github.com/kubeflow/training-operator@v1.7.0/manifests/base/crds/kubeflow.org_mpijobs.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.12.0 7 name: mpijobs.kubeflow.org 8 spec: 9 group: kubeflow.org 10 names: 11 kind: MPIJob 12 listKind: MPIJobList 13 plural: mpijobs 14 singular: mpijob 15 scope: Namespaced 16 versions: 17 - additionalPrinterColumns: 18 - jsonPath: .metadata.creationTimestamp 19 name: Age 20 type: date 21 - jsonPath: .status.conditions[-1:].type 22 name: State 23 type: string 24 name: v1 25 schema: 26 openAPIV3Schema: 27 properties: 28 apiVersion: 29 description: 'APIVersion defines the versioned schema of this representation 30 of an object. Servers should convert recognized schemas to the latest 31 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 32 type: string 33 kind: 34 description: 'Kind is a string value representing the REST resource this 35 object represents. Servers may infer this from the endpoint the client 36 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 37 type: string 38 metadata: 39 type: object 40 spec: 41 properties: 42 cleanPodPolicy: 43 description: CleanPodPolicy defines the policy that whether to kill 44 pods after the job completes. Defaults to None. 45 type: string 46 mainContainer: 47 description: MainContainer specifies name of the main container which 48 executes the MPI code. 49 type: string 50 mpiReplicaSpecs: 51 additionalProperties: 52 description: ReplicaSpec is a description of the replica 53 properties: 54 replicas: 55 description: Replicas is the desired number of replicas of the 56 given template. If unspecified, defaults to 1. 57 format: int32 58 type: integer 59 restartPolicy: 60 description: Restart policy for all replicas within the job. 61 One of Always, OnFailure, Never and ExitCode. Default to Never. 62 type: string 63 template: 64 description: Template is the object that describes the pod that 65 will be created for this replica. RestartPolicy in PodTemplateSpec 66 will be overide by RestartPolicy in ReplicaSpec 67 properties: 68 metadata: 69 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 70 properties: 71 annotations: 72 additionalProperties: 73 type: string 74 type: object 75 finalizers: 76 items: 77 type: string 78 type: array 79 labels: 80 additionalProperties: 81 type: string 82 type: object 83 name: 84 type: string 85 namespace: 86 type: string 87 type: object 88 spec: 89 description: 'Specification of the desired behavior of the 90 pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 91 properties: 92 activeDeadlineSeconds: 93 description: Optional duration in seconds the pod may 94 be active on the node relative to StartTime before 95 the system will actively try to mark it failed and 96 kill associated containers. Value must be a positive 97 integer. 98 format: int64 99 type: integer 100 affinity: 101 description: If specified, the pod's scheduling constraints 102 properties: 103 nodeAffinity: 104 description: Describes node affinity scheduling 105 rules for the pod. 106 properties: 107 preferredDuringSchedulingIgnoredDuringExecution: 108 description: The scheduler will prefer to schedule 109 pods to nodes that satisfy the affinity expressions 110 specified by this field, but it may choose 111 a node that violates one or more of the expressions. 112 The node that is most preferred is the one 113 with the greatest sum of weights, i.e. for 114 each node that meets all of the scheduling 115 requirements (resource request, requiredDuringScheduling 116 affinity expressions, etc. 117 items: 118 description: An empty preferred scheduling 119 term matches all objects with implicit weight 120 0 (i.e. it's a no-op). A null preferred 121 scheduling term matches no objects (i.e. 122 is also a no-op). 123 properties: 124 preference: 125 description: A node selector term, associated 126 with the corresponding weight. 127 properties: 128 matchExpressions: 129 description: A list of node selector 130 requirements by node's labels. 131 items: 132 description: A node selector requirement 133 is a selector that contains values, 134 a key, and an operator that relates 135 the key and values. 136 properties: 137 key: 138 description: The label key that 139 the selector applies to. 140 type: string 141 operator: 142 description: Represents a key's 143 relationship to a set of values. 144 Valid operators are In, NotIn, 145 Exists, DoesNotExist. Gt, 146 and Lt. 147 type: string 148 values: 149 description: An array of string 150 values. If the operator is 151 In or NotIn, the values array 152 must be non-empty. If the 153 operator is Exists or DoesNotExist, 154 the values array must be empty. 155 If the operator is Gt or Lt, 156 the values array must have 157 a single element, which will 158 be interpreted as an integer. 159 This array is replaced during 160 a strategic merge patch. 161 items: 162 type: string 163 type: array 164 required: 165 - key 166 - operator 167 type: object 168 type: array 169 matchFields: 170 description: A list of node selector 171 requirements by node's fields. 172 items: 173 description: A node selector requirement 174 is a selector that contains values, 175 a key, and an operator that relates 176 the key and values. 177 properties: 178 key: 179 description: The label key that 180 the selector applies to. 181 type: string 182 operator: 183 description: Represents a key's 184 relationship to a set of values. 185 Valid operators are In, NotIn, 186 Exists, DoesNotExist. Gt, 187 and Lt. 188 type: string 189 values: 190 description: An array of string 191 values. If the operator is 192 In or NotIn, the values array 193 must be non-empty. If the 194 operator is Exists or DoesNotExist, 195 the values array must be empty. 196 If the operator is Gt or Lt, 197 the values array must have 198 a single element, which will 199 be interpreted as an integer. 200 This array is replaced during 201 a strategic merge patch. 202 items: 203 type: string 204 type: array 205 required: 206 - key 207 - operator 208 type: object 209 type: array 210 type: object 211 x-kubernetes-map-type: atomic 212 weight: 213 description: Weight associated with matching 214 the corresponding nodeSelectorTerm, 215 in the range 1-100. 216 format: int32 217 type: integer 218 required: 219 - preference 220 - weight 221 type: object 222 type: array 223 requiredDuringSchedulingIgnoredDuringExecution: 224 description: If the affinity requirements specified 225 by this field are not met at scheduling time, 226 the pod will not be scheduled onto the node. 227 If the affinity requirements specified by 228 this field cease to be met at some point during 229 pod execution (e.g. due to an update), the 230 system may or may not try to eventually evict 231 the pod from its node. 232 properties: 233 nodeSelectorTerms: 234 description: Required. A list of node selector 235 terms. The terms are ORed. 236 items: 237 description: A null or empty node selector 238 term matches no objects. The requirements 239 of them are ANDed. The TopologySelectorTerm 240 type implements a subset of the NodeSelectorTerm. 241 properties: 242 matchExpressions: 243 description: A list of node selector 244 requirements by node's labels. 245 items: 246 description: A node selector requirement 247 is a selector that contains values, 248 a key, and an operator that relates 249 the key and values. 250 properties: 251 key: 252 description: The label key that 253 the selector applies to. 254 type: string 255 operator: 256 description: Represents a key's 257 relationship to a set of values. 258 Valid operators are In, NotIn, 259 Exists, DoesNotExist. Gt, 260 and Lt. 261 type: string 262 values: 263 description: An array of string 264 values. If the operator is 265 In or NotIn, the values array 266 must be non-empty. If the 267 operator is Exists or DoesNotExist, 268 the values array must be empty. 269 If the operator is Gt or Lt, 270 the values array must have 271 a single element, which will 272 be interpreted as an integer. 273 This array is replaced during 274 a strategic merge patch. 275 items: 276 type: string 277 type: array 278 required: 279 - key 280 - operator 281 type: object 282 type: array 283 matchFields: 284 description: A list of node selector 285 requirements by node's fields. 286 items: 287 description: A node selector requirement 288 is a selector that contains values, 289 a key, and an operator that relates 290 the key and values. 291 properties: 292 key: 293 description: The label key that 294 the selector applies to. 295 type: string 296 operator: 297 description: Represents a key's 298 relationship to a set of values. 299 Valid operators are In, NotIn, 300 Exists, DoesNotExist. Gt, 301 and Lt. 302 type: string 303 values: 304 description: An array of string 305 values. If the operator is 306 In or NotIn, the values array 307 must be non-empty. If the 308 operator is Exists or DoesNotExist, 309 the values array must be empty. 310 If the operator is Gt or Lt, 311 the values array must have 312 a single element, which will 313 be interpreted as an integer. 314 This array is replaced during 315 a strategic merge patch. 316 items: 317 type: string 318 type: array 319 required: 320 - key 321 - operator 322 type: object 323 type: array 324 type: object 325 x-kubernetes-map-type: atomic 326 type: array 327 required: 328 - nodeSelectorTerms 329 type: object 330 x-kubernetes-map-type: atomic 331 type: object 332 podAffinity: 333 description: Describes pod affinity scheduling rules 334 (e.g. co-locate this pod in the same node, zone, 335 etc. as some other pod(s)). 336 properties: 337 preferredDuringSchedulingIgnoredDuringExecution: 338 description: The scheduler will prefer to schedule 339 pods to nodes that satisfy the affinity expressions 340 specified by this field, but it may choose 341 a node that violates one or more of the expressions. 342 The node that is most preferred is the one 343 with the greatest sum of weights, i.e. for 344 each node that meets all of the scheduling 345 requirements (resource request, requiredDuringScheduling 346 affinity expressions, etc. 347 items: 348 description: The weights of all of the matched 349 WeightedPodAffinityTerm fields are added 350 per-node to find the most preferred node(s) 351 properties: 352 podAffinityTerm: 353 description: Required. A pod affinity 354 term, associated with the corresponding 355 weight. 356 properties: 357 labelSelector: 358 description: A label query over a 359 set of resources, in this case pods. 360 properties: 361 matchExpressions: 362 description: matchExpressions 363 is a list of label selector 364 requirements. The requirements 365 are ANDed. 366 items: 367 description: A label selector 368 requirement is a selector 369 that contains values, a key, 370 and an operator that relates 371 the key and values. 372 properties: 373 key: 374 description: key is the 375 label key that the selector 376 applies to. 377 type: string 378 operator: 379 description: operator represents 380 a key's relationship to 381 a set of values. Valid 382 operators are In, NotIn, 383 Exists and DoesNotExist. 384 type: string 385 values: 386 description: values is an 387 array of string values. 388 If the operator is In 389 or NotIn, the values array 390 must be non-empty. If 391 the operator is Exists 392 or DoesNotExist, the values 393 array must be empty. This 394 array is replaced during 395 a strategic merge patch. 396 items: 397 type: string 398 type: array 399 required: 400 - key 401 - operator 402 type: object 403 type: array 404 matchLabels: 405 additionalProperties: 406 type: string 407 description: matchLabels is a 408 map of {key,value} pairs. A 409 single {key,value} in the matchLabels 410 map is equivalent to an element 411 of matchExpressions, whose key 412 field is "key", the operator 413 is "In", and the values array 414 contains only "value". The requirements 415 are ANDed. 416 type: object 417 type: object 418 x-kubernetes-map-type: atomic 419 namespaceSelector: 420 description: A label query over the 421 set of namespaces that the term 422 applies to. The term is applied 423 to the union of the namespaces selected 424 by this field and the ones listed 425 in the namespaces field. null selector 426 and null or empty namespaces list 427 means "this pod's namespace". An 428 empty selector ({}) matches all 429 namespaces. 430 properties: 431 matchExpressions: 432 description: matchExpressions 433 is a list of label selector 434 requirements. The requirements 435 are ANDed. 436 items: 437 description: A label selector 438 requirement is a selector 439 that contains values, a key, 440 and an operator that relates 441 the key and values. 442 properties: 443 key: 444 description: key is the 445 label key that the selector 446 applies to. 447 type: string 448 operator: 449 description: operator represents 450 a key's relationship to 451 a set of values. Valid 452 operators are In, NotIn, 453 Exists and DoesNotExist. 454 type: string 455 values: 456 description: values is an 457 array of string values. 458 If the operator is In 459 or NotIn, the values array 460 must be non-empty. If 461 the operator is Exists 462 or DoesNotExist, the values 463 array must be empty. This 464 array is replaced during 465 a strategic merge patch. 466 items: 467 type: string 468 type: array 469 required: 470 - key 471 - operator 472 type: object 473 type: array 474 matchLabels: 475 additionalProperties: 476 type: string 477 description: matchLabels is a 478 map of {key,value} pairs. A 479 single {key,value} in the matchLabels 480 map is equivalent to an element 481 of matchExpressions, whose key 482 field is "key", the operator 483 is "In", and the values array 484 contains only "value". The requirements 485 are ANDed. 486 type: object 487 type: object 488 x-kubernetes-map-type: atomic 489 namespaces: 490 description: namespaces specifies 491 a static list of namespace names 492 that the term applies to. The term 493 is applied to the union of the namespaces 494 listed in this field and the ones 495 selected by namespaceSelector. null 496 or empty namespaces list and null 497 namespaceSelector means "this pod's 498 namespace". 499 items: 500 type: string 501 type: array 502 topologyKey: 503 description: This pod should be co-located 504 (affinity) or not co-located (anti-affinity) 505 with the pods matching the labelSelector 506 in the specified namespaces, where 507 co-located is defined as running 508 on a node whose value of the label 509 with key topologyKey matches that 510 of any node on which any of the 511 selected pods is running. Empty 512 topologyKey is not allowed. 513 type: string 514 required: 515 - topologyKey 516 type: object 517 weight: 518 description: weight associated with matching 519 the corresponding podAffinityTerm, in 520 the range 1-100. 521 format: int32 522 type: integer 523 required: 524 - podAffinityTerm 525 - weight 526 type: object 527 type: array 528 requiredDuringSchedulingIgnoredDuringExecution: 529 description: If the affinity requirements specified 530 by this field are not met at scheduling time, 531 the pod will not be scheduled onto the node. 532 If the affinity requirements specified by 533 this field cease to be met at some point during 534 pod execution (e.g. due to a pod label update), 535 the system may or may not try to eventually 536 evict the pod from its node. 537 items: 538 description: Defines a set of pods (namely 539 those matching the labelSelector relative 540 to the given namespace(s)) that this pod 541 should be co-located (affinity) or not co-located 542 (anti-affinity) with, where co-located is 543 defined as running on a node whose value 544 of the label with key <topologyKey> matches 545 that of any node on which a pod of the set 546 of pods is running 547 properties: 548 labelSelector: 549 description: A label query over a set 550 of resources, in this case pods. 551 properties: 552 matchExpressions: 553 description: matchExpressions is a 554 list of label selector requirements. 555 The requirements are ANDed. 556 items: 557 description: A label selector requirement 558 is a selector that contains values, 559 a key, and an operator that relates 560 the key and values. 561 properties: 562 key: 563 description: key is the label 564 key that the selector applies 565 to. 566 type: string 567 operator: 568 description: operator represents 569 a key's relationship to a 570 set of values. Valid operators 571 are In, NotIn, Exists and 572 DoesNotExist. 573 type: string 574 values: 575 description: values is an array 576 of string values. If the operator 577 is In or NotIn, the values 578 array must be non-empty. If 579 the operator is Exists or 580 DoesNotExist, the values array 581 must be empty. This array 582 is replaced during a strategic 583 merge patch. 584 items: 585 type: string 586 type: array 587 required: 588 - key 589 - operator 590 type: object 591 type: array 592 matchLabels: 593 additionalProperties: 594 type: string 595 description: matchLabels is a map 596 of {key,value} pairs. A single {key,value} 597 in the matchLabels map is equivalent 598 to an element of matchExpressions, 599 whose key field is "key", the operator 600 is "In", and the values array contains 601 only "value". The requirements are 602 ANDed. 603 type: object 604 type: object 605 x-kubernetes-map-type: atomic 606 namespaceSelector: 607 description: A label query over the set 608 of namespaces that the term applies 609 to. The term is applied to the union 610 of the namespaces selected by this field 611 and the ones listed in the namespaces 612 field. null selector and null or empty 613 namespaces list means "this pod's namespace". 614 An empty selector ({}) matches all namespaces. 615 properties: 616 matchExpressions: 617 description: matchExpressions is a 618 list of label selector requirements. 619 The requirements are ANDed. 620 items: 621 description: A label selector requirement 622 is a selector that contains values, 623 a key, and an operator that relates 624 the key and values. 625 properties: 626 key: 627 description: key is the label 628 key that the selector applies 629 to. 630 type: string 631 operator: 632 description: operator represents 633 a key's relationship to a 634 set of values. Valid operators 635 are In, NotIn, Exists and 636 DoesNotExist. 637 type: string 638 values: 639 description: values is an array 640 of string values. If the operator 641 is In or NotIn, the values 642 array must be non-empty. If 643 the operator is Exists or 644 DoesNotExist, the values array 645 must be empty. This array 646 is replaced during a strategic 647 merge patch. 648 items: 649 type: string 650 type: array 651 required: 652 - key 653 - operator 654 type: object 655 type: array 656 matchLabels: 657 additionalProperties: 658 type: string 659 description: matchLabels is a map 660 of {key,value} pairs. A single {key,value} 661 in the matchLabels map is equivalent 662 to an element of matchExpressions, 663 whose key field is "key", the operator 664 is "In", and the values array contains 665 only "value". The requirements are 666 ANDed. 667 type: object 668 type: object 669 x-kubernetes-map-type: atomic 670 namespaces: 671 description: namespaces specifies a static 672 list of namespace names that the term 673 applies to. The term is applied to the 674 union of the namespaces listed in this 675 field and the ones selected by namespaceSelector. 676 null or empty namespaces list and null 677 namespaceSelector means "this pod's 678 namespace". 679 items: 680 type: string 681 type: array 682 topologyKey: 683 description: This pod should be co-located 684 (affinity) or not co-located (anti-affinity) 685 with the pods matching the labelSelector 686 in the specified namespaces, where co-located 687 is defined as running on a node whose 688 value of the label with key topologyKey 689 matches that of any node on which any 690 of the selected pods is running. Empty 691 topologyKey is not allowed. 692 type: string 693 required: 694 - topologyKey 695 type: object 696 type: array 697 type: object 698 podAntiAffinity: 699 description: Describes pod anti-affinity scheduling 700 rules (e.g. avoid putting this pod in the same 701 node, zone, etc. as some other pod(s)). 702 properties: 703 preferredDuringSchedulingIgnoredDuringExecution: 704 description: The scheduler will prefer to schedule 705 pods to nodes that satisfy the anti-affinity 706 expressions specified by this field, but it 707 may choose a node that violates one or more 708 of the expressions. The node that is most 709 preferred is the one with the greatest sum 710 of weights, i.e. 711 items: 712 description: The weights of all of the matched 713 WeightedPodAffinityTerm fields are added 714 per-node to find the most preferred node(s) 715 properties: 716 podAffinityTerm: 717 description: Required. A pod affinity 718 term, associated with the corresponding 719 weight. 720 properties: 721 labelSelector: 722 description: A label query over a 723 set of resources, in this case pods. 724 properties: 725 matchExpressions: 726 description: matchExpressions 727 is a list of label selector 728 requirements. The requirements 729 are ANDed. 730 items: 731 description: A label selector 732 requirement is a selector 733 that contains values, a key, 734 and an operator that relates 735 the key and values. 736 properties: 737 key: 738 description: key is the 739 label key that the selector 740 applies to. 741 type: string 742 operator: 743 description: operator represents 744 a key's relationship to 745 a set of values. Valid 746 operators are In, NotIn, 747 Exists and DoesNotExist. 748 type: string 749 values: 750 description: values is an 751 array of string values. 752 If the operator is In 753 or NotIn, the values array 754 must be non-empty. If 755 the operator is Exists 756 or DoesNotExist, the values 757 array must be empty. This 758 array is replaced during 759 a strategic merge patch. 760 items: 761 type: string 762 type: array 763 required: 764 - key 765 - operator 766 type: object 767 type: array 768 matchLabels: 769 additionalProperties: 770 type: string 771 description: matchLabels is a 772 map of {key,value} pairs. A 773 single {key,value} in the matchLabels 774 map is equivalent to an element 775 of matchExpressions, whose key 776 field is "key", the operator 777 is "In", and the values array 778 contains only "value". The requirements 779 are ANDed. 780 type: object 781 type: object 782 x-kubernetes-map-type: atomic 783 namespaceSelector: 784 description: A label query over the 785 set of namespaces that the term 786 applies to. The term is applied 787 to the union of the namespaces selected 788 by this field and the ones listed 789 in the namespaces field. null selector 790 and null or empty namespaces list 791 means "this pod's namespace". An 792 empty selector ({}) matches all 793 namespaces. 794 properties: 795 matchExpressions: 796 description: matchExpressions 797 is a list of label selector 798 requirements. The requirements 799 are ANDed. 800 items: 801 description: A label selector 802 requirement is a selector 803 that contains values, a key, 804 and an operator that relates 805 the key and values. 806 properties: 807 key: 808 description: key is the 809 label key that the selector 810 applies to. 811 type: string 812 operator: 813 description: operator represents 814 a key's relationship to 815 a set of values. Valid 816 operators are In, NotIn, 817 Exists and DoesNotExist. 818 type: string 819 values: 820 description: values is an 821 array of string values. 822 If the operator is In 823 or NotIn, the values array 824 must be non-empty. If 825 the operator is Exists 826 or DoesNotExist, the values 827 array must be empty. This 828 array is replaced during 829 a strategic merge patch. 830 items: 831 type: string 832 type: array 833 required: 834 - key 835 - operator 836 type: object 837 type: array 838 matchLabels: 839 additionalProperties: 840 type: string 841 description: matchLabels is a 842 map of {key,value} pairs. A 843 single {key,value} in the matchLabels 844 map is equivalent to an element 845 of matchExpressions, whose key 846 field is "key", the operator 847 is "In", and the values array 848 contains only "value". The requirements 849 are ANDed. 850 type: object 851 type: object 852 x-kubernetes-map-type: atomic 853 namespaces: 854 description: namespaces specifies 855 a static list of namespace names 856 that the term applies to. The term 857 is applied to the union of the namespaces 858 listed in this field and the ones 859 selected by namespaceSelector. null 860 or empty namespaces list and null 861 namespaceSelector means "this pod's 862 namespace". 863 items: 864 type: string 865 type: array 866 topologyKey: 867 description: This pod should be co-located 868 (affinity) or not co-located (anti-affinity) 869 with the pods matching the labelSelector 870 in the specified namespaces, where 871 co-located is defined as running 872 on a node whose value of the label 873 with key topologyKey matches that 874 of any node on which any of the 875 selected pods is running. Empty 876 topologyKey is not allowed. 877 type: string 878 required: 879 - topologyKey 880 type: object 881 weight: 882 description: weight associated with matching 883 the corresponding podAffinityTerm, in 884 the range 1-100. 885 format: int32 886 type: integer 887 required: 888 - podAffinityTerm 889 - weight 890 type: object 891 type: array 892 requiredDuringSchedulingIgnoredDuringExecution: 893 description: If the anti-affinity requirements 894 specified by this field are not met at scheduling 895 time, the pod will not be scheduled onto the 896 node. If the anti-affinity requirements specified 897 by this field cease to be met at some point 898 during pod execution (e.g. due to a pod label 899 update), the system may or may not try to 900 eventually evict the pod from its node. 901 items: 902 description: Defines a set of pods (namely 903 those matching the labelSelector relative 904 to the given namespace(s)) that this pod 905 should be co-located (affinity) or not co-located 906 (anti-affinity) with, where co-located is 907 defined as running on a node whose value 908 of the label with key <topologyKey> matches 909 that of any node on which a pod of the set 910 of pods is running 911 properties: 912 labelSelector: 913 description: A label query over a set 914 of resources, in this case pods. 915 properties: 916 matchExpressions: 917 description: matchExpressions is a 918 list of label selector requirements. 919 The requirements are ANDed. 920 items: 921 description: A label selector requirement 922 is a selector that contains values, 923 a key, and an operator that relates 924 the key and values. 925 properties: 926 key: 927 description: key is the label 928 key that the selector applies 929 to. 930 type: string 931 operator: 932 description: operator represents 933 a key's relationship to a 934 set of values. Valid operators 935 are In, NotIn, Exists and 936 DoesNotExist. 937 type: string 938 values: 939 description: values is an array 940 of string values. If the operator 941 is In or NotIn, the values 942 array must be non-empty. If 943 the operator is Exists or 944 DoesNotExist, the values array 945 must be empty. This array 946 is replaced during a strategic 947 merge patch. 948 items: 949 type: string 950 type: array 951 required: 952 - key 953 - operator 954 type: object 955 type: array 956 matchLabels: 957 additionalProperties: 958 type: string 959 description: matchLabels is a map 960 of {key,value} pairs. A single {key,value} 961 in the matchLabels map is equivalent 962 to an element of matchExpressions, 963 whose key field is "key", the operator 964 is "In", and the values array contains 965 only "value". The requirements are 966 ANDed. 967 type: object 968 type: object 969 x-kubernetes-map-type: atomic 970 namespaceSelector: 971 description: A label query over the set 972 of namespaces that the term applies 973 to. The term is applied to the union 974 of the namespaces selected by this field 975 and the ones listed in the namespaces 976 field. null selector and null or empty 977 namespaces list means "this pod's namespace". 978 An empty selector ({}) matches all namespaces. 979 properties: 980 matchExpressions: 981 description: matchExpressions is a 982 list of label selector requirements. 983 The requirements are ANDed. 984 items: 985 description: A label selector requirement 986 is a selector that contains values, 987 a key, and an operator that relates 988 the key and values. 989 properties: 990 key: 991 description: key is the label 992 key that the selector applies 993 to. 994 type: string 995 operator: 996 description: operator represents 997 a key's relationship to a 998 set of values. Valid operators 999 are In, NotIn, Exists and 1000 DoesNotExist. 1001 type: string 1002 values: 1003 description: values is an array 1004 of string values. If the operator 1005 is In or NotIn, the values 1006 array must be non-empty. If 1007 the operator is Exists or 1008 DoesNotExist, the values array 1009 must be empty. This array 1010 is replaced during a strategic 1011 merge patch. 1012 items: 1013 type: string 1014 type: array 1015 required: 1016 - key 1017 - operator 1018 type: object 1019 type: array 1020 matchLabels: 1021 additionalProperties: 1022 type: string 1023 description: matchLabels is a map 1024 of {key,value} pairs. A single {key,value} 1025 in the matchLabels map is equivalent 1026 to an element of matchExpressions, 1027 whose key field is "key", the operator 1028 is "In", and the values array contains 1029 only "value". The requirements are 1030 ANDed. 1031 type: object 1032 type: object 1033 x-kubernetes-map-type: atomic 1034 namespaces: 1035 description: namespaces specifies a static 1036 list of namespace names that the term 1037 applies to. The term is applied to the 1038 union of the namespaces listed in this 1039 field and the ones selected by namespaceSelector. 1040 null or empty namespaces list and null 1041 namespaceSelector means "this pod's 1042 namespace". 1043 items: 1044 type: string 1045 type: array 1046 topologyKey: 1047 description: This pod should be co-located 1048 (affinity) or not co-located (anti-affinity) 1049 with the pods matching the labelSelector 1050 in the specified namespaces, where co-located 1051 is defined as running on a node whose 1052 value of the label with key topologyKey 1053 matches that of any node on which any 1054 of the selected pods is running. Empty 1055 topologyKey is not allowed. 1056 type: string 1057 required: 1058 - topologyKey 1059 type: object 1060 type: array 1061 type: object 1062 type: object 1063 automountServiceAccountToken: 1064 description: AutomountServiceAccountToken indicates 1065 whether a service account token should be automatically 1066 mounted. 1067 type: boolean 1068 containers: 1069 description: List of containers belonging to the pod. 1070 Containers cannot currently be added or removed. There 1071 must be at least one container in a Pod. Cannot be 1072 updated. 1073 items: 1074 description: A single application container that you 1075 want to run within a pod. 1076 properties: 1077 args: 1078 description: 'Arguments to the entrypoint. The 1079 container image''s CMD is used if this is not 1080 provided. Variable references $(VAR_NAME) are 1081 expanded using the container''s environment. 