github.com/kubeflow/training-operator@v1.7.0/manifests/base/crds/kubeflow.org_mxjobs.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.12.0 7 name: mxjobs.kubeflow.org 8 spec: 9 group: kubeflow.org 10 names: 11 kind: MXJob 12 listKind: MXJobList 13 plural: mxjobs 14 singular: mxjob 15 scope: Namespaced 16 versions: 17 - additionalPrinterColumns: 18 - jsonPath: .status.conditions[-1:].type 19 name: State 20 type: string 21 - jsonPath: .metadata.creationTimestamp 22 name: Age 23 type: date 24 name: v1 25 schema: 26 openAPIV3Schema: 27 description: MXJob is the Schema for the mxjobs API 28 properties: 29 apiVersion: 30 description: 'APIVersion defines the versioned schema of this representation 31 of an object. Servers should convert recognized schemas to the latest 32 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 33 type: string 34 kind: 35 description: 'Kind is a string value representing the REST resource this 36 object represents. Servers may infer this from the endpoint the client 37 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 38 type: string 39 metadata: 40 type: object 41 spec: 42 description: MXJobSpec defines the desired state of MXJob 43 properties: 44 jobMode: 45 description: JobMode specify the kind of MXjob to do. Different mode 46 may have different MXReplicaSpecs request 47 type: string 48 mxReplicaSpecs: 49 additionalProperties: 50 description: ReplicaSpec is a description of the replica 51 properties: 52 replicas: 53 description: Replicas is the desired number of replicas of the 54 given template. If unspecified, defaults to 1. 55 format: int32 56 type: integer 57 restartPolicy: 58 description: Restart policy for all replicas within the job. 59 One of Always, OnFailure, Never and ExitCode. Default to Never. 60 type: string 61 template: 62 description: Template is the object that describes the pod that 63 will be created for this replica. RestartPolicy in PodTemplateSpec 64 will be overide by RestartPolicy in ReplicaSpec 65 properties: 66 metadata: 67 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 68 properties: 69 annotations: 70 additionalProperties: 71 type: string 72 type: object 73 finalizers: 74 items: 75 type: string 76 type: array 77 labels: 78 additionalProperties: 79 type: string 80 type: object 81 name: 82 type: string 83 namespace: 84 type: string 85 type: object 86 spec: 87 description: 'Specification of the desired behavior of the 88 pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 89 properties: 90 activeDeadlineSeconds: 91 description: Optional duration in seconds the pod may 92 be active on the node relative to StartTime before 93 the system will actively try to mark it failed and 94 kill associated containers. Value must be a positive 95 integer. 96 format: int64 97 type: integer 98 affinity: 99 description: If specified, the pod's scheduling constraints 100 properties: 101 nodeAffinity: 102 description: Describes node affinity scheduling 103 rules for the pod. 104 properties: 105 preferredDuringSchedulingIgnoredDuringExecution: 106 description: The scheduler will prefer to schedule 107 pods to nodes that satisfy the affinity expressions 108 specified by this field, but it may choose 109 a node that violates one or more of the expressions. 110 The node that is most preferred is the one 111 with the greatest sum of weights, i.e. for 112 each node that meets all of the scheduling 113 requirements (resource request, requiredDuringScheduling 114 affinity expressions, etc. 115 items: 116 description: An empty preferred scheduling 117 term matches all objects with implicit weight 118 0 (i.e. it's a no-op). A null preferred 119 scheduling term matches no objects (i.e. 120 is also a no-op). 121 properties: 122 preference: 123 description: A node selector term, associated 124 with the corresponding weight. 125 properties: 126 matchExpressions: 127 description: A list of node selector 128 requirements by node's labels. 129 items: 130 description: A node selector requirement 131 is a selector that contains values, 132 a key, and an operator that relates 133 the key and values. 134 properties: 135 key: 136 description: The label key that 137 the selector applies to. 138 type: string 139 operator: 140 description: Represents a key's 141 relationship to a set of values. 142 Valid operators are In, NotIn, 143 Exists, DoesNotExist. Gt, 144 and Lt. 145 type: string 146 values: 147 description: An array of string 148 values. If the operator is 149 In or NotIn, the values array 150 must be non-empty. If the 151 operator is Exists or DoesNotExist, 152 the values array must be empty. 153 If the operator is Gt or Lt, 154 the values array must have 155 a single element, which will 156 be interpreted as an integer. 157 This array is replaced during 158 a strategic merge patch. 159 items: 160 type: string 161 type: array 162 required: 163 - key 164 - operator 165 type: object 166 type: array 167 matchFields: 168 description: A list of node selector 169 requirements by node's fields. 170 items: 171 description: A node selector requirement 172 is a selector that contains values, 173 a key, and an operator that relates 174 the key and values. 175 properties: 176 key: 177 description: The label key that 178 the selector applies to. 179 type: string 180 operator: 181 description: Represents a key's 182 relationship to a set of values. 183 Valid operators are In, NotIn, 184 Exists, DoesNotExist. Gt, 185 and Lt. 186 type: string 187 values: 188 description: An array of string 189 values. If the operator is 190 In or NotIn, the values array 191 must be non-empty. If the 192 operator is Exists or DoesNotExist, 193 the values array must be empty. 194 If the operator is Gt or Lt, 195 the values array must have 196 a single element, which will 197 be interpreted as an integer. 198 This array is replaced during 199 a strategic merge patch. 