github.com/eth-easl/loader@v0.0.0-20230908084258-8a37e1d94279/config/vhive/loader_serving_core.yaml (about) 1 # Copyright 2018 The Knative Authors 2 # 3 # Licensed under the Apache License, Version 2.0 (the "License"); 4 # you may not use this file except in compliance with the License. 5 # You may obtain a copy of the License at 6 # 7 # https://www.apache.org/licenses/LICENSE-2.0 8 # 9 # Unless required by applicable law or agreed to in writing, software 10 # distributed under the License is distributed on an "AS IS" BASIS, 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 # See the License for the specific language governing permissions and 13 # limitations under the License. 14 15 apiVersion: v1 16 kind: Namespace 17 metadata: 18 name: knative-serving 19 labels: 20 app.kubernetes.io/name: knative-serving 21 app.kubernetes.io/version: "1.3.0" 22 serving.knative.dev/release: "v1.3.0" 23 24 --- 25 # Copyright 2019 The Knative Authors 26 # 27 # Licensed under the Apache License, Version 2.0 (the "License"); 28 # you may not use this file except in compliance with the License. 29 # You may obtain a copy of the License at 30 # 31 # https://www.apache.org/licenses/LICENSE-2.0 32 # 33 # Unless required by applicable law or agreed to in writing, software 34 # distributed under the License is distributed on an "AS IS" BASIS, 35 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 36 # See the License for the specific language governing permissions and 37 # limitations under the License. 38 39 # Use this aggregated ClusterRole when you need readonly access to "Addressables" 40 apiVersion: rbac.authorization.k8s.io/v1 41 kind: ClusterRole 42 metadata: 43 # Named like this to avoid clashing with eventing's existing `addressable-resolver` role 44 # (which should be identical, but isn't guaranteed to be installed alongside serving). 45 name: knative-serving-aggregated-addressable-resolver 46 labels: 47 serving.knative.dev/release: "v1.3.0" 48 app.kubernetes.io/version: "1.3.0" 49 app.kubernetes.io/name: knative-serving 50 aggregationRule: 51 clusterRoleSelectors: 52 - matchLabels: 53 duck.knative.dev/addressable: "true" 54 --- 55 kind: ClusterRole 56 apiVersion: rbac.authorization.k8s.io/v1 57 metadata: 58 name: knative-serving-addressable-resolver 59 labels: 60 serving.knative.dev/release: "v1.3.0" 61 app.kubernetes.io/version: "1.3.0" 62 app.kubernetes.io/name: knative-serving 63 # Labeled to facilitate aggregated cluster roles that act on Addressables. 64 duck.knative.dev/addressable: "true" 65 # Do not use this role directly. These rules will be added to the "addressable-resolver" role. 66 rules: 67 - apiGroups: 68 - serving.knative.dev 69 resources: 70 - routes 71 - routes/status 72 - services 73 - services/status 74 verbs: 75 - get 76 - list 77 - watch 78 79 --- 80 # Copyright 2019 The Knative Authors 81 # 82 # Licensed under the Apache License, Version 2.0 (the "License"); 83 # you may not use this file except in compliance with the License. 84 # You may obtain a copy of the License at 85 # 86 # https://www.apache.org/licenses/LICENSE-2.0 87 # 88 # Unless required by applicable law or agreed to in writing, software 89 # distributed under the License is distributed on an "AS IS" BASIS, 90 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 91 # See the License for the specific language governing permissions and 92 # limitations under the License. 93 94 kind: ClusterRole 95 apiVersion: rbac.authorization.k8s.io/v1 96 metadata: 97 name: knative-serving-namespaced-admin 98 labels: 99 rbac.authorization.k8s.io/aggregate-to-admin: "true" 100 serving.knative.dev/release: "v1.3.0" 101 app.kubernetes.io/version: "1.3.0" 102 app.kubernetes.io/name: knative-serving 103 rules: 104 - apiGroups: ["serving.knative.dev"] 105 resources: ["*"] 106 verbs: ["*"] 107 - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] 108 resources: ["*"] 109 verbs: ["get", "list", "watch"] 110 --- 111 kind: ClusterRole 112 apiVersion: rbac.authorization.k8s.io/v1 113 metadata: 114 name: knative-serving-namespaced-edit 115 labels: 116 rbac.authorization.k8s.io/aggregate-to-edit: "true" 117 serving.knative.dev/release: "v1.3.0" 118 app.kubernetes.io/version: "1.3.0" 119 app.kubernetes.io/name: knative-serving 120 rules: 121 - apiGroups: ["serving.knative.dev"] 122 resources: ["*"] 123 verbs: ["create", "update", "patch", "delete"] 124 - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] 125 resources: ["*"] 126 verbs: ["get", "list", "watch"] 127 --- 128 kind: ClusterRole 129 apiVersion: rbac.authorization.k8s.io/v1 130 metadata: 131 name: knative-serving-namespaced-view 132 labels: 133 rbac.authorization.k8s.io/aggregate-to-view: "true" 134 serving.knative.dev/release: "v1.3.0" 135 app.kubernetes.io/version: "1.3.0" 136 app.kubernetes.io/name: knative-serving 137 rules: 138 - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] 139 resources: ["*"] 140 verbs: ["get", "list", "watch"] 141 142 --- 143 # Copyright 2019 The Knative Authors 144 # 145 # Licensed under the Apache License, Version 2.0 (the "License"); 146 # you may not use this file except in compliance with the License. 147 # You may obtain a copy of the License at 148 # 149 # https://www.apache.org/licenses/LICENSE-2.0 150 # 151 # Unless required by applicable law or agreed to in writing, software 152 # distributed under the License is distributed on an "AS IS" BASIS, 153 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 154 # See the License for the specific language governing permissions and 155 # limitations under the License. 156 157 kind: ClusterRole 158 apiVersion: rbac.authorization.k8s.io/v1 159 metadata: 160 name: knative-serving-core 161 labels: 162 serving.knative.dev/controller: "true" 163 serving.knative.dev/release: "v1.3.0" 164 app.kubernetes.io/version: "1.3.0" 165 app.kubernetes.io/name: knative-serving 166 rules: 167 - apiGroups: [""] 168 resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] 169 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 170 - apiGroups: [""] 171 resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission 172 verbs: ["create"] 173 - apiGroups: [""] 174 resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook 175 verbs: ["update"] 176 - apiGroups: ["apps"] 177 resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook 178 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 179 - apiGroups: ["admissionregistration.k8s.io"] 180 resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] 181 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 182 - apiGroups: ["apiextensions.k8s.io"] 183 resources: ["customresourcedefinitions", "customresourcedefinitions/status"] 184 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 185 - apiGroups: ["autoscaling"] 186 resources: ["horizontalpodautoscalers"] 187 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 188 - apiGroups: ["coordination.k8s.io"] 189 resources: ["leases"] 190 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 191 - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] 192 resources: ["*", "*/status", "*/finalizers"] 193 verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] 194 - apiGroups: ["caching.internal.knative.dev"] 195 resources: ["images"] 196 verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] 197 198 --- 199 # Copyright 2019 The Knative Authors 200 # 201 # Licensed under the Apache License, Version 2.0 (the "License"); 202 # you may not use this file except in compliance with the License. 203 # You may obtain a copy of the License at 204 # 205 # https://www.apache.org/licenses/LICENSE-2.0 206 # 207 # Unless required by applicable law or agreed to in writing, software 208 # distributed under the License is distributed on an "AS IS" BASIS, 209 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 210 # See the License for the specific language governing permissions and 211 # limitations under the License. 212 213 kind: ClusterRole 214 apiVersion: rbac.authorization.k8s.io/v1 215 metadata: 216 name: knative-serving-podspecable-binding 217 labels: 218 serving.knative.dev/release: "v1.3.0" 219 app.kubernetes.io/version: "1.3.0" 220 app.kubernetes.io/name: knative-serving 221 # Labeled to facilitate aggregated cluster roles that act on PodSpecables. 222 duck.knative.dev/podspecable: "true" 223 # Do not use this role directly. These rules will be added to the "podspecable-binder" role. 224 rules: 225 - apiGroups: 226 - serving.knative.dev 227 resources: 228 - configurations 229 - services 230 verbs: 231 - list 232 - watch 233 - patch 234 235 --- 236 # Copyright 2018 The Knative Authors 237 # 238 # Licensed under the Apache License, Version 2.0 (the "License"); 239 # you may not use this file except in compliance with the License. 240 # You may obtain a copy of the License at 241 # 242 # https://www.apache.org/licenses/LICENSE-2.0 243 # 244 # Unless required by applicable law or agreed to in writing, software 245 # distributed under the License is distributed on an "AS IS" BASIS, 246 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 247 # See the License for the specific language governing permissions and 248 # limitations under the License. 249 250 apiVersion: v1 251 kind: ServiceAccount 252 metadata: 253 name: controller 254 namespace: knative-serving 255 labels: 256 app.kubernetes.io/component: controller 257 app.kubernetes.io/name: knative-serving 258 app.kubernetes.io/version: "1.3.0" 259 serving.knative.dev/release: "v1.3.0" 260 --- 261 kind: ClusterRole 262 apiVersion: rbac.authorization.k8s.io/v1 263 metadata: 264 name: knative-serving-admin 265 labels: 266 app.kubernetes.io/name: knative-serving 267 app.kubernetes.io/version: "1.3.0" 268 serving.knative.dev/release: "v1.3.0" 269 aggregationRule: 270 clusterRoleSelectors: 271 - matchLabels: 272 serving.knative.dev/controller: "true" 273 --- 274 apiVersion: rbac.authorization.k8s.io/v1 275 kind: ClusterRoleBinding 276 metadata: 277 name: knative-serving-controller-admin 278 labels: 279 app.kubernetes.io/component: controller 280 app.kubernetes.io/name: knative-serving 281 app.kubernetes.io/version: "1.3.0" 282 serving.knative.dev/release: "v1.3.0" 283 subjects: 284 - kind: ServiceAccount 285 name: controller 286 namespace: knative-serving 287 roleRef: 288 kind: ClusterRole 289 name: knative-serving-admin 290 apiGroup: rbac.authorization.k8s.io 291 --- 292 apiVersion: rbac.authorization.k8s.io/v1 293 kind: ClusterRoleBinding 294 metadata: 295 name: knative-serving-controller-addressable-resolver 296 labels: 297 app.kubernetes.io/component: controller 298 app.kubernetes.io/name: knative-serving 299 app.kubernetes.io/version: "1.3.0" 300 serving.knative.dev/release: "v1.3.0" 301 subjects: 302 - kind: ServiceAccount 303 name: controller 304 namespace: knative-serving 305 roleRef: 306 kind: ClusterRole 307 name: knative-serving-aggregated-addressable-resolver 308 apiGroup: rbac.authorization.k8s.io 309 310 --- 311 # Copyright 2018 The Knative Authors 312 # 313 # Licensed under the Apache License, Version 2.0 (the "License"); 314 # you may not use this file except in compliance with the License. 315 # You may obtain a copy of the License at 316 # 317 # https://www.apache.org/licenses/LICENSE-2.0 318 # 319 # Unless required by applicable law or agreed to in writing, software 320 # distributed under the License is distributed on an "AS IS" BASIS, 321 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 322 # See the License for the specific language governing permissions and 323 # limitations under the License. 324 325 apiVersion: apiextensions.k8s.io/v1 326 kind: CustomResourceDefinition 327 metadata: 328 name: images.caching.internal.knative.dev 329 labels: 330 app.kubernetes.io/name: knative-serving 331 app.kubernetes.io/version: "1.3.0" 332 knative.dev/crd-install: "true" 333 spec: 334 group: caching.internal.knative.dev 335 names: 336 kind: Image 337 plural: images 338 singular: image 339 categories: 340 - knative-internal 341 - caching 342 shortNames: 343 - img 344 scope: Namespaced 345 versions: 346 - name: v1alpha1 347 served: true 348 storage: true 349 subresources: 350 status: {} 351 schema: 352 openAPIV3Schema: 353 type: object 354 # this is a work around so we don't need to flush out the 355 # schema for each version at this time 356 # 357 # see issue: https://github.com/knative/serving/issues/912 358 x-kubernetes-preserve-unknown-fields: true 359 additionalPrinterColumns: 360 - name: Image 361 type: string 362 jsonPath: .spec.image 363 364 --- 365 # Copyright 2020 The Knative Authors 366 # 367 # Licensed under the Apache License, Version 2.0 (the "License"); 368 # you may not use this file except in compliance with the License. 369 # You may obtain a copy of the License at 370 # 371 # https://www.apache.org/licenses/LICENSE-2.0 372 # 373 # Unless required by applicable law or agreed to in writing, software 374 # distributed under the License is distributed on an "AS IS" BASIS, 375 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 376 # See the License for the specific language governing permissions and 377 # limitations under the License. 378 379 apiVersion: apiextensions.k8s.io/v1 380 kind: CustomResourceDefinition 381 metadata: 382 name: certificates.networking.internal.knative.dev 383 labels: 384 app.kubernetes.io/name: knative-serving 385 app.kubernetes.io/version: "1.3.0" 386 serving.knative.dev/release: "v1.3.0" 387 knative.dev/crd-install: "true" 388 spec: 389 group: networking.internal.knative.dev 390 versions: 391 - name: v1alpha1 392 served: true 393 storage: true 394 subresources: 395 status: {} 396 schema: 397 openAPIV3Schema: 398 type: object 399 # this is a work around so we don't need to flush out the 400 # schema for each version at this time 401 # 402 # see issue: https://github.com/knative/serving/issues/912 403 x-kubernetes-preserve-unknown-fields: true 404 additionalPrinterColumns: 405 - name: Ready 406 type: string 407 jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" 408 - name: Reason 409 type: string 410 jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" 411 names: 412 kind: Certificate 413 plural: certificates 414 singular: certificate 415 categories: 416 - knative-internal 417 - networking 418 shortNames: 419 - kcert 420 scope: Namespaced 421 422 --- 423 # Copyright 2019 The Knative Authors 424 # 425 # Licensed under the Apache License, Version 2.0 (the "License"); 426 # you may not use this file except in compliance with the License. 427 # You may obtain a copy of the License at 428 # 429 # https://www.apache.org/licenses/LICENSE-2.0 430 # 431 # Unless required by applicable law or agreed to in writing, software 432 # distributed under the License is distributed on an "AS IS" BASIS, 433 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 434 # See the License for the specific language governing permissions and 435 # limitations under the License. 436 437 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 438 439 apiVersion: apiextensions.k8s.io/v1 440 kind: CustomResourceDefinition 441 metadata: 442 name: configurations.serving.knative.dev 443 labels: 444 app.kubernetes.io/name: knative-serving 445 app.kubernetes.io/version: "1.3.0" 446 serving.knative.dev/release: "v1.3.0" 447 knative.dev/crd-install: "true" 448 duck.knative.dev/podspecable: "true" 449 spec: 450 group: serving.knative.dev 451 names: 452 kind: Configuration 453 plural: configurations 454 singular: configuration 455 categories: 456 - all 457 - knative 458 - serving 459 shortNames: 460 - config 461 - cfg 462 scope: Namespaced 463 versions: 464 - name: v1 465 served: true 466 storage: true 467 subresources: 468 status: {} 469 additionalPrinterColumns: 470 - name: LatestCreated 471 type: string 472 jsonPath: .status.latestCreatedRevisionName 473 - name: LatestReady 474 type: string 475 jsonPath: .status.latestReadyRevisionName 476 - name: Ready 477 type: string 478 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 479 - name: Reason 480 type: string 481 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 482 schema: 483 openAPIV3Schema: 484 description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' 485 type: object 486 properties: 487 apiVersion: 488 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 489 type: string 490 kind: 491 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 492 type: string 493 metadata: 494 type: object 495 spec: 496 description: ConfigurationSpec holds the desired state of the Configuration (from the client). 497 type: object 498 properties: 499 template: 500 description: Template holds the latest specification for the Revision to be stamped out. 501 type: object 502 properties: 503 metadata: 504 type: object 505 properties: 506 annotations: 507 type: object 508 additionalProperties: 509 type: string 510 finalizers: 511 type: array 512 items: 513 type: string 514 labels: 515 type: object 516 additionalProperties: 517 type: string 518 name: 519 type: string 520 namespace: 521 type: string 522 x-kubernetes-preserve-unknown-fields: true 523 spec: 524 description: RevisionSpec holds the desired state of the Revision (from the client). 525 type: object 526 required: 527 - containers 528 properties: 529 automountServiceAccountToken: 530 description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. 531 type: boolean 532 containerConcurrency: 533 description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 534 type: integer 535 format: int64 536 containers: 537 description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. 538 type: array 539 items: 540 description: A single application container that you want to run within a pod. 541 type: object 542 properties: 543 args: 544 description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 545 type: array 546 items: 547 type: string 548 command: 549 description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 550 type: array 551 items: 552 type: string 553 env: 554 description: List of environment variables to set in the container. Cannot be updated. 555 type: array 556 items: 557 description: EnvVar represents an environment variable present in a Container. 558 type: object 559 required: 560 - name 561 properties: 562 name: 563 description: Name of the environment variable. Must be a C_IDENTIFIER. 564 type: string 565 value: 566 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' 567 type: string 568 valueFrom: 569 description: Source for the environment variable's value. Cannot be used if value is not empty. 570 type: object 571 properties: 572 configMapKeyRef: 573 description: Selects a key of a ConfigMap. 574 type: object 575 required: 576 - key 577 properties: 578 key: 579 description: The key to select. 580 type: string 581 name: 582 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 583 type: string 584 optional: 585 description: Specify whether the ConfigMap or its key must be defined 586 type: boolean 587 secretKeyRef: 588 description: Selects a key of a secret in the pod's namespace 589 type: object 590 required: 591 - key 592 properties: 593 key: 594 description: The key of the secret to select from. Must be a valid secret key. 595 type: string 596 name: 597 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 598 type: string 599 optional: 600 description: Specify whether the Secret or its key must be defined 601 type: boolean 602 x-kubernetes-preserve-unknown-fields: true 603 envFrom: 604 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 605 type: array 606 items: 607 description: EnvFromSource represents the source of a set of ConfigMaps 608 type: object 609 properties: 610 configMapRef: 611 description: The ConfigMap to select from 612 type: object 613 properties: 614 name: 615 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 616 type: string 617 optional: 618 description: Specify whether the ConfigMap must be defined 619 type: boolean 620 prefix: 621 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 622 type: string 623 secretRef: 624 description: The Secret to select from 625 type: object 626 properties: 627 name: 628 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 629 type: string 630 optional: 631 description: Specify whether the Secret must be defined 632 type: boolean 633 image: 634 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' 635 type: string 636 imagePullPolicy: 637 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 638 type: string 639 livenessProbe: 640 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 641 type: object 642 properties: 643 exec: 644 description: One and only one of the following should be specified. Exec specifies the action to take. 645 type: object 646 properties: 647 command: 648 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 649 type: array 650 items: 651 type: string 652 failureThreshold: 653 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 654 type: integer 655 format: int32 656 httpGet: 657 description: HTTPGet specifies the http request to perform. 658 type: object 659 properties: 660 host: 661 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 662 type: string 663 httpHeaders: 664 description: Custom headers to set in the request. HTTP allows repeated headers. 665 type: array 666 items: 667 description: HTTPHeader describes a custom header to be used in HTTP probes 668 type: object 669 required: 670 - name 671 - value 672 properties: 673 name: 674 description: The header field name 675 type: string 676 value: 677 description: The header field value 678 type: string 679 path: 680 description: Path to access on the HTTP server. 681 type: string 682 scheme: 683 description: Scheme to use for connecting to the host. Defaults to HTTP. 684 type: string 685 x-kubernetes-preserve-unknown-fields: true 686 initialDelaySeconds: 687 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 688 type: integer 689 format: int32 690 periodSeconds: 691 description: How often (in seconds) to perform the probe. 692 type: integer 693 format: int32 694 successThreshold: 695 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 696 type: integer 697 format: int32 698 tcpSocket: 699 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 700 type: object 701 properties: 702 host: 703 description: 'Optional: Host name to connect to, defaults to the pod IP.' 704 type: string 705 x-kubernetes-preserve-unknown-fields: true 706 timeoutSeconds: 707 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 708 type: integer 709 format: int32 710 name: 711 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. 712 type: string 713 ports: 714 description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. 715 type: array 716 items: 717 description: ContainerPort represents a network port in a single container. 718 type: object 719 required: 720 - containerPort 721 properties: 722 containerPort: 723 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 724 type: integer 725 format: int32 726 name: 727 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. 728 type: string 729 protocol: 730 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". 731 type: string 732 default: TCP 733 x-kubernetes-preserve-unknown-fields: true 734 x-kubernetes-list-map-keys: 735 - containerPort 736 - protocol 737 x-kubernetes-list-type: map 738 readinessProbe: 739 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 740 type: object 741 properties: 742 exec: 743 description: One and only one of the following should be specified. Exec specifies the action to take. 744 type: object 745 properties: 746 command: 747 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 748 type: array 749 items: 750 type: string 751 failureThreshold: 752 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 753 type: integer 754 format: int32 755 httpGet: 756 description: HTTPGet specifies the http request to perform. 757 type: object 758 properties: 759 host: 760 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 761 type: string 762 httpHeaders: 763 description: Custom headers to set in the request. HTTP allows repeated headers. 764 type: array 765 items: 766 description: HTTPHeader describes a custom header to be used in HTTP probes 767 type: object 768 required: 769 - name 770 - value 771 properties: 772 name: 773 description: The header field name 774 type: string 775 value: 776 description: The header field value 777 type: string 778 path: 779 description: Path to access on the HTTP server. 780 type: string 781 scheme: 782 description: Scheme to use for connecting to the host. Defaults to HTTP. 783 type: string 784 x-kubernetes-preserve-unknown-fields: true 785 initialDelaySeconds: 786 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 787 type: integer 788 format: int32 789 periodSeconds: 790 description: How often (in seconds) to perform the probe. 