Kind is the type of resource being 17223 referenced 17224 type: string 17225 name: 17226 description: Name is the name of resource being 17227 referenced 17228 type: string 17229 required: 17230 - kind 17231 - name 17232 type: object 17233 resources: 17234 description: 'Resources represents the minimum resources 17235 the volume should have. If RecoverVolumeExpansionFailure 17236 feature is enabled users are allowed to specify 17237 resource requirements that are lower than previous 17238 value but must still be higher than capacity recorded 17239 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 17240 properties: 17241 limits: 17242 additionalProperties: 17243 anyOf: 17244 - type: integer 17245 - type: string 17246 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17247 x-kubernetes-int-or-string: true 17248 description: 'Limits describes the maximum amount 17249 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 17250 type: object 17251 requests: 17252 additionalProperties: 17253 anyOf: 17254 - type: integer 17255 - type: string 17256 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17257 x-kubernetes-int-or-string: true 17258 description: 'Requests describes the minimum 17259 amount of compute resources required. If Requests 17260 is omitted for a container, it defaults to 17261 Limits if that is explicitly specified, otherwise 17262 to an implementation-defined value. More info: 17263 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 17264 type: object 17265 type: object 17266 selector: 17267 description: A label query over volumes to consider 17268 for binding. 17269 properties: 17270 matchExpressions: 17271 description: matchExpressions is a list of label 17272 selector requirements. The requirements are 17273 ANDed. 17274 items: 17275 description: A label selector requirement 17276 is a selector that contains values, a key, 17277 and an operator that relates the key and 17278 values. 17279 properties: 17280 key: 17281 description: key is the label key that 17282 the selector applies to. 17283 type: string 17284 operator: 17285 description: operator represents a key's 17286 relationship to a set of values. Valid 17287 operators are In, NotIn, Exists and 17288 DoesNotExist. 17289 type: string 17290 values: 17291 description: values is an array of string 17292 values. If the operator is In or NotIn, 17293 the values array must be non-empty. 17294 If the operator is Exists or DoesNotExist, 17295 the values array must be empty. This 17296 array is replaced during a strategic 17297 merge patch. 17298 items: 17299 type: string 17300 type: array 17301 required: 17302 - key 17303 - operator 17304 type: object 17305 type: array 17306 matchLabels: 17307 additionalProperties: 17308 type: string 17309 description: matchLabels is a map of {key,value} 17310 pairs. A single {key,value} in the matchLabels 17311 map is equivalent to an element of matchExpressions, 17312 whose key field is "key", the operator is 17313 "In", and the values array contains only "value". 17314 The requirements are ANDed. 17315 type: object 17316 type: object 17317 storageClassName: 17318 description: 'Name of the StorageClass required 17319 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 17320 type: string 17321 volumeMode: 17322 description: volumeMode defines what type of volume 17323 is required by the claim. Value of Filesystem 17324 is implied when not included in claim spec. 17325 type: string 17326 volumeName: 17327 description: VolumeName is the binding reference 17328 to the PersistentVolume backing this claim. 17329 type: string 17330 type: object 17331 required: 17332 - spec 17333 type: object 17334 type: object 17335 fc: 17336 description: FC represents a Fibre Channel resource that is 17337 attached to a kubelet's host machine and then exposed to the 17338 pod. 17339 properties: 17340 fsType: 17341 description: 'Filesystem type to mount. Must be a filesystem 17342 type supported by the host operating system. Ex. "ext4", 17343 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17344 TODO: how do we prevent errors in the filesystem from 17345 compromising the machine' 17346 type: string 17347 lun: 17348 description: 'Optional: FC target lun number' 17349 format: int32 17350 type: integer 17351 readOnly: 17352 description: 'Optional: Defaults to false (read/write). 17353 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 17354 type: boolean 17355 targetWWNs: 17356 description: 'Optional: FC target worldwide names (WWNs)' 17357 items: 17358 type: string 17359 type: array 17360 wwids: 17361 description: 'Optional: FC volume world wide identifiers 17362 (wwids) Either wwids or combination of targetWWNs and 17363 lun must be set, but not both simultaneously.' 17364 items: 17365 type: string 17366 type: array 17367 type: object 17368 flexVolume: 17369 description: FlexVolume represents a generic volume resource 17370 that is provisioned/attached using an exec based plugin. 17371 properties: 17372 driver: 17373 description: Driver is the name of the driver to use for 17374 this volume. 17375 type: string 17376 fsType: 17377 description: Filesystem type to mount. Must be a filesystem 17378 type supported by the host operating system. Ex. "ext4", 17379 "xfs", "ntfs". The default filesystem depends on FlexVolume 17380 script. 17381 type: string 17382 options: 17383 additionalProperties: 17384 type: string 17385 description: 'Optional: Extra command options if any.' 17386 type: object 17387 readOnly: 17388 description: 'Optional: Defaults to false (read/write). 17389 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 17390 type: boolean 17391 secretRef: 17392 description: 'Optional: SecretRef is reference to the secret 17393 object containing sensitive information to pass to the 17394 plugin scripts. This may be empty if no secret object 17395 is specified. If the secret object contains more than 17396 one secret, all secrets are passed to the plugin scripts.' 17397 properties: 17398 name: 17399 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17400 TODO: Add other useful fields. apiVersion, kind, uid?' 17401 type: string 17402 type: object 17403 required: 17404 - driver 17405 type: object 17406 flocker: 17407 description: Flocker represents a Flocker volume attached to 17408 a kubelet's host machine. This depends on the Flocker control 17409 service being running 17410 properties: 17411 datasetName: 17412 description: Name of the dataset stored as metadata -> name 17413 on the dataset for Flocker should be considered as deprecated 17414 type: string 17415 datasetUUID: 17416 description: UUID of the dataset. This is unique identifier 17417 of a Flocker dataset 17418 type: string 17419 type: object 17420 gcePersistentDisk: 17421 description: 'GCEPersistentDisk represents a GCE Disk resource 17422 that is attached to a kubelet''s host machine and then exposed 17423 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17424 properties: 17425 fsType: 17426 description: 'Filesystem type of the volume that you want 17427 to mount. Tip: Ensure that the filesystem type is supported 17428 by the host operating system. Examples: "ext4", "xfs", 17429 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17430 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 17431 TODO: how do we prevent errors in the filesystem from 17432 compromising the machine' 17433 type: string 17434 partition: 17435 description: 'The partition in the volume that you want 17436 to mount. If omitted, the default is to mount by volume 17437 name. Examples: For volume /dev/sda1, you specify the 17438 partition as "1". Similarly, the volume partition for 17439 /dev/sda is "0" (or you can leave the property empty). 17440 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17441 format: int32 17442 type: integer 17443 pdName: 17444 description: 'Unique name of the PD resource in GCE. Used 17445 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17446 type: string 17447 readOnly: 17448 description: 'ReadOnly here will force the ReadOnly setting 17449 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17450 type: boolean 17451 required: 17452 - pdName 17453 type: object 17454 gitRepo: 17455 description: 'GitRepo represents a git repository at a particular 17456 revision. DEPRECATED: GitRepo is deprecated. To provision 17457 a container with a git repo, mount an EmptyDir into an InitContainer 17458 that clones the repo using git, then mount the EmptyDir into 17459 the Pod''s container.' 17460 properties: 17461 directory: 17462 description: Target directory name. Must not contain or 17463 start with '..'. If '.' is supplied, the volume directory 17464 will be the git repository. Otherwise, if specified, 17465 the volume will contain the git repository in the subdirectory 17466 with the given name. 17467 type: string 17468 repository: 17469 description: Repository URL 17470 type: string 17471 revision: 17472 description: Commit hash for the specified revision. 17473 type: string 17474 required: 17475 - repository 17476 type: object 17477 glusterfs: 17478 description: 'Glusterfs represents a Glusterfs mount on the 17479 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 17480 properties: 17481 endpoints: 17482 description: 'EndpointsName is the endpoint name that details 17483 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17484 type: string 17485 path: 17486 description: 'Path is the Glusterfs volume path. More info: 17487 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17488 type: string 17489 readOnly: 17490 description: 'ReadOnly here will force the Glusterfs volume 17491 to be mounted with read-only permissions. Defaults to 17492 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17493 type: boolean 17494 required: 17495 - endpoints 17496 - path 17497 type: object 17498 hostPath: 17499 description: 'HostPath represents a pre-existing file or directory 17500 on the host machine that is directly exposed to the container. 17501 This is generally used for system agents or other privileged 17502 things that are allowed to see the host machine. Most containers 17503 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 17504 --- TODO(jonesdl) We need to restrict who can use host directory 17505 mounts and who can/can not mount host directories as read/write.' 17506 properties: 17507 path: 17508 description: 'Path of the directory on the host. If the 17509 path is a symlink, it will follow the link to the real 17510 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 17511 type: string 17512 type: 17513 description: 'Type for HostPath Volume Defaults to "" More 17514 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 17515 type: string 17516 required: 17517 - path 17518 type: object 17519 iscsi: 17520 description: 'ISCSI represents an ISCSI Disk resource that is 17521 attached to a kubelet''s host machine and then exposed to 17522 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 17523 properties: 17524 chapAuthDiscovery: 17525 description: whether support iSCSI Discovery CHAP authentication 17526 type: boolean 17527 chapAuthSession: 17528 description: whether support iSCSI Session CHAP authentication 17529 type: boolean 17530 fsType: 17531 description: 'Filesystem type of the volume that you want 17532 to mount. Tip: Ensure that the filesystem type is supported 17533 by the host operating system. Examples: "ext4", "xfs", 17534 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17535 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 17536 TODO: how do we prevent errors in the filesystem from 17537 compromising the machine' 17538 type: string 17539 initiatorName: 17540 description: Custom iSCSI Initiator Name. If initiatorName 17541 is specified with iscsiInterface simultaneously, new iSCSI 17542 interface <target portal>:<volume name> will be created 17543 for the connection. 17544 type: string 17545 iqn: 17546 description: Target iSCSI Qualified Name. 17547 type: string 17548 iscsiInterface: 17549 description: iSCSI Interface Name that uses an iSCSI transport. 17550 Defaults to 'default' (tcp). 17551 type: string 17552 lun: 17553 description: iSCSI Target Lun number. 17554 format: int32 17555 type: integer 17556 portals: 17557 description: iSCSI Target Portal List. The portal is either 17558 an IP or ip_addr:port if the port is other than default 17559 (typically TCP ports 860 and 3260). 17560 items: 17561 type: string 17562 type: array 17563 readOnly: 17564 description: ReadOnly here will force the ReadOnly setting 17565 in VolumeMounts. Defaults to false. 17566 type: boolean 17567 secretRef: 17568 description: CHAP Secret for iSCSI target and initiator 17569 authentication 17570 properties: 17571 name: 17572 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17573 TODO: Add other useful fields. apiVersion, kind, uid?' 17574 type: string 17575 type: object 17576 targetPortal: 17577 description: iSCSI Target Portal. The Portal is either an 17578 IP or ip_addr:port if the port is other than default (typically 17579 TCP ports 860 and 3260). 17580 type: string 17581 required: 17582 - iqn 17583 - lun 17584 - targetPortal 17585 type: object 17586 name: 17587 description: 'Volume''s name. Must be a DNS_LABEL and unique 17588 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 17589 type: string 17590 nfs: 17591 description: 'NFS represents an NFS mount on the host that shares 17592 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17593 properties: 17594 path: 17595 description: 'Path that is exported by the NFS server. More 17596 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17597 type: string 17598 readOnly: 17599 description: 'ReadOnly here will force the NFS export to 17600 be mounted with read-only permissions. Defaults to false. 17601 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17602 type: boolean 17603 server: 17604 description: 'Server is the hostname or IP address of the 17605 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17606 type: string 17607 required: 17608 - path 17609 - server 17610 type: object 17611 persistentVolumeClaim: 17612 description: 'PersistentVolumeClaimVolumeSource represents a 17613 reference to a PersistentVolumeClaim in the same namespace. 17614 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17615 properties: 17616 claimName: 17617 description: 'ClaimName is the name of a PersistentVolumeClaim 17618 in the same namespace as the pod using this volume. More 17619 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17620 type: string 17621 readOnly: 17622 description: Will force the ReadOnly setting in VolumeMounts. 17623 Default false. 17624 type: boolean 17625 required: 17626 - claimName 17627 type: object 17628 photonPersistentDisk: 17629 description: PhotonPersistentDisk represents a PhotonController 17630 persistent disk attached and mounted on kubelets host machine 17631 properties: 17632 fsType: 17633 description: Filesystem type to mount. Must be a filesystem 17634 type supported by the host operating system. Ex. "ext4", 17635 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17636 type: string 17637 pdID: 17638 description: ID that identifies Photon Controller persistent 17639 disk 17640 type: string 17641 required: 17642 - pdID 17643 type: object 17644 portworxVolume: 17645 description: PortworxVolume represents a portworx volume attached 17646 and mounted on kubelets host machine 17647 properties: 17648 fsType: 17649 description: FSType represents the filesystem type to mount 17650 Must be a filesystem type supported by the host operating 17651 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 17652 if unspecified. 17653 type: string 17654 readOnly: 17655 description: Defaults to false (read/write). ReadOnly here 17656 will force the ReadOnly setting in VolumeMounts. 17657 type: boolean 17658 volumeID: 17659 description: VolumeID uniquely identifies a Portworx volume 17660 type: string 17661 required: 17662 - volumeID 17663 type: object 17664 projected: 17665 description: Items for all in one resources secrets, configmaps, 17666 and downward API 17667 properties: 17668 defaultMode: 17669 description: Mode bits used to set permissions on created 17670 files by default. Must be an octal value between 0000 17671 and 0777 or a decimal value between 0 and 511. YAML accepts 17672 both octal and decimal values, JSON requires decimal values 17673 for mode bits. Directories within the path are not affected 17674 by this setting. This might be in conflict with other 17675 options that affect the file mode, like fsGroup, and the 17676 result can be other mode bits set. 17677 format: int32 17678 type: integer 17679 sources: 17680 description: list of volume projections 17681 items: 17682 description: Projection that may be projected along with 17683 other supported volume types 17684 properties: 17685 configMap: 17686 description: information about the configMap data 17687 to project 17688 properties: 17689 items: 17690 description: If unspecified, each key-value pair 17691 in the Data field of the referenced ConfigMap 17692 will be projected into the volume as a file 17693 whose name is the key and content is the value. 17694 If specified, the listed keys will be projected 17695 into the specified paths, and unlisted keys 17696 will not be present. If a key is specified which 17697 is not present in the ConfigMap, the volume 17698 setup will error unless it is marked optional. 17699 Paths must be relative and may not contain the 17700 '..' path or start with '..'. 17701 items: 17702 description: Maps a string key to a path within 17703 a volume. 17704 properties: 17705 key: 17706 description: The key to project. 17707 type: string 17708 mode: 17709 description: 'Optional: mode bits used to 17710 set permissions on this file. Must be 17711 an octal value between 0000 and 0777 or 17712 a decimal value between 0 and 511. YAML 17713 accepts both octal and decimal values, 17714 JSON requires decimal values for mode 17715 bits. If not specified, the volume defaultMode 17716 will be used. This might be in conflict 17717 with other options that affect the file 17718 mode, like fsGroup, and the result can 17719 be other mode bits set.' 17720 format: int32 17721 type: integer 17722 path: 17723 description: The relative path of the file 17724 to map the key to. May not be an absolute 17725 path. May not contain the path element 17726 '..'. May not start with the string '..'. 17727 type: string 17728 required: 17729 - key 17730 - path 17731 type: object 17732 type: array 17733 name: 17734 description: 'Name of the referent. More info: 17735 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17736 TODO: Add other useful fields. apiVersion, kind, 17737 uid?' 17738 type: string 17739 optional: 17740 description: Specify whether the ConfigMap or 17741 its keys must be defined 17742 type: boolean 17743 type: object 17744 downwardAPI: 17745 description: information about the downwardAPI data 17746 to project 17747 properties: 17748 items: 17749 description: Items is a list of DownwardAPIVolume 17750 file 17751 items: 17752 description: DownwardAPIVolumeFile represents 17753 information to create the file containing 17754 the pod field 17755 properties: 17756 fieldRef: 17757 description: 'Required: Selects a field 17758 of the pod: only annotations, labels, 17759 name and namespace are supported.' 17760 properties: 17761 apiVersion: 17762 description: Version of the schema the 17763 FieldPath is written in terms of, 17764 defaults to "v1". 17765 type: string 17766 fieldPath: 17767 description: Path of the field to select 17768 in the specified API version. 17769 type: string 17770 required: 17771 - fieldPath 17772 type: object 17773 mode: 17774 description: 'Optional: mode bits used to 17775 set permissions on this file, must be 17776 an octal value between 0000 and 0777 or 17777 a decimal value between 0 and 511. YAML 17778 accepts both octal and decimal values, 17779 JSON requires decimal values for mode 17780 bits. If not specified, the volume defaultMode 17781 will be used. This might be in conflict 17782 with other options that affect the file 17783 mode, like fsGroup, and the result can 17784 be other mode bits set.' 17785 format: int32 17786 type: integer 17787 path: 17788 description: 'Required: Path is the relative 17789 path name of the file to be created. Must 17790 not be absolute or contain the ''..'' 17791 path. Must be utf-8 encoded. The first 17792 item of the relative path must not start 17793 with ''..''' 17794 type: string 17795 resourceFieldRef: 17796 description: 'Selects a resource of the 17797 container: only resources limits and requests 17798 (limits.cpu, limits.memory, requests.cpu 17799 and requests.memory) are currently supported.' 17800 properties: 17801 containerName: 17802 description: 'Container name: required 17803 for volumes, optional for env vars' 17804 type: string 17805 divisor: 17806 anyOf: 17807 - type: integer 17808 - type: string 17809 description: Specifies the output format 17810 of the exposed resources, defaults 17811 to "1" 17812 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17813 x-kubernetes-int-or-string: true 17814 resource: 17815 description: 'Required: resource to 17816 select' 17817 type: string 17818 required: 17819 - resource 17820 type: object 17821 required: 17822 - path 17823 type: object 17824 type: array 17825 type: object 17826 secret: 17827 description: information about the secret data to 17828 project 17829 properties: 17830 items: 17831 description: If unspecified, each key-value pair 17832 in the Data field of the referenced Secret will 17833 be projected into the volume as a file whose 17834 name is the key and content is the value. If 17835 specified, the listed keys will be projected 17836 into the specified paths, and unlisted keys 17837 will not be present. If a key is specified which 17838 is not present in the Secret, the volume setup 17839 will error unless it is marked optional. Paths 17840 must be relative and may not contain the '..' 17841 path or start with '..'. 17842 items: 17843 description: Maps a string key to a path within 17844 a volume. 17845 properties: 17846 key: 17847 description: The key to project. 17848 type: string 17849 mode: 17850 description: 'Optional: mode bits used to 17851 set permissions on this file. Must be 17852 an octal value between 0000 and 0777 or 17853 a decimal value between 0 and 511. YAML 17854 accepts both octal and decimal values, 17855 JSON requires decimal values for mode 17856 bits. If not specified, the volume defaultMode 17857 will be used. This might be in conflict 17858 with other options that affect the file 17859 mode, like fsGroup, and the result can 17860 be other mode bits set.' 17861 format: int32 17862 type: integer 17863 path: 17864 description: The relative path of the file 17865 to map the key to. May not be an absolute 17866 path. May not contain the path element 17867 '..'. May not start with the string '..'. 17868 type: string 17869 required: 17870 - key 17871 - path 17872 type: object 17873 type: array 17874 name: 17875 description: 'Name of the referent. More info: 17876 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17877 TODO: Add other useful fields. apiVersion, kind, 17878 uid?' 17879 type: string 17880 optional: 17881 description: Specify whether the Secret or its 17882 key must be defined 17883 type: boolean 17884 type: object 17885 serviceAccountToken: 17886 description: information about the serviceAccountToken 17887 data to project 17888 properties: 17889 audience: 17890 description: Audience is the intended audience 17891 of the token. A recipient of a token must identify 17892 itself with an identifier specified in the audience 17893 of the token, and otherwise should reject the 17894 token. The audience defaults to the identifier 17895 of the apiserver. 17896 type: string 17897 expirationSeconds: 17898 description: ExpirationSeconds is the requested 17899 duration of validity of the service account 17900 token. As the token approaches expiration, the 17901 kubelet volume plugin will proactively rotate 17902 the service account token. The kubelet will 17903 start trying to rotate the token if the token 17904 is older than 80 percent of its time to live 17905 or if the token is older than 24 hours.Defaults 17906 to 1 hour and must be at least 10 minutes. 17907 format: int64 17908 type: integer 17909 path: 17910 description: Path is the path relative to the 17911 mount point of the file to project the token 17912 into. 17913 type: string 17914 required: 17915 - path 17916 type: object 17917 type: object 17918 type: array 17919 type: object 17920 quobyte: 17921 description: Quobyte represents a Quobyte mount on the host 17922 that shares a pod's lifetime 17923 properties: 17924 group: 17925 description: Group to map volume access to Default is no 17926 group 17927 type: string 17928 readOnly: 17929 description: ReadOnly here will force the Quobyte volume 17930 to be mounted with read-only permissions. Defaults to 17931 false. 17932 type: boolean 17933 registry: 17934 description: Registry represents a single or multiple Quobyte 17935 Registry services specified as a string as host:port pair 17936 (multiple entries are separated with commas) which acts 17937 as the central registry for volumes 17938 type: string 17939 tenant: 17940 description: Tenant owning the given Quobyte volume in the 17941 Backend Used with dynamically provisioned Quobyte volumes, 17942 value is set by the plugin 17943 type: string 17944 user: 17945 description: User to map volume access to Defaults to serivceaccount 17946 user 17947 type: string 17948 volume: 17949 description: Volume is a string that references an already 17950 created Quobyte volume by name. 17951 type: string 17952 required: 17953 - registry 17954 - volume 17955 type: object 17956 rbd: 17957 description: 'RBD represents a Rados Block Device mount on the 17958 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 17959 properties: 17960 fsType: 17961 description: 'Filesystem type of the volume that you want 17962 to mount. Tip: Ensure that the filesystem type is supported 17963 by the host operating system. Examples: "ext4", "xfs", 17964 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17965 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 17966 TODO: how do we prevent errors in the filesystem from 17967 compromising the machine' 17968 type: string 17969 image: 17970 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17971 type: string 17972 keyring: 17973 description: 'Keyring is the path to key ring for RBDUser. 17974 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17975 type: string 17976 monitors: 17977 description: 'A collection of Ceph monitors. More info: 17978 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17979 items: 17980 type: string 17981 type: array 17982 pool: 17983 description: 'The rados pool name. Default is rbd. More 17984 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17985 type: string 17986 readOnly: 17987 description: 'ReadOnly here will force the ReadOnly setting 17988 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17989 type: boolean 17990 secretRef: 17991 description: 'SecretRef is name of the authentication secret 17992 for RBDUser. If provided overrides keyring. Default is 17993 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17994 properties: 17995 name: 17996 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17997 TODO: Add other useful fields. apiVersion, kind, uid?' 17998 type: string 17999 type: object 18000 user: 18001 description: 'The rados user name. Default is admin. More 18002 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18003 type: string 18004 required: 18005 - image 18006 - monitors 18007 type: object 18008 scaleIO: 18009 description: ScaleIO represents a ScaleIO persistent volume 18010 attached and mounted on Kubernetes nodes. 18011 properties: 18012 fsType: 18013 description: Filesystem type to mount. Must be a filesystem 18014 type supported by the host operating system. Ex. "ext4", 18015 "xfs", "ntfs". Default is "xfs". 18016 type: string 18017 gateway: 18018 description: The host address of the ScaleIO API Gateway. 18019 type: string 18020 protectionDomain: 18021 description: The name of the ScaleIO Protection Domain for 18022 the configured storage. 18023 type: string 18024 readOnly: 18025 description: Defaults to false (read/write). ReadOnly here 18026 will force the ReadOnly setting in VolumeMounts. 18027 type: boolean 18028 secretRef: 18029 description: SecretRef references to the secret for ScaleIO 18030 user and other sensitive information. If this is not provided, 18031 Login operation will fail. 18032 properties: 18033 name: 18034 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18035 TODO: Add other useful fields. apiVersion, kind, uid?' 18036 type: string 18037 type: object 18038 sslEnabled: 18039 description: Flag to enable/disable SSL communication with 18040 Gateway, default false 18041 type: boolean 18042 storageMode: 18043 description: Indicates whether the storage for a volume 18044 should be ThickProvisioned or ThinProvisioned. Default 18045 is ThinProvisioned. 18046 type: string 18047 storagePool: 18048 description: The ScaleIO Storage Pool associated with the 18049 protection domain. 18050 type: string 18051 system: 18052 description: The name of the storage system as configured 18053 in ScaleIO. 18054 type: string 18055 volumeName: 18056 description: The name of a volume already created in the 18057 ScaleIO system that is associated with this volume source. 18058 type: string 18059 required: 18060 - gateway 18061 - secretRef 18062 - system 18063 type: object 18064 secret: 18065 description: 'Secret represents a secret that should populate 18066 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 18067 properties: 18068 defaultMode: 18069 description: 'Optional: mode bits used to set permissions 18070 on created files by default. Must be an octal value between 18071 0000 and 0777 or a decimal value between 0 and 511. YAML 18072 accepts both octal and decimal values, JSON requires decimal 18073 values for mode bits. Defaults to 0644. Directories within 18074 the path are not affected by this setting. This might 18075 be in conflict with other options that affect the file 18076 mode, like fsGroup, and the result can be other mode bits 18077 set.' 18078 format: int32 18079 type: integer 18080 items: 18081 description: If unspecified, each key-value pair in the 18082 Data field of the referenced Secret will be projected 18083 into the volume as a file whose name is the key and content 18084 is the value. If specified, the listed keys will be projected 18085 into the specified paths, and unlisted keys will not be 18086 present. If a key is specified which is not present in 18087 the Secret, the volume setup will error unless it is marked 18088 optional. Paths must be relative and may not contain the 18089 '..' path or start with '..'. 18090 items: 18091 description: Maps a string key to a path within a volume. 18092 properties: 18093 key: 18094 description: The key to project. 18095 type: string 18096 mode: 18097 description: 'Optional: mode bits used to set permissions 18098 on this file. Must be an octal value between 0000 18099 and 0777 or a decimal value between 0 and 511. YAML 18100 accepts both octal and decimal values, JSON requires 18101 decimal values for mode bits. If not specified, 18102 the volume defaultMode will be used. This might 18103 be in conflict with other options that affect the 18104 file mode, like fsGroup, and the result can be other 18105 mode bits set.' 18106 format: int32 18107 type: integer 18108 path: 18109 description: The relative path of the file to map 18110 the key to. May not be an absolute path. May not 18111 contain the path element '..'. May not start with 18112 the string '..'. 18113 type: string 18114 required: 18115 - key 18116 - path 18117 type: object 18118 type: array 18119 optional: 18120 description: Specify whether the Secret or its keys must 18121 be defined 18122 type: boolean 18123 secretName: 18124 description: 'Name of the secret in the pod''s namespace 18125 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 18126 type: string 18127 type: object 18128 storageos: 18129 description: StorageOS represents a StorageOS volume attached 18130 and mounted on Kubernetes nodes. 18131 properties: 18132 fsType: 18133 description: Filesystem type to mount. Must be a filesystem 18134 type supported by the host operating system. Ex. "ext4", 18135 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 18136 type: string 18137 readOnly: 18138 description: Defaults to false (read/write). ReadOnly here 18139 will force the ReadOnly setting in VolumeMounts. 18140 type: boolean 18141 secretRef: 18142 description: SecretRef specifies the secret to use for obtaining 18143 the StorageOS API credentials. If not specified, default 18144 values will be attempted. 18145 properties: 18146 name: 18147 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18148 TODO: Add other useful fields. apiVersion, kind, uid?' 18149 type: string 18150 type: object 18151 volumeName: 18152 description: VolumeName is the human-readable name of the 18153 StorageOS volume. Volume names are only unique within 18154 a namespace. 18155 type: string 18156 volumeNamespace: 18157 description: VolumeNamespace specifies the scope of the 18158 volume within StorageOS. If no namespace is specified 18159 then the Pod's namespace will be used. This allows the 18160 Kubernetes name scoping to be mirrored within StorageOS 18161 for tighter integration. Set VolumeName to any name to 18162 override the default behaviour. Set to "default" if you 18163 are not using namespaces within StorageOS. Namespaces 18164 that do not pre-exist within StorageOS will be created. 18165 type: string 18166 type: object 18167 vsphereVolume: 18168 description: VsphereVolume represents a vSphere volume attached 18169 and mounted on kubelets host machine 18170 properties: 18171 fsType: 18172 description: Filesystem type to mount. Must be a filesystem 18173 type supported by the host operating system. Ex. "ext4", 18174 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 18175 type: string 18176 storagePolicyID: 18177 description: Storage Policy Based Management (SPBM) profile 18178 ID associated with the StoragePolicyName. 18179 type: string 18180 storagePolicyName: 18181 description: Storage Policy Based Management (SPBM) profile 18182 name. 18183 type: string 18184 volumePath: 18185 description: Path that identifies vSphere volume vmdk 18186 type: string 18187 required: 18188 - volumePath 18189 type: object 18190 required: 18191 - name 18192 type: object 18193 type: array 18194 walCompression: 18195 description: Enable compression of the write-ahead log using Snappy. 18196 This flag is only available in versions of Prometheus >= 2.11.0. 18197 type: boolean 18198 web: 18199 description: WebSpec defines the web command line flags when starting 18200 Prometheus. 18201 properties: 18202 pageTitle: 18203 description: The prometheus web page title 18204 type: string 18205 tlsConfig: 18206 description: WebTLSConfig defines the TLS parameters for HTTPS. 18207 properties: 18208 cert: 18209 description: Contains the TLS certificate for the server. 18210 properties: 18211 configMap: 18212 description: ConfigMap containing data to use for the 18213 targets. 18214 properties: 18215 key: 18216 description: The key to select. 18217 type: string 18218 name: 18219 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18220 TODO: Add other useful fields. apiVersion, kind, 18221 uid?' 18222 type: string 18223 optional: 18224 description: Specify whether the ConfigMap or its 18225 key must be defined 18226 type: boolean 18227 required: 18228 - key 18229 type: object 18230 secret: 18231 description: Secret containing data to use for the targets. 18232 properties: 18233 key: 18234 description: The key of the secret to select from. Must 18235 be a valid secret key. 18236 type: string 18237 name: 18238 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18239 TODO: Add other useful fields. apiVersion, kind, 18240 uid?' 18241 type: string 18242 optional: 18243 description: Specify whether the Secret or its key 18244 must be defined 18245 type: boolean 18246 required: 18247 - key 18248 type: object 18249 type: object 18250 cipherSuites: 18251 description: 'List of supported cipher suites for TLS versions 18252 up to TLS 1.2. If empty, Go default cipher suites are used. 18253 Available cipher suites are documented in the go documentation: 18254 https://golang.org/pkg/crypto/tls/#pkg-constants' 18255 items: 18256 type: string 18257 type: array 18258 client_ca: 18259 description: Contains the CA certificate for client certificate 18260 authentication to the server. 18261 properties: 18262 configMap: 18263 description: ConfigMap containing data to use for the 18264 targets. 18265 properties: 18266 key: 18267 description: The key to select. 