1082 If a variable cannot be resolved, the reference 1083 in the input string will be unchanged. Double 1084 $$ are reduced to a single $, which allows for 1085 escaping the $(VAR_NAME) syntax: i.e.' 1086 items: 1087 type: string 1088 type: array 1089 command: 1090 description: 'Entrypoint array. Not executed within 1091 a shell. The container image''s ENTRYPOINT is 1092 used if this is not provided. Variable references 1093 $(VAR_NAME) are expanded using the container''s 1094 environment. If a variable cannot be resolved, 1095 the reference in the input string will be unchanged. 1096 Double $$ are reduced to a single $, which allows 1097 for escaping the $(VAR_NAME) syntax: i.e.' 1098 items: 1099 type: string 1100 type: array 1101 env: 1102 description: List of environment variables to 1103 set in the container. Cannot be updated. 1104 items: 1105 description: EnvVar represents an environment 1106 variable present in a Container. 1107 properties: 1108 name: 1109 description: Name of the environment variable. 1110 Must be a C_IDENTIFIER. 1111 type: string 1112 value: 1113 description: 'Variable references $(VAR_NAME) 1114 are expanded using the previously defined 1115 environment variables in the container 1116 and any service environment variables. 1117 If a variable cannot be resolved, the 1118 reference in the input string will be 1119 unchanged. Double $$ are reduced to a 1120 single $, which allows for escaping the 1121 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1122 will produce the string literal "$(VAR_NAME)".' 1123 type: string 1124 valueFrom: 1125 description: Source for the environment 1126 variable's value. Cannot be used if value 1127 is not empty. 1128 properties: 1129 configMapKeyRef: 1130 description: Selects a key of a ConfigMap. 1131 properties: 1132 key: 1133 description: The key to select. 1134 type: string 1135 name: 1136 description: 'Name of the referent. 1137 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1138 TODO: Add other useful fields. 1139 apiVersion, kind, uid?' 1140 type: string 1141 optional: 1142 description: Specify whether the 1143 ConfigMap or its key must be defined 1144 type: boolean 1145 required: 1146 - key 1147 type: object 1148 x-kubernetes-map-type: atomic 1149 fieldRef: 1150 description: 'Selects a field of the 1151 pod: supports metadata.name, metadata.namespace, 1152 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 1153 spec.nodeName, spec.serviceAccountName, 1154 status.hostIP, status.podIP, status.podIPs.' 1155 properties: 1156 apiVersion: 1157 description: Version of the schema 1158 the FieldPath is written in terms 1159 of, defaults to "v1". 1160 type: string 1161 fieldPath: 1162 description: Path of the field to 1163 select in the specified API version. 1164 type: string 1165 required: 1166 - fieldPath 1167 type: object 1168 x-kubernetes-map-type: atomic 1169 resourceFieldRef: 1170 description: 'Selects a resource of 1171 the container: only resources limits 1172 and requests (limits.cpu, limits.memory, 1173 limits.ephemeral-storage, requests.cpu, 1174 requests.memory and requests.ephemeral-storage) 1175 are currently supported.' 1176 properties: 1177 containerName: 1178 description: 'Container name: required 1179 for volumes, optional for env 1180 vars' 1181 type: string 1182 divisor: 1183 anyOf: 1184 - type: integer 1185 - type: string 1186 description: Specifies the output 1187 format of the exposed resources, 1188 defaults to "1" 1189 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1190 x-kubernetes-int-or-string: true 1191 resource: 1192 description: 'Required: resource 1193 to select' 1194 type: string 1195 required: 1196 - resource 1197 type: object 1198 x-kubernetes-map-type: atomic 1199 secretKeyRef: 1200 description: Selects a key of a secret 1201 in the pod's namespace 1202 properties: 1203 key: 1204 description: The key of the secret 1205 to select from. Must be a valid 1206 secret key. 1207 type: string 1208 name: 1209 description: 'Name of the referent. 1210 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1211 TODO: Add other useful fields. 1212 apiVersion, kind, uid?' 1213 type: string 1214 optional: 1215 description: Specify whether the 1216 Secret or its key must be defined 1217 type: boolean 1218 required: 1219 - key 1220 type: object 1221 x-kubernetes-map-type: atomic 1222 type: object 1223 required: 1224 - name 1225 type: object 1226 type: array 1227 envFrom: 1228 description: List of sources to populate environment 1229 variables in the container. The keys defined 1230 within a source must be a C_IDENTIFIER. All 1231 invalid keys will be reported as an event when 1232 the container is starting. When a key exists 1233 in multiple sources, the value associated with 1234 the last source will take precedence. Values 1235 defined by an Env with a duplicate key will 1236 take precedence. Cannot be updated. 1237 items: 1238 description: EnvFromSource represents the source 1239 of a set of ConfigMaps 1240 properties: 1241 configMapRef: 1242 description: The ConfigMap to select from 1243 properties: 1244 name: 1245 description: 'Name of the referent. 1246 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1247 TODO: Add other useful fields. apiVersion, 1248 kind, uid?' 1249 type: string 1250 optional: 1251 description: Specify whether the ConfigMap 1252 must be defined 1253 type: boolean 1254 type: object 1255 x-kubernetes-map-type: atomic 1256 prefix: 1257 description: An optional identifier to prepend 1258 to each key in the ConfigMap. Must be 1259 a C_IDENTIFIER. 1260 type: string 1261 secretRef: 1262 description: The Secret to select from 1263 properties: 1264 name: 1265 description: 'Name of the referent. 1266 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1267 TODO: Add other useful fields. apiVersion, 1268 kind, uid?' 1269 type: string 1270 optional: 1271 description: Specify whether the Secret 1272 must be defined 1273 type: boolean 1274 type: object 1275 x-kubernetes-map-type: atomic 1276 type: object 1277 type: array 1278 image: 1279 description: 'Container image name. More info: 1280 https://kubernetes.io/docs/concepts/containers/images 1281 This field is optional to allow higher level 1282 config management to default or override container 1283 images in workload controllers like Deployments 1284 and StatefulSets.' 1285 type: string 1286 imagePullPolicy: 1287 description: 'Image pull policy. One of Always, 1288 Never, IfNotPresent. Defaults to Always if :latest 1289 tag is specified, or IfNotPresent otherwise. 1290 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1291 type: string 1292 lifecycle: 1293 description: Actions that the management system 1294 should take in response to container lifecycle 1295 events. Cannot be updated. 1296 properties: 1297 postStart: 1298 description: 'PostStart is called immediately 1299 after a container is created. If the handler 1300 fails, the container is terminated and restarted 1301 according to its restart policy. Other management 1302 of the container blocks until the hook completes. 1303 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1304 properties: 1305 exec: 1306 description: Exec specifies the action 1307 to take. 1308 properties: 1309 command: 1310 description: Command is the command 1311 line to execute inside the container, 1312 the working directory for the command is 1313 root ('/') in the container's filesystem. 1314 The command is simply exec'd, it 1315 is not run inside a shell, so traditional 1316 shell instructions ('|', etc) won't 1317 work. To use a shell, you need to 1318 explicitly call out to that shell. 1319 Exit status of 0 is treated as live/healthy 1320 and non-zero is unhealthy. 1321 items: 1322 type: string 1323 type: array 1324 type: object 1325 httpGet: 1326 description: HTTPGet specifies the http 1327 request to perform. 1328 properties: 1329 host: 1330 description: Host name to connect 1331 to, defaults to the pod IP. You 1332 probably want to set "Host" in httpHeaders 1333 instead. 1334 type: string 1335 httpHeaders: 1336 description: Custom headers to set 1337 in the request. HTTP allows repeated 1338 headers. 1339 items: 1340 description: HTTPHeader describes 1341 a custom header to be used in 1342 HTTP probes 1343 properties: 1344 name: 1345 description: The header field 1346 name. This will be canonicalized 1347 upon output, so case-variant 1348 names will be understood as 1349 the same header. 1350 type: string 1351 value: 1352 description: The header field 1353 value 1354 type: string 1355 required: 1356 - name 1357 - value 1358 type: object 1359 type: array 1360 path: 1361 description: Path to access on the 1362 HTTP server. 1363 type: string 1364 port: 1365 anyOf: 1366 - type: integer 1367 - type: string 1368 description: Name or number of the 1369 port to access on the container. 1370 Number must be in the range 1 to 1371 65535. Name must be an IANA_SVC_NAME. 1372 x-kubernetes-int-or-string: true 1373 scheme: 1374 description: Scheme to use for connecting 1375 to the host. Defaults to HTTP. 1376 type: string 1377 required: 1378 - port 1379 type: object 1380 tcpSocket: 1381 description: Deprecated. TCPSocket is 1382 NOT supported as a LifecycleHandler 1383 and kept for the backward compatibility. 1384 There are no validation of this field 1385 and lifecycle hooks will fail in runtime 1386 when tcp handler is specified. 1387 properties: 1388 host: 1389 description: 'Optional: Host name 1390 to connect to, defaults to the pod 1391 IP.' 1392 type: string 1393 port: 1394 anyOf: 1395 - type: integer 1396 - type: string 1397 description: Number or name of the 1398 port to access on the container. 1399 Number must be in the range 1 to 1400 65535. Name must be an IANA_SVC_NAME. 1401 x-kubernetes-int-or-string: true 1402 required: 1403 - port 1404 type: object 1405 type: object 1406 preStop: 1407 description: PreStop is called immediately 1408 before a container is terminated due to 1409 an API request or management event such 1410 as liveness/startup probe failure, preemption, 1411 resource contention, etc. The handler is 1412 not called if the container crashes or exits. 1413 The Pod's termination grace period countdown 1414 begins before the PreStop hook is executed. 1415 properties: 1416 exec: 1417 description: Exec specifies the action 1418 to take. 1419 properties: 1420 command: 1421 description: Command is the command 1422 line to execute inside the container, 1423 the working directory for the command is 1424 root ('/') in the container's filesystem. 1425 The command is simply exec'd, it 1426 is not run inside a shell, so traditional 1427 shell instructions ('|', etc) won't 1428 work. To use a shell, you need to 1429 explicitly call out to that shell. 1430 Exit status of 0 is treated as live/healthy 1431 and non-zero is unhealthy. 1432 items: 1433 type: string 1434 type: array 1435 type: object 1436 httpGet: 1437 description: HTTPGet specifies the http 1438 request to perform. 1439 properties: 1440 host: 1441 description: Host name to connect 1442 to, defaults to the pod IP. You 1443 probably want to set "Host" in httpHeaders 1444 instead. 1445 type: string 1446 httpHeaders: 1447 description: Custom headers to set 1448 in the request. HTTP allows repeated 1449 headers. 1450 items: 1451 description: HTTPHeader describes 1452 a custom header to be used in 1453 HTTP probes 1454 properties: 1455 name: 1456 description: The header field 1457 name. This will be canonicalized 1458 upon output, so case-variant 1459 names will be understood as 1460 the same header. 1461 type: string 1462 value: 1463 description: The header field 1464 value 1465 type: string 1466 required: 1467 - name 1468 - value 1469 type: object 1470 type: array 1471 path: 1472 description: Path to access on the 1473 HTTP server. 1474 type: string 1475 port: 1476 anyOf: 1477 - type: integer 1478 - type: string 1479 description: Name or number of the 1480 port to access on the container. 1481 Number must be in the range 1 to 1482 65535. Name must be an IANA_SVC_NAME. 1483 x-kubernetes-int-or-string: true 1484 scheme: 1485 description: Scheme to use for connecting 1486 to the host. Defaults to HTTP. 1487 type: string 1488 required: 1489 - port 1490 type: object 1491 tcpSocket: 1492 description: Deprecated. TCPSocket is 1493 NOT supported as a LifecycleHandler 1494 and kept for the backward compatibility. 1495 There are no validation of this field 1496 and lifecycle hooks will fail in runtime 1497 when tcp handler is specified. 1498 properties: 1499 host: 1500 description: 'Optional: Host name 1501 to connect to, defaults to the pod 1502 IP.' 1503 type: string 1504 port: 1505 anyOf: 1506 - type: integer 1507 - type: string 1508 description: Number or name of the 1509 port to access on the container. 1510 Number must be in the range 1 to 1511 65535. Name must be an IANA_SVC_NAME. 1512 x-kubernetes-int-or-string: true 1513 required: 1514 - port 1515 type: object 1516 type: object 1517 type: object 1518 livenessProbe: 1519 description: 'Periodic probe of container liveness. 1520 Container will be restarted if the probe fails. 1521 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1522 properties: 1523 exec: 1524 description: Exec specifies the action to 1525 take. 1526 properties: 1527 command: 1528 description: Command is the command line 1529 to execute inside the container, the 1530 working directory for the command is 1531 root ('/') in the container's filesystem. 1532 The command is simply exec'd, it is 1533 not run inside a shell, so traditional 1534 shell instructions ('|', etc) won't 1535 work. To use a shell, you need to explicitly 1536 call out to that shell. Exit status 1537 of 0 is treated as live/healthy and 1538 non-zero is unhealthy. 1539 items: 1540 type: string 1541 type: array 1542 type: object 1543 failureThreshold: 1544 description: Minimum consecutive failures 1545 for the probe to be considered failed after 1546 having succeeded. Defaults to 3. Minimum 1547 value is 1. 1548 format: int32 1549 type: integer 1550 grpc: 1551 description: GRPC specifies an action involving 1552 a GRPC port. 1553 properties: 1554 port: 1555 description: Port number of the gRPC service. 1556 Number must be in the range 1 to 65535. 1557 format: int32 1558 type: integer 1559 service: 1560 description: "Service is the name of the 1561 service to place in the gRPC HealthCheckRequest 1562 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1563 \n If this is not specified, the default 1564 behavior is defined by gRPC." 1565 type: string 1566 required: 1567 - port 1568 type: object 1569 httpGet: 1570 description: HTTPGet specifies the http request 1571 to perform. 1572 properties: 1573 host: 1574 description: Host name to connect to, 1575 defaults to the pod IP. You probably 1576 want to set "Host" in httpHeaders instead. 1577 type: string 1578 httpHeaders: 1579 description: Custom headers to set in 1580 the request. HTTP allows repeated headers. 1581 items: 1582 description: HTTPHeader describes a 1583 custom header to be used in HTTP probes 1584 properties: 1585 name: 1586 description: The header field name. 1587 This will be canonicalized upon 1588 output, so case-variant names 1589 will be understood as the same 1590 header. 1591 type: string 1592 value: 1593 description: The header field value 1594 type: string 1595 required: 1596 - name 1597 - value 1598 type: object 1599 type: array 1600 path: 1601 description: Path to access on the HTTP 1602 server. 1603 type: string 1604 port: 1605 anyOf: 1606 - type: integer 1607 - type: string 1608 description: Name or number of the port 1609 to access on the container. Number must 1610 be in the range 1 to 65535. Name must 1611 be an IANA_SVC_NAME. 1612 x-kubernetes-int-or-string: true 1613 scheme: 1614 description: Scheme to use for connecting 1615 to the host. Defaults to HTTP. 1616 type: string 1617 required: 1618 - port 1619 type: object 1620 initialDelaySeconds: 1621 description: 'Number of seconds after the 1622 container has started before liveness probes 1623 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1624 format: int32 1625 type: integer 1626 periodSeconds: 1627 description: How often (in seconds) to perform 1628 the probe. Default to 10 seconds. Minimum 1629 value is 1. 1630 format: int32 1631 type: integer 1632 successThreshold: 1633 description: Minimum consecutive successes 1634 for the probe to be considered successful 1635 after having failed. Defaults to 1. Must 1636 be 1 for liveness and startup. Minimum value 1637 is 1. 1638 format: int32 1639 type: integer 1640 tcpSocket: 1641 description: TCPSocket specifies an action 1642 involving a TCP port. 1643 properties: 1644 host: 1645 description: 'Optional: Host name to connect 1646 to, defaults to the pod IP.' 1647 type: string 1648 port: 1649 anyOf: 1650 - type: integer 1651 - type: string 1652 description: Number or name of the port 1653 to access on the container. Number must 1654 be in the range 1 to 65535. Name must 1655 be an IANA_SVC_NAME. 1656 x-kubernetes-int-or-string: true 1657 required: 1658 - port 1659 type: object 1660 terminationGracePeriodSeconds: 1661 description: Optional duration in seconds 1662 the pod needs to terminate gracefully upon 1663 probe failure. The grace period is the duration 1664 in seconds after the processes running in 1665 the pod are sent a termination signal and 1666 the time when the processes are forcibly 1667 halted with a kill signal. Set this value 1668 longer than the expected cleanup time for 1669 your process. 1670 format: int64 1671 type: integer 1672 timeoutSeconds: 1673 description: 'Number of seconds after which 1674 the probe times out. Defaults to 1 second. 1675 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1676 format: int32 1677 type: integer 1678 type: object 1679 name: 1680 description: Name of the container specified as 1681 a DNS_LABEL. Each container in a pod must have 1682 a unique name (DNS_LABEL). Cannot be updated. 1683 type: string 1684 ports: 1685 description: List of ports to expose from the 1686 container. Not specifying a port here DOES NOT 1687 prevent that port from being exposed. Any port 1688 which is listening on the default "0.0.0.0" 1689 address inside a container will be accessible 1690 from the network. Modifying this array with 1691 strategic merge patch may corrupt the data. 1692 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 1693 items: 1694 description: ContainerPort represents a network 1695 port in a single container. 1696 properties: 1697 containerPort: 1698 description: Number of port to expose on 1699 the pod's IP address. This must be a valid 1700 port number, 0 < x < 65536. 1701 format: int32 1702 type: integer 1703 hostIP: 1704 description: What host IP to bind the external 1705 port to. 1706 type: string 1707 hostPort: 1708 description: Number of port to expose on 1709 the host. If specified, this must be a 1710 valid port number, 0 < x < 65536. If HostNetwork 1711 is specified, this must match ContainerPort. 1712 Most containers do not need this. 1713 format: int32 1714 type: integer 1715 name: 1716 description: If specified, this must be 1717 an IANA_SVC_NAME and unique within the 1718 pod. Each named port in a pod must have 1719 a unique name. Name for the port that 1720 can be referred to by services. 1721 type: string 1722 protocol: 1723 default: TCP 1724 description: Protocol for port. Must be 1725 UDP, TCP, or SCTP. Defaults to "TCP". 1726 type: string 1727 required: 1728 - containerPort 1729 type: object 1730 type: array 1731 x-kubernetes-list-map-keys: 1732 - containerPort 1733 - protocol 1734 x-kubernetes-list-type: map 1735 readinessProbe: 1736 description: 'Periodic probe of container service 1737 readiness. Container will be removed from service 1738 endpoints if the probe fails. Cannot be updated. 1739 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1740 properties: 1741 exec: 1742 description: Exec specifies the action to 1743 take. 1744 properties: 1745 command: 1746 description: Command is the command line 1747 to execute inside the container, the 1748 working directory for the command is 1749 root ('/') in the container's filesystem. 1750 The command is simply exec'd, it is 1751 not run inside a shell, so traditional 1752 shell instructions ('|', etc) won't 1753 work. To use a shell, you need to explicitly 1754 call out to that shell. Exit status 1755 of 0 is treated as live/healthy and 1756 non-zero is unhealthy. 1757 items: 1758 type: string 1759 type: array 1760 type: object 1761 failureThreshold: 1762 description: Minimum consecutive failures 1763 for the probe to be considered failed after 1764 having succeeded. Defaults to 3. Minimum 1765 value is 1. 1766 format: int32 1767 type: integer 1768 grpc: 1769 description: GRPC specifies an action involving 1770 a GRPC port. 1771 properties: 1772 port: 1773 description: Port number of the gRPC service. 1774 Number must be in the range 1 to 65535. 1775 format: int32 1776 type: integer 1777 service: 1778 description: "Service is the name of the 1779 service to place in the gRPC HealthCheckRequest 1780 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1781 \n If this is not specified, the default 1782 behavior is defined by gRPC." 1783 type: string 1784 required: 1785 - port 1786 type: object 1787 httpGet: 1788 description: HTTPGet specifies the http request 1789 to perform. 1790 properties: 1791 host: 1792 description: Host name to connect to, 1793 defaults to the pod IP. You probably 1794 want to set "Host" in httpHeaders instead. 1795 type: string 1796 httpHeaders: 1797 description: Custom headers to set in 1798 the request. HTTP allows repeated headers. 1799 items: 1800 description: HTTPHeader describes a 1801 custom header to be used in HTTP probes 1802 properties: 1803 name: 1804 description: The header field name. 1805 This will be canonicalized upon 1806 output, so case-variant names 1807 will be understood as the same 1808 header. 1809 type: string 1810 value: 1811 description: The header field value 1812 type: string 1813 required: 1814 - name 1815 - value 1816 type: object 1817 type: array 1818 path: 1819 description: Path to access on the HTTP 1820 server. 1821 type: string 1822 port: 1823 anyOf: 1824 - type: integer 1825 - type: string 1826 description: Name or number of the port 1827 to access on the container. Number must 1828 be in the range 1 to 65535. Name must 1829 be an IANA_SVC_NAME. 1830 x-kubernetes-int-or-string: true 1831 scheme: 1832 description: Scheme to use for connecting 1833 to the host. Defaults to HTTP. 1834 type: string 1835 required: 1836 - port 1837 type: object 1838 initialDelaySeconds: 1839 description: 'Number of seconds after the 1840 container has started before liveness probes 1841 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1842 format: int32 1843 type: integer 1844 periodSeconds: 1845 description: How often (in seconds) to perform 1846 the probe. Default to 10 seconds. Minimum 1847 value is 1. 1848 format: int32 1849 type: integer 1850 successThreshold: 1851 description: Minimum consecutive successes 1852 for the probe to be considered successful 1853 after having failed. Defaults to 1. Must 1854 be 1 for liveness and startup. Minimum value 1855 is 1. 1856 format: int32 1857 type: integer 1858 tcpSocket: 1859 description: TCPSocket specifies an action 1860 involving a TCP port. 1861 properties: 1862 host: 1863 description: 'Optional: Host name to connect 1864 to, defaults to the pod IP.' 1865 type: string 1866 port: 1867 anyOf: 1868 - type: integer 1869 - type: string 1870 description: Number or name of the port 1871 to access on the container. Number must 1872 be in the range 1 to 65535. Name must 1873 be an IANA_SVC_NAME. 1874 x-kubernetes-int-or-string: true 1875 required: 1876 - port 1877 type: object 1878 terminationGracePeriodSeconds: 1879 description: Optional duration in seconds 1880 the pod needs to terminate gracefully upon 1881 probe failure. The grace period is the duration 1882 in seconds after the processes running in 1883 the pod are sent a termination signal and 1884 the time when the processes are forcibly 1885 halted with a kill signal. Set this value 1886 longer than the expected cleanup time for 1887 your process. 1888 format: int64 1889 type: integer 1890 timeoutSeconds: 1891 description: 'Number of seconds after which 1892 the probe times out. Defaults to 1 second. 1893 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1894 format: int32 1895 type: integer 1896 type: object 1897 resizePolicy: 1898 description: Resources resize policy for the container. 1899 items: 1900 description: ContainerResizePolicy represents 1901 resource resize policy for the container. 1902 properties: 1903 resourceName: 1904 description: 'Name of the resource to which 1905 this resource resize policy applies. Supported 1906 values: cpu, memory.' 1907 type: string 1908 restartPolicy: 1909 description: Restart policy to apply when 1910 specified resource is resized. If not 1911 specified, it defaults to NotRequired. 1912 type: string 1913 required: 1914 - resourceName 1915 - restartPolicy 1916 type: object 1917 type: array 1918 x-kubernetes-list-type: atomic 1919 resources: 1920 description: 'Compute Resources required by this 1921 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1922 properties: 1923 claims: 1924 description: "Claims lists the names of resources, 1925 defined in spec.resourceClaims, that are 1926 used by this container. \n This is an alpha 1927 field and requires enabling the DynamicResourceAllocation 1928 feature gate. \n This field is immutable. 1929 It can only be set for containers." 1930 items: 1931 description: ResourceClaim references one 1932 entry in PodSpec.ResourceClaims. 1933 properties: 1934 name: 1935 description: Name must match the name 1936 of one entry in pod.spec.resourceClaims 1937 of the Pod where this field is used. 1938 It makes that resource available inside 1939 a container. 1940 type: string 1941 required: 1942 - name 1943 type: object 1944 type: array 1945 x-kubernetes-list-map-keys: 1946 - name 1947 x-kubernetes-list-type: map 1948 limits: 1949 additionalProperties: 1950 anyOf: 1951 - type: integer 1952 - type: string 1953 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1954 x-kubernetes-int-or-string: true 1955 description: 'Limits describes the maximum 1956 amount of compute resources allowed. More 1957 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1958 type: object 1959 requests: 1960 additionalProperties: 1961 anyOf: 1962 - type: integer 1963 - type: string 1964 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1965 x-kubernetes-int-or-string: true 1966 description: 'Requests describes the minimum 1967 amount of compute resources required. If 1968 Requests is omitted for a container, it 1969 defaults to Limits if that is explicitly 1970 specified, otherwise to an implementation-defined 1971 value. Requests cannot exceed Limits. More 1972 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1973 type: object 1974 type: object 1975 securityContext: 1976 description: 'SecurityContext defines the security 1977 options the container should be run with. If 1978 set, the fields of SecurityContext override 1979 the equivalent fields of PodSecurityContext. 1980 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1981 properties: 1982 allowPrivilegeEscalation: 1983 description: 'AllowPrivilegeEscalation controls 1984 whether a process can gain more privileges 1985 than its parent process. This bool directly 1986 controls if the no_new_privs flag will be 1987 set on the container process. AllowPrivilegeEscalation 1988 is true always when the container is: 1) 1989 run as Privileged 2) has CAP_SYS_ADMIN Note 1990 that this field cannot be set when spec.os.name 1991 is windows.' 1992 type: boolean 1993 capabilities: 1994 description: The capabilities to add/drop 1995 when running containers. Defaults to the 1996 default set of capabilities granted by the 1997 container runtime. Note that this field 1998 cannot be set when spec.os.name is windows. 1999 properties: 2000 add: 2001 description: Added capabilities 2002 items: 2003 description: Capability represent POSIX 2004 capabilities type 2005 type: string 2006 type: array 2007 drop: 2008 description: Removed capabilities 2009 items: 2010 description: Capability represent POSIX 2011 capabilities type 2012 type: string 2013 type: array 2014 type: object 2015 privileged: 2016 description: Run container in privileged mode. 2017 Processes in privileged containers are essentially 2018 equivalent to root on the host. Defaults 2019 to false. Note that this field cannot be 2020 set when spec.os.name is windows. 2021 type: boolean 2022 procMount: 2023 description: procMount denotes the type of 2024 proc mount to use for the containers. The 2025 default is DefaultProcMount which uses the 2026 container runtime defaults for readonly 2027 paths and masked paths. This requires the 2028 ProcMountType feature flag to be enabled. 2029 Note that this field cannot be set when 2030 spec.os.name is windows. 2031 type: string 2032 readOnlyRootFilesystem: 2033 description: Whether this container has a 2034 read-only root filesystem. Default is false. 2035 Note that this field cannot be set when 2036 spec.os.name is windows. 2037 type: boolean 2038 runAsGroup: 2039 description: The GID to run the entrypoint 2040 of the container process. Uses runtime default 2041 if unset. May also be set in PodSecurityContext. If 2042 set in both SecurityContext and PodSecurityContext, 2043 the value specified in SecurityContext takes 2044 precedence. Note that this field cannot 2045 be set when spec.os.name is windows. 2046 format: int64 2047 type: integer 2048 runAsNonRoot: 2049 description: Indicates that the container 2050 must run as a non-root user. If true, the 2051 Kubelet will validate the image at runtime 2052 to ensure that it does not run as UID 0 2053 (root) and fail to start the container if 2054 it does. If unset or false, no such validation 2055 will be performed. May also be set in PodSecurityContext. 2056 type: boolean 2057 runAsUser: 2058 description: The UID to run the entrypoint 2059 of the container process. Defaults to user 2060 specified in image metadata if unspecified. 2061 May also be set in PodSecurityContext. If 2062 set in both SecurityContext and PodSecurityContext, 2063 the value specified in SecurityContext takes 2064 precedence. Note that this field cannot 2065 be set when spec.os.name is windows. 2066 format: int64 2067 type: integer 2068 seLinuxOptions: 2069 description: The SELinux context to be applied 2070 to the container. If unspecified, the container 2071 runtime will allocate a random SELinux context 2072 for each container. May also be set in 2073 PodSecurityContext. If set in both SecurityContext 2074 and PodSecurityContext, the value specified 2075 in SecurityContext takes precedence. Note 2076 that this field cannot be set when spec.os.name 2077 is windows. 2078 properties: 2079 level: 2080 description: Level is SELinux level label 2081 that applies to the container. 2082 type: string 2083 role: 2084 description: Role is a SELinux role label 2085 that applies to the container. 2086 type: string 2087 type: 2088 description: Type is a SELinux type label 2089 that applies to the container. 