791 type: integer 792 format: int32 793 successThreshold: 794 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 795 type: integer 796 format: int32 797 tcpSocket: 798 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 799 type: object 800 properties: 801 host: 802 description: 'Optional: Host name to connect to, defaults to the pod IP.' 803 type: string 804 x-kubernetes-preserve-unknown-fields: true 805 timeoutSeconds: 806 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 807 type: integer 808 format: int32 809 resources: 810 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 811 type: object 812 properties: 813 limits: 814 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 815 type: object 816 additionalProperties: 817 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 818 anyOf: 819 - type: integer 820 - type: string 821 x-kubernetes-int-or-string: true 822 requests: 823 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 824 type: object 825 additionalProperties: 826 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 827 anyOf: 828 - type: integer 829 - type: string 830 x-kubernetes-int-or-string: true 831 securityContext: 832 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 833 type: object 834 properties: 835 capabilities: 836 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. 837 type: object 838 properties: 839 drop: 840 description: Removed capabilities 841 type: array 842 items: 843 description: Capability represent POSIX capabilities type 844 type: string 845 x-kubernetes-preserve-unknown-fields: true 846 readOnlyRootFilesystem: 847 description: Whether this container has a read-only root filesystem. Default is false. 848 type: boolean 849 runAsUser: 850 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 851 type: integer 852 format: int64 853 x-kubernetes-preserve-unknown-fields: true 854 terminationMessagePath: 855 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 856 type: string 857 terminationMessagePolicy: 858 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 859 type: string 860 volumeMounts: 861 description: Pod volumes to mount into the container's filesystem. Cannot be updated. 862 type: array 863 items: 864 description: VolumeMount describes a mounting of a Volume within a container. 865 type: object 866 required: 867 - mountPath 868 - name 869 properties: 870 mountPath: 871 description: Path within the container at which the volume should be mounted. Must not contain ':'. 872 type: string 873 name: 874 description: This must match the Name of a Volume. 875 type: string 876 readOnly: 877 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 878 type: boolean 879 subPath: 880 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 881 type: string 882 workingDir: 883 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. 884 type: string 885 x-kubernetes-preserve-unknown-fields: true 886 enableServiceLinks: 887 description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.' 888 type: boolean 889 imagePullSecrets: 890 description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 891 type: array 892 items: 893 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. 894 type: object 895 properties: 896 name: 897 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 898 type: string 899 serviceAccountName: 900 description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 901 type: string 902 timeoutSeconds: 903 description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided. 904 type: integer 905 format: int64 906 volumes: 907 description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 908 type: array 909 items: 910 description: Volume represents a named volume in a pod that may be accessed by any container in the pod. 911 type: object 912 required: 913 - name 914 properties: 915 configMap: 916 description: ConfigMap represents a configMap that should populate this volume 917 type: object 918 properties: 919 defaultMode: 920 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 921 type: integer 922 format: int32 923 items: 924 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 925 type: array 926 items: 927 description: Maps a string key to a path within a volume. 928 type: object 929 required: 930 - key 931 - path 932 properties: 933 key: 934 description: The key to project. 935 type: string 936 mode: 937 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 938 type: integer 939 format: int32 940 path: 941 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 942 type: string 943 name: 944 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 945 type: string 946 optional: 947 description: Specify whether the ConfigMap or its keys must be defined 948 type: boolean 949 name: 950 description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 951 type: string 952 projected: 953 description: Items for all in one resources secrets, configmaps, and downward API 954 type: object 955 properties: 956 defaultMode: 957 description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 958 type: integer 959 format: int32 960 sources: 961 description: list of volume projections 962 type: array 963 items: 964 description: Projection that may be projected along with other supported volume types 965 type: object 966 properties: 967 configMap: 968 description: information about the configMap data to project 969 type: object 970 properties: 971 items: 972 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 973 type: array 974 items: 975 description: Maps a string key to a path within a volume. 976 type: object 977 required: 978 - key 979 - path 980 properties: 981 key: 982 description: The key to project. 983 type: string 984 mode: 985 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 986 type: integer 987 format: int32 988 path: 989 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 990 type: string 991 name: 992 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 993 type: string 994 optional: 995 description: Specify whether the ConfigMap or its keys must be defined 996 type: boolean 997 secret: 998 description: information about the secret data to project 999 type: object 1000 properties: 1001 items: 1002 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 1003 type: array 1004 items: 1005 description: Maps a string key to a path within a volume. 1006 type: object 1007 required: 1008 - key 1009 - path 1010 properties: 1011 key: 1012 description: The key to project. 1013 type: string 1014 mode: 1015 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 1016 type: integer 1017 format: int32 1018 path: 1019 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1020 type: string 1021 name: 1022 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1023 type: string 1024 optional: 1025 description: Specify whether the Secret or its key must be defined 1026 type: boolean 1027 serviceAccountToken: 1028 description: information about the serviceAccountToken data to project 1029 type: object 1030 required: 1031 - path 1032 properties: 1033 audience: 1034 description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. 1035 type: string 1036 expirationSeconds: 1037 description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. 1038 type: integer 1039 format: int64 1040 path: 1041 description: Path is the path relative to the mount point of the file to project the token into. 1042 type: string 1043 secret: 1044 description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 1045 type: object 1046 properties: 1047 defaultMode: 1048 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 1049 type: integer 1050 format: int32 1051 items: 1052 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 1053 type: array 1054 items: 1055 description: Maps a string key to a path within a volume. 1056 type: object 1057 required: 1058 - key 1059 - path 1060 properties: 1061 key: 1062 description: The key to project. 1063 type: string 1064 mode: 1065 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 1066 type: integer 1067 format: int32 1068 path: 1069 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1070 type: string 1071 optional: 1072 description: Specify whether the Secret or its keys must be defined 1073 type: boolean 1074 secretName: 1075 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 1076 type: string 1077 x-kubernetes-preserve-unknown-fields: true 1078 x-kubernetes-preserve-unknown-fields: true 1079 status: 1080 description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). 1081 type: object 1082 properties: 1083 annotations: 1084 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 1085 type: object 1086 additionalProperties: 1087 type: string 1088 conditions: 1089 description: Conditions the latest available observations of a resource's current state. 1090 type: array 1091 items: 1092 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 1093 type: object 1094 required: 1095 - status 1096 - type 1097 properties: 1098 lastTransitionTime: 1099 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 1100 type: string 1101 format: date-time 1102 message: 1103 description: A human readable message indicating details about the transition. 1104 type: string 1105 reason: 1106 description: The reason for the condition's last transition. 1107 type: string 1108 severity: 1109 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 1110 type: string 1111 status: 1112 description: Status of the condition, one of True, False, Unknown. 1113 type: string 1114 type: 1115 description: Type of condition. 1116 type: string 1117 latestCreatedRevisionName: 1118 description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 1119 type: string 1120 latestReadyRevisionName: 1121 description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". 1122 type: string 1123 observedGeneration: 1124 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 1125 type: integer 1126 format: int64 1127 1128 --- 1129 # Copyright 2020 The Knative Authors 1130 # 1131 # Licensed under the Apache License, Version 2.0 (the "License"); 1132 # you may not use this file except in compliance with the License. 1133 # You may obtain a copy of the License at 1134 # 1135 # https://www.apache.org/licenses/LICENSE-2.0 1136 # 1137 # Unless required by applicable law or agreed to in writing, software 1138 # distributed under the License is distributed on an "AS IS" BASIS, 1139 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1140 # See the License for the specific language governing permissions and 1141 # limitations under the License. 1142 1143 apiVersion: apiextensions.k8s.io/v1 1144 kind: CustomResourceDefinition 1145 metadata: 1146 name: clusterdomainclaims.networking.internal.knative.dev 1147 labels: 1148 app.kubernetes.io/name: knative-serving 1149 app.kubernetes.io/version: "1.3.0" 1150 serving.knative.dev/release: "v1.3.0" 1151 knative.dev/crd-install: "true" 1152 spec: 1153 group: networking.internal.knative.dev 1154 versions: 1155 - name: v1alpha1 1156 served: true 1157 storage: true 1158 subresources: 1159 status: {} 1160 schema: 1161 openAPIV3Schema: 1162 type: object 1163 # this is a work around so we don't need to flush out the 1164 # schema for each version at this time 1165 # 1166 # see issue: https://github.com/knative/serving/issues/912 1167 x-kubernetes-preserve-unknown-fields: true 1168 names: 1169 kind: ClusterDomainClaim 1170 plural: clusterdomainclaims 1171 singular: clusterdomainclaim 1172 categories: 1173 - knative-internal 1174 - networking 1175 shortNames: 1176 - cdc 1177 scope: Cluster 1178 1179 --- 1180 # Copyright 2020 The Knative Authors 1181 # 1182 # Licensed under the Apache License, Version 2.0 (the "License"); 1183 # you may not use this file except in compliance with the License. 1184 # You may obtain a copy of the License at 1185 # 1186 # https://www.apache.org/licenses/LICENSE-2.0 1187 # 1188 # Unless required by applicable law or agreed to in writing, software 1189 # distributed under the License is distributed on an "AS IS" BASIS, 1190 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1191 # See the License for the specific language governing permissions and 1192 # limitations under the License. 1193 1194 apiVersion: apiextensions.k8s.io/v1 1195 kind: CustomResourceDefinition 1196 metadata: 1197 name: domainmappings.serving.knative.dev 1198 labels: 1199 app.kubernetes.io/name: knative-serving 1200 app.kubernetes.io/version: "1.3.0" 1201 serving.knative.dev/release: "v1.3.0" 1202 knative.dev/crd-install: "true" 1203 spec: 1204 group: serving.knative.dev 1205 versions: 1206 - name: v1beta1 1207 served: true 1208 storage: false 1209 subresources: 1210 status: {} 1211 additionalPrinterColumns: 1212 - name: URL 1213 type: string 1214 jsonPath: .status.url 1215 - name: Ready 1216 type: string 1217 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1218 - name: Reason 1219 type: string 1220 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1221 "schema": 1222 "openAPIV3Schema": 1223 description: DomainMapping is a mapping from a custom hostname to an Addressable. 1224 type: object 1225 properties: 1226 apiVersion: 1227 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1228 type: string 1229 kind: 1230 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1231 type: string 1232 metadata: 1233 type: object 1234 spec: 1235 description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 1236 type: object 1237 required: 1238 - ref 1239 properties: 1240 ref: 1241 description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." 1242 type: object 1243 required: 1244 - kind 1245 - name 1246 properties: 1247 apiVersion: 1248 description: API version of the referent. 1249 type: string 1250 group: 1251 description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' 1252 type: string 1253 kind: 1254 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1255 type: string 1256 name: 1257 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1258 type: string 1259 namespace: 1260 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' 1261 type: string 1262 tls: 1263 description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. 1264 type: object 1265 required: 1266 - secretName 1267 properties: 1268 secretName: 1269 description: SecretName is the name of the existing secret used to terminate TLS traffic. 1270 type: string 1271 status: 1272 description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 1273 type: object 1274 properties: 1275 address: 1276 description: Address holds the information needed for a DomainMapping to be the target of an event. 1277 type: object 1278 properties: 1279 url: 1280 type: string 1281 annotations: 1282 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 1283 type: object 1284 additionalProperties: 1285 type: string 1286 conditions: 1287 description: Conditions the latest available observations of a resource's current state. 1288 type: array 1289 items: 1290 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 1291 type: object 1292 required: 1293 - status 1294 - type 1295 properties: 1296 lastTransitionTime: 1297 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 1298 type: string 1299 format: date-time 1300 message: 1301 description: A human readable message indicating details about the transition. 1302 type: string 1303 reason: 1304 description: The reason for the condition's last transition. 1305 type: string 1306 severity: 1307 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 1308 type: string 1309 status: 1310 description: Status of the condition, one of True, False, Unknown. 1311 type: string 1312 type: 1313 description: Type of condition. 1314 type: string 1315 observedGeneration: 1316 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 1317 type: integer 1318 format: int64 1319 url: 1320 description: URL is the URL of this DomainMapping. 1321 type: string 1322 - name: v1alpha1 1323 served: true 1324 storage: true 1325 subresources: 1326 status: {} 1327 schema: 1328 openAPIV3Schema: 1329 description: DomainMapping is a mapping from a custom hostname to an Addressable. 1330 type: object 1331 properties: 1332 apiVersion: 1333 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1334 type: string 1335 kind: 1336 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1337 type: string 1338 metadata: 1339 type: object 1340 spec: 1341 description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 1342 type: object 1343 required: 1344 - ref 1345 properties: 1346 ref: 1347 description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." 1348 type: object 1349 required: 1350 - kind 1351 - name 1352 properties: 1353 apiVersion: 1354 description: API version of the referent. 1355 type: string 1356 group: 1357 description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' 1358 type: string 1359 kind: 1360 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1361 type: string 1362 name: 1363 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1364 type: string 1365 namespace: 1366 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' 1367 type: string 1368 tls: 1369 description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. 1370 type: object 1371 required: 1372 - secretName 1373 properties: 1374 secretName: 1375 description: SecretName is the name of the existing secret used to terminate TLS traffic. 1376 type: string 1377 status: 1378 description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 1379 type: object 1380 properties: 1381 address: 1382 description: Address holds the information needed for a DomainMapping to be the target of an event. 1383 type: object 1384 properties: 1385 url: 1386 type: string 1387 annotations: 1388 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 1389 type: object 1390 additionalProperties: 1391 type: string 1392 conditions: 1393 description: Conditions the latest available observations of a resource's current state. 1394 type: array 1395 items: 1396 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 1397 type: object 1398 required: 1399 - status 1400 - type 1401 properties: 1402 lastTransitionTime: 1403 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 1404 type: string 1405 format: date-time 1406 message: 1407 description: A human readable message indicating details about the transition. 1408 type: string 1409 reason: 1410 description: The reason for the condition's last transition. 1411 type: string 1412 severity: 1413 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 1414 type: string 1415 status: 1416 description: Status of the condition, one of True, False, Unknown. 1417 type: string 1418 type: 1419 description: Type of condition. 1420 type: string 1421 observedGeneration: 1422 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 1423 type: integer 1424 format: int64 1425 url: 1426 description: URL is the URL of this DomainMapping. 1427 type: string 1428 additionalPrinterColumns: 1429 - name: URL 1430 type: string 1431 jsonPath: .status.url 1432 - name: Ready 1433 type: string 1434 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1435 - name: Reason 1436 type: string 1437 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1438 names: 1439 kind: DomainMapping 1440 plural: domainmappings 1441 singular: domainmapping 1442 categories: 1443 - all 1444 - knative 1445 - serving 1446 shortNames: 1447 - dm 1448 scope: Namespaced 1449 1450 --- 1451 # Copyright 2020 The Knative Authors 1452 # 1453 # Licensed under the Apache License, Version 2.0 (the "License"); 1454 # you may not use this file except in compliance with the License. 1455 # You may obtain a copy of the License at 1456 # 1457 # https://www.apache.org/licenses/LICENSE-2.0 1458 # 1459 # Unless required by applicable law or agreed to in writing, software 1460 # distributed under the License is distributed on an "AS IS" BASIS, 1461 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1462 # See the License for the specific language governing permissions and 1463 # limitations under the License. 1464 1465 apiVersion: apiextensions.k8s.io/v1 1466 kind: CustomResourceDefinition 1467 metadata: 1468 name: ingresses.networking.internal.knative.dev 1469 labels: 1470 app.kubernetes.io/name: knative-serving 1471 app.kubernetes.io/version: "1.3.0" 1472 serving.knative.dev/release: "v1.3.0" 1473 knative.dev/crd-install: "true" 1474 spec: 1475 group: networking.internal.knative.dev 1476 versions: 1477 - name: v1alpha1 1478 served: true 1479 storage: true 1480 subresources: 1481 status: {} 1482 schema: 1483 openAPIV3Schema: 1484 type: object 1485 # this is a work around so we don't need to flush out the 1486 # schema for each version at this time 1487 # 1488 # see issue: https://github.com/knative/serving/issues/912 1489 x-kubernetes-preserve-unknown-fields: true 1490 additionalPrinterColumns: 1491 - name: Ready 1492 type: string 1493 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1494 - name: Reason 1495 type: string 1496 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1497 names: 1498 kind: Ingress 1499 plural: ingresses 1500 singular: ingress 1501 categories: 1502 - knative-internal 1503 - networking 1504 shortNames: 1505 - kingress 1506 - king 1507 scope: Namespaced 1508 1509 --- 1510 # Copyright 2019 The Knative Authors 1511 # 1512 # Licensed under the Apache License, Version 2.0 (the "License"); 1513 # you may not use this file except in compliance with the License. 1514 # You may obtain a copy of the License at 1515 # 1516 # https://www.apache.org/licenses/LICENSE-2.0 1517 # 1518 # Unless required by applicable law or agreed to in writing, software 1519 # distributed under the License is distributed on an "AS IS" BASIS, 1520 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1521 # See the License for the specific language governing permissions and 1522 # limitations under the License. 1523 1524 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 1525 1526 apiVersion: apiextensions.k8s.io/v1 1527 kind: CustomResourceDefinition 1528 metadata: 1529 name: metrics.autoscaling.internal.knative.dev 1530 labels: 1531 app.kubernetes.io/name: knative-serving 1532 app.kubernetes.io/version: "1.3.0" 1533 serving.knative.dev/release: "v1.3.0" 1534 knative.dev/crd-install: "true" 1535 spec: 1536 group: autoscaling.internal.knative.dev 1537 names: 1538 kind: Metric 1539 plural: metrics 1540 singular: metric 1541 categories: 1542 - knative-internal 1543 - autoscaling 1544 scope: Namespaced 1545 versions: 1546 - name: v1alpha1 1547 served: true 1548 storage: true 1549 subresources: 1550 status: {} 1551 additionalPrinterColumns: 1552 - name: Ready 1553 type: string 1554 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1555 - name: Reason 1556 type: string 1557 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1558 schema: 1559 openAPIV3Schema: 1560 description: Metric represents a resource to configure the metric collector with. 1561 type: object 1562 properties: 1563 apiVersion: 1564 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1565 type: string 1566 kind: 1567 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1568 type: string 1569 metadata: 1570 type: object 1571 spec: 1572 description: Spec holds the desired state of the Metric (from the client). 1573 type: object 1574 required: 1575 - panicWindow 1576 - scrapeTarget 1577 - stableWindow 1578 properties: 1579 panicWindow: 1580 description: PanicWindow is the aggregation window for metrics where quick reactions are needed. 1581 type: integer 1582 format: int64 1583 scrapeTarget: 1584 description: ScrapeTarget is the K8s service that publishes the metric endpoint. 1585 type: string 1586 stableWindow: 1587 description: StableWindow is the aggregation window for metrics in a stable state. 1588 type: integer 1589 format: int64 1590 status: 1591 description: Status communicates the observed state of the Metric (from the controller). 1592 type: object 1593 properties: 1594 annotations: 1595 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 1596 type: object 1597 additionalProperties: 1598 type: string 1599 conditions: 1600 description: Conditions the latest available observations of a resource's current state. 1601 type: array 1602 items: 1603 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 1604 type: object 1605 required: 1606 - status 1607 - type 1608 properties: 1609 lastTransitionTime: 1610 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 1611 type: string 1612 format: date-time 1613 message: 1614 description: A human readable message indicating details about the transition. 1615 type: string 1616 reason: 1617 description: The reason for the condition's last transition. 1618 type: string 1619 severity: 1620 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 1621 type: string 1622 status: 1623 description: Status of the condition, one of True, False, Unknown. 1624 type: string 1625 type: 1626 description: Type of condition. 1627 type: string 1628 observedGeneration: 1629 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 1630 type: integer 1631 format: int64 1632 1633 --- 1634 # Copyright 2018 The Knative Authors 1635 # 1636 # Licensed under the Apache License, Version 2.0 (the "License"); 1637 # you may not use this file except in compliance with the License. 