18268 type: string 18269 name: 18270 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18271 TODO: Add other useful fields. apiVersion, kind, 18272 uid?' 18273 type: string 18274 optional: 18275 description: Specify whether the ConfigMap or its 18276 key must be defined 18277 type: boolean 18278 required: 18279 - key 18280 type: object 18281 secret: 18282 description: Secret containing data to use for the targets. 18283 properties: 18284 key: 18285 description: The key of the secret to select from. Must 18286 be a valid secret key. 18287 type: string 18288 name: 18289 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18290 TODO: Add other useful fields. apiVersion, kind, 18291 uid?' 18292 type: string 18293 optional: 18294 description: Specify whether the Secret or its key 18295 must be defined 18296 type: boolean 18297 required: 18298 - key 18299 type: object 18300 type: object 18301 clientAuthType: 18302 description: 'Server policy for client authentication. Maps 18303 to ClientAuth Policies. For more detail on clientAuth options: 18304 https://golang.org/pkg/crypto/tls/#ClientAuthType' 18305 type: string 18306 curvePreferences: 18307 description: 'Elliptic curves that will be used in an ECDHE 18308 handshake, in preference order. Available curves are documented 18309 in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' 18310 items: 18311 type: string 18312 type: array 18313 keySecret: 18314 description: Secret containing the TLS key for the server. 18315 properties: 18316 key: 18317 description: The key of the secret to select from. Must 18318 be a valid secret key. 18319 type: string 18320 name: 18321 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18322 TODO: Add other useful fields. apiVersion, kind, uid?' 18323 type: string 18324 optional: 18325 description: Specify whether the Secret or its key must 18326 be defined 18327 type: boolean 18328 required: 18329 - key 18330 type: object 18331 maxVersion: 18332 description: Maximum TLS version that is acceptable. Defaults 18333 to TLS13. 18334 type: string 18335 minVersion: 18336 description: Minimum TLS version that is acceptable. Defaults 18337 to TLS12. 18338 type: string 18339 preferServerCipherSuites: 18340 description: Controls whether the server selects the client's 18341 most preferred cipher suite, or the server's most preferred 18342 cipher suite. If true then the server's preference, as expressed 18343 in the order of elements in cipherSuites, is used. 18344 type: boolean 18345 required: 18346 - cert 18347 - keySecret 18348 type: object 18349 type: object 18350 type: object 18351 status: 18352 description: 'Most recent observed status of the Prometheus cluster. Read-only. 18353 Not included when requesting from the apiserver, only from the Prometheus 18354 Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 18355 properties: 18356 availableReplicas: 18357 description: Total number of available pods (ready for at least minReadySeconds) 18358 targeted by this Prometheus deployment. 18359 format: int32 18360 type: integer 18361 paused: 18362 description: Represents whether any actions on the underlying managed 18363 objects are being performed. Only delete actions will be performed. 18364 type: boolean 18365 replicas: 18366 description: Total number of non-terminated pods targeted by this 18367 Prometheus deployment (their labels match the selector). 18368 format: int32 18369 type: integer 18370 unavailableReplicas: 18371 description: Total number of unavailable pods targeted by this Prometheus 18372 deployment. 18373 format: int32 18374 type: integer 18375 updatedReplicas: 18376 description: Total number of non-terminated pods targeted by this 18377 Prometheus deployment that have the desired version spec. 18378 format: int32 18379 type: integer 18380 required: 18381 - availableReplicas 18382 - paused 18383 - replicas 18384 - unavailableReplicas 18385 - updatedReplicas 18386 type: object 18387 required: 18388 - spec 18389 type: object 18390 served: true 18391 storage: true 18392 subresources: {} 18393 status: 18394 acceptedNames: 18395 kind: "" 18396 plural: "" 18397 conditions: [] 18398 storedVersions: [] 18399 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml 18400 18401 --- 18402 apiVersion: apiextensions.k8s.io/v1 18403 kind: CustomResourceDefinition 18404 metadata: 18405 annotations: 18406 controller-gen.kubebuilder.io/version: v0.6.2 18407 creationTimestamp: null 18408 name: prometheusrules.monitoring.coreos.com 18409 spec: 18410 group: monitoring.coreos.com 18411 names: 18412 categories: 18413 - prometheus-operator 18414 kind: PrometheusRule 18415 listKind: PrometheusRuleList 18416 plural: prometheusrules 18417 singular: prometheusrule 18418 scope: Namespaced 18419 versions: 18420 - name: v1 18421 schema: 18422 openAPIV3Schema: 18423 description: PrometheusRule defines recording and alerting rules for a Prometheus 18424 instance 18425 properties: 18426 apiVersion: 18427 description: 'APIVersion defines the versioned schema of this representation 18428 of an object. Servers should convert recognized schemas to the latest 18429 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 18430 type: string 18431 kind: 18432 description: 'Kind is a string value representing the REST resource this 18433 object represents. Servers may infer this from the endpoint the client 18434 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 18435 type: string 18436 metadata: 18437 type: object 18438 spec: 18439 description: Specification of desired alerting rule definitions for Prometheus. 18440 properties: 18441 groups: 18442 description: Content of Prometheus rule file 18443 items: 18444 description: 'RuleGroup is a list of sequentially evaluated recording 18445 and alerting rules. Note: PartialResponseStrategy is only used 18446 by ThanosRuler and will be ignored by Prometheus instances. Valid 18447 values for this field are ''warn'' or ''abort''. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response' 18448 properties: 18449 interval: 18450 type: string 18451 name: 18452 type: string 18453 partial_response_strategy: 18454 type: string 18455 rules: 18456 items: 18457 description: 'Rule describes an alerting or recording rule 18458 See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) 18459 or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules) 18460 rule' 18461 properties: 18462 alert: 18463 type: string 18464 annotations: 18465 additionalProperties: 18466 type: string 18467 type: object 18468 expr: 18469 anyOf: 18470 - type: integer 18471 - type: string 18472 x-kubernetes-int-or-string: true 18473 for: 18474 type: string 18475 labels: 18476 additionalProperties: 18477 type: string 18478 type: object 18479 record: 18480 type: string 18481 required: 18482 - expr 18483 type: object 18484 type: array 18485 required: 18486 - name 18487 - rules 18488 type: object 18489 type: array 18490 type: object 18491 required: 18492 - spec 18493 type: object 18494 served: true 18495 storage: true 18496 status: 18497 acceptedNames: 18498 kind: "" 18499 plural: "" 18500 conditions: [] 18501 storedVersions: [] 18502 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml 18503 18504 --- 18505 apiVersion: apiextensions.k8s.io/v1 18506 kind: CustomResourceDefinition 18507 metadata: 18508 annotations: 18509 controller-gen.kubebuilder.io/version: v0.6.2 18510 creationTimestamp: null 18511 name: servicemonitors.monitoring.coreos.com 18512 spec: 18513 group: monitoring.coreos.com 18514 names: 18515 categories: 18516 - prometheus-operator 18517 kind: ServiceMonitor 18518 listKind: ServiceMonitorList 18519 plural: servicemonitors 18520 singular: servicemonitor 18521 scope: Namespaced 18522 versions: 18523 - name: v1 18524 schema: 18525 openAPIV3Schema: 18526 description: ServiceMonitor defines monitoring for a set of services. 18527 properties: 18528 apiVersion: 18529 description: 'APIVersion defines the versioned schema of this representation 18530 of an object. Servers should convert recognized schemas to the latest 18531 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 18532 type: string 18533 kind: 18534 description: 'Kind is a string value representing the REST resource this 18535 object represents. Servers may infer this from the endpoint the client 18536 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 18537 type: string 18538 metadata: 18539 type: object 18540 spec: 18541 description: Specification of desired Service selection for target discovery 18542 by Prometheus. 18543 properties: 18544 endpoints: 18545 description: A list of endpoints allowed as part of this ServiceMonitor. 18546 items: 18547 description: Endpoint defines a scrapeable endpoint serving Prometheus 18548 metrics. 18549 properties: 18550 authorization: 18551 description: Authorization section for this endpoint 18552 properties: 18553 credentials: 18554 description: The secret's key that contains the credentials 18555 of the request 18556 properties: 18557 key: 18558 description: The key of the secret to select from. Must 18559 be a valid secret key. 18560 type: string 18561 name: 18562 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18563 TODO: Add other useful fields. apiVersion, kind, uid?' 18564 type: string 18565 optional: 18566 description: Specify whether the Secret or its key must 18567 be defined 18568 type: boolean 18569 required: 18570 - key 18571 type: object 18572 type: 18573 description: Set the authentication type. Defaults to Bearer, 18574 Basic will cause an error 18575 type: string 18576 type: object 18577 basicAuth: 18578 description: 'BasicAuth allow an endpoint to authenticate over 18579 basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 18580 properties: 18581 password: 18582 description: The secret in the service monitor namespace 18583 that contains the password for authentication. 18584 properties: 18585 key: 18586 description: The key of the secret to select from. Must 18587 be a valid secret key. 18588 type: string 18589 name: 18590 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18591 TODO: Add other useful fields. apiVersion, kind, uid?' 18592 type: string 18593 optional: 18594 description: Specify whether the Secret or its key must 18595 be defined 18596 type: boolean 18597 required: 18598 - key 18599 type: object 18600 username: 18601 description: The secret in the service monitor namespace 18602 that contains the username for authentication. 18603 properties: 18604 key: 18605 description: The key of the secret to select from. Must 18606 be a valid secret key. 18607 type: string 18608 name: 18609 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18610 TODO: Add other useful fields. apiVersion, kind, uid?' 18611 type: string 18612 optional: 18613 description: Specify whether the Secret or its key must 18614 be defined 18615 type: boolean 18616 required: 18617 - key 18618 type: object 18619 type: object 18620 bearerTokenFile: 18621 description: File to read bearer token for scraping targets. 18622 type: string 18623 bearerTokenSecret: 18624 description: Secret to mount to read bearer token for scraping 18625 targets. The secret needs to be in the same namespace as the 18626 service monitor and accessible by the Prometheus Operator. 18627 properties: 18628 key: 18629 description: The key of the secret to select from. Must 18630 be a valid secret key. 18631 type: string 18632 name: 18633 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18634 TODO: Add other useful fields. apiVersion, kind, uid?' 18635 type: string 18636 optional: 18637 description: Specify whether the Secret or its key must 18638 be defined 18639 type: boolean 18640 required: 18641 - key 18642 type: object 18643 honorLabels: 18644 description: HonorLabels chooses the metric's labels on collisions 18645 with target labels. 18646 type: boolean 18647 honorTimestamps: 18648 description: HonorTimestamps controls whether Prometheus respects 18649 the timestamps present in scraped data. 18650 type: boolean 18651 interval: 18652 description: Interval at which metrics should be scraped 18653 type: string 18654 metricRelabelings: 18655 description: MetricRelabelConfigs to apply to samples before 18656 ingestion. 18657 items: 18658 description: 'RelabelConfig allows dynamic rewriting of the 18659 label set, being applied to samples before ingestion. It 18660 defines `<metric_relabel_configs>`-section of Prometheus 18661 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 18662 properties: 18663 action: 18664 description: Action to perform based on regex matching. 18665 Default is 'replace' 18666 type: string 18667 modulus: 18668 description: Modulus to take of the hash of the source 18669 label values. 18670 format: int64 18671 type: integer 18672 regex: 18673 description: Regular expression against which the extracted 18674 value is matched. Default is '(.*)' 18675 type: string 18676 replacement: 18677 description: Replacement value against which a regex replace 18678 is performed if the regular expression matches. Regex 18679 capture groups are available. Default is '$1' 18680 type: string 18681 separator: 18682 description: Separator placed between concatenated source 18683 label values. default is ';'. 18684 type: string 18685 sourceLabels: 18686 description: The source labels select values from existing 18687 labels. Their content is concatenated using the configured 18688 separator and matched against the configured regular 18689 expression for the replace, keep, and drop actions. 18690 items: 18691 type: string 18692 type: array 18693 targetLabel: 18694 description: Label to which the resulting value is written 18695 in a replace action. It is mandatory for replace actions. 18696 Regex capture groups are available. 18697 type: string 18698 type: object 18699 type: array 18700 oauth2: 18701 description: OAuth2 for the URL. Only valid in Prometheus versions 18702 2.27.0 and newer. 18703 properties: 18704 clientId: 18705 description: The secret or configmap containing the OAuth2 18706 client id 18707 properties: 18708 configMap: 18709 description: ConfigMap containing data to use for the 18710 targets. 18711 properties: 18712 key: 18713 description: The key to select. 18714 type: string 18715 name: 18716 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18717 TODO: Add other useful fields. apiVersion, kind, 18718 uid?' 18719 type: string 18720 optional: 18721 description: Specify whether the ConfigMap or its 18722 key must be defined 18723 type: boolean 18724 required: 18725 - key 18726 type: object 18727 secret: 18728 description: Secret containing data to use for the targets. 18729 properties: 18730 key: 18731 description: The key of the secret to select from. Must 18732 be a valid secret key. 18733 type: string 18734 name: 18735 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18736 TODO: Add other useful fields. apiVersion, kind, 18737 uid?' 18738 type: string 18739 optional: 18740 description: Specify whether the Secret or its key 18741 must be defined 18742 type: boolean 18743 required: 18744 - key 18745 type: object 18746 type: object 18747 clientSecret: 18748 description: The secret containing the OAuth2 client secret 18749 properties: 18750 key: 18751 description: The key of the secret to select from. Must 18752 be a valid secret key. 18753 type: string 18754 name: 18755 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18756 TODO: Add other useful fields. apiVersion, kind, uid?' 18757 type: string 18758 optional: 18759 description: Specify whether the Secret or its key must 18760 be defined 18761 type: boolean 18762 required: 18763 - key 18764 type: object 18765 endpointParams: 18766 additionalProperties: 18767 type: string 18768 description: Parameters to append to the token URL 18769 type: object 18770 scopes: 18771 description: OAuth2 scopes used for the token request 18772 items: 18773 type: string 18774 type: array 18775 tokenUrl: 18776 description: The URL to fetch the token from 18777 minLength: 1 18778 type: string 18779 required: 18780 - clientId 18781 - clientSecret 18782 - tokenUrl 18783 type: object 18784 params: 18785 additionalProperties: 18786 items: 18787 type: string 18788 type: array 18789 description: Optional HTTP URL parameters 18790 type: object 18791 path: 18792 description: HTTP path to scrape for metrics. 18793 type: string 18794 port: 18795 description: Name of the service port this endpoint refers to. 18796 Mutually exclusive with targetPort. 18797 type: string 18798 proxyUrl: 18799 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 18800 to proxy through this endpoint. 18801 type: string 18802 relabelings: 18803 description: 'RelabelConfigs to apply to samples before scraping. 18804 Prometheus Operator automatically adds relabelings for a few 18805 standard Kubernetes fields and replaces original scrape job 18806 name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 18807 items: 18808 description: 'RelabelConfig allows dynamic rewriting of the 18809 label set, being applied to samples before ingestion. It 18810 defines `<metric_relabel_configs>`-section of Prometheus 18811 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 18812 properties: 18813 action: 18814 description: Action to perform based on regex matching. 18815 Default is 'replace' 18816 type: string 18817 modulus: 18818 description: Modulus to take of the hash of the source 18819 label values. 18820 format: int64 18821 type: integer 18822 regex: 18823 description: Regular expression against which the extracted 18824 value is matched. Default is '(.*)' 18825 type: string 18826 replacement: 18827 description: Replacement value against which a regex replace 18828 is performed if the regular expression matches. Regex 18829 capture groups are available. Default is '$1' 18830 type: string 18831 separator: 18832 description: Separator placed between concatenated source 18833 label values. default is ';'. 18834 type: string 18835 sourceLabels: 18836 description: The source labels select values from existing 18837 labels. Their content is concatenated using the configured 18838 separator and matched against the configured regular 18839 expression for the replace, keep, and drop actions. 18840 items: 18841 type: string 18842 type: array 18843 targetLabel: 18844 description: Label to which the resulting value is written 18845 in a replace action. It is mandatory for replace actions. 18846 Regex capture groups are available. 18847 type: string 18848 type: object 18849 type: array 18850 scheme: 18851 description: HTTP scheme to use for scraping. 18852 type: string 18853 scrapeTimeout: 18854 description: Timeout after which the scrape is ended 18855 type: string 18856 targetPort: 18857 anyOf: 18858 - type: integer 18859 - type: string 18860 description: Name or number of the target port of the Pod behind 18861 the Service, the port must be specified with container port 18862 property. Mutually exclusive with port. 18863 x-kubernetes-int-or-string: true 18864 tlsConfig: 18865 description: TLS configuration to use when scraping the endpoint 18866 properties: 18867 ca: 18868 description: Struct containing the CA cert to use for the 18869 targets. 18870 properties: 18871 configMap: 18872 description: ConfigMap containing data to use for the 18873 targets. 18874 properties: 18875 key: 18876 description: The key to select. 18877 type: string 18878 name: 18879 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18880 TODO: Add other useful fields. apiVersion, kind, 18881 uid?' 18882 type: string 18883 optional: 18884 description: Specify whether the ConfigMap or its 18885 key must be defined 18886 type: boolean 18887 required: 18888 - key 18889 type: object 18890 secret: 18891 description: Secret containing data to use for the targets. 18892 properties: 18893 key: 18894 description: The key of the secret to select from. Must 18895 be a valid secret key. 18896 type: string 18897 name: 18898 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18899 TODO: Add other useful fields. apiVersion, kind, 18900 uid?' 18901 type: string 18902 optional: 18903 description: Specify whether the Secret or its key 18904 must be defined 18905 type: boolean 18906 required: 18907 - key 18908 type: object 18909 type: object 18910 caFile: 18911 description: Path to the CA cert in the Prometheus container 18912 to use for the targets. 18913 type: string 18914 cert: 18915 description: Struct containing the client cert file for 18916 the targets. 18917 properties: 18918 configMap: 18919 description: ConfigMap containing data to use for the 18920 targets. 18921 properties: 18922 key: 18923 description: The key to select. 18924 type: string 18925 name: 18926 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18927 TODO: Add other useful fields. apiVersion, kind, 18928 uid?' 18929 type: string 18930 optional: 18931 description: Specify whether the ConfigMap or its 18932 key must be defined 18933 type: boolean 18934 required: 18935 - key 18936 type: object 18937 secret: 18938 description: Secret containing data to use for the targets. 18939 properties: 18940 key: 18941 description: The key of the secret to select from. Must 18942 be a valid secret key. 18943 type: string 18944 name: 18945 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18946 TODO: Add other useful fields. apiVersion, kind, 18947 uid?' 18948 type: string 18949 optional: 18950 description: Specify whether the Secret or its key 18951 must be defined 18952 type: boolean 18953 required: 18954 - key 18955 type: object 18956 type: object 18957 certFile: 18958 description: Path to the client cert file in the Prometheus 18959 container for the targets. 18960 type: string 18961 insecureSkipVerify: 18962 description: Disable target certificate validation. 18963 type: boolean 18964 keyFile: 18965 description: Path to the client key file in the Prometheus 18966 container for the targets. 18967 type: string 18968 keySecret: 18969 description: Secret containing the client key file for the 18970 targets. 18971 properties: 18972 key: 18973 description: The key of the secret to select from. Must 18974 be a valid secret key. 18975 type: string 18976 name: 18977 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18978 TODO: Add other useful fields. apiVersion, kind, uid?' 18979 type: string 18980 optional: 18981 description: Specify whether the Secret or its key must 18982 be defined 18983 type: boolean 18984 required: 18985 - key 18986 type: object 18987 serverName: 18988 description: Used to verify the hostname for the targets. 18989 type: string 18990 type: object 18991 type: object 18992 type: array 18993 jobLabel: 18994 description: "Chooses the label of the Kubernetes `Endpoints`. Its 18995 value will be used for the `job`-label's value of the created metrics. 18996 \n Default & fallback value: the name of the respective Kubernetes 18997 `Endpoint`." 18998 type: string 18999 labelLimit: 19000 description: Per-scrape limit on number of labels that will be accepted 19001 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 19002 format: int64 19003 type: integer 19004 labelNameLengthLimit: 19005 description: Per-scrape limit on length of labels name that will be 19006 accepted for a sample. Only valid in Prometheus versions 2.27.0 19007 and newer. 19008 format: int64 19009 type: integer 19010 labelValueLengthLimit: 19011 description: Per-scrape limit on length of labels value that will 19012 be accepted for a sample. Only valid in Prometheus versions 2.27.0 19013 and newer. 19014 format: int64 19015 type: integer 19016 namespaceSelector: 19017 description: Selector to select which namespaces the Kubernetes Endpoints 19018 objects are discovered from. 19019 properties: 19020 any: 19021 description: Boolean describing whether all namespaces are selected 19022 in contrast to a list restricting them. 19023 type: boolean 19024 matchNames: 19025 description: List of namespace names. 19026 items: 19027 type: string 19028 type: array 19029 type: object 19030 podTargetLabels: 19031 description: PodTargetLabels transfers labels on the Kubernetes `Pod` 19032 onto the created metrics. 19033 items: 19034 type: string 19035 type: array 19036 sampleLimit: 19037 description: SampleLimit defines per-scrape limit on number of scraped 19038 samples that will be accepted. 19039 format: int64 19040 type: integer 19041 selector: 19042 description: Selector to select Endpoints objects. 19043 properties: 19044 matchExpressions: 19045 description: matchExpressions is a list of label selector requirements. 19046 The requirements are ANDed. 19047 items: 19048 description: A label selector requirement is a selector that 19049 contains values, a key, and an operator that relates the key 19050 and values. 19051 properties: 19052 key: 19053 description: key is the label key that the selector applies 19054 to. 19055 type: string 19056 operator: 19057 description: operator represents a key's relationship to 19058 a set of values. Valid operators are In, NotIn, Exists 19059 and DoesNotExist. 19060 type: string 19061 values: 19062 description: values is an array of string values. If the 19063 operator is In or NotIn, the values array must be non-empty. 19064 If the operator is Exists or DoesNotExist, the values 19065 array must be empty. This array is replaced during a strategic 19066 merge patch. 19067 items: 19068 type: string 19069 type: array 19070 required: 19071 - key 19072 - operator 19073 type: object 19074 type: array 19075 matchLabels: 19076 additionalProperties: 19077 type: string 19078 description: matchLabels is a map of {key,value} pairs. A single 19079 {key,value} in the matchLabels map is equivalent to an element 19080 of matchExpressions, whose key field is "key", the operator 19081 is "In", and the values array contains only "value". The requirements 19082 are ANDed. 19083 type: object 19084 type: object 19085 targetLabels: 19086 description: TargetLabels transfers labels from the Kubernetes `Service` 19087 onto the created metrics. All labels set in `selector.matchLabels` 19088 are automatically transferred. 19089 items: 19090 type: string 19091 type: array 19092 targetLimit: 19093 description: TargetLimit defines a limit on the number of scraped 19094 targets that will be accepted. 19095 format: int64 19096 type: integer 19097 required: 19098 - endpoints 19099 - selector 19100 type: object 19101 required: 19102 - spec 19103 type: object 19104 served: true 19105 storage: true 19106 status: 19107 acceptedNames: 19108 kind: "" 19109 plural: "" 19110 conditions: [] 19111 storedVersions: [] 19112 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml 19113 19114 --- 19115 apiVersion: apiextensions.k8s.io/v1 19116 kind: CustomResourceDefinition 19117 metadata: 19118 annotations: 19119 controller-gen.kubebuilder.io/version: v0.6.2 19120 creationTimestamp: null 19121 name: thanosrulers.monitoring.coreos.com 19122 spec: 19123 group: monitoring.coreos.com 19124 names: 19125 categories: 19126 - prometheus-operator 19127 kind: ThanosRuler 19128 listKind: ThanosRulerList 19129 plural: thanosrulers 19130 singular: thanosruler 19131 scope: Namespaced 19132 versions: 19133 - name: v1 19134 schema: 19135 openAPIV3Schema: 19136 description: ThanosRuler defines a ThanosRuler deployment. 19137 properties: 19138 apiVersion: 19139 description: 'APIVersion defines the versioned schema of this representation 19140 of an object. Servers should convert recognized schemas to the latest 19141 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 19142 type: string 19143 kind: 19144 description: 'Kind is a string value representing the REST resource this 19145 object represents. Servers may infer this from the endpoint the client 19146 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 19147 type: string 19148 metadata: 19149 type: object 19150 spec: 19151 description: 'Specification of the desired behavior of the ThanosRuler 19152 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 19153 properties: 19154 affinity: 19155 description: If specified, the pod's scheduling constraints. 19156 properties: 19157 nodeAffinity: 19158 description: Describes node affinity scheduling rules for the 19159 pod. 19160 properties: 19161 preferredDuringSchedulingIgnoredDuringExecution: 19162 description: The scheduler will prefer to schedule pods to 19163 nodes that satisfy the affinity expressions specified by 19164 this field, but it may choose a node that violates one or 19165 more of the expressions. The node that is most preferred 19166 is the one with the greatest sum of weights, i.e. for each 19167 node that meets all of the scheduling requirements (resource 19168 request, requiredDuringScheduling affinity expressions, 19169 etc.), compute a sum by iterating through the elements of 19170 this field and adding "weight" to the sum if the node matches 19171 the corresponding matchExpressions; the node(s) with the 19172 highest sum are the most preferred. 19173 items: 19174 description: An empty preferred scheduling term matches 19175 all objects with implicit weight 0 (i.e. it's a no-op). 19176 A null preferred scheduling term matches no objects (i.e. 19177 is also a no-op). 19178 properties: 19179 preference: 19180 description: A node selector term, associated with the 19181 corresponding weight. 19182 properties: 19183 matchExpressions: 19184 description: A list of node selector requirements 19185 by node's labels. 19186 items: 19187 description: A node selector requirement is a 19188 selector that contains values, a key, and an 19189 operator that relates the key and values. 19190 properties: 19191 key: 19192 description: The label key that the selector 19193 applies to. 19194 type: string 19195 operator: 19196 description: Represents a key's relationship 19197 to a set of values. Valid operators are 19198 In, NotIn, Exists, DoesNotExist. Gt, and 19199 Lt. 19200 type: string 19201 values: 19202 description: An array of string values. If 19203 the operator is In or NotIn, the values 19204 array must be non-empty. If the operator 19205 is Exists or DoesNotExist, the values array 19206 must be empty. If the operator is Gt or 19207 Lt, the values array must have a single 19208 element, which will be interpreted as an 19209 integer. This array is replaced during a 19210 strategic merge patch. 19211 items: 19212 type: string 19213 type: array 19214 required: 19215 - key 19216 - operator 19217 type: object 19218 type: array 19219 matchFields: 19220 description: A list of node selector requirements 19221 by node's fields. 19222 items: 19223 description: A node selector requirement is a 19224 selector that contains values, a key, and an 19225 operator that relates the key and values. 19226 properties: 19227 key: 19228 description: The label key that the selector 19229 applies to. 19230 type: string 19231 operator: 19232 description: Represents a key's relationship 19233 to a set of values. Valid operators are 19234 In, NotIn, Exists, DoesNotExist. Gt, and 19235 Lt. 19236 type: string 19237 values: 19238 description: An array of string values. If 19239 the operator is In or NotIn, the values 19240 array must be non-empty. If the operator 19241 is Exists or DoesNotExist, the values array 19242 must be empty. If the operator is Gt or 19243 Lt, the values array must have a single 19244 element, which will be interpreted as an 19245 integer. This array is replaced during a 19246 strategic merge patch. 19247 items: 19248 type: string 19249 type: array 19250 required: 19251 - key 19252 - operator 19253 type: object 19254 type: array 19255 type: object 19256 weight: 19257 description: Weight associated with matching the corresponding 19258 nodeSelectorTerm, in the range 1-100. 19259 format: int32 19260 type: integer 19261 required: 19262 - preference 19263 - weight 19264 type: object 19265 type: array 19266 requiredDuringSchedulingIgnoredDuringExecution: 19267 description: If the affinity requirements specified by this 19268 field are not met at scheduling time, the pod will not be 19269 scheduled onto the node. If the affinity requirements specified 19270 by this field cease to be met at some point during pod execution 19271 (e.g. due to an update), the system may or may not try to 19272 eventually evict the pod from its node. 19273 properties: 19274 nodeSelectorTerms: 19275 description: Required. A list of node selector terms. 19276 The terms are ORed. 19277 items: 19278 description: A null or empty node selector term matches 19279 no objects. The requirements of them are ANDed. The 19280 TopologySelectorTerm type implements a subset of the 19281 NodeSelectorTerm. 19282 properties: 19283 matchExpressions: 19284 description: A list of node selector requirements 19285 by node's labels. 19286 items: 19287 description: A node selector requirement is a 19288 selector that contains values, a key, and an 19289 operator that relates the key and values. 19290 properties: 19291 key: 19292 description: The label key that the selector 19293 applies to. 19294 type: string 19295 operator: 19296 description: Represents a key's relationship 19297 to a set of values. Valid operators are 19298 In, NotIn, Exists, DoesNotExist. Gt, and 19299 Lt. 19300 type: string 19301 values: 19302 description: An array of string values. If 19303 the operator is In or NotIn, the values 19304 array must be non-empty. If the operator 19305 is Exists or DoesNotExist, the values array 19306 must be empty. If the operator is Gt or 19307 Lt, the values array must have a single 19308 element, which will be interpreted as an 19309 integer. This array is replaced during a 19310 strategic merge patch. 19311 items: 19312 type: string 19313 type: array 19314 required: 19315 - key 19316 - operator 19317 type: object 19318 type: array 19319 matchFields: 19320 description: A list of node selector requirements 19321 by node's fields. 19322 items: 19323 description: A node selector requirement is a 19324 selector that contains values, a key, and an 19325 operator that relates the key and values. 19326 properties: 19327 key: 19328 description: The label key that the selector 19329 applies to. 19330 type: string 19331 operator: 19332 description: Represents a key's relationship 19333 to a set of values. Valid operators are 19334 In, NotIn, Exists, DoesNotExist. Gt, and 19335 Lt. 19336 type: string 19337 values: 19338 description: An array of string values. If 19339 the operator is In or NotIn, the values 19340 array must be non-empty. If the operator 19341 is Exists or DoesNotExist, the values array 19342 must be empty. If the operator is Gt or 19343 Lt, the values array must have a single 19344 element, which will be interpreted as an 19345 integer. This array is replaced during a 19346 strategic merge patch. 19347 items: 19348 type: string 19349 type: array 19350 required: 19351 - key 19352 - operator 19353 type: object 19354 type: array 19355 type: object 19356 type: array 19357 required: 19358 - nodeSelectorTerms 19359 type: object 19360 type: object 19361 podAffinity: 19362 description: Describes pod affinity scheduling rules (e.g. co-locate 19363 this pod in the same node, zone, etc. as some other pod(s)). 19364 properties: 19365 preferredDuringSchedulingIgnoredDuringExecution: 19366 description: The scheduler will prefer to schedule pods to 19367 nodes that satisfy the affinity expressions specified by 19368 this field, but it may choose a node that violates one or 19369 more of the expressions. The node that is most preferred 19370 is the one with the greatest sum of weights, i.e. for each 19371 node that meets all of the scheduling requirements (resource 19372 request, requiredDuringScheduling affinity expressions, 19373 etc.), compute a sum by iterating through the elements of 19374 this field and adding "weight" to the sum if the node has 19375 pods which matches the corresponding podAffinityTerm; the 19376 node(s) with the highest sum are the most preferred. 19377 items: 19378 description: The weights of all of the matched WeightedPodAffinityTerm 19379 fields are added per-node to find the most preferred node(s) 19380 properties: 19381 podAffinityTerm: 19382 description: Required. A pod affinity term, associated 19383 with the corresponding weight. 19384 properties: 19385 labelSelector: 19386 description: A label query over a set of resources, 19387 in this case pods. 19388 properties: 19389 matchExpressions: 19390 description: matchExpressions is a list of label 19391 selector requirements. The requirements are 19392 ANDed. 19393 items: 19394 description: A label selector requirement 19395 is a selector that contains values, a key, 19396 and an operator that relates the key and 19397 values. 19398 properties: 19399 key: 19400 description: key is the label key that 19401 the selector applies to. 19402 type: string 19403 operator: 19404 description: operator represents a key's 19405 relationship to a set of values. Valid 19406 operators are In, NotIn, Exists and 19407 DoesNotExist. 19408 type: string 19409 values: 19410 description: values is an array of string 19411 values. If the operator is In or NotIn, 19412 the values array must be non-empty. 19413 If the operator is Exists or DoesNotExist, 19414 the values array must be empty. This 19415 array is replaced during a strategic 19416 merge patch. 