200 items: 201 type: string 202 type: array 203 required: 204 - key 205 - operator 206 type: object 207 type: array 208 type: object 209 x-kubernetes-map-type: atomic 210 weight: 211 description: Weight associated with matching 212 the corresponding nodeSelectorTerm, 213 in the range 1-100. 214 format: int32 215 type: integer 216 required: 217 - preference 218 - weight 219 type: object 220 type: array 221 requiredDuringSchedulingIgnoredDuringExecution: 222 description: If the affinity requirements specified 223 by this field are not met at scheduling time, 224 the pod will not be scheduled onto the node. 225 If the affinity requirements specified by 226 this field cease to be met at some point during 227 pod execution (e.g. due to an update), the 228 system may or may not try to eventually evict 229 the pod from its node. 230 properties: 231 nodeSelectorTerms: 232 description: Required. A list of node selector 233 terms. The terms are ORed. 234 items: 235 description: A null or empty node selector 236 term matches no objects. The requirements 237 of them are ANDed. The TopologySelectorTerm 238 type implements a subset of the NodeSelectorTerm. 239 properties: 240 matchExpressions: 241 description: A list of node selector 242 requirements by node's labels. 243 items: 244 description: A node selector requirement 245 is a selector that contains values, 246 a key, and an operator that relates 247 the key and values. 248 properties: 249 key: 250 description: The label key that 251 the selector applies to. 252 type: string 253 operator: 254 description: Represents a key's 255 relationship to a set of values. 256 Valid operators are In, NotIn, 257 Exists, DoesNotExist. Gt, 258 and Lt. 259 type: string 260 values: 261 description: An array of string 262 values. If the operator is 263 In or NotIn, the values array 264 must be non-empty. If the 265 operator is Exists or DoesNotExist, 266 the values array must be empty. 267 If the operator is Gt or Lt, 268 the values array must have 269 a single element, which will 270 be interpreted as an integer. 271 This array is replaced during 272 a strategic merge patch. 273 items: 274 type: string 275 type: array 276 required: 277 - key 278 - operator 279 type: object 280 type: array 281 matchFields: 282 description: A list of node selector 283 requirements by node's fields. 284 items: 285 description: A node selector requirement 286 is a selector that contains values, 287 a key, and an operator that relates 288 the key and values. 289 properties: 290 key: 291 description: The label key that 292 the selector applies to. 293 type: string 294 operator: 295 description: Represents a key's 296 relationship to a set of values. 297 Valid operators are In, NotIn, 298 Exists, DoesNotExist. Gt, 299 and Lt. 300 type: string 301 values: 302 description: An array of string 303 values. If the operator is 304 In or NotIn, the values array 305 must be non-empty. If the 306 operator is Exists or DoesNotExist, 307 the values array must be empty. 308 If the operator is Gt or Lt, 309 the values array must have 310 a single element, which will 311 be interpreted as an integer. 312 This array is replaced during 313 a strategic merge patch. 314 items: 315 type: string 316 type: array 317 required: 318 - key 319 - operator 320 type: object 321 type: array 322 type: object 323 x-kubernetes-map-type: atomic 324 type: array 325 required: 326 - nodeSelectorTerms 327 type: object 328 x-kubernetes-map-type: atomic 329 type: object 330 podAffinity: 331 description: Describes pod affinity scheduling rules 332 (e.g. co-locate this pod in the same node, zone, 333 etc. as some other pod(s)). 334 properties: 335 preferredDuringSchedulingIgnoredDuringExecution: 336 description: The scheduler will prefer to schedule 337 pods to nodes that satisfy the affinity expressions 338 specified by this field, but it may choose 339 a node that violates one or more of the expressions. 340 The node that is most preferred is the one 341 with the greatest sum of weights, i.e. for 342 each node that meets all of the scheduling 343 requirements (resource request, requiredDuringScheduling 344 affinity expressions, etc. 345 items: 346 description: The weights of all of the matched 347 WeightedPodAffinityTerm fields are added 348 per-node to find the most preferred node(s) 349 properties: 350 podAffinityTerm: 351 description: Required. A pod affinity 352 term, associated with the corresponding 353 weight. 354 properties: 355 labelSelector: 356 description: A label query over a 357 set of resources, in this case pods. 358 properties: 359 matchExpressions: 360 description: matchExpressions 361 is a list of label selector 362 requirements. The requirements 363 are ANDed. 364 items: 365 description: A label selector 366 requirement is a selector 367 that contains values, a key, 368 and an operator that relates 369 the key and values. 370 properties: 371 key: 372 description: key is the 373 label key that the selector 374 applies to. 375 type: string 376 operator: 377 description: operator represents 378 a key's relationship to 379 a set of values. Valid 380 operators are In, NotIn, 381 Exists and DoesNotExist. 382 type: string 383 values: 384 description: values is an 385 array of string values. 386 If the operator is In 387 or NotIn, the values array 388 must be non-empty. If 389 the operator is Exists 390 or DoesNotExist, the values 391 array must be empty. This 392 array is replaced during 393 a strategic merge patch. 394 items: 395 type: string 396 type: array 397 required: 398 - key 399 - operator 400 type: object 401 type: array 402 matchLabels: 403 additionalProperties: 404 type: string 405 description: matchLabels is a 406 map of {key,value} pairs. A 407 single {key,value} in the matchLabels 408 map is equivalent to an element 409 of matchExpressions, whose key 410 field is "key", the operator 411 is "In", and the values array 412 contains only "value". The requirements 413 are ANDed. 