1638 # You may obtain a copy of the License at 1639 # 1640 # https://www.apache.org/licenses/LICENSE-2.0 1641 # 1642 # Unless required by applicable law or agreed to in writing, software 1643 # distributed under the License is distributed on an "AS IS" BASIS, 1644 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1645 # See the License for the specific language governing permissions and 1646 # limitations under the License. 1647 1648 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 1649 1650 apiVersion: apiextensions.k8s.io/v1 1651 kind: CustomResourceDefinition 1652 metadata: 1653 name: podautoscalers.autoscaling.internal.knative.dev 1654 labels: 1655 app.kubernetes.io/name: knative-serving 1656 app.kubernetes.io/version: "1.3.0" 1657 serving.knative.dev/release: "v1.3.0" 1658 knative.dev/crd-install: "true" 1659 spec: 1660 group: autoscaling.internal.knative.dev 1661 names: 1662 kind: PodAutoscaler 1663 plural: podautoscalers 1664 singular: podautoscaler 1665 categories: 1666 - knative-internal 1667 - autoscaling 1668 shortNames: 1669 - kpa 1670 - pa 1671 scope: Namespaced 1672 versions: 1673 - name: v1alpha1 1674 served: true 1675 storage: true 1676 subresources: 1677 status: {} 1678 additionalPrinterColumns: 1679 - name: DesiredScale 1680 type: integer 1681 jsonPath: ".status.desiredScale" 1682 - name: ActualScale 1683 type: integer 1684 jsonPath: ".status.actualScale" 1685 - name: Ready 1686 type: string 1687 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1688 - name: Reason 1689 type: string 1690 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1691 schema: 1692 openAPIV3Schema: 1693 description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/10KWynvAJYuOEWy69VBa6bHJVCqIsz1TNdEKosNvcpPY/edit' 1694 type: object 1695 properties: 1696 apiVersion: 1697 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1698 type: string 1699 kind: 1700 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1701 type: string 1702 metadata: 1703 type: object 1704 spec: 1705 description: Spec holds the desired state of the PodAutoscaler (from the client). 1706 type: object 1707 required: 1708 - protocolType 1709 - scaleTargetRef 1710 properties: 1711 containerConcurrency: 1712 description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. 1713 type: integer 1714 format: int64 1715 protocolType: 1716 description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. 1717 type: string 1718 reachability: 1719 description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` 1720 type: string 1721 scaleTargetRef: 1722 description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. 1723 type: object 1724 properties: 1725 apiVersion: 1726 description: API version of the referent. 1727 type: string 1728 kind: 1729 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1730 type: string 1731 name: 1732 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 1733 type: string 1734 status: 1735 description: Status communicates the observed state of the PodAutoscaler (from the controller). 1736 type: object 1737 required: 1738 - metricsServiceName 1739 - serviceName 1740 properties: 1741 actualScale: 1742 description: ActualScale shows the actual number of replicas for the revision. 1743 type: integer 1744 format: int32 1745 annotations: 1746 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 1747 type: object 1748 additionalProperties: 1749 type: string 1750 conditions: 1751 description: Conditions the latest available observations of a resource's current state. 1752 type: array 1753 items: 1754 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 1755 type: object 1756 required: 1757 - status 1758 - type 1759 properties: 1760 lastTransitionTime: 1761 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 1762 type: string 1763 format: date-time 1764 message: 1765 description: A human readable message indicating details about the transition. 1766 type: string 1767 reason: 1768 description: The reason for the condition's last transition. 1769 type: string 1770 severity: 1771 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 1772 type: string 1773 status: 1774 description: Status of the condition, one of True, False, Unknown. 1775 type: string 1776 type: 1777 description: Type of condition. 1778 type: string 1779 desiredScale: 1780 description: DesiredScale shows the current desired number of replicas for the revision. 1781 type: integer 1782 format: int32 1783 metricsServiceName: 1784 description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. 1785 type: string 1786 observedGeneration: 1787 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 1788 type: integer 1789 format: int64 1790 serviceName: 1791 description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. 1792 type: string 1793 1794 --- 1795 # Copyright 2019 The Knative Authors 1796 # 1797 # Licensed under the Apache License, Version 2.0 (the "License"); 1798 # you may not use this file except in compliance with the License. 1799 # You may obtain a copy of the License at 1800 # 1801 # https://www.apache.org/licenses/LICENSE-2.0 1802 # 1803 # Unless required by applicable law or agreed to in writing, software 1804 # distributed under the License is distributed on an "AS IS" BASIS, 1805 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1806 # See the License for the specific language governing permissions and 1807 # limitations under the License. 1808 1809 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 1810 1811 apiVersion: apiextensions.k8s.io/v1 1812 kind: CustomResourceDefinition 1813 metadata: 1814 name: revisions.serving.knative.dev 1815 labels: 1816 app.kubernetes.io/name: knative-serving 1817 app.kubernetes.io/version: "1.3.0" 1818 serving.knative.dev/release: "v1.3.0" 1819 knative.dev/crd-install: "true" 1820 spec: 1821 group: serving.knative.dev 1822 names: 1823 kind: Revision 1824 plural: revisions 1825 singular: revision 1826 categories: 1827 - all 1828 - knative 1829 - serving 1830 shortNames: 1831 - rev 1832 scope: Namespaced 1833 versions: 1834 - name: v1 1835 served: true 1836 storage: true 1837 subresources: 1838 status: {} 1839 additionalPrinterColumns: 1840 - name: Config Name 1841 type: string 1842 jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" 1843 - name: K8s Service Name 1844 type: string 1845 jsonPath: ".status.serviceName" 1846 - name: Generation 1847 type: string # int in string form :( 1848 jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" 1849 - name: Ready 1850 type: string 1851 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 1852 - name: Reason 1853 type: string 1854 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 1855 - name: Actual Replicas 1856 type: integer 1857 jsonPath: ".status.actualReplicas" 1858 - name: Desired Replicas 1859 type: integer 1860 jsonPath: ".status.desiredReplicas" 1861 schema: 1862 openAPIV3Schema: 1863 description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" 1864 type: object 1865 properties: 1866 apiVersion: 1867 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1868 type: string 1869 kind: 1870 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1871 type: string 1872 metadata: 1873 type: object 1874 spec: 1875 description: RevisionSpec holds the desired state of the Revision (from the client). 1876 type: object 1877 required: 1878 - containers 1879 properties: 1880 automountServiceAccountToken: 1881 description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. 1882 type: boolean 1883 containerConcurrency: 1884 description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1885 type: integer 1886 format: int64 1887 containers: 1888 description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. 1889 type: array 1890 items: 1891 description: A single application container that you want to run within a pod. 1892 type: object 1893 properties: 1894 args: 1895 description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1896 type: array 1897 items: 1898 type: string 1899 command: 1900 description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1901 type: array 1902 items: 1903 type: string 1904 env: 1905 description: List of environment variables to set in the container. Cannot be updated. 1906 type: array 1907 items: 1908 description: EnvVar represents an environment variable present in a Container. 1909 type: object 1910 required: 1911 - name 1912 properties: 1913 name: 1914 description: Name of the environment variable. Must be a C_IDENTIFIER. 1915 type: string 1916 value: 1917 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' 1918 type: string 1919 valueFrom: 1920 description: Source for the environment variable's value. Cannot be used if value is not empty. 1921 type: object 1922 properties: 1923 configMapKeyRef: 1924 description: Selects a key of a ConfigMap. 1925 type: object 1926 required: 1927 - key 1928 properties: 1929 key: 1930 description: The key to select. 1931 type: string 1932 name: 1933 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1934 type: string 1935 optional: 1936 description: Specify whether the ConfigMap or its key must be defined 1937 type: boolean 1938 secretKeyRef: 1939 description: Selects a key of a secret in the pod's namespace 1940 type: object 1941 required: 1942 - key 1943 properties: 1944 key: 1945 description: The key of the secret to select from. Must be a valid secret key. 1946 type: string 1947 name: 1948 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1949 type: string 1950 optional: 1951 description: Specify whether the Secret or its key must be defined 1952 type: boolean 1953 x-kubernetes-preserve-unknown-fields: true 1954 envFrom: 1955 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 1956 type: array 1957 items: 1958 description: EnvFromSource represents the source of a set of ConfigMaps 1959 type: object 1960 properties: 1961 configMapRef: 1962 description: The ConfigMap to select from 1963 type: object 1964 properties: 1965 name: 1966 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1967 type: string 1968 optional: 1969 description: Specify whether the ConfigMap must be defined 1970 type: boolean 1971 prefix: 1972 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1973 type: string 1974 secretRef: 1975 description: The Secret to select from 1976 type: object 1977 properties: 1978 name: 1979 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1980 type: string 1981 optional: 1982 description: Specify whether the Secret must be defined 1983 type: boolean 1984 image: 1985 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' 1986 type: string 1987 imagePullPolicy: 1988 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1989 type: string 1990 livenessProbe: 1991 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1992 type: object 1993 properties: 1994 exec: 1995 description: One and only one of the following should be specified. Exec specifies the action to take. 1996 type: object 1997 properties: 1998 command: 1999 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2000 type: array 2001 items: 2002 type: string 2003 failureThreshold: 2004 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2005 type: integer 2006 format: int32 2007 httpGet: 2008 description: HTTPGet specifies the http request to perform. 2009 type: object 2010 properties: 2011 host: 2012 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2013 type: string 2014 httpHeaders: 2015 description: Custom headers to set in the request. HTTP allows repeated headers. 2016 type: array 2017 items: 2018 description: HTTPHeader describes a custom header to be used in HTTP probes 2019 type: object 2020 required: 2021 - name 2022 - value 2023 properties: 2024 name: 2025 description: The header field name 2026 type: string 2027 value: 2028 description: The header field value 2029 type: string 2030 path: 2031 description: Path to access on the HTTP server. 2032 type: string 2033 scheme: 2034 description: Scheme to use for connecting to the host. Defaults to HTTP. 2035 type: string 2036 x-kubernetes-preserve-unknown-fields: true 2037 initialDelaySeconds: 2038 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2039 type: integer 2040 format: int32 2041 periodSeconds: 2042 description: How often (in seconds) to perform the probe. 2043 type: integer 2044 format: int32 2045 successThreshold: 2046 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 2047 type: integer 2048 format: int32 2049 tcpSocket: 2050 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 2051 type: object 2052 properties: 2053 host: 2054 description: 'Optional: Host name to connect to, defaults to the pod IP.' 2055 type: string 2056 x-kubernetes-preserve-unknown-fields: true 2057 timeoutSeconds: 2058 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2059 type: integer 2060 format: int32 2061 name: 2062 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. 2063 type: string 2064 ports: 2065 description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. 2066 type: array 2067 items: 2068 description: ContainerPort represents a network port in a single container. 2069 type: object 2070 required: 2071 - containerPort 2072 properties: 2073 containerPort: 2074 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2075 type: integer 2076 format: int32 2077 name: 2078 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. 2079 type: string 2080 protocol: 2081 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". 2082 type: string 2083 default: TCP 2084 x-kubernetes-preserve-unknown-fields: true 2085 x-kubernetes-list-map-keys: 2086 - containerPort 2087 - protocol 2088 x-kubernetes-list-type: map 2089 readinessProbe: 2090 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2091 type: object 2092 properties: 2093 exec: 2094 description: One and only one of the following should be specified. Exec specifies the action to take. 2095 type: object 2096 properties: 2097 command: 2098 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2099 type: array 2100 items: 2101 type: string 2102 failureThreshold: 2103 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2104 type: integer 2105 format: int32 2106 httpGet: 2107 description: HTTPGet specifies the http request to perform. 2108 type: object 2109 properties: 2110 host: 2111 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2112 type: string 2113 httpHeaders: 2114 description: Custom headers to set in the request. HTTP allows repeated headers. 2115 type: array 2116 items: 2117 description: HTTPHeader describes a custom header to be used in HTTP probes 2118 type: object 2119 required: 2120 - name 2121 - value 2122 properties: 2123 name: 2124 description: The header field name 2125 type: string 2126 value: 2127 description: The header field value 2128 type: string 2129 path: 2130 description: Path to access on the HTTP server. 2131 type: string 2132 scheme: 2133 description: Scheme to use for connecting to the host. Defaults to HTTP. 2134 type: string 2135 x-kubernetes-preserve-unknown-fields: true 2136 initialDelaySeconds: 2137 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2138 type: integer 2139 format: int32 2140 periodSeconds: 2141 description: How often (in seconds) to perform the probe. 2142 type: integer 2143 format: int32 2144 successThreshold: 2145 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 2146 type: integer 2147 format: int32 2148 tcpSocket: 2149 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 2150 type: object 2151 properties: 2152 host: 2153 description: 'Optional: Host name to connect to, defaults to the pod IP.' 2154 type: string 2155 x-kubernetes-preserve-unknown-fields: true 2156 timeoutSeconds: 2157 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2158 type: integer 2159 format: int32 2160 resources: 2161 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2162 type: object 2163 properties: 2164 limits: 2165 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2166 type: object 2167 additionalProperties: 2168 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2169 anyOf: 2170 - type: integer 2171 - type: string 2172 x-kubernetes-int-or-string: true 2173 requests: 2174 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2175 type: object 2176 additionalProperties: 2177 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2178 anyOf: 2179 - type: integer 2180 - type: string 2181 x-kubernetes-int-or-string: true 2182 securityContext: 2183 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2184 type: object 2185 properties: 2186 capabilities: 2187 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. 2188 type: object 2189 properties: 2190 drop: 2191 description: Removed capabilities 2192 type: array 2193 items: 2194 description: Capability represent POSIX capabilities type 2195 type: string 2196 x-kubernetes-preserve-unknown-fields: true 2197 readOnlyRootFilesystem: 2198 description: Whether this container has a read-only root filesystem. Default is false. 2199 type: boolean 2200 runAsUser: 2201 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2202 type: integer 2203 format: int64 2204 x-kubernetes-preserve-unknown-fields: true 2205 terminationMessagePath: 2206 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 2207 type: string 2208 terminationMessagePolicy: 2209 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 2210 type: string 2211 volumeMounts: 2212 description: Pod volumes to mount into the container's filesystem. Cannot be updated. 2213 type: array 2214 items: 2215 description: VolumeMount describes a mounting of a Volume within a container. 2216 type: object 2217 required: 2218 - mountPath 2219 - name 2220 properties: 2221 mountPath: 2222 description: Path within the container at which the volume should be mounted. Must not contain ':'. 2223 type: string 2224 name: 2225 description: This must match the Name of a Volume. 2226 type: string 2227 readOnly: 2228 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 2229 type: boolean 2230 subPath: 2231 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 2232 type: string 2233 workingDir: 2234 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. 2235 type: string 2236 x-kubernetes-preserve-unknown-fields: true 2237 enableServiceLinks: 2238 description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.' 2239 type: boolean 2240 imagePullSecrets: 2241 description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 2242 type: array 2243 items: 2244 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. 2245 type: object 2246 properties: 2247 name: 2248 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2249 type: string 2250 serviceAccountName: 2251 description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 2252 type: string 2253 timeoutSeconds: 2254 description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided. 2255 type: integer 2256 format: int64 2257 volumes: 2258 description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 2259 type: array 2260 items: 2261 description: Volume represents a named volume in a pod that may be accessed by any container in the pod. 2262 type: object 2263 required: 2264 - name 2265 properties: 2266 configMap: 2267 description: ConfigMap represents a configMap that should populate this volume 2268 type: object 2269 properties: 2270 defaultMode: 2271 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2272 type: integer 2273 format: int32 2274 items: 2275 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 2276 type: array 2277 items: 2278 description: Maps a string key to a path within a volume. 2279 type: object 2280 required: 2281 - key 2282 - path 2283 properties: 2284 key: 2285 description: The key to project. 2286 type: string 2287 mode: 2288 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2289 type: integer 2290 format: int32 2291 path: 2292 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2293 type: string 2294 name: 2295 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2296 type: string 2297 optional: 2298 description: Specify whether the ConfigMap or its keys must be defined 2299 type: boolean 2300 name: 2301 description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 2302 type: string 2303 projected: 2304 description: Items for all in one resources secrets, configmaps, and downward API 2305 type: object 2306 properties: 2307 defaultMode: 2308 description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2309 type: integer 2310 format: int32 2311 sources: 2312 description: list of volume projections 2313 type: array 2314 items: 2315 description: Projection that may be projected along with other supported volume types 2316 type: object 2317 properties: 2318 configMap: 2319 description: information about the configMap data to project 2320 type: object 2321 properties: 2322 items: 2323 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 2324 type: array 2325 items: 2326 description: Maps a string key to a path within a volume. 2327 type: object 2328 required: 2329 - key 2330 - path 2331 properties: 2332 key: 2333 description: The key to project. 2334 type: string 2335 mode: 2336 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2337 type: integer 2338 format: int32 2339 path: 2340 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2341 type: string 2342 name: 2343 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2344 type: string 2345 optional: 2346 description: Specify whether the ConfigMap or its keys must be defined 2347 type: boolean 2348 secret: 2349 description: information about the secret data to project 2350 type: object 2351 properties: 2352 items: 2353 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 2354 type: array 2355 items: 2356 description: Maps a string key to a path within a volume. 2357 type: object 2358 required: 2359 - key 2360 - path 2361 properties: 2362 key: 2363 description: The key to project. 2364 type: string 2365 mode: 2366 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2367 type: integer 2368 format: int32 2369 path: 2370 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2371 type: string 2372 name: 2373 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2374 type: string 2375 optional: 2376 description: Specify whether the Secret or its key must be defined 2377 type: boolean 2378 serviceAccountToken: 2379 description: information about the serviceAccountToken data to project 2380 type: object 2381 required: 2382 - path 2383 properties: 2384 audience: 2385 description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. 2386 type: string 2387 expirationSeconds: 2388 description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. 2389 type: integer 2390 format: int64 2391 path: 2392 description: Path is the path relative to the mount point of the file to project the token into. 2393 type: string 2394 secret: 2395 description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 2396 type: object 2397 properties: 2398 defaultMode: 2399 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2400 type: integer 2401 format: int32 2402 items: 2403 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 2404 type: array 2405 items: 2406 description: Maps a string key to a path within a volume. 2407 type: object 2408 required: 2409 - key 2410 - path 2411 properties: 2412 key: 2413 description: The key to project. 2414 type: string 2415 mode: 2416 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 2417 type: integer 2418 format: int32 2419 path: 2420 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2421 type: string 2422 optional: 2423 description: Specify whether the Secret or its keys must be defined 2424 type: boolean 2425 secretName: 2426 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 2427 type: string 2428 x-kubernetes-preserve-unknown-fields: true 2429 x-kubernetes-preserve-unknown-fields: true 2430 status: 2431 description: RevisionStatus communicates the observed state of the Revision (from the controller). 2432 type: object 2433 properties: 2434 actualReplicas: 2435 description: ActualReplicas reflects the amount of ready pods running this revision. 2436 type: integer 2437 format: int32 2438 annotations: 2439 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 2440 type: object 2441 additionalProperties: 2442 type: string 2443 conditions: 2444 description: Conditions the latest available observations of a resource's current state. 2445 type: array 2446 items: 2447 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 2448 type: object 2449 required: 2450 - status 2451 - type 2452 properties: 2453 lastTransitionTime: 2454 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 2455 type: string 2456 format: date-time 2457 message: 2458 description: A human readable message indicating details about the transition. 2459 type: string 2460 reason: 2461 description: The reason for the condition's last transition. 2462 type: string 2463 severity: 2464 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 2465 type: string 2466 status: 2467 description: Status of the condition, one of True, False, Unknown. 