19417 items: 19418 type: string 19419 type: array 19420 required: 19421 - key 19422 - operator 19423 type: object 19424 type: array 19425 matchLabels: 19426 additionalProperties: 19427 type: string 19428 description: matchLabels is a map of {key,value} 19429 pairs. A single {key,value} in the matchLabels 19430 map is equivalent to an element of matchExpressions, 19431 whose key field is "key", the operator is 19432 "In", and the values array contains only "value". 19433 The requirements are ANDed. 19434 type: object 19435 type: object 19436 namespaceSelector: 19437 description: A label query over the set of namespaces 19438 that the term applies to. The term is applied 19439 to the union of the namespaces selected by this 19440 field and the ones listed in the namespaces field. 19441 null selector and null or empty namespaces list 19442 means "this pod's namespace". An empty selector 19443 ({}) matches all namespaces. This field is beta-level 19444 and is only honored when PodAffinityNamespaceSelector 19445 feature is enabled. 19446 properties: 19447 matchExpressions: 19448 description: matchExpressions is a list of label 19449 selector requirements. The requirements are 19450 ANDed. 19451 items: 19452 description: A label selector requirement 19453 is a selector that contains values, a key, 19454 and an operator that relates the key and 19455 values. 19456 properties: 19457 key: 19458 description: key is the label key that 19459 the selector applies to. 19460 type: string 19461 operator: 19462 description: operator represents a key's 19463 relationship to a set of values. Valid 19464 operators are In, NotIn, Exists and 19465 DoesNotExist. 19466 type: string 19467 values: 19468 description: values is an array of string 19469 values. If the operator is In or NotIn, 19470 the values array must be non-empty. 19471 If the operator is Exists or DoesNotExist, 19472 the values array must be empty. This 19473 array is replaced during a strategic 19474 merge patch. 19475 items: 19476 type: string 19477 type: array 19478 required: 19479 - key 19480 - operator 19481 type: object 19482 type: array 19483 matchLabels: 19484 additionalProperties: 19485 type: string 19486 description: matchLabels is a map of {key,value} 19487 pairs. A single {key,value} in the matchLabels 19488 map is equivalent to an element of matchExpressions, 19489 whose key field is "key", the operator is 19490 "In", and the values array contains only "value". 19491 The requirements are ANDed. 19492 type: object 19493 type: object 19494 namespaces: 19495 description: namespaces specifies a static list 19496 of namespace names that the term applies to. The 19497 term is applied to the union of the namespaces 19498 listed in this field and the ones selected by 19499 namespaceSelector. null or empty namespaces list 19500 and null namespaceSelector means "this pod's namespace" 19501 items: 19502 type: string 19503 type: array 19504 topologyKey: 19505 description: This pod should be co-located (affinity) 19506 or not co-located (anti-affinity) with the pods 19507 matching the labelSelector in the specified namespaces, 19508 where co-located is defined as running on a node 19509 whose value of the label with key topologyKey 19510 matches that of any node on which any of the selected 19511 pods is running. Empty topologyKey is not allowed. 19512 type: string 19513 required: 19514 - topologyKey 19515 type: object 19516 weight: 19517 description: weight associated with matching the corresponding 19518 podAffinityTerm, in the range 1-100. 19519 format: int32 19520 type: integer 19521 required: 19522 - podAffinityTerm 19523 - weight 19524 type: object 19525 type: array 19526 requiredDuringSchedulingIgnoredDuringExecution: 19527 description: If the affinity requirements specified by this 19528 field are not met at scheduling time, the pod will not be 19529 scheduled onto the node. If the affinity requirements specified 19530 by this field cease to be met at some point during pod execution 19531 (e.g. due to a pod label update), the system may or may 19532 not try to eventually evict the pod from its node. When 19533 there are multiple elements, the lists of nodes corresponding 19534 to each podAffinityTerm are intersected, i.e. all terms 19535 must be satisfied. 19536 items: 19537 description: Defines a set of pods (namely those matching 19538 the labelSelector relative to the given namespace(s)) 19539 that this pod should be co-located (affinity) or not co-located 19540 (anti-affinity) with, where co-located is defined as running 19541 on a node whose value of the label with key <topologyKey> 19542 matches that of any node on which a pod of the set of 19543 pods is running 19544 properties: 19545 labelSelector: 19546 description: A label query over a set of resources, 19547 in this case pods. 19548 properties: 19549 matchExpressions: 19550 description: matchExpressions is a list of label 19551 selector requirements. The requirements are ANDed. 19552 items: 19553 description: A label selector requirement is a 19554 selector that contains values, a key, and an 19555 operator that relates the key and values. 19556 properties: 19557 key: 19558 description: key is the label key that the 19559 selector applies to. 19560 type: string 19561 operator: 19562 description: operator represents a key's relationship 19563 to a set of values. Valid operators are 19564 In, NotIn, Exists and DoesNotExist. 19565 type: string 19566 values: 19567 description: values is an array of string 19568 values. If the operator is In or NotIn, 19569 the values array must be non-empty. If the 19570 operator is Exists or DoesNotExist, the 19571 values array must be empty. This array is 19572 replaced during a strategic merge patch. 19573 items: 19574 type: string 19575 type: array 19576 required: 19577 - key 19578 - operator 19579 type: object 19580 type: array 19581 matchLabels: 19582 additionalProperties: 19583 type: string 19584 description: matchLabels is a map of {key,value} 19585 pairs. A single {key,value} in the matchLabels 19586 map is equivalent to an element of matchExpressions, 19587 whose key field is "key", the operator is "In", 19588 and the values array contains only "value". The 19589 requirements are ANDed. 19590 type: object 19591 type: object 19592 namespaceSelector: 19593 description: A label query over the set of namespaces 19594 that the term applies to. The term is applied to the 19595 union of the namespaces selected by this field and 19596 the ones listed in the namespaces field. null selector 19597 and null or empty namespaces list means "this pod's 19598 namespace". An empty selector ({}) matches all namespaces. 19599 This field is beta-level and is only honored when 19600 PodAffinityNamespaceSelector feature is enabled. 19601 properties: 19602 matchExpressions: 19603 description: matchExpressions is a list of label 19604 selector requirements. The requirements are ANDed. 19605 items: 19606 description: A label selector requirement is a 19607 selector that contains values, a key, and an 19608 operator that relates the key and values. 19609 properties: 19610 key: 19611 description: key is the label key that the 19612 selector applies to. 19613 type: string 19614 operator: 19615 description: operator represents a key's relationship 19616 to a set of values. Valid operators are 19617 In, NotIn, Exists and DoesNotExist. 19618 type: string 19619 values: 19620 description: values is an array of string 19621 values. If the operator is In or NotIn, 19622 the values array must be non-empty. If the 19623 operator is Exists or DoesNotExist, the 19624 values array must be empty. This array is 19625 replaced during a strategic merge patch. 19626 items: 19627 type: string 19628 type: array 19629 required: 19630 - key 19631 - operator 19632 type: object 19633 type: array 19634 matchLabels: 19635 additionalProperties: 19636 type: string 19637 description: matchLabels is a map of {key,value} 19638 pairs. A single {key,value} in the matchLabels 19639 map is equivalent to an element of matchExpressions, 19640 whose key field is "key", the operator is "In", 19641 and the values array contains only "value". The 19642 requirements are ANDed. 19643 type: object 19644 type: object 19645 namespaces: 19646 description: namespaces specifies a static list of namespace 19647 names that the term applies to. The term is applied 19648 to the union of the namespaces listed in this field 19649 and the ones selected by namespaceSelector. null or 19650 empty namespaces list and null namespaceSelector means 19651 "this pod's namespace" 19652 items: 19653 type: string 19654 type: array 19655 topologyKey: 19656 description: This pod should be co-located (affinity) 19657 or not co-located (anti-affinity) with the pods matching 19658 the labelSelector in the specified namespaces, where 19659 co-located is defined as running on a node whose value 19660 of the label with key topologyKey matches that of 19661 any node on which any of the selected pods is running. 19662 Empty topologyKey is not allowed. 19663 type: string 19664 required: 19665 - topologyKey 19666 type: object 19667 type: array 19668 type: object 19669 podAntiAffinity: 19670 description: Describes pod anti-affinity scheduling rules (e.g. 19671 avoid putting this pod in the same node, zone, etc. as some 19672 other pod(s)). 19673 properties: 19674 preferredDuringSchedulingIgnoredDuringExecution: 19675 description: The scheduler will prefer to schedule pods to 19676 nodes that satisfy the anti-affinity expressions specified 19677 by this field, but it may choose a node that violates one 19678 or more of the expressions. The node that is most preferred 19679 is the one with the greatest sum of weights, i.e. for each 19680 node that meets all of the scheduling requirements (resource 19681 request, requiredDuringScheduling anti-affinity expressions, 19682 etc.), compute a sum by iterating through the elements of 19683 this field and adding "weight" to the sum if the node has 19684 pods which matches the corresponding podAffinityTerm; the 19685 node(s) with the highest sum are the most preferred. 19686 items: 19687 description: The weights of all of the matched WeightedPodAffinityTerm 19688 fields are added per-node to find the most preferred node(s) 19689 properties: 19690 podAffinityTerm: 19691 description: Required. A pod affinity term, associated 19692 with the corresponding weight. 19693 properties: 19694 labelSelector: 19695 description: A label query over a set of resources, 19696 in this case pods. 19697 properties: 19698 matchExpressions: 19699 description: matchExpressions is a list of label 19700 selector requirements. The requirements are 19701 ANDed. 19702 items: 19703 description: A label selector requirement 19704 is a selector that contains values, a key, 19705 and an operator that relates the key and 19706 values. 19707 properties: 19708 key: 19709 description: key is the label key that 19710 the selector applies to. 19711 type: string 19712 operator: 19713 description: operator represents a key's 19714 relationship to a set of values. Valid 19715 operators are In, NotIn, Exists and 19716 DoesNotExist. 19717 type: string 19718 values: 19719 description: values is an array of string 19720 values. If the operator is In or NotIn, 19721 the values array must be non-empty. 19722 If the operator is Exists or DoesNotExist, 19723 the values array must be empty. This 19724 array is replaced during a strategic 19725 merge patch. 19726 items: 19727 type: string 19728 type: array 19729 required: 19730 - key 19731 - operator 19732 type: object 19733 type: array 19734 matchLabels: 19735 additionalProperties: 19736 type: string 19737 description: matchLabels is a map of {key,value} 19738 pairs. A single {key,value} in the matchLabels 19739 map is equivalent to an element of matchExpressions, 19740 whose key field is "key", the operator is 19741 "In", and the values array contains only "value". 19742 The requirements are ANDed. 19743 type: object 19744 type: object 19745 namespaceSelector: 19746 description: A label query over the set of namespaces 19747 that the term applies to. The term is applied 19748 to the union of the namespaces selected by this 19749 field and the ones listed in the namespaces field. 19750 null selector and null or empty namespaces list 19751 means "this pod's namespace". An empty selector 19752 ({}) matches all namespaces. This field is beta-level 19753 and is only honored when PodAffinityNamespaceSelector 19754 feature is enabled. 19755 properties: 19756 matchExpressions: 19757 description: matchExpressions is a list of label 19758 selector requirements. The requirements are 19759 ANDed. 19760 items: 19761 description: A label selector requirement 19762 is a selector that contains values, a key, 19763 and an operator that relates the key and 19764 values. 19765 properties: 19766 key: 19767 description: key is the label key that 19768 the selector applies to. 19769 type: string 19770 operator: 19771 description: operator represents a key's 19772 relationship to a set of values. Valid 19773 operators are In, NotIn, Exists and 19774 DoesNotExist. 19775 type: string 19776 values: 19777 description: values is an array of string 19778 values. If the operator is In or NotIn, 19779 the values array must be non-empty. 19780 If the operator is Exists or DoesNotExist, 19781 the values array must be empty. This 19782 array is replaced during a strategic 19783 merge patch. 19784 items: 19785 type: string 19786 type: array 19787 required: 19788 - key 19789 - operator 19790 type: object 19791 type: array 19792 matchLabels: 19793 additionalProperties: 19794 type: string 19795 description: matchLabels is a map of {key,value} 19796 pairs. A single {key,value} in the matchLabels 19797 map is equivalent to an element of matchExpressions, 19798 whose key field is "key", the operator is 19799 "In", and the values array contains only "value". 19800 The requirements are ANDed. 19801 type: object 19802 type: object 19803 namespaces: 19804 description: namespaces specifies a static list 19805 of namespace names that the term applies to. The 19806 term is applied to the union of the namespaces 19807 listed in this field and the ones selected by 19808 namespaceSelector. null or empty namespaces list 19809 and null namespaceSelector means "this pod's namespace" 19810 items: 19811 type: string 19812 type: array 19813 topologyKey: 19814 description: This pod should be co-located (affinity) 19815 or not co-located (anti-affinity) with the pods 19816 matching the labelSelector in the specified namespaces, 19817 where co-located is defined as running on a node 19818 whose value of the label with key topologyKey 19819 matches that of any node on which any of the selected 19820 pods is running. Empty topologyKey is not allowed. 19821 type: string 19822 required: 19823 - topologyKey 19824 type: object 19825 weight: 19826 description: weight associated with matching the corresponding 19827 podAffinityTerm, in the range 1-100. 19828 format: int32 19829 type: integer 19830 required: 19831 - podAffinityTerm 19832 - weight 19833 type: object 19834 type: array 19835 requiredDuringSchedulingIgnoredDuringExecution: 19836 description: If the anti-affinity requirements specified by 19837 this field are not met at scheduling time, the pod will 19838 not be scheduled onto the node. If the anti-affinity requirements 19839 specified by this field cease to be met at some point during 19840 pod execution (e.g. due to a pod label update), the system 19841 may or may not try to eventually evict the pod from its 19842 node. When there are multiple elements, the lists of nodes 19843 corresponding to each podAffinityTerm are intersected, i.e. 19844 all terms must be satisfied. 19845 items: 19846 description: Defines a set of pods (namely those matching 19847 the labelSelector relative to the given namespace(s)) 19848 that this pod should be co-located (affinity) or not co-located 19849 (anti-affinity) with, where co-located is defined as running 19850 on a node whose value of the label with key <topologyKey> 19851 matches that of any node on which a pod of the set of 19852 pods is running 19853 properties: 19854 labelSelector: 19855 description: A label query over a set of resources, 19856 in this case pods. 19857 properties: 19858 matchExpressions: 19859 description: matchExpressions is a list of label 19860 selector requirements. The requirements are ANDed. 19861 items: 19862 description: A label selector requirement is a 19863 selector that contains values, a key, and an 19864 operator that relates the key and values. 19865 properties: 19866 key: 19867 description: key is the label key that the 19868 selector applies to. 19869 type: string 19870 operator: 19871 description: operator represents a key's relationship 19872 to a set of values. Valid operators are 19873 In, NotIn, Exists and DoesNotExist. 19874 type: string 19875 values: 19876 description: values is an array of string 19877 values. If the operator is In or NotIn, 19878 the values array must be non-empty. If the 19879 operator is Exists or DoesNotExist, the 19880 values array must be empty. This array is 19881 replaced during a strategic merge patch. 19882 items: 19883 type: string 19884 type: array 19885 required: 19886 - key 19887 - operator 19888 type: object 19889 type: array 19890 matchLabels: 19891 additionalProperties: 19892 type: string 19893 description: matchLabels is a map of {key,value} 19894 pairs. A single {key,value} in the matchLabels 19895 map is equivalent to an element of matchExpressions, 19896 whose key field is "key", the operator is "In", 19897 and the values array contains only "value". The 19898 requirements are ANDed. 19899 type: object 19900 type: object 19901 namespaceSelector: 19902 description: A label query over the set of namespaces 19903 that the term applies to. The term is applied to the 19904 union of the namespaces selected by this field and 19905 the ones listed in the namespaces field. null selector 19906 and null or empty namespaces list means "this pod's 19907 namespace". An empty selector ({}) matches all namespaces. 19908 This field is beta-level and is only honored when 19909 PodAffinityNamespaceSelector feature is enabled. 19910 properties: 19911 matchExpressions: 19912 description: matchExpressions is a list of label 19913 selector requirements. The requirements are ANDed. 19914 items: 19915 description: A label selector requirement is a 19916 selector that contains values, a key, and an 19917 operator that relates the key and values. 19918 properties: 19919 key: 19920 description: key is the label key that the 19921 selector applies to. 19922 type: string 19923 operator: 19924 description: operator represents a key's relationship 19925 to a set of values. Valid operators are 19926 In, NotIn, Exists and DoesNotExist. 19927 type: string 19928 values: 19929 description: values is an array of string 19930 values. If the operator is In or NotIn, 19931 the values array must be non-empty. If the 19932 operator is Exists or DoesNotExist, the 19933 values array must be empty. This array is 19934 replaced during a strategic merge patch. 19935 items: 19936 type: string 19937 type: array 19938 required: 19939 - key 19940 - operator 19941 type: object 19942 type: array 19943 matchLabels: 19944 additionalProperties: 19945 type: string 19946 description: matchLabels is a map of {key,value} 19947 pairs. A single {key,value} in the matchLabels 19948 map is equivalent to an element of matchExpressions, 19949 whose key field is "key", the operator is "In", 19950 and the values array contains only "value". The 19951 requirements are ANDed. 19952 type: object 19953 type: object 19954 namespaces: 19955 description: namespaces specifies a static list of namespace 19956 names that the term applies to. The term is applied 19957 to the union of the namespaces listed in this field 19958 and the ones selected by namespaceSelector. null or 19959 empty namespaces list and null namespaceSelector means 19960 "this pod's namespace" 19961 items: 19962 type: string 19963 type: array 19964 topologyKey: 19965 description: This pod should be co-located (affinity) 19966 or not co-located (anti-affinity) with the pods matching 19967 the labelSelector in the specified namespaces, where 19968 co-located is defined as running on a node whose value 19969 of the label with key topologyKey matches that of 19970 any node on which any of the selected pods is running. 19971 Empty topologyKey is not allowed. 19972 type: string 19973 required: 19974 - topologyKey 19975 type: object 19976 type: array 19977 type: object 19978 type: object 19979 alertDropLabels: 19980 description: AlertDropLabels configure the label names which should 19981 be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica` 19982 will always be dropped in alerts. 19983 items: 19984 type: string 19985 type: array 19986 alertQueryUrl: 19987 description: The external Query URL the Thanos Ruler will set in the 19988 'Source' field of all alerts. Maps to the '--alert.query-url' CLI 19989 arg. 19990 type: string 19991 alertRelabelConfigFile: 19992 description: AlertRelabelConfigFile specifies the path of the alert 19993 relabeling configuration file. When used alongside with AlertRelabelConfigs, 19994 alertRelabelConfigFile takes precedence. 19995 type: string 19996 alertRelabelConfigs: 19997 description: 'AlertRelabelConfigs configures alert relabeling in ThanosRuler. 19998 Alert relabel configurations must have the form as specified in 19999 the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs 20000 Alternative to AlertRelabelConfigFile, and lower order priority.' 20001 properties: 20002 key: 20003 description: The key of the secret to select from. Must be a 20004 valid secret key. 20005 type: string 20006 name: 20007 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20008 TODO: Add other useful fields. apiVersion, kind, uid?' 20009 type: string 20010 optional: 20011 description: Specify whether the Secret or its key must be defined 20012 type: boolean 20013 required: 20014 - key 20015 type: object 20016 alertmanagersConfig: 20017 description: Define configuration for connecting to alertmanager. Only 20018 available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` 20019 arg. 20020 properties: 20021 key: 20022 description: The key of the secret to select from. Must be a 20023 valid secret key. 20024 type: string 20025 name: 20026 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20027 TODO: Add other useful fields. apiVersion, kind, uid?' 20028 type: string 20029 optional: 20030 description: Specify whether the Secret or its key must be defined 20031 type: boolean 20032 required: 20033 - key 20034 type: object 20035 alertmanagersUrl: 20036 description: 'Define URLs to send alerts to Alertmanager. For Thanos 20037 v0.10.0 and higher, AlertManagersConfig should be used instead. Note: 20038 this field will be ignored if AlertManagersConfig is specified. 20039 Maps to the `alertmanagers.url` arg.' 20040 items: 20041 type: string 20042 type: array 20043 containers: 20044 description: 'Containers allows injecting additional containers or 20045 modifying operator generated containers. This can be used to allow 20046 adding an authentication proxy to a ThanosRuler pod or to change 20047 the behavior of an operator generated container. Containers described 20048 here modify an operator generated container if they share the same 20049 name and modifications are done via a strategic merge patch. The 20050 current container names are: `thanos-ruler` and `config-reloader`. 20051 Overriding containers is entirely outside the scope of what the 20052 maintainers will support and by doing so, you accept that this behaviour 20053 may break at any time without notice.' 20054 items: 20055 description: A single application container that you want to run 20056 within a pod. 20057 properties: 20058 args: 20059 description: 'Arguments to the entrypoint. The docker image''s 20060 CMD is used if this is not provided. Variable references $(VAR_NAME) 20061 are expanded using the container''s environment. If a variable 20062 cannot be resolved, the reference in the input string will 20063 be unchanged. Double $$ are reduced to a single $, which allows 20064 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 20065 produce the string literal "$(VAR_NAME)". Escaped references 20066 will never be expanded, regardless of whether the variable 20067 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 20068 items: 20069 type: string 20070 type: array 20071 command: 20072 description: 'Entrypoint array. Not executed within a shell. 20073 The docker image''s ENTRYPOINT is used if this is not provided. 20074 Variable references $(VAR_NAME) are expanded using the container''s 20075 environment. If a variable cannot be resolved, the reference 20076 in the input string will be unchanged. Double $$ are reduced 20077 to a single $, which allows for escaping the $(VAR_NAME) syntax: 20078 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 20079 Escaped references will never be expanded, regardless of whether 20080 the variable exists or not. Cannot be updated. More info: 20081 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 20082 items: 20083 type: string 20084 type: array 20085 env: 20086 description: List of environment variables to set in the container. 20087 Cannot be updated. 20088 items: 20089 description: EnvVar represents an environment variable present 20090 in a Container. 20091 properties: 20092 name: 20093 description: Name of the environment variable. Must be 20094 a C_IDENTIFIER. 20095 type: string 20096 value: 20097 description: 'Variable references $(VAR_NAME) are expanded 20098 using the previously defined environment variables in 20099 the container and any service environment variables. 20100 If a variable cannot be resolved, the reference in the 20101 input string will be unchanged. Double $$ are reduced 20102 to a single $, which allows for escaping the $(VAR_NAME) 20103 syntax: i.e. "$$(VAR_NAME)" will produce the string 20104 literal "$(VAR_NAME)". Escaped references will never 20105 be expanded, regardless of whether the variable exists 20106 or not. Defaults to "".' 20107 type: string 20108 valueFrom: 20109 description: Source for the environment variable's value. 20110 Cannot be used if value is not empty. 20111 properties: 20112 configMapKeyRef: 20113 description: Selects a key of a ConfigMap. 20114 properties: 20115 key: 20116 description: The key to select. 20117 type: string 20118 name: 20119 description: 'Name of the referent. More info: 20120 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20121 TODO: Add other useful fields. apiVersion, kind, 20122 uid?' 20123 type: string 20124 optional: 20125 description: Specify whether the ConfigMap or 20126 its key must be defined 20127 type: boolean 20128 required: 20129 - key 20130 type: object 20131 fieldRef: 20132 description: 'Selects a field of the pod: supports 20133 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 20134 `metadata.annotations[''<KEY>'']`, spec.nodeName, 20135 spec.serviceAccountName, status.hostIP, status.podIP, 20136 status.podIPs.' 20137 properties: 20138 apiVersion: 20139 description: Version of the schema the FieldPath 20140 is written in terms of, defaults to "v1". 20141 type: string 20142 fieldPath: 20143 description: Path of the field to select in the 20144 specified API version. 20145 type: string 20146 required: 20147 - fieldPath 20148 type: object 20149 resourceFieldRef: 20150 description: 'Selects a resource of the container: 20151 only resources limits and requests (limits.cpu, 20152 limits.memory, limits.ephemeral-storage, requests.cpu, 20153 requests.memory and requests.ephemeral-storage) 20154 are currently supported.' 20155 properties: 20156 containerName: 20157 description: 'Container name: required for volumes, 20158 optional for env vars' 20159 type: string 20160 divisor: 20161 anyOf: 20162 - type: integer 20163 - type: string 20164 description: Specifies the output format of the 20165 exposed resources, defaults to "1" 20166 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20167 x-kubernetes-int-or-string: true 20168 resource: 20169 description: 'Required: resource to select' 20170 type: string 20171 required: 20172 - resource 20173 type: object 20174 secretKeyRef: 20175 description: Selects a key of a secret in the pod's 20176 namespace 20177 properties: 20178 key: 20179 description: The key of the secret to select from. Must 20180 be a valid secret key. 20181 type: string 20182 name: 20183 description: 'Name of the referent. More info: 20184 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20185 TODO: Add other useful fields. apiVersion, kind, 20186 uid?' 20187 type: string 20188 optional: 20189 description: Specify whether the Secret or its 20190 key must be defined 20191 type: boolean 20192 required: 20193 - key 20194 type: object 20195 type: object 20196 required: 20197 - name 20198 type: object 20199 type: array 20200 envFrom: 20201 description: List of sources to populate environment variables 20202 in the container. The keys defined within a source must be 20203 a C_IDENTIFIER. All invalid keys will be reported as an event 20204 when the container is starting. When a key exists in multiple 20205 sources, the value associated with the last source will take 20206 precedence. Values defined by an Env with a duplicate key 20207 will take precedence. Cannot be updated. 20208 items: 20209 description: EnvFromSource represents the source of a set 20210 of ConfigMaps 20211 properties: 20212 configMapRef: 20213 description: The ConfigMap to select from 20214 properties: 20215 name: 20216 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20217 TODO: Add other useful fields. apiVersion, kind, 20218 uid?' 20219 type: string 20220 optional: 20221 description: Specify whether the ConfigMap must be 20222 defined 20223 type: boolean 20224 type: object 20225 prefix: 20226 description: An optional identifier to prepend to each 20227 key in the ConfigMap. Must be a C_IDENTIFIER. 20228 type: string 20229 secretRef: 20230 description: The Secret to select from 20231 properties: 20232 name: 20233 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20234 TODO: Add other useful fields. apiVersion, kind, 20235 uid?' 20236 type: string 20237 optional: 20238 description: Specify whether the Secret must be defined 20239 type: boolean 20240 type: object 20241 type: object 20242 type: array 20243 image: 20244 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20245 This field is optional to allow higher level config management 20246 to default or override container images in workload controllers 20247 like Deployments and StatefulSets.' 20248 type: string 20249 imagePullPolicy: 20250 description: 'Image pull policy. One of Always, Never, IfNotPresent. 20251 Defaults to Always if :latest tag is specified, or IfNotPresent 20252 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 20253 type: string 20254 lifecycle: 20255 description: Actions that the management system should take 20256 in response to container lifecycle events. Cannot be updated. 20257 properties: 20258 postStart: 20259 description: 'PostStart is called immediately after a container 20260 is created. If the handler fails, the container is terminated 20261 and restarted according to its restart policy. Other management 20262 of the container blocks until the hook completes. More 20263 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 20264 properties: 20265 exec: 20266 description: Exec specifies the action to take. 20267 properties: 20268 command: 20269 description: Command is the command line to execute 20270 inside the container, the working directory for 20271 the command is root ('/') in the container's 20272 filesystem. The command is simply exec'd, it is 20273 not run inside a shell, so traditional shell instructions 20274 ('|', etc) won't work. To use a shell, you need 20275 to explicitly call out to that shell. Exit status 20276 of 0 is treated as live/healthy and non-zero is 20277 unhealthy. 20278 items: 20279 type: string 20280 type: array 20281 type: object 20282 httpGet: 20283 description: HTTPGet specifies the http request to perform. 20284 properties: 20285 host: 20286 description: Host name to connect to, defaults to 20287 the pod IP. You probably want to set "Host" in 20288 httpHeaders instead. 20289 type: string 20290 httpHeaders: 20291 description: Custom headers to set in the request. 20292 HTTP allows repeated headers. 20293 items: 20294 description: HTTPHeader describes a custom header 20295 to be used in HTTP probes 20296 properties: 20297 name: 20298 description: The header field name 20299 type: string 20300 value: 20301 description: The header field value 20302 type: string 20303 required: 20304 - name 20305 - value 20306 type: object 20307 type: array 20308 path: 20309 description: Path to access on the HTTP server. 20310 type: string 20311 port: 20312 anyOf: 20313 - type: integer 20314 - type: string 20315 description: Name or number of the port to access 20316 on the container. Number must be in the range 20317 1 to 65535. Name must be an IANA_SVC_NAME. 20318 x-kubernetes-int-or-string: true 20319 scheme: 20320 description: Scheme to use for connecting to the 20321 host. Defaults to HTTP. 20322 type: string 20323 required: 20324 - port 20325 type: object 20326 tcpSocket: 20327 description: Deprecated. TCPSocket is NOT supported 20328 as a LifecycleHandler and kept for the backward compatibility. 20329 There are no validation of this field and lifecycle 20330 hooks will fail in runtime when tcp handler is specified. 20331 properties: 20332 host: 20333 description: 'Optional: Host name to connect to, 20334 defaults to the pod IP.' 20335 type: string 20336 port: 20337 anyOf: 20338 - type: integer 20339 - type: string 20340 description: Number or name of the port to access 20341 on the container. Number must be in the range 20342 1 to 65535. Name must be an IANA_SVC_NAME. 20343 x-kubernetes-int-or-string: true 20344 required: 20345 - port 20346 type: object 20347 type: object 20348 preStop: 20349 description: 'PreStop is called immediately before a container 20350 is terminated due to an API request or management event 20351 such as liveness/startup probe failure, preemption, resource 20352 contention, etc. The handler is not called if the container 20353 crashes or exits. The Pod''s termination grace period 20354 countdown begins before the PreStop hook is executed. 20355 Regardless of the outcome of the handler, the container 20356 will eventually terminate within the Pod''s termination 20357 grace period (unless delayed by finalizers). Other management 20358 of the container blocks until the hook completes or until 20359 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 20360 properties: 20361 exec: 20362 description: Exec specifies the action to take. 20363 properties: 20364 command: 20365 description: Command is the command line to execute 20366 inside the container, the working directory for 20367 the command is root ('/') in the container's 20368 filesystem. The command is simply exec'd, it is 20369 not run inside a shell, so traditional shell instructions 20370 ('|', etc) won't work. To use a shell, you need 20371 to explicitly call out to that shell. Exit status 20372 of 0 is treated as live/healthy and non-zero is 20373 unhealthy. 20374 items: 20375 type: string 20376 type: array 20377 type: object 20378 httpGet: 20379 description: HTTPGet specifies the http request to perform. 20380 properties: 20381 host: 20382 description: Host name to connect to, defaults to 20383 the pod IP. You probably want to set "Host" in 20384 httpHeaders instead. 20385 type: string 20386 httpHeaders: 20387 description: Custom headers to set in the request. 20388 HTTP allows repeated headers. 20389 items: 20390 description: HTTPHeader describes a custom header 20391 to be used in HTTP probes 20392 properties: 20393 name: 20394 description: The header field name 20395 type: string 20396 value: 20397 description: The header field value 20398 type: string 20399 required: 20400 - name 20401 - value 20402 type: object 20403 type: array 20404 path: 20405 description: Path to access on the HTTP server. 20406 type: string 20407 port: 20408 anyOf: 20409 - type: integer 20410 - type: string 20411 description: Name or number of the port to access 20412 on the container. Number must be in the range 20413 1 to 65535. Name must be an IANA_SVC_NAME. 20414 x-kubernetes-int-or-string: true 20415 scheme: 20416 description: Scheme to use for connecting to the 20417 host. Defaults to HTTP. 20418 type: string 20419 required: 20420 - port 20421 type: object 20422 tcpSocket: 20423 description: Deprecated. TCPSocket is NOT supported 20424 as a LifecycleHandler and kept for the backward compatibility. 20425 There are no validation of this field and lifecycle 20426 hooks will fail in runtime when tcp handler is specified. 