414 type: object 415 type: object 416 x-kubernetes-map-type: atomic 417 namespaceSelector: 418 description: A label query over the 419 set of namespaces that the term 420 applies to. The term is applied 421 to the union of the namespaces selected 422 by this field and the ones listed 423 in the namespaces field. null selector 424 and null or empty namespaces list 425 means "this pod's namespace". An 426 empty selector ({}) matches all 427 namespaces. 428 properties: 429 matchExpressions: 430 description: matchExpressions 431 is a list of label selector 432 requirements. The requirements 433 are ANDed. 434 items: 435 description: A label selector 436 requirement is a selector 437 that contains values, a key, 438 and an operator that relates 439 the key and values. 440 properties: 441 key: 442 description: key is the 443 label key that the selector 444 applies to. 445 type: string 446 operator: 447 description: operator represents 448 a key's relationship to 449 a set of values. Valid 450 operators are In, NotIn, 451 Exists and DoesNotExist. 452 type: string 453 values: 454 description: values is an 455 array of string values. 456 If the operator is In 457 or NotIn, the values array 458 must be non-empty. If 459 the operator is Exists 460 or DoesNotExist, the values 461 array must be empty. This 462 array is replaced during 463 a strategic merge patch. 464 items: 465 type: string 466 type: array 467 required: 468 - key 469 - operator 470 type: object 471 type: array 472 matchLabels: 473 additionalProperties: 474 type: string 475 description: matchLabels is a 476 map of {key,value} pairs. A 477 single {key,value} in the matchLabels 478 map is equivalent to an element 479 of matchExpressions, whose key 480 field is "key", the operator 481 is "In", and the values array 482 contains only "value". The requirements 483 are ANDed. 484 type: object 485 type: object 486 x-kubernetes-map-type: atomic 487 namespaces: 488 description: namespaces specifies 489 a static list of namespace names 490 that the term applies to. The term 491 is applied to the union of the namespaces 492 listed in this field and the ones 493 selected by namespaceSelector. null 494 or empty namespaces list and null 495 namespaceSelector means "this pod's 496 namespace". 497 items: 498 type: string 499 type: array 500 topologyKey: 501 description: This pod should be co-located 502 (affinity) or not co-located (anti-affinity) 503 with the pods matching the labelSelector 504 in the specified namespaces, where 505 co-located is defined as running 506 on a node whose value of the label 507 with key topologyKey matches that 508 of any node on which any of the 509 selected pods is running. Empty 510 topologyKey is not allowed. 511 type: string 512 required: 513 - topologyKey 514 type: object 515 weight: 516 description: weight associated with matching 517 the corresponding podAffinityTerm, in 518 the range 1-100. 519 format: int32 520 type: integer 521 required: 522 - podAffinityTerm 523 - weight 524 type: object 525 type: array 526 requiredDuringSchedulingIgnoredDuringExecution: 527 description: If the affinity requirements specified 528 by this field are not met at scheduling time, 529 the pod will not be scheduled onto the node. 530 If the affinity requirements specified by 531 this field cease to be met at some point during 532 pod execution (e.g. due to a pod label update), 533 the system may or may not try to eventually 534 evict the pod from its node. 535 items: 536 description: Defines a set of pods (namely 537 those matching the labelSelector relative 538 to the given namespace(s)) that this pod 539 should be co-located (affinity) or not co-located 540 (anti-affinity) with, where co-located is 541 defined as running on a node whose value 542 of the label with key <topologyKey> matches 543 that of any node on which a pod of the set 544 of pods is running 545 properties: 546 labelSelector: 547 description: A label query over a set 548 of resources, in this case pods. 549 properties: 550 matchExpressions: 551 description: matchExpressions is a 552 list of label selector requirements. 553 The requirements are ANDed. 554 items: 555 description: A label selector requirement 556 is a selector that contains values, 557 a key, and an operator that relates 558 the key and values. 559 properties: 560 key: 561 description: key is the label 562 key that the selector applies 563 to. 564 type: string 565 operator: 566 description: operator represents 567 a key's relationship to a 568 set of values. Valid operators 569 are In, NotIn, Exists and 570 DoesNotExist. 571 type: string 572 values: 573 description: values is an array 574 of string values. If the operator 575 is In or NotIn, the values 576 array must be non-empty. If 577 the operator is Exists or 578 DoesNotExist, the values array 579 must be empty. This array 580 is replaced during a strategic 581 merge patch. 582 items: 583 type: string 584 type: array 585 required: 586 - key 587 - operator 588 type: object 589 type: array 590 matchLabels: 591 additionalProperties: 592 type: string 593 description: matchLabels is a map 594 of {key,value} pairs. A single {key,value} 595 in the matchLabels map is equivalent 596 to an element of matchExpressions, 597 whose key field is "key", the operator 598 is "In", and the values array contains 599 only "value". The requirements are 600 ANDed. 601 type: object 602 type: object 603 x-kubernetes-map-type: atomic 604 namespaceSelector: 605 description: A label query over the set 606 of namespaces that the term applies 607 to. The term is applied to the union 608 of the namespaces selected by this field 609 and the ones listed in the namespaces 610 field. null selector and null or empty 611 namespaces list means "this pod's namespace". 612 An empty selector ({}) matches all namespaces. 613 properties: 614 matchExpressions: 615 description: matchExpressions is a 616 list of label selector requirements. 617 The requirements are ANDed. 618 items: 619 description: A label selector requirement 620 is a selector that contains values, 621 a key, and an operator that relates 622 the key and values. 