2468 type: string 2469 type: 2470 description: Type of condition. 2471 type: string 2472 containerStatuses: 2473 description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' 2474 type: array 2475 items: 2476 description: ContainerStatus holds the information of container name and image digest value 2477 type: object 2478 properties: 2479 imageDigest: 2480 type: string 2481 name: 2482 type: string 2483 desiredReplicas: 2484 description: DesiredReplicas reflects the desired amount of pods running this revision. 2485 type: integer 2486 format: int32 2487 initContainerStatuses: 2488 description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' 2489 type: array 2490 items: 2491 description: ContainerStatus holds the information of container name and image digest value 2492 type: object 2493 properties: 2494 imageDigest: 2495 type: string 2496 name: 2497 type: string 2498 logUrl: 2499 description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. 2500 type: string 2501 observedGeneration: 2502 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 2503 type: integer 2504 format: int64 2505 2506 --- 2507 # Copyright 2019 The Knative Authors 2508 # 2509 # Licensed under the Apache License, Version 2.0 (the "License"); 2510 # you may not use this file except in compliance with the License. 2511 # You may obtain a copy of the License at 2512 # 2513 # https://www.apache.org/licenses/LICENSE-2.0 2514 # 2515 # Unless required by applicable law or agreed to in writing, software 2516 # distributed under the License is distributed on an "AS IS" BASIS, 2517 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 2518 # See the License for the specific language governing permissions and 2519 # limitations under the License. 2520 2521 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 2522 2523 apiVersion: apiextensions.k8s.io/v1 2524 kind: CustomResourceDefinition 2525 metadata: 2526 name: routes.serving.knative.dev 2527 labels: 2528 app.kubernetes.io/name: knative-serving 2529 app.kubernetes.io/version: "1.3.0" 2530 serving.knative.dev/release: "v1.3.0" 2531 knative.dev/crd-install: "true" 2532 duck.knative.dev/addressable: "true" 2533 spec: 2534 group: serving.knative.dev 2535 names: 2536 kind: Route 2537 plural: routes 2538 singular: route 2539 categories: 2540 - all 2541 - knative 2542 - serving 2543 shortNames: 2544 - rt 2545 scope: Namespaced 2546 versions: 2547 - name: v1 2548 served: true 2549 storage: true 2550 subresources: 2551 status: {} 2552 additionalPrinterColumns: 2553 - name: URL 2554 type: string 2555 jsonPath: .status.url 2556 - name: Ready 2557 type: string 2558 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 2559 - name: Reason 2560 type: string 2561 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 2562 schema: 2563 openAPIV3Schema: 2564 description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' 2565 type: object 2566 properties: 2567 apiVersion: 2568 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2569 type: string 2570 kind: 2571 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2572 type: string 2573 metadata: 2574 type: object 2575 spec: 2576 description: Spec holds the desired state of the Route (from the client). 2577 type: object 2578 properties: 2579 traffic: 2580 description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. 2581 type: array 2582 items: 2583 description: TrafficTarget holds a single entry of the routing table for a Route. 2584 type: object 2585 properties: 2586 configurationName: 2587 description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. 2588 type: string 2589 latestRevision: 2590 description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 2591 type: boolean 2592 percent: 2593 description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' 2594 type: integer 2595 format: int64 2596 revisionName: 2597 description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. 2598 type: string 2599 tag: 2600 description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. 2601 type: string 2602 url: 2603 description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 2604 type: string 2605 status: 2606 description: Status communicates the observed state of the Route (from the controller). 2607 type: object 2608 properties: 2609 address: 2610 description: Address holds the information needed for a Route to be the target of an event. 2611 type: object 2612 properties: 2613 url: 2614 type: string 2615 annotations: 2616 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 2617 type: object 2618 additionalProperties: 2619 type: string 2620 conditions: 2621 description: Conditions the latest available observations of a resource's current state. 2622 type: array 2623 items: 2624 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 2625 type: object 2626 required: 2627 - status 2628 - type 2629 properties: 2630 lastTransitionTime: 2631 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 2632 type: string 2633 format: date-time 2634 message: 2635 description: A human readable message indicating details about the transition. 2636 type: string 2637 reason: 2638 description: The reason for the condition's last transition. 2639 type: string 2640 severity: 2641 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 2642 type: string 2643 status: 2644 description: Status of the condition, one of True, False, Unknown. 2645 type: string 2646 type: 2647 description: Type of condition. 2648 type: string 2649 observedGeneration: 2650 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 2651 type: integer 2652 format: int64 2653 traffic: 2654 description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 2655 type: array 2656 items: 2657 description: TrafficTarget holds a single entry of the routing table for a Route. 2658 type: object 2659 properties: 2660 configurationName: 2661 description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. 2662 type: string 2663 latestRevision: 2664 description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 2665 type: boolean 2666 percent: 2667 description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' 2668 type: integer 2669 format: int64 2670 revisionName: 2671 description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. 2672 type: string 2673 tag: 2674 description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. 2675 type: string 2676 url: 2677 description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 2678 type: string 2679 url: 2680 description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} 2681 type: string 2682 2683 --- 2684 # Copyright 2019 The Knative Authors 2685 # 2686 # Licensed under the Apache License, Version 2.0 (the "License"); 2687 # you may not use this file except in compliance with the License. 2688 # You may obtain a copy of the License at 2689 # 2690 # https://www.apache.org/licenses/LICENSE-2.0 2691 # 2692 # Unless required by applicable law or agreed to in writing, software 2693 # distributed under the License is distributed on an "AS IS" BASIS, 2694 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 2695 # See the License for the specific language governing permissions and 2696 # limitations under the License. 2697 2698 apiVersion: apiextensions.k8s.io/v1 2699 kind: CustomResourceDefinition 2700 metadata: 2701 name: serverlessservices.networking.internal.knative.dev 2702 labels: 2703 app.kubernetes.io/name: knative-serving 2704 app.kubernetes.io/version: "1.3.0" 2705 serving.knative.dev/release: "v1.3.0" 2706 knative.dev/crd-install: "true" 2707 spec: 2708 group: networking.internal.knative.dev 2709 versions: 2710 - name: v1alpha1 2711 served: true 2712 storage: true 2713 subresources: 2714 status: {} 2715 schema: 2716 openAPIV3Schema: 2717 type: object 2718 # this is a work around so we don't need to flush out the 2719 # schema for each version at this time 2720 # 2721 # see issue: https://github.com/knative/serving/issues/912 2722 x-kubernetes-preserve-unknown-fields: true 2723 additionalPrinterColumns: 2724 - name: Mode 2725 type: string 2726 jsonPath: ".spec.mode" 2727 - name: Activators 2728 type: integer 2729 jsonPath: ".spec.numActivators" 2730 - name: ServiceName 2731 type: string 2732 jsonPath: ".status.serviceName" 2733 - name: PrivateServiceName 2734 type: string 2735 jsonPath: ".status.privateServiceName" 2736 - name: Ready 2737 type: string 2738 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 2739 - name: Reason 2740 type: string 2741 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 2742 names: 2743 kind: ServerlessService 2744 plural: serverlessservices 2745 singular: serverlessservice 2746 categories: 2747 - knative-internal 2748 - networking 2749 shortNames: 2750 - sks 2751 scope: Namespaced 2752 2753 --- 2754 # Copyright 2019 The Knative Authors 2755 # 2756 # Licensed under the Apache License, Version 2.0 (the "License"); 2757 # you may not use this file except in compliance with the License. 2758 # You may obtain a copy of the License at 2759 # 2760 # https://www.apache.org/licenses/LICENSE-2.0 2761 # 2762 # Unless required by applicable law or agreed to in writing, software 2763 # distributed under the License is distributed on an "AS IS" BASIS, 2764 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 2765 # See the License for the specific language governing permissions and 2766 # limitations under the License. 2767 2768 # Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. 2769 2770 apiVersion: apiextensions.k8s.io/v1 2771 kind: CustomResourceDefinition 2772 metadata: 2773 name: services.serving.knative.dev 2774 labels: 2775 app.kubernetes.io/name: knative-serving 2776 app.kubernetes.io/version: "1.3.0" 2777 serving.knative.dev/release: "v1.3.0" 2778 knative.dev/crd-install: "true" 2779 duck.knative.dev/addressable: "true" 2780 duck.knative.dev/podspecable: "true" 2781 spec: 2782 group: serving.knative.dev 2783 names: 2784 kind: Service 2785 plural: services 2786 singular: service 2787 categories: 2788 - all 2789 - knative 2790 - serving 2791 shortNames: 2792 - kservice 2793 - ksvc 2794 scope: Namespaced 2795 versions: 2796 - name: v1 2797 served: true 2798 storage: true 2799 subresources: 2800 status: {} 2801 additionalPrinterColumns: 2802 - name: URL 2803 type: string 2804 jsonPath: .status.url 2805 - name: LatestCreated 2806 type: string 2807 jsonPath: .status.latestCreatedRevisionName 2808 - name: LatestReady 2809 type: string 2810 jsonPath: .status.latestReadyRevisionName 2811 - name: Ready 2812 type: string 2813 jsonPath: ".status.conditions[?(@.type=='Ready')].status" 2814 - name: Reason 2815 type: string 2816 jsonPath: ".status.conditions[?(@.type=='Ready')].reason" 2817 schema: 2818 openAPIV3Schema: 2819 description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" 2820 type: object 2821 properties: 2822 apiVersion: 2823 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2824 type: string 2825 kind: 2826 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2827 type: string 2828 metadata: 2829 type: object 2830 spec: 2831 description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. 2832 type: object 2833 properties: 2834 template: 2835 description: Template holds the latest specification for the Revision to be stamped out. 2836 type: object 2837 properties: 2838 metadata: 2839 type: object 2840 properties: 2841 annotations: 2842 type: object 2843 additionalProperties: 2844 type: string 2845 finalizers: 2846 type: array 2847 items: 2848 type: string 2849 labels: 2850 type: object 2851 additionalProperties: 2852 type: string 2853 name: 2854 type: string 2855 namespace: 2856 type: string 2857 x-kubernetes-preserve-unknown-fields: true 2858 spec: 2859 description: RevisionSpec holds the desired state of the Revision (from the client). 2860 type: object 2861 required: 2862 - containers 2863 properties: 2864 automountServiceAccountToken: 2865 description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. 2866 type: boolean 2867 containerConcurrency: 2868 description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 2869 type: integer 2870 format: int64 2871 containers: 2872 description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. 2873 type: array 2874 items: 2875 description: A single application container that you want to run within a pod. 2876 type: object 2877 properties: 2878 args: 2879 description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2880 type: array 2881 items: 2882 type: string 2883 command: 2884 description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2885 type: array 2886 items: 2887 type: string 2888 env: 2889 description: List of environment variables to set in the container. Cannot be updated. 2890 type: array 2891 items: 2892 description: EnvVar represents an environment variable present in a Container. 2893 type: object 2894 required: 2895 - name 2896 properties: 2897 name: 2898 description: Name of the environment variable. Must be a C_IDENTIFIER. 2899 type: string 2900 value: 2901 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' 2902 type: string 2903 valueFrom: 2904 description: Source for the environment variable's value. Cannot be used if value is not empty. 2905 type: object 2906 properties: 2907 configMapKeyRef: 2908 description: Selects a key of a ConfigMap. 2909 type: object 2910 required: 2911 - key 2912 properties: 2913 key: 2914 description: The key to select. 2915 type: string 2916 name: 2917 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2918 type: string 2919 optional: 2920 description: Specify whether the ConfigMap or its key must be defined 2921 type: boolean 2922 secretKeyRef: 2923 description: Selects a key of a secret in the pod's namespace 2924 type: object 2925 required: 2926 - key 2927 properties: 2928 key: 2929 description: The key of the secret to select from. Must be a valid secret key. 2930 type: string 2931 name: 2932 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2933 type: string 2934 optional: 2935 description: Specify whether the Secret or its key must be defined 2936 type: boolean 2937 x-kubernetes-preserve-unknown-fields: true 2938 envFrom: 2939 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 2940 type: array 2941 items: 2942 description: EnvFromSource represents the source of a set of ConfigMaps 2943 type: object 2944 properties: 2945 configMapRef: 2946 description: The ConfigMap to select from 2947 type: object 2948 properties: 2949 name: 2950 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2951 type: string 2952 optional: 2953 description: Specify whether the ConfigMap must be defined 2954 type: boolean 2955 prefix: 2956 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 2957 type: string 2958 secretRef: 2959 description: The Secret to select from 2960 type: object 2961 properties: 2962 name: 2963 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2964 type: string 2965 optional: 2966 description: Specify whether the Secret must be defined 2967 type: boolean 2968 image: 2969 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' 2970 type: string 2971 imagePullPolicy: 2972 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2973 type: string 2974 livenessProbe: 2975 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2976 type: object 2977 properties: 2978 exec: 2979 description: One and only one of the following should be specified. Exec specifies the action to take. 2980 type: object 2981 properties: 2982 command: 2983 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2984 type: array 2985 items: 2986 type: string 2987 failureThreshold: 2988 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2989 type: integer 2990 format: int32 2991 httpGet: 2992 description: HTTPGet specifies the http request to perform. 2993 type: object 2994 properties: 2995 host: 2996 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2997 type: string 2998 httpHeaders: 2999 description: Custom headers to set in the request. HTTP allows repeated headers. 3000 type: array 3001 items: 3002 description: HTTPHeader describes a custom header to be used in HTTP probes 3003 type: object 3004 required: 3005 - name 3006 - value 3007 properties: 3008 name: 3009 description: The header field name 3010 type: string 3011 value: 3012 description: The header field value 3013 type: string 3014 path: 3015 description: Path to access on the HTTP server. 3016 type: string 3017 scheme: 3018 description: Scheme to use for connecting to the host. Defaults to HTTP. 3019 type: string 3020 x-kubernetes-preserve-unknown-fields: true 3021 initialDelaySeconds: 3022 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3023 type: integer 3024 format: int32 3025 periodSeconds: 3026 description: How often (in seconds) to perform the probe. 3027 type: integer 3028 format: int32 3029 successThreshold: 3030 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 3031 type: integer 3032 format: int32 3033 tcpSocket: 3034 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 3035 type: object 3036 properties: 3037 host: 3038 description: 'Optional: Host name to connect to, defaults to the pod IP.' 3039 type: string 3040 x-kubernetes-preserve-unknown-fields: true 3041 timeoutSeconds: 3042 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3043 type: integer 3044 format: int32 3045 name: 3046 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. 3047 type: string 3048 ports: 3049 description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. 3050 type: array 3051 items: 3052 description: ContainerPort represents a network port in a single container. 3053 type: object 3054 required: 3055 - containerPort 3056 properties: 3057 containerPort: 3058 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3059 type: integer 3060 format: int32 3061 name: 3062 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. 3063 type: string 3064 protocol: 3065 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". 3066 type: string 3067 default: TCP 3068 x-kubernetes-preserve-unknown-fields: true 3069 x-kubernetes-list-map-keys: 3070 - containerPort 3071 - protocol 3072 x-kubernetes-list-type: map 3073 readinessProbe: 3074 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3075 type: object 3076 properties: 3077 exec: 3078 description: One and only one of the following should be specified. Exec specifies the action to take. 3079 type: object 3080 properties: 3081 command: 3082 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 3083 type: array 3084 items: 3085 type: string 3086 failureThreshold: 3087 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 3088 type: integer 3089 format: int32 3090 httpGet: 3091 description: HTTPGet specifies the http request to perform. 3092 type: object 3093 properties: 3094 host: 3095 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 3096 type: string 3097 httpHeaders: 3098 description: Custom headers to set in the request. HTTP allows repeated headers. 3099 type: array 3100 items: 3101 description: HTTPHeader describes a custom header to be used in HTTP probes 3102 type: object 3103 required: 3104 - name 3105 - value 3106 properties: 3107 name: 3108 description: The header field name 3109 type: string 3110 value: 3111 description: The header field value 3112 type: string 3113 path: 3114 description: Path to access on the HTTP server. 3115 type: string 3116 scheme: 3117 description: Scheme to use for connecting to the host. Defaults to HTTP. 3118 type: string 3119 x-kubernetes-preserve-unknown-fields: true 3120 initialDelaySeconds: 3121 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3122 type: integer 3123 format: int32 3124 periodSeconds: 3125 description: How often (in seconds) to perform the probe. 3126 type: integer 3127 format: int32 3128 successThreshold: 3129 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 3130 type: integer 3131 format: int32 3132 tcpSocket: 3133 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 3134 type: object 3135 properties: 3136 host: 3137 description: 'Optional: Host name to connect to, defaults to the pod IP.' 3138 type: string 3139 x-kubernetes-preserve-unknown-fields: true 3140 timeoutSeconds: 3141 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3142 type: integer 3143 format: int32 3144 resources: 3145 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3146 type: object 3147 properties: 3148 limits: 3149 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3150 type: object 3151 additionalProperties: 3152 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3153 anyOf: 3154 - type: integer 3155 - type: string 3156 x-kubernetes-int-or-string: true 3157 requests: 3158 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3159 type: object 3160 additionalProperties: 3161 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3162 anyOf: 3163 - type: integer 3164 - type: string 3165 x-kubernetes-int-or-string: true 3166 securityContext: 3167 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3168 type: object 3169 properties: 3170 capabilities: 3171 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. 3172 type: object 3173 properties: 3174 drop: 3175 description: Removed capabilities 3176 type: array 3177 items: 3178 description: Capability represent POSIX capabilities type 3179 type: string 3180 x-kubernetes-preserve-unknown-fields: true 3181 readOnlyRootFilesystem: 3182 description: Whether this container has a read-only root filesystem. Default is false. 3183 type: boolean 3184 runAsUser: 3185 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 3186 type: integer 3187 format: int64 3188 x-kubernetes-preserve-unknown-fields: true 3189 terminationMessagePath: 3190 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 3191 type: string 3192 terminationMessagePolicy: 3193 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 3194 type: string 3195 volumeMounts: 3196 description: Pod volumes to mount into the container's filesystem. Cannot be updated. 3197 type: array 3198 items: 3199 description: VolumeMount describes a mounting of a Volume within a container. 3200 type: object 3201 required: 3202 - mountPath 3203 - name 3204 properties: 3205 mountPath: 3206 description: Path within the container at which the volume should be mounted. Must not contain ':'. 3207 type: string 3208 name: 3209 description: This must match the Name of a Volume. 3210 type: string 3211 readOnly: 3212 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 3213 type: boolean 3214 subPath: 3215 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 3216 type: string 3217 workingDir: 3218 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. 3219 type: string 3220 x-kubernetes-preserve-unknown-fields: true 3221 enableServiceLinks: 3222 description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.' 3223 type: boolean 3224 imagePullSecrets: 3225 description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 3226 type: array 3227 items: 3228 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. 3229 type: object 3230 properties: 3231 name: 3232 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3233 type: string 3234 serviceAccountName: 3235 description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 3236 type: string 3237 timeoutSeconds: 3238 description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided. 3239 type: integer 3240 format: int64 3241 volumes: 3242 description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 3243 type: array 3244 items: 3245 description: Volume represents a named volume in a pod that may be accessed by any container in the pod. 3246 type: object 3247 required: 3248 - name 3249 properties: 3250 configMap: 3251 description: ConfigMap represents a configMap that should populate this volume 3252 type: object 3253 properties: 3254 defaultMode: 3255 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3256 type: integer 3257 format: int32 3258 items: 3259 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 3260 type: array 3261 items: 3262 description: Maps a string key to a path within a volume. 3263 type: object 3264 required: 3265 - key 3266 - path 3267 properties: 3268 key: 3269 description: The key to project. 3270 type: string 3271 mode: 3272 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3273 type: integer 3274 format: int32 3275 path: 3276 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3277 type: string 3278 name: 3279 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3280 type: string 3281 optional: 3282 description: Specify whether the ConfigMap or its keys must be defined 3283 type: boolean 3284 name: 3285 description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3286 type: string 3287 projected: 3288 description: Items for all in one resources secrets, configmaps, and downward API 3289 type: object 3290 properties: 3291 defaultMode: 3292 description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3293 type: integer 3294 format: int32 3295 sources: 3296 description: list of volume projections 3297 type: array 3298 items: 3299 description: Projection that may be projected along with other supported volume types 3300 type: object 3301 properties: 3302 configMap: 3303 description: information about the configMap data to project 3304 type: object 3305 properties: 3306 items: 3307 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 3308 type: array 3309 items: 3310 description: Maps a string key to a path within a volume. 