20427 properties: 20428 host: 20429 description: 'Optional: Host name to connect to, 20430 defaults to the pod IP.' 20431 type: string 20432 port: 20433 anyOf: 20434 - type: integer 20435 - type: string 20436 description: Number or name of the port to access 20437 on the container. Number must be in the range 20438 1 to 65535. Name must be an IANA_SVC_NAME. 20439 x-kubernetes-int-or-string: true 20440 required: 20441 - port 20442 type: object 20443 type: object 20444 type: object 20445 livenessProbe: 20446 description: 'Periodic probe of container liveness. Container 20447 will be restarted if the probe fails. Cannot be updated. More 20448 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20449 properties: 20450 exec: 20451 description: Exec specifies the action to take. 20452 properties: 20453 command: 20454 description: Command is the command line to execute 20455 inside the container, the working directory for the 20456 command is root ('/') in the container's filesystem. 20457 The command is simply exec'd, it is not run inside 20458 a shell, so traditional shell instructions ('|', etc) 20459 won't work. To use a shell, you need to explicitly 20460 call out to that shell. Exit status of 0 is treated 20461 as live/healthy and non-zero is unhealthy. 20462 items: 20463 type: string 20464 type: array 20465 type: object 20466 failureThreshold: 20467 description: Minimum consecutive failures for the probe 20468 to be considered failed after having succeeded. Defaults 20469 to 3. Minimum value is 1. 20470 format: int32 20471 type: integer 20472 grpc: 20473 description: GRPC specifies an action involving a GRPC port. 20474 This is an alpha field and requires enabling GRPCContainerProbe 20475 feature gate. 20476 properties: 20477 port: 20478 description: Port number of the gRPC service. Number 20479 must be in the range 1 to 65535. 20480 format: int32 20481 type: integer 20482 service: 20483 description: "Service is the name of the service to 20484 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 20485 \n If this is not specified, the default behavior 20486 is defined by gRPC." 20487 type: string 20488 required: 20489 - port 20490 type: object 20491 httpGet: 20492 description: HTTPGet specifies the http request to perform. 20493 properties: 20494 host: 20495 description: Host name to connect to, defaults to the 20496 pod IP. You probably want to set "Host" in httpHeaders 20497 instead. 20498 type: string 20499 httpHeaders: 20500 description: Custom headers to set in the request. HTTP 20501 allows repeated headers. 20502 items: 20503 description: HTTPHeader describes a custom header 20504 to be used in HTTP probes 20505 properties: 20506 name: 20507 description: The header field name 20508 type: string 20509 value: 20510 description: The header field value 20511 type: string 20512 required: 20513 - name 20514 - value 20515 type: object 20516 type: array 20517 path: 20518 description: Path to access on the HTTP server. 20519 type: string 20520 port: 20521 anyOf: 20522 - type: integer 20523 - type: string 20524 description: Name or number of the port to access on 20525 the container. Number must be in the range 1 to 65535. 20526 Name must be an IANA_SVC_NAME. 20527 x-kubernetes-int-or-string: true 20528 scheme: 20529 description: Scheme to use for connecting to the host. 20530 Defaults to HTTP. 20531 type: string 20532 required: 20533 - port 20534 type: object 20535 initialDelaySeconds: 20536 description: 'Number of seconds after the container has 20537 started before liveness probes are initiated. More info: 20538 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20539 format: int32 20540 type: integer 20541 periodSeconds: 20542 description: How often (in seconds) to perform the probe. 20543 Default to 10 seconds. Minimum value is 1. 20544 format: int32 20545 type: integer 20546 successThreshold: 20547 description: Minimum consecutive successes for the probe 20548 to be considered successful after having failed. Defaults 20549 to 1. Must be 1 for liveness and startup. Minimum value 20550 is 1. 20551 format: int32 20552 type: integer 20553 tcpSocket: 20554 description: TCPSocket specifies an action involving a TCP 20555 port. 20556 properties: 20557 host: 20558 description: 'Optional: Host name to connect to, defaults 20559 to the pod IP.' 20560 type: string 20561 port: 20562 anyOf: 20563 - type: integer 20564 - type: string 20565 description: Number or name of the port to access on 20566 the container. Number must be in the range 1 to 65535. 20567 Name must be an IANA_SVC_NAME. 20568 x-kubernetes-int-or-string: true 20569 required: 20570 - port 20571 type: object 20572 terminationGracePeriodSeconds: 20573 description: Optional duration in seconds the pod needs 20574 to terminate gracefully upon probe failure. The grace 20575 period is the duration in seconds after the processes 20576 running in the pod are sent a termination signal and the 20577 time when the processes are forcibly halted with a kill 20578 signal. Set this value longer than the expected cleanup 20579 time for your process. If this value is nil, the pod's 20580 terminationGracePeriodSeconds will be used. Otherwise, 20581 this value overrides the value provided by the pod spec. 20582 Value must be non-negative integer. The value zero indicates 20583 stop immediately via the kill signal (no opportunity to 20584 shut down). This is a beta field and requires enabling 20585 ProbeTerminationGracePeriod feature gate. Minimum value 20586 is 1. spec.terminationGracePeriodSeconds is used if unset. 20587 format: int64 20588 type: integer 20589 timeoutSeconds: 20590 description: 'Number of seconds after which the probe times 20591 out. Defaults to 1 second. Minimum value is 1. More info: 20592 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20593 format: int32 20594 type: integer 20595 type: object 20596 name: 20597 description: Name of the container specified as a DNS_LABEL. 20598 Each container in a pod must have a unique name (DNS_LABEL). 20599 Cannot be updated. 20600 type: string 20601 ports: 20602 description: List of ports to expose from the container. Exposing 20603 a port here gives the system additional information about 20604 the network connections a container uses, but is primarily 20605 informational. Not specifying a port here DOES NOT prevent 20606 that port from being exposed. Any port which is listening 20607 on the default "0.0.0.0" address inside a container will be 20608 accessible from the network. Cannot be updated. 20609 items: 20610 description: ContainerPort represents a network port in a 20611 single container. 20612 properties: 20613 containerPort: 20614 description: Number of port to expose on the pod's IP 20615 address. This must be a valid port number, 0 < x < 65536. 20616 format: int32 20617 type: integer 20618 hostIP: 20619 description: What host IP to bind the external port to. 20620 type: string 20621 hostPort: 20622 description: Number of port to expose on the host. If 20623 specified, this must be a valid port number, 0 < x < 20624 65536. If HostNetwork is specified, this must match 20625 ContainerPort. Most containers do not need this. 20626 format: int32 20627 type: integer 20628 name: 20629 description: If specified, this must be an IANA_SVC_NAME 20630 and unique within the pod. Each named port in a pod 20631 must have a unique name. Name for the port that can 20632 be referred to by services. 20633 type: string 20634 protocol: 20635 default: TCP 20636 description: Protocol for port. Must be UDP, TCP, or SCTP. 20637 Defaults to "TCP". 20638 type: string 20639 required: 20640 - containerPort 20641 type: object 20642 type: array 20643 x-kubernetes-list-map-keys: 20644 - containerPort 20645 - protocol 20646 x-kubernetes-list-type: map 20647 readinessProbe: 20648 description: 'Periodic probe of container service readiness. 20649 Container will be removed from service endpoints if the probe 20650 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20651 properties: 20652 exec: 20653 description: Exec specifies the action to take. 20654 properties: 20655 command: 20656 description: Command is the command line to execute 20657 inside the container, the working directory for the 20658 command is root ('/') in the container's filesystem. 20659 The command is simply exec'd, it is not run inside 20660 a shell, so traditional shell instructions ('|', etc) 20661 won't work. To use a shell, you need to explicitly 20662 call out to that shell. Exit status of 0 is treated 20663 as live/healthy and non-zero is unhealthy. 20664 items: 20665 type: string 20666 type: array 20667 type: object 20668 failureThreshold: 20669 description: Minimum consecutive failures for the probe 20670 to be considered failed after having succeeded. Defaults 20671 to 3. Minimum value is 1. 20672 format: int32 20673 type: integer 20674 grpc: 20675 description: GRPC specifies an action involving a GRPC port. 20676 This is an alpha field and requires enabling GRPCContainerProbe 20677 feature gate. 20678 properties: 20679 port: 20680 description: Port number of the gRPC service. Number 20681 must be in the range 1 to 65535. 20682 format: int32 20683 type: integer 20684 service: 20685 description: "Service is the name of the service to 20686 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 20687 \n If this is not specified, the default behavior 20688 is defined by gRPC." 20689 type: string 20690 required: 20691 - port 20692 type: object 20693 httpGet: 20694 description: HTTPGet specifies the http request to perform. 20695 properties: 20696 host: 20697 description: Host name to connect to, defaults to the 20698 pod IP. You probably want to set "Host" in httpHeaders 20699 instead. 20700 type: string 20701 httpHeaders: 20702 description: Custom headers to set in the request. HTTP 20703 allows repeated headers. 20704 items: 20705 description: HTTPHeader describes a custom header 20706 to be used in HTTP probes 20707 properties: 20708 name: 20709 description: The header field name 20710 type: string 20711 value: 20712 description: The header field value 20713 type: string 20714 required: 20715 - name 20716 - value 20717 type: object 20718 type: array 20719 path: 20720 description: Path to access on the HTTP server. 20721 type: string 20722 port: 20723 anyOf: 20724 - type: integer 20725 - type: string 20726 description: Name or number of the port to access on 20727 the container. Number must be in the range 1 to 65535. 20728 Name must be an IANA_SVC_NAME. 20729 x-kubernetes-int-or-string: true 20730 scheme: 20731 description: Scheme to use for connecting to the host. 20732 Defaults to HTTP. 20733 type: string 20734 required: 20735 - port 20736 type: object 20737 initialDelaySeconds: 20738 description: 'Number of seconds after the container has 20739 started before liveness probes are initiated. More info: 20740 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20741 format: int32 20742 type: integer 20743 periodSeconds: 20744 description: How often (in seconds) to perform the probe. 20745 Default to 10 seconds. Minimum value is 1. 20746 format: int32 20747 type: integer 20748 successThreshold: 20749 description: Minimum consecutive successes for the probe 20750 to be considered successful after having failed. Defaults 20751 to 1. Must be 1 for liveness and startup. Minimum value 20752 is 1. 20753 format: int32 20754 type: integer 20755 tcpSocket: 20756 description: TCPSocket specifies an action involving a TCP 20757 port. 20758 properties: 20759 host: 20760 description: 'Optional: Host name to connect to, defaults 20761 to the pod IP.' 20762 type: string 20763 port: 20764 anyOf: 20765 - type: integer 20766 - type: string 20767 description: Number or name of the port to access on 20768 the container. Number must be in the range 1 to 65535. 20769 Name must be an IANA_SVC_NAME. 20770 x-kubernetes-int-or-string: true 20771 required: 20772 - port 20773 type: object 20774 terminationGracePeriodSeconds: 20775 description: Optional duration in seconds the pod needs 20776 to terminate gracefully upon probe failure. The grace 20777 period is the duration in seconds after the processes 20778 running in the pod are sent a termination signal and the 20779 time when the processes are forcibly halted with a kill 20780 signal. Set this value longer than the expected cleanup 20781 time for your process. If this value is nil, the pod's 20782 terminationGracePeriodSeconds will be used. Otherwise, 20783 this value overrides the value provided by the pod spec. 20784 Value must be non-negative integer. The value zero indicates 20785 stop immediately via the kill signal (no opportunity to 20786 shut down). This is a beta field and requires enabling 20787 ProbeTerminationGracePeriod feature gate. Minimum value 20788 is 1. spec.terminationGracePeriodSeconds is used if unset. 20789 format: int64 20790 type: integer 20791 timeoutSeconds: 20792 description: 'Number of seconds after which the probe times 20793 out. Defaults to 1 second. Minimum value is 1. More info: 20794 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20795 format: int32 20796 type: integer 20797 type: object 20798 resources: 20799 description: 'Compute Resources required by this container. 20800 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20801 properties: 20802 limits: 20803 additionalProperties: 20804 anyOf: 20805 - type: integer 20806 - type: string 20807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20808 x-kubernetes-int-or-string: true 20809 description: 'Limits describes the maximum amount of compute 20810 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20811 type: object 20812 requests: 20813 additionalProperties: 20814 anyOf: 20815 - type: integer 20816 - type: string 20817 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20818 x-kubernetes-int-or-string: true 20819 description: 'Requests describes the minimum amount of compute 20820 resources required. If Requests is omitted for a container, 20821 it defaults to Limits if that is explicitly specified, 20822 otherwise to an implementation-defined value. More info: 20823 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20824 type: object 20825 type: object 20826 securityContext: 20827 description: 'SecurityContext defines the security options the 20828 container should be run with. If set, the fields of SecurityContext 20829 override the equivalent fields of PodSecurityContext. More 20830 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 20831 properties: 20832 allowPrivilegeEscalation: 20833 description: 'AllowPrivilegeEscalation controls whether 20834 a process can gain more privileges than its parent process. 20835 This bool directly controls if the no_new_privs flag will 20836 be set on the container process. AllowPrivilegeEscalation 20837 is true always when the container is: 1) run as Privileged 20838 2) has CAP_SYS_ADMIN Note that this field cannot be set 20839 when spec.os.name is windows.' 20840 type: boolean 20841 capabilities: 20842 description: The capabilities to add/drop when running containers. 20843 Defaults to the default set of capabilities granted by 20844 the container runtime. Note that this field cannot be 20845 set when spec.os.name is windows. 20846 properties: 20847 add: 20848 description: Added capabilities 20849 items: 20850 description: Capability represent POSIX capabilities 20851 type 20852 type: string 20853 type: array 20854 drop: 20855 description: Removed capabilities 20856 items: 20857 description: Capability represent POSIX capabilities 20858 type 20859 type: string 20860 type: array 20861 type: object 20862 privileged: 20863 description: Run container in privileged mode. Processes 20864 in privileged containers are essentially equivalent to 20865 root on the host. Defaults to false. Note that this field 20866 cannot be set when spec.os.name is windows. 20867 type: boolean 20868 procMount: 20869 description: procMount denotes the type of proc mount to 20870 use for the containers. The default is DefaultProcMount 20871 which uses the container runtime defaults for readonly 20872 paths and masked paths. This requires the ProcMountType 20873 feature flag to be enabled. Note that this field cannot 20874 be set when spec.os.name is windows. 20875 type: string 20876 readOnlyRootFilesystem: 20877 description: Whether this container has a read-only root 20878 filesystem. Default is false. Note that this field cannot 20879 be set when spec.os.name is windows. 20880 type: boolean 20881 runAsGroup: 20882 description: The GID to run the entrypoint of the container 20883 process. Uses runtime default if unset. May also be set 20884 in PodSecurityContext. If set in both SecurityContext 20885 and PodSecurityContext, the value specified in SecurityContext 20886 takes precedence. Note that this field cannot be set when 20887 spec.os.name is windows. 20888 format: int64 20889 type: integer 20890 runAsNonRoot: 20891 description: Indicates that the container must run as a 20892 non-root user. If true, the Kubelet will validate the 20893 image at runtime to ensure that it does not run as UID 20894 0 (root) and fail to start the container if it does. If 20895 unset or false, no such validation will be performed. 20896 May also be set in PodSecurityContext. If set in both 20897 SecurityContext and PodSecurityContext, the value specified 20898 in SecurityContext takes precedence. 20899 type: boolean 20900 runAsUser: 20901 description: The UID to run the entrypoint of the container 20902 process. Defaults to user specified in image metadata 20903 if unspecified. May also be set in PodSecurityContext. If 20904 set in both SecurityContext and PodSecurityContext, the 20905 value specified in SecurityContext takes precedence. Note 20906 that this field cannot be set when spec.os.name is windows. 20907 format: int64 20908 type: integer 20909 seLinuxOptions: 20910 description: The SELinux context to be applied to the container. 20911 If unspecified, the container runtime will allocate a 20912 random SELinux context for each container. May also be 20913 set in PodSecurityContext. If set in both SecurityContext 20914 and PodSecurityContext, the value specified in SecurityContext 20915 takes precedence. Note that this field cannot be set when 20916 spec.os.name is windows. 20917 properties: 20918 level: 20919 description: Level is SELinux level label that applies 20920 to the container. 20921 type: string 20922 role: 20923 description: Role is a SELinux role label that applies 20924 to the container. 20925 type: string 20926 type: 20927 description: Type is a SELinux type label that applies 20928 to the container. 20929 type: string 20930 user: 20931 description: User is a SELinux user label that applies 20932 to the container. 20933 type: string 20934 type: object 20935 seccompProfile: 20936 description: The seccomp options to use by this container. 20937 If seccomp options are provided at both the pod & container 20938 level, the container options override the pod options. 20939 Note that this field cannot be set when spec.os.name is 20940 windows. 20941 properties: 20942 localhostProfile: 20943 description: localhostProfile indicates a profile defined 20944 in a file on the node should be used. The profile 20945 must be preconfigured on the node to work. Must be 20946 a descending path, relative to the kubelet's configured 20947 seccomp profile location. Must only be set if type 20948 is "Localhost". 20949 type: string 20950 type: 20951 description: "type indicates which kind of seccomp profile 20952 will be applied. Valid options are: \n Localhost - 20953 a profile defined in a file on the node should be 20954 used. RuntimeDefault - the container runtime default 20955 profile should be used. Unconfined - no profile should 20956 be applied." 20957 type: string 20958 required: 20959 - type 20960 type: object 20961 windowsOptions: 20962 description: The Windows specific settings applied to all 20963 containers. If unspecified, the options from the PodSecurityContext 20964 will be used. If set in both SecurityContext and PodSecurityContext, 20965 the value specified in SecurityContext takes precedence. 20966 Note that this field cannot be set when spec.os.name is 20967 linux. 20968 properties: 20969 gmsaCredentialSpec: 20970 description: GMSACredentialSpec is where the GMSA admission 20971 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 20972 inlines the contents of the GMSA credential spec named 20973 by the GMSACredentialSpecName field. 20974 type: string 20975 gmsaCredentialSpecName: 20976 description: GMSACredentialSpecName is the name of the 20977 GMSA credential spec to use. 20978 type: string 20979 hostProcess: 20980 description: HostProcess determines if a container should 20981 be run as a 'Host Process' container. This field is 20982 alpha-level and will only be honored by components 20983 that enable the WindowsHostProcessContainers feature 20984 flag. Setting this field without the feature flag 20985 will result in errors when validating the Pod. All 20986 of a Pod's containers must have the same effective 20987 HostProcess value (it is not allowed to have a mix 20988 of HostProcess containers and non-HostProcess containers). In 20989 addition, if HostProcess is true then HostNetwork 20990 must also be set to true. 20991 type: boolean 20992 runAsUserName: 20993 description: The UserName in Windows to run the entrypoint 20994 of the container process. Defaults to the user specified 20995 in image metadata if unspecified. May also be set 20996 in PodSecurityContext. If set in both SecurityContext 20997 and PodSecurityContext, the value specified in SecurityContext 20998 takes precedence. 20999 type: string 21000 type: object 21001 type: object 21002 startupProbe: 21003 description: 'StartupProbe indicates that the Pod has successfully 21004 initialized. If specified, no other probes are executed until 21005 this completes successfully. If this probe fails, the Pod 21006 will be restarted, just as if the livenessProbe failed. This 21007 can be used to provide different probe parameters at the beginning 21008 of a Pod''s lifecycle, when it might take a long time to load 21009 data or warm a cache, than during steady-state operation. 21010 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21011 properties: 21012 exec: 21013 description: Exec specifies the action to take. 21014 properties: 21015 command: 21016 description: Command is the command line to execute 21017 inside the container, the working directory for the 21018 command is root ('/') in the container's filesystem. 21019 The command is simply exec'd, it is not run inside 21020 a shell, so traditional shell instructions ('|', etc) 21021 won't work. To use a shell, you need to explicitly 21022 call out to that shell. Exit status of 0 is treated 21023 as live/healthy and non-zero is unhealthy. 21024 items: 21025 type: string 21026 type: array 21027 type: object 21028 failureThreshold: 21029 description: Minimum consecutive failures for the probe 21030 to be considered failed after having succeeded. Defaults 21031 to 3. Minimum value is 1. 21032 format: int32 21033 type: integer 21034 grpc: 21035 description: GRPC specifies an action involving a GRPC port. 21036 This is an alpha field and requires enabling GRPCContainerProbe 21037 feature gate. 21038 properties: 21039 port: 21040 description: Port number of the gRPC service. Number 21041 must be in the range 1 to 65535. 21042 format: int32 21043 type: integer 21044 service: 21045 description: "Service is the name of the service to 21046 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 21047 \n If this is not specified, the default behavior 21048 is defined by gRPC." 21049 type: string 21050 required: 21051 - port 21052 type: object 21053 httpGet: 21054 description: HTTPGet specifies the http request to perform. 21055 properties: 21056 host: 21057 description: Host name to connect to, defaults to the 21058 pod IP. You probably want to set "Host" in httpHeaders 21059 instead. 21060 type: string 21061 httpHeaders: 21062 description: Custom headers to set in the request. HTTP 21063 allows repeated headers. 21064 items: 21065 description: HTTPHeader describes a custom header 21066 to be used in HTTP probes 21067 properties: 21068 name: 21069 description: The header field name 21070 type: string 21071 value: 21072 description: The header field value 21073 type: string 21074 required: 21075 - name 21076 - value 21077 type: object 21078 type: array 21079 path: 21080 description: Path to access on the HTTP server. 21081 type: string 21082 port: 21083 anyOf: 21084 - type: integer 21085 - type: string 21086 description: Name or number of the port to access on 21087 the container. Number must be in the range 1 to 65535. 21088 Name must be an IANA_SVC_NAME. 21089 x-kubernetes-int-or-string: true 21090 scheme: 21091 description: Scheme to use for connecting to the host. 21092 Defaults to HTTP. 21093 type: string 21094 required: 21095 - port 21096 type: object 21097 initialDelaySeconds: 21098 description: 'Number of seconds after the container has 21099 started before liveness probes are initiated. More info: 21100 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21101 format: int32 21102 type: integer 21103 periodSeconds: 21104 description: How often (in seconds) to perform the probe. 21105 Default to 10 seconds. Minimum value is 1. 21106 format: int32 21107 type: integer 21108 successThreshold: 21109 description: Minimum consecutive successes for the probe 21110 to be considered successful after having failed. Defaults 21111 to 1. Must be 1 for liveness and startup. Minimum value 21112 is 1. 21113 format: int32 21114 type: integer 21115 tcpSocket: 21116 description: TCPSocket specifies an action involving a TCP 21117 port. 21118 properties: 21119 host: 21120 description: 'Optional: Host name to connect to, defaults 21121 to the pod IP.' 21122 type: string 21123 port: 21124 anyOf: 21125 - type: integer 21126 - type: string 21127 description: Number or name of the port to access on 21128 the container. Number must be in the range 1 to 65535. 21129 Name must be an IANA_SVC_NAME. 21130 x-kubernetes-int-or-string: true 21131 required: 21132 - port 21133 type: object 21134 terminationGracePeriodSeconds: 21135 description: Optional duration in seconds the pod needs 21136 to terminate gracefully upon probe failure. The grace 21137 period is the duration in seconds after the processes 21138 running in the pod are sent a termination signal and the 21139 time when the processes are forcibly halted with a kill 21140 signal. Set this value longer than the expected cleanup 21141 time for your process. If this value is nil, the pod's 21142 terminationGracePeriodSeconds will be used. Otherwise, 21143 this value overrides the value provided by the pod spec. 21144 Value must be non-negative integer. The value zero indicates 21145 stop immediately via the kill signal (no opportunity to 21146 shut down). This is a beta field and requires enabling 21147 ProbeTerminationGracePeriod feature gate. Minimum value 21148 is 1. spec.terminationGracePeriodSeconds is used if unset. 21149 format: int64 21150 type: integer 21151 timeoutSeconds: 21152 description: 'Number of seconds after which the probe times 21153 out. Defaults to 1 second. Minimum value is 1. More info: 21154 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21155 format: int32 21156 type: integer 21157 type: object 21158 stdin: 21159 description: Whether this container should allocate a buffer 21160 for stdin in the container runtime. If this is not set, reads 21161 from stdin in the container will always result in EOF. Default 21162 is false. 21163 type: boolean 21164 stdinOnce: 21165 description: Whether the container runtime should close the 21166 stdin channel after it has been opened by a single attach. 21167 When stdin is true the stdin stream will remain open across 21168 multiple attach sessions. If stdinOnce is set to true, stdin 21169 is opened on container start, is empty until the first client 21170 attaches to stdin, and then remains open and accepts data 21171 until the client disconnects, at which time stdin is closed 21172 and remains closed until the container is restarted. If this 21173 flag is false, a container processes that reads from stdin 21174 will never receive an EOF. Default is false 21175 type: boolean 21176 terminationMessagePath: 21177 description: 'Optional: Path at which the file to which the 21178 container''s termination message will be written is mounted 21179 into the container''s filesystem. Message written is intended 21180 to be brief final status, such as an assertion failure message. 21181 Will be truncated by the node if greater than 4096 bytes. 21182 The total message length across all containers will be limited 21183 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 21184 type: string 21185 terminationMessagePolicy: 21186 description: Indicate how the termination message should be 21187 populated. File will use the contents of terminationMessagePath 21188 to populate the container status message on both success and 21189 failure. FallbackToLogsOnError will use the last chunk of 21190 container log output if the termination message file is empty 21191 and the container exited with an error. The log output is 21192 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 21193 to File. Cannot be updated. 21194 type: string 21195 tty: 21196 description: Whether this container should allocate a TTY for 21197 itself, also requires 'stdin' to be true. Default is false. 21198 type: boolean 21199 volumeDevices: 21200 description: volumeDevices is the list of block devices to be 21201 used by the container. 21202 items: 21203 description: volumeDevice describes a mapping of a raw block 21204 device within a container. 21205 properties: 21206 devicePath: 21207 description: devicePath is the path inside of the container 21208 that the device will be mapped to. 21209 type: string 21210 name: 21211 description: name must match the name of a persistentVolumeClaim 21212 in the pod 21213 type: string 21214 required: 21215 - devicePath 21216 - name 21217 type: object 21218 type: array 21219 volumeMounts: 21220 description: Pod volumes to mount into the container's filesystem. 21221 Cannot be updated. 21222 items: 21223 description: VolumeMount describes a mounting of a Volume 21224 within a container. 21225 properties: 21226 mountPath: 21227 description: Path within the container at which the volume 21228 should be mounted. Must not contain ':'. 21229 type: string 21230 mountPropagation: 21231 description: mountPropagation determines how mounts are 21232 propagated from the host to container and the other 21233 way around. When not set, MountPropagationNone is used. 21234 This field is beta in 1.10. 21235 type: string 21236 name: 21237 description: This must match the Name of a Volume. 21238 type: string 21239 readOnly: 21240 description: Mounted read-only if true, read-write otherwise 21241 (false or unspecified). Defaults to false. 21242 type: boolean 21243 subPath: 21244 description: Path within the volume from which the container's 21245 volume should be mounted. Defaults to "" (volume's root). 21246 type: string 21247 subPathExpr: 21248 description: Expanded path within the volume from which 21249 the container's volume should be mounted. Behaves similarly 21250 to SubPath but environment variable references $(VAR_NAME) 21251 are expanded using the container's environment. Defaults 21252 to "" (volume's root). SubPathExpr and SubPath are mutually 21253 exclusive. 21254 type: string 21255 required: 21256 - mountPath 21257 - name 21258 type: object 21259 type: array 21260 workingDir: 21261 description: Container's working directory. If not specified, 21262 the container runtime's default will be used, which might 21263 be configured in the container image. Cannot be updated. 21264 type: string 21265 required: 21266 - name 21267 type: object 21268 type: array 21269 enforcedNamespaceLabel: 21270 description: EnforcedNamespaceLabel enforces adding a namespace label 21271 of origin for each alert and metric that is user created. The label 21272 value will always be the namespace of the object that is being created. 21273 type: string 21274 evaluationInterval: 21275 description: Interval between consecutive evaluations. 21276 type: string 21277 externalPrefix: 21278 description: The external URL the Thanos Ruler instances will be available 21279 under. This is necessary to generate correct URLs. This is necessary 21280 if Thanos Ruler is not served from root of a DNS name. 21281 type: string 21282 grpcServerTlsConfig: 21283 description: 'GRPCServerTLSConfig configures the gRPC server from 21284 which Thanos Querier reads recorded rule data. Note: Currently only 21285 the CAFile, CertFile, and KeyFile fields are supported. Maps to 21286 the ''--grpc-server-tls-*'' CLI args.' 21287 properties: 21288 ca: 21289 description: Struct containing the CA cert to use for the targets. 21290 properties: 21291 configMap: 21292 description: ConfigMap containing data to use for the targets. 21293 properties: 21294 key: 21295 description: The key to select. 21296 type: string 21297 name: 21298 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21299 TODO: Add other useful fields. apiVersion, kind, uid?' 21300 type: string 21301 optional: 21302 description: Specify whether the ConfigMap or its key 21303 must be defined 21304 type: boolean 21305 required: 21306 - key 21307 type: object 21308 secret: 21309 description: Secret containing data to use for the targets. 21310 properties: 21311 key: 21312 description: The key of the secret to select from. Must 21313 be a valid secret key. 21314 type: string 21315 name: 21316 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21317 TODO: Add other useful fields. apiVersion, kind, uid?' 21318 type: string 21319 optional: 21320 description: Specify whether the Secret or its key must 21321 be defined 21322 type: boolean 21323 required: 21324 - key 21325 type: object 21326 type: object 21327 caFile: 21328 description: Path to the CA cert in the Prometheus container to 21329 use for the targets. 21330 type: string 21331 cert: 21332 description: Struct containing the client cert file for the targets. 21333 properties: 21334 configMap: 21335 description: ConfigMap containing data to use for the targets. 21336 properties: 21337 key: 21338 description: The key to select. 21339 type: string 21340 name: 21341 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21342 TODO: Add other useful fields. apiVersion, kind, uid?' 21343 type: string 21344 optional: 21345 description: Specify whether the ConfigMap or its key 21346 must be defined 21347 type: boolean 21348 required: 21349 - key 21350 type: object 21351 secret: 21352 description: Secret containing data to use for the targets. 21353 properties: 21354 key: 21355 description: The key of the secret to select from. Must 21356 be a valid secret key. 21357 type: string 21358 name: 21359 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21360 TODO: Add other useful fields. apiVersion, kind, uid?' 21361 type: string 21362 optional: 21363 description: Specify whether the Secret or its key must 21364 be defined 21365 type: boolean 21366 required: 21367 - key 21368 type: object 21369 type: object 21370 certFile: 21371 description: Path to the client cert file in the Prometheus container 21372 for the targets. 21373 type: string 21374 insecureSkipVerify: 21375 description: Disable target certificate validation. 21376 type: boolean 21377 keyFile: 21378 description: Path to the client key file in the Prometheus container 21379 for the targets. 21380 type: string 21381 keySecret: 21382 description: Secret containing the client key file for the targets. 21383 properties: 21384 key: 21385 description: The key of the secret to select from. Must be 21386 a valid secret key. 21387 type: string 21388 name: 21389 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21390 TODO: Add other useful fields. apiVersion, kind, uid?' 21391 type: string 21392 optional: 21393 description: Specify whether the Secret or its key must be 21394 defined 21395 type: boolean 21396 required: 21397 - key 21398 type: object 21399 serverName: 21400 description: Used to verify the hostname for the targets. 21401 type: string 21402 type: object 21403 image: 21404 description: Thanos container image URL. 21405 type: string 21406 imagePullSecrets: 21407 description: An optional list of references to secrets in the same 21408 namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 21409 items: 21410 description: LocalObjectReference contains enough information to 21411 let you locate the referenced object inside the same namespace. 21412 properties: 21413 name: 21414 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21415 TODO: Add other useful fields. apiVersion, kind, uid?' 21416 type: string 21417 type: object 21418 type: array 21419 initContainers: 21420 description: 'InitContainers allows adding initContainers to the pod 21421 definition. Those can be used to e.g. fetch secrets for injection 21422 into the ThanosRuler configuration from external sources. Any errors 21423 during the execution of an initContainer will lead to a restart 21424 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 21425 Using initContainers for any use case other then secret fetching 21426 is entirely outside the scope of what the maintainers will support 21427 and by doing so, you accept that this behaviour may break at any 21428 time without notice.' 