623 properties: 624 key: 625 description: key is the label 626 key that the selector applies 627 to. 628 type: string 629 operator: 630 description: operator represents 631 a key's relationship to a 632 set of values. Valid operators 633 are In, NotIn, Exists and 634 DoesNotExist. 635 type: string 636 values: 637 description: values is an array 638 of string values. If the operator 639 is In or NotIn, the values 640 array must be non-empty. If 641 the operator is Exists or 642 DoesNotExist, the values array 643 must be empty. This array 644 is replaced during a strategic 645 merge patch. 646 items: 647 type: string 648 type: array 649 required: 650 - key 651 - operator 652 type: object 653 type: array 654 matchLabels: 655 additionalProperties: 656 type: string 657 description: matchLabels is a map 658 of {key,value} pairs. A single {key,value} 659 in the matchLabels map is equivalent 660 to an element of matchExpressions, 661 whose key field is "key", the operator 662 is "In", and the values array contains 663 only "value". The requirements are 664 ANDed. 665 type: object 666 type: object 667 x-kubernetes-map-type: atomic 668 namespaces: 669 description: namespaces specifies a static 670 list of namespace names that the term 671 applies to. The term is applied to the 672 union of the namespaces listed in this 673 field and the ones selected by namespaceSelector. 674 null or empty namespaces list and null 675 namespaceSelector means "this pod's 676 namespace". 677 items: 678 type: string 679 type: array 680 topologyKey: 681 description: This pod should be co-located 682 (affinity) or not co-located (anti-affinity) 683 with the pods matching the labelSelector 684 in the specified namespaces, where co-located 685 is defined as running on a node whose 686 value of the label with key topologyKey 687 matches that of any node on which any 688 of the selected pods is running. Empty 689 topologyKey is not allowed. 690 type: string 691 required: 692 - topologyKey 693 type: object 694 type: array 695 type: object 696 podAntiAffinity: 697 description: Describes pod anti-affinity scheduling 698 rules (e.g. avoid putting this pod in the same 699 node, zone, etc. as some other pod(s)). 700 properties: 701 preferredDuringSchedulingIgnoredDuringExecution: 702 description: The scheduler will prefer to schedule 703 pods to nodes that satisfy the anti-affinity 704 expressions specified by this field, but it 705 may choose a node that violates one or more 706 of the expressions. The node that is most 707 preferred is the one with the greatest sum 708 of weights, i.e. 709 items: 710 description: The weights of all of the matched 711 WeightedPodAffinityTerm fields are added 712 per-node to find the most preferred node(s) 713 properties: 714 podAffinityTerm: 715 description: Required. A pod affinity 716 term, associated with the corresponding 717 weight. 718 properties: 719 labelSelector: 720 description: A label query over a 721 set of resources, in this case pods. 722 properties: 723 matchExpressions: 724 description: matchExpressions 725 is a list of label selector 726 requirements. The requirements 727 are ANDed. 728 items: 729 description: A label selector 730 requirement is a selector 731 that contains values, a key, 732 and an operator that relates 733 the key and values. 734 properties: 735 key: 736 description: key is the 737 label key that the selector 738 applies to. 739 type: string 740 operator: 741 description: operator represents 742 a key's relationship to 743 a set of values. Valid 744 operators are In, NotIn, 745 Exists and DoesNotExist. 746 type: string 747 values: 748 description: values is an 749 array of string values. 750 If the operator is In 751 or NotIn, the values array 752 must be non-empty. If 753 the operator is Exists 754 or DoesNotExist, the values 755 array must be empty. This 756 array is replaced during 757 a strategic merge patch. 758 items: 759 type: string 760 type: array 761 required: 762 - key 763 - operator 764 type: object 765 type: array 766 matchLabels: 767 additionalProperties: 768 type: string 769 description: matchLabels is a 770 map of {key,value} pairs. A 771 single {key,value} in the matchLabels 772 map is equivalent to an element 773 of matchExpressions, whose key 774 field is "key", the operator 775 is "In", and the values array 776 contains only "value". The requirements 777 are ANDed. 778 type: object 779 type: object 780 x-kubernetes-map-type: atomic 781 namespaceSelector: 782 description: A label query over the 783 set of namespaces that the term 784 applies to. The term is applied 785 to the union of the namespaces selected 786 by this field and the ones listed 787 in the namespaces field. null selector 788 and null or empty namespaces list 789 means "this pod's namespace". An 790 empty selector ({}) matches all 791 namespaces. 792 properties: 793 matchExpressions: 794 description: matchExpressions 795 is a list of label selector 796 requirements. The requirements 797 are ANDed. 798 items: 799 description: A label selector 800 requirement is a selector 801 that contains values, a key, 802 and an operator that relates 803 the key and values. 804 properties: 805 key: 806 description: key is the 807 label key that the selector 808 applies to. 809 type: string 810 operator: 811 description: operator represents 812 a key's relationship to 813 a set of values. Valid 814 operators are In, NotIn, 815 Exists and DoesNotExist. 816 type: string 817 values: 818 description: values is an 819 array of string values. 820 If the operator is In 821 or NotIn, the values array 822 must be non-empty. If 823 the operator is Exists 824 or DoesNotExist, the values 825 array must be empty. This 826 array is replaced during 827 a strategic merge patch. 