3311 type: object 3312 required: 3313 - key 3314 - path 3315 properties: 3316 key: 3317 description: The key to project. 3318 type: string 3319 mode: 3320 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3321 type: integer 3322 format: int32 3323 path: 3324 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3325 type: string 3326 name: 3327 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3328 type: string 3329 optional: 3330 description: Specify whether the ConfigMap or its keys must be defined 3331 type: boolean 3332 secret: 3333 description: information about the secret data to project 3334 type: object 3335 properties: 3336 items: 3337 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 3338 type: array 3339 items: 3340 description: Maps a string key to a path within a volume. 3341 type: object 3342 required: 3343 - key 3344 - path 3345 properties: 3346 key: 3347 description: The key to project. 3348 type: string 3349 mode: 3350 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3351 type: integer 3352 format: int32 3353 path: 3354 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3355 type: string 3356 name: 3357 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3358 type: string 3359 optional: 3360 description: Specify whether the Secret or its key must be defined 3361 type: boolean 3362 serviceAccountToken: 3363 description: information about the serviceAccountToken data to project 3364 type: object 3365 required: 3366 - path 3367 properties: 3368 audience: 3369 description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. 3370 type: string 3371 expirationSeconds: 3372 description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. 3373 type: integer 3374 format: int64 3375 path: 3376 description: Path is the path relative to the mount point of the file to project the token into. 3377 type: string 3378 secret: 3379 description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3380 type: object 3381 properties: 3382 defaultMode: 3383 description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3384 type: integer 3385 format: int32 3386 items: 3387 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 3388 type: array 3389 items: 3390 description: Maps a string key to a path within a volume. 3391 type: object 3392 required: 3393 - key 3394 - path 3395 properties: 3396 key: 3397 description: The key to project. 3398 type: string 3399 mode: 3400 description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3401 type: integer 3402 format: int32 3403 path: 3404 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3405 type: string 3406 optional: 3407 description: Specify whether the Secret or its keys must be defined 3408 type: boolean 3409 secretName: 3410 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 3411 type: string 3412 x-kubernetes-preserve-unknown-fields: true 3413 x-kubernetes-preserve-unknown-fields: true 3414 traffic: 3415 description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. 3416 type: array 3417 items: 3418 description: TrafficTarget holds a single entry of the routing table for a Route. 3419 type: object 3420 properties: 3421 configurationName: 3422 description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. 3423 type: string 3424 latestRevision: 3425 description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 3426 type: boolean 3427 percent: 3428 description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' 3429 type: integer 3430 format: int64 3431 revisionName: 3432 description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. 3433 type: string 3434 tag: 3435 description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. 3436 type: string 3437 url: 3438 description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 3439 type: string 3440 status: 3441 description: ServiceStatus represents the Status stanza of the Service resource. 3442 type: object 3443 properties: 3444 address: 3445 description: Address holds the information needed for a Route to be the target of an event. 3446 type: object 3447 properties: 3448 url: 3449 type: string 3450 annotations: 3451 description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. 3452 type: object 3453 additionalProperties: 3454 type: string 3455 conditions: 3456 description: Conditions the latest available observations of a resource's current state. 3457 type: array 3458 items: 3459 description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 3460 type: object 3461 required: 3462 - status 3463 - type 3464 properties: 3465 lastTransitionTime: 3466 description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). 3467 type: string 3468 format: date-time 3469 message: 3470 description: A human readable message indicating details about the transition. 3471 type: string 3472 reason: 3473 description: The reason for the condition's last transition. 3474 type: string 3475 severity: 3476 description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. 3477 type: string 3478 status: 3479 description: Status of the condition, one of True, False, Unknown. 3480 type: string 3481 type: 3482 description: Type of condition. 3483 type: string 3484 latestCreatedRevisionName: 3485 description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 3486 type: string 3487 latestReadyRevisionName: 3488 description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". 3489 type: string 3490 observedGeneration: 3491 description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. 3492 type: integer 3493 format: int64 3494 traffic: 3495 description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 3496 type: array 3497 items: 3498 description: TrafficTarget holds a single entry of the routing table for a Route. 3499 type: object 3500 properties: 3501 configurationName: 3502 description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. 3503 type: string 3504 latestRevision: 3505 description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 3506 type: boolean 3507 percent: 3508 description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' 3509 type: integer 3510 format: int64 3511 revisionName: 3512 description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. 3513 type: string 3514 tag: 3515 description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. 3516 type: string 3517 url: 3518 description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 3519 type: string 3520 url: 3521 description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} 3522 type: string 3523 3524 --- 3525 # Copyright 2018 The Knative Authors 3526 # 3527 # Licensed under the Apache License, Version 2.0 (the "License"); 3528 # you may not use this file except in compliance with the License. 3529 # You may obtain a copy of the License at 3530 # 3531 # https://www.apache.org/licenses/LICENSE-2.0 3532 # 3533 # Unless required by applicable law or agreed to in writing, software 3534 # distributed under the License is distributed on an "AS IS" BASIS, 3535 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 3536 # See the License for the specific language governing permissions and 3537 # limitations under the License. 3538 3539 apiVersion: caching.internal.knative.dev/v1alpha1 3540 kind: Image 3541 metadata: 3542 name: queue-proxy 3543 namespace: knative-serving 3544 labels: 3545 app.kubernetes.io/component: queue-proxy 3546 app.kubernetes.io/name: knative-serving 3547 app.kubernetes.io/version: "1.3.0" 3548 serving.knative.dev/release: "v1.3.0" 3549 spec: 3550 # This is the Go import path for the binary that is containerized 3551 # and substituted here. 3552 image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:c9dcb1610c99fab4caa39b972f6ce4defa2bdc4ab5c502cc1759f6aa89c34e02 3553 3554 --- 3555 # Copyright 2018 The Knative Authors 3556 # 3557 # Licensed under the Apache License, Version 2.0 (the "License"); 3558 # you may not use this file except in compliance with the License. 3559 # You may obtain a copy of the License at 3560 # 3561 # https://www.apache.org/licenses/LICENSE-2.0 3562 # 3563 # Unless required by applicable law or agreed to in writing, software 3564 # distributed under the License is distributed on an "AS IS" BASIS, 3565 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 3566 # See the License for the specific language governing permissions and 3567 # limitations under the License. 3568 3569 apiVersion: v1 3570 kind: ConfigMap 3571 metadata: 3572 name: config-autoscaler 3573 namespace: knative-serving 3574 labels: 3575 app.kubernetes.io/component: autoscaler 3576 app.kubernetes.io/name: knative-serving 3577 app.kubernetes.io/version: "1.3.0" 3578 serving.knative.dev/release: "v1.3.0" 3579 annotations: 3580 knative.dev/example-checksum: "16af78ce" 3581 data: 3582 _example: | 3583 ################################ 3584 # # 3585 # EXAMPLE CONFIGURATION # 3586 # # 3587 ################################ 3588 3589 # This block is not actually functional configuration, 3590 # but serves to illustrate the available configuration 3591 # options and document them in a way that is accessible 3592 # to users that `kubectl edit` this config map. 3593 # 3594 # These sample configuration options may be copied out of 3595 # this example block and unindented to be in the data block 3596 # to actually change the configuration. 3597 3598 # The Revision ContainerConcurrency field specifies the maximum number 3599 # of requests the Container can handle at once. Container concurrency 3600 # target percentage is how much of that maximum to use in a stable 3601 # state. E.g. if a Revision specifies ContainerConcurrency of 10, then 3602 # the Autoscaler will try to maintain 7 concurrent connections per pod 3603 # on average. 3604 # Note: this limit will be applied to container concurrency set at every 3605 # level (ConfigMap, Revision Spec or Annotation). 3606 # For legacy and backwards compatibility reasons, this value also accepts 3607 # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). 3608 # Thus minimal percentage value must be greater than 1.0, or it will be 3609 # treated as a fraction. 3610 # NOTE: that this value does not affect actual number of concurrent requests 3611 # the user container may receive, but only the average number of requests 3612 # that the revision pods will receive. 3613 container-concurrency-target-percentage: "70" 3614 3615 # The container concurrency target default is what the Autoscaler will 3616 # try to maintain when concurrency is used as the scaling metric for the 3617 # Revision and the Revision specifies unlimited concurrency. 3618 # When revision explicitly specifies container concurrency, that value 3619 # will be used as a scaling target for autoscaler. 3620 # When specifying unlimited concurrency, the autoscaler will 3621 # horizontally scale the application based on this target concurrency. 3622 # This is what we call "soft limit" in the documentation, i.e. it only 3623 # affects number of pods and does not affect the number of requests 3624 # individual pod processes. 3625 # The value must be a positive number such that the value multiplied 3626 # by container-concurrency-target-percentage is greater than 0.01. 3627 # NOTE: that this value will be adjusted by application of 3628 # container-concurrency-target-percentage, i.e. by default 3629 # the system will target on average 70 concurrent requests 3630 # per revision pod. 3631 # NOTE: Only one metric can be used for autoscaling a Revision. 3632 container-concurrency-target-default: "100" 3633 3634 # The requests per second (RPS) target default is what the Autoscaler will 3635 # try to maintain when RPS is used as the scaling metric for a Revision and 3636 # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, 3637 # the autoscaler will horizontally scale the application based on this 3638 # target RPS. 3639 # Must be greater than 1.0. 3640 # NOTE: Only one metric can be used for autoscaling a Revision. 3641 requests-per-second-target-default: "200" 3642 3643 # The target burst capacity specifies the size of burst in concurrent 3644 # requests that the system operator expects the system will receive. 3645 # Autoscaler will try to protect the system from queueing by introducing 3646 # Activator in the request path if the current spare capacity of the 3647 # service is less than this setting. 3648 # If this setting is 0, then Activator will be in the request path only 3649 # when the revision is scaled to 0. 3650 # If this setting is > 0 and container-concurrency-target-percentage is 3651 # 100% or 1.0, then activator will always be in the request path. 3652 # -1 denotes unlimited target-burst-capacity and activator will always 3653 # be in the request path. 3654 # Other negative values are invalid. 3655 target-burst-capacity: "200" 3656 3657 # When operating in a stable mode, the autoscaler operates on the 3658 # average concurrency over the stable window. 3659 # Stable window must be in whole seconds. 3660 stable-window: "60s" 3661 3662 # When observed average concurrency during the panic window reaches 3663 # panic-threshold-percentage the target concurrency, the autoscaler 3664 # enters panic mode. When operating in panic mode, the autoscaler 3665 # scales on the average concurrency over the panic window which is 3666 # panic-window-percentage of the stable-window. 3667 # Must be in the [1, 100] range. 3668 # When computing the panic window it will be rounded to the closest 3669 # whole second, at least 1s. 3670 panic-window-percentage: "10.0" 3671 3672 # The percentage of the container concurrency target at which to 3673 # enter panic mode when reached within the panic window. 3674 panic-threshold-percentage: "200.0" 3675 3676 # Max scale up rate limits the rate at which the autoscaler will 3677 # increase pod count. It is the maximum ratio of desired pods versus 3678 # observed pods. 3679 # Cannot be less or equal to 1. 3680 # I.e with value of 2.0 the number of pods can at most go N to 2N 3681 # over single Autoscaler period (2s), but at least N to 3682 # N+1, if Autoscaler needs to scale up. 3683 max-scale-up-rate: "1000.0" 3684 3685 # Max scale down rate limits the rate at which the autoscaler will 3686 # decrease pod count. It is the maximum ratio of observed pods versus 3687 # desired pods. 3688 # Cannot be less or equal to 1. 3689 # I.e. with value of 2.0 the number of pods can at most go N to N/2 3690 # over single Autoscaler evaluation period (2s), but at 3691 # least N to N-1, if Autoscaler needs to scale down. 3692 max-scale-down-rate: "2.0" 3693 3694 # Scale to zero feature flag. 3695 enable-scale-to-zero: "true" 3696 3697 # Scale to zero grace period is the time an inactive revision is left 3698 # running before it is scaled to zero (must be positive, but recommended 3699 # at least a few seconds if running with mesh networking). 3700 # This is the upper limit and is provided not to enforce timeout after 3701 # the revision stopped receiving requests for stable window, but to 3702 # ensure network reprogramming to put activator in the path has completed. 3703 # If the system determines that a shorter period is satisfactory, 3704 # then the system will only wait that amount of time before scaling to 0. 3705 # NOTE: this period might actually be 0, if activator has been 3706 # in the request path sufficiently long. 3707 # If there is necessity for the last pod to linger longer use 3708 # scale-to-zero-pod-retention-period flag. 3709 scale-to-zero-grace-period: "30s" 3710 3711 # Scale to zero pod retention period defines the minimum amount 3712 # of time the last pod will remain after Autoscaler has decided to 3713 # scale to zero. 3714 # This flag is for the situations where the pod startup is very expensive 3715 # and the traffic is bursty (requiring smaller windows for fast action), 3716 # but patchy. 3717 # The larger of this flag and `scale-to-zero-grace-period` will effectively 3718 # determine how the last pod will hang around. 3719 scale-to-zero-pod-retention-period: "0s" 3720 3721 # pod-autoscaler-class specifies the default pod autoscaler class 3722 # that should be used if none is specified. If omitted, 3723 # the Knative Pod Autoscaler (KPA) is used by default. 3724 pod-autoscaler-class: "kpa.autoscaling.knative.dev" 3725 3726 # The capacity of a single activator task. 3727 # The `unit` is one concurrent request proxied by the activator. 3728 # activator-capacity must be at least 1. 3729 # This value is used for computation of the Activator subset size. 3730 # See the algorithm here: http://bit.ly/38XiCZ3. 3731 # TODO(vagababov): tune after actual benchmarking. 3732 activator-capacity: "100.0" 3733 3734 # initial-scale is the cluster-wide default value for the initial target 3735 # scale of a revision after creation, unless overridden by the 3736 # "autoscaling.knative.dev/initialScale" annotation. 3737 # This value must be greater than 0 unless allow-zero-initial-scale is true. 3738 initial-scale: "1" 3739 3740 # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, 3741 # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. 3742 allow-zero-initial-scale: "false" 3743 3744 # min-scale is the cluster-wide default value for the min scale of a revision, 3745 # unless overridden by the "autoscaling.knative.dev/minScale" annotation. 3746 min-scale: "0" 3747 3748 # max-scale is the cluster-wide default value for the max scale of a revision, 3749 # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. 3750 # If set to 0, the revision has no maximum scale. 3751 max-scale: "0" 3752 3753 # scale-down-delay is the amount of time that must pass at reduced 3754 # concurrency before a scale down decision is applied. This can be useful, 3755 # for example, to maintain replica count and avoid a cold start penalty if 3756 # more requests come in within the scale down delay period. 3757 # The default, 0s, imposes no delay at all. 3758 scale-down-delay: "0s" 3759 3760 # max-scale-limit sets the maximum permitted value for the max scale of a revision. 3761 # When this is set to a positive value, a revision with a maxScale above that value 3762 # (including a maxScale of "0" = unlimited) is disallowed. 3763 # A value of zero (the default) allows any limit, including unlimited. 3764 max-scale-limit: "0" 3765 3766 --- 3767 # Copyright 2019 The Knative Authors 3768 # 3769 # Licensed under the Apache License, Version 2.0 (the "License"); 3770 # you may not use this file except in compliance with the License. 3771 # You may obtain a copy of the License at 3772 # 3773 # https://www.apache.org/licenses/LICENSE-2.0 3774 # 3775 # Unless required by applicable law or agreed to in writing, software 3776 # distributed under the License is distributed on an "AS IS" BASIS, 3777 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 3778 # See the License for the specific language governing permissions and 3779 # limitations under the License. 3780 3781 apiVersion: v1 3782 kind: ConfigMap 3783 metadata: 3784 name: config-defaults 3785 namespace: knative-serving 3786 labels: 3787 app.kubernetes.io/name: knative-serving 3788 app.kubernetes.io/component: controller 3789 app.kubernetes.io/version: "1.3.0" 3790 serving.knative.dev/release: "v1.3.0" 3791 annotations: 3792 knative.dev/example-checksum: "a0feb4c6" 3793 data: 3794 _example: | 3795 ################################ 3796 # # 3797 # EXAMPLE CONFIGURATION # 3798 # # 3799 ################################ 3800 3801 # This block is not actually functional configuration, 3802 # but serves to illustrate the available configuration 3803 # options and document them in a way that is accessible 3804 # to users that `kubectl edit` this config map. 3805 # 3806 # These sample configuration options may be copied out of 3807 # this example block and unindented to be in the data block 3808 # to actually change the configuration. 3809 3810 # revision-timeout-seconds contains the default number of 3811 # seconds to use for the revision's per-request timeout, if 3812 # none is specified. 3813 revision-timeout-seconds: "300" # 5 minutes 3814 3815 # max-revision-timeout-seconds contains the maximum number of 3816 # seconds that can be used for revision-timeout-seconds. 3817 # This value must be greater than or equal to revision-timeout-seconds. 3818 # If omitted, the system default is used (600 seconds). 3819 # 3820 # If this value is increased, the activator's terminationGraceTimeSeconds 3821 # should also be increased to prevent in-flight requests being disrupted. 3822 max-revision-timeout-seconds: "600" # 10 minutes 3823 3824 # revision-cpu-request contains the cpu allocation to assign 3825 # to revisions by default. If omitted, no value is specified 3826 # and the system default is used. 3827 # Below is an example of setting revision-cpu-request. 3828 # By default, it is not set by Knative. 3829 revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) 3830 3831 # revision-memory-request contains the memory allocation to assign 3832 # to revisions by default. If omitted, no value is specified 3833 # and the system default is used. 3834 # Below is an example of setting revision-memory-request. 3835 # By default, it is not set by Knative. 3836 revision-memory-request: "100M" # 100 megabytes of memory 3837 3838 # revision-ephemeral-storage-request contains the ephemeral storage 3839 # allocation to assign to revisions by default. If omitted, no value is 3840 # specified and the system default is used. 3841 revision-ephemeral-storage-request: "500M" # 500 megabytes of storage 3842 3843 # revision-cpu-limit contains the cpu allocation to limit 3844 # revisions to by default. If omitted, no value is specified 3845 # and the system default is used. 3846 # Below is an example of setting revision-cpu-limit. 3847 # By default, it is not set by Knative. 3848 revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) 3849 3850 # revision-memory-limit contains the memory allocation to limit 3851 # revisions to by default. If omitted, no value is specified 3852 # and the system default is used. 3853 # Below is an example of setting revision-memory-limit. 3854 # By default, it is not set by Knative. 3855 revision-memory-limit: "200M" # 200 megabytes of memory 3856 3857 # revision-ephemeral-storage-limit contains the ephemeral storage 3858 # allocation to limit revisions to by default. If omitted, no value is 3859 # specified and the system default is used. 3860 revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage 3861 3862 # container-name-template contains a template for the default 3863 # container name, if none is specified. This field supports 3864 # Go templating and is supplied with the ObjectMeta of the 3865 # enclosing Service or Configuration, so values such as 3866 # {{.Name}} are also valid. 3867 container-name-template: "user-container" 3868 3869 # init-container-name-template contains a template for the default 3870 # init container name, if none is specified. This field supports 3871 # Go templating and is supplied with the ObjectMeta of the 3872 # enclosing Service or Configuration, so values such as 3873 # {{.Name}} are also valid. 3874 init-container-name-template: "init-container" 3875 3876 # container-concurrency specifies the maximum number 3877 # of requests the Container can handle at once, and requests 3878 # above this threshold are queued. Setting a value of zero 3879 # disables this throttling and lets through as many requests as 3880 # the pod receives. 3881 container-concurrency: "0" 3882 3883 # The container concurrency max limit is an operator setting ensuring that 3884 # the individual revisions cannot have arbitrary large concurrency 3885 # values, or autoscaling targets. `container-concurrency` default setting 3886 # must be at or below this value. 3887 # 3888 # Must be greater than 1. 3889 # 3890 # Note: even with this set, a user can choose a containerConcurrency 3891 # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is 3892 # set to "false". 3893 container-concurrency-max-limit: "1000" 3894 3895 # allow-container-concurrency-zero controls whether users can 3896 # specify 0 (i.e. unbounded) for containerConcurrency. 3897 allow-container-concurrency-zero: "true" 3898 3899 # enable-service-links specifies the default value used for the 3900 # enableServiceLinks field of the PodSpec, when it is omitted by the user. 3901 # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service 3902 # 3903 # This is a tri-state flag with possible values of (true|false|default). 