2090 type: string 2091 user: 2092 description: User is a SELinux user label 2093 that applies to the container. 2094 type: string 2095 type: object 2096 seccompProfile: 2097 description: The seccomp options to use by 2098 this container. If seccomp options are provided 2099 at both the pod & container level, the container 2100 options override the pod options. Note that 2101 this field cannot be set when spec.os.name 2102 is windows. 2103 properties: 2104 localhostProfile: 2105 description: localhostProfile indicates 2106 a profile defined in a file on the node 2107 should be used. The profile must be 2108 preconfigured on the node to work. Must 2109 be a descending path, relative to the 2110 kubelet's configured seccomp profile 2111 location. Must only be set if type is 2112 "Localhost". 2113 type: string 2114 type: 2115 description: "type indicates which kind 2116 of seccomp profile will be applied. 2117 Valid options are: \n Localhost - a 2118 profile defined in a file on the node 2119 should be used. RuntimeDefault - the 2120 container runtime default profile should 2121 be used. Unconfined - no profile should 2122 be applied." 2123 type: string 2124 required: 2125 - type 2126 type: object 2127 windowsOptions: 2128 description: The Windows specific settings 2129 applied to all containers. If unspecified, 2130 the options from the PodSecurityContext 2131 will be used. If set in both SecurityContext 2132 and PodSecurityContext, the value specified 2133 in SecurityContext takes precedence. Note 2134 that this field cannot be set when spec.os.name 2135 is linux. 2136 properties: 2137 gmsaCredentialSpec: 2138 description: GMSACredentialSpec is where 2139 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2140 inlines the contents of the GMSA credential 2141 spec named by the GMSACredentialSpecName 2142 field. 2143 type: string 2144 gmsaCredentialSpecName: 2145 description: GMSACredentialSpecName is 2146 the name of the GMSA credential spec 2147 to use. 2148 type: string 2149 hostProcess: 2150 description: HostProcess determines if 2151 a container should be run as a 'Host 2152 Process' container. This field is alpha-level 2153 and will only be honored by components 2154 that enable the WindowsHostProcessContainers 2155 feature flag. Setting this field without 2156 the feature flag will result in errors 2157 when validating the Pod. 2158 type: boolean 2159 runAsUserName: 2160 description: The UserName in Windows to 2161 run the entrypoint of the container 2162 process. Defaults to the user specified 2163 in image metadata if unspecified. May 2164 also be set in PodSecurityContext. If 2165 set in both SecurityContext and PodSecurityContext, 2166 the value specified in SecurityContext 2167 takes precedence. 2168 type: string 2169 type: object 2170 type: object 2171 startupProbe: 2172 description: StartupProbe indicates that the Pod 2173 has successfully initialized. If specified, 2174 no other probes are executed until this completes 2175 successfully. If this probe fails, the Pod will 2176 be restarted, just as if the livenessProbe failed. 2177 properties: 2178 exec: 2179 description: Exec specifies the action to 2180 take. 2181 properties: 2182 command: 2183 description: Command is the command line 2184 to execute inside the container, the 2185 working directory for the command is 2186 root ('/') in the container's filesystem. 2187 The command is simply exec'd, it is 2188 not run inside a shell, so traditional 2189 shell instructions ('|', etc) won't 2190 work. To use a shell, you need to explicitly 2191 call out to that shell. Exit status 2192 of 0 is treated as live/healthy and 2193 non-zero is unhealthy. 2194 items: 2195 type: string 2196 type: array 2197 type: object 2198 failureThreshold: 2199 description: Minimum consecutive failures 2200 for the probe to be considered failed after 2201 having succeeded. Defaults to 3. Minimum 2202 value is 1. 2203 format: int32 2204 type: integer 2205 grpc: 2206 description: GRPC specifies an action involving 2207 a GRPC port. 2208 properties: 2209 port: 2210 description: Port number of the gRPC service. 2211 Number must be in the range 1 to 65535. 2212 format: int32 2213 type: integer 2214 service: 2215 description: "Service is the name of the 2216 service to place in the gRPC HealthCheckRequest 2217 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2218 \n If this is not specified, the default 2219 behavior is defined by gRPC." 2220 type: string 2221 required: 2222 - port 2223 type: object 2224 httpGet: 2225 description: HTTPGet specifies the http request 2226 to perform. 2227 properties: 2228 host: 2229 description: Host name to connect to, 2230 defaults to the pod IP. You probably 2231 want to set "Host" in httpHeaders instead. 2232 type: string 2233 httpHeaders: 2234 description: Custom headers to set in 2235 the request. HTTP allows repeated headers. 2236 items: 2237 description: HTTPHeader describes a 2238 custom header to be used in HTTP probes 2239 properties: 2240 name: 2241 description: The header field name. 2242 This will be canonicalized upon 2243 output, so case-variant names 2244 will be understood as the same 2245 header. 2246 type: string 2247 value: 2248 description: The header field value 2249 type: string 2250 required: 2251 - name 2252 - value 2253 type: object 2254 type: array 2255 path: 2256 description: Path to access on the HTTP 2257 server. 2258 type: string 2259 port: 2260 anyOf: 2261 - type: integer 2262 - type: string 2263 description: Name or number of the port 2264 to access on the container. Number must 2265 be in the range 1 to 65535. Name must 2266 be an IANA_SVC_NAME. 2267 x-kubernetes-int-or-string: true 2268 scheme: 2269 description: Scheme to use for connecting 2270 to the host. Defaults to HTTP. 2271 type: string 2272 required: 2273 - port 2274 type: object 2275 initialDelaySeconds: 2276 description: 'Number of seconds after the 2277 container has started before liveness probes 2278 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2279 format: int32 2280 type: integer 2281 periodSeconds: 2282 description: How often (in seconds) to perform 2283 the probe. Default to 10 seconds. Minimum 2284 value is 1. 2285 format: int32 2286 type: integer 2287 successThreshold: 2288 description: Minimum consecutive successes 2289 for the probe to be considered successful 2290 after having failed. Defaults to 1. Must 2291 be 1 for liveness and startup. Minimum value 2292 is 1. 2293 format: int32 2294 type: integer 2295 tcpSocket: 2296 description: TCPSocket specifies an action 2297 involving a TCP port. 2298 properties: 2299 host: 2300 description: 'Optional: Host name to connect 2301 to, defaults to the pod IP.' 2302 type: string 2303 port: 2304 anyOf: 2305 - type: integer 2306 - type: string 2307 description: Number or name of the port 2308 to access on the container. Number must 2309 be in the range 1 to 65535. Name must 2310 be an IANA_SVC_NAME. 2311 x-kubernetes-int-or-string: true 2312 required: 2313 - port 2314 type: object 2315 terminationGracePeriodSeconds: 2316 description: Optional duration in seconds 2317 the pod needs to terminate gracefully upon 2318 probe failure. The grace period is the duration 2319 in seconds after the processes running in 2320 the pod are sent a termination signal and 2321 the time when the processes are forcibly 2322 halted with a kill signal. Set this value 2323 longer than the expected cleanup time for 2324 your process. 2325 format: int64 2326 type: integer 2327 timeoutSeconds: 2328 description: 'Number of seconds after which 2329 the probe times out. Defaults to 1 second. 2330 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2331 format: int32 2332 type: integer 2333 type: object 2334 stdin: 2335 description: Whether this container should allocate 2336 a buffer for stdin in the container runtime. 2337 If this is not set, reads from stdin in the 2338 container will always result in EOF. Default 2339 is false. 2340 type: boolean 2341 stdinOnce: 2342 description: Whether the container runtime should 2343 close the stdin channel after it has been opened 2344 by a single attach. When stdin is true the stdin 2345 stream will remain open across multiple attach 2346 sessions. 2347 type: boolean 2348 terminationMessagePath: 2349 description: 'Optional: Path at which the file 2350 to which the container''s termination message 2351 will be written is mounted into the container''s 2352 filesystem. Message written is intended to be 2353 brief final status, such as an assertion failure 2354 message. Will be truncated by the node if greater 2355 than 4096 bytes. The total message length across 2356 all containers will be limited to 12kb. Defaults 2357 to /dev/termination-log.' 2358 type: string 2359 terminationMessagePolicy: 2360 description: Indicate how the termination message 2361 should be populated. File will use the contents 2362 of terminationMessagePath to populate the container 2363 status message on both success and failure. 2364 FallbackToLogsOnError will use the last chunk 2365 of container log output if the termination message 2366 file is empty and the container exited with 2367 an error. 2368 type: string 2369 tty: 2370 description: Whether this container should allocate 2371 a TTY for itself, also requires 'stdin' to be 2372 true. Default is false. 2373 type: boolean 2374 volumeDevices: 2375 description: volumeDevices is the list of block 2376 devices to be used by the container. 2377 items: 2378 description: volumeDevice describes a mapping 2379 of a raw block device within a container. 2380 properties: 2381 devicePath: 2382 description: devicePath is the path inside 2383 of the container that the device will 2384 be mapped to. 2385 type: string 2386 name: 2387 description: name must match the name of 2388 a persistentVolumeClaim in the pod 2389 type: string 2390 required: 2391 - devicePath 2392 - name 2393 type: object 2394 type: array 2395 volumeMounts: 2396 description: Pod volumes to mount into the container's 2397 filesystem. Cannot be updated. 2398 items: 2399 description: VolumeMount describes a mounting 2400 of a Volume within a container. 2401 properties: 2402 mountPath: 2403 description: Path within the container at 2404 which the volume should be mounted. Must 2405 not contain ':'. 2406 type: string 2407 mountPropagation: 2408 description: mountPropagation determines 2409 how mounts are propagated from the host 2410 to container and the other way around. 2411 When not set, MountPropagationNone is 2412 used. This field is beta in 1.10. 2413 type: string 2414 name: 2415 description: This must match the Name of 2416 a Volume. 2417 type: string 2418 readOnly: 2419 description: Mounted read-only if true, 2420 read-write otherwise (false or unspecified). 2421 Defaults to false. 2422 type: boolean 2423 subPath: 2424 description: Path within the volume from 2425 which the container's volume should be 2426 mounted. Defaults to "" (volume's root). 2427 type: string 2428 subPathExpr: 2429 description: Expanded path within the volume 2430 from which the container's volume should 2431 be mounted. Behaves similarly to SubPath 2432 but environment variable references $(VAR_NAME) 2433 are expanded using the container's environment. 2434 Defaults to "" (volume's root). SubPathExpr 2435 and SubPath are mutually exclusive. 2436 type: string 2437 required: 2438 - mountPath 2439 - name 2440 type: object 2441 type: array 2442 workingDir: 2443 description: Container's working directory. If 2444 not specified, the container runtime's default 2445 will be used, which might be configured in the 2446 container image. Cannot be updated. 2447 type: string 2448 required: 2449 - name 2450 type: object 2451 type: array 2452 dnsConfig: 2453 description: Specifies the DNS parameters of a pod. 2454 Parameters specified here will be merged to the generated 2455 DNS configuration based on DNSPolicy. 2456 properties: 2457 nameservers: 2458 description: A list of DNS name server IP addresses. 2459 This will be appended to the base nameservers 2460 generated from DNSPolicy. Duplicated nameservers 2461 will be removed. 2462 items: 2463 type: string 2464 type: array 2465 options: 2466 description: A list of DNS resolver options. This 2467 will be merged with the base options generated 2468 from DNSPolicy. Duplicated entries will be removed. 2469 Resolution options given in Options will override 2470 those that appear in the base DNSPolicy. 2471 items: 2472 description: PodDNSConfigOption defines DNS resolver 2473 options of a pod. 2474 properties: 2475 name: 2476 description: Required. 2477 type: string 2478 value: 2479 type: string 2480 type: object 2481 type: array 2482 searches: 2483 description: A list of DNS search domains for host-name 2484 lookup. This will be appended to the base search 2485 paths generated from DNSPolicy. Duplicated search 2486 paths will be removed. 2487 items: 2488 type: string 2489 type: array 2490 type: object 2491 dnsPolicy: 2492 description: Set DNS policy for the pod. Defaults to 2493 "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 2494 'ClusterFirst', 'Default' or 'None'. DNS parameters 2495 given in DNSConfig will be merged with the policy 2496 selected with DNSPolicy. To have DNS options set along 2497 with hostNetwork, you have to specify DNS policy explicitly 2498 to 'ClusterFirstWithHostNet'. 2499 type: string 2500 enableServiceLinks: 2501 description: 'EnableServiceLinks indicates whether information 2502 about services should be injected into pod''s environment 2503 variables, matching the syntax of Docker links. Optional: 2504 Defaults to true.' 2505 type: boolean 2506 ephemeralContainers: 2507 description: List of ephemeral containers run in this 2508 pod. Ephemeral containers may be run in an existing 2509 pod to perform user-initiated actions such as debugging. 2510 This list cannot be specified when creating a pod, 2511 and it cannot be modified by updating the pod spec. 2512 In order to add an ephemeral container to an existing 2513 pod, use the pod's ephemeralcontainers subresource. 2514 items: 2515 description: An EphemeralContainer is a temporary 2516 container that you may add to an existing Pod for 2517 user-initiated activities such as debugging. Ephemeral 2518 containers have no resource or scheduling guarantees, 2519 and they will not be restarted when they exit or 2520 when a Pod is removed or restarted. The kubelet 2521 may evict a Pod if an ephemeral container causes 2522 the Pod to exceed its resource allocation. 2523 properties: 2524 args: 2525 description: 'Arguments to the entrypoint. The 2526 image''s CMD is used if this is not provided. 2527 Variable references $(VAR_NAME) are expanded 2528 using the container''s environment. If a variable 2529 cannot be resolved, the reference in the input 2530 string will be unchanged. Double $$ are reduced 2531 to a single $, which allows for escaping the 2532 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 2533 produce the string literal "$(VAR_NAME)".' 2534 items: 2535 type: string 2536 type: array 2537 command: 2538 description: 'Entrypoint array. Not executed within 2539 a shell. The image''s ENTRYPOINT is used if 2540 this is not provided. Variable references $(VAR_NAME) 2541 are expanded using the container''s environment. 2542 If a variable cannot be resolved, the reference 2543 in the input string will be unchanged. Double 2544 $$ are reduced to a single $, which allows for 2545 escaping the $(VAR_NAME) syntax: i.e.' 2546 items: 2547 type: string 2548 type: array 2549 env: 2550 description: List of environment variables to 2551 set in the container. Cannot be updated. 2552 items: 2553 description: EnvVar represents an environment 2554 variable present in a Container. 2555 properties: 2556 name: 2557 description: Name of the environment variable. 2558 Must be a C_IDENTIFIER. 2559 type: string 2560 value: 2561 description: 'Variable references $(VAR_NAME) 2562 are expanded using the previously defined 2563 environment variables in the container 2564 and any service environment variables. 2565 If a variable cannot be resolved, the 2566 reference in the input string will be 2567 unchanged. Double $$ are reduced to a 2568 single $, which allows for escaping the 2569 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2570 will produce the string literal "$(VAR_NAME)".' 2571 type: string 2572 valueFrom: 2573 description: Source for the environment 2574 variable's value. Cannot be used if value 2575 is not empty. 2576 properties: 2577 configMapKeyRef: 2578 description: Selects a key of a ConfigMap. 2579 properties: 2580 key: 2581 description: The key to select. 2582 type: string 2583 name: 2584 description: 'Name of the referent. 2585 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2586 TODO: Add other useful fields. 2587 apiVersion, kind, uid?' 2588 type: string 2589 optional: 2590 description: Specify whether the 2591 ConfigMap or its key must be defined 2592 type: boolean 2593 required: 2594 - key 2595 type: object 2596 x-kubernetes-map-type: atomic 2597 fieldRef: 2598 description: 'Selects a field of the 2599 pod: supports metadata.name, metadata.namespace, 2600 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 2601 spec.nodeName, spec.serviceAccountName, 2602 status.hostIP, status.podIP, status.podIPs.' 2603 properties: 2604 apiVersion: 2605 description: Version of the schema 2606 the FieldPath is written in terms 2607 of, defaults to "v1". 2608 type: string 2609 fieldPath: 2610 description: Path of the field to 2611 select in the specified API version. 2612 type: string 2613 required: 2614 - fieldPath 2615 type: object 2616 x-kubernetes-map-type: atomic 2617 resourceFieldRef: 2618 description: 'Selects a resource of 2619 the container: only resources limits 2620 and requests (limits.cpu, limits.memory, 2621 limits.ephemeral-storage, requests.cpu, 2622 requests.memory and requests.ephemeral-storage) 2623 are currently supported.' 2624 properties: 2625 containerName: 2626 description: 'Container name: required 2627 for volumes, optional for env 2628 vars' 2629 type: string 2630 divisor: 2631 anyOf: 2632 - type: integer 2633 - type: string 2634 description: Specifies the output 2635 format of the exposed resources, 2636 defaults to "1" 2637 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2638 x-kubernetes-int-or-string: true 2639 resource: 2640 description: 'Required: resource 2641 to select' 2642 type: string 2643 required: 2644 - resource 2645 type: object 2646 x-kubernetes-map-type: atomic 2647 secretKeyRef: 2648 description: Selects a key of a secret 2649 in the pod's namespace 2650 properties: 2651 key: 2652 description: The key of the secret 2653 to select from. Must be a valid 2654 secret key. 2655 type: string 2656 name: 2657 description: 'Name of the referent. 2658 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2659 TODO: Add other useful fields. 2660 apiVersion, kind, uid?' 2661 type: string 2662 optional: 2663 description: Specify whether the 2664 Secret or its key must be defined 2665 type: boolean 2666 required: 2667 - key 2668 type: object 2669 x-kubernetes-map-type: atomic 2670 type: object 2671 required: 2672 - name 2673 type: object 2674 type: array 2675 envFrom: 2676 description: List of sources to populate environment 2677 variables in the container. The keys defined 2678 within a source must be a C_IDENTIFIER. All 2679 invalid keys will be reported as an event when 2680 the container is starting. When a key exists 2681 in multiple sources, the value associated with 2682 the last source will take precedence. Values 2683 defined by an Env with a duplicate key will 2684 take precedence. Cannot be updated. 2685 items: 2686 description: EnvFromSource represents the source 2687 of a set of ConfigMaps 2688 properties: 2689 configMapRef: 2690 description: The ConfigMap to select from 2691 properties: 2692 name: 2693 description: 'Name of the referent. 2694 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2695 TODO: Add other useful fields. apiVersion, 2696 kind, uid?' 2697 type: string 2698 optional: 2699 description: Specify whether the ConfigMap 2700 must be defined 2701 type: boolean 2702 type: object 2703 x-kubernetes-map-type: atomic 2704 prefix: 2705 description: An optional identifier to prepend 2706 to each key in the ConfigMap. Must be 2707 a C_IDENTIFIER. 2708 type: string 2709 secretRef: 2710 description: The Secret to select from 2711 properties: 2712 name: 2713 description: 'Name of the referent. 2714 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2715 TODO: Add other useful fields. apiVersion, 2716 kind, uid?' 2717 type: string 2718 optional: 2719 description: Specify whether the Secret 2720 must be defined 2721 type: boolean 2722 type: object 2723 x-kubernetes-map-type: atomic 2724 type: object 2725 type: array 2726 image: 2727 description: 'Container image name. More info: 2728 https://kubernetes.io/docs/concepts/containers/images' 2729 type: string 2730 imagePullPolicy: 2731 description: 'Image pull policy. One of Always, 2732 Never, IfNotPresent. Defaults to Always if :latest 2733 tag is specified, or IfNotPresent otherwise. 2734 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2735 type: string 2736 lifecycle: 2737 description: Lifecycle is not allowed for ephemeral 2738 containers. 2739 properties: 2740 postStart: 2741 description: 'PostStart is called immediately 2742 after a container is created. If the handler 2743 fails, the container is terminated and restarted 2744 according to its restart policy. Other management 2745 of the container blocks until the hook completes. 2746 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2747 properties: 2748 exec: 2749 description: Exec specifies the action 2750 to take. 2751 properties: 2752 command: 2753 description: Command is the command 2754 line to execute inside the container, 2755 the working directory for the command is 2756 root ('/') in the container's filesystem. 2757 The command is simply exec'd, it 2758 is not run inside a shell, so traditional 2759 shell instructions ('|', etc) won't 2760 work. To use a shell, you need to 2761 explicitly call out to that shell. 2762 Exit status of 0 is treated as live/healthy 2763 and non-zero is unhealthy. 2764 items: 2765 type: string 2766 type: array 2767 type: object 2768 httpGet: 2769 description: HTTPGet specifies the http 2770 request to perform. 2771 properties: 2772 host: 2773 description: Host name to connect 2774 to, defaults to the pod IP. You 2775 probably want to set "Host" in httpHeaders 2776 instead. 2777 type: string 2778 httpHeaders: 2779 description: Custom headers to set 2780 in the request. HTTP allows repeated 2781 headers. 2782 items: 2783 description: HTTPHeader describes 2784 a custom header to be used in 2785 HTTP probes 2786 properties: 2787 name: 2788 description: The header field 2789 name. This will be canonicalized 2790 upon output, so case-variant 2791 names will be understood as 2792 the same header. 2793 type: string 2794 value: 2795 description: The header field 2796 value 2797 type: string 2798 required: 2799 - name 2800 - value 2801 type: object 2802 type: array 2803 path: 2804 description: Path to access on the 2805 HTTP server. 2806 type: string 2807 port: 2808 anyOf: 2809 - type: integer 2810 - type: string 2811 description: Name or number of the 2812 port to access on the container. 2813 Number must be in the range 1 to 2814 65535. Name must be an IANA_SVC_NAME. 2815 x-kubernetes-int-or-string: true 2816 scheme: 2817 description: Scheme to use for connecting 2818 to the host. Defaults to HTTP. 2819 type: string 2820 required: 2821 - port 2822 type: object 2823 tcpSocket: 2824 description: Deprecated. TCPSocket is 2825 NOT supported as a LifecycleHandler 2826 and kept for the backward compatibility. 2827 There are no validation of this field 2828 and lifecycle hooks will fail in runtime 2829 when tcp handler is specified. 2830 properties: 2831 host: 2832 description: 'Optional: Host name 2833 to connect to, defaults to the pod 2834 IP.' 2835 type: string 2836 port: 2837 anyOf: 2838 - type: integer 2839 - type: string 2840 description: Number or name of the 2841 port to access on the container. 2842 Number must be in the range 1 to 2843 65535. Name must be an IANA_SVC_NAME. 2844 x-kubernetes-int-or-string: true 2845 required: 2846 - port 2847 type: object 2848 type: object 2849 preStop: 2850 description: PreStop is called immediately 2851 before a container is terminated due to 2852 an API request or management event such 2853 as liveness/startup probe failure, preemption, 2854 resource contention, etc. The handler is 2855 not called if the container crashes or exits. 2856 The Pod's termination grace period countdown 2857 begins before the PreStop hook is executed. 2858 properties: 2859 exec: 2860 description: Exec specifies the action 2861 to take. 2862 properties: 2863 command: 2864 description: Command is the command 2865 line to execute inside the container, 2866 the working directory for the command is 2867 root ('/') in the container's filesystem. 2868 The command is simply exec'd, it 2869 is not run inside a shell, so traditional 2870 shell instructions ('|', etc) won't 2871 work. To use a shell, you need to 2872 explicitly call out to that shell. 2873 Exit status of 0 is treated as live/healthy 2874 and non-zero is unhealthy. 2875 items: 2876 type: string 2877 type: array 2878 type: object 2879 httpGet: 2880 description: HTTPGet specifies the http 2881 request to perform. 2882 properties: 2883 host: 2884 description: Host name to connect 2885 to, defaults to the pod IP. You 2886 probably want to set "Host" in httpHeaders 2887 instead. 2888 type: string 2889 httpHeaders: 2890 description: Custom headers to set 2891 in the request. HTTP allows repeated 2892 headers. 2893 items: 2894 description: HTTPHeader describes 2895 a custom header to be used in 2896 HTTP probes 2897 properties: 2898 name: 2899 description: The header field 2900 name. This will be canonicalized 2901 upon output, so case-variant 2902 names will be understood as 2903 the same header. 2904 type: string 2905 value: 2906 description: The header field 2907 value 2908 type: string 2909 required: 2910 - name 2911 - value 2912 type: object 2913 type: array 2914 path: 2915 description: Path to access on the 2916 HTTP server. 2917 type: string 2918 port: 2919 anyOf: 2920 - type: integer 2921 - type: string 2922 description: Name or number of the 2923 port to access on the container. 2924 Number must be in the range 1 to 2925 65535. Name must be an IANA_SVC_NAME. 2926 x-kubernetes-int-or-string: true 2927 scheme: 2928 description: Scheme to use for connecting 2929 to the host. Defaults to HTTP. 2930 type: string 2931 required: 2932 - port 2933 type: object 2934 tcpSocket: 2935 description: Deprecated. TCPSocket is 2936 NOT supported as a LifecycleHandler 2937 and kept for the backward compatibility. 2938 There are no validation of this field 2939 and lifecycle hooks will fail in runtime 2940 when tcp handler is specified. 2941 properties: 2942 host: 2943 description: 'Optional: Host name 2944 to connect to, defaults to the pod 2945 IP.' 2946 type: string 2947 port: 2948 anyOf: 2949 - type: integer 2950 - type: string 2951 description: Number or name of the 2952 port to access on the container. 2953 Number must be in the range 1 to 2954 65535. Name must be an IANA_SVC_NAME. 2955 x-kubernetes-int-or-string: true 2956 required: 2957 - port 2958 type: object 2959 type: object 2960 type: object 2961 livenessProbe: 2962 description: Probes are not allowed for ephemeral 2963 containers. 2964 properties: 2965 exec: 2966 description: Exec specifies the action to 2967 take. 2968 properties: 2969 command: 2970 description: Command is the command line 2971 to execute inside the container, the 2972 working directory for the command is 2973 root ('/') in the container's filesystem. 2974 The command is simply exec'd, it is 2975 not run inside a shell, so traditional 2976 shell instructions ('|', etc) won't 2977 work. To use a shell, you need to explicitly 2978 call out to that shell. Exit status 2979 of 0 is treated as live/healthy and 2980 non-zero is unhealthy. 2981 items: 2982 type: string 2983 type: array 2984 type: object 2985 failureThreshold: 2986 description: Minimum consecutive failures 2987 for the probe to be considered failed after 2988 having succeeded. Defaults to 3. Minimum 2989 value is 1. 2990 format: int32 2991 type: integer 2992 grpc: 2993 description: GRPC specifies an action involving 2994 a GRPC port. 2995 properties: 2996 port: 2997 description: Port number of the gRPC service. 2998 Number must be in the range 1 to 65535. 2999 format: int32 3000 type: integer 3001 service: 3002 description: "Service is the name of the 3003 service to place in the gRPC HealthCheckRequest 3004 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3005 \n If this is not specified, the default 3006 behavior is defined by gRPC." 3007 type: string 3008 required: 3009 - port 3010 type: object 3011 httpGet: 3012 description: HTTPGet specifies the http request 3013 to perform. 3014 properties: 3015 host: 3016 description: Host name to connect to, 3017 defaults to the pod IP. You probably 3018 want to set "Host" in httpHeaders instead. 3019 type: string 3020 httpHeaders: 3021 description: Custom headers to set in 3022 the request. HTTP allows repeated headers. 3023 items: 3024 description: HTTPHeader describes a 3025 custom header to be used in HTTP probes 3026 properties: 3027 name: 3028 description: The header field name. 3029 This will be canonicalized upon 3030 output, so case-variant names 3031 will be understood as the same 3032 header. 3033 type: string 3034 value: 3035 description: The header field value 3036 type: string 3037 required: 3038 - name 3039 - value 3040 type: object 3041 type: array 3042 path: 3043 description: Path to access on the HTTP 3044 server. 3045 type: string 3046 port: 3047 anyOf: 3048 - type: integer 3049 - type: string 3050 description: Name or number of the port 3051 to access on the container. Number must 3052 be in the range 1 to 65535. Name must 3053 be an IANA_SVC_NAME. 3054 x-kubernetes-int-or-string: true 3055 scheme: 3056 description: Scheme to use for connecting 3057 to the host. Defaults to HTTP. 3058 type: string 3059 required: 3060 - port 3061 type: object 3062 initialDelaySeconds: 3063 description: 'Number of seconds after the 3064 container has started before liveness probes 3065 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3066 format: int32 3067 type: integer 3068 periodSeconds: 3069 description: How often (in seconds) to perform 3070 the probe. Default to 10 seconds. Minimum 3071 value is 1. 3072 format: int32 3073 type: integer 3074 successThreshold: 3075 description: Minimum consecutive successes 3076 for the probe to be considered successful 3077 after having failed. Defaults to 1. Must 3078 be 1 for liveness and startup. Minimum value 3079 is 1. 