828 items: 829 type: string 830 type: array 831 required: 832 - key 833 - operator 834 type: object 835 type: array 836 matchLabels: 837 additionalProperties: 838 type: string 839 description: matchLabels is a 840 map of {key,value} pairs. A 841 single {key,value} in the matchLabels 842 map is equivalent to an element 843 of matchExpressions, whose key 844 field is "key", the operator 845 is "In", and the values array 846 contains only "value". The requirements 847 are ANDed. 848 type: object 849 type: object 850 x-kubernetes-map-type: atomic 851 namespaces: 852 description: namespaces specifies 853 a static list of namespace names 854 that the term applies to. The term 855 is applied to the union of the namespaces 856 listed in this field and the ones 857 selected by namespaceSelector. null 858 or empty namespaces list and null 859 namespaceSelector means "this pod's 860 namespace". 861 items: 862 type: string 863 type: array 864 topologyKey: 865 description: This pod should be co-located 866 (affinity) or not co-located (anti-affinity) 867 with the pods matching the labelSelector 868 in the specified namespaces, where 869 co-located is defined as running 870 on a node whose value of the label 871 with key topologyKey matches that 872 of any node on which any of the 873 selected pods is running. Empty 874 topologyKey is not allowed. 875 type: string 876 required: 877 - topologyKey 878 type: object 879 weight: 880 description: weight associated with matching 881 the corresponding podAffinityTerm, in 882 the range 1-100. 883 format: int32 884 type: integer 885 required: 886 - podAffinityTerm 887 - weight 888 type: object 889 type: array 890 requiredDuringSchedulingIgnoredDuringExecution: 891 description: If the anti-affinity requirements 892 specified by this field are not met at scheduling 893 time, the pod will not be scheduled onto the 894 node. If the anti-affinity requirements specified 895 by this field cease to be met at some point 896 during pod execution (e.g. due to a pod label 897 update), the system may or may not try to 898 eventually evict the pod from its node. 899 items: 900 description: Defines a set of pods (namely 901 those matching the labelSelector relative 902 to the given namespace(s)) that this pod 903 should be co-located (affinity) or not co-located 904 (anti-affinity) with, where co-located is 905 defined as running on a node whose value 906 of the label with key <topologyKey> matches 907 that of any node on which a pod of the set 908 of pods is running 909 properties: 910 labelSelector: 911 description: A label query over a set 912 of resources, in this case pods. 913 properties: 914 matchExpressions: 915 description: matchExpressions is a 916 list of label selector requirements. 917 The requirements are ANDed. 918 items: 919 description: A label selector requirement 920 is a selector that contains values, 921 a key, and an operator that relates 922 the key and values. 923 properties: 924 key: 925 description: key is the label 926 key that the selector applies 927 to. 928 type: string 929 operator: 930 description: operator represents 931 a key's relationship to a 932 set of values. Valid operators 933 are In, NotIn, Exists and 934 DoesNotExist. 935 type: string 936 values: 937 description: values is an array 938 of string values. If the operator 939 is In or NotIn, the values 940 array must be non-empty. If 941 the operator is Exists or 942 DoesNotExist, the values array 943 must be empty. This array 944 is replaced during a strategic 945 merge patch. 946 items: 947 type: string 948 type: array 949 required: 950 - key 951 - operator 952 type: object 953 type: array 954 matchLabels: 955 additionalProperties: 956 type: string 957 description: matchLabels is a map 958 of {key,value} pairs. A single {key,value} 959 in the matchLabels map is equivalent 960 to an element of matchExpressions, 961 whose key field is "key", the operator 962 is "In", and the values array contains 963 only "value". The requirements are 964 ANDed. 965 type: object 966 type: object 967 x-kubernetes-map-type: atomic 968 namespaceSelector: 969 description: A label query over the set 970 of namespaces that the term applies 971 to. The term is applied to the union 972 of the namespaces selected by this field 973 and the ones listed in the namespaces 974 field. null selector and null or empty 975 namespaces list means "this pod's namespace". 976 An empty selector ({}) matches all namespaces. 977 properties: 978 matchExpressions: 979 description: matchExpressions is a 980 list of label selector requirements. 981 The requirements are ANDed. 982 items: 983 description: A label selector requirement 984 is a selector that contains values, 985 a key, and an operator that relates 986 the key and values. 987 properties: 988 key: 989 description: key is the label 990 key that the selector applies 991 to. 992 type: string 993 operator: 994 description: operator represents 995 a key's relationship to a 996 set of values. Valid operators 997 are In, NotIn, Exists and 998 DoesNotExist. 999 type: string 1000 values: 1001 description: values is an array 1002 of string values. If the operator 1003 is In or NotIn, the values 1004 array must be non-empty. If 1005 the operator is Exists or 1006 DoesNotExist, the values array 1007 must be empty. This array 1008 is replaced during a strategic 1009 merge patch. 1010 items: 1011 type: string 1012 type: array 1013 required: 1014 - key 1015 - operator 1016 type: object 1017 type: array 1018 matchLabels: 1019 additionalProperties: 1020 type: string 1021 description: matchLabels is a map 1022 of {key,value} pairs. A single {key,value} 1023 in the matchLabels map is equivalent 1024 to an element of matchExpressions, 1025 whose key field is "key", the operator 1026 is "In", and the values array contains 1027 only "value". The requirements are 1028 ANDed. 1029 type: object 1030 type: object 1031 x-kubernetes-map-type: atomic 1032 namespaces: 1033 description: namespaces specifies a static 1034 list of namespace names that the term 1035 applies to. The term is applied to the 1036 union of the namespaces listed in this 1037 field and the ones selected by namespaceSelector. 