21429 items: 21430 description: A single application container that you want to run 21431 within a pod. 21432 properties: 21433 args: 21434 description: 'Arguments to the entrypoint. The docker image''s 21435 CMD is used if this is not provided. Variable references $(VAR_NAME) 21436 are expanded using the container''s environment. If a variable 21437 cannot be resolved, the reference in the input string will 21438 be unchanged. Double $$ are reduced to a single $, which allows 21439 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 21440 produce the string literal "$(VAR_NAME)". Escaped references 21441 will never be expanded, regardless of whether the variable 21442 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 21443 items: 21444 type: string 21445 type: array 21446 command: 21447 description: 'Entrypoint array. Not executed within a shell. 21448 The docker image''s ENTRYPOINT is used if this is not provided. 21449 Variable references $(VAR_NAME) are expanded using the container''s 21450 environment. If a variable cannot be resolved, the reference 21451 in the input string will be unchanged. Double $$ are reduced 21452 to a single $, which allows for escaping the $(VAR_NAME) syntax: 21453 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 21454 Escaped references will never be expanded, regardless of whether 21455 the variable exists or not. Cannot be updated. More info: 21456 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 21457 items: 21458 type: string 21459 type: array 21460 env: 21461 description: List of environment variables to set in the container. 21462 Cannot be updated. 21463 items: 21464 description: EnvVar represents an environment variable present 21465 in a Container. 21466 properties: 21467 name: 21468 description: Name of the environment variable. Must be 21469 a C_IDENTIFIER. 21470 type: string 21471 value: 21472 description: 'Variable references $(VAR_NAME) are expanded 21473 using the previously defined environment variables in 21474 the container and any service environment variables. 21475 If a variable cannot be resolved, the reference in the 21476 input string will be unchanged. Double $$ are reduced 21477 to a single $, which allows for escaping the $(VAR_NAME) 21478 syntax: i.e. "$$(VAR_NAME)" will produce the string 21479 literal "$(VAR_NAME)". Escaped references will never 21480 be expanded, regardless of whether the variable exists 21481 or not. Defaults to "".' 21482 type: string 21483 valueFrom: 21484 description: Source for the environment variable's value. 21485 Cannot be used if value is not empty. 21486 properties: 21487 configMapKeyRef: 21488 description: Selects a key of a ConfigMap. 21489 properties: 21490 key: 21491 description: The key to select. 21492 type: string 21493 name: 21494 description: 'Name of the referent. More info: 21495 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21496 TODO: Add other useful fields. apiVersion, kind, 21497 uid?' 21498 type: string 21499 optional: 21500 description: Specify whether the ConfigMap or 21501 its key must be defined 21502 type: boolean 21503 required: 21504 - key 21505 type: object 21506 fieldRef: 21507 description: 'Selects a field of the pod: supports 21508 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 21509 `metadata.annotations[''<KEY>'']`, spec.nodeName, 21510 spec.serviceAccountName, status.hostIP, status.podIP, 21511 status.podIPs.' 21512 properties: 21513 apiVersion: 21514 description: Version of the schema the FieldPath 21515 is written in terms of, defaults to "v1". 21516 type: string 21517 fieldPath: 21518 description: Path of the field to select in the 21519 specified API version. 21520 type: string 21521 required: 21522 - fieldPath 21523 type: object 21524 resourceFieldRef: 21525 description: 'Selects a resource of the container: 21526 only resources limits and requests (limits.cpu, 21527 limits.memory, limits.ephemeral-storage, requests.cpu, 21528 requests.memory and requests.ephemeral-storage) 21529 are currently supported.' 21530 properties: 21531 containerName: 21532 description: 'Container name: required for volumes, 21533 optional for env vars' 21534 type: string 21535 divisor: 21536 anyOf: 21537 - type: integer 21538 - type: string 21539 description: Specifies the output format of the 21540 exposed resources, defaults to "1" 21541 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 21542 x-kubernetes-int-or-string: true 21543 resource: 21544 description: 'Required: resource to select' 21545 type: string 21546 required: 21547 - resource 21548 type: object 21549 secretKeyRef: 21550 description: Selects a key of a secret in the pod's 21551 namespace 21552 properties: 21553 key: 21554 description: The key of the secret to select from. Must 21555 be a valid secret key. 21556 type: string 21557 name: 21558 description: 'Name of the referent. More info: 21559 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21560 TODO: Add other useful fields. apiVersion, kind, 21561 uid?' 21562 type: string 21563 optional: 21564 description: Specify whether the Secret or its 21565 key must be defined 21566 type: boolean 21567 required: 21568 - key 21569 type: object 21570 type: object 21571 required: 21572 - name 21573 type: object 21574 type: array 21575 envFrom: 21576 description: List of sources to populate environment variables 21577 in the container. The keys defined within a source must be 21578 a C_IDENTIFIER. All invalid keys will be reported as an event 21579 when the container is starting. When a key exists in multiple 21580 sources, the value associated with the last source will take 21581 precedence. Values defined by an Env with a duplicate key 21582 will take precedence. Cannot be updated. 21583 items: 21584 description: EnvFromSource represents the source of a set 21585 of ConfigMaps 21586 properties: 21587 configMapRef: 21588 description: The ConfigMap to select from 21589 properties: 21590 name: 21591 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21592 TODO: Add other useful fields. apiVersion, kind, 21593 uid?' 21594 type: string 21595 optional: 21596 description: Specify whether the ConfigMap must be 21597 defined 21598 type: boolean 21599 type: object 21600 prefix: 21601 description: An optional identifier to prepend to each 21602 key in the ConfigMap. Must be a C_IDENTIFIER. 21603 type: string 21604 secretRef: 21605 description: The Secret to select from 21606 properties: 21607 name: 21608 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21609 TODO: Add other useful fields. apiVersion, kind, 21610 uid?' 21611 type: string 21612 optional: 21613 description: Specify whether the Secret must be defined 21614 type: boolean 21615 type: object 21616 type: object 21617 type: array 21618 image: 21619 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21620 This field is optional to allow higher level config management 21621 to default or override container images in workload controllers 21622 like Deployments and StatefulSets.' 21623 type: string 21624 imagePullPolicy: 21625 description: 'Image pull policy. One of Always, Never, IfNotPresent. 21626 Defaults to Always if :latest tag is specified, or IfNotPresent 21627 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 21628 type: string 21629 lifecycle: 21630 description: Actions that the management system should take 21631 in response to container lifecycle events. Cannot be updated. 21632 properties: 21633 postStart: 21634 description: 'PostStart is called immediately after a container 21635 is created. If the handler fails, the container is terminated 21636 and restarted according to its restart policy. Other management 21637 of the container blocks until the hook completes. More 21638 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 21639 properties: 21640 exec: 21641 description: Exec specifies the action to take. 21642 properties: 21643 command: 21644 description: Command is the command line to execute 21645 inside the container, the working directory for 21646 the command is root ('/') in the container's 21647 filesystem. The command is simply exec'd, it is 21648 not run inside a shell, so traditional shell instructions 21649 ('|', etc) won't work. To use a shell, you need 21650 to explicitly call out to that shell. Exit status 21651 of 0 is treated as live/healthy and non-zero is 21652 unhealthy. 21653 items: 21654 type: string 21655 type: array 21656 type: object 21657 httpGet: 21658 description: HTTPGet specifies the http request to perform. 21659 properties: 21660 host: 21661 description: Host name to connect to, defaults to 21662 the pod IP. You probably want to set "Host" in 21663 httpHeaders instead. 21664 type: string 21665 httpHeaders: 21666 description: Custom headers to set in the request. 21667 HTTP allows repeated headers. 21668 items: 21669 description: HTTPHeader describes a custom header 21670 to be used in HTTP probes 21671 properties: 21672 name: 21673 description: The header field name 21674 type: string 21675 value: 21676 description: The header field value 21677 type: string 21678 required: 21679 - name 21680 - value 21681 type: object 21682 type: array 21683 path: 21684 description: Path to access on the HTTP server. 21685 type: string 21686 port: 21687 anyOf: 21688 - type: integer 21689 - type: string 21690 description: Name or number of the port to access 21691 on the container. Number must be in the range 21692 1 to 65535. Name must be an IANA_SVC_NAME. 21693 x-kubernetes-int-or-string: true 21694 scheme: 21695 description: Scheme to use for connecting to the 21696 host. Defaults to HTTP. 21697 type: string 21698 required: 21699 - port 21700 type: object 21701 tcpSocket: 21702 description: Deprecated. TCPSocket is NOT supported 21703 as a LifecycleHandler and kept for the backward compatibility. 21704 There are no validation of this field and lifecycle 21705 hooks will fail in runtime when tcp handler is specified. 21706 properties: 21707 host: 21708 description: 'Optional: Host name to connect to, 21709 defaults to the pod IP.' 21710 type: string 21711 port: 21712 anyOf: 21713 - type: integer 21714 - type: string 21715 description: Number or name of the port to access 21716 on the container. Number must be in the range 21717 1 to 65535. Name must be an IANA_SVC_NAME. 21718 x-kubernetes-int-or-string: true 21719 required: 21720 - port 21721 type: object 21722 type: object 21723 preStop: 21724 description: 'PreStop is called immediately before a container 21725 is terminated due to an API request or management event 21726 such as liveness/startup probe failure, preemption, resource 21727 contention, etc. The handler is not called if the container 21728 crashes or exits. The Pod''s termination grace period 21729 countdown begins before the PreStop hook is executed. 21730 Regardless of the outcome of the handler, the container 21731 will eventually terminate within the Pod''s termination 21732 grace period (unless delayed by finalizers). Other management 21733 of the container blocks until the hook completes or until 21734 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 21735 properties: 21736 exec: 21737 description: Exec specifies the action to take. 21738 properties: 21739 command: 21740 description: Command is the command line to execute 21741 inside the container, the working directory for 21742 the command is root ('/') in the container's 21743 filesystem. The command is simply exec'd, it is 21744 not run inside a shell, so traditional shell instructions 21745 ('|', etc) won't work. To use a shell, you need 21746 to explicitly call out to that shell. Exit status 21747 of 0 is treated as live/healthy and non-zero is 21748 unhealthy. 21749 items: 21750 type: string 21751 type: array 21752 type: object 21753 httpGet: 21754 description: HTTPGet specifies the http request to perform. 21755 properties: 21756 host: 21757 description: Host name to connect to, defaults to 21758 the pod IP. You probably want to set "Host" in 21759 httpHeaders instead. 21760 type: string 21761 httpHeaders: 21762 description: Custom headers to set in the request. 21763 HTTP allows repeated headers. 21764 items: 21765 description: HTTPHeader describes a custom header 21766 to be used in HTTP probes 21767 properties: 21768 name: 21769 description: The header field name 21770 type: string 21771 value: 21772 description: The header field value 21773 type: string 21774 required: 21775 - name 21776 - value 21777 type: object 21778 type: array 21779 path: 21780 description: Path to access on the HTTP server. 21781 type: string 21782 port: 21783 anyOf: 21784 - type: integer 21785 - type: string 21786 description: Name or number of the port to access 21787 on the container. Number must be in the range 21788 1 to 65535. Name must be an IANA_SVC_NAME. 21789 x-kubernetes-int-or-string: true 21790 scheme: 21791 description: Scheme to use for connecting to the 21792 host. Defaults to HTTP. 21793 type: string 21794 required: 21795 - port 21796 type: object 21797 tcpSocket: 21798 description: Deprecated. TCPSocket is NOT supported 21799 as a LifecycleHandler and kept for the backward compatibility. 21800 There are no validation of this field and lifecycle 21801 hooks will fail in runtime when tcp handler is specified. 21802 properties: 21803 host: 21804 description: 'Optional: Host name to connect to, 21805 defaults to the pod IP.' 21806 type: string 21807 port: 21808 anyOf: 21809 - type: integer 21810 - type: string 21811 description: Number or name of the port to access 21812 on the container. Number must be in the range 21813 1 to 65535. Name must be an IANA_SVC_NAME. 21814 x-kubernetes-int-or-string: true 21815 required: 21816 - port 21817 type: object 21818 type: object 21819 type: object 21820 livenessProbe: 21821 description: 'Periodic probe of container liveness. Container 21822 will be restarted if the probe fails. Cannot be updated. More 21823 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21824 properties: 21825 exec: 21826 description: Exec specifies the action to take. 21827 properties: 21828 command: 21829 description: Command is the command line to execute 21830 inside the container, the working directory for the 21831 command is root ('/') in the container's filesystem. 21832 The command is simply exec'd, it is not run inside 21833 a shell, so traditional shell instructions ('|', etc) 21834 won't work. To use a shell, you need to explicitly 21835 call out to that shell. Exit status of 0 is treated 21836 as live/healthy and non-zero is unhealthy. 21837 items: 21838 type: string 21839 type: array 21840 type: object 21841 failureThreshold: 21842 description: Minimum consecutive failures for the probe 21843 to be considered failed after having succeeded. Defaults 21844 to 3. Minimum value is 1. 21845 format: int32 21846 type: integer 21847 grpc: 21848 description: GRPC specifies an action involving a GRPC port. 21849 This is an alpha field and requires enabling GRPCContainerProbe 21850 feature gate. 21851 properties: 21852 port: 21853 description: Port number of the gRPC service. Number 21854 must be in the range 1 to 65535. 21855 format: int32 21856 type: integer 21857 service: 21858 description: "Service is the name of the service to 21859 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 21860 \n If this is not specified, the default behavior 21861 is defined by gRPC." 21862 type: string 21863 required: 21864 - port 21865 type: object 21866 httpGet: 21867 description: HTTPGet specifies the http request to perform. 21868 properties: 21869 host: 21870 description: Host name to connect to, defaults to the 21871 pod IP. You probably want to set "Host" in httpHeaders 21872 instead. 21873 type: string 21874 httpHeaders: 21875 description: Custom headers to set in the request. HTTP 21876 allows repeated headers. 21877 items: 21878 description: HTTPHeader describes a custom header 21879 to be used in HTTP probes 21880 properties: 21881 name: 21882 description: The header field name 21883 type: string 21884 value: 21885 description: The header field value 21886 type: string 21887 required: 21888 - name 21889 - value 21890 type: object 21891 type: array 21892 path: 21893 description: Path to access on the HTTP server. 21894 type: string 21895 port: 21896 anyOf: 21897 - type: integer 21898 - type: string 21899 description: Name or number of the port to access on 21900 the container. Number must be in the range 1 to 65535. 21901 Name must be an IANA_SVC_NAME. 21902 x-kubernetes-int-or-string: true 21903 scheme: 21904 description: Scheme to use for connecting to the host. 21905 Defaults to HTTP. 21906 type: string 21907 required: 21908 - port 21909 type: object 21910 initialDelaySeconds: 21911 description: 'Number of seconds after the container has 21912 started before liveness probes are initiated. More info: 21913 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21914 format: int32 21915 type: integer 21916 periodSeconds: 21917 description: How often (in seconds) to perform the probe. 21918 Default to 10 seconds. Minimum value is 1. 21919 format: int32 21920 type: integer 21921 successThreshold: 21922 description: Minimum consecutive successes for the probe 21923 to be considered successful after having failed. Defaults 21924 to 1. Must be 1 for liveness and startup. Minimum value 21925 is 1. 21926 format: int32 21927 type: integer 21928 tcpSocket: 21929 description: TCPSocket specifies an action involving a TCP 21930 port. 21931 properties: 21932 host: 21933 description: 'Optional: Host name to connect to, defaults 21934 to the pod IP.' 21935 type: string 21936 port: 21937 anyOf: 21938 - type: integer 21939 - type: string 21940 description: Number or name of the port to access on 21941 the container. Number must be in the range 1 to 65535. 21942 Name must be an IANA_SVC_NAME. 21943 x-kubernetes-int-or-string: true 21944 required: 21945 - port 21946 type: object 21947 terminationGracePeriodSeconds: 21948 description: Optional duration in seconds the pod needs 21949 to terminate gracefully upon probe failure. The grace 21950 period is the duration in seconds after the processes 21951 running in the pod are sent a termination signal and the 21952 time when the processes are forcibly halted with a kill 21953 signal. Set this value longer than the expected cleanup 21954 time for your process. If this value is nil, the pod's 21955 terminationGracePeriodSeconds will be used. Otherwise, 21956 this value overrides the value provided by the pod spec. 21957 Value must be non-negative integer. The value zero indicates 21958 stop immediately via the kill signal (no opportunity to 21959 shut down). This is a beta field and requires enabling 21960 ProbeTerminationGracePeriod feature gate. Minimum value 21961 is 1. spec.terminationGracePeriodSeconds is used if unset. 21962 format: int64 21963 type: integer 21964 timeoutSeconds: 21965 description: 'Number of seconds after which the probe times 21966 out. Defaults to 1 second. Minimum value is 1. More info: 21967 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21968 format: int32 21969 type: integer 21970 type: object 21971 name: 21972 description: Name of the container specified as a DNS_LABEL. 21973 Each container in a pod must have a unique name (DNS_LABEL). 21974 Cannot be updated. 21975 type: string 21976 ports: 21977 description: List of ports to expose from the container. Exposing 21978 a port here gives the system additional information about 21979 the network connections a container uses, but is primarily 21980 informational. Not specifying a port here DOES NOT prevent 21981 that port from being exposed. Any port which is listening 21982 on the default "0.0.0.0" address inside a container will be 21983 accessible from the network. Cannot be updated. 21984 items: 21985 description: ContainerPort represents a network port in a 21986 single container. 21987 properties: 21988 containerPort: 21989 description: Number of port to expose on the pod's IP 21990 address. This must be a valid port number, 0 < x < 65536. 21991 format: int32 21992 type: integer 21993 hostIP: 21994 description: What host IP to bind the external port to. 21995 type: string 21996 hostPort: 21997 description: Number of port to expose on the host. If 21998 specified, this must be a valid port number, 0 < x < 21999 65536. If HostNetwork is specified, this must match 22000 ContainerPort. Most containers do not need this. 22001 format: int32 22002 type: integer 22003 name: 22004 description: If specified, this must be an IANA_SVC_NAME 22005 and unique within the pod. Each named port in a pod 22006 must have a unique name. Name for the port that can 22007 be referred to by services. 22008 type: string 22009 protocol: 22010 default: TCP 22011 description: Protocol for port. Must be UDP, TCP, or SCTP. 22012 Defaults to "TCP". 22013 type: string 22014 required: 22015 - containerPort 22016 type: object 22017 type: array 22018 x-kubernetes-list-map-keys: 22019 - containerPort 22020 - protocol 22021 x-kubernetes-list-type: map 22022 readinessProbe: 22023 description: 'Periodic probe of container service readiness. 22024 Container will be removed from service endpoints if the probe 22025 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22026 properties: 22027 exec: 22028 description: Exec specifies the action to take. 22029 properties: 22030 command: 22031 description: Command is the command line to execute 22032 inside the container, the working directory for the 22033 command is root ('/') in the container's filesystem. 22034 The command is simply exec'd, it is not run inside 22035 a shell, so traditional shell instructions ('|', etc) 22036 won't work. To use a shell, you need to explicitly 22037 call out to that shell. Exit status of 0 is treated 22038 as live/healthy and non-zero is unhealthy. 22039 items: 22040 type: string 22041 type: array 22042 type: object 22043 failureThreshold: 22044 description: Minimum consecutive failures for the probe 22045 to be considered failed after having succeeded. Defaults 22046 to 3. Minimum value is 1. 22047 format: int32 22048 type: integer 22049 grpc: 22050 description: GRPC specifies an action involving a GRPC port. 22051 This is an alpha field and requires enabling GRPCContainerProbe 22052 feature gate. 22053 properties: 22054 port: 22055 description: Port number of the gRPC service. Number 22056 must be in the range 1 to 65535. 22057 format: int32 22058 type: integer 22059 service: 22060 description: "Service is the name of the service to 22061 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 22062 \n If this is not specified, the default behavior 22063 is defined by gRPC." 22064 type: string 22065 required: 22066 - port 22067 type: object 22068 httpGet: 22069 description: HTTPGet specifies the http request to perform. 22070 properties: 22071 host: 22072 description: Host name to connect to, defaults to the 22073 pod IP. You probably want to set "Host" in httpHeaders 22074 instead. 22075 type: string 22076 httpHeaders: 22077 description: Custom headers to set in the request. HTTP 22078 allows repeated headers. 22079 items: 22080 description: HTTPHeader describes a custom header 22081 to be used in HTTP probes 22082 properties: 22083 name: 22084 description: The header field name 22085 type: string 22086 value: 22087 description: The header field value 22088 type: string 22089 required: 22090 - name 22091 - value 22092 type: object 22093 type: array 22094 path: 22095 description: Path to access on the HTTP server. 22096 type: string 22097 port: 22098 anyOf: 22099 - type: integer 22100 - type: string 22101 description: Name or number of the port to access on 22102 the container. Number must be in the range 1 to 65535. 22103 Name must be an IANA_SVC_NAME. 22104 x-kubernetes-int-or-string: true 22105 scheme: 22106 description: Scheme to use for connecting to the host. 22107 Defaults to HTTP. 22108 type: string 22109 required: 22110 - port 22111 type: object 22112 initialDelaySeconds: 22113 description: 'Number of seconds after the container has 22114 started before liveness probes are initiated. More info: 22115 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22116 format: int32 22117 type: integer 22118 periodSeconds: 22119 description: How often (in seconds) to perform the probe. 22120 Default to 10 seconds. Minimum value is 1. 22121 format: int32 22122 type: integer 22123 successThreshold: 22124 description: Minimum consecutive successes for the probe 22125 to be considered successful after having failed. Defaults 22126 to 1. Must be 1 for liveness and startup. Minimum value 22127 is 1. 22128 format: int32 22129 type: integer 22130 tcpSocket: 22131 description: TCPSocket specifies an action involving a TCP 22132 port. 22133 properties: 22134 host: 22135 description: 'Optional: Host name to connect to, defaults 22136 to the pod IP.' 22137 type: string 22138 port: 22139 anyOf: 22140 - type: integer 22141 - type: string 22142 description: Number or name of the port to access on 22143 the container. Number must be in the range 1 to 65535. 22144 Name must be an IANA_SVC_NAME. 22145 x-kubernetes-int-or-string: true 22146 required: 22147 - port 22148 type: object 22149 terminationGracePeriodSeconds: 22150 description: Optional duration in seconds the pod needs 22151 to terminate gracefully upon probe failure. The grace 22152 period is the duration in seconds after the processes 22153 running in the pod are sent a termination signal and the 22154 time when the processes are forcibly halted with a kill 22155 signal. Set this value longer than the expected cleanup 22156 time for your process. If this value is nil, the pod's 22157 terminationGracePeriodSeconds will be used. Otherwise, 22158 this value overrides the value provided by the pod spec. 22159 Value must be non-negative integer. The value zero indicates 22160 stop immediately via the kill signal (no opportunity to 22161 shut down). This is a beta field and requires enabling 22162 ProbeTerminationGracePeriod feature gate. Minimum value 22163 is 1. spec.terminationGracePeriodSeconds is used if unset. 22164 format: int64 22165 type: integer 22166 timeoutSeconds: 22167 description: 'Number of seconds after which the probe times 22168 out. Defaults to 1 second. Minimum value is 1. More info: 22169 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22170 format: int32 22171 type: integer 22172 type: object 22173 resources: 22174 description: 'Compute Resources required by this container. 22175 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22176 properties: 22177 limits: 22178 additionalProperties: 22179 anyOf: 22180 - type: integer 22181 - type: string 22182 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22183 x-kubernetes-int-or-string: true 22184 description: 'Limits describes the maximum amount of compute 22185 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22186 type: object 22187 requests: 22188 additionalProperties: 22189 anyOf: 22190 - type: integer 22191 - type: string 22192 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22193 x-kubernetes-int-or-string: true 22194 description: 'Requests describes the minimum amount of compute 22195 resources required. If Requests is omitted for a container, 22196 it defaults to Limits if that is explicitly specified, 22197 otherwise to an implementation-defined value. More info: 22198 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22199 type: object 22200 type: object 22201 securityContext: 22202 description: 'SecurityContext defines the security options the 22203 container should be run with. If set, the fields of SecurityContext 22204 override the equivalent fields of PodSecurityContext. More 22205 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 22206 properties: 22207 allowPrivilegeEscalation: 22208 description: 'AllowPrivilegeEscalation controls whether 22209 a process can gain more privileges than its parent process. 22210 This bool directly controls if the no_new_privs flag will 22211 be set on the container process. AllowPrivilegeEscalation 22212 is true always when the container is: 1) run as Privileged 22213 2) has CAP_SYS_ADMIN Note that this field cannot be set 22214 when spec.os.name is windows.' 22215 type: boolean 22216 capabilities: 22217 description: The capabilities to add/drop when running containers. 22218 Defaults to the default set of capabilities granted by 22219 the container runtime. Note that this field cannot be 22220 set when spec.os.name is windows. 22221 properties: 22222 add: 22223 description: Added capabilities 22224 items: 22225 description: Capability represent POSIX capabilities 22226 type 22227 type: string 22228 type: array 22229 drop: 22230 description: Removed capabilities 22231 items: 22232 description: Capability represent POSIX capabilities 22233 type 22234 type: string 22235 type: array 22236 type: object 22237 privileged: 22238 description: Run container in privileged mode. Processes 22239 in privileged containers are essentially equivalent to 22240 root on the host. Defaults to false. Note that this field 22241 cannot be set when spec.os.name is windows. 22242 type: boolean 22243 procMount: 22244 description: procMount denotes the type of proc mount to 22245 use for the containers. The default is DefaultProcMount 22246 which uses the container runtime defaults for readonly 22247 paths and masked paths. This requires the ProcMountType 22248 feature flag to be enabled. Note that this field cannot 22249 be set when spec.os.name is windows. 22250 type: string 22251 readOnlyRootFilesystem: 22252 description: Whether this container has a read-only root 22253 filesystem. Default is false. Note that this field cannot 22254 be set when spec.os.name is windows. 22255 type: boolean 22256 runAsGroup: 22257 description: The GID to run the entrypoint of the container 22258 process. Uses runtime default if unset. May also be set 22259 in PodSecurityContext. If set in both SecurityContext 22260 and PodSecurityContext, the value specified in SecurityContext 22261 takes precedence. Note that this field cannot be set when 22262 spec.os.name is windows. 22263 format: int64 22264 type: integer 22265 runAsNonRoot: 22266 description: Indicates that the container must run as a 22267 non-root user. If true, the Kubelet will validate the 22268 image at runtime to ensure that it does not run as UID 22269 0 (root) and fail to start the container if it does. If 22270 unset or false, no such validation will be performed. 22271 May also be set in PodSecurityContext. If set in both 22272 SecurityContext and PodSecurityContext, the value specified 22273 in SecurityContext takes precedence. 22274 type: boolean 22275 runAsUser: 22276 description: The UID to run the entrypoint of the container 22277 process. Defaults to user specified in image metadata 22278 if unspecified. May also be set in PodSecurityContext. If 22279 set in both SecurityContext and PodSecurityContext, the 22280 value specified in SecurityContext takes precedence. Note 22281 that this field cannot be set when spec.os.name is windows. 22282 format: int64 22283 type: integer 22284 seLinuxOptions: 22285 description: The SELinux context to be applied to the container. 22286 If unspecified, the container runtime will allocate a 22287 random SELinux context for each container. May also be 22288 set in PodSecurityContext. If set in both SecurityContext 22289 and PodSecurityContext, the value specified in SecurityContext 22290 takes precedence. Note that this field cannot be set when 22291 spec.os.name is windows. 22292 properties: 22293 level: 22294 description: Level is SELinux level label that applies 22295 to the container. 22296 type: string 22297 role: 22298 description: Role is a SELinux role label that applies 22299 to the container. 22300 type: string 22301 type: 22302 description: Type is a SELinux type label that applies 22303 to the container. 22304 type: string 22305 user: 22306 description: User is a SELinux user label that applies 22307 to the container. 22308 type: string 22309 type: object 22310 seccompProfile: 22311 description: The seccomp options to use by this container. 22312 If seccomp options are provided at both the pod & container 22313 level, the container options override the pod options. 22314 Note that this field cannot be set when spec.os.name is 22315 windows. 22316 properties: 22317 localhostProfile: 22318 description: localhostProfile indicates a profile defined 22319 in a file on the node should be used. The profile 22320 must be preconfigured on the node to work. Must be 22321 a descending path, relative to the kubelet's configured 22322 seccomp profile location. Must only be set if type 22323 is "Localhost". 22324 type: string 22325 type: 22326 description: "type indicates which kind of seccomp profile 22327 will be applied. Valid options are: \n Localhost - 22328 a profile defined in a file on the node should be 22329 used. RuntimeDefault - the container runtime default 22330 profile should be used. Unconfined - no profile should 22331 be applied." 22332 type: string 22333 required: 22334 - type 22335 type: object 22336 windowsOptions: 22337 description: The Windows specific settings applied to all 22338 containers. If unspecified, the options from the PodSecurityContext 22339 will be used. If set in both SecurityContext and PodSecurityContext, 22340 the value specified in SecurityContext takes precedence. 22341 Note that this field cannot be set when spec.os.name is 22342 linux. 22343 properties: 22344 gmsaCredentialSpec: 22345 description: GMSACredentialSpec is where the GMSA admission 22346 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 22347 inlines the contents of the GMSA credential spec named 22348 by the GMSACredentialSpecName field. 22349 type: string 22350 gmsaCredentialSpecName: 22351 description: GMSACredentialSpecName is the name of the 22352 GMSA credential spec to use. 22353 type: string 22354 hostProcess: 22355 description: HostProcess determines if a container should 22356 be run as a 'Host Process' container. This field is 22357 alpha-level and will only be honored by components 22358 that enable the WindowsHostProcessContainers feature 22359 flag. Setting this field without the feature flag 22360 will result in errors when validating the Pod. All 22361 of a Pod's containers must have the same effective 22362 HostProcess value (it is not allowed to have a mix 22363 of HostProcess containers and non-HostProcess containers). In 22364 addition, if HostProcess is true then HostNetwork 22365 must also be set to true. 22366 type: boolean 22367 runAsUserName: 22368 description: The UserName in Windows to run the entrypoint 22369 of the container process. Defaults to the user specified 22370 in image metadata if unspecified. May also be set 22371 in PodSecurityContext. If set in both SecurityContext 22372 and PodSecurityContext, the value specified in SecurityContext 22373 takes precedence. 22374 type: string 22375 type: object 22376 type: object 22377 startupProbe: 22378 description: 'StartupProbe indicates that the Pod has successfully 22379 initialized. If specified, no other probes are executed until 22380 this completes successfully. If this probe fails, the Pod 22381 will be restarted, just as if the livenessProbe failed. This 22382 can be used to provide different probe parameters at the beginning 22383 of a Pod''s lifecycle, when it might take a long time to load 22384 data or warm a cache, than during steady-state operation. 22385 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22386 properties: 22387 exec: 22388 description: Exec specifies the action to take. 22389 properties: 22390 command: 22391 description: Command is the command line to execute 22392 inside the container, the working directory for the 22393 command is root ('/') in the container's filesystem. 22394 The command is simply exec'd, it is not run inside 22395 a shell, so traditional shell instructions ('|', etc) 22396 won't work. To use a shell, you need to explicitly 22397 call out to that shell. Exit status of 0 is treated 22398 as live/healthy and non-zero is unhealthy. 22399 items: 22400 type: string 22401 type: array 22402 type: object 22403 failureThreshold: 22404 description: Minimum consecutive failures for the probe 22405 to be considered failed after having succeeded. Defaults 22406 to 3. Minimum value is 1. 22407 format: int32 22408 type: integer 22409 grpc: 22410 description: GRPC specifies an action involving a GRPC port. 22411 This is an alpha field and requires enabling GRPCContainerProbe 22412 feature gate. 22413 properties: 22414 port: 22415 description: Port number of the gRPC service. Number 22416 must be in the range 1 to 65535. 22417 format: int32 22418 type: integer 22419 service: 22420 description: "Service is the name of the service to 22421 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 22422 \n If this is not specified, the default behavior 22423 is defined by gRPC." 22424 type: string 22425 required: 22426 - port 22427 type: object 22428 httpGet: 22429 description: HTTPGet specifies the http request to perform. 