3080 format: int32 3081 type: integer 3082 tcpSocket: 3083 description: TCPSocket specifies an action 3084 involving a TCP port. 3085 properties: 3086 host: 3087 description: 'Optional: Host name to connect 3088 to, defaults to the pod IP.' 3089 type: string 3090 port: 3091 anyOf: 3092 - type: integer 3093 - type: string 3094 description: Number or name of the port 3095 to access on the container. Number must 3096 be in the range 1 to 65535. Name must 3097 be an IANA_SVC_NAME. 3098 x-kubernetes-int-or-string: true 3099 required: 3100 - port 3101 type: object 3102 terminationGracePeriodSeconds: 3103 description: Optional duration in seconds 3104 the pod needs to terminate gracefully upon 3105 probe failure. The grace period is the duration 3106 in seconds after the processes running in 3107 the pod are sent a termination signal and 3108 the time when the processes are forcibly 3109 halted with a kill signal. Set this value 3110 longer than the expected cleanup time for 3111 your process. 3112 format: int64 3113 type: integer 3114 timeoutSeconds: 3115 description: 'Number of seconds after which 3116 the probe times out. Defaults to 1 second. 3117 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3118 format: int32 3119 type: integer 3120 type: object 3121 name: 3122 description: Name of the ephemeral container specified 3123 as a DNS_LABEL. This name must be unique among 3124 all containers, init containers and ephemeral 3125 containers. 3126 type: string 3127 ports: 3128 description: Ports are not allowed for ephemeral 3129 containers. 3130 items: 3131 description: ContainerPort represents a network 3132 port in a single container. 3133 properties: 3134 containerPort: 3135 description: Number of port to expose on 3136 the pod's IP address. This must be a valid 3137 port number, 0 < x < 65536. 3138 format: int32 3139 type: integer 3140 hostIP: 3141 description: What host IP to bind the external 3142 port to. 3143 type: string 3144 hostPort: 3145 description: Number of port to expose on 3146 the host. If specified, this must be a 3147 valid port number, 0 < x < 65536. If HostNetwork 3148 is specified, this must match ContainerPort. 3149 Most containers do not need this. 3150 format: int32 3151 type: integer 3152 name: 3153 description: If specified, this must be 3154 an IANA_SVC_NAME and unique within the 3155 pod. Each named port in a pod must have 3156 a unique name. Name for the port that 3157 can be referred to by services. 3158 type: string 3159 protocol: 3160 default: TCP 3161 description: Protocol for port. Must be 3162 UDP, TCP, or SCTP. Defaults to "TCP". 3163 type: string 3164 required: 3165 - containerPort 3166 type: object 3167 type: array 3168 x-kubernetes-list-map-keys: 3169 - containerPort 3170 - protocol 3171 x-kubernetes-list-type: map 3172 readinessProbe: 3173 description: Probes are not allowed for ephemeral 3174 containers. 3175 properties: 3176 exec: 3177 description: Exec specifies the action to 3178 take. 3179 properties: 3180 command: 3181 description: Command is the command line 3182 to execute inside the container, the 3183 working directory for the command is 3184 root ('/') in the container's filesystem. 3185 The command is simply exec'd, it is 3186 not run inside a shell, so traditional 3187 shell instructions ('|', etc) won't 3188 work. To use a shell, you need to explicitly 3189 call out to that shell. Exit status 3190 of 0 is treated as live/healthy and 3191 non-zero is unhealthy. 3192 items: 3193 type: string 3194 type: array 3195 type: object 3196 failureThreshold: 3197 description: Minimum consecutive failures 3198 for the probe to be considered failed after 3199 having succeeded. Defaults to 3. Minimum 3200 value is 1. 3201 format: int32 3202 type: integer 3203 grpc: 3204 description: GRPC specifies an action involving 3205 a GRPC port. 3206 properties: 3207 port: 3208 description: Port number of the gRPC service. 3209 Number must be in the range 1 to 65535. 3210 format: int32 3211 type: integer 3212 service: 3213 description: "Service is the name of the 3214 service to place in the gRPC HealthCheckRequest 3215 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3216 \n If this is not specified, the default 3217 behavior is defined by gRPC." 3218 type: string 3219 required: 3220 - port 3221 type: object 3222 httpGet: 3223 description: HTTPGet specifies the http request 3224 to perform. 3225 properties: 3226 host: 3227 description: Host name to connect to, 3228 defaults to the pod IP. You probably 3229 want to set "Host" in httpHeaders instead. 3230 type: string 3231 httpHeaders: 3232 description: Custom headers to set in 3233 the request. HTTP allows repeated headers. 3234 items: 3235 description: HTTPHeader describes a 3236 custom header to be used in HTTP probes 3237 properties: 3238 name: 3239 description: The header field name. 3240 This will be canonicalized upon 3241 output, so case-variant names 3242 will be understood as the same 3243 header. 3244 type: string 3245 value: 3246 description: The header field value 3247 type: string 3248 required: 3249 - name 3250 - value 3251 type: object 3252 type: array 3253 path: 3254 description: Path to access on the HTTP 3255 server. 3256 type: string 3257 port: 3258 anyOf: 3259 - type: integer 3260 - type: string 3261 description: Name or number of the port 3262 to access on the container. Number must 3263 be in the range 1 to 65535. Name must 3264 be an IANA_SVC_NAME. 3265 x-kubernetes-int-or-string: true 3266 scheme: 3267 description: Scheme to use for connecting 3268 to the host. Defaults to HTTP. 3269 type: string 3270 required: 3271 - port 3272 type: object 3273 initialDelaySeconds: 3274 description: 'Number of seconds after the 3275 container has started before liveness probes 3276 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3277 format: int32 3278 type: integer 3279 periodSeconds: 3280 description: How often (in seconds) to perform 3281 the probe. Default to 10 seconds. Minimum 3282 value is 1. 3283 format: int32 3284 type: integer 3285 successThreshold: 3286 description: Minimum consecutive successes 3287 for the probe to be considered successful 3288 after having failed. Defaults to 1. Must 3289 be 1 for liveness and startup. Minimum value 3290 is 1. 3291 format: int32 3292 type: integer 3293 tcpSocket: 3294 description: TCPSocket specifies an action 3295 involving a TCP port. 3296 properties: 3297 host: 3298 description: 'Optional: Host name to connect 3299 to, defaults to the pod IP.' 3300 type: string 3301 port: 3302 anyOf: 3303 - type: integer 3304 - type: string 3305 description: Number or name of the port 3306 to access on the container. Number must 3307 be in the range 1 to 65535. Name must 3308 be an IANA_SVC_NAME. 3309 x-kubernetes-int-or-string: true 3310 required: 3311 - port 3312 type: object 3313 terminationGracePeriodSeconds: 3314 description: Optional duration in seconds 3315 the pod needs to terminate gracefully upon 3316 probe failure. The grace period is the duration 3317 in seconds after the processes running in 3318 the pod are sent a termination signal and 3319 the time when the processes are forcibly 3320 halted with a kill signal. Set this value 3321 longer than the expected cleanup time for 3322 your process. 3323 format: int64 3324 type: integer 3325 timeoutSeconds: 3326 description: 'Number of seconds after which 3327 the probe times out. Defaults to 1 second. 3328 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3329 format: int32 3330 type: integer 3331 type: object 3332 resizePolicy: 3333 description: Resources resize policy for the container. 3334 items: 3335 description: ContainerResizePolicy represents 3336 resource resize policy for the container. 3337 properties: 3338 resourceName: 3339 description: 'Name of the resource to which 3340 this resource resize policy applies. Supported 3341 values: cpu, memory.' 3342 type: string 3343 restartPolicy: 3344 description: Restart policy to apply when 3345 specified resource is resized. If not 3346 specified, it defaults to NotRequired. 3347 type: string 3348 required: 3349 - resourceName 3350 - restartPolicy 3351 type: object 3352 type: array 3353 x-kubernetes-list-type: atomic 3354 resources: 3355 description: Resources are not allowed for ephemeral 3356 containers. Ephemeral containers use spare resources 3357 already allocated to the pod. 3358 properties: 3359 claims: 3360 description: "Claims lists the names of resources, 3361 defined in spec.resourceClaims, that are 3362 used by this container. \n This is an alpha 3363 field and requires enabling the DynamicResourceAllocation 3364 feature gate. \n This field is immutable. 3365 It can only be set for containers." 3366 items: 3367 description: ResourceClaim references one 3368 entry in PodSpec.ResourceClaims. 3369 properties: 3370 name: 3371 description: Name must match the name 3372 of one entry in pod.spec.resourceClaims 3373 of the Pod where this field is used. 3374 It makes that resource available inside 3375 a container. 3376 type: string 3377 required: 3378 - name 3379 type: object 3380 type: array 3381 x-kubernetes-list-map-keys: 3382 - name 3383 x-kubernetes-list-type: map 3384 limits: 3385 additionalProperties: 3386 anyOf: 3387 - type: integer 3388 - type: string 3389 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3390 x-kubernetes-int-or-string: true 3391 description: 'Limits describes the maximum 3392 amount of compute resources allowed. More 3393 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3394 type: object 3395 requests: 3396 additionalProperties: 3397 anyOf: 3398 - type: integer 3399 - type: string 3400 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3401 x-kubernetes-int-or-string: true 3402 description: 'Requests describes the minimum 3403 amount of compute resources required. If 3404 Requests is omitted for a container, it 3405 defaults to Limits if that is explicitly 3406 specified, otherwise to an implementation-defined 3407 value. Requests cannot exceed Limits. More 3408 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3409 type: object 3410 type: object 3411 securityContext: 3412 description: 'Optional: SecurityContext defines 3413 the security options the ephemeral container 3414 should be run with. If set, the fields of SecurityContext 3415 override the equivalent fields of PodSecurityContext.' 3416 properties: 3417 allowPrivilegeEscalation: 3418 description: 'AllowPrivilegeEscalation controls 3419 whether a process can gain more privileges 3420 than its parent process. This bool directly 3421 controls if the no_new_privs flag will be 3422 set on the container process. AllowPrivilegeEscalation 3423 is true always when the container is: 1) 3424 run as Privileged 2) has CAP_SYS_ADMIN Note 3425 that this field cannot be set when spec.os.name 3426 is windows.' 3427 type: boolean 3428 capabilities: 3429 description: The capabilities to add/drop 3430 when running containers. Defaults to the 3431 default set of capabilities granted by the 3432 container runtime. Note that this field 3433 cannot be set when spec.os.name is windows. 3434 properties: 3435 add: 3436 description: Added capabilities 3437 items: 3438 description: Capability represent POSIX 3439 capabilities type 3440 type: string 3441 type: array 3442 drop: 3443 description: Removed capabilities 3444 items: 3445 description: Capability represent POSIX 3446 capabilities type 3447 type: string 3448 type: array 3449 type: object 3450 privileged: 3451 description: Run container in privileged mode. 3452 Processes in privileged containers are essentially 3453 equivalent to root on the host. Defaults 3454 to false. Note that this field cannot be 3455 set when spec.os.name is windows. 3456 type: boolean 3457 procMount: 3458 description: procMount denotes the type of 3459 proc mount to use for the containers. The 3460 default is DefaultProcMount which uses the 3461 container runtime defaults for readonly 3462 paths and masked paths. This requires the 3463 ProcMountType feature flag to be enabled. 3464 Note that this field cannot be set when 3465 spec.os.name is windows. 3466 type: string 3467 readOnlyRootFilesystem: 3468 description: Whether this container has a 3469 read-only root filesystem. Default is false. 3470 Note that this field cannot be set when 3471 spec.os.name is windows. 3472 type: boolean 3473 runAsGroup: 3474 description: The GID to run the entrypoint 3475 of the container process. Uses runtime default 3476 if unset. May also be set in PodSecurityContext. If 3477 set in both SecurityContext and PodSecurityContext, 3478 the value specified in SecurityContext takes 3479 precedence. Note that this field cannot 3480 be set when spec.os.name is windows. 3481 format: int64 3482 type: integer 3483 runAsNonRoot: 3484 description: Indicates that the container 3485 must run as a non-root user. If true, the 3486 Kubelet will validate the image at runtime 3487 to ensure that it does not run as UID 0 3488 (root) and fail to start the container if 3489 it does. If unset or false, no such validation 3490 will be performed. May also be set in PodSecurityContext. 3491 type: boolean 3492 runAsUser: 3493 description: The UID to run the entrypoint 3494 of the container process. Defaults to user 3495 specified in image metadata if unspecified. 3496 May also be set in PodSecurityContext. If 3497 set in both SecurityContext and PodSecurityContext, 3498 the value specified in SecurityContext takes 3499 precedence. Note that this field cannot 3500 be set when spec.os.name is windows. 3501 format: int64 3502 type: integer 3503 seLinuxOptions: 3504 description: The SELinux context to be applied 3505 to the container. If unspecified, the container 3506 runtime will allocate a random SELinux context 3507 for each container. May also be set in 3508 PodSecurityContext. If set in both SecurityContext 3509 and PodSecurityContext, the value specified 3510 in SecurityContext takes precedence. Note 3511 that this field cannot be set when spec.os.name 3512 is windows. 3513 properties: 3514 level: 3515 description: Level is SELinux level label 3516 that applies to the container. 3517 type: string 3518 role: 3519 description: Role is a SELinux role label 3520 that applies to the container. 3521 type: string 3522 type: 3523 description: Type is a SELinux type label 3524 that applies to the container. 3525 type: string 3526 user: 3527 description: User is a SELinux user label 3528 that applies to the container. 3529 type: string 3530 type: object 3531 seccompProfile: 3532 description: The seccomp options to use by 3533 this container. If seccomp options are provided 3534 at both the pod & container level, the container 3535 options override the pod options. Note that 3536 this field cannot be set when spec.os.name 3537 is windows. 3538 properties: 3539 localhostProfile: 3540 description: localhostProfile indicates 3541 a profile defined in a file on the node 3542 should be used. The profile must be 3543 preconfigured on the node to work. Must 3544 be a descending path, relative to the 3545 kubelet's configured seccomp profile 3546 location. Must only be set if type is 3547 "Localhost". 3548 type: string 3549 type: 3550 description: "type indicates which kind 3551 of seccomp profile will be applied. 3552 Valid options are: \n Localhost - a 3553 profile defined in a file on the node 3554 should be used. RuntimeDefault - the 3555 container runtime default profile should 3556 be used. Unconfined - no profile should 3557 be applied." 3558 type: string 3559 required: 3560 - type 3561 type: object 3562 windowsOptions: 3563 description: The Windows specific settings 3564 applied to all containers. If unspecified, 3565 the options from the PodSecurityContext 3566 will be used. If set in both SecurityContext 3567 and PodSecurityContext, the value specified 3568 in SecurityContext takes precedence. Note 3569 that this field cannot be set when spec.os.name 3570 is linux. 3571 properties: 3572 gmsaCredentialSpec: 3573 description: GMSACredentialSpec is where 3574 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3575 inlines the contents of the GMSA credential 3576 spec named by the GMSACredentialSpecName 3577 field. 3578 type: string 3579 gmsaCredentialSpecName: 3580 description: GMSACredentialSpecName is 3581 the name of the GMSA credential spec 3582 to use. 3583 type: string 3584 hostProcess: 3585 description: HostProcess determines if 3586 a container should be run as a 'Host 3587 Process' container. This field is alpha-level 3588 and will only be honored by components 3589 that enable the WindowsHostProcessContainers 3590 feature flag. Setting this field without 3591 the feature flag will result in errors 3592 when validating the Pod. 3593 type: boolean 3594 runAsUserName: 3595 description: The UserName in Windows to 3596 run the entrypoint of the container 3597 process. Defaults to the user specified 3598 in image metadata if unspecified. May 3599 also be set in PodSecurityContext. If 3600 set in both SecurityContext and PodSecurityContext, 3601 the value specified in SecurityContext 3602 takes precedence. 3603 type: string 3604 type: object 3605 type: object 3606 startupProbe: 3607 description: Probes are not allowed for ephemeral 3608 containers. 3609 properties: 3610 exec: 3611 description: Exec specifies the action to 3612 take. 3613 properties: 3614 command: 3615 description: Command is the command line 3616 to execute inside the container, the 3617 working directory for the command is 3618 root ('/') in the container's filesystem. 3619 The command is simply exec'd, it is 3620 not run inside a shell, so traditional 3621 shell instructions ('|', etc) won't 3622 work. To use a shell, you need to explicitly 3623 call out to that shell. Exit status 3624 of 0 is treated as live/healthy and 3625 non-zero is unhealthy. 3626 items: 3627 type: string 3628 type: array 3629 type: object 3630 failureThreshold: 3631 description: Minimum consecutive failures 3632 for the probe to be considered failed after 3633 having succeeded. Defaults to 3. Minimum 3634 value is 1. 3635 format: int32 3636 type: integer 3637 grpc: 3638 description: GRPC specifies an action involving 3639 a GRPC port. 3640 properties: 3641 port: 3642 description: Port number of the gRPC service. 3643 Number must be in the range 1 to 65535. 3644 format: int32 3645 type: integer 3646 service: 3647 description: "Service is the name of the 3648 service to place in the gRPC HealthCheckRequest 3649 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3650 \n If this is not specified, the default 3651 behavior is defined by gRPC." 3652 type: string 3653 required: 3654 - port 3655 type: object 3656 httpGet: 3657 description: HTTPGet specifies the http request 3658 to perform. 3659 properties: 3660 host: 3661 description: Host name to connect to, 3662 defaults to the pod IP. You probably 3663 want to set "Host" in httpHeaders instead. 3664 type: string 3665 httpHeaders: 3666 description: Custom headers to set in 3667 the request. HTTP allows repeated headers. 3668 items: 3669 description: HTTPHeader describes a 3670 custom header to be used in HTTP probes 3671 properties: 3672 name: 3673 description: The header field name. 3674 This will be canonicalized upon 3675 output, so case-variant names 3676 will be understood as the same 3677 header. 3678 type: string 3679 value: 3680 description: The header field value 3681 type: string 3682 required: 3683 - name 3684 - value 3685 type: object 3686 type: array 3687 path: 3688 description: Path to access on the HTTP 3689 server. 3690 type: string 3691 port: 3692 anyOf: 3693 - type: integer 3694 - type: string 3695 description: Name or number of the port 3696 to access on the container. Number must 3697 be in the range 1 to 65535. Name must 3698 be an IANA_SVC_NAME. 3699 x-kubernetes-int-or-string: true 3700 scheme: 3701 description: Scheme to use for connecting 3702 to the host. Defaults to HTTP. 3703 type: string 3704 required: 3705 - port 3706 type: object 3707 initialDelaySeconds: 3708 description: 'Number of seconds after the 3709 container has started before liveness probes 3710 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3711 format: int32 3712 type: integer 3713 periodSeconds: 3714 description: How often (in seconds) to perform 3715 the probe. Default to 10 seconds. Minimum 3716 value is 1. 3717 format: int32 3718 type: integer 3719 successThreshold: 3720 description: Minimum consecutive successes 3721 for the probe to be considered successful 3722 after having failed. Defaults to 1. Must 3723 be 1 for liveness and startup. Minimum value 3724 is 1. 3725 format: int32 3726 type: integer 3727 tcpSocket: 3728 description: TCPSocket specifies an action 3729 involving a TCP port. 3730 properties: 3731 host: 3732 description: 'Optional: Host name to connect 3733 to, defaults to the pod IP.' 3734 type: string 3735 port: 3736 anyOf: 3737 - type: integer 3738 - type: string 3739 description: Number or name of the port 3740 to access on the container. Number must 3741 be in the range 1 to 65535. Name must 3742 be an IANA_SVC_NAME. 3743 x-kubernetes-int-or-string: true 3744 required: 3745 - port 3746 type: object 3747 terminationGracePeriodSeconds: 3748 description: Optional duration in seconds 3749 the pod needs to terminate gracefully upon 3750 probe failure. The grace period is the duration 3751 in seconds after the processes running in 3752 the pod are sent a termination signal and 3753 the time when the processes are forcibly 3754 halted with a kill signal. Set this value 3755 longer than the expected cleanup time for 3756 your process. 3757 format: int64 3758 type: integer 3759 timeoutSeconds: 3760 description: 'Number of seconds after which 3761 the probe times out. Defaults to 1 second. 3762 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3763 format: int32 3764 type: integer 3765 type: object 3766 stdin: 3767 description: Whether this container should allocate 3768 a buffer for stdin in the container runtime. 3769 If this is not set, reads from stdin in the 3770 container will always result in EOF. Default 3771 is false. 3772 type: boolean 3773 stdinOnce: 3774 description: Whether the container runtime should 3775 close the stdin channel after it has been opened 3776 by a single attach. When stdin is true the stdin 3777 stream will remain open across multiple attach 3778 sessions. 3779 type: boolean 3780 targetContainerName: 3781 description: "If set, the name of the container 3782 from PodSpec that this ephemeral container targets. 3783 The ephemeral container will be run in the namespaces 3784 (IPC, PID, etc) of this container. If not set 3785 then the ephemeral container uses the namespaces 3786 configured in the Pod spec. \n The container 3787 runtime must implement support for this feature." 3788 type: string 3789 terminationMessagePath: 3790 description: 'Optional: Path at which the file 3791 to which the container''s termination message 3792 will be written is mounted into the container''s 3793 filesystem. Message written is intended to be 3794 brief final status, such as an assertion failure 3795 message. Will be truncated by the node if greater 3796 than 4096 bytes. The total message length across 3797 all containers will be limited to 12kb. Defaults 3798 to /dev/termination-log.' 3799 type: string 3800 terminationMessagePolicy: 3801 description: Indicate how the termination message 3802 should be populated. File will use the contents 3803 of terminationMessagePath to populate the container 3804 status message on both success and failure. 3805 FallbackToLogsOnError will use the last chunk 3806 of container log output if the termination message 3807 file is empty and the container exited with 3808 an error. 3809 type: string 3810 tty: 3811 description: Whether this container should allocate 3812 a TTY for itself, also requires 'stdin' to be 3813 true. Default is false. 3814 type: boolean 3815 volumeDevices: 3816 description: volumeDevices is the list of block 3817 devices to be used by the container. 3818 items: 3819 description: volumeDevice describes a mapping 3820 of a raw block device within a container. 3821 properties: 3822 devicePath: 3823 description: devicePath is the path inside 3824 of the container that the device will 3825 be mapped to. 3826 type: string 3827 name: 3828 description: name must match the name of 3829 a persistentVolumeClaim in the pod 3830 type: string 3831 required: 3832 - devicePath 3833 - name 3834 type: object 3835 type: array 3836 volumeMounts: 3837 description: Pod volumes to mount into the container's 3838 filesystem. Subpath mounts are not allowed for 3839 ephemeral containers. Cannot be updated. 3840 items: 3841 description: VolumeMount describes a mounting 3842 of a Volume within a container. 3843 properties: 3844 mountPath: 3845 description: Path within the container at 3846 which the volume should be mounted. Must 3847 not contain ':'. 3848 type: string 3849 mountPropagation: 3850 description: mountPropagation determines 3851 how mounts are propagated from the host 3852 to container and the other way around. 3853 When not set, MountPropagationNone is 3854 used. This field is beta in 1.10. 3855 type: string 3856 name: 3857 description: This must match the Name of 3858 a Volume. 3859 type: string 3860 readOnly: 3861 description: Mounted read-only if true, 3862 read-write otherwise (false or unspecified). 3863 Defaults to false. 3864 type: boolean 3865 subPath: 3866 description: Path within the volume from 3867 which the container's volume should be 3868 mounted. Defaults to "" (volume's root). 3869 type: string 3870 subPathExpr: 3871 description: Expanded path within the volume 3872 from which the container's volume should 3873 be mounted. Behaves similarly to SubPath 3874 but environment variable references $(VAR_NAME) 3875 are expanded using the container's environment. 3876 Defaults to "" (volume's root). SubPathExpr 3877 and SubPath are mutually exclusive. 3878 type: string 3879 required: 3880 - mountPath 3881 - name 3882 type: object 3883 type: array 3884 workingDir: 3885 description: Container's working directory. If 3886 not specified, the container runtime's default 3887 will be used, which might be configured in the 3888 container image. Cannot be updated. 3889 type: string 3890 required: 3891 - name 3892 type: object 3893 type: array 3894 hostAliases: 3895 description: HostAliases is an optional list of hosts 3896 and IPs that will be injected into the pod's hosts 3897 file if specified. This is only valid for non-hostNetwork 3898 pods. 3899 items: 3900 description: HostAlias holds the mapping between IP 3901 and hostnames that will be injected as an entry 3902 in the pod's hosts file. 3903 properties: 3904 hostnames: 3905 description: Hostnames for the above IP address. 3906 items: 3907 type: string 3908 type: array 3909 ip: 3910 description: IP address of the host file entry. 3911 type: string 3912 type: object 3913 type: array 3914 hostIPC: 3915 description: 'Use the host''s ipc namespace. Optional: 3916 Default to false.' 3917 type: boolean 3918 hostNetwork: 3919 description: Host networking requested for this pod. 3920 Use the host's network namespace. If this option is 3921 set, the ports that will be used must be specified. 3922 Default to false. 3923 type: boolean 3924 hostPID: 3925 description: 'Use the host''s pid namespace. Optional: 3926 Default to false.' 3927 type: boolean 3928 hostUsers: 3929 description: 'Use the host''s user namespace. Optional: 3930 Default to true. If set to true or not present, the 3931 pod will be run in the host user namespace, useful 3932 for when the pod needs a feature only available to 3933 the host user namespace, such as loading a kernel 3934 module with CAP_SYS_MODULE. When set to false, a new 3935 userns is created for the pod.' 3936 type: boolean 3937 hostname: 3938 description: Specifies the hostname of the Pod If not 3939 specified, the pod's hostname will be set to a system-defined 3940 value. 3941 type: string 3942 imagePullSecrets: 3943 description: 'ImagePullSecrets is an optional list of 3944 references to secrets in the same namespace to use 3945 for pulling any of the images used by this PodSpec. 3946 If specified, these secrets will be passed to individual 3947 puller implementations for them to use. More info: 3948 https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 3949 items: 3950 description: LocalObjectReference contains enough 3951 information to let you locate the referenced object 3952 inside the same namespace. 3953 properties: 3954 name: 3955 description: 'Name of the referent. More info: 3956 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3957 TODO: Add other useful fields. apiVersion, kind, 3958 uid?' 3959 type: string 3960 type: object 3961 x-kubernetes-map-type: atomic 3962 type: array 3963 initContainers: 3964 description: List of initialization containers belonging 3965 to the pod. Init containers are executed in order 3966 prior to containers being started. If any init container 3967 fails, the pod is considered to have failed and is 3968 handled according to its restartPolicy. The name for 3969 an init container or normal container must be unique 3970 among all containers. 3971 items: 3972 description: A single application container that you 3973 want to run within a pod. 3974 properties: 3975 args: 3976 description: 'Arguments to the entrypoint. The 3977 container image''s CMD is used if this is not 3978 provided. Variable references $(VAR_NAME) are 3979 expanded using the container''s environment. 3980 If a variable cannot be resolved, the reference 3981 in the input string will be unchanged. Double 3982 $$ are reduced to a single $, which allows for 3983 escaping the $(VAR_NAME) syntax: i.e.' 3984 items: 3985 type: string 3986 type: array 3987 command: 3988 description: 'Entrypoint array. Not executed within 3989 a shell. The container image''s ENTRYPOINT is 3990 used if this is not provided. Variable references 3991 $(VAR_NAME) are expanded using the container''s 3992 environment. If a variable cannot be resolved, 3993 the reference in the input string will be unchanged. 3994 Double $$ are reduced to a single $, which allows 3995 for escaping the $(VAR_NAME) syntax: i.e.' 3996 items: 3997 type: string 3998 type: array 3999 env: 4000 description: List of environment variables to 4001 set in the container. Cannot be updated. 4002 items: 4003 description: EnvVar represents an environment 4004 variable present in a Container. 4005 properties: 4006 name: 4007 description: Name of the environment variable. 4008 Must be a C_IDENTIFIER. 4009 type: string 4010 value: 4011 description: 'Variable references $(VAR_NAME) 4012 are expanded using the previously defined 4013 environment variables in the container 4014 and any service environment variables. 4015 If a variable cannot be resolved, the 4016 reference in the input string will be 4017 unchanged. Double $$ are reduced to a 4018 single $, which allows for escaping the 4019 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4020 will produce the string literal "$(VAR_NAME)".' 4021 type: string 4022 valueFrom: 4023 description: Source for the environment 4024 variable's value. Cannot be used if value 4025 is not empty. 4026 properties: 4027 configMapKeyRef: 4028 description: Selects a key of a ConfigMap. 4029 properties: 4030 key: 4031 description: The key to select. 4032 type: string 4033 name: 4034 description: 'Name of the referent. 4035 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4036 TODO: Add other useful fields. 