3904 # 3905 # In environments with large number of services it is suggested 3906 # to set this value to `false`. 3907 # See https://github.com/knative/serving/issues/8498. 3908 enable-service-links: "false" 3909 3910 --- 3911 # Copyright 2019 The Knative Authors 3912 # 3913 # Licensed under the Apache License, Version 2.0 (the "License"); 3914 # you may not use this file except in compliance with the License. 3915 # You may obtain a copy of the License at 3916 # 3917 # https://www.apache.org/licenses/LICENSE-2.0 3918 # 3919 # Unless required by applicable law or agreed to in writing, software 3920 # distributed under the License is distributed on an "AS IS" BASIS, 3921 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 3922 # See the License for the specific language governing permissions and 3923 # limitations under the License. 3924 3925 apiVersion: v1 3926 kind: ConfigMap 3927 metadata: 3928 name: config-deployment 3929 namespace: knative-serving 3930 labels: 3931 app.kubernetes.io/name: knative-serving 3932 app.kubernetes.io/component: controller 3933 app.kubernetes.io/version: "1.3.0" 3934 serving.knative.dev/release: "v1.3.0" 3935 annotations: 3936 knative.dev/example-checksum: "dd7ee769" 3937 data: 3938 # This is the Go import path for the binary that is containerized 3939 # and substituted here. 3940 # TODO: switch to 'queue-sidecar-image' after 0.27 3941 queueSidecarImage: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:c9dcb1610c99fab4caa39b972f6ce4defa2bdc4ab5c502cc1759f6aa89c34e02 3942 _example: |- 3943 ################################ 3944 # # 3945 # EXAMPLE CONFIGURATION # 3946 # # 3947 ################################ 3948 3949 # This block is not actually functional configuration, 3950 # but serves to illustrate the available configuration 3951 # options and document them in a way that is accessible 3952 # to users that `kubectl edit` this config map. 3953 # 3954 # These sample configuration options may be copied out of 3955 # this example block and unindented to be in the data block 3956 # to actually change the configuration. 3957 3958 # List of repositories for which tag to digest resolving should be skipped 3959 registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" 3960 3961 # Maximum time allowed for an image's digests to be resolved. 3962 digest-resolution-timeout: "10s" 3963 3964 # Duration we wait for the deployment to be ready before considering it failed. 3965 progress-deadline: "600s" 3966 3967 # Sets the queue proxy's CPU request. 3968 # If omitted, a default value (currently "25m"), is used. 3969 queue-sidecar-cpu-request: "25m" 3970 3971 # Sets the queue proxy's CPU limit. 3972 # If omitted, no value is specified and the system default is used. 3973 queue-sidecar-cpu-limit: "1000m" 3974 3975 # Sets the queue proxy's memory request. 3976 # If omitted, no value is specified and the system default is used. 3977 queue-sidecar-memory-request: "400Mi" 3978 3979 # Sets the queue proxy's memory limit. 3980 # If omitted, no value is specified and the system default is used. 3981 queue-sidecar-memory-limit: "800Mi" 3982 3983 # Sets the queue proxy's ephemeral storage request. 3984 # If omitted, no value is specified and the system default is used. 3985 queue-sidecar-ephemeral-storage-request: "512Mi" 3986 3987 # Sets the queue proxy's ephemeral storage limit. 3988 # If omitted, no value is specified and the system default is used. 3989 queue-sidecar-ephemeral-storage-limit: "1024Mi" 3990 3991 # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or 3992 # scales up from zero. 3993 # 3994 # Freezer service is available at: https://github.com/knative-sandbox/container-freezer 3995 # or users may write their own service. 3996 # 3997 # The value will need to include both the host and the port that will be accessed. 3998 # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped 3999 # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. 4000 # 4001 # As an example: 4002 # concurrency-state-endpoint: "http://$HOST_IP:9696" 4003 # 4004 # If not set, queue proxy takes no action (this is the default behavior). 4005 # 4006 # When enabled, a serviceAccountToken will be mounted to queue-proxy using 4007 # a projected volume. This requires the Service Account Token Volume Projection feature 4008 # to be enabled. For details, see this link: 4009 # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection 4010 # 4011 # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE 4012 concurrency-state-endpoint: "" 4013 4014 --- 4015 # Copyright 2018 The Knative Authors 4016 # 4017 # Licensed under the Apache License, Version 2.0 (the "License"); 4018 # you may not use this file except in compliance with the License. 4019 # You may obtain a copy of the License at 4020 # 4021 # https://www.apache.org/licenses/LICENSE-2.0 4022 # 4023 # Unless required by applicable law or agreed to in writing, software 4024 # distributed under the License is distributed on an "AS IS" BASIS, 4025 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4026 # See the License for the specific language governing permissions and 4027 # limitations under the License. 4028 4029 apiVersion: v1 4030 kind: ConfigMap 4031 metadata: 4032 name: config-domain 4033 namespace: knative-serving 4034 labels: 4035 app.kubernetes.io/name: knative-serving 4036 app.kubernetes.io/component: controller 4037 app.kubernetes.io/version: "1.3.0" 4038 serving.knative.dev/release: "v1.3.0" 4039 annotations: 4040 knative.dev/example-checksum: "81552d0b" 4041 data: 4042 _example: | 4043 ################################ 4044 # # 4045 # EXAMPLE CONFIGURATION # 4046 # # 4047 ################################ 4048 4049 # This block is not actually functional configuration, 4050 # but serves to illustrate the available configuration 4051 # options and document them in a way that is accessible 4052 # to users that `kubectl edit` this config map. 4053 # 4054 # These sample configuration options may be copied out of 4055 # this example block and unindented to be in the data block 4056 # to actually change the configuration. 4057 4058 # Default value for domain. 4059 # Although it will match all routes, it is the least-specific rule so it 4060 # will only be used if no other domain matches. 4061 example.com: | 4062 4063 # These are example settings of domain. 4064 # example.org will be used for routes having app=nonprofit. 4065 example.org: | 4066 selector: 4067 app: nonprofit 4068 4069 # Routes having the cluster domain suffix (by default 'svc.cluster.local') 4070 # will not be exposed through Ingress. You can define your own label 4071 # selector to assign that domain suffix to your Route here, or you can set 4072 # the label 4073 # "networking.knative.dev/visibility=cluster-local" 4074 # to achieve the same effect. This shows how to make routes having 4075 # the label app=secret only exposed to the local cluster. 4076 svc.cluster.local: | 4077 selector: 4078 app: secret 4079 4080 --- 4081 # Copyright 2020 The Knative Authors 4082 # 4083 # Licensed under the Apache License, Version 2.0 (the "License"); 4084 # you may not use this file except in compliance with the License. 4085 # You may obtain a copy of the License at 4086 # 4087 # https://www.apache.org/licenses/LICENSE-2.0 4088 # 4089 # Unless required by applicable law or agreed to in writing, software 4090 # distributed under the License is distributed on an "AS IS" BASIS, 4091 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4092 # See the License for the specific language governing permissions and 4093 # limitations under the License. 4094 4095 apiVersion: v1 4096 kind: ConfigMap 4097 metadata: 4098 name: config-features 4099 namespace: knative-serving 4100 labels: 4101 app.kubernetes.io/name: knative-serving 4102 app.kubernetes.io/component: controller 4103 app.kubernetes.io/version: "1.3.0" 4104 serving.knative.dev/release: "v1.3.0" 4105 annotations: 4106 knative.dev/example-checksum: "d9e300ba" 4107 data: 4108 _example: |- 4109 ################################ 4110 # # 4111 # EXAMPLE CONFIGURATION # 4112 # # 4113 ################################ 4114 4115 # This block is not actually functional configuration, 4116 # but serves to illustrate the available configuration 4117 # options and document them in a way that is accessible 4118 # to users that `kubectl edit` this config map. 4119 # 4120 # These sample configuration options may be copied out of 4121 # this example block and unindented to be in the data block 4122 # to actually change the configuration. 4123 4124 # Indicates whether multi container support is enabled 4125 # 4126 # WARNING: Cannot safely be disabled once enabled. 4127 # See: https://knative.dev/docs/serving/feature-flags/#multi-containers 4128 multi-container: "enabled" 4129 4130 # Indicates whether Kubernetes affinity support is enabled 4131 # 4132 # WARNING: Cannot safely be disabled once enabled. 4133 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity 4134 kubernetes.podspec-affinity: "disabled" 4135 4136 # Indicates whether Kubernetes hostAliases support is enabled 4137 # 4138 # WARNING: Cannot safely be disabled once enabled. 4139 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases 4140 kubernetes.podspec-hostaliases: "disabled" 4141 4142 # Indicates whether Kubernetes nodeSelector support is enabled 4143 # 4144 # WARNING: Cannot safely be disabled once enabled. 4145 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector 4146 kubernetes.podspec-nodeselector: "disabled" 4147 4148 # Indicates whether Kubernetes tolerations support is enabled 4149 # 4150 # WARNING: Cannot safely be disabled once enabled 4151 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration 4152 kubernetes.podspec-tolerations: "disabled" 4153 4154 # Indicates whether Kubernetes FieldRef support is enabled 4155 # 4156 # WARNING: Cannot safely be disabled once enabled. 4157 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref 4158 kubernetes.podspec-fieldref: "disabled" 4159 4160 # Indicates whether Kubernetes RuntimeClassName support is enabled 4161 # 4162 # WARNING: Cannot safely be disabled once enabled. 4163 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class 4164 kubernetes.podspec-runtimeclassname: "disabled" 4165 4166 # This feature allows end-users to set a subset of fields on the Pod's SecurityContext 4167 # 4168 # When set to "enabled" or "allowed" it allows the following 4169 # PodSecurityContext properties: 4170 # - FSGroup 4171 # - RunAsGroup 4172 # - RunAsNonRoot 4173 # - SupplementalGroups 4174 # - RunAsUser 4175 # 4176 # This feature flag should be used with caution as the PodSecurityContext 4177 # properties may have a side-effect on non-user sidecar containers that come 4178 # from Knative or your service mesh 4179 # 4180 # WARNING: Cannot safely be disabled once enabled. 4181 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context 4182 kubernetes.podspec-securitycontext: "disabled" 4183 4184 # Indicates whether Kubernetes PriorityClassName support is enabled 4185 # 4186 # WARNING: Cannot safely be disabled once enabled. 4187 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name 4188 kubernetes.podspec-priorityclassname: "disabled" 4189 4190 # Indicates whether Kubernetes SchedulerName support is enabled 4191 # 4192 # WARNING: Cannot safely be disabled once enabled. 4193 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name 4194 kubernetes.podspec-schedulername: "disabled" 4195 4196 # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. 4197 # 4198 # When set to "enabled" or "allowed" it allows capabilities to be added to the container. 4199 # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html 4200 kubernetes.containerspec-addcapabilities: "disabled" 4201 4202 # This feature validates PodSpecs from the validating webhook 4203 # against the K8s API Server. 4204 # 4205 # When "enabled", the server will always run the extra validation. 4206 # When "allowed", the server will not run the dry-run validation by default. 4207 # However, clients may enable the behavior on an individual Service by 4208 # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". 4209 # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run 4210 kubernetes.podspec-dryrun: "allowed" 4211 4212 # Controls whether tag header based routing feature are enabled or not. 4213 # 1. Enabled: enabling tag header based routing 4214 # 2. Disabled: disabling tag header based routing 4215 # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing 4216 tag-header-based-routing: "disabled" 4217 4218 # Controls whether http2 auto-detection should be enabled or not. 4219 # 1. Enabled: http2 connection will be attempted via upgrade. 4220 # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". 4221 autodetect-http2: "disabled" 4222 4223 # Controls whether volume support for EmptyDir is enabled or not. 4224 # 1. Enabled: enabling EmptyDir volume support 4225 # 2. Disabled: disabling EmptyDir volume support 4226 kubernetes.podspec-volumes-emptydir: "disabled" 4227 4228 # Controls whether init containers support is enabled or not. 4229 # 1. Enabled: enabling init containers support 4230 # 2. Disabled: disabling init containers support 4231 kubernetes.podspec-init-containers: "disabled" 4232 4233 # Controls whether persistent volume claim support is enabled or not. 4234 # 1. Enabled: enabling persistent volume claim support 4235 # 2. Disabled: disabling persistent volume claim support 4236 kubernetes.podspec-persistent-volume-claim: "disabled" 4237 4238 # Controls whether write access for persistent volumes is enabled or not. 4239 # 1. Enabled: enabling write access for persistent volumes 4240 # 2. Disabled: disabling write access for persistent volumes 4241 kubernetes.podspec-persistent-volume-write: "disabled" 4242 4243 --- 4244 # Copyright 2018 The Knative Authors 4245 # 4246 # Licensed under the Apache License, Version 2.0 (the "License"); 4247 # you may not use this file except in compliance with the License. 4248 # You may obtain a copy of the License at 4249 # 4250 # https://www.apache.org/licenses/LICENSE-2.0 4251 # 4252 # Unless required by applicable law or agreed to in writing, software 4253 # distributed under the License is distributed on an "AS IS" BASIS, 4254 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4255 # See the License for the specific language governing permissions and 4256 # limitations under the License. 4257 4258 apiVersion: v1 4259 kind: ConfigMap 4260 metadata: 4261 name: config-gc 4262 namespace: knative-serving 4263 labels: 4264 app.kubernetes.io/name: knative-serving 4265 app.kubernetes.io/component: controller 4266 app.kubernetes.io/version: "1.3.0" 4267 serving.knative.dev/release: "v1.3.0" 4268 annotations: 4269 knative.dev/example-checksum: "45463e45" 4270 data: 4271 _example: | 4272 ################################ 4273 # # 4274 # EXAMPLE CONFIGURATION # 4275 # # 4276 ################################ 4277 4278 # This block is not actually functional configuration, 4279 # but serves to illustrate the available configuration 4280 # options and document them in a way that is accessible 4281 # to users that `kubectl edit` this config map. 4282 # 4283 # These sample configuration options may be copied out of 4284 # this example block and unindented to be in the data block 4285 # to actually change the configuration. 4286 4287 4288 # --------------------------------------- 4289 # Garbage Collector Settings 4290 # --------------------------------------- 4291 # 4292 # Active 4293 # * Revisions which are referenced by a Route are considered active. 4294 # * Individual revisions may be marked with the annotation 4295 # "serving.knative.dev/no-gc":"true" to be permanently considered active. 4296 # * Active revisions are not considered for GC. 4297 # Retention 4298 # * Revisions are retained if they are any of the following: 4299 # 1. Active 4300 # 2. Were created within "retain-since-create-time" 4301 # 3. Were last referenced by a route within 4302 # "retain-since-last-active-time" 4303 # 4. There are fewer than "min-non-active-revisions" 4304 # If none of these conditions are met, or if the count of revisions exceed 4305 # "max-non-active-revisions", they will be deleted by GC. 4306 # The special value "disabled" may be used to turn off these limits. 4307 # 4308 # Example config to immediately collect any inactive revision: 4309 # min-non-active-revisions: "0" 4310 # max-non-active-revisions: "0" 4311 # retain-since-create-time: "disabled" 4312 # retain-since-last-active-time: "disabled" 4313 # 4314 # Example config to always keep around the last ten non-active revisions: 4315 # retain-since-create-time: "disabled" 4316 # retain-since-last-active-time: "disabled" 4317 # max-non-active-revisions: "10" 4318 # 4319 # Example config to disable all GC: 4320 # retain-since-create-time: "disabled" 4321 # retain-since-last-active-time: "disabled" 4322 # max-non-active-revisions: "disabled" 4323 # 4324 # Example config to keep recently deployed or active revisions, 4325 # always maintain the last two in case of rollback, and prevent 4326 # burst activity from exploding the count of old revisions: 4327 # retain-since-create-time: "48h" 4328 # retain-since-last-active-time: "15h" 4329 # min-non-active-revisions: "2" 4330 # max-non-active-revisions: "1000" 4331 4332 # Duration since creation before considering a revision for GC or "disabled". 4333 retain-since-create-time: "48h" 4334 4335 # Duration since active before considering a revision for GC or "disabled". 4336 retain-since-last-active-time: "15h" 4337 4338 # Minimum number of non-active revisions to retain. 4339 min-non-active-revisions: "20" 4340 4341 # Maximum number of non-active revisions to retain 4342 # or "disabled" to disable any maximum limit. 4343 max-non-active-revisions: "1000" 4344 4345 --- 4346 # Copyright 2020 The Knative Authors 4347 # 4348 # Licensed under the Apache License, Version 2.0 (the "License"); 4349 # you may not use this file except in compliance with the License. 4350 # You may obtain a copy of the License at 4351 # 4352 # https://www.apache.org/licenses/LICENSE-2.0 4353 # 4354 # Unless required by applicable law or agreed to in writing, software 4355 # distributed under the License is distributed on an "AS IS" BASIS, 4356 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4357 # See the License for the specific language governing permissions and 4358 # limitations under the License. 4359 4360 apiVersion: v1 4361 kind: ConfigMap 4362 metadata: 4363 name: config-leader-election 4364 namespace: knative-serving 4365 labels: 4366 app.kubernetes.io/name: knative-serving 4367 app.kubernetes.io/component: controller 4368 app.kubernetes.io/version: "1.3.0" 4369 serving.knative.dev/release: "v1.3.0" 4370 annotations: 4371 knative.dev/example-checksum: "f4b71f57" 4372 data: 4373 _example: | 4374 ################################ 4375 # # 4376 # EXAMPLE CONFIGURATION # 4377 # # 4378 ################################ 4379 4380 # This block is not actually functional configuration, 4381 # but serves to illustrate the available configuration 4382 # options and document them in a way that is accessible 4383 # to users that `kubectl edit` this config map. 4384 # 4385 # These sample configuration options may be copied out of 4386 # this example block and unindented to be in the data block 4387 # to actually change the configuration. 4388 4389 # lease-duration is how long non-leaders will wait to try to acquire the 4390 # lock; 15 seconds is the value used by core kubernetes controllers. 4391 lease-duration: "60s" 4392 4393 # renew-deadline is how long a leader will try to renew the lease before 4394 # giving up; 10 seconds is the value used by core kubernetes controllers. 4395 renew-deadline: "40s" 4396 4397 # retry-period is how long the leader election client waits between tries of 4398 # actions; 2 seconds is the value used by core kubernetes controllers. 4399 retry-period: "10s" 4400 4401 # buckets is the number of buckets used to partition key space of each 4402 # Reconciler. If this number is M and the replica number of the controller 4403 # is N, the N replicas will compete for the M buckets. The owner of a 4404 # bucket will take care of the reconciling for the keys partitioned into 4405 # that bucket. 4406 buckets: "1" 4407 4408 --- 4409 # Copyright 2018 The Knative Authors 4410 # 4411 # Licensed under the Apache License, Version 2.0 (the "License"); 4412 # you may not use this file except in compliance with the License. 4413 # You may obtain a copy of the License at 4414 # 4415 # https://www.apache.org/licenses/LICENSE-2.0 4416 # 4417 # Unless required by applicable law or agreed to in writing, software 4418 # distributed under the License is distributed on an "AS IS" BASIS, 4419 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4420 # See the License for the specific language governing permissions and 4421 # limitations under the License. 4422 4423 apiVersion: v1 4424 kind: ConfigMap 4425 metadata: 4426 name: config-logging 4427 namespace: knative-serving 4428 labels: 4429 serving.knative.dev/release: "v1.3.0" 4430 app.kubernetes.io/version: "1.3.0" 4431 app.kubernetes.io/component: logging 4432 app.kubernetes.io/name: knative-serving 4433 annotations: 4434 knative.dev/example-checksum: "b0f3c6f2" 4435 data: 4436 _example: | 4437 ################################ 4438 # # 4439 # EXAMPLE CONFIGURATION # 4440 # # 4441 ################################ 4442 4443 # This block is not actually functional configuration, 4444 # but serves to illustrate the available configuration 4445 # options and document them in a way that is accessible 4446 # to users that `kubectl edit` this config map. 4447 # 4448 # These sample configuration options may be copied out of 4449 # this example block and unindented to be in the data block 4450 # to actually change the configuration. 4451 4452 # Common configuration for all Knative codebase 4453 zap-logger-config: | 4454 { 4455 "level": "info", 4456 "development": false, 4457 "outputPaths": ["stdout"], 4458 "errorOutputPaths": ["stderr"], 4459 "encoding": "json", 4460 "encoderConfig": { 4461 "timeKey": "timestamp", 4462 "levelKey": "severity", 4463 "nameKey": "logger", 4464 "callerKey": "caller", 4465 "messageKey": "message", 4466 "stacktraceKey": "stacktrace", 4467 "lineEnding": "", 4468 "levelEncoder": "", 4469 "timeEncoder": "iso8601", 4470 "durationEncoder": "", 4471 "callerEncoder": "" 4472 } 4473 } 4474 4475 # Log level overrides 4476 # For all components except the queue proxy, 4477 # changes are picked up immediately. 4478 # For queue proxy, changes require recreation of the pods. 4479 loglevel.controller: "info" 4480 loglevel.autoscaler: "info" 4481 loglevel.queueproxy: "info" 4482 loglevel.webhook: "info" 4483 loglevel.activator: "info" 4484 loglevel.hpaautoscaler: "info" 4485 loglevel.net-certmanager-controller: "info" 4486 loglevel.net-istio-controller: "info" 4487 loglevel.net-contour-controller: "info" 4488 4489 --- 4490 # Copyright 2018 The Knative Authors 4491 # 4492 # Licensed under the Apache License, Version 2.0 (the "License"); 4493 # you may not use this file except in compliance with the License. 4494 # You may obtain a copy of the License at 4495 # 4496 # https://www.apache.org/licenses/LICENSE-2.0 4497 # 4498 # Unless required by applicable law or agreed to in writing, software 4499 # distributed under the License is distributed on an "AS IS" BASIS, 4500 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4501 # See the License for the specific language governing permissions and 4502 # limitations under the License. 4503 4504 apiVersion: v1 4505 kind: ConfigMap 4506 metadata: 4507 name: config-network 4508 namespace: knative-serving 4509 labels: 4510 app.kubernetes.io/name: knative-serving 4511 app.kubernetes.io/component: networking 4512 app.kubernetes.io/version: "1.3.0" 4513 serving.knative.dev/release: "v1.3.0" 4514 annotations: 4515 knative.dev/example-checksum: "ddc3250f" 4516 data: 4517 _example: | 4518 ################################ 4519 # # 4520 # EXAMPLE CONFIGURATION # 4521 # # 4522 ################################ 4523 4524 # This block is not actually functional configuration, 4525 # but serves to illustrate the available configuration 4526 # options and document them in a way that is accessible 4527 # to users that `kubectl edit` this config map. 4528 # 4529 # These sample configuration options may be copied out of 4530 # this example block and unindented to be in the data block 4531 # to actually change the configuration. 4532 4533 # ingress-class specifies the default ingress class 4534 # to use when not dictated by Route annotation. 4535 # 4536 # If not specified, will use the Istio ingress. 4537 # 4538 # Note that changing the Ingress class of an existing Route 4539 # will result in undefined behavior. Therefore it is best to only 4540 # update this value during the setup of Knative, to avoid getting 4541 # undefined behavior. 