22430 properties: 22431 host: 22432 description: Host name to connect to, defaults to the 22433 pod IP. You probably want to set "Host" in httpHeaders 22434 instead. 22435 type: string 22436 httpHeaders: 22437 description: Custom headers to set in the request. HTTP 22438 allows repeated headers. 22439 items: 22440 description: HTTPHeader describes a custom header 22441 to be used in HTTP probes 22442 properties: 22443 name: 22444 description: The header field name 22445 type: string 22446 value: 22447 description: The header field value 22448 type: string 22449 required: 22450 - name 22451 - value 22452 type: object 22453 type: array 22454 path: 22455 description: Path to access on the HTTP server. 22456 type: string 22457 port: 22458 anyOf: 22459 - type: integer 22460 - type: string 22461 description: Name or number of the port to access on 22462 the container. Number must be in the range 1 to 65535. 22463 Name must be an IANA_SVC_NAME. 22464 x-kubernetes-int-or-string: true 22465 scheme: 22466 description: Scheme to use for connecting to the host. 22467 Defaults to HTTP. 22468 type: string 22469 required: 22470 - port 22471 type: object 22472 initialDelaySeconds: 22473 description: 'Number of seconds after the container has 22474 started before liveness probes are initiated. More info: 22475 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22476 format: int32 22477 type: integer 22478 periodSeconds: 22479 description: How often (in seconds) to perform the probe. 22480 Default to 10 seconds. Minimum value is 1. 22481 format: int32 22482 type: integer 22483 successThreshold: 22484 description: Minimum consecutive successes for the probe 22485 to be considered successful after having failed. Defaults 22486 to 1. Must be 1 for liveness and startup. Minimum value 22487 is 1. 22488 format: int32 22489 type: integer 22490 tcpSocket: 22491 description: TCPSocket specifies an action involving a TCP 22492 port. 22493 properties: 22494 host: 22495 description: 'Optional: Host name to connect to, defaults 22496 to the pod IP.' 22497 type: string 22498 port: 22499 anyOf: 22500 - type: integer 22501 - type: string 22502 description: Number or name of the port to access on 22503 the container. Number must be in the range 1 to 65535. 22504 Name must be an IANA_SVC_NAME. 22505 x-kubernetes-int-or-string: true 22506 required: 22507 - port 22508 type: object 22509 terminationGracePeriodSeconds: 22510 description: Optional duration in seconds the pod needs 22511 to terminate gracefully upon probe failure. The grace 22512 period is the duration in seconds after the processes 22513 running in the pod are sent a termination signal and the 22514 time when the processes are forcibly halted with a kill 22515 signal. Set this value longer than the expected cleanup 22516 time for your process. If this value is nil, the pod's 22517 terminationGracePeriodSeconds will be used. Otherwise, 22518 this value overrides the value provided by the pod spec. 22519 Value must be non-negative integer. The value zero indicates 22520 stop immediately via the kill signal (no opportunity to 22521 shut down). This is a beta field and requires enabling 22522 ProbeTerminationGracePeriod feature gate. Minimum value 22523 is 1. spec.terminationGracePeriodSeconds is used if unset. 22524 format: int64 22525 type: integer 22526 timeoutSeconds: 22527 description: 'Number of seconds after which the probe times 22528 out. Defaults to 1 second. Minimum value is 1. More info: 22529 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 22530 format: int32 22531 type: integer 22532 type: object 22533 stdin: 22534 description: Whether this container should allocate a buffer 22535 for stdin in the container runtime. If this is not set, reads 22536 from stdin in the container will always result in EOF. Default 22537 is false. 22538 type: boolean 22539 stdinOnce: 22540 description: Whether the container runtime should close the 22541 stdin channel after it has been opened by a single attach. 22542 When stdin is true the stdin stream will remain open across 22543 multiple attach sessions. If stdinOnce is set to true, stdin 22544 is opened on container start, is empty until the first client 22545 attaches to stdin, and then remains open and accepts data 22546 until the client disconnects, at which time stdin is closed 22547 and remains closed until the container is restarted. If this 22548 flag is false, a container processes that reads from stdin 22549 will never receive an EOF. Default is false 22550 type: boolean 22551 terminationMessagePath: 22552 description: 'Optional: Path at which the file to which the 22553 container''s termination message will be written is mounted 22554 into the container''s filesystem. Message written is intended 22555 to be brief final status, such as an assertion failure message. 22556 Will be truncated by the node if greater than 4096 bytes. 22557 The total message length across all containers will be limited 22558 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 22559 type: string 22560 terminationMessagePolicy: 22561 description: Indicate how the termination message should be 22562 populated. File will use the contents of terminationMessagePath 22563 to populate the container status message on both success and 22564 failure. FallbackToLogsOnError will use the last chunk of 22565 container log output if the termination message file is empty 22566 and the container exited with an error. The log output is 22567 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 22568 to File. Cannot be updated. 22569 type: string 22570 tty: 22571 description: Whether this container should allocate a TTY for 22572 itself, also requires 'stdin' to be true. Default is false. 22573 type: boolean 22574 volumeDevices: 22575 description: volumeDevices is the list of block devices to be 22576 used by the container. 22577 items: 22578 description: volumeDevice describes a mapping of a raw block 22579 device within a container. 22580 properties: 22581 devicePath: 22582 description: devicePath is the path inside of the container 22583 that the device will be mapped to. 22584 type: string 22585 name: 22586 description: name must match the name of a persistentVolumeClaim 22587 in the pod 22588 type: string 22589 required: 22590 - devicePath 22591 - name 22592 type: object 22593 type: array 22594 volumeMounts: 22595 description: Pod volumes to mount into the container's filesystem. 22596 Cannot be updated. 22597 items: 22598 description: VolumeMount describes a mounting of a Volume 22599 within a container. 22600 properties: 22601 mountPath: 22602 description: Path within the container at which the volume 22603 should be mounted. Must not contain ':'. 22604 type: string 22605 mountPropagation: 22606 description: mountPropagation determines how mounts are 22607 propagated from the host to container and the other 22608 way around. When not set, MountPropagationNone is used. 22609 This field is beta in 1.10. 22610 type: string 22611 name: 22612 description: This must match the Name of a Volume. 22613 type: string 22614 readOnly: 22615 description: Mounted read-only if true, read-write otherwise 22616 (false or unspecified). Defaults to false. 22617 type: boolean 22618 subPath: 22619 description: Path within the volume from which the container's 22620 volume should be mounted. Defaults to "" (volume's root). 22621 type: string 22622 subPathExpr: 22623 description: Expanded path within the volume from which 22624 the container's volume should be mounted. Behaves similarly 22625 to SubPath but environment variable references $(VAR_NAME) 22626 are expanded using the container's environment. Defaults 22627 to "" (volume's root). SubPathExpr and SubPath are mutually 22628 exclusive. 22629 type: string 22630 required: 22631 - mountPath 22632 - name 22633 type: object 22634 type: array 22635 workingDir: 22636 description: Container's working directory. If not specified, 22637 the container runtime's default will be used, which might 22638 be configured in the container image. Cannot be updated. 22639 type: string 22640 required: 22641 - name 22642 type: object 22643 type: array 22644 labels: 22645 additionalProperties: 22646 type: string 22647 description: Labels configure the external label pairs to ThanosRuler. 22648 A default replica label `thanos_ruler_replica` will be always added as 22649 a label with the value of the pod's name and it will be dropped 22650 in the alerts. 22651 type: object 22652 listenLocal: 22653 description: ListenLocal makes the Thanos ruler listen on loopback, 22654 so that it does not bind against the Pod IP. 22655 type: boolean 22656 logFormat: 22657 description: Log format for ThanosRuler to be configured with. 22658 type: string 22659 logLevel: 22660 description: Log level for ThanosRuler to be configured with. 22661 type: string 22662 minReadySeconds: 22663 description: Minimum number of seconds for which a newly created pod 22664 should be ready without any of its container crashing for it to 22665 be considered available. Defaults to 0 (pod will be considered available 22666 as soon as it is ready) This is an alpha field and requires enabling 22667 StatefulSetMinReadySeconds feature gate. 22668 format: int32 22669 type: integer 22670 nodeSelector: 22671 additionalProperties: 22672 type: string 22673 description: Define which Nodes the Pods are scheduled on. 22674 type: object 22675 objectStorageConfig: 22676 description: ObjectStorageConfig configures object storage in Thanos. 22677 Alternative to ObjectStorageConfigFile, and lower order priority. 22678 properties: 22679 key: 22680 description: The key of the secret to select from. Must be a 22681 valid secret key. 22682 type: string 22683 name: 22684 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22685 TODO: Add other useful fields. apiVersion, kind, uid?' 22686 type: string 22687 optional: 22688 description: Specify whether the Secret or its key must be defined 22689 type: boolean 22690 required: 22691 - key 22692 type: object 22693 objectStorageConfigFile: 22694 description: ObjectStorageConfigFile specifies the path of the object 22695 storage configuration file. When used alongside with ObjectStorageConfig, 22696 ObjectStorageConfigFile takes precedence. 22697 type: string 22698 paused: 22699 description: When a ThanosRuler deployment is paused, no actions except 22700 for deletion will be performed on the underlying objects. 22701 type: boolean 22702 podMetadata: 22703 description: PodMetadata contains Labels and Annotations gets propagated 22704 to the thanos ruler pods. 22705 properties: 22706 annotations: 22707 additionalProperties: 22708 type: string 22709 description: 'Annotations is an unstructured key value map stored 22710 with a resource that may be set by external tools to store and 22711 retrieve arbitrary metadata. They are not queryable and should 22712 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 22713 type: object 22714 labels: 22715 additionalProperties: 22716 type: string 22717 description: 'Map of string keys and values that can be used to 22718 organize and categorize (scope and select) objects. May match 22719 selectors of replication controllers and services. More info: 22720 http://kubernetes.io/docs/user-guide/labels' 22721 type: object 22722 name: 22723 description: 'Name must be unique within a namespace. Is required 22724 when creating resources, although some resources may allow a 22725 client to request the generation of an appropriate name automatically. 22726 Name is primarily intended for creation idempotence and configuration 22727 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 22728 type: string 22729 type: object 22730 portName: 22731 description: Port name used for the pods and governing service. This 22732 defaults to web 22733 type: string 22734 priorityClassName: 22735 description: Priority class assigned to the Pods 22736 type: string 22737 prometheusRulesExcludedFromEnforce: 22738 description: PrometheusRulesExcludedFromEnforce - list of Prometheus 22739 rules to be excluded from enforcing of adding namespace labels. 22740 Works only if enforcedNamespaceLabel set to true. Make sure both 22741 ruleNamespace and ruleName are set for each pair 22742 items: 22743 description: PrometheusRuleExcludeConfig enables users to configure 22744 excluded PrometheusRule names and their namespaces to be ignored 22745 while enforcing namespace label for alerts and metrics. 22746 properties: 22747 ruleName: 22748 description: RuleNamespace - name of excluded rule 22749 type: string 22750 ruleNamespace: 22751 description: RuleNamespace - namespace of excluded rule 22752 type: string 22753 required: 22754 - ruleName 22755 - ruleNamespace 22756 type: object 22757 type: array 22758 queryConfig: 22759 description: Define configuration for connecting to thanos query instances. 22760 If this is defined, the QueryEndpoints field will be ignored. Maps 22761 to the `query.config` CLI argument. Only available with thanos v0.11.0 22762 and higher. 22763 properties: 22764 key: 22765 description: The key of the secret to select from. Must be a 22766 valid secret key. 22767 type: string 22768 name: 22769 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22770 TODO: Add other useful fields. apiVersion, kind, uid?' 22771 type: string 22772 optional: 22773 description: Specify whether the Secret or its key must be defined 22774 type: boolean 22775 required: 22776 - key 22777 type: object 22778 queryEndpoints: 22779 description: QueryEndpoints defines Thanos querier endpoints from 22780 which to query metrics. Maps to the --query flag of thanos ruler. 22781 items: 22782 type: string 22783 type: array 22784 replicas: 22785 description: Number of thanos ruler instances to deploy. 22786 format: int32 22787 type: integer 22788 resources: 22789 description: Resources defines the resource requirements for single 22790 Pods. If not provided, no requests/limits will be set 22791 properties: 22792 limits: 22793 additionalProperties: 22794 anyOf: 22795 - type: integer 22796 - type: string 22797 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22798 x-kubernetes-int-or-string: true 22799 description: 'Limits describes the maximum amount of compute resources 22800 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22801 type: object 22802 requests: 22803 additionalProperties: 22804 anyOf: 22805 - type: integer 22806 - type: string 22807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22808 x-kubernetes-int-or-string: true 22809 description: 'Requests describes the minimum amount of compute 22810 resources required. If Requests is omitted for a container, 22811 it defaults to Limits if that is explicitly specified, otherwise 22812 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22813 type: object 22814 type: object 22815 retention: 22816 description: Time duration ThanosRuler shall retain data for. Default 22817 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 22818 (milliseconds seconds minutes hours days weeks years). 22819 type: string 22820 routePrefix: 22821 description: The route prefix ThanosRuler registers HTTP handlers 22822 for. This allows thanos UI to be served on a sub-path. 22823 type: string 22824 ruleNamespaceSelector: 22825 description: Namespaces to be selected for Rules discovery. If unspecified, 22826 only the same namespace as the ThanosRuler object is in is used. 22827 properties: 22828 matchExpressions: 22829 description: matchExpressions is a list of label selector requirements. 22830 The requirements are ANDed. 22831 items: 22832 description: A label selector requirement is a selector that 22833 contains values, a key, and an operator that relates the key 22834 and values. 22835 properties: 22836 key: 22837 description: key is the label key that the selector applies 22838 to. 22839 type: string 22840 operator: 22841 description: operator represents a key's relationship to 22842 a set of values. Valid operators are In, NotIn, Exists 22843 and DoesNotExist. 22844 type: string 22845 values: 22846 description: values is an array of string values. If the 22847 operator is In or NotIn, the values array must be non-empty. 22848 If the operator is Exists or DoesNotExist, the values 22849 array must be empty. This array is replaced during a strategic 22850 merge patch. 22851 items: 22852 type: string 22853 type: array 22854 required: 22855 - key 22856 - operator 22857 type: object 22858 type: array 22859 matchLabels: 22860 additionalProperties: 22861 type: string 22862 description: matchLabels is a map of {key,value} pairs. A single 22863 {key,value} in the matchLabels map is equivalent to an element 22864 of matchExpressions, whose key field is "key", the operator 22865 is "In", and the values array contains only "value". The requirements 22866 are ANDed. 22867 type: object 22868 type: object 22869 ruleSelector: 22870 description: A label selector to select which PrometheusRules to mount 22871 for alerting and recording. 22872 properties: 22873 matchExpressions: 22874 description: matchExpressions is a list of label selector requirements. 22875 The requirements are ANDed. 22876 items: 22877 description: A label selector requirement is a selector that 22878 contains values, a key, and an operator that relates the key 22879 and values. 22880 properties: 22881 key: 22882 description: key is the label key that the selector applies 22883 to. 22884 type: string 22885 operator: 22886 description: operator represents a key's relationship to 22887 a set of values. Valid operators are In, NotIn, Exists 22888 and DoesNotExist. 22889 type: string 22890 values: 22891 description: values is an array of string values. If the 22892 operator is In or NotIn, the values array must be non-empty. 22893 If the operator is Exists or DoesNotExist, the values 22894 array must be empty. This array is replaced during a strategic 22895 merge patch. 22896 items: 22897 type: string 22898 type: array 22899 required: 22900 - key 22901 - operator 22902 type: object 22903 type: array 22904 matchLabels: 22905 additionalProperties: 22906 type: string 22907 description: matchLabels is a map of {key,value} pairs. A single 22908 {key,value} in the matchLabels map is equivalent to an element 22909 of matchExpressions, whose key field is "key", the operator 22910 is "In", and the values array contains only "value". The requirements 22911 are ANDed. 22912 type: object 22913 type: object 22914 securityContext: 22915 description: SecurityContext holds pod-level security attributes and 22916 common container settings. This defaults to the default PodSecurityContext. 22917 properties: 22918 fsGroup: 22919 description: "A special supplemental group that applies to all 22920 containers in a pod. Some volume types allow the Kubelet to 22921 change the ownership of that volume to be owned by the pod: 22922 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 22923 set (new files created in the volume will be owned by FSGroup) 22924 3. The permission bits are OR'd with rw-rw---- \n If unset, 22925 the Kubelet will not modify the ownership and permissions of 22926 any volume. Note that this field cannot be set when spec.os.name 22927 is windows." 22928 format: int64 22929 type: integer 22930 fsGroupChangePolicy: 22931 description: 'fsGroupChangePolicy defines behavior of changing 22932 ownership and permission of the volume before being exposed 22933 inside Pod. This field will only apply to volume types which 22934 support fsGroup based ownership(and permissions). It will have 22935 no effect on ephemeral volume types such as: secret, configmaps 22936 and emptydir. Valid values are "OnRootMismatch" and "Always". 22937 If not specified, "Always" is used. Note that this field cannot 22938 be set when spec.os.name is windows.' 22939 type: string 22940 runAsGroup: 22941 description: The GID to run the entrypoint of the container process. 22942 Uses runtime default if unset. May also be set in SecurityContext. If 22943 set in both SecurityContext and PodSecurityContext, the value 22944 specified in SecurityContext takes precedence for that container. 22945 Note that this field cannot be set when spec.os.name is windows. 22946 format: int64 22947 type: integer 22948 runAsNonRoot: 22949 description: Indicates that the container must run as a non-root 22950 user. If true, the Kubelet will validate the image at runtime 22951 to ensure that it does not run as UID 0 (root) and fail to start 22952 the container if it does. If unset or false, no such validation 22953 will be performed. May also be set in SecurityContext. If set 22954 in both SecurityContext and PodSecurityContext, the value specified 22955 in SecurityContext takes precedence. 22956 type: boolean 22957 runAsUser: 22958 description: The UID to run the entrypoint of the container process. 22959 Defaults to user specified in image metadata if unspecified. 22960 May also be set in SecurityContext. If set in both SecurityContext 22961 and PodSecurityContext, the value specified in SecurityContext 22962 takes precedence for that container. Note that this field cannot 22963 be set when spec.os.name is windows. 22964 format: int64 22965 type: integer 22966 seLinuxOptions: 22967 description: The SELinux context to be applied to all containers. 22968 If unspecified, the container runtime will allocate a random 22969 SELinux context for each container. May also be set in SecurityContext. If 22970 set in both SecurityContext and PodSecurityContext, the value 22971 specified in SecurityContext takes precedence for that container. 22972 Note that this field cannot be set when spec.os.name is windows. 22973 properties: 22974 level: 22975 description: Level is SELinux level label that applies to 22976 the container. 22977 type: string 22978 role: 22979 description: Role is a SELinux role label that applies to 22980 the container. 22981 type: string 22982 type: 22983 description: Type is a SELinux type label that applies to 22984 the container. 22985 type: string 22986 user: 22987 description: User is a SELinux user label that applies to 22988 the container. 22989 type: string 22990 type: object 22991 seccompProfile: 22992 description: The seccomp options to use by the containers in this 22993 pod. Note that this field cannot be set when spec.os.name is 22994 windows. 22995 properties: 22996 localhostProfile: 22997 description: localhostProfile indicates a profile defined 22998 in a file on the node should be used. The profile must be 22999 preconfigured on the node to work. Must be a descending 23000 path, relative to the kubelet's configured seccomp profile 23001 location. Must only be set if type is "Localhost". 23002 type: string 23003 type: 23004 description: "type indicates which kind of seccomp profile 23005 will be applied. Valid options are: \n Localhost - a profile 23006 defined in a file on the node should be used. RuntimeDefault 23007 - the container runtime default profile should be used. 23008 Unconfined - no profile should be applied." 23009 type: string 23010 required: 23011 - type 23012 type: object 23013 supplementalGroups: 23014 description: A list of groups applied to the first process run 23015 in each container, in addition to the container's primary GID. If 23016 unspecified, no groups will be added to any container. Note 23017 that this field cannot be set when spec.os.name is windows. 23018 items: 23019 format: int64 23020 type: integer 23021 type: array 23022 sysctls: 23023 description: Sysctls hold a list of namespaced sysctls used for 23024 the pod. Pods with unsupported sysctls (by the container runtime) 23025 might fail to launch. Note that this field cannot be set when 23026 spec.os.name is windows. 23027 items: 23028 description: Sysctl defines a kernel parameter to be set 23029 properties: 23030 name: 23031 description: Name of a property to set 23032 type: string 23033 value: 23034 description: Value of a property to set 23035 type: string 23036 required: 23037 - name 23038 - value 23039 type: object 23040 type: array 23041 windowsOptions: 23042 description: The Windows specific settings applied to all containers. 23043 If unspecified, the options within a container's SecurityContext 23044 will be used. If set in both SecurityContext and PodSecurityContext, 23045 the value specified in SecurityContext takes precedence. Note 23046 that this field cannot be set when spec.os.name is linux. 23047 properties: 23048 gmsaCredentialSpec: 23049 description: GMSACredentialSpec is where the GMSA admission 23050 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 23051 inlines the contents of the GMSA credential spec named by 23052 the GMSACredentialSpecName field. 23053 type: string 23054 gmsaCredentialSpecName: 23055 description: GMSACredentialSpecName is the name of the GMSA 23056 credential spec to use. 23057 type: string 23058 hostProcess: 23059 description: HostProcess determines if a container should 23060 be run as a 'Host Process' container. This field is alpha-level 23061 and will only be honored by components that enable the WindowsHostProcessContainers 23062 feature flag. Setting this field without the feature flag 23063 will result in errors when validating the Pod. All of a 23064 Pod's containers must have the same effective HostProcess 23065 value (it is not allowed to have a mix of HostProcess containers 23066 and non-HostProcess containers). In addition, if HostProcess 23067 is true then HostNetwork must also be set to true. 23068 type: boolean 23069 runAsUserName: 23070 description: The UserName in Windows to run the entrypoint 23071 of the container process. Defaults to the user specified 23072 in image metadata if unspecified. May also be set in PodSecurityContext. 23073 If set in both SecurityContext and PodSecurityContext, the 23074 value specified in SecurityContext takes precedence. 23075 type: string 23076 type: object 23077 type: object 23078 serviceAccountName: 23079 description: ServiceAccountName is the name of the ServiceAccount 23080 to use to run the Thanos Ruler Pods. 23081 type: string 23082 storage: 23083 description: Storage spec to specify how storage shall be used. 23084 properties: 23085 disableMountSubPath: 23086 description: 'Deprecated: subPath usage will be disabled by default 23087 in a future release, this option will become unnecessary. DisableMountSubPath 23088 allows to remove any subPath usage in volume mounts.' 23089 type: boolean 23090 emptyDir: 23091 description: 'EmptyDirVolumeSource to be used by the Prometheus 23092 StatefulSets. If specified, used in place of any volumeClaimTemplate. 23093 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 23094 properties: 23095 medium: 23096 description: 'What type of storage medium should back this 23097 directory. The default is "" which means to use the node''s 23098 default medium. Must be an empty string (default) or Memory. 23099 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 23100 type: string 23101 sizeLimit: 23102 anyOf: 23103 - type: integer 23104 - type: string 23105 description: 'Total amount of local storage required for this 23106 EmptyDir volume. The size limit is also applicable for memory 23107 medium. The maximum usage on memory medium EmptyDir would 23108 be the minimum value between the SizeLimit specified here 23109 and the sum of memory limits of all containers in a pod. 23110 The default is nil which means that the limit is undefined. 23111 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 23112 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23113 x-kubernetes-int-or-string: true 23114 type: object 23115 ephemeral: 23116 description: 'EphemeralVolumeSource to be used by the Prometheus 23117 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 23118 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 23119 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 23120 properties: 23121 volumeClaimTemplate: 23122 description: "Will be used to create a stand-alone PVC to 23123 provision the volume. The pod in which this EphemeralVolumeSource 23124 is embedded will be the owner of the PVC, i.e. the PVC will 23125 be deleted together with the pod. The name of the PVC will 23126 be `<pod name>-<volume name>` where `<volume name>` is the 23127 name from the `PodSpec.Volumes` array entry. Pod validation 23128 will reject the pod if the concatenated name is not valid 23129 for a PVC (for example, too long). \n An existing PVC with 23130 that name that is not owned by the pod will *not* be used 23131 for the pod to avoid using an unrelated volume by mistake. 23132 Starting the pod is then blocked until the unrelated PVC 23133 is removed. If such a pre-created PVC is meant to be used 23134 by the pod, the PVC has to updated with an owner reference 23135 to the pod once the pod exists. Normally this should not 23136 be necessary, but it may be useful when manually reconstructing 23137 a broken cluster. \n This field is read-only and no changes 23138 will be made by Kubernetes to the PVC after it has been 23139 created. \n Required, must not be nil." 23140 properties: 23141 metadata: 23142 description: May contain labels and annotations that will 23143 be copied into the PVC when creating it. No other fields 23144 are allowed and will be rejected during validation. 23145 type: object 23146 spec: 23147 description: The specification for the PersistentVolumeClaim. 23148 The entire content is copied unchanged into the PVC 23149 that gets created from this template. The same fields 23150 as in a PersistentVolumeClaim are also valid here. 23151 properties: 23152 accessModes: 23153 description: 'AccessModes contains the desired access 23154 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 23155 items: 23156 type: string 23157 type: array 23158 dataSource: 23159 description: 'This field can be used to specify either: 23160 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 23161 * An existing PVC (PersistentVolumeClaim) If the 23162 provisioner or an external controller can support 23163 the specified data source, it will create a new 23164 volume based on the contents of the specified data 23165 source. If the AnyVolumeDataSource feature gate 23166 is enabled, this field will always have the same 23167 contents as the DataSourceRef field.' 23168 properties: 23169 apiGroup: 23170 description: APIGroup is the group for the resource 23171 being referenced. If APIGroup is not specified, 23172 the specified Kind must be in the core API group. 23173 For any other third-party types, APIGroup is 23174 required. 23175 type: string 23176 kind: 23177 description: Kind is the type of resource being 23178 referenced 23179 type: string 23180 name: 23181 description: Name is the name of resource being 23182 referenced 23183 type: string 23184 required: 23185 - kind 23186 - name 23187 type: object 23188 dataSourceRef: 23189 description: 'Specifies the object from which to populate 23190 the volume with data, if a non-empty volume is desired. 23191 This may be any local object from a non-empty API 23192 group (non core object) or a PersistentVolumeClaim 23193 object. When this field is specified, volume binding 23194 will only succeed if the type of the specified object 23195 matches some installed volume populator or dynamic 23196 provisioner. This field will replace the functionality 23197 of the DataSource field and as such if both fields 23198 are non-empty, they must have the same value. For 23199 backwards compatibility, both fields (DataSource 23200 and DataSourceRef) will be set to the same value 23201 automatically if one of them is empty and the other 23202 is non-empty. There are two important differences 23203 between DataSource and DataSourceRef: * While DataSource 23204 only allows two specific types of objects, DataSourceRef allows 23205 any non-core object, as well as PersistentVolumeClaim 23206 objects. * While DataSource ignores disallowed values 23207 (dropping them), DataSourceRef preserves all values, 23208 and generates an error if a disallowed value is specified. 23209 (Alpha) Using this field requires the AnyVolumeDataSource 23210 feature gate to be enabled.' 23211 properties: 23212 apiGroup: 23213 description: APIGroup is the group for the resource 23214 being referenced. If APIGroup is not specified, 23215 the specified Kind must be in the core API group. 23216 For any other third-party types, APIGroup is 23217 required. 23218 type: string 23219 kind: 23220 description: Kind is the type of resource being 23221 referenced 23222 type: string 23223 name: 23224 description: Name is the name of resource being 23225 referenced 23226 type: string 23227 required: 23228 - kind 23229 - name 23230 type: object 23231 resources: 23232 description: 'Resources represents the minimum resources 23233 the volume should have. If RecoverVolumeExpansionFailure 23234 feature is enabled users are allowed to specify 23235 resource requirements that are lower than previous 23236 value but must still be higher than capacity recorded 23237 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 23238 properties: 23239 limits: 23240 additionalProperties: 23241 anyOf: 23242 - type: integer 23243 - type: string 23244 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23245 x-kubernetes-int-or-string: true 23246 description: 'Limits describes the maximum amount 23247 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23248 type: object 23249 requests: 23250 additionalProperties: 23251 anyOf: 23252 - type: integer 23253 - type: string 23254 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23255 x-kubernetes-int-or-string: true 23256 description: 'Requests describes the minimum amount 23257 of compute resources required. If Requests is 23258 omitted for a container, it defaults to Limits 23259 if that is explicitly specified, otherwise to 23260 an implementation-defined value. More info: 23261 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23262 type: object 23263 type: object 23264 selector: 23265 description: A label query over volumes to consider 23266 for binding. 23267 properties: 23268 matchExpressions: 23269 description: matchExpressions is a list of label 23270 selector requirements. The requirements are 23271 ANDed. 23272 items: 23273 description: A label selector requirement is 23274 a selector that contains values, a key, and 23275 an operator that relates the key and values. 23276 properties: 23277 key: 23278 description: key is the label key that the 23279 selector applies to. 23280 type: string 23281 operator: 23282 description: operator represents a key's 23283 relationship to a set of values. Valid 23284 operators are In, NotIn, Exists and DoesNotExist. 23285 type: string 23286 values: 23287 description: values is an array of string 23288 values. If the operator is In or NotIn, 23289 the values array must be non-empty. If 23290 the operator is Exists or DoesNotExist, 23291 the values array must be empty. This array 23292 is replaced during a strategic merge patch. 23293 items: 23294 type: string 23295 type: array 23296 required: 23297 - key 23298 - operator 23299 type: object 23300 type: array 23301 matchLabels: 23302 additionalProperties: 23303 type: string 23304 description: matchLabels is a map of {key,value} 23305 pairs. A single {key,value} in the matchLabels 23306 map is equivalent to an element of matchExpressions, 23307 whose key field is "key", the operator is "In", 23308 and the values array contains only "value". 23309 The requirements are ANDed. 23310 type: object 23311 type: object 23312 storageClassName: 23313 description: 'Name of the StorageClass required by 23314 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 23315 type: string 23316 volumeMode: 23317 description: volumeMode defines what type of volume 23318 is required by the claim. Value of Filesystem is 23319 implied when not included in claim spec. 23320 type: string 23321 volumeName: 23322 description: VolumeName is the binding reference to 23323 the PersistentVolume backing this claim. 23324 type: string 23325 type: object 23326 required: 23327 - spec 23328 type: object 23329 type: object 23330 volumeClaimTemplate: 23331 description: A PVC spec to be used by the Prometheus StatefulSets. 23332 properties: 23333 apiVersion: 23334 description: 'APIVersion defines the versioned schema of this 23335 representation of an object. Servers should convert recognized 23336 schemas to the latest internal value, and may reject unrecognized 23337 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 23338 type: string 23339 kind: 23340 description: 'Kind is a string value representing the REST 23341 resource this object represents. Servers may infer this 23342 from the endpoint the client submits requests to. Cannot 23343 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 23344 type: string 23345 metadata: 23346 description: EmbeddedMetadata contains metadata relevant to 23347 an EmbeddedResource. 