4037 apiVersion, kind, uid?' 4038 type: string 4039 optional: 4040 description: Specify whether the 4041 ConfigMap or its key must be defined 4042 type: boolean 4043 required: 4044 - key 4045 type: object 4046 x-kubernetes-map-type: atomic 4047 fieldRef: 4048 description: 'Selects a field of the 4049 pod: supports metadata.name, metadata.namespace, 4050 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4051 spec.nodeName, spec.serviceAccountName, 4052 status.hostIP, status.podIP, status.podIPs.' 4053 properties: 4054 apiVersion: 4055 description: Version of the schema 4056 the FieldPath is written in terms 4057 of, defaults to "v1". 4058 type: string 4059 fieldPath: 4060 description: Path of the field to 4061 select in the specified API version. 4062 type: string 4063 required: 4064 - fieldPath 4065 type: object 4066 x-kubernetes-map-type: atomic 4067 resourceFieldRef: 4068 description: 'Selects a resource of 4069 the container: only resources limits 4070 and requests (limits.cpu, limits.memory, 4071 limits.ephemeral-storage, requests.cpu, 4072 requests.memory and requests.ephemeral-storage) 4073 are currently supported.' 4074 properties: 4075 containerName: 4076 description: 'Container name: required 4077 for volumes, optional for env 4078 vars' 4079 type: string 4080 divisor: 4081 anyOf: 4082 - type: integer 4083 - type: string 4084 description: Specifies the output 4085 format of the exposed resources, 4086 defaults to "1" 4087 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4088 x-kubernetes-int-or-string: true 4089 resource: 4090 description: 'Required: resource 4091 to select' 4092 type: string 4093 required: 4094 - resource 4095 type: object 4096 x-kubernetes-map-type: atomic 4097 secretKeyRef: 4098 description: Selects a key of a secret 4099 in the pod's namespace 4100 properties: 4101 key: 4102 description: The key of the secret 4103 to select from. Must be a valid 4104 secret key. 4105 type: string 4106 name: 4107 description: 'Name of the referent. 4108 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4109 TODO: Add other useful fields. 4110 apiVersion, kind, uid?' 4111 type: string 4112 optional: 4113 description: Specify whether the 4114 Secret or its key must be defined 4115 type: boolean 4116 required: 4117 - key 4118 type: object 4119 x-kubernetes-map-type: atomic 4120 type: object 4121 required: 4122 - name 4123 type: object 4124 type: array 4125 envFrom: 4126 description: List of sources to populate environment 4127 variables in the container. The keys defined 4128 within a source must be a C_IDENTIFIER. All 4129 invalid keys will be reported as an event when 4130 the container is starting. When a key exists 4131 in multiple sources, the value associated with 4132 the last source will take precedence. Values 4133 defined by an Env with a duplicate key will 4134 take precedence. Cannot be updated. 4135 items: 4136 description: EnvFromSource represents the source 4137 of a set of ConfigMaps 4138 properties: 4139 configMapRef: 4140 description: The ConfigMap to select from 4141 properties: 4142 name: 4143 description: 'Name of the referent. 4144 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4145 TODO: Add other useful fields. apiVersion, 4146 kind, uid?' 4147 type: string 4148 optional: 4149 description: Specify whether the ConfigMap 4150 must be defined 4151 type: boolean 4152 type: object 4153 x-kubernetes-map-type: atomic 4154 prefix: 4155 description: An optional identifier to prepend 4156 to each key in the ConfigMap. Must be 4157 a C_IDENTIFIER. 4158 type: string 4159 secretRef: 4160 description: The Secret to select from 4161 properties: 4162 name: 4163 description: 'Name of the referent. 4164 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4165 TODO: Add other useful fields. apiVersion, 4166 kind, uid?' 4167 type: string 4168 optional: 4169 description: Specify whether the Secret 4170 must be defined 4171 type: boolean 4172 type: object 4173 x-kubernetes-map-type: atomic 4174 type: object 4175 type: array 4176 image: 4177 description: 'Container image name. More info: 4178 https://kubernetes.io/docs/concepts/containers/images 4179 This field is optional to allow higher level 4180 config management to default or override container 4181 images in workload controllers like Deployments 4182 and StatefulSets.' 4183 type: string 4184 imagePullPolicy: 4185 description: 'Image pull policy. One of Always, 4186 Never, IfNotPresent. Defaults to Always if :latest 4187 tag is specified, or IfNotPresent otherwise. 4188 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4189 type: string 4190 lifecycle: 4191 description: Actions that the management system 4192 should take in response to container lifecycle 4193 events. Cannot be updated. 4194 properties: 4195 postStart: 4196 description: 'PostStart is called immediately 4197 after a container is created. If the handler 4198 fails, the container is terminated and restarted 4199 according to its restart policy. Other management 4200 of the container blocks until the hook completes. 4201 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4202 properties: 4203 exec: 4204 description: Exec specifies the action 4205 to take. 4206 properties: 4207 command: 4208 description: Command is the command 4209 line to execute inside the container, 4210 the working directory for the command is 4211 root ('/') in the container's filesystem. 4212 The command is simply exec'd, it 4213 is not run inside a shell, so traditional 4214 shell instructions ('|', etc) won't 4215 work. To use a shell, you need to 4216 explicitly call out to that shell. 4217 Exit status of 0 is treated as live/healthy 4218 and non-zero is unhealthy. 4219 items: 4220 type: string 4221 type: array 4222 type: object 4223 httpGet: 4224 description: HTTPGet specifies the http 4225 request to perform. 4226 properties: 4227 host: 4228 description: Host name to connect 4229 to, defaults to the pod IP. You 4230 probably want to set "Host" in httpHeaders 4231 instead. 4232 type: string 4233 httpHeaders: 4234 description: Custom headers to set 4235 in the request. HTTP allows repeated 4236 headers. 4237 items: 4238 description: HTTPHeader describes 4239 a custom header to be used in 4240 HTTP probes 4241 properties: 4242 name: 4243 description: The header field 4244 name. This will be canonicalized 4245 upon output, so case-variant 4246 names will be understood as 4247 the same header. 4248 type: string 4249 value: 4250 description: The header field 4251 value 4252 type: string 4253 required: 4254 - name 4255 - value 4256 type: object 4257 type: array 4258 path: 4259 description: Path to access on the 4260 HTTP server. 4261 type: string 4262 port: 4263 anyOf: 4264 - type: integer 4265 - type: string 4266 description: Name or number of the 4267 port to access on the container. 4268 Number must be in the range 1 to 4269 65535. Name must be an IANA_SVC_NAME. 4270 x-kubernetes-int-or-string: true 4271 scheme: 4272 description: Scheme to use for connecting 4273 to the host. Defaults to HTTP. 4274 type: string 4275 required: 4276 - port 4277 type: object 4278 tcpSocket: 4279 description: Deprecated. TCPSocket is 4280 NOT supported as a LifecycleHandler 4281 and kept for the backward compatibility. 4282 There are no validation of this field 4283 and lifecycle hooks will fail in runtime 4284 when tcp handler is specified. 4285 properties: 4286 host: 4287 description: 'Optional: Host name 4288 to connect to, defaults to the pod 4289 IP.' 4290 type: string 4291 port: 4292 anyOf: 4293 - type: integer 4294 - type: string 4295 description: Number or name of the 4296 port to access on the container. 4297 Number must be in the range 1 to 4298 65535. Name must be an IANA_SVC_NAME. 4299 x-kubernetes-int-or-string: true 4300 required: 4301 - port 4302 type: object 4303 type: object 4304 preStop: 4305 description: PreStop is called immediately 4306 before a container is terminated due to 4307 an API request or management event such 4308 as liveness/startup probe failure, preemption, 4309 resource contention, etc. The handler is 4310 not called if the container crashes or exits. 4311 The Pod's termination grace period countdown 4312 begins before the PreStop hook is executed. 4313 properties: 4314 exec: 4315 description: Exec specifies the action 4316 to take. 4317 properties: 4318 command: 4319 description: Command is the command 4320 line to execute inside the container, 4321 the working directory for the command is 4322 root ('/') in the container's filesystem. 4323 The command is simply exec'd, it 4324 is not run inside a shell, so traditional 4325 shell instructions ('|', etc) won't 4326 work. To use a shell, you need to 4327 explicitly call out to that shell. 4328 Exit status of 0 is treated as live/healthy 4329 and non-zero is unhealthy. 4330 items: 4331 type: string 4332 type: array 4333 type: object 4334 httpGet: 4335 description: HTTPGet specifies the http 4336 request to perform. 4337 properties: 4338 host: 4339 description: Host name to connect 4340 to, defaults to the pod IP. You 4341 probably want to set "Host" in httpHeaders 4342 instead. 4343 type: string 4344 httpHeaders: 4345 description: Custom headers to set 4346 in the request. HTTP allows repeated 4347 headers. 4348 items: 4349 description: HTTPHeader describes 4350 a custom header to be used in 4351 HTTP probes 4352 properties: 4353 name: 4354 description: The header field 4355 name. This will be canonicalized 4356 upon output, so case-variant 4357 names will be understood as 4358 the same header. 4359 type: string 4360 value: 4361 description: The header field 4362 value 4363 type: string 4364 required: 4365 - name 4366 - value 4367 type: object 4368 type: array 4369 path: 4370 description: Path to access on the 4371 HTTP server. 4372 type: string 4373 port: 4374 anyOf: 4375 - type: integer 4376 - type: string 4377 description: Name or number of the 4378 port to access on the container. 4379 Number must be in the range 1 to 4380 65535. Name must be an IANA_SVC_NAME. 4381 x-kubernetes-int-or-string: true 4382 scheme: 4383 description: Scheme to use for connecting 4384 to the host. Defaults to HTTP. 4385 type: string 4386 required: 4387 - port 4388 type: object 4389 tcpSocket: 4390 description: Deprecated. TCPSocket is 4391 NOT supported as a LifecycleHandler 4392 and kept for the backward compatibility. 4393 There are no validation of this field 4394 and lifecycle hooks will fail in runtime 4395 when tcp handler is specified. 4396 properties: 4397 host: 4398 description: 'Optional: Host name 4399 to connect to, defaults to the pod 4400 IP.' 4401 type: string 4402 port: 4403 anyOf: 4404 - type: integer 4405 - type: string 4406 description: Number or name of the 4407 port to access on the container. 4408 Number must be in the range 1 to 4409 65535. Name must be an IANA_SVC_NAME. 4410 x-kubernetes-int-or-string: true 4411 required: 4412 - port 4413 type: object 4414 type: object 4415 type: object 4416 livenessProbe: 4417 description: 'Periodic probe of container liveness. 4418 Container will be restarted if the probe fails. 4419 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4420 properties: 4421 exec: 4422 description: Exec specifies the action to 4423 take. 4424 properties: 4425 command: 4426 description: Command is the command line 4427 to execute inside the container, the 4428 working directory for the command is 4429 root ('/') in the container's filesystem. 4430 The command is simply exec'd, it is 4431 not run inside a shell, so traditional 4432 shell instructions ('|', etc) won't 4433 work. To use a shell, you need to explicitly 4434 call out to that shell. Exit status 4435 of 0 is treated as live/healthy and 4436 non-zero is unhealthy. 4437 items: 4438 type: string 4439 type: array 4440 type: object 4441 failureThreshold: 4442 description: Minimum consecutive failures 4443 for the probe to be considered failed after 4444 having succeeded. Defaults to 3. Minimum 4445 value is 1. 4446 format: int32 4447 type: integer 4448 grpc: 4449 description: GRPC specifies an action involving 4450 a GRPC port. 4451 properties: 4452 port: 4453 description: Port number of the gRPC service. 4454 Number must be in the range 1 to 65535. 4455 format: int32 4456 type: integer 4457 service: 4458 description: "Service is the name of the 4459 service to place in the gRPC HealthCheckRequest 4460 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4461 \n If this is not specified, the default 4462 behavior is defined by gRPC." 4463 type: string 4464 required: 4465 - port 4466 type: object 4467 httpGet: 4468 description: HTTPGet specifies the http request 4469 to perform. 4470 properties: 4471 host: 4472 description: Host name to connect to, 4473 defaults to the pod IP. You probably 4474 want to set "Host" in httpHeaders instead. 4475 type: string 4476 httpHeaders: 4477 description: Custom headers to set in 4478 the request. HTTP allows repeated headers. 4479 items: 4480 description: HTTPHeader describes a 4481 custom header to be used in HTTP probes 4482 properties: 4483 name: 4484 description: The header field name. 4485 This will be canonicalized upon 4486 output, so case-variant names 4487 will be understood as the same 4488 header. 4489 type: string 4490 value: 4491 description: The header field value 4492 type: string 4493 required: 4494 - name 4495 - value 4496 type: object 4497 type: array 4498 path: 4499 description: Path to access on the HTTP 4500 server. 4501 type: string 4502 port: 4503 anyOf: 4504 - type: integer 4505 - type: string 4506 description: Name or number of the port 4507 to access on the container. Number must 4508 be in the range 1 to 65535. Name must 4509 be an IANA_SVC_NAME. 4510 x-kubernetes-int-or-string: true 4511 scheme: 4512 description: Scheme to use for connecting 4513 to the host. Defaults to HTTP. 4514 type: string 4515 required: 4516 - port 4517 type: object 4518 initialDelaySeconds: 4519 description: 'Number of seconds after the 4520 container has started before liveness probes 4521 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4522 format: int32 4523 type: integer 4524 periodSeconds: 4525 description: How often (in seconds) to perform 4526 the probe. Default to 10 seconds. Minimum 4527 value is 1. 4528 format: int32 4529 type: integer 4530 successThreshold: 4531 description: Minimum consecutive successes 4532 for the probe to be considered successful 4533 after having failed. Defaults to 1. Must 4534 be 1 for liveness and startup. Minimum value 4535 is 1. 4536 format: int32 4537 type: integer 4538 tcpSocket: 4539 description: TCPSocket specifies an action 4540 involving a TCP port. 4541 properties: 4542 host: 4543 description: 'Optional: Host name to connect 4544 to, defaults to the pod IP.' 4545 type: string 4546 port: 4547 anyOf: 4548 - type: integer 4549 - type: string 4550 description: Number or name of the port 4551 to access on the container. Number must 4552 be in the range 1 to 65535. Name must 4553 be an IANA_SVC_NAME. 4554 x-kubernetes-int-or-string: true 4555 required: 4556 - port 4557 type: object 4558 terminationGracePeriodSeconds: 4559 description: Optional duration in seconds 4560 the pod needs to terminate gracefully upon 4561 probe failure. The grace period is the duration 4562 in seconds after the processes running in 4563 the pod are sent a termination signal and 4564 the time when the processes are forcibly 4565 halted with a kill signal. Set this value 4566 longer than the expected cleanup time for 4567 your process. 4568 format: int64 4569 type: integer 4570 timeoutSeconds: 4571 description: 'Number of seconds after which 4572 the probe times out. Defaults to 1 second. 4573 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4574 format: int32 4575 type: integer 4576 type: object 4577 name: 4578 description: Name of the container specified as 4579 a DNS_LABEL. Each container in a pod must have 4580 a unique name (DNS_LABEL). Cannot be updated. 4581 type: string 4582 ports: 4583 description: List of ports to expose from the 4584 container. Not specifying a port here DOES NOT 4585 prevent that port from being exposed. Any port 4586 which is listening on the default "0.0.0.0" 4587 address inside a container will be accessible 4588 from the network. Modifying this array with 4589 strategic merge patch may corrupt the data. 4590 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 4591 items: 4592 description: ContainerPort represents a network 4593 port in a single container. 4594 properties: 4595 containerPort: 4596 description: Number of port to expose on 4597 the pod's IP address. This must be a valid 4598 port number, 0 < x < 65536. 4599 format: int32 4600 type: integer 4601 hostIP: 4602 description: What host IP to bind the external 4603 port to. 4604 type: string 4605 hostPort: 4606 description: Number of port to expose on 4607 the host. If specified, this must be a 4608 valid port number, 0 < x < 65536. If HostNetwork 4609 is specified, this must match ContainerPort. 4610 Most containers do not need this. 4611 format: int32 4612 type: integer 4613 name: 4614 description: If specified, this must be 4615 an IANA_SVC_NAME and unique within the 4616 pod. Each named port in a pod must have 4617 a unique name. Name for the port that 4618 can be referred to by services. 4619 type: string 4620 protocol: 4621 default: TCP 4622 description: Protocol for port. Must be 4623 UDP, TCP, or SCTP. Defaults to "TCP". 4624 type: string 4625 required: 4626 - containerPort 4627 type: object 4628 type: array 4629 x-kubernetes-list-map-keys: 4630 - containerPort 4631 - protocol 4632 x-kubernetes-list-type: map 4633 readinessProbe: 4634 description: 'Periodic probe of container service 4635 readiness. Container will be removed from service 4636 endpoints if the probe fails. Cannot be updated. 4637 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4638 properties: 4639 exec: 4640 description: Exec specifies the action to 4641 take. 4642 properties: 4643 command: 4644 description: Command is the command line 4645 to execute inside the container, the 4646 working directory for the command is 4647 root ('/') in the container's filesystem. 4648 The command is simply exec'd, it is 4649 not run inside a shell, so traditional 4650 shell instructions ('|', etc) won't 4651 work. To use a shell, you need to explicitly 4652 call out to that shell. Exit status 4653 of 0 is treated as live/healthy and 4654 non-zero is unhealthy. 4655 items: 4656 type: string 4657 type: array 4658 type: object 4659 failureThreshold: 4660 description: Minimum consecutive failures 4661 for the probe to be considered failed after 4662 having succeeded. Defaults to 3. Minimum 4663 value is 1. 4664 format: int32 4665 type: integer 4666 grpc: 4667 description: GRPC specifies an action involving 4668 a GRPC port. 4669 properties: 4670 port: 4671 description: Port number of the gRPC service. 4672 Number must be in the range 1 to 65535. 4673 format: int32 4674 type: integer 4675 service: 4676 description: "Service is the name of the 4677 service to place in the gRPC HealthCheckRequest 4678 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4679 \n If this is not specified, the default 4680 behavior is defined by gRPC." 4681 type: string 4682 required: 4683 - port 4684 type: object 4685 httpGet: 4686 description: HTTPGet specifies the http request 4687 to perform. 4688 properties: 4689 host: 4690 description: Host name to connect to, 4691 defaults to the pod IP. You probably 4692 want to set "Host" in httpHeaders instead. 4693 type: string 4694 httpHeaders: 4695 description: Custom headers to set in 4696 the request. HTTP allows repeated headers. 4697 items: 4698 description: HTTPHeader describes a 4699 custom header to be used in HTTP probes 4700 properties: 4701 name: 4702 description: The header field name. 4703 This will be canonicalized upon 4704 output, so case-variant names 4705 will be understood as the same 4706 header. 4707 type: string 4708 value: 4709 description: The header field value 4710 type: string 4711 required: 4712 - name 4713 - value 4714 type: object 4715 type: array 4716 path: 4717 description: Path to access on the HTTP 4718 server. 4719 type: string 4720 port: 4721 anyOf: 4722 - type: integer 4723 - type: string 4724 description: Name or number of the port 4725 to access on the container. Number must 4726 be in the range 1 to 65535. Name must 4727 be an IANA_SVC_NAME. 4728 x-kubernetes-int-or-string: true 4729 scheme: 4730 description: Scheme to use for connecting 4731 to the host. Defaults to HTTP. 4732 type: string 4733 required: 4734 - port 4735 type: object 4736 initialDelaySeconds: 4737 description: 'Number of seconds after the 4738 container has started before liveness probes 4739 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4740 format: int32 4741 type: integer 4742 periodSeconds: 4743 description: How often (in seconds) to perform 4744 the probe. Default to 10 seconds. Minimum 4745 value is 1. 4746 format: int32 4747 type: integer 4748 successThreshold: 4749 description: Minimum consecutive successes 4750 for the probe to be considered successful 4751 after having failed. Defaults to 1. Must 4752 be 1 for liveness and startup. Minimum value 4753 is 1. 4754 format: int32 4755 type: integer 4756 tcpSocket: 4757 description: TCPSocket specifies an action 4758 involving a TCP port. 4759 properties: 4760 host: 4761 description: 'Optional: Host name to connect 4762 to, defaults to the pod IP.' 4763 type: string 4764 port: 4765 anyOf: 4766 - type: integer 4767 - type: string 4768 description: Number or name of the port 4769 to access on the container. Number must 4770 be in the range 1 to 65535. Name must 4771 be an IANA_SVC_NAME. 4772 x-kubernetes-int-or-string: true 4773 required: 4774 - port 4775 type: object 4776 terminationGracePeriodSeconds: 4777 description: Optional duration in seconds 4778 the pod needs to terminate gracefully upon 4779 probe failure. The grace period is the duration 4780 in seconds after the processes running in 4781 the pod are sent a termination signal and 4782 the time when the processes are forcibly 4783 halted with a kill signal. Set this value 4784 longer than the expected cleanup time for 4785 your process. 4786 format: int64 4787 type: integer 4788 timeoutSeconds: 4789 description: 'Number of seconds after which 4790 the probe times out. Defaults to 1 second. 4791 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4792 format: int32 4793 type: integer 4794 type: object 4795 resizePolicy: 4796 description: Resources resize policy for the container. 4797 items: 4798 description: ContainerResizePolicy represents 4799 resource resize policy for the container. 4800 properties: 4801 resourceName: 4802 description: 'Name of the resource to which 4803 this resource resize policy applies. Supported 4804 values: cpu, memory.' 4805 type: string 4806 restartPolicy: 4807 description: Restart policy to apply when 4808 specified resource is resized. If not 4809 specified, it defaults to NotRequired. 4810 type: string 4811 required: 4812 - resourceName 4813 - restartPolicy 4814 type: object 4815 type: array 4816 x-kubernetes-list-type: atomic 4817 resources: 4818 description: 'Compute Resources required by this 4819 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4820 properties: 4821 claims: 4822 description: "Claims lists the names of resources, 4823 defined in spec.resourceClaims, that are 4824 used by this container. \n This is an alpha 4825 field and requires enabling the DynamicResourceAllocation 4826 feature gate. \n This field is immutable. 4827 It can only be set for containers." 4828 items: 4829 description: ResourceClaim references one 4830 entry in PodSpec.ResourceClaims. 4831 properties: 4832 name: 4833 description: Name must match the name 4834 of one entry in pod.spec.resourceClaims 4835 of the Pod where this field is used. 4836 It makes that resource available inside 4837 a container. 4838 type: string 4839 required: 4840 - name 4841 type: object 4842 type: array 4843 x-kubernetes-list-map-keys: 4844 - name 4845 x-kubernetes-list-type: map 4846 limits: 4847 additionalProperties: 4848 anyOf: 4849 - type: integer 4850 - type: string 4851 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4852 x-kubernetes-int-or-string: true 4853 description: 'Limits describes the maximum 4854 amount of compute resources allowed. More 4855 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4856 type: object 4857 requests: 4858 additionalProperties: 4859 anyOf: 4860 - type: integer 4861 - type: string 4862 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4863 x-kubernetes-int-or-string: true 4864 description: 'Requests describes the minimum 4865 amount of compute resources required. If 4866 Requests is omitted for a container, it 4867 defaults to Limits if that is explicitly 4868 specified, otherwise to an implementation-defined 4869 value. Requests cannot exceed Limits. More 4870 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4871 type: object 4872 type: object 4873 securityContext: 4874 description: 'SecurityContext defines the security 4875 options the container should be run with. If 4876 set, the fields of SecurityContext override 4877 the equivalent fields of PodSecurityContext. 4878 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 4879 properties: 4880 allowPrivilegeEscalation: 4881 description: 'AllowPrivilegeEscalation controls 4882 whether a process can gain more privileges 4883 than its parent process. This bool directly 4884 controls if the no_new_privs flag will be 4885 set on the container process. AllowPrivilegeEscalation 4886 is true always when the container is: 1) 4887 run as Privileged 2) has CAP_SYS_ADMIN Note 4888 that this field cannot be set when spec.os.name 4889 is windows.' 4890 type: boolean 4891 capabilities: 4892 description: The capabilities to add/drop 4893 when running containers. Defaults to the 4894 default set of capabilities granted by the 4895 container runtime. Note that this field 4896 cannot be set when spec.os.name is windows. 4897 properties: 4898 add: 4899 description: Added capabilities 4900 items: 4901 description: Capability represent POSIX 4902 capabilities type 4903 type: string 4904 type: array 4905 drop: 4906 description: Removed capabilities 4907 items: 4908 description: Capability represent POSIX 4909 capabilities type 4910 type: string 4911 type: array 4912 type: object 4913 privileged: 4914 description: Run container in privileged mode. 4915 Processes in privileged containers are essentially 4916 equivalent to root on the host. Defaults 4917 to false. Note that this field cannot be 4918 set when spec.os.name is windows. 4919 type: boolean 4920 procMount: 4921 description: procMount denotes the type of 4922 proc mount to use for the containers. The 4923 default is DefaultProcMount which uses the 4924 container runtime defaults for readonly 4925 paths and masked paths. This requires the 4926 ProcMountType feature flag to be enabled. 4927 Note that this field cannot be set when 4928 spec.os.name is windows. 4929 type: string 4930 readOnlyRootFilesystem: 4931 description: Whether this container has a 4932 read-only root filesystem. Default is false. 4933 Note that this field cannot be set when 4934 spec.os.name is windows. 4935 type: boolean 4936 runAsGroup: 4937 description: The GID to run the entrypoint 4938 of the container process. Uses runtime default 4939 if unset. May also be set in PodSecurityContext. If 4940 set in both SecurityContext and PodSecurityContext, 4941 the value specified in SecurityContext takes 4942 precedence. Note that this field cannot 4943 be set when spec.os.name is windows. 4944 format: int64 4945 type: integer 4946 runAsNonRoot: 4947 description: Indicates that the container 4948 must run as a non-root user. If true, the 4949 Kubelet will validate the image at runtime 4950 to ensure that it does not run as UID 0 4951 (root) and fail to start the container if 4952 it does. If unset or false, no such validation 4953 will be performed. May also be set in PodSecurityContext. 4954 type: boolean 4955 runAsUser: 4956 description: The UID to run the entrypoint 4957 of the container process. Defaults to user 4958 specified in image metadata if unspecified. 4959 May also be set in PodSecurityContext. If 4960 set in both SecurityContext and PodSecurityContext, 4961 the value specified in SecurityContext takes 4962 precedence. Note that this field cannot 4963 be set when spec.os.name is windows. 4964 format: int64 4965 type: integer 4966 seLinuxOptions: 4967 description: The SELinux context to be applied 4968 to the container. If unspecified, the container 4969 runtime will allocate a random SELinux context 4970 for each container. May also be set in 4971 PodSecurityContext. If set in both SecurityContext 4972 and PodSecurityContext, the value specified 4973 in SecurityContext takes precedence. Note 4974 that this field cannot be set when spec.os.name 4975 is windows. 4976 properties: 4977 level: 4978 description: Level is SELinux level label 4979 that applies to the container. 4980 type: string 4981 role: 4982 description: Role is a SELinux role label 4983 that applies to the container. 4984 type: string 4985 type: 4986 description: Type is a SELinux type label 4987 that applies to the container. 4988 type: string 4989 user: 4990 description: User is a SELinux user label 4991 that applies to the container. 4992 type: string 4993 type: object 4994 seccompProfile: 4995 description: The seccomp options to use by 4996 this container. If seccomp options are provided 4997 at both the pod & container level, the container 4998 options override the pod options. Note that 4999 this field cannot be set when spec.os.name 5000 is windows. 5001 properties: 5002 localhostProfile: 5003 description: localhostProfile indicates 5004 a profile defined in a file on the node 5005 should be used. The profile must be 5006 preconfigured on the node to work. Must 5007 be a descending path, relative to the 5008 kubelet's configured seccomp profile 5009 location. Must only be set if type is 5010 "Localhost". 5011 type: string 5012 type: 5013 description: "type indicates which kind 5014 of seccomp profile will be applied. 5015 Valid options are: \n Localhost - a 5016 profile defined in a file on the node 5017 should be used. RuntimeDefault - the 5018 container runtime default profile should 5019 be used. Unconfined - no profile should 5020 be applied." 5021 type: string 5022 required: 5023 - type 5024 type: object 5025 windowsOptions: 5026 description: The Windows specific settings 5027 applied to all containers. If unspecified, 5028 the options from the PodSecurityContext 5029 will be used. If set in both SecurityContext 5030 and PodSecurityContext, the value specified 5031 in SecurityContext takes precedence. Note 5032 that this field cannot be set when spec.os.name 5033 is linux. 5034 properties: 5035 gmsaCredentialSpec: 5036 description: GMSACredentialSpec is where 5037 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5038 inlines the contents of the GMSA credential 5039 spec named by the GMSACredentialSpecName 5040 field. 