4542 ingress-class: "istio.ingress.networking.knative.dev" 4543 4544 # certificate-class specifies the default Certificate class 4545 # to use when not dictated by Route annotation. 4546 # 4547 # If not specified, will use the Cert-Manager Certificate. 4548 # 4549 # Note that changing the Certificate class of an existing Route 4550 # will result in undefined behavior. Therefore it is best to only 4551 # update this value during the setup of Knative, to avoid getting 4552 # undefined behavior. 4553 certificate-class: "cert-manager.certificate.networking.knative.dev" 4554 4555 # namespace-wildcard-cert-selector specifies a LabelSelector which 4556 # determines which namespaces should have a wildcard certificate 4557 # provisioned. 4558 # 4559 # Use an empty value to disable the feature (this is the default): 4560 # namespace-wildcard-cert-selector: "" 4561 # 4562 # Use an empty object to enable for all namespaces 4563 # namespace-wildcard-cert-selector: {} 4564 # 4565 # Useful labels include the "kubernetes.io/metadata.name" label to 4566 # avoid provisioning a certifcate for the "kube-system" namespaces. 4567 # Use the following selector to match pre-1.0 behavior of using 4568 # "networking.knative.dev/disableWildcardCert" to exclude namespaces: 4569 # 4570 # matchExpressions: 4571 # - key: "networking.knative.dev/disableWildcardCert" 4572 # operator: "NotIn" 4573 # values: ["true"] 4574 namespace-wildcard-cert-selector: "" 4575 4576 # domain-template specifies the golang text template string to use 4577 # when constructing the Knative service's DNS name. The default 4578 # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". 4579 # 4580 # Valid variables defined in the template include Name, Namespace, Domain, 4581 # Labels, and Annotations. Name will be the result of the tagTemplate 4582 # below, if a tag is specified for the route. 4583 # 4584 # Changing this value might be necessary when the extra levels in 4585 # the domain name generated is problematic for wildcard certificates 4586 # that only support a single level of domain name added to the 4587 # certificate's domain. In those cases you might consider using a value 4588 # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace 4589 # entirely from the template. When choosing a new value be thoughtful 4590 # of the potential for conflicts - for example, when users choose to use 4591 # characters such as `-` in their service, or namespace, names. 4592 # {{.Annotations}} or {{.Labels}} can be used for any customization in the 4593 # go template if needed. 4594 # We strongly recommend keeping namespace part of the template to avoid 4595 # domain name clashes: 4596 # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' 4597 # and you have an annotation {"sub":"foo"}, then the generated template 4598 # would be {Name}-{Namespace}.foo.{Domain} 4599 domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" 4600 4601 # tagTemplate specifies the golang text template string to use 4602 # when constructing the DNS name for "tags" within the traffic blocks 4603 # of Routes and Configuration. This is used in conjunction with the 4604 # domainTemplate above to determine the full URL for the tag. 4605 tag-template: "{{.Tag}}-{{.Name}}" 4606 4607 # Controls whether TLS certificates are automatically provisioned and 4608 # installed in the Knative ingress to terminate external TLS connection. 4609 # 1. Enabled: enabling auto-TLS feature. 4610 # 2. Disabled: disabling auto-TLS feature. 4611 auto-tls: "Disabled" 4612 4613 # Controls the behavior of the HTTP endpoint for the Knative ingress. 4614 # It requires autoTLS to be enabled. 4615 # 1. Enabled: The Knative ingress will be able to serve HTTP connection. 4616 # 2. Redirected: The Knative ingress will send a 301 redirect for all 4617 # http connections, asking the clients to use HTTPS. 4618 # 4619 # "Disabled" option is deprecated. 4620 http-protocol: "Enabled" 4621 4622 # rollout-duration contains the minimal duration in seconds over which the 4623 # Configuration traffic targets are rolled out to the newest revision. 4624 rollout-duration: "0" 4625 4626 # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should 4627 # be automatically created (and deleted) as needed when DomainMappings are 4628 # reconciled. 4629 # 4630 # If this is "false" (the default), the cluster administrator is 4631 # responsible for creating ClusterDomainClaims and delegating them to 4632 # namespaces via their spec.Namespace field. This setting should be used in 4633 # multitenant environments which need to control which namespace can use a 4634 # particular domain name in a domain mapping. 4635 # 4636 # If this is "true", users are able to associate arbitrary names with their 4637 # services via the DomainMapping feature. 4638 autocreate-cluster-domain-claims: "false" 4639 4640 # If true, networking plugins can add additional information to deployed 4641 # applications to make their pods directly accessible via their IPs even if mesh is 4642 # enabled and thus direct-addressability is usually not possible. 4643 # Consumers like Knative Serving can use this setting to adjust their behavior 4644 # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. 4645 # 4646 # NOTE: This flag is in an alpha state and is mostly here to enable internal testing 4647 # for now. Use with caution. 4648 enable-mesh-pod-addressability: "false" 4649 4650 # mesh-compatibility-mode indicates whether consumers of network plugins 4651 # should directly contact Pod IPs (most efficient), or should use the 4652 # Cluster IP (less efficient, needed when mesh is enabled unless 4653 # `enable-mesh-pod-addressability`, above, is set). 4654 # Permitted values are: 4655 # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. 4656 # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. 4657 # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. 4658 mesh-compatibility-mode: "auto" 4659 4660 # Defines the scheme used for external URLs if autoTLS is not enabled. 4661 # This can be used for making Knative report all URLs as "HTTPS" for example, if you're 4662 # fronting Knative with an external loadbalancer that deals with TLS termination and 4663 # Knative doesn't know about that otherwise. 4664 default-external-scheme: "http" 4665 4666 # The CA public certificate used to sign the activator TLS certificate. 4667 # It is specified by the secret name, which has the "ca.crt" data field. 4668 # Use an empty value to disable the feature (default). 4669 # 4670 # NOTE: This flag is in an alpha state and is mostly here to enable internal testing 4671 # for now. Use with caution. 4672 activator-ca: "" 4673 4674 # The SAN (Subject Alt Name) used to validate the activator TLS certificate. 4675 # It is available only when "activator-ca" is specified. 4676 # Use an empty value to disable the feature (default). 4677 # 4678 # NOTE: This flag is in an alpha state and is mostly here to enable internal testing 4679 # for now. Use with caution. 4680 activator-san: "" 4681 4682 --- 4683 # Copyright 2018 The Knative Authors 4684 # 4685 # Licensed under the Apache License, Version 2.0 (the "License"); 4686 # you may not use this file except in compliance with the License. 4687 # You may obtain a copy of the License at 4688 # 4689 # https://www.apache.org/licenses/LICENSE-2.0 4690 # 4691 # Unless required by applicable law or agreed to in writing, software 4692 # distributed under the License is distributed on an "AS IS" BASIS, 4693 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4694 # See the License for the specific language governing permissions and 4695 # limitations under the License. 4696 4697 apiVersion: v1 4698 kind: ConfigMap 4699 metadata: 4700 name: config-observability 4701 namespace: knative-serving 4702 labels: 4703 app.kubernetes.io/name: knative-serving 4704 app.kubernetes.io/component: observability 4705 app.kubernetes.io/version: "1.3.0" 4706 serving.knative.dev/release: "v1.3.0" 4707 annotations: 4708 knative.dev/example-checksum: "fed4756e" 4709 data: 4710 _example: | 4711 ################################ 4712 # # 4713 # EXAMPLE CONFIGURATION # 4714 # # 4715 ################################ 4716 4717 # This block is not actually functional configuration, 4718 # but serves to illustrate the available configuration 4719 # options and document them in a way that is accessible 4720 # to users that `kubectl edit` this config map. 4721 # 4722 # These sample configuration options may be copied out of 4723 # this example block and unindented to be in the data block 4724 # to actually change the configuration. 4725 4726 # logging.enable-var-log-collection defaults to false. 4727 # The fluentd daemon set will be set up to collect /var/log if 4728 # this flag is true. 4729 logging.enable-var-log-collection: "false" 4730 4731 # logging.revision-url-template provides a template to use for producing the 4732 # logging URL that is injected into the status of each Revision. 4733 logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" 4734 4735 # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe 4736 # requests. 4737 # NB: after 0.18 release logging.enable-request-log must be explicitly set to true 4738 # in order for request logging to be enabled. 4739 # 4740 # The value determines the shape of the request logs and it must be a valid go text/template. 4741 # It is important to keep this as a single line. Multiple lines are parsed as separate entities 4742 # by most collection agents and will split the request logs into multiple records. 4743 # 4744 # The following fields and functions are available to the template: 4745 # 4746 # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) 4747 # representing an HTTP request received by the server. 4748 # 4749 # Response: 4750 # struct { 4751 # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) 4752 # Size int // An int representing the size of the response. 4753 # Latency float64 // A float64 representing the latency of the response in seconds. 4754 # } 4755 # 4756 # Revision: 4757 # struct { 4758 # Name string // Knative revision name 4759 # Namespace string // Knative revision namespace 4760 # Service string // Knative service name 4761 # Configuration string // Knative configuration name 4762 # PodName string // Name of the pod hosting the revision 4763 # PodIP string // IP of the pod hosting the revision 4764 # } 4765 # 4766 logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' 4767 4768 # If true, the request logging will be enabled. 4769 # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value 4770 # will be ignored. 4771 logging.enable-request-log: "false" 4772 4773 # If true, this enables queue proxy writing request logs for probe requests to stdout. 4774 # It uses the same template for user requests, i.e. logging.request-log-template. 4775 logging.enable-probe-request-log: "false" 4776 4777 # metrics.backend-destination field specifies the system metrics destination. 4778 # It supports either prometheus (the default) or opencensus. 4779 metrics.backend-destination: prometheus 4780 4781 # metrics.request-metrics-backend-destination specifies the request metrics 4782 # destination. It enables queue proxy to send request metrics. 4783 # Currently supported values: prometheus (the default), opencensus. 4784 metrics.request-metrics-backend-destination: prometheus 4785 4786 # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from 4787 # the pods via an HTTP server in the format expected by the pprof visualization tool. When 4788 # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. 4789 # The HTTP context root for profiling is then /debug/pprof/. 4790 profiling.enable: "false" 4791 4792 --- 4793 # Copyright 2019 The Knative Authors 4794 # 4795 # Licensed under the Apache License, Version 2.0 (the "License"); 4796 # you may not use this file except in compliance with the License. 4797 # You may obtain a copy of the License at 4798 # 4799 # https://www.apache.org/licenses/LICENSE-2.0 4800 # 4801 # Unless required by applicable law or agreed to in writing, software 4802 # distributed under the License is distributed on an "AS IS" BASIS, 4803 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4804 # See the License for the specific language governing permissions and 4805 # limitations under the License. 4806 4807 apiVersion: v1 4808 kind: ConfigMap 4809 metadata: 4810 name: config-tracing 4811 namespace: knative-serving 4812 labels: 4813 app.kubernetes.io/name: knative-serving 4814 app.kubernetes.io/component: tracing 4815 app.kubernetes.io/version: "1.3.0" 4816 serving.knative.dev/release: "v1.3.0" 4817 annotations: 4818 knative.dev/example-checksum: "26614636" 4819 data: 4820 _example: | 4821 ################################ 4822 # # 4823 # EXAMPLE CONFIGURATION # 4824 # # 4825 ################################ 4826 4827 # This block is not actually functional configuration, 4828 # but serves to illustrate the available configuration 4829 # options and document them in a way that is accessible 4830 # to users that `kubectl edit` this config map. 4831 # 4832 # These sample configuration options may be copied out of 4833 # this example block and unindented to be in the data block 4834 # to actually change the configuration. 4835 # 4836 # This may be "zipkin" or "none" (default) 4837 backend: "none" 4838 4839 # URL to zipkin collector where traces are sent. 4840 # This must be specified when backend is "zipkin" 4841 zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" 4842 4843 # Enable zipkin debug mode. This allows all spans to be sent to the server 4844 # bypassing sampling. 4845 debug: "false" 4846 4847 # Percentage (0-1) of requests to trace 4848 sample-rate: "0.1" 4849 4850 --- 4851 # Copyright 2020 The Knative Authors 4852 # 4853 # Licensed under the Apache License, Version 2.0 (the "License"); 4854 # you may not use this file except in compliance with the License. 4855 # You may obtain a copy of the License at 4856 # 4857 # https://www.apache.org/licenses/LICENSE-2.0 4858 # 4859 # Unless required by applicable law or agreed to in writing, software 4860 # distributed under the License is distributed on an "AS IS" BASIS, 4861 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4862 # See the License for the specific language governing permissions and 4863 # limitations under the License. 4864 4865 apiVersion: autoscaling/v2beta2 4866 kind: HorizontalPodAutoscaler 4867 metadata: 4868 name: activator 4869 namespace: knative-serving 4870 labels: 4871 app.kubernetes.io/component: activator 4872 app.kubernetes.io/name: knative-serving 4873 app.kubernetes.io/version: "1.3.0" 4874 serving.knative.dev/release: "v1.3.0" 4875 spec: 4876 minReplicas: 1 4877 maxReplicas: 20 4878 scaleTargetRef: 4879 apiVersion: apps/v1 4880 kind: Deployment 4881 name: activator 4882 metrics: 4883 - type: Resource 4884 resource: 4885 name: cpu 4886 target: 4887 type: Utilization 4888 # Percentage of the requested CPU 4889 averageUtilization: 100 4890 --- 4891 # Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. 4892 # Given the subsetting and that the activators are partially stateful systems, we want 4893 # a slow rollout of the new versions and slow migration during node upgrades. 4894 apiVersion: policy/v1 4895 kind: PodDisruptionBudget 4896 metadata: 4897 name: activator-pdb 4898 namespace: knative-serving 4899 labels: 4900 app.kubernetes.io/component: activator 4901 app.kubernetes.io/name: knative-serving 4902 app.kubernetes.io/version: "1.3.0" 4903 serving.knative.dev/release: "v1.3.0" 4904 spec: 4905 minAvailable: 80% 4906 selector: 4907 matchLabels: 4908 app: activator 4909 4910 --- 4911 # Copyright 2018 The Knative Authors 4912 # 4913 # Licensed under the Apache License, Version 2.0 (the "License"); 4914 # you may not use this file except in compliance with the License. 4915 # You may obtain a copy of the License at 4916 # 4917 # https://www.apache.org/licenses/LICENSE-2.0 4918 # 4919 # Unless required by applicable law or agreed to in writing, software 4920 # distributed under the License is distributed on an "AS IS" BASIS, 4921 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 4922 # See the License for the specific language governing permissions and 4923 # limitations under the License. 4924 4925 apiVersion: apps/v1 4926 kind: Deployment 4927 metadata: 4928 name: activator 4929 namespace: knative-serving 4930 labels: 4931 app.kubernetes.io/component: activator 4932 app.kubernetes.io/version: "1.3.0" 4933 app.kubernetes.io/name: knative-serving 4934 serving.knative.dev/release: "v1.3.0" 4935 spec: 4936 selector: 4937 matchLabels: 4938 app: activator 4939 role: activator 4940 template: 4941 metadata: 4942 annotations: 4943 cluster-autoscaler.kubernetes.io/safe-to-evict: "false" 4944 labels: 4945 app: activator 4946 role: activator 4947 app.kubernetes.io/component: activator 4948 app.kubernetes.io/name: knative-serving 4949 app.kubernetes.io/version: "1.3.0" 4950 serving.knative.dev/release: "v1.3.0" 4951 spec: 4952 serviceAccountName: controller 4953 containers: 4954 - name: activator 4955 # This is the Go import path for the binary that is containerized 4956 # and substituted here. 4957 image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:624ad8df549de9192e7b0d2f596c08c5996f678b25ff94688464412890126bb1 4958 # The numbers are based on performance test results from 4959 # https://github.com/knative/serving/issues/1625#issuecomment-511930023 4960 resources: 4961 requests: 4962 cpu: 300m 4963 memory: 60Mi 4964 limits: 4965 cpu: 2 4966 memory: 3Gi 4967 env: 4968 # Run Activator with GC collection when newly generated memory is 500%. 4969 - name: GOGC 4970 value: "500" 4971 - name: POD_NAME 4972 valueFrom: 4973 fieldRef: 4974 fieldPath: metadata.name 4975 - name: POD_IP 4976 valueFrom: 4977 fieldRef: 4978 fieldPath: status.podIP 4979 - name: SYSTEM_NAMESPACE 4980 valueFrom: 4981 fieldRef: 4982 fieldPath: metadata.namespace 4983 - name: CONFIG_LOGGING_NAME 4984 value: config-logging 4985 - name: CONFIG_OBSERVABILITY_NAME 4986 value: config-observability 4987 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 4988 - name: METRICS_DOMAIN 4989 value: knative.dev/internal/serving 4990 securityContext: 4991 allowPrivilegeEscalation: false 4992 readOnlyRootFilesystem: true 4993 runAsNonRoot: true 4994 capabilities: 4995 drop: 4996 - all 4997 ports: 4998 - name: metrics 4999 containerPort: 9090 5000 - name: profiling 5001 containerPort: 8008 5002 - name: http1 5003 containerPort: 8012 5004 - name: h2c 5005 containerPort: 8013 5006 readinessProbe: 5007 httpGet: 5008 port: 8012 5009 httpHeaders: 5010 - name: k-kubelet-probe 5011 value: "activator" 5012 periodSeconds: 5 5013 failureThreshold: 5 5014 livenessProbe: 5015 httpGet: 5016 port: 8012 5017 httpHeaders: 5018 - name: k-kubelet-probe 5019 value: "activator" 5020 periodSeconds: 10 5021 failureThreshold: 12 5022 initialDelaySeconds: 15 5023 # The activator (often) sits on the dataplane, and may proxy long (e.g. 5024 # streaming, websockets) requests. We give a long grace period for the 5025 # activator to "lame duck" and drain outstanding requests before we 5026 # forcibly terminate the pod (and outstanding connections). This value 5027 # should be at least as large as the upper bound on the Revision's 5028 # timeoutSeconds property to avoid servicing events disrupting 5029 # connections. 5030 terminationGracePeriodSeconds: 600 5031 --- 5032 apiVersion: v1 5033 kind: Service 5034 metadata: 5035 name: activator-service 5036 namespace: knative-serving 5037 labels: 5038 app: activator 5039 app.kubernetes.io/component: activator 5040 app.kubernetes.io/version: "1.3.0" 5041 app.kubernetes.io/name: knative-serving 5042 serving.knative.dev/release: "v1.3.0" 5043 spec: 5044 selector: 5045 app: activator 5046 ports: 5047 # Define metrics and profiling for them to be accessible within service meshes. 5048 - name: http-metrics 5049 port: 9090 5050 targetPort: 9090 5051 - name: http-profiling 5052 port: 8008 5053 targetPort: 8008 5054 - name: http 5055 port: 80 5056 targetPort: 8012 5057 - name: http2 5058 port: 81 5059 targetPort: 8013 5060 type: ClusterIP 5061 5062 --- 5063 # Copyright 2018 The Knative Authors 5064 # 5065 # Licensed under the Apache License, Version 2.0 (the "License"); 5066 # you may not use this file except in compliance with the License. 5067 # You may obtain a copy of the License at 5068 # 5069 # https://www.apache.org/licenses/LICENSE-2.0 5070 # 5071 # Unless required by applicable law or agreed to in writing, software 5072 # distributed under the License is distributed on an "AS IS" BASIS, 5073 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5074 # See the License for the specific language governing permissions and 5075 # limitations under the License. 5076 5077 apiVersion: apps/v1 5078 kind: Deployment 5079 metadata: 5080 name: autoscaler 5081 namespace: knative-serving 5082 labels: 5083 app.kubernetes.io/component: autoscaler 5084 app.kubernetes.io/name: knative-serving 5085 app.kubernetes.io/version: "1.3.0" 5086 serving.knative.dev/release: "v1.3.0" 5087 spec: 5088 replicas: 1 5089 selector: 5090 matchLabels: 5091 app: autoscaler 5092 strategy: 5093 type: RollingUpdate 5094 rollingUpdate: 5095 maxUnavailable: 0 5096 template: 5097 metadata: 5098 annotations: 5099 cluster-autoscaler.kubernetes.io/safe-to-evict: "false" 5100 labels: 5101 app: autoscaler 5102 app.kubernetes.io/component: autoscaler 5103 app.kubernetes.io/name: knative-serving 5104 app.kubernetes.io/version: "1.3.0" 5105 serving.knative.dev/release: "v1.3.0" 5106 spec: 5107 # To avoid node becoming SPOF, spread our replicas to different nodes. 5108 affinity: 5109 podAntiAffinity: 5110 preferredDuringSchedulingIgnoredDuringExecution: 5111 - podAffinityTerm: 5112 labelSelector: 5113 matchLabels: 5114 app: autoscaler 5115 topologyKey: kubernetes.io/hostname 5116 weight: 100 5117 serviceAccountName: controller 5118 containers: 5119 - name: autoscaler 5120 # This is the Go import path for the binary that is containerized 5121 # and substituted here. 5122 image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:6b77fce9159173ce700cbe8202eb0ab33b2128688baadf34e916b7341889bde0 5123 resources: 5124 requests: 5125 cpu: 100m 5126 memory: 100Mi 5127 limits: 5128 cpu: 2 5129 memory: 3Gi 5130 env: 5131 - name: POD_NAME 5132 valueFrom: 5133 fieldRef: 5134 fieldPath: metadata.name 5135 - name: POD_IP 5136 valueFrom: 5137 fieldRef: 5138 fieldPath: status.podIP 5139 - name: SYSTEM_NAMESPACE 5140 valueFrom: 5141 fieldRef: 5142 fieldPath: metadata.namespace 5143 - name: CONFIG_LOGGING_NAME 5144 value: config-logging 5145 - name: CONFIG_OBSERVABILITY_NAME 5146 value: config-observability 5147 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 5148 - name: METRICS_DOMAIN 5149 value: knative.dev/serving 5150 securityContext: 5151 allowPrivilegeEscalation: false 5152 readOnlyRootFilesystem: true 5153 runAsNonRoot: true 5154 capabilities: 5155 drop: 5156 - all 5157 ports: 5158 - name: metrics 5159 containerPort: 9090 5160 - name: profiling 5161 containerPort: 8008 5162 - name: websocket 5163 containerPort: 8080 5164 readinessProbe: 5165 httpGet: 5166 port: 8080 5167 httpHeaders: 5168 - name: k-kubelet-probe 5169 value: "autoscaler" 5170 livenessProbe: 5171 httpGet: 5172 port: 8080 5173 httpHeaders: 5174 - name: k-kubelet-probe 5175 value: "autoscaler" 5176 failureThreshold: 6 5177 --- 5178 apiVersion: v1 5179 kind: Service 5180 metadata: 5181 labels: 5182 app: autoscaler 5183 app.kubernetes.io/component: autoscaler 5184 app.kubernetes.io/name: knative-serving 5185 app.kubernetes.io/version: "1.3.0" 5186 serving.knative.dev/release: "v1.3.0" 5187 name: autoscaler 5188 namespace: knative-serving 5189 spec: 5190 ports: 5191 # Define metrics and profiling for them to be accessible within service meshes. 5192 - name: http-metrics 5193 port: 9090 5194 targetPort: 9090 5195 - name: http-profiling 5196 port: 8008 5197 targetPort: 8008 5198 - name: http 5199 port: 8080 5200 targetPort: 8080 5201 selector: 5202 app: autoscaler 5203 5204 --- 5205 # Copyright 2018 The Knative Authors 5206 # 5207 # Licensed under the Apache License, Version 2.0 (the "License"); 5208 # you may not use this file except in compliance with the License. 5209 # You may obtain a copy of the License at 5210 # 5211 # https://www.apache.org/licenses/LICENSE-2.0 5212 # 5213 # Unless required by applicable law or agreed to in writing, software 5214 # distributed under the License is distributed on an "AS IS" BASIS, 5215 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5216 # See the License for the specific language governing permissions and 5217 # limitations under the License. 