23348 properties: 23349 annotations: 23350 additionalProperties: 23351 type: string 23352 description: 'Annotations is an unstructured key value 23353 map stored with a resource that may be set by external 23354 tools to store and retrieve arbitrary metadata. They 23355 are not queryable and should be preserved when modifying 23356 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 23357 type: object 23358 labels: 23359 additionalProperties: 23360 type: string 23361 description: 'Map of string keys and values that can be 23362 used to organize and categorize (scope and select) objects. 23363 May match selectors of replication controllers and services. 23364 More info: http://kubernetes.io/docs/user-guide/labels' 23365 type: object 23366 name: 23367 description: 'Name must be unique within a namespace. 23368 Is required when creating resources, although some resources 23369 may allow a client to request the generation of an appropriate 23370 name automatically. Name is primarily intended for creation 23371 idempotence and configuration definition. Cannot be 23372 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 23373 type: string 23374 type: object 23375 spec: 23376 description: 'Spec defines the desired characteristics of 23377 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 23378 properties: 23379 accessModes: 23380 description: 'AccessModes contains the desired access 23381 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 23382 items: 23383 type: string 23384 type: array 23385 dataSource: 23386 description: 'This field can be used to specify either: 23387 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 23388 * An existing PVC (PersistentVolumeClaim) If the provisioner 23389 or an external controller can support the specified 23390 data source, it will create a new volume based on the 23391 contents of the specified data source. If the AnyVolumeDataSource 23392 feature gate is enabled, this field will always have 23393 the same contents as the DataSourceRef field.' 23394 properties: 23395 apiGroup: 23396 description: APIGroup is the group for the resource 23397 being referenced. If APIGroup is not specified, 23398 the specified Kind must be in the core API group. 23399 For any other third-party types, APIGroup is required. 23400 type: string 23401 kind: 23402 description: Kind is the type of resource being referenced 23403 type: string 23404 name: 23405 description: Name is the name of resource being referenced 23406 type: string 23407 required: 23408 - kind 23409 - name 23410 type: object 23411 dataSourceRef: 23412 description: 'Specifies the object from which to populate 23413 the volume with data, if a non-empty volume is desired. 23414 This may be any local object from a non-empty API group 23415 (non core object) or a PersistentVolumeClaim object. 23416 When this field is specified, volume binding will only 23417 succeed if the type of the specified object matches 23418 some installed volume populator or dynamic provisioner. 23419 This field will replace the functionality of the DataSource 23420 field and as such if both fields are non-empty, they 23421 must have the same value. For backwards compatibility, 23422 both fields (DataSource and DataSourceRef) will be set 23423 to the same value automatically if one of them is empty 23424 and the other is non-empty. There are two important 23425 differences between DataSource and DataSourceRef: * 23426 While DataSource only allows two specific types of objects, 23427 DataSourceRef allows any non-core object, as well 23428 as PersistentVolumeClaim objects. * While DataSource 23429 ignores disallowed values (dropping them), DataSourceRef preserves 23430 all values, and generates an error if a disallowed value 23431 is specified. (Alpha) Using this field requires the 23432 AnyVolumeDataSource feature gate to be enabled.' 23433 properties: 23434 apiGroup: 23435 description: APIGroup is the group for the resource 23436 being referenced. If APIGroup is not specified, 23437 the specified Kind must be in the core API group. 23438 For any other third-party types, APIGroup is required. 23439 type: string 23440 kind: 23441 description: Kind is the type of resource being referenced 23442 type: string 23443 name: 23444 description: Name is the name of resource being referenced 23445 type: string 23446 required: 23447 - kind 23448 - name 23449 type: object 23450 resources: 23451 description: 'Resources represents the minimum resources 23452 the volume should have. If RecoverVolumeExpansionFailure 23453 feature is enabled users are allowed to specify resource 23454 requirements that are lower than previous value but 23455 must still be higher than capacity recorded in the status 23456 field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 23457 properties: 23458 limits: 23459 additionalProperties: 23460 anyOf: 23461 - type: integer 23462 - type: string 23463 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23464 x-kubernetes-int-or-string: true 23465 description: 'Limits describes the maximum amount 23466 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23467 type: object 23468 requests: 23469 additionalProperties: 23470 anyOf: 23471 - type: integer 23472 - type: string 23473 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23474 x-kubernetes-int-or-string: true 23475 description: 'Requests describes the minimum amount 23476 of compute resources required. If Requests is omitted 23477 for a container, it defaults to Limits if that is 23478 explicitly specified, otherwise to an implementation-defined 23479 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23480 type: object 23481 type: object 23482 selector: 23483 description: A label query over volumes to consider for 23484 binding. 23485 properties: 23486 matchExpressions: 23487 description: matchExpressions is a list of label selector 23488 requirements. The requirements are ANDed. 23489 items: 23490 description: A label selector requirement is a selector 23491 that contains values, a key, and an operator that 23492 relates the key and values. 23493 properties: 23494 key: 23495 description: key is the label key that the selector 23496 applies to. 23497 type: string 23498 operator: 23499 description: operator represents a key's relationship 23500 to a set of values. Valid operators are In, 23501 NotIn, Exists and DoesNotExist. 23502 type: string 23503 values: 23504 description: values is an array of string values. 23505 If the operator is In or NotIn, the values 23506 array must be non-empty. If the operator is 23507 Exists or DoesNotExist, the values array must 23508 be empty. This array is replaced during a 23509 strategic merge patch. 23510 items: 23511 type: string 23512 type: array 23513 required: 23514 - key 23515 - operator 23516 type: object 23517 type: array 23518 matchLabels: 23519 additionalProperties: 23520 type: string 23521 description: matchLabels is a map of {key,value} pairs. 23522 A single {key,value} in the matchLabels map is equivalent 23523 to an element of matchExpressions, whose key field 23524 is "key", the operator is "In", and the values array 23525 contains only "value". The requirements are ANDed. 23526 type: object 23527 type: object 23528 storageClassName: 23529 description: 'Name of the StorageClass required by the 23530 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 23531 type: string 23532 volumeMode: 23533 description: volumeMode defines what type of volume is 23534 required by the claim. Value of Filesystem is implied 23535 when not included in claim spec. 23536 type: string 23537 volumeName: 23538 description: VolumeName is the binding reference to the 23539 PersistentVolume backing this claim. 23540 type: string 23541 type: object 23542 status: 23543 description: 'Status represents the current information/status 23544 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 23545 properties: 23546 accessModes: 23547 description: 'AccessModes contains the actual access modes 23548 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 23549 items: 23550 type: string 23551 type: array 23552 allocatedResources: 23553 additionalProperties: 23554 anyOf: 23555 - type: integer 23556 - type: string 23557 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23558 x-kubernetes-int-or-string: true 23559 description: The storage resource within AllocatedResources 23560 tracks the capacity allocated to a PVC. It may be larger 23561 than the actual capacity when a volume expansion operation 23562 is requested. For storage quota, the larger value from 23563 allocatedResources and PVC.spec.resources is used. If 23564 allocatedResources is not set, PVC.spec.resources alone 23565 is used for quota calculation. If a volume expansion 23566 capacity request is lowered, allocatedResources is only 23567 lowered if there are no expansion operations in progress 23568 and if the actual volume capacity is equal or lower 23569 than the requested capacity. This is an alpha field 23570 and requires enabling RecoverVolumeExpansionFailure 23571 feature. 23572 type: object 23573 capacity: 23574 additionalProperties: 23575 anyOf: 23576 - type: integer 23577 - type: string 23578 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23579 x-kubernetes-int-or-string: true 23580 description: Represents the actual resources of the underlying 23581 volume. 23582 type: object 23583 conditions: 23584 description: Current Condition of persistent volume claim. 23585 If underlying persistent volume is being resized then 23586 the Condition will be set to 'ResizeStarted'. 23587 items: 23588 description: PersistentVolumeClaimCondition contails 23589 details about state of pvc 23590 properties: 23591 lastProbeTime: 23592 description: Last time we probed the condition. 23593 format: date-time 23594 type: string 23595 lastTransitionTime: 23596 description: Last time the condition transitioned 23597 from one status to another. 23598 format: date-time 23599 type: string 23600 message: 23601 description: Human-readable message indicating details 23602 about last transition. 23603 type: string 23604 reason: 23605 description: Unique, this should be a short, machine 23606 understandable string that gives the reason for 23607 condition's last transition. If it reports "ResizeStarted" 23608 that means the underlying persistent volume is 23609 being resized. 23610 type: string 23611 status: 23612 type: string 23613 type: 23614 description: PersistentVolumeClaimConditionType 23615 is a valid value of PersistentVolumeClaimCondition.Type 23616 type: string 23617 required: 23618 - status 23619 - type 23620 type: object 23621 type: array 23622 phase: 23623 description: Phase represents the current phase of PersistentVolumeClaim. 23624 type: string 23625 resizeStatus: 23626 description: ResizeStatus stores status of resize operation. 23627 ResizeStatus is not set by default but when expansion 23628 is complete resizeStatus is set to empty string by resize 23629 controller or kubelet. This is an alpha field and requires 23630 enabling RecoverVolumeExpansionFailure feature. 23631 type: string 23632 type: object 23633 type: object 23634 type: object 23635 tolerations: 23636 description: If specified, the pod's tolerations. 23637 items: 23638 description: The pod this Toleration is attached to tolerates any 23639 taint that matches the triple <key,value,effect> using the matching 23640 operator <operator>. 23641 properties: 23642 effect: 23643 description: Effect indicates the taint effect to match. Empty 23644 means match all taint effects. When specified, allowed values 23645 are NoSchedule, PreferNoSchedule and NoExecute. 23646 type: string 23647 key: 23648 description: Key is the taint key that the toleration applies 23649 to. Empty means match all taint keys. If the key is empty, 23650 operator must be Exists; this combination means to match all 23651 values and all keys. 23652 type: string 23653 operator: 23654 description: Operator represents a key's relationship to the 23655 value. Valid operators are Exists and Equal. Defaults to Equal. 23656 Exists is equivalent to wildcard for value, so that a pod 23657 can tolerate all taints of a particular category. 23658 type: string 23659 tolerationSeconds: 23660 description: TolerationSeconds represents the period of time 23661 the toleration (which must be of effect NoExecute, otherwise 23662 this field is ignored) tolerates the taint. By default, it 23663 is not set, which means tolerate the taint forever (do not 23664 evict). Zero and negative values will be treated as 0 (evict 23665 immediately) by the system. 23666 format: int64 23667 type: integer 23668 value: 23669 description: Value is the taint value the toleration matches 23670 to. If the operator is Exists, the value should be empty, 23671 otherwise just a regular string. 23672 type: string 23673 type: object 23674 type: array 23675 topologySpreadConstraints: 23676 description: If specified, the pod's topology spread constraints. 23677 items: 23678 description: TopologySpreadConstraint specifies how to spread matching 23679 pods among the given topology. 23680 properties: 23681 labelSelector: 23682 description: LabelSelector is used to find matching pods. Pods 23683 that match this label selector are counted to determine the 23684 number of pods in their corresponding topology domain. 23685 properties: 23686 matchExpressions: 23687 description: matchExpressions is a list of label selector 23688 requirements. The requirements are ANDed. 23689 items: 23690 description: A label selector requirement is a selector 23691 that contains values, a key, and an operator that relates 23692 the key and values. 23693 properties: 23694 key: 23695 description: key is the label key that the selector 23696 applies to. 23697 type: string 23698 operator: 23699 description: operator represents a key's relationship 23700 to a set of values. Valid operators are In, NotIn, 23701 Exists and DoesNotExist. 23702 type: string 23703 values: 23704 description: values is an array of string values. 23705 If the operator is In or NotIn, the values array 23706 must be non-empty. If the operator is Exists or 23707 DoesNotExist, the values array must be empty. This 23708 array is replaced during a strategic merge patch. 23709 items: 23710 type: string 23711 type: array 23712 required: 23713 - key 23714 - operator 23715 type: object 23716 type: array 23717 matchLabels: 23718 additionalProperties: 23719 type: string 23720 description: matchLabels is a map of {key,value} pairs. 23721 A single {key,value} in the matchLabels map is equivalent 23722 to an element of matchExpressions, whose key field is 23723 "key", the operator is "In", and the values array contains 23724 only "value". The requirements are ANDed. 23725 type: object 23726 type: object 23727 maxSkew: 23728 description: 'MaxSkew describes the degree to which pods may 23729 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 23730 it is the maximum permitted difference between the number 23731 of matching pods in the target topology and the global minimum. 23732 For example, in a 3-zone cluster, MaxSkew is set to 1, and 23733 pods with the same labelSelector spread as 1/1/0: | zone1 23734 | zone2 | zone3 | | P | P | | - if MaxSkew is 23735 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 23736 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 23737 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 23738 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 23739 it is used to give higher precedence to topologies that satisfy 23740 it. It''s a required field. Default value is 1 and 0 is not 23741 allowed.' 23742 format: int32 23743 type: integer 23744 topologyKey: 23745 description: TopologyKey is the key of node labels. Nodes that 23746 have a label with this key and identical values are considered 23747 to be in the same topology. We consider each <key, value> 23748 as a "bucket", and try to put balanced number of pods into 23749 each bucket. It's a required field. 23750 type: string 23751 whenUnsatisfiable: 23752 description: 'WhenUnsatisfiable indicates how to deal with a 23753 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 23754 (default) tells the scheduler not to schedule it. - ScheduleAnyway 23755 tells the scheduler to schedule the pod in any location, but 23756 giving higher precedence to topologies that would help reduce 23757 the skew. A constraint is considered "Unsatisfiable" for 23758 an incoming pod if and only if every possible node assignment 23759 for that pod would violate "MaxSkew" on some topology. For 23760 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 23761 with the same labelSelector spread as 3/1/1: | zone1 | zone2 23762 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 23763 set to DoNotSchedule, incoming pod can only be scheduled to 23764 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 23765 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 23766 can still be imbalanced, but scheduler won''t make it *more* 23767 imbalanced. It''s a required field.' 23768 type: string 23769 required: 23770 - maxSkew 23771 - topologyKey 23772 - whenUnsatisfiable 23773 type: object 23774 type: array 23775 tracingConfig: 23776 description: TracingConfig configures tracing in Thanos. This is an 23777 experimental feature, it may change in any upcoming release in a 23778 breaking way. 23779 properties: 23780 key: 23781 description: The key of the secret to select from. Must be a 23782 valid secret key. 23783 type: string 23784 name: 23785 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23786 TODO: Add other useful fields. apiVersion, kind, uid?' 23787 type: string 23788 optional: 23789 description: Specify whether the Secret or its key must be defined 23790 type: boolean 23791 required: 23792 - key 23793 type: object 23794 volumes: 23795 description: Volumes allows configuration of additional volumes on 23796 the output StatefulSet definition. Volumes specified will be appended 23797 to other volumes that are generated as a result of StorageSpec objects. 23798 items: 23799 description: Volume represents a named volume in a pod that may 23800 be accessed by any container in the pod. 23801 properties: 23802 awsElasticBlockStore: 23803 description: 'AWSElasticBlockStore represents an AWS Disk resource 23804 that is attached to a kubelet''s host machine and then exposed 23805 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23806 properties: 23807 fsType: 23808 description: 'Filesystem type of the volume that you want 23809 to mount. Tip: Ensure that the filesystem type is supported 23810 by the host operating system. Examples: "ext4", "xfs", 23811 "ntfs". Implicitly inferred to be "ext4" if unspecified. 23812 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 23813 TODO: how do we prevent errors in the filesystem from 23814 compromising the machine' 23815 type: string 23816 partition: 23817 description: 'The partition in the volume that you want 23818 to mount. If omitted, the default is to mount by volume 23819 name. Examples: For volume /dev/sda1, you specify the 23820 partition as "1". Similarly, the volume partition for 23821 /dev/sda is "0" (or you can leave the property empty).' 23822 format: int32 23823 type: integer 23824 readOnly: 23825 description: 'Specify "true" to force and set the ReadOnly 23826 property in VolumeMounts to "true". If omitted, the default 23827 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23828 type: boolean 23829 volumeID: 23830 description: 'Unique ID of the persistent disk resource 23831 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23832 type: string 23833 required: 23834 - volumeID 23835 type: object 23836 azureDisk: 23837 description: AzureDisk represents an Azure Data Disk mount on 23838 the host and bind mount to the pod. 23839 properties: 23840 cachingMode: 23841 description: 'Host Caching mode: None, Read Only, Read Write.' 23842 type: string 23843 diskName: 23844 description: The Name of the data disk in the blob storage 23845 type: string 23846 diskURI: 23847 description: The URI the data disk in the blob storage 23848 type: string 23849 fsType: 23850 description: Filesystem type to mount. Must be a filesystem 23851 type supported by the host operating system. Ex. "ext4", 23852 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 23853 type: string 23854 kind: 23855 description: 'Expected values Shared: multiple blob disks 23856 per storage account Dedicated: single blob disk per storage 23857 account Managed: azure managed data disk (only in managed 23858 availability set). defaults to shared' 23859 type: string 23860 readOnly: 23861 description: Defaults to false (read/write). ReadOnly here 23862 will force the ReadOnly setting in VolumeMounts. 23863 type: boolean 23864 required: 23865 - diskName 23866 - diskURI 23867 type: object 23868 azureFile: 23869 description: AzureFile represents an Azure File Service mount 23870 on the host and bind mount to the pod. 23871 properties: 23872 readOnly: 23873 description: Defaults to false (read/write). ReadOnly here 23874 will force the ReadOnly setting in VolumeMounts. 23875 type: boolean 23876 secretName: 23877 description: the name of secret that contains Azure Storage 23878 Account Name and Key 23879 type: string 23880 shareName: 23881 description: Share Name 23882 type: string 23883 required: 23884 - secretName 23885 - shareName 23886 type: object 23887 cephfs: 23888 description: CephFS represents a Ceph FS mount on the host that 23889 shares a pod's lifetime 23890 properties: 23891 monitors: 23892 description: 'Required: Monitors is a collection of Ceph 23893 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23894 items: 23895 type: string 23896 type: array 23897 path: 23898 description: 'Optional: Used as the mounted root, rather 23899 than the full Ceph tree, default is /' 23900 type: string 23901 readOnly: 23902 description: 'Optional: Defaults to false (read/write). 23903 ReadOnly here will force the ReadOnly setting in VolumeMounts. 23904 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23905 type: boolean 23906 secretFile: 23907 description: 'Optional: SecretFile is the path to key ring 23908 for User, default is /etc/ceph/user.secret More info: 23909 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23910 type: string 23911 secretRef: 23912 description: 'Optional: SecretRef is reference to the authentication 23913 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23914 properties: 23915 name: 23916 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23917 TODO: Add other useful fields. apiVersion, kind, uid?' 23918 type: string 23919 type: object 23920 user: 23921 description: 'Optional: User is the rados user name, default 23922 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23923 type: string 23924 required: 23925 - monitors 23926 type: object 23927 cinder: 23928 description: 'Cinder represents a cinder volume attached and 23929 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23930 properties: 23931 fsType: 23932 description: 'Filesystem type to mount. Must be a filesystem 23933 type supported by the host operating system. Examples: 23934 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 23935 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23936 type: string 23937 readOnly: 23938 description: 'Optional: Defaults to false (read/write). 23939 ReadOnly here will force the ReadOnly setting in VolumeMounts. 23940 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23941 type: boolean 23942 secretRef: 23943 description: 'Optional: points to a secret object containing 23944 parameters used to connect to OpenStack.' 23945 properties: 23946 name: 23947 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23948 TODO: Add other useful fields. apiVersion, kind, uid?' 23949 type: string 23950 type: object 23951 volumeID: 23952 description: 'volume id used to identify the volume in cinder. 23953 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23954 type: string 23955 required: 23956 - volumeID 23957 type: object 23958 configMap: 23959 description: ConfigMap represents a configMap that should populate 23960 this volume 23961 properties: 23962 defaultMode: 23963 description: 'Optional: mode bits used to set permissions 23964 on created files by default. Must be an octal value between 23965 0000 and 0777 or a decimal value between 0 and 511. YAML 23966 accepts both octal and decimal values, JSON requires decimal 23967 values for mode bits. Defaults to 0644. Directories within 23968 the path are not affected by this setting. This might 23969 be in conflict with other options that affect the file 23970 mode, like fsGroup, and the result can be other mode bits 23971 set.' 23972 format: int32 23973 type: integer 23974 items: 23975 description: If unspecified, each key-value pair in the 23976 Data field of the referenced ConfigMap will be projected 23977 into the volume as a file whose name is the key and content 23978 is the value. If specified, the listed keys will be projected 23979 into the specified paths, and unlisted keys will not be 23980 present. If a key is specified which is not present in 23981 the ConfigMap, the volume setup will error unless it is 23982 marked optional. Paths must be relative and may not contain 23983 the '..' path or start with '..'. 23984 items: 23985 description: Maps a string key to a path within a volume. 23986 properties: 23987 key: 23988 description: The key to project. 23989 type: string 23990 mode: 23991 description: 'Optional: mode bits used to set permissions 23992 on this file. Must be an octal value between 0000 23993 and 0777 or a decimal value between 0 and 511. YAML 23994 accepts both octal and decimal values, JSON requires 23995 decimal values for mode bits. If not specified, 23996 the volume defaultMode will be used. This might 23997 be in conflict with other options that affect the 23998 file mode, like fsGroup, and the result can be other 23999 mode bits set.' 24000 format: int32 24001 type: integer 24002 path: 24003 description: The relative path of the file to map 24004 the key to. May not be an absolute path. May not 24005 contain the path element '..'. May not start with 24006 the string '..'. 24007 type: string 24008 required: 24009 - key 24010 - path 24011 type: object 24012 type: array 24013 name: 24014 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24015 TODO: Add other useful fields. apiVersion, kind, uid?' 24016 type: string 24017 optional: 24018 description: Specify whether the ConfigMap or its keys must 24019 be defined 24020 type: boolean 24021 type: object 24022 csi: 24023 description: CSI (Container Storage Interface) represents ephemeral 24024 storage that is handled by certain external CSI drivers (Beta 24025 feature). 24026 properties: 24027 driver: 24028 description: Driver is the name of the CSI driver that handles 24029 this volume. Consult with your admin for the correct name 24030 as registered in the cluster. 24031 type: string 24032 fsType: 24033 description: Filesystem type to mount. Ex. "ext4", "xfs", 24034 "ntfs". If not provided, the empty value is passed to 24035 the associated CSI driver which will determine the default 24036 filesystem to apply. 24037 type: string 24038 nodePublishSecretRef: 24039 description: NodePublishSecretRef is a reference to the 24040 secret object containing sensitive information to pass 24041 to the CSI driver to complete the CSI NodePublishVolume 24042 and NodeUnpublishVolume calls. This field is optional, 24043 and may be empty if no secret is required. If the secret 24044 object contains more than one secret, all secret references 24045 are passed. 24046 properties: 24047 name: 24048 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24049 TODO: Add other useful fields. apiVersion, kind, uid?' 24050 type: string 24051 type: object 24052 readOnly: 24053 description: Specifies a read-only configuration for the 24054 volume. Defaults to false (read/write). 24055 type: boolean 24056 volumeAttributes: 24057 additionalProperties: 24058 type: string 24059 description: VolumeAttributes stores driver-specific properties 24060 that are passed to the CSI driver. Consult your driver's 24061 documentation for supported values. 24062 type: object 24063 required: 24064 - driver 24065 type: object 24066 downwardAPI: 24067 description: DownwardAPI represents downward API about the pod 24068 that should populate this volume 24069 properties: 24070 defaultMode: 24071 description: 'Optional: mode bits to use on created files 24072 by default. Must be a Optional: mode bits used to set 24073 permissions on created files by default. Must be an octal 24074 value between 0000 and 0777 or a decimal value between 24075 0 and 511. YAML accepts both octal and decimal values, 24076 JSON requires decimal values for mode bits. Defaults to 24077 0644. Directories within the path are not affected by 24078 this setting. This might be in conflict with other options 24079 that affect the file mode, like fsGroup, and the result 24080 can be other mode bits set.' 24081 format: int32 24082 type: integer 24083 items: 24084 description: Items is a list of downward API volume file 24085 items: 24086 description: DownwardAPIVolumeFile represents information 24087 to create the file containing the pod field 24088 properties: 24089 fieldRef: 24090 description: 'Required: Selects a field of the pod: 24091 only annotations, labels, name and namespace are 24092 supported.' 24093 properties: 24094 apiVersion: 24095 description: Version of the schema the FieldPath 24096 is written in terms of, defaults to "v1". 24097 type: string 24098 fieldPath: 24099 description: Path of the field to select in the 24100 specified API version. 24101 type: string 24102 required: 24103 - fieldPath 24104 type: object 24105 mode: 24106 description: 'Optional: mode bits used to set permissions 24107 on this file, must be an octal value between 0000 24108 and 0777 or a decimal value between 0 and 511. YAML 24109 accepts both octal and decimal values, JSON requires 24110 decimal values for mode bits. If not specified, 24111 the volume defaultMode will be used. This might 24112 be in conflict with other options that affect the 24113 file mode, like fsGroup, and the result can be other 24114 mode bits set.' 24115 format: int32 24116 type: integer 24117 path: 24118 description: 'Required: Path is the relative path 24119 name of the file to be created. Must not be absolute 24120 or contain the ''..'' path. Must be utf-8 encoded. 24121 The first item of the relative path must not start 24122 with ''..''' 24123 type: string 24124 resourceFieldRef: 24125 description: 'Selects a resource of the container: 24126 only resources limits and requests (limits.cpu, 24127 limits.memory, requests.cpu and requests.memory) 24128 are currently supported.' 24129 properties: 24130 containerName: 24131 description: 'Container name: required for volumes, 24132 optional for env vars' 24133 type: string 24134 divisor: 24135 anyOf: 24136 - type: integer 24137 - type: string 24138 description: Specifies the output format of the 24139 exposed resources, defaults to "1" 24140 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24141 x-kubernetes-int-or-string: true 24142 resource: 24143 description: 'Required: resource to select' 24144 type: string 24145 required: 24146 - resource 24147 type: object 24148 required: 24149 - path 24150 type: object 24151 type: array 24152 type: object 24153 emptyDir: 24154 description: 'EmptyDir represents a temporary directory that 24155 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 24156 properties: 24157 medium: 24158 description: 'What type of storage medium should back this 24159 directory. The default is "" which means to use the node''s 24160 default medium. Must be an empty string (default) or Memory. 24161 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 24162 type: string 24163 sizeLimit: 24164 anyOf: 24165 - type: integer 24166 - type: string 24167 description: 'Total amount of local storage required for 24168 this EmptyDir volume. The size limit is also applicable 24169 for memory medium. The maximum usage on memory medium 24170 EmptyDir would be the minimum value between the SizeLimit 24171 specified here and the sum of memory limits of all containers 24172 in a pod. The default is nil which means that the limit 24173 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 24174 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24175 x-kubernetes-int-or-string: true 24176 type: object 24177 ephemeral: 24178 description: "Ephemeral represents a volume that is handled 24179 by a cluster storage driver. The volume's lifecycle is tied 24180 to the pod that defines it - it will be created before the 24181 pod starts, and deleted when the pod is removed. \n Use this 24182 if: a) the volume is only needed while the pod runs, b) features 24183 of normal volumes like restoring from snapshot or capacity 24184 \ tracking are needed, c) the storage driver is specified 24185 through a storage class, and d) the storage driver supports 24186 dynamic volume provisioning through a PersistentVolumeClaim 24187 (see EphemeralVolumeSource for more information on the 24188 connection between this volume type and PersistentVolumeClaim). 24189 \n Use PersistentVolumeClaim or one of the vendor-specific 24190 APIs for volumes that persist for longer than the lifecycle 24191 of an individual pod. \n Use CSI for light-weight local ephemeral 24192 volumes if the CSI driver is meant to be used that way - see 24193 the documentation of the driver for more information. \n A 24194 pod can use both types of ephemeral volumes and persistent 24195 volumes at the same time." 24196 properties: 24197 volumeClaimTemplate: 24198 description: "Will be used to create a stand-alone PVC to 24199 provision the volume. The pod in which this EphemeralVolumeSource 24200 is embedded will be the owner of the PVC, i.e. the PVC 24201 will be deleted together with the pod. The name of the 24202 PVC will be `<pod name>-<volume name>` where `<volume 24203 name>` is the name from the `PodSpec.Volumes` array entry. 24204 Pod validation will reject the pod if the concatenated 24205 name is not valid for a PVC (for example, too long). \n 24206 An existing PVC with that name that is not owned by the 24207 pod will *not* be used for the pod to avoid using an unrelated 24208 volume by mistake. Starting the pod is then blocked until 24209 the unrelated PVC is removed. If such a pre-created PVC 24210 is meant to be used by the pod, the PVC has to updated 24211 with an owner reference to the pod once the pod exists. 24212 Normally this should not be necessary, but it may be useful 24213 when manually reconstructing a broken cluster. \n This 24214 field is read-only and no changes will be made by Kubernetes 24215 to the PVC after it has been created. \n Required, must 24216 not be nil." 24217 properties: 24218 metadata: 24219 description: May contain labels and annotations that 24220 will be copied into the PVC when creating it. No other 24221 fields are allowed and will be rejected during validation. 24222 type: object 24223 spec: 24224 description: The specification for the PersistentVolumeClaim. 24225 The entire content is copied unchanged into the PVC 24226 that gets created from this template. The same fields 24227 as in a PersistentVolumeClaim are also valid here. 24228 properties: 24229 accessModes: 24230 description: 'AccessModes contains the desired access 24231 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 24232 items: 24233 type: string 24234 type: array 24235 dataSource: 24236 description: 'This field can be used to specify 24237 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 24238 * An existing PVC (PersistentVolumeClaim) If the 24239 provisioner or an external controller can support 24240 the specified data source, it will create a new 24241 volume based on the contents of the specified 24242 data source. If the AnyVolumeDataSource feature 24243 gate is enabled, this field will always have the 24244 same contents as the DataSourceRef field.' 24245 properties: 24246 apiGroup: 24247 description: APIGroup is the group for the resource 24248 being referenced. If APIGroup is not specified, 24249 the specified Kind must be in the core API 24250 group. For any other third-party types, APIGroup 24251 is required. 24252 type: string 24253 kind: 24254 description: Kind is the type of resource being 24255 referenced 24256 type: string 24257 name: 24258 description: Name is the name of resource being 24259 referenced 24260 type: string 24261 required: 24262 - kind 24263 - name 24264 type: object 24265 dataSourceRef: 24266 description: 'Specifies the object from which to 24267 populate the volume with data, if a non-empty 24268 volume is desired. This may be any local object 24269 from a non-empty API group (non core object) or 24270 a PersistentVolumeClaim object. When this field 24271 is specified, volume binding will only succeed 24272 if the type of the specified object matches some 24273 installed volume populator or dynamic provisioner. 