5041 type: string 5042 gmsaCredentialSpecName: 5043 description: GMSACredentialSpecName is 5044 the name of the GMSA credential spec 5045 to use. 5046 type: string 5047 hostProcess: 5048 description: HostProcess determines if 5049 a container should be run as a 'Host 5050 Process' container. This field is alpha-level 5051 and will only be honored by components 5052 that enable the WindowsHostProcessContainers 5053 feature flag. Setting this field without 5054 the feature flag will result in errors 5055 when validating the Pod. 5056 type: boolean 5057 runAsUserName: 5058 description: The UserName in Windows to 5059 run the entrypoint of the container 5060 process. Defaults to the user specified 5061 in image metadata if unspecified. May 5062 also be set in PodSecurityContext. If 5063 set in both SecurityContext and PodSecurityContext, 5064 the value specified in SecurityContext 5065 takes precedence. 5066 type: string 5067 type: object 5068 type: object 5069 startupProbe: 5070 description: StartupProbe indicates that the Pod 5071 has successfully initialized. If specified, 5072 no other probes are executed until this completes 5073 successfully. If this probe fails, the Pod will 5074 be restarted, just as if the livenessProbe failed. 5075 properties: 5076 exec: 5077 description: Exec specifies the action to 5078 take. 5079 properties: 5080 command: 5081 description: Command is the command line 5082 to execute inside the container, the 5083 working directory for the command is 5084 root ('/') in the container's filesystem. 5085 The command is simply exec'd, it is 5086 not run inside a shell, so traditional 5087 shell instructions ('|', etc) won't 5088 work. To use a shell, you need to explicitly 5089 call out to that shell. Exit status 5090 of 0 is treated as live/healthy and 5091 non-zero is unhealthy. 5092 items: 5093 type: string 5094 type: array 5095 type: object 5096 failureThreshold: 5097 description: Minimum consecutive failures 5098 for the probe to be considered failed after 5099 having succeeded. Defaults to 3. Minimum 5100 value is 1. 5101 format: int32 5102 type: integer 5103 grpc: 5104 description: GRPC specifies an action involving 5105 a GRPC port. 5106 properties: 5107 port: 5108 description: Port number of the gRPC service. 5109 Number must be in the range 1 to 65535. 5110 format: int32 5111 type: integer 5112 service: 5113 description: "Service is the name of the 5114 service to place in the gRPC HealthCheckRequest 5115 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5116 \n If this is not specified, the default 5117 behavior is defined by gRPC." 5118 type: string 5119 required: 5120 - port 5121 type: object 5122 httpGet: 5123 description: HTTPGet specifies the http request 5124 to perform. 5125 properties: 5126 host: 5127 description: Host name to connect to, 5128 defaults to the pod IP. You probably 5129 want to set "Host" in httpHeaders instead. 5130 type: string 5131 httpHeaders: 5132 description: Custom headers to set in 5133 the request. HTTP allows repeated headers. 5134 items: 5135 description: HTTPHeader describes a 5136 custom header to be used in HTTP probes 5137 properties: 5138 name: 5139 description: The header field name. 5140 This will be canonicalized upon 5141 output, so case-variant names 5142 will be understood as the same 5143 header. 5144 type: string 5145 value: 5146 description: The header field value 5147 type: string 5148 required: 5149 - name 5150 - value 5151 type: object 5152 type: array 5153 path: 5154 description: Path to access on the HTTP 5155 server. 5156 type: string 5157 port: 5158 anyOf: 5159 - type: integer 5160 - type: string 5161 description: Name or number of the port 5162 to access on the container. Number must 5163 be in the range 1 to 65535. Name must 5164 be an IANA_SVC_NAME. 5165 x-kubernetes-int-or-string: true 5166 scheme: 5167 description: Scheme to use for connecting 5168 to the host. Defaults to HTTP. 5169 type: string 5170 required: 5171 - port 5172 type: object 5173 initialDelaySeconds: 5174 description: 'Number of seconds after the 5175 container has started before liveness probes 5176 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5177 format: int32 5178 type: integer 5179 periodSeconds: 5180 description: How often (in seconds) to perform 5181 the probe. Default to 10 seconds. Minimum 5182 value is 1. 5183 format: int32 5184 type: integer 5185 successThreshold: 5186 description: Minimum consecutive successes 5187 for the probe to be considered successful 5188 after having failed. Defaults to 1. Must 5189 be 1 for liveness and startup. Minimum value 5190 is 1. 5191 format: int32 5192 type: integer 5193 tcpSocket: 5194 description: TCPSocket specifies an action 5195 involving a TCP port. 5196 properties: 5197 host: 5198 description: 'Optional: Host name to connect 5199 to, defaults to the pod IP.' 5200 type: string 5201 port: 5202 anyOf: 5203 - type: integer 5204 - type: string 5205 description: Number or name of the port 5206 to access on the container. Number must 5207 be in the range 1 to 65535. Name must 5208 be an IANA_SVC_NAME. 5209 x-kubernetes-int-or-string: true 5210 required: 5211 - port 5212 type: object 5213 terminationGracePeriodSeconds: 5214 description: Optional duration in seconds 5215 the pod needs to terminate gracefully upon 5216 probe failure. The grace period is the duration 5217 in seconds after the processes running in 5218 the pod are sent a termination signal and 5219 the time when the processes are forcibly 5220 halted with a kill signal. Set this value 5221 longer than the expected cleanup time for 5222 your process. 5223 format: int64 5224 type: integer 5225 timeoutSeconds: 5226 description: 'Number of seconds after which 5227 the probe times out. Defaults to 1 second. 5228 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5229 format: int32 5230 type: integer 5231 type: object 5232 stdin: 5233 description: Whether this container should allocate 5234 a buffer for stdin in the container runtime. 5235 If this is not set, reads from stdin in the 5236 container will always result in EOF. Default 5237 is false. 5238 type: boolean 5239 stdinOnce: 5240 description: Whether the container runtime should 5241 close the stdin channel after it has been opened 5242 by a single attach. When stdin is true the stdin 5243 stream will remain open across multiple attach 5244 sessions. 5245 type: boolean 5246 terminationMessagePath: 5247 description: 'Optional: Path at which the file 5248 to which the container''s termination message 5249 will be written is mounted into the container''s 5250 filesystem. Message written is intended to be 5251 brief final status, such as an assertion failure 5252 message. Will be truncated by the node if greater 5253 than 4096 bytes. The total message length across 5254 all containers will be limited to 12kb. Defaults 5255 to /dev/termination-log.' 5256 type: string 5257 terminationMessagePolicy: 5258 description: Indicate how the termination message 5259 should be populated. File will use the contents 5260 of terminationMessagePath to populate the container 5261 status message on both success and failure. 5262 FallbackToLogsOnError will use the last chunk 5263 of container log output if the termination message 5264 file is empty and the container exited with 5265 an error. 5266 type: string 5267 tty: 5268 description: Whether this container should allocate 5269 a TTY for itself, also requires 'stdin' to be 5270 true. Default is false. 5271 type: boolean 5272 volumeDevices: 5273 description: volumeDevices is the list of block 5274 devices to be used by the container. 5275 items: 5276 description: volumeDevice describes a mapping 5277 of a raw block device within a container. 5278 properties: 5279 devicePath: 5280 description: devicePath is the path inside 5281 of the container that the device will 5282 be mapped to. 5283 type: string 5284 name: 5285 description: name must match the name of 5286 a persistentVolumeClaim in the pod 5287 type: string 5288 required: 5289 - devicePath 5290 - name 5291 type: object 5292 type: array 5293 volumeMounts: 5294 description: Pod volumes to mount into the container's 5295 filesystem. Cannot be updated. 5296 items: 5297 description: VolumeMount describes a mounting 5298 of a Volume within a container. 5299 properties: 5300 mountPath: 5301 description: Path within the container at 5302 which the volume should be mounted. Must 5303 not contain ':'. 5304 type: string 5305 mountPropagation: 5306 description: mountPropagation determines 5307 how mounts are propagated from the host 5308 to container and the other way around. 5309 When not set, MountPropagationNone is 5310 used. This field is beta in 1.10. 5311 type: string 5312 name: 5313 description: This must match the Name of 5314 a Volume. 5315 type: string 5316 readOnly: 5317 description: Mounted read-only if true, 5318 read-write otherwise (false or unspecified). 5319 Defaults to false. 5320 type: boolean 5321 subPath: 5322 description: Path within the volume from 5323 which the container's volume should be 5324 mounted. Defaults to "" (volume's root). 5325 type: string 5326 subPathExpr: 5327 description: Expanded path within the volume 5328 from which the container's volume should 5329 be mounted. Behaves similarly to SubPath 5330 but environment variable references $(VAR_NAME) 5331 are expanded using the container's environment. 5332 Defaults to "" (volume's root). SubPathExpr 5333 and SubPath are mutually exclusive. 5334 type: string 5335 required: 5336 - mountPath 5337 - name 5338 type: object 5339 type: array 5340 workingDir: 5341 description: Container's working directory. If 5342 not specified, the container runtime's default 5343 will be used, which might be configured in the 5344 container image. Cannot be updated. 5345 type: string 5346 required: 5347 - name 5348 type: object 5349 type: array 5350 nodeName: 5351 description: NodeName is a request to schedule this 5352 pod onto a specific node. If it is non-empty, the 5353 scheduler simply schedules this pod onto that node, 5354 assuming that it fits resource requirements. 5355 type: string 5356 nodeSelector: 5357 additionalProperties: 5358 type: string 5359 description: 'NodeSelector is a selector which must 5360 be true for the pod to fit on a node. Selector which 5361 must match a node''s labels for the pod to be scheduled 5362 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 5363 type: object 5364 x-kubernetes-map-type: atomic 5365 os: 5366 description: "Specifies the OS of the containers in 5367 the pod. Some pod and container fields are restricted 5368 if this is set. \n If the OS field is set to linux, 5369 the following fields must be unset: -securityContext.windowsOptions 5370 \n If the OS field is set to windows, following fields 5371 must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers 5372 - spec.securityContext.seLinuxOptions - spec.securityContext." 5373 properties: 5374 name: 5375 description: 'Name is the name of the operating 5376 system. The currently supported values are linux 5377 and windows. Additional value may be defined in 5378 future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration 5379 Clients should expect to handle additional values 5380 and treat unrecognized values in this field as 5381 os: null' 5382 type: string 5383 required: 5384 - name 5385 type: object 5386 overhead: 5387 additionalProperties: 5388 anyOf: 5389 - type: integer 5390 - type: string 5391 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5392 x-kubernetes-int-or-string: true 5393 description: Overhead represents the resource overhead 5394 associated with running a pod for a given RuntimeClass. 5395 This field will be autopopulated at admission time 5396 by the RuntimeClass admission controller. If the RuntimeClass 5397 admission controller is enabled, overhead must not 5398 be set in Pod create requests. The RuntimeClass admission 5399 controller will reject Pod create requests which have 5400 the overhead already set. 5401 type: object 5402 preemptionPolicy: 5403 description: PreemptionPolicy is the Policy for preempting 5404 pods with lower priority. One of Never, PreemptLowerPriority. 5405 Defaults to PreemptLowerPriority if unset. 5406 type: string 5407 priority: 5408 description: The priority value. Various system components 5409 use this field to find the priority of the pod. When 5410 Priority Admission Controller is enabled, it prevents 5411 users from setting this field. The admission controller 5412 populates this field from PriorityClassName. The higher 5413 the value, the higher the priority. 5414 format: int32 5415 type: integer 5416 priorityClassName: 5417 description: If specified, indicates the pod's priority. 5418 "system-node-critical" and "system-cluster-critical" 5419 are two special keywords which indicate the highest 5420 priorities with the former being the highest priority. 5421 Any other name must be defined by creating a PriorityClass 5422 object with that name. If not specified, the pod priority 5423 will be default or zero if there is no default. 5424 type: string 5425 readinessGates: 5426 description: 'If specified, all readiness gates will 5427 be evaluated for pod readiness. A pod is ready when 5428 all its containers are ready AND all conditions specified 5429 in the readiness gates have status equal to "True" 5430 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' 5431 items: 5432 description: PodReadinessGate contains the reference 5433 to a pod condition 5434 properties: 5435 conditionType: 5436 description: ConditionType refers to a condition 5437 in the pod's condition list with matching type. 5438 type: string 5439 required: 5440 - conditionType 5441 type: object 5442 type: array 5443 resourceClaims: 5444 description: "ResourceClaims defines which ResourceClaims 5445 must be allocated and reserved before the Pod is allowed 5446 to start. The resources will be made available to 5447 those containers which consume them by name. \n This 5448 is an alpha field and requires enabling the DynamicResourceAllocation 5449 feature gate. \n This field is immutable." 5450 items: 5451 description: PodResourceClaim references exactly one 5452 ResourceClaim through a ClaimSource. It adds a name 5453 to it that uniquely identifies the ResourceClaim 5454 inside the Pod. Containers that need access to the 5455 ResourceClaim reference it with this name. 5456 properties: 5457 name: 5458 description: Name uniquely identifies this resource 5459 claim inside the pod. This must be a DNS_LABEL. 5460 type: string 5461 source: 5462 description: Source describes where to find the 5463 ResourceClaim. 5464 properties: 5465 resourceClaimName: 5466 description: ResourceClaimName is the name 5467 of a ResourceClaim object in the same namespace 5468 as this pod. 5469 type: string 5470 resourceClaimTemplateName: 5471 description: "ResourceClaimTemplateName is 5472 the name of a ResourceClaimTemplate object 5473 in the same namespace as this pod. \n The 5474 template will be used to create a new ResourceClaim, 5475 which will be bound to this pod. When this 5476 pod is deleted, the ResourceClaim will also 5477 be deleted. The name of the ResourceClaim 5478 will be <pod name>-<resource name>, where 5479 <resource name> is the PodResourceClaim.Name." 5480 type: string 5481 type: object 5482 required: 5483 - name 5484 type: object 5485 type: array 5486 x-kubernetes-list-map-keys: 5487 - name 5488 x-kubernetes-list-type: map 5489 restartPolicy: 5490 description: 'Restart policy for all containers within 5491 the pod. One of Always, OnFailure, Never. In some 5492 contexts, only a subset of those values may be permitted. 5493 Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 5494 type: string 5495 runtimeClassName: 5496 description: 'RuntimeClassName refers to a RuntimeClass 5497 object in the node.k8s.io group, which should be used 5498 to run this pod. If no RuntimeClass resource matches 5499 the named class, the pod will not be run. If unset 5500 or empty, the "legacy" RuntimeClass will be used, 5501 which is an implicit class with an empty definition 5502 that uses the default runtime handler. More info: 5503 https://git.k8s.' 5504 type: string 5505 schedulerName: 5506 description: If specified, the pod will be dispatched 5507 by specified scheduler. If not specified, the pod 5508 will be dispatched by default scheduler. 5509 type: string 5510 schedulingGates: 5511 description: "SchedulingGates is an opaque list of values 5512 that if specified will block scheduling the pod. If 5513 schedulingGates is not empty, the pod will stay in 5514 the SchedulingGated state and the scheduler will not 5515 attempt to schedule the pod. \n SchedulingGates can 5516 only be set at pod creation time, and be removed only 5517 afterwards. \n This is a beta feature enabled by the 5518 PodSchedulingReadiness feature gate." 5519 items: 5520 description: PodSchedulingGate is associated to a 5521 Pod to guard its scheduling. 5522 properties: 5523 name: 5524 description: Name of the scheduling gate. Each 5525 scheduling gate must have a unique name field. 5526 type: string 5527 required: 5528 - name 5529 type: object 5530 type: array 5531 x-kubernetes-list-map-keys: 5532 - name 5533 x-kubernetes-list-type: map 5534 securityContext: 5535 description: 'SecurityContext holds pod-level security 5536 attributes and common container settings. Optional: 5537 Defaults to empty. See type description for default 5538 values of each field.' 5539 properties: 5540 fsGroup: 5541 description: "A special supplemental group that 5542 applies to all containers in a pod. Some volume 5543 types allow the Kubelet to change the ownership 5544 of that volume to be owned by the pod: \n 1. The 5545 owning GID will be the FSGroup 2. The setgid bit 5546 is set (new files created in the volume will be 5547 owned by FSGroup) 3." 5548 format: int64 5549 type: integer 5550 fsGroupChangePolicy: 5551 description: 'fsGroupChangePolicy defines behavior 5552 of changing ownership and permission of the volume 5553 before being exposed inside Pod. This field will 5554 only apply to volume types which support fsGroup 5555 based ownership(and permissions). It will have 5556 no effect on ephemeral volume types such as: secret, 5557 configmaps and emptydir. Valid values are "OnRootMismatch" 5558 and "Always". If not specified, "Always" is used.' 5559 type: string 5560 runAsGroup: 5561 description: The GID to run the entrypoint of the 5562 container process. Uses runtime default if unset. 5563 May also be set in SecurityContext. If set in 5564 both SecurityContext and PodSecurityContext, the 5565 value specified in SecurityContext takes precedence 5566 for that container. Note that this field cannot 5567 be set when spec.os.name is windows. 5568 format: int64 5569 type: integer 5570 runAsNonRoot: 5571 description: Indicates that the container must run 5572 as a non-root user. If true, the Kubelet will 5573 validate the image at runtime to ensure that it 5574 does not run as UID 0 (root) and fail to start 5575 the container if it does. If unset or false, no 5576 such validation will be performed. May also be 5577 set in SecurityContext. 5578 type: boolean 5579 runAsUser: 5580 description: The UID to run the entrypoint of the 5581 container process. Defaults to user specified 5582 in image metadata if unspecified. May also be 5583 set in SecurityContext. If set in both SecurityContext 5584 and PodSecurityContext, the value specified in 5585 SecurityContext takes precedence for that container. 5586 Note that this field cannot be set when spec.os.name 5587 is windows. 5588 format: int64 5589 type: integer 5590 seLinuxOptions: 5591 description: The SELinux context to be applied to 5592 all containers. If unspecified, the container 5593 runtime will allocate a random SELinux context 5594 for each container. May also be set in SecurityContext. If 5595 set in both SecurityContext and PodSecurityContext, 5596 the value specified in SecurityContext takes precedence 5597 for that container. Note that this field cannot 5598 be set when spec.os.name is windows. 5599 properties: 5600 level: 5601 description: Level is SELinux level label that 5602 applies to the container. 5603 type: string 5604 role: 5605 description: Role is a SELinux role label that 5606 applies to the container. 5607 type: string 5608 type: 5609 description: Type is a SELinux type label that 5610 applies to the container. 5611 type: string 5612 user: 5613 description: User is a SELinux user label that 5614 applies to the container. 5615 type: string 5616 type: object 5617 seccompProfile: 5618 description: The seccomp options to use by the containers 5619 in this pod. Note that this field cannot be set 5620 when spec.os.name is windows. 5621 properties: 5622 localhostProfile: 5623 description: localhostProfile indicates a profile 5624 defined in a file on the node should be used. 5625 The profile must be preconfigured on the node 5626 to work. Must be a descending path, relative 5627 to the kubelet's configured seccomp profile 5628 location. Must only be set if type is "Localhost". 5629 type: string 5630 type: 5631 description: "type indicates which kind of seccomp 5632 profile will be applied. Valid options are: 5633 \n Localhost - a profile defined in a file 5634 on the node should be used. RuntimeDefault 5635 - the container runtime default profile should 5636 be used. Unconfined - no profile should be 5637 applied." 5638 type: string 5639 required: 5640 - type 5641 type: object 5642 supplementalGroups: 5643 description: A list of groups applied to the first 5644 process run in each container, in addition to 5645 the container's primary GID, the fsGroup (if specified), 5646 and group memberships defined in the container 5647 image for the uid of the container process. If 5648 unspecified, no additional groups are added to 5649 any container. 5650 items: 5651 format: int64 5652 type: integer 5653 type: array 5654 sysctls: 5655 description: Sysctls hold a list of namespaced sysctls 5656 used for the pod. Pods with unsupported sysctls 5657 (by the container runtime) might fail to launch. 5658 Note that this field cannot be set when spec.os.name 5659 is windows. 5660 items: 5661 description: Sysctl defines a kernel parameter 5662 to be set 5663 properties: 5664 name: 5665 description: Name of a property to set 5666 type: string 5667 value: 5668 description: Value of a property to set 5669 type: string 5670 required: 5671 - name 5672 - value 5673 type: object 5674 type: array 5675 windowsOptions: 5676 description: The Windows specific settings applied 5677 to all containers. If unspecified, the options 5678 within a container's SecurityContext will be used. 5679 If set in both SecurityContext and PodSecurityContext, 5680 the value specified in SecurityContext takes precedence. 5681 Note that this field cannot be set when spec.os.name 5682 is linux. 5683 properties: 5684 gmsaCredentialSpec: 5685 description: GMSACredentialSpec is where the 5686 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5687 inlines the contents of the GMSA credential 5688 spec named by the GMSACredentialSpecName field. 5689 type: string 5690 gmsaCredentialSpecName: 5691 description: GMSACredentialSpecName is the name 5692 of the GMSA credential spec to use. 5693 type: string 5694 hostProcess: 5695 description: HostProcess determines if a container 5696 should be run as a 'Host Process' container. 5697 This field is alpha-level and will only be 5698 honored by components that enable the WindowsHostProcessContainers 5699 feature flag. Setting this field without the 5700 feature flag will result in errors when validating 5701 the Pod. 5702 type: boolean 5703 runAsUserName: 5704 description: The UserName in Windows to run 5705 the entrypoint of the container process. Defaults 5706 to the user specified in image metadata if 5707 unspecified. May also be set in PodSecurityContext. 5708 If set in both SecurityContext and PodSecurityContext, 5709 the value specified in SecurityContext takes 5710 precedence. 5711 type: string 5712 type: object 5713 type: object 5714 serviceAccount: 5715 description: 'DeprecatedServiceAccount is a depreciated 5716 alias for ServiceAccountName. Deprecated: Use serviceAccountName 5717 instead.' 5718 type: string 5719 serviceAccountName: 5720 description: 'ServiceAccountName is the name of the 5721 ServiceAccount to use to run this pod. More info: 5722 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 5723 type: string 5724 setHostnameAsFQDN: 5725 description: If true the pod's hostname will be configured 5726 as the pod's FQDN, rather than the leaf name (the 5727 default). In Linux containers, this means setting 5728 the FQDN in the hostname field of the kernel (the 5729 nodename field of struct utsname). 5730 type: boolean 5731 shareProcessNamespace: 5732 description: 'Share a single process namespace between 5733 all of the containers in a pod. When this is set containers 5734 will be able to view and signal processes from other 5735 containers in the same pod, and the first process 5736 in each container will not be assigned PID 1. HostPID 5737 and ShareProcessNamespace cannot both be set. Optional: 5738 Default to false.' 5739 type: boolean 5740 subdomain: 5741 description: If specified, the fully qualified Pod hostname 5742 will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 5743 domain>". If not specified, the pod will not have 5744 a domainname at all. 5745 type: string 5746 terminationGracePeriodSeconds: 5747 description: Optional duration in seconds the pod needs 5748 to terminate gracefully. May be decreased in delete 5749 request. Value must be non-negative integer. The value 5750 zero indicates stop immediately via the kill signal 5751 (no opportunity to shut down). If this value is nil, 5752 the default grace period will be used instead. 5753 format: int64 5754 type: integer 5755 tolerations: 5756 description: If specified, the pod's tolerations. 5757 items: 5758 description: The pod this Toleration is attached to 5759 tolerates any taint that matches the triple <key,value,effect> 5760 using the matching operator <operator>. 5761 properties: 5762 effect: 5763 description: Effect indicates the taint effect 5764 to match. Empty means match all taint effects. 5765 When specified, allowed values are NoSchedule, 5766 PreferNoSchedule and NoExecute. 5767 type: string 5768 key: 5769 description: Key is the taint key that the toleration 5770 applies to. Empty means match all taint keys. 5771 If the key is empty, operator must be Exists; 5772 this combination means to match all values and 5773 all keys. 5774 type: string 5775 operator: 5776 description: Operator represents a key's relationship 5777 to the value. Valid operators are Exists and 5778 Equal. Defaults to Equal. Exists is equivalent 5779 to wildcard for value, so that a pod can tolerate 5780 all taints of a particular category. 5781 type: string 5782 tolerationSeconds: 5783 description: TolerationSeconds represents the 5784 period of time the toleration (which must be 5785 of effect NoExecute, otherwise this field is 5786 ignored) tolerates the taint. By default, it 5787 is not set, which means tolerate the taint forever 5788 (do not evict). Zero and negative values will 5789 be treated as 0 (evict immediately) by the system. 5790 format: int64 5791 type: integer 5792 value: 5793 description: Value is the taint value the toleration 5794 matches to. If the operator is Exists, the value 5795 should be empty, otherwise just a regular string. 5796 type: string 5797 type: object 5798 type: array 5799 topologySpreadConstraints: 5800 description: TopologySpreadConstraints describes how 5801 a group of pods ought to spread across topology domains. 5802 Scheduler will schedule pods in a way which abides 5803 by the constraints. All topologySpreadConstraints 5804 are ANDed. 5805 items: 5806 description: TopologySpreadConstraint specifies how 5807 to spread matching pods among the given topology. 5808 properties: 5809 labelSelector: 5810 description: LabelSelector is used to find matching 5811 pods. Pods that match this label selector are 5812 counted to determine the number of pods in their 5813 corresponding topology domain. 5814 properties: 5815 matchExpressions: 5816 description: matchExpressions is a list of 5817 label selector requirements. The requirements 5818 are ANDed. 5819 items: 5820 description: A label selector requirement 5821 is a selector that contains values, a 5822 key, and an operator that relates the 5823 key and values. 5824 properties: 5825 key: 5826 description: key is the label key that 5827 the selector applies to. 5828 type: string 5829 operator: 5830 description: operator represents a key's 5831 relationship to a set of values. Valid 5832 operators are In, NotIn, Exists and 5833 DoesNotExist. 5834 type: string 5835 values: 5836 description: values is an array of string 5837 values. If the operator is In or NotIn, 5838 the values array must be non-empty. 5839 If the operator is Exists or DoesNotExist, 5840 the values array must be empty. This 5841 array is replaced during a strategic 5842 merge patch. 5843 items: 5844 type: string 5845 type: array 5846 required: 5847 - key 5848 - operator 5849 type: object 5850 type: array 5851 matchLabels: 5852 additionalProperties: 5853 type: string 5854 description: matchLabels is a map of {key,value} 5855 pairs. A single {key,value} in the matchLabels 5856 map is equivalent to an element of matchExpressions, 5857 whose key field is "key", the operator is 5858 "In", and the values array contains only 5859 "value". The requirements are ANDed. 5860 type: object 5861 type: object 5862 x-kubernetes-map-type: atomic 5863 matchLabelKeys: 5864 description: MatchLabelKeys is a set of pod label 5865 keys to select the pods over which spreading 5866 will be calculated. The keys are used to lookup 5867 values from the incoming pod labels, those key-value 5868 labels are ANDed with labelSelector to select 5869 the group of existing pods over which spreading 5870 will be calculated for the incoming pod. The 5871 same key is forbidden to exist in both MatchLabelKeys 5872 and LabelSelector. 5873 items: 5874 type: string 5875 type: array 5876 x-kubernetes-list-type: atomic 5877 maxSkew: 5878 description: MaxSkew describes the degree to which 5879 pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 5880 it is the maximum permitted difference between 5881 the number of matching pods in the target topology 5882 and the global minimum. The global minimum is 5883 the minimum number of matching pods in an eligible 5884 domain or zero if the number of eligible domains 5885 is less than MinDomains. 5886 format: int32 5887 type: integer 5888 minDomains: 5889 description: MinDomains indicates a minimum number 5890 of eligible domains. When the number of eligible 5891 domains with matching topology keys is less 5892 than minDomains, Pod Topology Spread treats 5893 "global minimum" as 0, and then the calculation 5894 of Skew is performed. And when the number of 5895 eligible domains with matching topology keys 5896 equals or greater than minDomains, this value 5897 has no effect on scheduling. 5898 format: int32 5899 type: integer 5900 nodeAffinityPolicy: 5901 description: "NodeAffinityPolicy indicates how 5902 we will treat Pod's nodeAffinity/nodeSelector 5903 when calculating pod topology spread skew. Options 5904 are: - Honor: only nodes matching nodeAffinity/nodeSelector 5905 are included in the calculations. - Ignore: 5906 nodeAffinity/nodeSelector are ignored. All nodes 5907 are included in the calculations. \n If this 5908 value is nil, the behavior is equivalent to 5909 the Honor policy." 