1038 null or empty namespaces list and null 1039 namespaceSelector means "this pod's 1040 namespace". 1041 items: 1042 type: string 1043 type: array 1044 topologyKey: 1045 description: This pod should be co-located 1046 (affinity) or not co-located (anti-affinity) 1047 with the pods matching the labelSelector 1048 in the specified namespaces, where co-located 1049 is defined as running on a node whose 1050 value of the label with key topologyKey 1051 matches that of any node on which any 1052 of the selected pods is running. Empty 1053 topologyKey is not allowed. 1054 type: string 1055 required: 1056 - topologyKey 1057 type: object 1058 type: array 1059 type: object 1060 type: object 1061 automountServiceAccountToken: 1062 description: AutomountServiceAccountToken indicates 1063 whether a service account token should be automatically 1064 mounted. 1065 type: boolean 1066 containers: 1067 description: List of containers belonging to the pod. 1068 Containers cannot currently be added or removed. There 1069 must be at least one container in a Pod. Cannot be 1070 updated. 1071 items: 1072 description: A single application container that you 1073 want to run within a pod. 1074 properties: 1075 args: 1076 description: 'Arguments to the entrypoint. The 1077 container image''s CMD is used if this is not 1078 provided. Variable references $(VAR_NAME) are 1079 expanded using the container''s environment. 1080 If a variable cannot be resolved, the reference 1081 in the input string will be unchanged. Double 1082 $$ are reduced to a single $, which allows for 1083 escaping the $(VAR_NAME) syntax: i.e.' 1084 items: 1085 type: string 1086 type: array 1087 command: 1088 description: 'Entrypoint array. Not executed within 1089 a shell. The container image''s ENTRYPOINT is 1090 used if this is not provided. Variable references 1091 $(VAR_NAME) are expanded using the container''s 1092 environment. If a variable cannot be resolved, 1093 the reference in the input string will be unchanged. 1094 Double $$ are reduced to a single $, which allows 1095 for escaping the $(VAR_NAME) syntax: i.e.' 1096 items: 1097 type: string 1098 type: array 1099 env: 1100 description: List of environment variables to 1101 set in the container. Cannot be updated. 1102 items: 1103 description: EnvVar represents an environment 1104 variable present in a Container. 1105 properties: 1106 name: 1107 description: Name of the environment variable. 1108 Must be a C_IDENTIFIER. 1109 type: string 1110 value: 1111 description: 'Variable references $(VAR_NAME) 1112 are expanded using the previously defined 1113 environment variables in the container 1114 and any service environment variables. 1115 If a variable cannot be resolved, the 1116 reference in the input string will be 1117 unchanged. Double $$ are reduced to a 1118 single $, which allows for escaping the 1119 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1120 will produce the string literal "$(VAR_NAME)".' 1121 type: string 1122 valueFrom: 1123 description: Source for the environment 1124 variable's value. Cannot be used if value 1125 is not empty. 1126 properties: 1127 configMapKeyRef: 1128 description: Selects a key of a ConfigMap. 1129 properties: 1130 key: 1131 description: The key to select. 1132 type: string 1133 name: 1134 description: 'Name of the referent. 1135 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1136 TODO: Add other useful fields. 1137 apiVersion, kind, uid?' 1138 type: string 1139 optional: 1140 description: Specify whether the 1141 ConfigMap or its key must be defined 1142 type: boolean 1143 required: 1144 - key 1145 type: object 1146 x-kubernetes-map-type: atomic 1147 fieldRef: 1148 description: 'Selects a field of the 1149 pod: supports metadata.name, metadata.namespace, 1150 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 1151 spec.nodeName, spec.serviceAccountName, 1152 status.hostIP, status.podIP, status.podIPs.' 1153 properties: 1154 apiVersion: 1155 description: Version of the schema 1156 the FieldPath is written in terms 1157 of, defaults to "v1". 1158 type: string 1159 fieldPath: 1160 description: Path of the field to 1161 select in the specified API version. 1162 type: string 1163 required: 1164 - fieldPath 1165 type: object 1166 x-kubernetes-map-type: atomic 1167 resourceFieldRef: 1168 description: 'Selects a resource of 1169 the container: only resources limits 1170 and requests (limits.cpu, limits.memory, 1171 limits.ephemeral-storage, requests.cpu, 1172 requests.memory and requests.ephemeral-storage) 1173 are currently supported.' 1174 properties: 1175 containerName: 1176 description: 'Container name: required 1177 for volumes, optional for env 1178 vars' 1179 type: string 1180 divisor: 1181 anyOf: 1182 - type: integer 1183 - type: string 1184 description: Specifies the output 1185 format of the exposed resources, 1186 defaults to "1" 1187 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1188 x-kubernetes-int-or-string: true 1189 resource: 1190 description: 'Required: resource 1191 to select' 1192 type: string 1193 required: 1194 - resource 1195 type: object 1196 x-kubernetes-map-type: atomic 1197 secretKeyRef: 1198 description: Selects a key of a secret 1199 in the pod's namespace 1200 properties: 1201 key: 1202 description: The key of the secret 1203 to select from. Must be a valid 1204 secret key. 1205 type: string 1206 name: 1207 description: 'Name of the referent. 1208 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1209 TODO: Add other useful fields. 