24274 This field will replace the functionality of the 24275 DataSource field and as such if both fields are 24276 non-empty, they must have the same value. For 24277 backwards compatibility, both fields (DataSource 24278 and DataSourceRef) will be set to the same value 24279 automatically if one of them is empty and the 24280 other is non-empty. There are two important differences 24281 between DataSource and DataSourceRef: * While 24282 DataSource only allows two specific types of objects, 24283 DataSourceRef allows any non-core object, as 24284 well as PersistentVolumeClaim objects. * While 24285 DataSource ignores disallowed values (dropping 24286 them), DataSourceRef preserves all values, and 24287 generates an error if a disallowed value is specified. 24288 (Alpha) Using this field requires the AnyVolumeDataSource 24289 feature gate to be enabled.' 24290 properties: 24291 apiGroup: 24292 description: APIGroup is the group for the resource 24293 being referenced. If APIGroup is not specified, 24294 the specified Kind must be in the core API 24295 group. For any other third-party types, APIGroup 24296 is required. 24297 type: string 24298 kind: 24299 description: Kind is the type of resource being 24300 referenced 24301 type: string 24302 name: 24303 description: Name is the name of resource being 24304 referenced 24305 type: string 24306 required: 24307 - kind 24308 - name 24309 type: object 24310 resources: 24311 description: 'Resources represents the minimum resources 24312 the volume should have. If RecoverVolumeExpansionFailure 24313 feature is enabled users are allowed to specify 24314 resource requirements that are lower than previous 24315 value but must still be higher than capacity recorded 24316 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 24317 properties: 24318 limits: 24319 additionalProperties: 24320 anyOf: 24321 - type: integer 24322 - type: string 24323 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24324 x-kubernetes-int-or-string: true 24325 description: 'Limits describes the maximum amount 24326 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 24327 type: object 24328 requests: 24329 additionalProperties: 24330 anyOf: 24331 - type: integer 24332 - type: string 24333 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24334 x-kubernetes-int-or-string: true 24335 description: 'Requests describes the minimum 24336 amount of compute resources required. If Requests 24337 is omitted for a container, it defaults to 24338 Limits if that is explicitly specified, otherwise 24339 to an implementation-defined value. More info: 24340 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 24341 type: object 24342 type: object 24343 selector: 24344 description: A label query over volumes to consider 24345 for binding. 24346 properties: 24347 matchExpressions: 24348 description: matchExpressions is a list of label 24349 selector requirements. The requirements are 24350 ANDed. 24351 items: 24352 description: A label selector requirement 24353 is a selector that contains values, a key, 24354 and an operator that relates the key and 24355 values. 24356 properties: 24357 key: 24358 description: key is the label key that 24359 the selector applies to. 24360 type: string 24361 operator: 24362 description: operator represents a key's 24363 relationship to a set of values. Valid 24364 operators are In, NotIn, Exists and 24365 DoesNotExist. 24366 type: string 24367 values: 24368 description: values is an array of string 24369 values. If the operator is In or NotIn, 24370 the values array must be non-empty. 24371 If the operator is Exists or DoesNotExist, 24372 the values array must be empty. This 24373 array is replaced during a strategic 24374 merge patch. 24375 items: 24376 type: string 24377 type: array 24378 required: 24379 - key 24380 - operator 24381 type: object 24382 type: array 24383 matchLabels: 24384 additionalProperties: 24385 type: string 24386 description: matchLabels is a map of {key,value} 24387 pairs. A single {key,value} in the matchLabels 24388 map is equivalent to an element of matchExpressions, 24389 whose key field is "key", the operator is 24390 "In", and the values array contains only "value". 24391 The requirements are ANDed. 24392 type: object 24393 type: object 24394 storageClassName: 24395 description: 'Name of the StorageClass required 24396 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 24397 type: string 24398 volumeMode: 24399 description: volumeMode defines what type of volume 24400 is required by the claim. Value of Filesystem 24401 is implied when not included in claim spec. 24402 type: string 24403 volumeName: 24404 description: VolumeName is the binding reference 24405 to the PersistentVolume backing this claim. 24406 type: string 24407 type: object 24408 required: 24409 - spec 24410 type: object 24411 type: object 24412 fc: 24413 description: FC represents a Fibre Channel resource that is 24414 attached to a kubelet's host machine and then exposed to the 24415 pod. 24416 properties: 24417 fsType: 24418 description: 'Filesystem type to mount. Must be a filesystem 24419 type supported by the host operating system. Ex. "ext4", 24420 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 24421 TODO: how do we prevent errors in the filesystem from 24422 compromising the machine' 24423 type: string 24424 lun: 24425 description: 'Optional: FC target lun number' 24426 format: int32 24427 type: integer 24428 readOnly: 24429 description: 'Optional: Defaults to false (read/write). 24430 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 24431 type: boolean 24432 targetWWNs: 24433 description: 'Optional: FC target worldwide names (WWNs)' 24434 items: 24435 type: string 24436 type: array 24437 wwids: 24438 description: 'Optional: FC volume world wide identifiers 24439 (wwids) Either wwids or combination of targetWWNs and 24440 lun must be set, but not both simultaneously.' 24441 items: 24442 type: string 24443 type: array 24444 type: object 24445 flexVolume: 24446 description: FlexVolume represents a generic volume resource 24447 that is provisioned/attached using an exec based plugin. 24448 properties: 24449 driver: 24450 description: Driver is the name of the driver to use for 24451 this volume. 24452 type: string 24453 fsType: 24454 description: Filesystem type to mount. Must be a filesystem 24455 type supported by the host operating system. Ex. "ext4", 24456 "xfs", "ntfs". The default filesystem depends on FlexVolume 24457 script. 24458 type: string 24459 options: 24460 additionalProperties: 24461 type: string 24462 description: 'Optional: Extra command options if any.' 24463 type: object 24464 readOnly: 24465 description: 'Optional: Defaults to false (read/write). 24466 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 24467 type: boolean 24468 secretRef: 24469 description: 'Optional: SecretRef is reference to the secret 24470 object containing sensitive information to pass to the 24471 plugin scripts. This may be empty if no secret object 24472 is specified. If the secret object contains more than 24473 one secret, all secrets are passed to the plugin scripts.' 24474 properties: 24475 name: 24476 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24477 TODO: Add other useful fields. apiVersion, kind, uid?' 24478 type: string 24479 type: object 24480 required: 24481 - driver 24482 type: object 24483 flocker: 24484 description: Flocker represents a Flocker volume attached to 24485 a kubelet's host machine. This depends on the Flocker control 24486 service being running 24487 properties: 24488 datasetName: 24489 description: Name of the dataset stored as metadata -> name 24490 on the dataset for Flocker should be considered as deprecated 24491 type: string 24492 datasetUUID: 24493 description: UUID of the dataset. This is unique identifier 24494 of a Flocker dataset 24495 type: string 24496 type: object 24497 gcePersistentDisk: 24498 description: 'GCEPersistentDisk represents a GCE Disk resource 24499 that is attached to a kubelet''s host machine and then exposed 24500 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 24501 properties: 24502 fsType: 24503 description: 'Filesystem type of the volume that you want 24504 to mount. Tip: Ensure that the filesystem type is supported 24505 by the host operating system. Examples: "ext4", "xfs", 24506 "ntfs". Implicitly inferred to be "ext4" if unspecified. 24507 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 24508 TODO: how do we prevent errors in the filesystem from 24509 compromising the machine' 24510 type: string 24511 partition: 24512 description: 'The partition in the volume that you want 24513 to mount. If omitted, the default is to mount by volume 24514 name. Examples: For volume /dev/sda1, you specify the 24515 partition as "1". Similarly, the volume partition for 24516 /dev/sda is "0" (or you can leave the property empty). 24517 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 24518 format: int32 24519 type: integer 24520 pdName: 24521 description: 'Unique name of the PD resource in GCE. Used 24522 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 24523 type: string 24524 readOnly: 24525 description: 'ReadOnly here will force the ReadOnly setting 24526 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 24527 type: boolean 24528 required: 24529 - pdName 24530 type: object 24531 gitRepo: 24532 description: 'GitRepo represents a git repository at a particular 24533 revision. DEPRECATED: GitRepo is deprecated. To provision 24534 a container with a git repo, mount an EmptyDir into an InitContainer 24535 that clones the repo using git, then mount the EmptyDir into 24536 the Pod''s container.' 24537 properties: 24538 directory: 24539 description: Target directory name. Must not contain or 24540 start with '..'. If '.' is supplied, the volume directory 24541 will be the git repository. Otherwise, if specified, 24542 the volume will contain the git repository in the subdirectory 24543 with the given name. 24544 type: string 24545 repository: 24546 description: Repository URL 24547 type: string 24548 revision: 24549 description: Commit hash for the specified revision. 24550 type: string 24551 required: 24552 - repository 24553 type: object 24554 glusterfs: 24555 description: 'Glusterfs represents a Glusterfs mount on the 24556 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 24557 properties: 24558 endpoints: 24559 description: 'EndpointsName is the endpoint name that details 24560 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 24561 type: string 24562 path: 24563 description: 'Path is the Glusterfs volume path. More info: 24564 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 24565 type: string 24566 readOnly: 24567 description: 'ReadOnly here will force the Glusterfs volume 24568 to be mounted with read-only permissions. Defaults to 24569 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 24570 type: boolean 24571 required: 24572 - endpoints 24573 - path 24574 type: object 24575 hostPath: 24576 description: 'HostPath represents a pre-existing file or directory 24577 on the host machine that is directly exposed to the container. 24578 This is generally used for system agents or other privileged 24579 things that are allowed to see the host machine. Most containers 24580 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 24581 --- TODO(jonesdl) We need to restrict who can use host directory 24582 mounts and who can/can not mount host directories as read/write.' 24583 properties: 24584 path: 24585 description: 'Path of the directory on the host. If the 24586 path is a symlink, it will follow the link to the real 24587 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 24588 type: string 24589 type: 24590 description: 'Type for HostPath Volume Defaults to "" More 24591 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 24592 type: string 24593 required: 24594 - path 24595 type: object 24596 iscsi: 24597 description: 'ISCSI represents an ISCSI Disk resource that is 24598 attached to a kubelet''s host machine and then exposed to 24599 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 24600 properties: 24601 chapAuthDiscovery: 24602 description: whether support iSCSI Discovery CHAP authentication 24603 type: boolean 24604 chapAuthSession: 24605 description: whether support iSCSI Session CHAP authentication 24606 type: boolean 24607 fsType: 24608 description: 'Filesystem type of the volume that you want 24609 to mount. Tip: Ensure that the filesystem type is supported 24610 by the host operating system. Examples: "ext4", "xfs", 24611 "ntfs". Implicitly inferred to be "ext4" if unspecified. 24612 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 24613 TODO: how do we prevent errors in the filesystem from 24614 compromising the machine' 24615 type: string 24616 initiatorName: 24617 description: Custom iSCSI Initiator Name. If initiatorName 24618 is specified with iscsiInterface simultaneously, new iSCSI 24619 interface <target portal>:<volume name> will be created 24620 for the connection. 24621 type: string 24622 iqn: 24623 description: Target iSCSI Qualified Name. 24624 type: string 24625 iscsiInterface: 24626 description: iSCSI Interface Name that uses an iSCSI transport. 24627 Defaults to 'default' (tcp). 24628 type: string 24629 lun: 24630 description: iSCSI Target Lun number. 24631 format: int32 24632 type: integer 24633 portals: 24634 description: iSCSI Target Portal List. The portal is either 24635 an IP or ip_addr:port if the port is other than default 24636 (typically TCP ports 860 and 3260). 24637 items: 24638 type: string 24639 type: array 24640 readOnly: 24641 description: ReadOnly here will force the ReadOnly setting 24642 in VolumeMounts. Defaults to false. 24643 type: boolean 24644 secretRef: 24645 description: CHAP Secret for iSCSI target and initiator 24646 authentication 24647 properties: 24648 name: 24649 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24650 TODO: Add other useful fields. apiVersion, kind, uid?' 24651 type: string 24652 type: object 24653 targetPortal: 24654 description: iSCSI Target Portal. The Portal is either an 24655 IP or ip_addr:port if the port is other than default (typically 24656 TCP ports 860 and 3260). 24657 type: string 24658 required: 24659 - iqn 24660 - lun 24661 - targetPortal 24662 type: object 24663 name: 24664 description: 'Volume''s name. Must be a DNS_LABEL and unique 24665 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 24666 type: string 24667 nfs: 24668 description: 'NFS represents an NFS mount on the host that shares 24669 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 24670 properties: 24671 path: 24672 description: 'Path that is exported by the NFS server. More 24673 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 24674 type: string 24675 readOnly: 24676 description: 'ReadOnly here will force the NFS export to 24677 be mounted with read-only permissions. Defaults to false. 24678 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 24679 type: boolean 24680 server: 24681 description: 'Server is the hostname or IP address of the 24682 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 24683 type: string 24684 required: 24685 - path 24686 - server 24687 type: object 24688 persistentVolumeClaim: 24689 description: 'PersistentVolumeClaimVolumeSource represents a 24690 reference to a PersistentVolumeClaim in the same namespace. 24691 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 24692 properties: 24693 claimName: 24694 description: 'ClaimName is the name of a PersistentVolumeClaim 24695 in the same namespace as the pod using this volume. More 24696 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 24697 type: string 24698 readOnly: 24699 description: Will force the ReadOnly setting in VolumeMounts. 24700 Default false. 24701 type: boolean 24702 required: 24703 - claimName 24704 type: object 24705 photonPersistentDisk: 24706 description: PhotonPersistentDisk represents a PhotonController 24707 persistent disk attached and mounted on kubelets host machine 24708 properties: 24709 fsType: 24710 description: Filesystem type to mount. Must be a filesystem 24711 type supported by the host operating system. Ex. "ext4", 24712 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 24713 type: string 24714 pdID: 24715 description: ID that identifies Photon Controller persistent 24716 disk 24717 type: string 24718 required: 24719 - pdID 24720 type: object 24721 portworxVolume: 24722 description: PortworxVolume represents a portworx volume attached 24723 and mounted on kubelets host machine 24724 properties: 24725 fsType: 24726 description: FSType represents the filesystem type to mount 24727 Must be a filesystem type supported by the host operating 24728 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 24729 if unspecified. 24730 type: string 24731 readOnly: 24732 description: Defaults to false (read/write). ReadOnly here 24733 will force the ReadOnly setting in VolumeMounts. 24734 type: boolean 24735 volumeID: 24736 description: VolumeID uniquely identifies a Portworx volume 24737 type: string 24738 required: 24739 - volumeID 24740 type: object 24741 projected: 24742 description: Items for all in one resources secrets, configmaps, 24743 and downward API 24744 properties: 24745 defaultMode: 24746 description: Mode bits used to set permissions on created 24747 files by default. Must be an octal value between 0000 24748 and 0777 or a decimal value between 0 and 511. YAML accepts 24749 both octal and decimal values, JSON requires decimal values 24750 for mode bits. Directories within the path are not affected 24751 by this setting. This might be in conflict with other 24752 options that affect the file mode, like fsGroup, and the 24753 result can be other mode bits set. 24754 format: int32 24755 type: integer 24756 sources: 24757 description: list of volume projections 24758 items: 24759 description: Projection that may be projected along with 24760 other supported volume types 24761 properties: 24762 configMap: 24763 description: information about the configMap data 24764 to project 24765 properties: 24766 items: 24767 description: If unspecified, each key-value pair 24768 in the Data field of the referenced ConfigMap 24769 will be projected into the volume as a file 24770 whose name is the key and content is the value. 24771 If specified, the listed keys will be projected 24772 into the specified paths, and unlisted keys 24773 will not be present. If a key is specified which 24774 is not present in the ConfigMap, the volume 24775 setup will error unless it is marked optional. 24776 Paths must be relative and may not contain the 24777 '..' path or start with '..'. 24778 items: 24779 description: Maps a string key to a path within 24780 a volume. 24781 properties: 24782 key: 24783 description: The key to project. 24784 type: string 24785 mode: 24786 description: 'Optional: mode bits used to 24787 set permissions on this file. Must be 24788 an octal value between 0000 and 0777 or 24789 a decimal value between 0 and 511. YAML 24790 accepts both octal and decimal values, 24791 JSON requires decimal values for mode 24792 bits. If not specified, the volume defaultMode 24793 will be used. This might be in conflict 24794 with other options that affect the file 24795 mode, like fsGroup, and the result can 24796 be other mode bits set.' 24797 format: int32 24798 type: integer 24799 path: 24800 description: The relative path of the file 24801 to map the key to. May not be an absolute 24802 path. May not contain the path element 24803 '..'. May not start with the string '..'. 24804 type: string 24805 required: 24806 - key 24807 - path 24808 type: object 24809 type: array 24810 name: 24811 description: 'Name of the referent. More info: 24812 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24813 TODO: Add other useful fields. apiVersion, kind, 24814 uid?' 24815 type: string 24816 optional: 24817 description: Specify whether the ConfigMap or 24818 its keys must be defined 24819 type: boolean 24820 type: object 24821 downwardAPI: 24822 description: information about the downwardAPI data 24823 to project 24824 properties: 24825 items: 24826 description: Items is a list of DownwardAPIVolume 24827 file 24828 items: 24829 description: DownwardAPIVolumeFile represents 24830 information to create the file containing 24831 the pod field 24832 properties: 24833 fieldRef: 24834 description: 'Required: Selects a field 24835 of the pod: only annotations, labels, 24836 name and namespace are supported.' 24837 properties: 24838 apiVersion: 24839 description: Version of the schema the 24840 FieldPath is written in terms of, 24841 defaults to "v1". 24842 type: string 24843 fieldPath: 24844 description: Path of the field to select 24845 in the specified API version. 24846 type: string 24847 required: 24848 - fieldPath 24849 type: object 24850 mode: 24851 description: 'Optional: mode bits used to 24852 set permissions on this file, must be 24853 an octal value between 0000 and 0777 or 24854 a decimal value between 0 and 511. YAML 24855 accepts both octal and decimal values, 24856 JSON requires decimal values for mode 24857 bits. If not specified, the volume defaultMode 24858 will be used. This might be in conflict 24859 with other options that affect the file 24860 mode, like fsGroup, and the result can 24861 be other mode bits set.' 24862 format: int32 24863 type: integer 24864 path: 24865 description: 'Required: Path is the relative 24866 path name of the file to be created. Must 24867 not be absolute or contain the ''..'' 24868 path. Must be utf-8 encoded. The first 24869 item of the relative path must not start 24870 with ''..''' 24871 type: string 24872 resourceFieldRef: 24873 description: 'Selects a resource of the 24874 container: only resources limits and requests 24875 (limits.cpu, limits.memory, requests.cpu 24876 and requests.memory) are currently supported.' 24877 properties: 24878 containerName: 24879 description: 'Container name: required 24880 for volumes, optional for env vars' 24881 type: string 24882 divisor: 24883 anyOf: 24884 - type: integer 24885 - type: string 24886 description: Specifies the output format 24887 of the exposed resources, defaults 24888 to "1" 24889 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24890 x-kubernetes-int-or-string: true 24891 resource: 24892 description: 'Required: resource to 24893 select' 24894 type: string 24895 required: 24896 - resource 24897 type: object 24898 required: 24899 - path 24900 type: object 24901 type: array 24902 type: object 24903 secret: 24904 description: information about the secret data to 24905 project 24906 properties: 24907 items: 24908 description: If unspecified, each key-value pair 24909 in the Data field of the referenced Secret will 24910 be projected into the volume as a file whose 24911 name is the key and content is the value. If 24912 specified, the listed keys will be projected 24913 into the specified paths, and unlisted keys 24914 will not be present. If a key is specified which 24915 is not present in the Secret, the volume setup 24916 will error unless it is marked optional. Paths 24917 must be relative and may not contain the '..' 24918 path or start with '..'. 24919 items: 24920 description: Maps a string key to a path within 24921 a volume. 24922 properties: 24923 key: 24924 description: The key to project. 24925 type: string 24926 mode: 24927 description: 'Optional: mode bits used to 24928 set permissions on this file. Must be 24929 an octal value between 0000 and 0777 or 24930 a decimal value between 0 and 511. YAML 24931 accepts both octal and decimal values, 24932 JSON requires decimal values for mode 24933 bits. If not specified, the volume defaultMode 24934 will be used. This might be in conflict 24935 with other options that affect the file 24936 mode, like fsGroup, and the result can 24937 be other mode bits set.' 24938 format: int32 24939 type: integer 24940 path: 24941 description: The relative path of the file 24942 to map the key to. May not be an absolute 24943 path. May not contain the path element 24944 '..'. May not start with the string '..'. 24945 type: string 24946 required: 24947 - key 24948 - path 24949 type: object 24950 type: array 24951 name: 24952 description: 'Name of the referent. More info: 24953 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24954 TODO: Add other useful fields. apiVersion, kind, 24955 uid?' 24956 type: string 24957 optional: 24958 description: Specify whether the Secret or its 24959 key must be defined 24960 type: boolean 24961 type: object 24962 serviceAccountToken: 24963 description: information about the serviceAccountToken 24964 data to project 24965 properties: 24966 audience: 24967 description: Audience is the intended audience 24968 of the token. A recipient of a token must identify 24969 itself with an identifier specified in the audience 24970 of the token, and otherwise should reject the 24971 token. The audience defaults to the identifier 24972 of the apiserver. 24973 type: string 24974 expirationSeconds: 24975 description: ExpirationSeconds is the requested 24976 duration of validity of the service account 24977 token. As the token approaches expiration, the 24978 kubelet volume plugin will proactively rotate 24979 the service account token. The kubelet will 24980 start trying to rotate the token if the token 24981 is older than 80 percent of its time to live 24982 or if the token is older than 24 hours.Defaults 24983 to 1 hour and must be at least 10 minutes. 24984 format: int64 24985 type: integer 24986 path: 24987 description: Path is the path relative to the 24988 mount point of the file to project the token 24989 into. 24990 type: string 24991 required: 24992 - path 24993 type: object 24994 type: object 24995 type: array 24996 type: object 24997 quobyte: 24998 description: Quobyte represents a Quobyte mount on the host 24999 that shares a pod's lifetime 25000 properties: 25001 group: 25002 description: Group to map volume access to Default is no 25003 group 25004 type: string 25005 readOnly: 25006 description: ReadOnly here will force the Quobyte volume 25007 to be mounted with read-only permissions. Defaults to 25008 false. 25009 type: boolean 25010 registry: 25011 description: Registry represents a single or multiple Quobyte 25012 Registry services specified as a string as host:port pair 25013 (multiple entries are separated with commas) which acts 25014 as the central registry for volumes 25015 type: string 25016 tenant: 25017 description: Tenant owning the given Quobyte volume in the 25018 Backend Used with dynamically provisioned Quobyte volumes, 25019 value is set by the plugin 25020 type: string 25021 user: 25022 description: User to map volume access to Defaults to serivceaccount 25023 user 25024 type: string 25025 volume: 25026 description: Volume is a string that references an already 25027 created Quobyte volume by name. 25028 type: string 25029 required: 25030 - registry 25031 - volume 25032 type: object 25033 rbd: 25034 description: 'RBD represents a Rados Block Device mount on the 25035 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 25036 properties: 25037 fsType: 25038 description: 'Filesystem type of the volume that you want 25039 to mount. Tip: Ensure that the filesystem type is supported 25040 by the host operating system. Examples: "ext4", "xfs", 25041 "ntfs". Implicitly inferred to be "ext4" if unspecified. 25042 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 25043 TODO: how do we prevent errors in the filesystem from 25044 compromising the machine' 25045 type: string 25046 image: 25047 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25048 type: string 25049 keyring: 25050 description: 'Keyring is the path to key ring for RBDUser. 25051 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25052 type: string 25053 monitors: 25054 description: 'A collection of Ceph monitors. More info: 25055 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25056 items: 25057 type: string 25058 type: array 25059 pool: 25060 description: 'The rados pool name. Default is rbd. More 25061 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25062 type: string 25063 readOnly: 25064 description: 'ReadOnly here will force the ReadOnly setting 25065 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25066 type: boolean 25067 secretRef: 25068 description: 'SecretRef is name of the authentication secret 25069 for RBDUser. If provided overrides keyring. Default is 25070 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25071 properties: 25072 name: 25073 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25074 TODO: Add other useful fields. apiVersion, kind, uid?' 25075 type: string 25076 type: object 25077 user: 25078 description: 'The rados user name. Default is admin. More 25079 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 25080 type: string 25081 required: 25082 - image 25083 - monitors 25084 type: object 25085 scaleIO: 25086 description: ScaleIO represents a ScaleIO persistent volume 25087 attached and mounted on Kubernetes nodes. 25088 properties: 25089 fsType: 25090 description: Filesystem type to mount. Must be a filesystem 25091 type supported by the host operating system. Ex. "ext4", 25092 "xfs", "ntfs". Default is "xfs". 25093 type: string 25094 gateway: 25095 description: The host address of the ScaleIO API Gateway. 25096 type: string 25097 protectionDomain: 25098 description: The name of the ScaleIO Protection Domain for 25099 the configured storage. 25100 type: string 25101 readOnly: 25102 description: Defaults to false (read/write). ReadOnly here 25103 will force the ReadOnly setting in VolumeMounts. 25104 type: boolean 25105 secretRef: 25106 description: SecretRef references to the secret for ScaleIO 25107 user and other sensitive information. If this is not provided, 25108 Login operation will fail. 25109 properties: 25110 name: 25111 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25112 TODO: Add other useful fields. apiVersion, kind, uid?' 25113 type: string 25114 type: object 25115 sslEnabled: 25116 description: Flag to enable/disable SSL communication with 25117 Gateway, default false 25118 type: boolean 25119 storageMode: 25120 description: Indicates whether the storage for a volume 25121 should be ThickProvisioned or ThinProvisioned. Default 25122 is ThinProvisioned. 25123 type: string 25124 storagePool: 25125 description: The ScaleIO Storage Pool associated with the 25126 protection domain. 25127 type: string 25128 system: 25129 description: The name of the storage system as configured 25130 in ScaleIO. 25131 type: string 25132 volumeName: 25133 description: The name of a volume already created in the 25134 ScaleIO system that is associated with this volume source. 25135 type: string 25136 required: 25137 - gateway 25138 - secretRef 25139 - system 25140 type: object 25141 secret: 25142 description: 'Secret represents a secret that should populate 25143 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 25144 properties: 25145 defaultMode: 25146 description: 'Optional: mode bits used to set permissions 25147 on created files by default. Must be an octal value between 25148 0000 and 0777 or a decimal value between 0 and 511. YAML 25149 accepts both octal and decimal values, JSON requires decimal 25150 values for mode bits. Defaults to 0644. Directories within 25151 the path are not affected by this setting. This might 25152 be in conflict with other options that affect the file 25153 mode, like fsGroup, and the result can be other mode bits 25154 set.' 25155 format: int32 25156 type: integer 25157 items: 25158 description: If unspecified, each key-value pair in the 25159 Data field of the referenced Secret will be projected 25160 into the volume as a file whose name is the key and content 25161 is the value. If specified, the listed keys will be projected 25162 into the specified paths, and unlisted keys will not be 25163 present. If a key is specified which is not present in 25164 the Secret, the volume setup will error unless it is marked 25165 optional. Paths must be relative and may not contain the 25166 '..' path or start with '..'. 25167 items: 25168 description: Maps a string key to a path within a volume. 25169 properties: 25170 key: 25171 description: The key to project. 25172 type: string 25173 mode: 25174 description: 'Optional: mode bits used to set permissions 25175 on this file. Must be an octal value between 0000 25176 and 0777 or a decimal value between 0 and 511. YAML 25177 accepts both octal and decimal values, JSON requires 25178 decimal values for mode bits. If not specified, 25179 the volume defaultMode will be used. This might 25180 be in conflict with other options that affect the 25181 file mode, like fsGroup, and the result can be other 25182 mode bits set.' 25183 format: int32 25184 type: integer 25185 path: 25186 description: The relative path of the file to map 25187 the key to. May not be an absolute path. May not 25188 contain the path element '..'. May not start with 25189 the string '..'. 25190 type: string 25191 required: 25192 - key 25193 - path 25194 type: object 25195 type: array 25196 optional: 25197 description: Specify whether the Secret or its keys must 25198 be defined 25199 type: boolean 25200 secretName: 25201 description: 'Name of the secret in the pod''s namespace 25202 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 25203 type: string 25204 type: object 25205 storageos: 25206 description: StorageOS represents a StorageOS volume attached 25207 and mounted on Kubernetes nodes. 25208 properties: 25209 fsType: 25210 description: Filesystem type to mount. Must be a filesystem 25211 type supported by the host operating system. Ex. "ext4", 25212 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 25213 type: string 25214 readOnly: 25215 description: Defaults to false (read/write). ReadOnly here 25216 will force the ReadOnly setting in VolumeMounts. 25217 type: boolean 25218 secretRef: 25219 description: SecretRef specifies the secret to use for obtaining 25220 the StorageOS API credentials. If not specified, default 25221 values will be attempted. 25222 properties: 25223 name: 25224 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25225 TODO: Add other useful fields. apiVersion, kind, uid?' 25226 type: string 25227 type: object 25228 volumeName: 25229 description: VolumeName is the human-readable name of the 25230 StorageOS volume. Volume names are only unique within 25231 a namespace. 25232 type: string 25233 volumeNamespace: 25234 description: VolumeNamespace specifies the scope of the 25235 volume within StorageOS. If no namespace is specified 25236 then the Pod's namespace will be used. This allows the 25237 Kubernetes name scoping to be mirrored within StorageOS 25238 for tighter integration. Set VolumeName to any name to 25239 override the default behaviour. Set to "default" if you 25240 are not using namespaces within StorageOS. Namespaces 25241 that do not pre-exist within StorageOS will be created. 25242 type: string 25243 type: object 25244 vsphereVolume: 25245 description: VsphereVolume represents a vSphere volume attached 25246 and mounted on kubelets host machine 25247 properties: 25248 fsType: 25249 description: Filesystem type to mount. Must be a filesystem 25250 type supported by the host operating system. Ex. "ext4", 25251 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 25252 type: string 25253 storagePolicyID: 25254 description: Storage Policy Based Management (SPBM) profile 25255 ID associated with the StoragePolicyName. 25256 type: string 25257 storagePolicyName: 25258 description: Storage Policy Based Management (SPBM) profile 25259 name. 25260 type: string 25261 volumePath: 25262 description: Path that identifies vSphere volume vmdk 25263 type: string 25264 required: 25265 - volumePath 25266 type: object 25267 required: 25268 - name 25269 type: object 25270 type: array 25271 type: object 25272 status: 25273 description: 'Most recent observed status of the ThanosRuler cluster. 25274 Read-only. Not included when requesting from the apiserver, only from 25275 the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 25276 properties: 25277 availableReplicas: 25278 description: Total number of available pods (ready for at least minReadySeconds) 25279 targeted by this ThanosRuler deployment. 25280 format: int32 25281 type: integer 25282 paused: 25283 description: Represents whether any actions on the underlying managed 25284 objects are being performed. Only delete actions will be performed. 25285 type: boolean 25286 replicas: 25287 description: Total number of non-terminated pods targeted by this 25288 ThanosRuler deployment (their labels match the selector). 25289 format: int32 25290 type: integer 25291 unavailableReplicas: 25292 description: Total number of unavailable pods targeted by this ThanosRuler 25293 deployment. 25294 format: int32 25295 type: integer 25296 updatedReplicas: 25297 description: Total number of non-terminated pods targeted by this 25298 ThanosRuler deployment that have the desired version spec. 25299 format: int32 25300 type: integer 25301 required: 25302 - availableReplicas 25303 - paused 25304 - replicas 25305 - unavailableReplicas 25306 - updatedReplicas 25307 type: object 25308 required: 25309 - spec 25310 type: object 25311 served: true 25312 storage: true 25313 status: 25314 acceptedNames: 25315 kind: "" 25316 plural: "" 25317 conditions: [] 25318 storedVersions: []