5910 type: string 5911 nodeTaintsPolicy: 5912 description: "NodeTaintsPolicy indicates how we 5913 will treat node taints when calculating pod 5914 topology spread skew. Options are: - Honor: 5915 nodes without taints, along with tainted nodes 5916 for which the incoming pod has a toleration, 5917 are included. - Ignore: node taints are ignored. 5918 All nodes are included. \n If this value is 5919 nil, the behavior is equivalent to the Ignore 5920 policy." 5921 type: string 5922 topologyKey: 5923 description: TopologyKey is the key of node labels. 5924 Nodes that have a label with this key and identical 5925 values are considered to be in the same topology. 5926 We consider each <key, value> as a "bucket", 5927 and try to put balanced number of pods into 5928 each bucket. We define a domain as a particular 5929 instance of a topology. 5930 type: string 5931 whenUnsatisfiable: 5932 description: WhenUnsatisfiable indicates how to 5933 deal with a pod if it doesn't satisfy the spread 5934 constraint. - DoNotSchedule (default) tells 5935 the scheduler not to schedule it. - ScheduleAnyway 5936 tells the scheduler to schedule the pod in any 5937 location, but giving higher precedence to topologies 5938 that would help reduce the skew. 5939 type: string 5940 required: 5941 - maxSkew 5942 - topologyKey 5943 - whenUnsatisfiable 5944 type: object 5945 type: array 5946 x-kubernetes-list-map-keys: 5947 - topologyKey 5948 - whenUnsatisfiable 5949 x-kubernetes-list-type: map 5950 volumes: 5951 description: 'List of volumes that can be mounted by 5952 containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 5953 items: 5954 description: Volume represents a named volume in a 5955 pod that may be accessed by any container in the 5956 pod. 5957 properties: 5958 awsElasticBlockStore: 5959 description: 'awsElasticBlockStore represents 5960 an AWS Disk resource that is attached to a kubelet''s 5961 host machine and then exposed to the pod. More 5962 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5963 properties: 5964 fsType: 5965 description: 'fsType is the filesystem type 5966 of the volume that you want to mount. Tip: 5967 Ensure that the filesystem type is supported 5968 by the host operating system. Examples: 5969 "ext4", "xfs", "ntfs". Implicitly inferred 5970 to be "ext4" if unspecified. More info: 5971 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 5972 TODO: how do we prevent errors in the filesystem 5973 from compromising the machine' 5974 type: string 5975 partition: 5976 description: 'partition is the partition in 5977 the volume that you want to mount. If omitted, 5978 the default is to mount by volume name. 5979 Examples: For volume /dev/sda1, you specify 5980 the partition as "1". Similarly, the volume 5981 partition for /dev/sda is "0" (or you can 5982 leave the property empty).' 5983 format: int32 5984 type: integer 5985 readOnly: 5986 description: 'readOnly value true will force 5987 the readOnly setting in VolumeMounts. More 5988 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5989 type: boolean 5990 volumeID: 5991 description: 'volumeID is unique ID of the 5992 persistent disk resource in AWS (Amazon 5993 EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5994 type: string 5995 required: 5996 - volumeID 5997 type: object 5998 azureDisk: 5999 description: azureDisk represents an Azure Data 6000 Disk mount on the host and bind mount to the 6001 pod. 6002 properties: 6003 cachingMode: 6004 description: 'cachingMode is the Host Caching 6005 mode: None, Read Only, Read Write.' 6006 type: string 6007 diskName: 6008 description: diskName is the Name of the data 6009 disk in the blob storage 6010 type: string 6011 diskURI: 6012 description: diskURI is the URI of data disk 6013 in the blob storage 6014 type: string 6015 fsType: 6016 description: fsType is Filesystem type to 6017 mount. Must be a filesystem type supported 6018 by the host operating system. Ex. "ext4", 6019 "xfs", "ntfs". Implicitly inferred to be 6020 "ext4" if unspecified. 6021 type: string 6022 kind: 6023 description: 'kind expected values are Shared: 6024 multiple blob disks per storage account Dedicated: 6025 single blob disk per storage account Managed: 6026 azure managed data disk (only in managed 6027 availability set). defaults to shared' 6028 type: string 6029 readOnly: 6030 description: readOnly Defaults to false (read/write). 6031 ReadOnly here will force the ReadOnly setting 6032 in VolumeMounts. 6033 type: boolean 6034 required: 6035 - diskName 6036 - diskURI 6037 type: object 6038 azureFile: 6039 description: azureFile represents an Azure File 6040 Service mount on the host and bind mount to 6041 the pod. 6042 properties: 6043 readOnly: 6044 description: readOnly defaults to false (read/write). 6045 ReadOnly here will force the ReadOnly setting 6046 in VolumeMounts. 6047 type: boolean 6048 secretName: 6049 description: secretName is the name of secret 6050 that contains Azure Storage Account Name 6051 and Key 6052 type: string 6053 shareName: 6054 description: shareName is the azure share 6055 Name 6056 type: string 6057 required: 6058 - secretName 6059 - shareName 6060 type: object 6061 cephfs: 6062 description: cephFS represents a Ceph FS mount 6063 on the host that shares a pod's lifetime 6064 properties: 6065 monitors: 6066 description: 'monitors is Required: Monitors 6067 is a collection of Ceph monitors More info: 6068 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6069 items: 6070 type: string 6071 type: array 6072 path: 6073 description: 'path is Optional: Used as the 6074 mounted root, rather than the full Ceph 6075 tree, default is /' 6076 type: string 6077 readOnly: 6078 description: 'readOnly is Optional: Defaults 6079 to false (read/write). ReadOnly here will 6080 force the ReadOnly setting in VolumeMounts. 6081 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6082 type: boolean 6083 secretFile: 6084 description: 'secretFile is Optional: SecretFile 6085 is the path to key ring for User, default 6086 is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6087 type: string 6088 secretRef: 6089 description: 'secretRef is Optional: SecretRef 6090 is reference to the authentication secret 6091 for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6092 properties: 6093 name: 6094 description: 'Name of the referent. More 6095 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6096 TODO: Add other useful fields. apiVersion, 6097 kind, uid?' 6098 type: string 6099 type: object 6100 x-kubernetes-map-type: atomic 6101 user: 6102 description: 'user is optional: User is the 6103 rados user name, default is admin More info: 6104 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6105 type: string 6106 required: 6107 - monitors 6108 type: object 6109 cinder: 6110 description: 'cinder represents a cinder volume 6111 attached and mounted on kubelets host machine. 6112 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6113 properties: 6114 fsType: 6115 description: 'fsType is the filesystem type 6116 to mount. Must be a filesystem type supported 6117 by the host operating system. Examples: 6118 "ext4", "xfs", "ntfs". Implicitly inferred 6119 to be "ext4" if unspecified. More info: 6120 https://examples.k8s.io/mysql-cinder-pd/README.md' 6121 type: string 6122 readOnly: 6123 description: 'readOnly defaults to false (read/write). 6124 ReadOnly here will force the ReadOnly setting 6125 in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6126 type: boolean 6127 secretRef: 6128 description: 'secretRef is optional: points 6129 to a secret object containing parameters 6130 used to connect to OpenStack.' 6131 properties: 6132 name: 6133 description: 'Name of the referent. More 6134 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6135 TODO: Add other useful fields. apiVersion, 6136 kind, uid?' 6137 type: string 6138 type: object 6139 x-kubernetes-map-type: atomic 6140 volumeID: 6141 description: 'volumeID used to identify the 6142 volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6143 type: string 6144 required: 6145 - volumeID 6146 type: object 6147 configMap: 6148 description: configMap represents a configMap 6149 that should populate this volume 6150 properties: 6151 defaultMode: 6152 description: 'defaultMode is optional: mode 6153 bits used to set permissions on created 6154 files by default. Must be an octal value 6155 between 0000 and 0777 or a decimal value 6156 between 0 and 511. YAML accepts both octal 6157 and decimal values, JSON requires decimal 6158 values for mode bits. Defaults to 0644. 6159 Directories within the path are not affected 6160 by this setting.' 6161 format: int32 6162 type: integer 6163 items: 6164 description: items if unspecified, each key-value 6165 pair in the Data field of the referenced 6166 ConfigMap will be projected into the volume 6167 as a file whose name is the key and content 6168 is the value. If specified, the listed keys 6169 will be projected into the specified paths, 6170 and unlisted keys will not be present. 6171 items: 6172 description: Maps a string key to a path 6173 within a volume. 6174 properties: 6175 key: 6176 description: key is the key to project. 6177 type: string 6178 mode: 6179 description: 'mode is Optional: mode 6180 bits used to set permissions on this 6181 file. Must be an octal value between 6182 0000 and 0777 or a decimal value between 6183 0 and 511. YAML accepts both octal 6184 and decimal values, JSON requires 6185 decimal values for mode bits. If not 6186 specified, the volume defaultMode 6187 will be used.' 6188 format: int32 6189 type: integer 6190 path: 6191 description: path is the relative path 6192 of the file to map the key to. May 6193 not be an absolute path. May not contain 6194 the path element '..'. May not start 6195 with the string '..'. 6196 type: string 6197 required: 6198 - key 6199 - path 6200 type: object 6201 type: array 6202 name: 6203 description: 'Name of the referent. More info: 6204 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6205 TODO: Add other useful fields. apiVersion, 6206 kind, uid?' 6207 type: string 6208 optional: 6209 description: optional specify whether the 6210 ConfigMap or its keys must be defined 6211 type: boolean 6212 type: object 6213 x-kubernetes-map-type: atomic 6214 csi: 6215 description: csi (Container Storage Interface) 6216 represents ephemeral storage that is handled 6217 by certain external CSI drivers (Beta feature). 6218 properties: 6219 driver: 6220 description: driver is the name of the CSI 6221 driver that handles this volume. Consult 6222 with your admin for the correct name as 6223 registered in the cluster. 6224 type: string 6225 fsType: 6226 description: fsType to mount. Ex. "ext4", 6227 "xfs", "ntfs". If not provided, the empty 6228 value is passed to the associated CSI driver 6229 which will determine the default filesystem 6230 to apply. 6231 type: string 6232 nodePublishSecretRef: 6233 description: nodePublishSecretRef is a reference 6234 to the secret object containing sensitive 6235 information to pass to the CSI driver to 6236 complete the CSI NodePublishVolume and NodeUnpublishVolume 6237 calls. This field is optional, and may 6238 be empty if no secret is required. If the 6239 secret object contains more than one secret, 6240 all secret references are passed. 6241 properties: 6242 name: 6243 description: 'Name of the referent. More 6244 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6245 TODO: Add other useful fields. apiVersion, 6246 kind, uid?' 6247 type: string 6248 type: object 6249 x-kubernetes-map-type: atomic 6250 readOnly: 6251 description: readOnly specifies a read-only 6252 configuration for the volume. Defaults to 6253 false (read/write). 6254 type: boolean 6255 volumeAttributes: 6256 additionalProperties: 6257 type: string 6258 description: volumeAttributes stores driver-specific 6259 properties that are passed to the CSI driver. 6260 Consult your driver's documentation for 6261 supported values. 6262 type: object 6263 required: 6264 - driver 6265 type: object 6266 downwardAPI: 6267 description: downwardAPI represents downward API 6268 about the pod that should populate this volume 6269 properties: 6270 defaultMode: 6271 description: 'Optional: mode bits to use on 6272 created files by default. Must be a Optional: 6273 mode bits used to set permissions on created 6274 files by default. Must be an octal value 6275 between 0000 and 0777 or a decimal value 6276 between 0 and 511. YAML accepts both octal 6277 and decimal values, JSON requires decimal 6278 values for mode bits. Defaults to 0644. 6279 Directories within the path are not affected 6280 by this setting.' 6281 format: int32 6282 type: integer 6283 items: 6284 description: Items is a list of downward API 6285 volume file 6286 items: 6287 description: DownwardAPIVolumeFile represents 6288 information to create the file containing 6289 the pod field 6290 properties: 6291 fieldRef: 6292 description: 'Required: Selects a field 6293 of the pod: only annotations, labels, 6294 name and namespace are supported.' 6295 properties: 6296 apiVersion: 6297 description: Version of the schema 6298 the FieldPath is written in terms 6299 of, defaults to "v1". 6300 type: string 6301 fieldPath: 6302 description: Path of the field to 6303 select in the specified API version. 6304 type: string 6305 required: 6306 - fieldPath 6307 type: object 6308 x-kubernetes-map-type: atomic 6309 mode: 6310 description: 'Optional: mode bits used 6311 to set permissions on this file, must 6312 be an octal value between 0000 and 6313 0777 or a decimal value between 0 6314 and 511. YAML accepts both octal and 6315 decimal values, JSON requires decimal 6316 values for mode bits. If not specified, 6317 the volume defaultMode will be used.' 6318 format: int32 6319 type: integer 6320 path: 6321 description: 'Required: Path is the 6322 relative path name of the file to 6323 be created. Must not be absolute or 6324 contain the ''..'' path. Must be utf-8 6325 encoded. The first item of the relative 6326 path must not start with ''..''' 6327 type: string 6328 resourceFieldRef: 6329 description: 'Selects a resource of 6330 the container: only resources limits 6331 and requests (limits.cpu, limits.memory, 6332 requests.cpu and requests.memory) 6333 are currently supported.' 6334 properties: 6335 containerName: 6336 description: 'Container name: required 6337 for volumes, optional for env 6338 vars' 6339 type: string 6340 divisor: 6341 anyOf: 6342 - type: integer 6343 - type: string 6344 description: Specifies the output 6345 format of the exposed resources, 6346 defaults to "1" 6347 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6348 x-kubernetes-int-or-string: true 6349 resource: 6350 description: 'Required: resource 6351 to select' 6352 type: string 6353 required: 6354 - resource 6355 type: object 6356 x-kubernetes-map-type: atomic 6357 required: 6358 - path 6359 type: object 6360 type: array 6361 type: object 6362 emptyDir: 6363 description: 'emptyDir represents a temporary 6364 directory that shares a pod''s lifetime. More 6365 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6366 properties: 6367 medium: 6368 description: 'medium represents what type 6369 of storage medium should back this directory. 6370 The default is "" which means to use the 6371 node''s default medium. Must be an empty 6372 string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6373 type: string 6374 sizeLimit: 6375 anyOf: 6376 - type: integer 6377 - type: string 6378 description: 'sizeLimit is the total amount 6379 of local storage required for this EmptyDir 6380 volume. The size limit is also applicable 6381 for memory medium. The maximum usage on 6382 memory medium EmptyDir would be the minimum 6383 value between the SizeLimit specified here 6384 and the sum of memory limits of all containers 6385 in a pod. The default is nil which means 6386 that the limit is undefined. More info: 6387 https://kubernetes.' 6388 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6389 x-kubernetes-int-or-string: true 6390 type: object 6391 ephemeral: 6392 description: ephemeral represents a volume that 6393 is handled by a cluster storage driver. The 6394 volume's lifecycle is tied to the pod that defines 6395 it - it will be created before the pod starts, 6396 and deleted when the pod is removed. 6397 properties: 6398 volumeClaimTemplate: 6399 description: Will be used to create a stand-alone 6400 PVC to provision the volume. The pod in 6401 which this EphemeralVolumeSource is embedded 6402 will be the owner of the PVC, i.e. the PVC 6403 will be deleted together with the pod. The 6404 name of the PVC will be `<pod name>-<volume 6405 name>` where `<volume name>` is the name 6406 from the `PodSpec.Volumes` array entry. 6407 properties: 6408 metadata: 6409 description: May contain labels and annotations 6410 that will be copied into the PVC when 6411 creating it. No other fields are allowed 6412 and will be rejected during validation. 6413 properties: 6414 annotations: 6415 additionalProperties: 6416 type: string 6417 type: object 6418 finalizers: 6419 items: 6420 type: string 6421 type: array 6422 labels: 6423 additionalProperties: 6424 type: string 6425 type: object 6426 name: 6427 type: string 6428 namespace: 6429 type: string 6430 type: object 6431 spec: 6432 description: The specification for the 6433 PersistentVolumeClaim. The entire content 6434 is copied unchanged into the PVC that 6435 gets created from this template. The 6436 same fields as in a PersistentVolumeClaim 6437 are also valid here. 6438 properties: 6439 accessModes: 6440 description: 'accessModes contains 6441 the desired access modes the volume 6442 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6443 items: 6444 type: string 6445 type: array 6446 dataSource: 6447 description: 'dataSource field can 6448 be used to specify either: * An 6449 existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6450 * An existing PVC (PersistentVolumeClaim) 6451 If the provisioner or an external 6452 controller can support the specified 6453 data source, it will create a new 6454 volume based on the contents of 6455 the specified data source.' 6456 properties: 6457 apiGroup: 6458 description: APIGroup is the group 6459 for the resource being referenced. 6460 If APIGroup is not specified, 6461 the specified Kind must be in 6462 the core API group. For any 6463 other third-party types, APIGroup 6464 is required. 6465 type: string 6466 kind: 6467 description: Kind is the type 6468 of resource being referenced 6469 type: string 6470 name: 6471 description: Name is the name 6472 of resource being referenced 6473 type: string 6474 required: 6475 - kind 6476 - name 6477 type: object 6478 x-kubernetes-map-type: atomic 6479 dataSourceRef: 6480 description: dataSourceRef specifies 6481 the object from which to populate 6482 the volume with data, if a non-empty 6483 volume is desired. This may be any 6484 object from a non-empty API group 6485 (non core object) or a PersistentVolumeClaim 6486 object. When this field is specified, 6487 volume binding will only succeed 6488 if the type of the specified object 6489 matches some installed volume populator 6490 or dynamic provisioner. 6491 properties: 6492 apiGroup: 6493 description: APIGroup is the group 6494 for the resource being referenced. 6495 If APIGroup is not specified, 6496 the specified Kind must be in 6497 the core API group. For any 6498 other third-party types, APIGroup 6499 is required. 6500 type: string 6501 kind: 6502 description: Kind is the type 6503 of resource being referenced 6504 type: string 6505 name: 6506 description: Name is the name 6507 of resource being referenced 6508 type: string 6509 namespace: 6510 description: Namespace is the 6511 namespace of resource being 6512 referenced Note that when a 6513 namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 6514 object is required in the referent 6515 namespace to allow that namespace's 6516 owner to accept the reference. 6517 See the ReferenceGrant documentation 6518 for details. (Alpha) This field 6519 requires the CrossNamespaceVolumeDataSource 6520 feature gate to be enabled. 6521 type: string 6522 required: 6523 - kind 6524 - name 6525 type: object 6526 resources: 6527 description: 'resources represents 6528 the minimum resources the volume 6529 should have. If RecoverVolumeExpansionFailure 6530 feature is enabled users are allowed 6531 to specify resource requirements 6532 that are lower than previous value 6533 but must still be higher than capacity 6534 recorded in the status field of 6535 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6536 properties: 6537 claims: 6538 description: "Claims lists the 6539 names of resources, defined 6540 in spec.resourceClaims, that 6541 are used by this container. 6542 \n This is an alpha field and 6543 requires enabling the DynamicResourceAllocation 6544 feature gate. \n This field 6545 is immutable. It can only be 6546 set for containers." 6547 items: 6548 description: ResourceClaim references 6549 one entry in PodSpec.ResourceClaims. 6550 properties: 6551 name: 6552 description: Name must match 6553 the name of one entry 6554 in pod.spec.resourceClaims 6555 of the Pod where this 6556 field is used. It makes 6557 that resource available 6558 inside a container. 6559 type: string 6560 required: 6561 - name 6562 type: object 6563 type: array 6564 x-kubernetes-list-map-keys: 6565 - name 6566 x-kubernetes-list-type: map 6567 limits: 6568 additionalProperties: 6569 anyOf: 6570 - type: integer 6571 - type: string 6572 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6573 x-kubernetes-int-or-string: true 6574 description: 'Limits describes 6575 the maximum amount of compute 6576 resources allowed. More info: 6577 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6578 type: object 6579 requests: 6580 additionalProperties: 6581 anyOf: 6582 - type: integer 6583 - type: string 6584 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6585 x-kubernetes-int-or-string: true 6586 description: 'Requests describes 6587 the minimum amount of compute 6588 resources required. If Requests 6589 is omitted for a container, 6590 it defaults to Limits if that 6591 is explicitly specified, otherwise 6592 to an implementation-defined 6593 value. Requests cannot exceed 6594 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6595 type: object 6596 type: object 6597 selector: 6598 description: selector is a label query 6599 over volumes to consider for binding. 6600 properties: 6601 matchExpressions: 6602 description: matchExpressions 6603 is a list of label selector 6604 requirements. The requirements 6605 are ANDed. 6606 items: 6607 description: A label selector 6608 requirement is a selector 6609 that contains values, a key, 6610 and an operator that relates 6611 the key and values. 6612 properties: 6613 key: 6614 description: key is the 6615 label key that the selector 6616 applies to. 6617 type: string 6618 operator: 6619 description: operator represents 6620 a key's relationship to 6621 a set of values. Valid 6622 operators are In, NotIn, 6623 Exists and DoesNotExist. 6624 type: string 6625 values: 6626 description: values is an 6627 array of string values. 6628 If the operator is In 6629 or NotIn, the values array 6630 must be non-empty. If 6631 the operator is Exists 6632 or DoesNotExist, the values 6633 array must be empty. This 6634 array is replaced during 6635 a strategic merge patch. 6636 items: 6637 type: string 6638 type: array 6639 required: 6640 - key 6641 - operator 6642 type: object 6643 type: array 6644 matchLabels: 6645 additionalProperties: 6646 type: string 6647 description: matchLabels is a 6648 map of {key,value} pairs. A 6649 single {key,value} in the matchLabels 6650 map is equivalent to an element 6651 of matchExpressions, whose key 6652 field is "key", the operator 6653 is "In", and the values array 6654 contains only "value". The requirements 6655 are ANDed. 6656 type: object 6657 type: object 6658 x-kubernetes-map-type: atomic 6659 storageClassName: 6660 description: 'storageClassName is 6661 the name of the StorageClass required 6662 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6663 type: string 6664 volumeMode: 6665 description: volumeMode defines what 6666 type of volume is required by the 6667 claim. Value of Filesystem is implied 6668 when not included in claim spec. 6669 type: string 6670 volumeName: 6671 description: volumeName is the binding 6672 reference to the PersistentVolume 6673 backing this claim. 6674 type: string 6675 type: object 6676 required: 6677 - spec 6678 type: object 6679 type: object 6680 fc: 6681 description: fc represents a Fibre Channel resource 6682 that is attached to a kubelet's host machine 6683 and then exposed to the pod. 6684 properties: 6685 fsType: 6686 description: 'fsType is the filesystem type 6687 to mount. Must be a filesystem type supported 6688 by the host operating system. Ex. "ext4", 6689 "xfs", "ntfs". Implicitly inferred to be 6690 "ext4" if unspecified. TODO: how do we prevent 6691 errors in the filesystem from compromising 6692 the machine' 6693 type: string 6694 lun: 6695 description: 'lun is Optional: FC target lun 6696 number' 6697 format: int32 6698 type: integer 6699 readOnly: 6700 description: 'readOnly is Optional: Defaults 6701 to false (read/write). ReadOnly here will 6702 force the ReadOnly setting in VolumeMounts.' 6703 type: boolean 6704 targetWWNs: 6705 description: 'targetWWNs is Optional: FC target 6706 worldwide names (WWNs)' 6707 items: 6708 type: string 6709 type: array 6710 wwids: 6711 description: 'wwids Optional: FC volume world 6712 wide identifiers (wwids) Either wwids or 6713 combination of targetWWNs and lun must be 6714 set, but not both simultaneously.' 6715 items: 6716 type: string 6717 type: array 6718 type: object 6719 flexVolume: 6720 description: flexVolume represents a generic volume 6721 resource that is provisioned/attached using 6722 an exec based plugin. 6723 properties: 6724 driver: 6725 description: driver is the name of the driver 6726 to use for this volume. 6727 type: string 6728 fsType: 6729 description: fsType is the filesystem type 6730 to mount. Must be a filesystem type supported 6731 by the host operating system. Ex. "ext4", 6732 "xfs", "ntfs". The default filesystem depends 6733 on FlexVolume script. 6734 type: string 6735 options: 6736 additionalProperties: 6737 type: string 6738 description: 'options is Optional: this field 6739 holds extra command options if any.' 6740 type: object 6741 readOnly: 6742 description: 'readOnly is Optional: defaults 6743 to false (read/write). ReadOnly here will 6744 force the ReadOnly setting in VolumeMounts.' 6745 type: boolean 6746 secretRef: 6747 description: 'secretRef is Optional: secretRef 6748 is reference to the secret object containing 6749 sensitive information to pass to the plugin 6750 scripts. This may be empty if no secret 6751 object is specified. If the secret object 6752 contains more than one secret, all secrets 6753 are passed to the plugin scripts.' 6754 properties: 6755 name: 6756 description: 'Name of the referent. More 6757 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6758 TODO: Add other useful fields. apiVersion, 6759 kind, uid?' 6760 type: string 6761 type: object 6762 x-kubernetes-map-type: atomic 6763 required: 6764 - driver 6765 type: object 6766 flocker: 6767 description: flocker represents a Flocker volume 6768 attached to a kubelet's host machine. This depends 6769 on the Flocker control service being running 6770 properties: 6771 datasetName: 6772 description: datasetName is Name of the dataset 6773 stored as metadata -> name on the dataset 6774 for Flocker should be considered as deprecated 6775 type: string 6776 datasetUUID: 6777 description: datasetUUID is the UUID of the 6778 dataset. This is unique identifier of a 6779 Flocker dataset 6780 type: string 6781 type: object 6782 gcePersistentDisk: 6783 description: 'gcePersistentDisk represents a GCE 6784 Disk resource that is attached to a kubelet''s 6785 host machine and then exposed to the pod. More 6786 info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6787 properties: 6788 fsType: 6789 description: 'fsType is filesystem type of 6790 the volume that you want to mount. Tip: 6791 Ensure that the filesystem type is supported 6792 by the host operating system. Examples: 6793 "ext4", "xfs", "ntfs". Implicitly inferred 6794 to be "ext4" if unspecified. More info: 6795 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 6796 TODO: how do we prevent errors in the filesystem 6797 from compromising the machine' 6798 type: string 6799 partition: 6800 description: 'partition is the partition in 6801 the volume that you want to mount. If omitted, 6802 the default is to mount by volume name. 6803 Examples: For volume /dev/sda1, you specify 6804 the partition as "1". Similarly, the volume 6805 partition for /dev/sda is "0" (or you can 6806 leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6807 format: int32 6808 type: integer 6809 pdName: 6810 description: 'pdName is unique name of the 6811 PD resource in GCE. Used to identify the 6812 disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6813 type: string 6814 readOnly: 6815 description: 'readOnly here will force the 6816 ReadOnly setting in VolumeMounts. Defaults 6817 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6818 type: boolean 6819 required: 6820 - pdName 6821 type: object 6822 gitRepo: 6823 description: 'gitRepo represents a git repository 6824 at a particular revision. DEPRECATED: GitRepo 6825 is deprecated. To provision a container with 6826 a git repo, mount an EmptyDir into an InitContainer 6827 that clones the repo using git, then mount the 6828 EmptyDir into the Pod''s container.' 6829 properties: 6830 directory: 6831 description: directory is the target directory 6832 name. Must not contain or start with '..'. If 6833 '.' is supplied, the volume directory will 6834 be the git repository. Otherwise, if specified, 6835 the volume will contain the git repository 6836 in the subdirectory with the given name. 6837 type: string 6838 repository: 6839 description: repository is the URL 6840 type: string 6841 revision: 6842 description: revision is the commit hash for 6843 the specified revision. 6844 type: string 6845 required: 6846 - repository 6847 type: object 6848 glusterfs: 6849 description: 'glusterfs represents a Glusterfs 6850 mount on the host that shares a pod''s lifetime. 6851 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 6852 properties: 6853 endpoints: 6854 description: 'endpoints is the endpoint name 6855 that details Glusterfs topology. More info: 6856 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6857 type: string 6858 path: 6859 description: 'path is the Glusterfs volume 6860 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6861 type: string 6862 readOnly: 6863 description: 'readOnly here will force the 6864 Glusterfs volume to be mounted with read-only 6865 permissions. Defaults to false. More info: 6866 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6867 type: boolean 6868 required: 6869 - endpoints 6870 - path 6871 type: object 6872 hostPath: 6873 description: 'hostPath represents a pre-existing 6874 file or directory on the host machine that is 6875 directly exposed to the container. This is generally 6876 used for system agents or other privileged things 6877 that are allowed to see the host machine. Most 6878 containers will NOT need this. More info: https://kubernetes.' 