1210 apiVersion, kind, uid?' 1211 type: string 1212 optional: 1213 description: Specify whether the 1214 Secret or its key must be defined 1215 type: boolean 1216 required: 1217 - key 1218 type: object 1219 x-kubernetes-map-type: atomic 1220 type: object 1221 required: 1222 - name 1223 type: object 1224 type: array 1225 envFrom: 1226 description: List of sources to populate environment 1227 variables in the container. The keys defined 1228 within a source must be a C_IDENTIFIER. All 1229 invalid keys will be reported as an event when 1230 the container is starting. When a key exists 1231 in multiple sources, the value associated with 1232 the last source will take precedence. Values 1233 defined by an Env with a duplicate key will 1234 take precedence. Cannot be updated. 1235 items: 1236 description: EnvFromSource represents the source 1237 of a set of ConfigMaps 1238 properties: 1239 configMapRef: 1240 description: The ConfigMap to select from 1241 properties: 1242 name: 1243 description: 'Name of the referent. 1244 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1245 TODO: Add other useful fields. apiVersion, 1246 kind, uid?' 1247 type: string 1248 optional: 1249 description: Specify whether the ConfigMap 1250 must be defined 1251 type: boolean 1252 type: object 1253 x-kubernetes-map-type: atomic 1254 prefix: 1255 description: An optional identifier to prepend 1256 to each key in the ConfigMap. Must be 1257 a C_IDENTIFIER. 1258 type: string 1259 secretRef: 1260 description: The Secret to select from 1261 properties: 1262 name: 1263 description: 'Name of the referent. 1264 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1265 TODO: Add other useful fields. apiVersion, 1266 kind, uid?' 1267 type: string 1268 optional: 1269 description: Specify whether the Secret 1270 must be defined 1271 type: boolean 1272 type: object 1273 x-kubernetes-map-type: atomic 1274 type: object 1275 type: array 1276 image: 1277 description: 'Container image name. More info: 1278 https://kubernetes.io/docs/concepts/containers/images 1279 This field is optional to allow higher level 1280 config management to default or override container 1281 images in workload controllers like Deployments 1282 and StatefulSets.' 1283 type: string 1284 imagePullPolicy: 1285 description: 'Image pull policy. One of Always, 1286 Never, IfNotPresent. Defaults to Always if :latest 1287 tag is specified, or IfNotPresent otherwise. 1288 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1289 type: string 1290 lifecycle: 1291 description: Actions that the management system 1292 should take in response to container lifecycle 1293 events. Cannot be updated. 1294 properties: 1295 postStart: 1296 description: 'PostStart is called immediately 1297 after a container is created. If the handler 1298 fails, the container is terminated and restarted 1299 according to its restart policy. Other management 1300 of the container blocks until the hook completes. 1301 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1302 properties: 1303 exec: 1304 description: Exec specifies the action 1305 to take. 1306 properties: 1307 command: 1308 description: Command is the command 1309 line to execute inside the container, 1310 the working directory for the command is 1311 root ('/') in the container's filesystem. 1312 The command is simply exec'd, it 1313 is not run inside a shell, so traditional 1314 shell instructions ('|', etc) won't 1315 work. To use a shell, you need to 1316 explicitly call out to that shell. 1317 Exit status of 0 is treated as live/healthy 1318 and non-zero is unhealthy. 1319 items: 1320 type: string 1321 type: array 1322 type: object 1323 httpGet: 1324 description: HTTPGet specifies the http 1325 request to perform. 1326 properties: 1327 host: 1328 description: Host name to connect 1329 to, defaults to the pod IP. You 1330 probably want to set "Host" in httpHeaders 1331 instead. 1332 type: string 1333 httpHeaders: 1334 description: Custom headers to set 1335 in the request. HTTP allows repeated 1336 headers. 1337 items: 1338 description: HTTPHeader describes 1339 a custom header to be used in 1340 HTTP probes 1341 properties: 1342 name: 1343 description: The header field 1344 name. This will be canonicalized 1345 upon output, so case-variant 1346 names will be understood as 1347 the same header. 1348 type: string 1349 value: 1350 description: The header field 1351 value 1352 type: string 1353 required: 1354 - name 1355 - value 1356 type: object 1357 type: array 1358 path: 1359 description: Path to access on the 1360 HTTP server. 1361 type: string 1362 port: 1363 anyOf: 1364 - type: integer 1365 - type: string 1366 description: Name or number of the 1367 port to access on the container. 1368 Number must be in the range 1 to 1369 65535. Name must be an IANA_SVC_NAME. 1370 x-kubernetes-int-or-string: true 1371 scheme: 1372 description: Scheme to use for connecting 1373 to the host. Defaults to HTTP. 1374 type: string 1375 required: 1376 - port 1377 type: object 1378 tcpSocket: 1379 description: Deprecated. TCPSocket is 1380 NOT supported as a LifecycleHandler 1381 and kept for the backward compatibility. 1382 There are no validation of this field 1383 and lifecycle hooks will fail in runtime 1384 when tcp handler is specified. 1385 properties: 1386 host: 1387 description: 'Optional: Host name 1388 to connect to, defaults to the pod 1389 IP.' 1390 type: string 1391 port: 1392 anyOf: 1393 - type: integer 1394 - type: string 1395 description: Number or name of the 1396 port to access on the container. 1397 Number must be in the range 1 to 1398 65535. Name must be an IANA_SVC_NAME. 1399 x-kubernetes-int-or-string: true 1400 required: 1401 - port 1402 type: object 1403 type: object 1404 preStop: 1405 description: PreStop is called immediately 1406 before a container is terminated due to 1407 an API request or management event such 1408 as liveness/startup probe failure, preemption, 1409 resource contention, etc. The handler is 1410 not called if the container crashes or exits. 1411 The Pod's termination grace period countdown 1412 begins before the PreStop hook is executed. 1413 properties: 1414 exec: 1415 description: Exec specifies the action 1416 to take. 1417 properties: 1418 command: 1419 description: Command is the command 1420 line to execute inside the container, 1421 the working directory for the command is 1422 root ('/') in the container's filesystem. 