5218 5219 apiVersion: apps/v1 5220 kind: Deployment 5221 metadata: 5222 name: controller 5223 namespace: knative-serving 5224 labels: 5225 app.kubernetes.io/component: controller 5226 app.kubernetes.io/name: knative-serving 5227 app.kubernetes.io/version: "1.3.0" 5228 serving.knative.dev/release: "v1.3.0" 5229 spec: 5230 selector: 5231 matchLabels: 5232 app: controller 5233 template: 5234 metadata: 5235 annotations: 5236 cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 5237 labels: 5238 app: controller 5239 app.kubernetes.io/component: controller 5240 app.kubernetes.io/name: knative-serving 5241 app.kubernetes.io/version: "1.3.0" 5242 serving.knative.dev/release: "v1.3.0" 5243 spec: 5244 # To avoid node becoming SPOF, spread our replicas to different nodes. 5245 affinity: 5246 podAntiAffinity: 5247 preferredDuringSchedulingIgnoredDuringExecution: 5248 - podAffinityTerm: 5249 labelSelector: 5250 matchLabels: 5251 app: controller 5252 topologyKey: kubernetes.io/hostname 5253 weight: 100 5254 serviceAccountName: controller 5255 containers: 5256 - name: controller 5257 # This is the Go import path for the binary that is containerized 5258 # and substituted here. 5259 image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:712ac88a1ec328ad366a0245882061de01bdf631cb21bac2b621af8e20e7082d 5260 resources: 5261 requests: 5262 cpu: 100m 5263 memory: 100Mi 5264 limits: 5265 cpu: 1 5266 memory: 2Gi 5267 env: 5268 - name: POD_NAME 5269 valueFrom: 5270 fieldRef: 5271 fieldPath: metadata.name 5272 - name: SYSTEM_NAMESPACE 5273 valueFrom: 5274 fieldRef: 5275 fieldPath: metadata.namespace 5276 - name: CONFIG_LOGGING_NAME 5277 value: config-logging 5278 - name: CONFIG_OBSERVABILITY_NAME 5279 value: config-observability 5280 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 5281 - name: METRICS_DOMAIN 5282 value: knative.dev/internal/serving 5283 securityContext: 5284 allowPrivilegeEscalation: false 5285 readOnlyRootFilesystem: true 5286 runAsNonRoot: true 5287 capabilities: 5288 drop: 5289 - all 5290 ports: 5291 - name: metrics 5292 containerPort: 9090 5293 - name: profiling 5294 containerPort: 8008 5295 --- 5296 apiVersion: v1 5297 kind: Service 5298 metadata: 5299 labels: 5300 app: controller 5301 app.kubernetes.io/component: controller 5302 app.kubernetes.io/name: knative-serving 5303 app.kubernetes.io/version: "1.3.0" 5304 serving.knative.dev/release: "v1.3.0" 5305 name: controller 5306 namespace: knative-serving 5307 spec: 5308 ports: 5309 # Define metrics and profiling for them to be accessible within service meshes. 5310 - name: http-metrics 5311 port: 9090 5312 targetPort: 9090 5313 - name: http-profiling 5314 port: 8008 5315 targetPort: 8008 5316 selector: 5317 app: controller 5318 5319 --- 5320 # Copyright 2020 The Knative Authors 5321 # 5322 # Licensed under the Apache License, Version 2.0 (the "License"); 5323 # you may not use this file except in compliance with the License. 5324 # You may obtain a copy of the License at 5325 # 5326 # https://www.apache.org/licenses/LICENSE-2.0 5327 # 5328 # Unless required by applicable law or agreed to in writing, software 5329 # distributed under the License is distributed on an "AS IS" BASIS, 5330 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5331 # See the License for the specific language governing permissions and 5332 # limitations under the License. 5333 5334 apiVersion: apps/v1 5335 kind: Deployment 5336 metadata: 5337 name: domain-mapping 5338 namespace: knative-serving 5339 labels: 5340 app.kubernetes.io/component: domain-mapping 5341 app.kubernetes.io/name: knative-serving 5342 app.kubernetes.io/version: "1.3.0" 5343 serving.knative.dev/release: "v1.3.0" 5344 spec: 5345 selector: 5346 matchLabels: 5347 app: domain-mapping 5348 template: 5349 metadata: 5350 annotations: 5351 cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 5352 labels: 5353 app: domain-mapping 5354 app.kubernetes.io/component: domain-mapping 5355 app.kubernetes.io/name: knative-serving 5356 app.kubernetes.io/version: "1.3.0" 5357 serving.knative.dev/release: "v1.3.0" 5358 spec: 5359 # To avoid node becoming SPOF, spread our replicas to different nodes. 5360 affinity: 5361 podAntiAffinity: 5362 preferredDuringSchedulingIgnoredDuringExecution: 5363 - podAffinityTerm: 5364 labelSelector: 5365 matchLabels: 5366 app: domain-mapping 5367 topologyKey: kubernetes.io/hostname 5368 weight: 100 5369 serviceAccountName: controller 5370 containers: 5371 - name: domain-mapping 5372 # This is the Go import path for the binary that is containerized 5373 # and substituted here. 5374 image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:5f9d8293f8d8d04cbfeed796ea15cf6dd967d2213f326debfe76983ab58b63fd 5375 resources: 5376 requests: 5377 cpu: 30m 5378 memory: 40Mi 5379 limits: 5380 cpu: 1 5381 memory: 2Gi 5382 env: 5383 - name: SYSTEM_NAMESPACE 5384 valueFrom: 5385 fieldRef: 5386 fieldPath: metadata.namespace 5387 - name: CONFIG_LOGGING_NAME 5388 value: config-logging 5389 - name: CONFIG_OBSERVABILITY_NAME 5390 value: config-observability 5391 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 5392 - name: METRICS_DOMAIN 5393 value: knative.dev/serving 5394 securityContext: 5395 allowPrivilegeEscalation: false 5396 readOnlyRootFilesystem: true 5397 runAsNonRoot: true 5398 capabilities: 5399 drop: 5400 - all 5401 ports: 5402 - name: metrics 5403 containerPort: 9090 5404 - name: profiling 5405 containerPort: 8008 5406 5407 --- 5408 # Copyright 2020 The Knative Authors 5409 # 5410 # Licensed under the Apache License, Version 2.0 (the "License"); 5411 # you may not use this file except in compliance with the License. 5412 # You may obtain a copy of the License at 5413 # 5414 # https://www.apache.org/licenses/LICENSE-2.0 5415 # 5416 # Unless required by applicable law or agreed to in writing, software 5417 # distributed under the License is distributed on an "AS IS" BASIS, 5418 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5419 # See the License for the specific language governing permissions and 5420 # limitations under the License. 5421 5422 apiVersion: apps/v1 5423 kind: Deployment 5424 metadata: 5425 name: domainmapping-webhook 5426 namespace: knative-serving 5427 labels: 5428 app.kubernetes.io/component: domain-mapping 5429 app.kubernetes.io/name: knative-serving 5430 app.kubernetes.io/version: "1.3.0" 5431 serving.knative.dev/release: "v1.3.0" 5432 spec: 5433 selector: 5434 matchLabels: 5435 app: domainmapping-webhook 5436 role: domainmapping-webhook 5437 template: 5438 metadata: 5439 annotations: 5440 cluster-autoscaler.kubernetes.io/safe-to-evict: "false" 5441 labels: 5442 app: domainmapping-webhook 5443 role: domainmapping-webhook 5444 app.kubernetes.io/component: domain-mapping 5445 app.kubernetes.io/name: knative-serving 5446 app.kubernetes.io/version: "1.3.0" 5447 serving.knative.dev/release: "v1.3.0" 5448 spec: 5449 # To avoid node becoming SPOF, spread our replicas to different nodes. 5450 affinity: 5451 podAntiAffinity: 5452 preferredDuringSchedulingIgnoredDuringExecution: 5453 - podAffinityTerm: 5454 labelSelector: 5455 matchLabels: 5456 app: domainmapping-webhook 5457 topologyKey: kubernetes.io/hostname 5458 weight: 100 5459 serviceAccountName: controller 5460 containers: 5461 - name: domainmapping-webhook 5462 # This is the Go import path for the binary that is containerized 5463 # and substituted here. 5464 image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:51800b3435af2cd551f7de5119133de3cb30e3d72ec9df18d5e2e14ec482668f 5465 resources: 5466 requests: 5467 cpu: 100m 5468 memory: 100Mi 5469 limits: 5470 cpu: 1 5471 memory: 2Gi 5472 env: 5473 - name: POD_NAME 5474 valueFrom: 5475 fieldRef: 5476 fieldPath: metadata.name 5477 - name: SYSTEM_NAMESPACE 5478 valueFrom: 5479 fieldRef: 5480 fieldPath: metadata.namespace 5481 - name: CONFIG_LOGGING_NAME 5482 value: config-logging 5483 - name: CONFIG_OBSERVABILITY_NAME 5484 value: config-observability 5485 - name: WEBHOOK_PORT 5486 value: "8443" 5487 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 5488 - name: METRICS_DOMAIN 5489 value: knative.dev/serving 5490 securityContext: 5491 allowPrivilegeEscalation: false 5492 readOnlyRootFilesystem: true 5493 runAsNonRoot: true 5494 capabilities: 5495 drop: 5496 - all 5497 ports: 5498 - name: metrics 5499 containerPort: 9090 5500 - name: profiling 5501 containerPort: 8008 5502 - name: https-webhook 5503 containerPort: 8443 5504 readinessProbe: 5505 periodSeconds: 1 5506 httpGet: 5507 scheme: HTTPS 5508 port: 8443 5509 httpHeaders: 5510 - name: k-kubelet-probe 5511 value: "webhook" 5512 livenessProbe: 5513 periodSeconds: 1 5514 httpGet: 5515 scheme: HTTPS 5516 port: 8443 5517 httpHeaders: 5518 - name: k-kubelet-probe 5519 value: "webhook" 5520 failureThreshold: 6 5521 initialDelaySeconds: 20 5522 # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently 5523 # high value that we respect whatever value it has configured for the lame duck grace period. 5524 terminationGracePeriodSeconds: 300 5525 --- 5526 apiVersion: v1 5527 kind: Service 5528 metadata: 5529 labels: 5530 role: domainmapping-webhook 5531 app.kubernetes.io/component: domain-mapping 5532 app.kubernetes.io/name: knative-serving 5533 app.kubernetes.io/version: "1.3.0" 5534 serving.knative.dev/release: "v1.3.0" 5535 name: domainmapping-webhook 5536 namespace: knative-serving 5537 spec: 5538 ports: 5539 # Define metrics and profiling for them to be accessible within service meshes. 5540 - name: http-metrics 5541 port: 9090 5542 targetPort: 9090 5543 - name: http-profiling 5544 port: 8008 5545 targetPort: 8008 5546 - name: https-webhook 5547 port: 443 5548 targetPort: 8443 5549 selector: 5550 role: domainmapping-webhook 5551 5552 --- 5553 # Copyright 2020 The Knative Authors 5554 # 5555 # Licensed under the Apache License, Version 2.0 (the "License"); 5556 # you may not use this file except in compliance with the License. 5557 # You may obtain a copy of the License at 5558 # 5559 # https://www.apache.org/licenses/LICENSE-2.0 5560 # 5561 # Unless required by applicable law or agreed to in writing, software 5562 # distributed under the License is distributed on an "AS IS" BASIS, 5563 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5564 # See the License for the specific language governing permissions and 5565 # limitations under the License. 5566 5567 apiVersion: autoscaling/v2beta2 5568 kind: HorizontalPodAutoscaler 5569 metadata: 5570 name: webhook 5571 namespace: knative-serving 5572 labels: 5573 app.kubernetes.io/component: webhook 5574 app.kubernetes.io/name: knative-serving 5575 app.kubernetes.io/version: "1.3.0" 5576 serving.knative.dev/release: "v1.3.0" 5577 spec: 5578 minReplicas: 1 5579 maxReplicas: 5 5580 scaleTargetRef: 5581 apiVersion: apps/v1 5582 kind: Deployment 5583 name: webhook 5584 metrics: 5585 - type: Resource 5586 resource: 5587 name: cpu 5588 target: 5589 type: Utilization 5590 # Percentage of the requested CPU 5591 averageUtilization: 100 5592 --- 5593 # Webhook PDB. 5594 apiVersion: policy/v1 5595 kind: PodDisruptionBudget 5596 metadata: 5597 name: webhook-pdb 5598 namespace: knative-serving 5599 labels: 5600 app.kubernetes.io/component: webhook 5601 app.kubernetes.io/name: knative-serving 5602 app.kubernetes.io/version: "1.3.0" 5603 serving.knative.dev/release: "v1.3.0" 5604 spec: 5605 minAvailable: 80% 5606 selector: 5607 matchLabels: 5608 app: webhook 5609 5610 --- 5611 # Copyright 2018 The Knative Authors 5612 # 5613 # Licensed under the Apache License, Version 2.0 (the "License"); 5614 # you may not use this file except in compliance with the License. 5615 # You may obtain a copy of the License at 5616 # 5617 # https://www.apache.org/licenses/LICENSE-2.0 5618 # 5619 # Unless required by applicable law or agreed to in writing, software 5620 # distributed under the License is distributed on an "AS IS" BASIS, 5621 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5622 # See the License for the specific language governing permissions and 5623 # limitations under the License. 5624 5625 apiVersion: apps/v1 5626 kind: Deployment 5627 metadata: 5628 name: webhook 5629 namespace: knative-serving 5630 labels: 5631 serving.knative.dev/release: "v1.3.0" 5632 app.kubernetes.io/component: webhook 5633 app.kubernetes.io/version: "1.3.0" 5634 app.kubernetes.io/name: knative-serving 5635 spec: 5636 selector: 5637 matchLabels: 5638 app: webhook 5639 role: webhook 5640 template: 5641 metadata: 5642 annotations: 5643 cluster-autoscaler.kubernetes.io/safe-to-evict: "false" 5644 labels: 5645 app: webhook 5646 role: webhook 5647 serving.knative.dev/release: "v1.3.0" 5648 app.kubernetes.io/component: webhook 5649 app.kubernetes.io/version: "1.3.0" 5650 app.kubernetes.io/name: knative-serving 5651 spec: 5652 # To avoid node becoming SPOF, spread our replicas to different nodes. 5653 affinity: 5654 podAntiAffinity: 5655 preferredDuringSchedulingIgnoredDuringExecution: 5656 - podAffinityTerm: 5657 labelSelector: 5658 matchLabels: 5659 app: webhook 5660 topologyKey: kubernetes.io/hostname 5661 weight: 100 5662 serviceAccountName: controller 5663 containers: 5664 - name: webhook 5665 # This is the Go import path for the binary that is containerized 5666 # and substituted here. 5667 image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:881a707c3f5b8537adf1fd460405fb8e65ae2676e4591926f9cdfb4454efd350 5668 resources: 5669 requests: 5670 cpu: 100m 5671 memory: 100Mi 5672 limits: 5673 cpu: 1 5674 memory: 2Gi 5675 env: 5676 - name: POD_NAME 5677 valueFrom: 5678 fieldRef: 5679 fieldPath: metadata.name 5680 - name: SYSTEM_NAMESPACE 5681 valueFrom: 5682 fieldRef: 5683 fieldPath: metadata.namespace 5684 - name: CONFIG_LOGGING_NAME 5685 value: config-logging 5686 - name: CONFIG_OBSERVABILITY_NAME 5687 value: config-observability 5688 - name: WEBHOOK_NAME 5689 value: webhook 5690 - name: WEBHOOK_PORT 5691 value: "8443" 5692 # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config 5693 - name: METRICS_DOMAIN 5694 value: knative.dev/internal/serving 5695 securityContext: 5696 allowPrivilegeEscalation: false 5697 readOnlyRootFilesystem: true 5698 runAsNonRoot: true 5699 capabilities: 5700 drop: 5701 - all 5702 ports: 5703 - name: metrics 5704 containerPort: 9090 5705 - name: profiling 5706 containerPort: 8008 5707 - name: https-webhook 5708 containerPort: 8443 5709 readinessProbe: 5710 periodSeconds: 1 5711 httpGet: 5712 scheme: HTTPS 5713 port: 8443 5714 httpHeaders: 5715 - name: k-kubelet-probe 5716 value: "webhook" 5717 livenessProbe: 5718 periodSeconds: 1 5719 httpGet: 5720 scheme: HTTPS 5721 port: 8443 5722 httpHeaders: 5723 - name: k-kubelet-probe 5724 value: "webhook" 5725 failureThreshold: 6 5726 initialDelaySeconds: 20 5727 # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently 5728 # high value that we respect whatever value it has configured for the lame duck grace period. 5729 terminationGracePeriodSeconds: 300 5730 --- 5731 apiVersion: v1 5732 kind: Service 5733 metadata: 5734 labels: 5735 role: webhook 5736 serving.knative.dev/release: "v1.3.0" 5737 app.kubernetes.io/component: webhook 5738 app.kubernetes.io/version: "1.3.0" 5739 app.kubernetes.io/name: knative-serving 5740 name: webhook 5741 namespace: knative-serving 5742 spec: 5743 ports: 5744 # Define metrics and profiling for them to be accessible within service meshes. 5745 - name: http-metrics 5746 port: 9090 5747 targetPort: 9090 5748 - name: http-profiling 5749 port: 8008 5750 targetPort: 8008 5751 - name: https-webhook 5752 port: 443 5753 targetPort: 8443 5754 selector: 5755 role: webhook 5756 5757 --- 5758 # Copyright 2020 The Knative Authors 5759 # 5760 # Licensed under the Apache License, Version 2.0 (the "License"); 5761 # you may not use this file except in compliance with the License. 5762 # You may obtain a copy of the License at 5763 # 5764 # https://www.apache.org/licenses/LICENSE-2.0 5765 # 5766 # Unless required by applicable law or agreed to in writing, software 5767 # distributed under the License is distributed on an "AS IS" BASIS, 5768 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5769 # See the License for the specific language governing permissions and 5770 # limitations under the License. 5771 5772 apiVersion: admissionregistration.k8s.io/v1 5773 kind: ValidatingWebhookConfiguration 5774 metadata: 5775 name: config.webhook.serving.knative.dev 5776 labels: 5777 app.kubernetes.io/component: webhook 5778 app.kubernetes.io/name: knative-serving 5779 app.kubernetes.io/version: "1.3.0" 5780 serving.knative.dev/release: "v1.3.0" 5781 webhooks: 5782 - admissionReviewVersions: ["v1", "v1beta1"] 5783 clientConfig: 5784 service: 5785 name: webhook 5786 namespace: knative-serving 5787 failurePolicy: Fail 5788 sideEffects: None 5789 name: config.webhook.serving.knative.dev 5790 objectSelector: 5791 matchExpressions: 5792 - key: app.kubernetes.io/name 5793 operator: In 5794 values: ["knative-serving"] 5795 - key: app.kubernetes.io/component 5796 operator: In 5797 values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] 5798 timeoutSeconds: 10 5799 5800 --- 5801 # Copyright 2020 The Knative Authors 5802 # 5803 # Licensed under the Apache License, Version 2.0 (the "License"); 5804 # you may not use this file except in compliance with the License. 5805 # You may obtain a copy of the License at 5806 # 5807 # https://www.apache.org/licenses/LICENSE-2.0 5808 # 5809 # Unless required by applicable law or agreed to in writing, software 5810 # distributed under the License is distributed on an "AS IS" BASIS, 5811 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5812 # See the License for the specific language governing permissions and 5813 # limitations under the License. 5814 5815 apiVersion: admissionregistration.k8s.io/v1 5816 kind: MutatingWebhookConfiguration 5817 metadata: 5818 name: webhook.serving.knative.dev 5819 labels: 5820 app.kubernetes.io/component: webhook 5821 app.kubernetes.io/name: knative-serving 5822 app.kubernetes.io/version: "1.3.0" 5823 serving.knative.dev/release: "v1.3.0" 5824 webhooks: 5825 - admissionReviewVersions: ["v1", "v1beta1"] 5826 clientConfig: 5827 service: 5828 name: webhook 5829 namespace: knative-serving 5830 failurePolicy: Fail 5831 sideEffects: None 5832 name: webhook.serving.knative.dev 5833 timeoutSeconds: 10 5834 rules: 5835 - apiGroups: 5836 - autoscaling.internal.knative.dev 5837 - networking.internal.knative.dev 5838 - serving.knative.dev 5839 apiVersions: 5840 - "*" 5841 operations: 5842 - CREATE 5843 - UPDATE 5844 scope: "*" 5845 resources: 5846 - metrics 5847 - podautoscalers 5848 - certificates 5849 - ingresses 5850 - serverlessservices 5851 - configurations 5852 - revisions 5853 - routes 5854 - services 5855 5856 --- 5857 # Copyright 2020 The Knative Authors 5858 # 5859 # Licensed under the Apache License, Version 2.0 (the "License"); 5860 # you may not use this file except in compliance with the License. 5861 # You may obtain a copy of the License at 5862 # 5863 # https://www.apache.org/licenses/LICENSE-2.0 5864 # 5865 # Unless required by applicable law or agreed to in writing, software 5866 # distributed under the License is distributed on an "AS IS" BASIS, 5867 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5868 # See the License for the specific language governing permissions and 5869 # limitations under the License. 5870 5871 apiVersion: admissionregistration.k8s.io/v1 5872 kind: MutatingWebhookConfiguration 5873 metadata: 5874 name: webhook.domainmapping.serving.knative.dev 5875 labels: 5876 app.kubernetes.io/component: domain-mapping 5877 app.kubernetes.io/name: knative-serving 5878 app.kubernetes.io/version: "1.3.0" 5879 serving.knative.dev/release: "v1.3.0" 5880 webhooks: 5881 - admissionReviewVersions: ["v1", "v1beta1"] 5882 clientConfig: 5883 service: 5884 name: domainmapping-webhook 5885 namespace: knative-serving 5886 failurePolicy: Fail 5887 sideEffects: None 5888 name: webhook.domainmapping.serving.knative.dev 5889 timeoutSeconds: 10 5890 rules: 5891 - apiGroups: 5892 - serving.knative.dev 5893 apiVersions: 5894 - v1alpha1 5895 - v1beta1 5896 operations: 5897 - CREATE 5898 - UPDATE 5899 scope: "*" 5900 resources: 5901 - domainmappings 5902 5903 --- 5904 # Copyright 2020 The Knative Authors 5905 # 5906 # Licensed under the Apache License, Version 2.0 (the "License"); 5907 # you may not use this file except in compliance with the License. 5908 # You may obtain a copy of the License at 5909 # 5910 # https://www.apache.org/licenses/LICENSE-2.0 5911 # 5912 # Unless required by applicable law or agreed to in writing, software 5913 # distributed under the License is distributed on an "AS IS" BASIS, 5914 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5915 # See the License for the specific language governing permissions and 5916 # limitations under the License. 5917 5918 apiVersion: v1 5919 kind: Secret 5920 metadata: 5921 name: domainmapping-webhook-certs 5922 namespace: knative-serving 5923 labels: 5924 app.kubernetes.io/component: domain-mapping 5925 app.kubernetes.io/name: knative-serving 5926 app.kubernetes.io/version: "1.3.0" 5927 serving.knative.dev/release: "v1.3.0" 5928 # The data is populated at install time. 5929 5930 --- 5931 # Copyright 2020 The Knative Authors 5932 # 5933 # Licensed under the Apache License, Version 2.0 (the "License"); 5934 # you may not use this file except in compliance with the License. 5935 # You may obtain a copy of the License at 5936 # 5937 # https://www.apache.org/licenses/LICENSE-2.0 5938 # 5939 # Unless required by applicable law or agreed to in writing, software 5940 # distributed under the License is distributed on an "AS IS" BASIS, 5941 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5942 # See the License for the specific language governing permissions and 5943 # limitations under the License. 5944 5945 apiVersion: admissionregistration.k8s.io/v1 5946 kind: ValidatingWebhookConfiguration 5947 metadata: 5948 name: validation.webhook.domainmapping.serving.knative.dev 5949 labels: 5950 app.kubernetes.io/component: domain-mapping 5951 app.kubernetes.io/name: knative-serving 5952 app.kubernetes.io/version: "1.3.0" 5953 serving.knative.dev/release: "v1.3.0" 5954 webhooks: 5955 - admissionReviewVersions: ["v1", "v1beta1"] 5956 clientConfig: 5957 service: 5958 name: domainmapping-webhook 5959 namespace: knative-serving 5960 failurePolicy: Fail 5961 sideEffects: None 5962 name: validation.webhook.domainmapping.serving.knative.dev 5963 timeoutSeconds: 10 5964 rules: 5965 - apiGroups: 5966 - serving.knative.dev 5967 apiVersions: 5968 - v1alpha1 5969 - v1beta1 5970 operations: 5971 - CREATE 5972 - UPDATE 5973 - DELETE 5974 scope: "*" 5975 resources: 5976 - domainmappings 5977 5978 --- 5979 # Copyright 2020 The Knative Authors 5980 # 5981 # Licensed under the Apache License, Version 2.0 (the "License"); 5982 # you may not use this file except in compliance with the License. 5983 # You may obtain a copy of the License at 5984 # 5985 # https://www.apache.org/licenses/LICENSE-2.0 5986 # 5987 # Unless required by applicable law or agreed to in writing, software 5988 # distributed under the License is distributed on an "AS IS" BASIS, 5989 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 5990 # See the License for the specific language governing permissions and 5991 # limitations under the License. 5992 5993 apiVersion: admissionregistration.k8s.io/v1 5994 kind: ValidatingWebhookConfiguration 5995 metadata: 5996 name: validation.webhook.serving.knative.dev 5997 labels: 5998 app.kubernetes.io/component: webhook 5999 app.kubernetes.io/name: knative-serving 6000 app.kubernetes.io/version: "1.3.0" 6001 serving.knative.dev/release: "v1.3.0" 6002 webhooks: 6003 - admissionReviewVersions: ["v1", "v1beta1"] 6004 clientConfig: 6005 service: 6006 name: webhook 6007 namespace: knative-serving 6008 failurePolicy: Fail 6009 sideEffects: None 6010 name: validation.webhook.serving.knative.dev 6011 timeoutSeconds: 10 6012 rules: 6013 - apiGroups: 6014 - autoscaling.internal.knative.dev 6015 - networking.internal.knative.dev 6016 - serving.knative.dev 6017 apiVersions: 6018 - "*" 6019 operations: 6020 - CREATE 6021 - UPDATE 6022 - DELETE 6023 scope: "*" 6024 resources: 6025 - metrics 6026 - podautoscalers 6027 - certificates 6028 - ingresses 6029 - serverlessservices 6030 - configurations 6031 - revisions 6032 - routes 6033 - services 6034 6035 --- 6036 # Copyright 2020 The Knative Authors 6037 # 6038 # Licensed under the Apache License, Version 2.0 (the "License"); 6039 # you may not use this file except in compliance with the License. 6040 # You may obtain a copy of the License at 6041 # 6042 # https://www.apache.org/licenses/LICENSE-2.0 6043 # 6044 # Unless required by applicable law or agreed to in writing, software 6045 # distributed under the License is distributed on an "AS IS" BASIS, 6046 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 6047 # See the License for the specific language governing permissions and 6048 # limitations under the License. 6049 6050 apiVersion: v1 6051 kind: Secret 6052 metadata: 6053 name: webhook-certs 6054 namespace: knative-serving 6055 labels: 6056 app.kubernetes.io/component: webhook 6057 app.kubernetes.io/name: knative-serving 6058 app.kubernetes.io/version: "1.3.0" 6059 serving.knative.dev/release: "v1.3.0" 6060 # The data is populated at install time. 6061 6062 ---