6879 properties: 6880 path: 6881 description: 'path of the directory on the 6882 host. If the path is a symlink, it will 6883 follow the link to the real path. More info: 6884 https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6885 type: string 6886 type: 6887 description: 'type for HostPath Volume Defaults 6888 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6889 type: string 6890 required: 6891 - path 6892 type: object 6893 iscsi: 6894 description: 'iscsi represents an ISCSI Disk resource 6895 that is attached to a kubelet''s host machine 6896 and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 6897 properties: 6898 chapAuthDiscovery: 6899 description: chapAuthDiscovery defines whether 6900 support iSCSI Discovery CHAP authentication 6901 type: boolean 6902 chapAuthSession: 6903 description: chapAuthSession defines whether 6904 support iSCSI Session CHAP authentication 6905 type: boolean 6906 fsType: 6907 description: 'fsType is the filesystem type 6908 of the volume that you want to mount. Tip: 6909 Ensure that the filesystem type is supported 6910 by the host operating system. Examples: 6911 "ext4", "xfs", "ntfs". Implicitly inferred 6912 to be "ext4" if unspecified. More info: 6913 https://kubernetes.io/docs/concepts/storage/volumes#iscsi 6914 TODO: how do we prevent errors in the filesystem 6915 from compromising the machine' 6916 type: string 6917 initiatorName: 6918 description: initiatorName is the custom iSCSI 6919 Initiator Name. If initiatorName is specified 6920 with iscsiInterface simultaneously, new 6921 iSCSI interface <target portal>:<volume 6922 name> will be created for the connection. 6923 type: string 6924 iqn: 6925 description: iqn is the target iSCSI Qualified 6926 Name. 6927 type: string 6928 iscsiInterface: 6929 description: iscsiInterface is the interface 6930 Name that uses an iSCSI transport. Defaults 6931 to 'default' (tcp). 6932 type: string 6933 lun: 6934 description: lun represents iSCSI Target Lun 6935 number. 6936 format: int32 6937 type: integer 6938 portals: 6939 description: portals is the iSCSI Target Portal 6940 List. The portal is either an IP or ip_addr:port 6941 if the port is other than default (typically 6942 TCP ports 860 and 3260). 6943 items: 6944 type: string 6945 type: array 6946 readOnly: 6947 description: readOnly here will force the 6948 ReadOnly setting in VolumeMounts. Defaults 6949 to false. 6950 type: boolean 6951 secretRef: 6952 description: secretRef is the CHAP Secret 6953 for iSCSI target and initiator authentication 6954 properties: 6955 name: 6956 description: 'Name of the referent. More 6957 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6958 TODO: Add other useful fields. apiVersion, 6959 kind, uid?' 6960 type: string 6961 type: object 6962 x-kubernetes-map-type: atomic 6963 targetPortal: 6964 description: targetPortal is iSCSI Target 6965 Portal. The Portal is either an IP or ip_addr:port 6966 if the port is other than default (typically 6967 TCP ports 860 and 3260). 6968 type: string 6969 required: 6970 - iqn 6971 - lun 6972 - targetPortal 6973 type: object 6974 name: 6975 description: 'name of the volume. Must be a DNS_LABEL 6976 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 6977 type: string 6978 nfs: 6979 description: 'nfs represents an NFS mount on the 6980 host that shares a pod''s lifetime More info: 6981 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6982 properties: 6983 path: 6984 description: 'path that is exported by the 6985 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6986 type: string 6987 readOnly: 6988 description: 'readOnly here will force the 6989 NFS export to be mounted with read-only 6990 permissions. Defaults to false. More info: 6991 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6992 type: boolean 6993 server: 6994 description: 'server is the hostname or IP 6995 address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6996 type: string 6997 required: 6998 - path 6999 - server 7000 type: object 7001 persistentVolumeClaim: 7002 description: 'persistentVolumeClaimVolumeSource 7003 represents a reference to a PersistentVolumeClaim 7004 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7005 properties: 7006 claimName: 7007 description: 'claimName is the name of a PersistentVolumeClaim 7008 in the same namespace as the pod using this 7009 volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7010 type: string 7011 readOnly: 7012 description: readOnly Will force the ReadOnly 7013 setting in VolumeMounts. Default false. 7014 type: boolean 7015 required: 7016 - claimName 7017 type: object 7018 photonPersistentDisk: 7019 description: photonPersistentDisk represents a 7020 PhotonController persistent disk attached and 7021 mounted on kubelets host machine 7022 properties: 7023 fsType: 7024 description: fsType is the filesystem type 7025 to mount. Must be a filesystem type supported 7026 by the host operating system. Ex. "ext4", 7027 "xfs", "ntfs". Implicitly inferred to be 7028 "ext4" if unspecified. 7029 type: string 7030 pdID: 7031 description: pdID is the ID that identifies 7032 Photon Controller persistent disk 7033 type: string 7034 required: 7035 - pdID 7036 type: object 7037 portworxVolume: 7038 description: portworxVolume represents a portworx 7039 volume attached and mounted on kubelets host 7040 machine 7041 properties: 7042 fsType: 7043 description: fSType represents the filesystem 7044 type to mount Must be a filesystem type 7045 supported by the host operating system. 7046 Ex. "ext4", "xfs". Implicitly inferred to 7047 be "ext4" if unspecified. 7048 type: string 7049 readOnly: 7050 description: readOnly defaults to false (read/write). 7051 ReadOnly here will force the ReadOnly setting 7052 in VolumeMounts. 7053 type: boolean 7054 volumeID: 7055 description: volumeID uniquely identifies 7056 a Portworx volume 7057 type: string 7058 required: 7059 - volumeID 7060 type: object 7061 projected: 7062 description: projected items for all in one resources 7063 secrets, configmaps, and downward API 7064 properties: 7065 defaultMode: 7066 description: defaultMode are the mode bits 7067 used to set permissions on created files 7068 by default. Must be an octal value between 7069 0000 and 0777 or a decimal value between 7070 0 and 511. YAML accepts both octal and decimal 7071 values, JSON requires decimal values for 7072 mode bits. Directories within the path are 7073 not affected by this setting. 7074 format: int32 7075 type: integer 7076 sources: 7077 description: sources is the list of volume 7078 projections 7079 items: 7080 description: Projection that may be projected 7081 along with other supported volume types 7082 properties: 7083 configMap: 7084 description: configMap information about 7085 the configMap data to project 7086 properties: 7087 items: 7088 description: items if unspecified, 7089 each key-value pair in the Data 7090 field of the referenced ConfigMap 7091 will be projected into the volume 7092 as a file whose name is the key 7093 and content is the value. If specified, 7094 the listed keys will be projected 7095 into the specified paths, and 7096 unlisted keys will not be present. 7097 items: 7098 description: Maps a string key 7099 to a path within a volume. 7100 properties: 7101 key: 7102 description: key is the key 7103 to project. 7104 type: string 7105 mode: 7106 description: 'mode is Optional: 7107 mode bits used to set permissions 7108 on this file. Must be an 7109 octal value between 0000 7110 and 0777 or a decimal value 7111 between 0 and 511. YAML 7112 accepts both octal and decimal 7113 values, JSON requires decimal 7114 values for mode bits. If 7115 not specified, the volume 7116 defaultMode will be used.' 7117 format: int32 7118 type: integer 7119 path: 7120 description: path is the relative 7121 path of the file to map 7122 the key to. May not be an 7123 absolute path. May not contain 7124 the path element '..'. May 7125 not start with the string 7126 '..'. 7127 type: string 7128 required: 7129 - key 7130 - path 7131 type: object 7132 type: array 7133 name: 7134 description: 'Name of the referent. 7135 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7136 TODO: Add other useful fields. 7137 apiVersion, kind, uid?' 7138 type: string 7139 optional: 7140 description: optional specify whether 7141 the ConfigMap or its keys must 7142 be defined 7143 type: boolean 7144 type: object 7145 x-kubernetes-map-type: atomic 7146 downwardAPI: 7147 description: downwardAPI information 7148 about the downwardAPI data to project 7149 properties: 7150 items: 7151 description: Items is a list of 7152 DownwardAPIVolume file 7153 items: 7154 description: DownwardAPIVolumeFile 7155 represents information to create 7156 the file containing the pod 7157 field 7158 properties: 7159 fieldRef: 7160 description: 'Required: Selects 7161 a field of the pod: only 7162 annotations, labels, name 7163 and namespace are supported.' 7164 properties: 7165 apiVersion: 7166 description: Version of 7167 the schema the FieldPath 7168 is written in terms 7169 of, defaults to "v1". 7170 type: string 7171 fieldPath: 7172 description: Path of the 7173 field to select in the 7174 specified API version. 7175 type: string 7176 required: 7177 - fieldPath 7178 type: object 7179 x-kubernetes-map-type: atomic 7180 mode: 7181 description: 'Optional: mode 7182 bits used to set permissions 7183 on this file, must be an 7184 octal value between 0000 7185 and 0777 or a decimal value 7186 between 0 and 511. YAML 7187 accepts both octal and decimal 7188 values, JSON requires decimal 7189 values for mode bits. If 7190 not specified, the volume 7191 defaultMode will be used.' 7192 format: int32 7193 type: integer 7194 path: 7195 description: 'Required: Path 7196 is the relative path name 7197 of the file to be created. 7198 Must not be absolute or 7199 contain the ''..'' path. 7200 Must be utf-8 encoded. The 7201 first item of the relative 7202 path must not start with 7203 ''..''' 7204 type: string 7205 resourceFieldRef: 7206 description: 'Selects a resource 7207 of the container: only resources 7208 limits and requests (limits.cpu, 7209 limits.memory, requests.cpu 7210 and requests.memory) are 7211 currently supported.' 7212 properties: 7213 containerName: 7214 description: 'Container 7215 name: required for volumes, 7216 optional for env vars' 7217 type: string 7218 divisor: 7219 anyOf: 7220 - type: integer 7221 - type: string 7222 description: Specifies 7223 the output format of 7224 the exposed resources, 7225 defaults to "1" 7226 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7227 x-kubernetes-int-or-string: true 7228 resource: 7229 description: 'Required: 7230 resource to select' 7231 type: string 7232 required: 7233 - resource 7234 type: object 7235 x-kubernetes-map-type: atomic 7236 required: 7237 - path 7238 type: object 7239 type: array 7240 type: object 7241 secret: 7242 description: secret information about 7243 the secret data to project 7244 properties: 7245 items: 7246 description: items if unspecified, 7247 each key-value pair in the Data 7248 field of the referenced Secret 7249 will be projected into the volume 7250 as a file whose name is the key 7251 and content is the value. If specified, 7252 the listed keys will be projected 7253 into the specified paths, and 7254 unlisted keys will not be present. 7255 items: 7256 description: Maps a string key 7257 to a path within a volume. 7258 properties: 7259 key: 7260 description: key is the key 7261 to project. 7262 type: string 7263 mode: 7264 description: 'mode is Optional: 7265 mode bits used to set permissions 7266 on this file. Must be an 7267 octal value between 0000 7268 and 0777 or a decimal value 7269 between 0 and 511. YAML 7270 accepts both octal and decimal 7271 values, JSON requires decimal 7272 values for mode bits. If 7273 not specified, the volume 7274 defaultMode will be used.' 7275 format: int32 7276 type: integer 7277 path: 7278 description: path is the relative 7279 path of the file to map 7280 the key to. May not be an 7281 absolute path. May not contain 7282 the path element '..'. May 7283 not start with the string 7284 '..'. 7285 type: string 7286 required: 7287 - key 7288 - path 7289 type: object 7290 type: array 7291 name: 7292 description: 'Name of the referent. 7293 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7294 TODO: Add other useful fields. 7295 apiVersion, kind, uid?' 7296 type: string 7297 optional: 7298 description: optional field specify 7299 whether the Secret or its key 7300 must be defined 7301 type: boolean 7302 type: object 7303 x-kubernetes-map-type: atomic 7304 serviceAccountToken: 7305 description: serviceAccountToken is 7306 information about the serviceAccountToken 7307 data to project 7308 properties: 7309 audience: 7310 description: audience is the intended 7311 audience of the token. A recipient 7312 of a token must identify itself 7313 with an identifier specified in 7314 the audience of the token, and 7315 otherwise should reject the token. 7316 The audience defaults to the identifier 7317 of the apiserver. 7318 type: string 7319 expirationSeconds: 7320 description: expirationSeconds is 7321 the requested duration of validity 7322 of the service account token. 7323 As the token approaches expiration, 7324 the kubelet volume plugin will 7325 proactively rotate the service 7326 account token. The kubelet will 7327 start trying to rotate the token 7328 if the token is older than 80 7329 percent of its time to live or 7330 if the token is older than 24 7331 hours.Defaults to 1 hour and must 7332 be at least 10 minutes. 7333 format: int64 7334 type: integer 7335 path: 7336 description: path is the path relative 7337 to the mount point of the file 7338 to project the token into. 7339 type: string 7340 required: 7341 - path 7342 type: object 7343 type: object 7344 type: array 7345 type: object 7346 quobyte: 7347 description: quobyte represents a Quobyte mount 7348 on the host that shares a pod's lifetime 7349 properties: 7350 group: 7351 description: group to map volume access to 7352 Default is no group 7353 type: string 7354 readOnly: 7355 description: readOnly here will force the 7356 Quobyte volume to be mounted with read-only 7357 permissions. Defaults to false. 7358 type: boolean 7359 registry: 7360 description: registry represents a single 7361 or multiple Quobyte Registry services specified 7362 as a string as host:port pair (multiple 7363 entries are separated with commas) which 7364 acts as the central registry for volumes 7365 type: string 7366 tenant: 7367 description: tenant owning the given Quobyte 7368 volume in the Backend Used with dynamically 7369 provisioned Quobyte volumes, value is set 7370 by the plugin 7371 type: string 7372 user: 7373 description: user to map volume access to 7374 Defaults to serivceaccount user 7375 type: string 7376 volume: 7377 description: volume is a string that references 7378 an already created Quobyte volume by name. 7379 type: string 7380 required: 7381 - registry 7382 - volume 7383 type: object 7384 rbd: 7385 description: 'rbd represents a Rados Block Device 7386 mount on the host that shares a pod''s lifetime. 7387 More info: https://examples.k8s.io/volumes/rbd/README.md' 7388 properties: 7389 fsType: 7390 description: 'fsType is the filesystem type 7391 of the volume that you want to mount. Tip: 7392 Ensure that the filesystem type is supported 7393 by the host operating system. Examples: 7394 "ext4", "xfs", "ntfs". Implicitly inferred 7395 to be "ext4" if unspecified. More info: 7396 https://kubernetes.io/docs/concepts/storage/volumes#rbd 7397 TODO: how do we prevent errors in the filesystem 7398 from compromising the machine' 7399 type: string 7400 image: 7401 description: 'image is the rados image name. 7402 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7403 type: string 7404 keyring: 7405 description: 'keyring is the path to key ring 7406 for RBDUser. Default is /etc/ceph/keyring. 7407 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7408 type: string 7409 monitors: 7410 description: 'monitors is a collection of 7411 Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7412 items: 7413 type: string 7414 type: array 7415 pool: 7416 description: 'pool is the rados pool name. 7417 Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7418 type: string 7419 readOnly: 7420 description: 'readOnly here will force the 7421 ReadOnly setting in VolumeMounts. Defaults 7422 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7423 type: boolean 7424 secretRef: 7425 description: 'secretRef is name of the authentication 7426 secret for RBDUser. If provided overrides 7427 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7428 properties: 7429 name: 7430 description: 'Name of the referent. More 7431 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7432 TODO: Add other useful fields. apiVersion, 7433 kind, uid?' 7434 type: string 7435 type: object 7436 x-kubernetes-map-type: atomic 7437 user: 7438 description: 'user is the rados user name. 7439 Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7440 type: string 7441 required: 7442 - image 7443 - monitors 7444 type: object 7445 scaleIO: 7446 description: scaleIO represents a ScaleIO persistent 7447 volume attached and mounted on Kubernetes nodes. 7448 properties: 7449 fsType: 7450 description: fsType is the filesystem type 7451 to mount. Must be a filesystem type supported 7452 by the host operating system. Ex. "ext4", 7453 "xfs", "ntfs". Default is "xfs". 7454 type: string 7455 gateway: 7456 description: gateway is the host address of 7457 the ScaleIO API Gateway. 7458 type: string 7459 protectionDomain: 7460 description: protectionDomain is the name 7461 of the ScaleIO Protection Domain for the 7462 configured storage. 7463 type: string 7464 readOnly: 7465 description: readOnly Defaults to false (read/write). 7466 ReadOnly here will force the ReadOnly setting 7467 in VolumeMounts. 7468 type: boolean 7469 secretRef: 7470 description: secretRef references to the secret 7471 for ScaleIO user and other sensitive information. 7472 If this is not provided, Login operation 7473 will fail. 7474 properties: 7475 name: 7476 description: 'Name of the referent. More 7477 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7478 TODO: Add other useful fields. apiVersion, 7479 kind, uid?' 7480 type: string 7481 type: object 7482 x-kubernetes-map-type: atomic 7483 sslEnabled: 7484 description: sslEnabled Flag enable/disable 7485 SSL communication with Gateway, default 7486 false 7487 type: boolean 7488 storageMode: 7489 description: storageMode indicates whether 7490 the storage for a volume should be ThickProvisioned 7491 or ThinProvisioned. Default is ThinProvisioned. 7492 type: string 7493 storagePool: 7494 description: storagePool is the ScaleIO Storage 7495 Pool associated with the protection domain. 7496 type: string 7497 system: 7498 description: system is the name of the storage 7499 system as configured in ScaleIO. 7500 type: string 7501 volumeName: 7502 description: volumeName is the name of a volume 7503 already created in the ScaleIO system that 7504 is associated with this volume source. 7505 type: string 7506 required: 7507 - gateway 7508 - secretRef 7509 - system 7510 type: object 7511 secret: 7512 description: 'secret represents a secret that 7513 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 7514 properties: 7515 defaultMode: 7516 description: 'defaultMode is Optional: mode 7517 bits used to set permissions on created 7518 files by default. Must be an octal value 7519 between 0000 and 0777 or a decimal value 7520 between 0 and 511. YAML accepts both octal 7521 and decimal values, JSON requires decimal 7522 values for mode bits. Defaults to 0644. 7523 Directories within the path are not affected 7524 by this setting.' 7525 format: int32 7526 type: integer 7527 items: 7528 description: items If unspecified, each key-value 7529 pair in the Data field of the referenced 7530 Secret will be projected into the volume 7531 as a file whose name is the key and content 7532 is the value. If specified, the listed keys 7533 will be projected into the specified paths, 7534 and unlisted keys will not be present. 7535 items: 7536 description: Maps a string key to a path 7537 within a volume. 7538 properties: 7539 key: 7540 description: key is the key to project. 7541 type: string 7542 mode: 7543 description: 'mode is Optional: mode 7544 bits used to set permissions on this 7545 file. Must be an octal value between 7546 0000 and 0777 or a decimal value between 7547 0 and 511. YAML accepts both octal 7548 and decimal values, JSON requires 7549 decimal values for mode bits. If not 7550 specified, the volume defaultMode 7551 will be used.' 7552 format: int32 7553 type: integer 7554 path: 7555 description: path is the relative path 7556 of the file to map the key to. May 7557 not be an absolute path. May not contain 7558 the path element '..'. May not start 7559 with the string '..'. 7560 type: string 7561 required: 7562 - key 7563 - path 7564 type: object 7565 type: array 7566 optional: 7567 description: optional field specify whether 7568 the Secret or its keys must be defined 7569 type: boolean 7570 secretName: 7571 description: 'secretName is the name of the 7572 secret in the pod''s namespace to use. More 7573 info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 7574 type: string 7575 type: object 7576 storageos: 7577 description: storageOS represents a StorageOS 7578 volume attached and mounted on Kubernetes nodes. 7579 properties: 7580 fsType: 7581 description: fsType is the filesystem type 7582 to mount. Must be a filesystem type supported 7583 by the host operating system. Ex. "ext4", 7584 "xfs", "ntfs". Implicitly inferred to be 7585 "ext4" if unspecified. 7586 type: string 7587 readOnly: 7588 description: readOnly defaults to false (read/write). 7589 ReadOnly here will force the ReadOnly setting 7590 in VolumeMounts. 7591 type: boolean 7592 secretRef: 7593 description: secretRef specifies the secret 7594 to use for obtaining the StorageOS API credentials. If 7595 not specified, default values will be attempted. 7596 properties: 7597 name: 7598 description: 'Name of the referent. More 7599 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7600 TODO: Add other useful fields. apiVersion, 7601 kind, uid?' 7602 type: string 7603 type: object 7604 x-kubernetes-map-type: atomic 7605 volumeName: 7606 description: volumeName is the human-readable 7607 name of the StorageOS volume. Volume names 7608 are only unique within a namespace. 7609 type: string 7610 volumeNamespace: 7611 description: volumeNamespace specifies the 7612 scope of the volume within StorageOS. If 7613 no namespace is specified then the Pod's 7614 namespace will be used. This allows the 7615 Kubernetes name scoping to be mirrored within 7616 StorageOS for tighter integration. Set VolumeName 7617 to any name to override the default behaviour. 7618 Set to "default" if you are not using namespaces 7619 within StorageOS. 7620 type: string 7621 type: object 7622 vsphereVolume: 7623 description: vsphereVolume represents a vSphere 7624 volume attached and mounted on kubelets host 7625 machine 7626 properties: 7627 fsType: 7628 description: fsType is filesystem type to 7629 mount. Must be a filesystem type supported 7630 by the host operating system. Ex. "ext4", 7631 "xfs", "ntfs". Implicitly inferred to be 7632 "ext4" if unspecified. 7633 type: string 7634 storagePolicyID: 7635 description: storagePolicyID is the storage 7636 Policy Based Management (SPBM) profile ID 7637 associated with the StoragePolicyName. 7638 type: string 7639 storagePolicyName: 7640 description: storagePolicyName is the storage 7641 Policy Based Management (SPBM) profile name. 7642 type: string 7643 volumePath: 7644 description: volumePath is the path that identifies 7645 vSphere volume vmdk 7646 type: string 7647 required: 7648 - volumePath 7649 type: object 7650 required: 7651 - name 7652 type: object 7653 type: array 7654 required: 7655 - containers 7656 type: object 7657 type: object 7658 type: object 7659 description: '`MPIReplicaSpecs` contains maps from `MPIReplicaType` 7660 to `ReplicaSpec` that specify the MPI replicas to run.' 7661 type: object 7662 runPolicy: 7663 description: '`RunPolicy` encapsulates various runtime policies of 7664 the distributed training job, for example how to clean up resources 7665 and how long the job can stay active.' 7666 properties: 7667 activeDeadlineSeconds: 7668 description: Specifies the duration in seconds relative to the 7669 startTime that the job may be active before the system tries 7670 to terminate it; value must be positive integer. 7671 format: int64 7672 type: integer 7673 backoffLimit: 7674 description: Optional number of retries before marking this job 7675 failed. 7676 format: int32 7677 type: integer 7678 cleanPodPolicy: 7679 description: CleanPodPolicy defines the policy to kill pods after 7680 the job completes. Default to None. 7681 type: string 7682 schedulingPolicy: 7683 description: SchedulingPolicy defines the policy related to scheduling, 7684 e.g. gang-scheduling 7685 properties: 7686 minAvailable: 7687 format: int32 7688 type: integer 7689 minResources: 7690 additionalProperties: 7691 anyOf: 7692 - type: integer 7693 - type: string 7694 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7695 x-kubernetes-int-or-string: true 7696 type: object 7697 priorityClass: 7698 type: string 7699 queue: 7700 type: string 7701 scheduleTimeoutSeconds: 7702 format: int32 7703 type: integer 7704 type: object 7705 suspend: 7706 default: false 7707 description: suspend specifies whether the Job controller should 7708 create Pods or not. If a Job is created with suspend set to 7709 true, no Pods are created by the Job controller. If a Job is 7710 suspended after creation (i.e. the flag goes from false to true), 7711 the Job controller will delete all active Pods and PodGroups 7712 associated with this Job. Users must design their workload to 7713 gracefully handle this. 7714 type: boolean 7715 ttlSecondsAfterFinished: 7716 description: TTLSecondsAfterFinished is the TTL to clean up jobs. 7717 It may take extra ReconcilePeriod seconds for the cleanup, since 7718 reconcile gets called periodically. Default to infinite. 7719 format: int32 7720 type: integer 7721 type: object 7722 slotsPerWorker: 7723 description: Specifies the number of slots per worker used in hostfile. 7724 Defaults to 1. 7725 format: int32 7726 type: integer 7727 required: 7728 - mpiReplicaSpecs 7729 type: object 7730 status: 7731 description: JobStatus represents the current observed state of the training 7732 Job. 7733 properties: 7734 completionTime: 7735 description: Represents time when the job was completed. It is not 7736 guaranteed to be set in happens-before order across separate operations. 7737 It is represented in RFC3339 form and is in UTC. 7738 format: date-time 7739 type: string 7740 conditions: 7741 description: Conditions is an array of current observed job conditions. 7742 items: 7743 description: JobCondition describes the state of the job at a certain 7744 point. 7745 properties: 7746 lastTransitionTime: 7747 description: Last time the condition transitioned from one status 7748 to another. 7749 format: date-time 7750 type: string 7751 lastUpdateTime: 7752 description: The last time this condition was updated. 7753 format: date-time 7754 type: string 7755 message: 7756 description: A human readable message indicating details about 7757 the transition. 7758 type: string 7759 reason: 7760 description: The reason for the condition's last transition. 7761 type: string 7762 status: 7763 description: Status of the condition, one of True, False, Unknown. 7764 type: string 7765 type: 7766 description: Type of job condition. 7767 type: string 7768 required: 7769 - status 7770 - type 7771 type: object 7772 type: array 7773 lastReconcileTime: 7774 description: Represents last time when the job was reconciled. It 7775 is not guaranteed to be set in happens-before order across separate 7776 operations. It is represented in RFC3339 form and is in UTC. 7777 format: date-time 7778 type: string 7779 replicaStatuses: 7780 additionalProperties: 7781 description: ReplicaStatus represents the current observed state 7782 of the replica. 7783 properties: 7784 active: 7785 description: The number of actively running pods. 7786 format: int32 7787 type: integer 7788 failed: 7789 description: The number of pods which reached phase Failed. 7790 format: int32 7791 type: integer 7792 labelSelector: 7793 description: 'Deprecated: Use Selector instead' 7794 properties: 7795 matchExpressions: 7796 description: matchExpressions is a list of label selector 7797 requirements. The requirements are ANDed. 7798 items: 7799 description: A label selector requirement is a selector 7800 that contains values, a key, and an operator that relates 7801 the key and values. 7802 properties: 7803 key: 7804 description: key is the label key that the selector 7805 applies to. 7806 type: string 7807 operator: 7808 description: operator represents a key's relationship 7809 to a set of values. Valid operators are In, NotIn, 7810 Exists and DoesNotExist. 7811 type: string 7812 values: 7813 description: values is an array of string values. 7814 If the operator is In or NotIn, the values array 7815 must be non-empty. If the operator is Exists or 7816 DoesNotExist, the values array must be empty. This 7817 array is replaced during a strategic merge patch. 7818 items: 7819 type: string 7820 type: array 7821 required: 7822 - key 7823 - operator 7824 type: object 7825 type: array 7826 matchLabels: 7827 additionalProperties: 7828 type: string 7829 description: matchLabels is a map of {key,value} pairs. 7830 A single {key,value} in the matchLabels map is equivalent 7831 to an element of matchExpressions, whose key field is 7832 "key", the operator is "In", and the values array contains 7833 only "value". The requirements are ANDed. 7834 type: object 7835 type: object 7836 x-kubernetes-map-type: atomic 7837 selector: 7838 description: A Selector is a label query over a set of resources. 7839 The result of matchLabels and matchExpressions are ANDed. 7840 An empty Selector matches all objects. A null Selector matches 7841 no objects. 7842 type: string 7843 succeeded: 7844 description: The number of pods which reached phase Succeeded. 7845 format: int32 7846 type: integer 7847 type: object 7848 description: ReplicaStatuses is map of ReplicaType and ReplicaStatus, 7849 specifies the status of each replica. 7850 type: object 7851 startTime: 7852 description: Represents time when the job was acknowledged by the 7853 job controller. It is not guaranteed to be set in happens-before 7854 order across separate operations. It is represented in RFC3339 form 7855 and is in UTC. 7856 format: date-time 7857 type: string 7858 type: object 7859 type: object 7860 served: true 7861 storage: true 7862 subresources: 7863 status: {}