1423 The command is simply exec'd, it 1424 is not run inside a shell, so traditional 1425 shell instructions ('|', etc) won't 1426 work. To use a shell, you need to 1427 explicitly call out to that shell. 1428 Exit status of 0 is treated as live/healthy 1429 and non-zero is unhealthy. 1430 items: 1431 type: string 1432 type: array 1433 type: object 1434 httpGet: 1435 description: HTTPGet specifies the http 1436 request to perform. 1437 properties: 1438 host: 1439 description: Host name to connect 1440 to, defaults to the pod IP. You 1441 probably want to set "Host" in httpHeaders 1442 instead. 1443 type: string 1444 httpHeaders: 1445 description: Custom headers to set 1446 in the request. HTTP allows repeated 1447 headers. 1448 items: 1449 description: HTTPHeader describes 1450 a custom header to be used in 1451 HTTP probes 1452 properties: 1453 name: 1454 description: The header field 1455 name. This will be canonicalized 1456 upon output, so case-variant 1457 names will be understood as 1458 the same header. 1459 type: string 1460 value: 1461 description: The header field 1462 value 1463 type: string 1464 required: 1465 - name 1466 - value 1467 type: object 1468 type: array 1469 path: 1470 description: Path to access on the 1471 HTTP server. 1472 type: string 1473 port: 1474 anyOf: 1475 - type: integer 1476 - type: string 1477 description: Name or number of the 1478 port to access on the container. 1479 Number must be in the range 1 to 1480 65535. Name must be an IANA_SVC_NAME. 1481 x-kubernetes-int-or-string: true 1482 scheme: 1483 description: Scheme to use for connecting 1484 to the host. Defaults to HTTP. 1485 type: string 1486 required: 1487 - port 1488 type: object 1489 tcpSocket: 1490 description: Deprecated. TCPSocket is 1491 NOT supported as a LifecycleHandler 1492 and kept for the backward compatibility. 1493 There are no validation of this field 1494 and lifecycle hooks will fail in runtime 1495 when tcp handler is specified. 1496 properties: 1497 host: 1498 description: 'Optional: Host name 1499 to connect to, defaults to the pod 1500 IP.' 1501 type: string 1502 port: 1503 anyOf: 1504 - type: integer 1505 - type: string 1506 description: Number or name of the 1507 port to access on the container. 1508 Number must be in the range 1 to 1509 65535. Name must be an IANA_SVC_NAME. 1510 x-kubernetes-int-or-string: true 1511 required: 1512 - port 1513 type: object 1514 type: object 1515 type: object 1516 livenessProbe: 1517 description: 'Periodic probe of container liveness. 1518 Container will be restarted if the probe fails. 1519 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1520 properties: 1521 exec: 1522 description: Exec specifies the action to 1523 take. 1524 properties: 1525 command: 1526 description: Command is the command line 1527 to execute inside the container, the 1528 working directory for the command is 1529 root ('/') in the container's filesystem. 1530 The command is simply exec'd, it is 1531 not run inside a shell, so traditional 1532 shell instructions ('|', etc) won't 1533 work. To use a shell, you need to explicitly 1534 call out to that shell. Exit status 1535 of 0 is treated as live/healthy and 1536 non-zero is unhealthy. 1537 items: 1538 type: string 1539 type: array 1540 type: object 1541 failureThreshold: 1542 description: Minimum consecutive failures 1543 for the probe to be considered failed after 1544 having succeeded. Defaults to 3. Minimum 1545 value is 1. 1546 format: int32 1547 type: integer 1548 grpc: 1549 description: GRPC specifies an action involving 1550 a GRPC port. 1551 properties: 1552 port: 1553 description: Port number of the gRPC service. 1554 Number must be in the range 1 to 65535. 1555 format: int32 1556 type: integer 1557 service: 1558 description: "Service is the name of the 1559 service to place in the gRPC HealthCheckRequest 1560 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1561 \n If this is not specified, the default 1562 behavior is defined by gRPC." 1563 type: string 1564 required: 1565 - port 1566 type: object 1567 httpGet: 1568 description: HTTPGet specifies the http request 1569 to perform. 1570 properties: 1571 host: 1572 description: Host name to connect to, 1573 defaults to the pod IP. You probably 1574 want to set "Host" in httpHeaders instead. 1575 type: string 1576 httpHeaders: 1577 description: Custom headers to set in 1578 the request. HTTP allows repeated headers. 1579 items: 1580 description: HTTPHeader describes a 1581 custom header to be used in HTTP probes 1582 properties: 1583 name: 1584 description: The header field name. 1585 This will be canonicalized upon 1586 output, so case-variant names 1587 will be understood as the same 1588 header. 1589 type: string 1590 value: 1591 description: The header field value 1592 type: string 1593 required: 1594 - name 1595 - value 1596 type: object 1597 type: array 1598 path: 1599 description: Path to access on the HTTP 1600 server. 1601 type: string 1602 port: 1603 anyOf: 1604 - type: integer 1605 - type: string 1606 description: Name or number of the port 1607 to access on the container. Number must 1608 be in the range 1 to 65535. Name must 1609 be an IANA_SVC_NAME. 1610 x-kubernetes-int-or-string: true 1611 scheme: 1612 description: Scheme to use for connecting 1613 to the host. Defaults to HTTP. 1614 type: string 1615 required: 1616 - port 1617 type: object 1618 initialDelaySeconds: 1619 description: 'Number of seconds after the 1620 container has started before liveness probes 1621 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1622 format: int32 1623 type: integer 1624 periodSeconds: 1625 description: How often (in seconds) to perform 1626 the probe. Default to 10 seconds. Minimum 1627 value is 1. 1628 format: int32 1629 type: integer 1630 successThreshold: 1631 description: Minimum consecutive successes 1632 for the probe to be considered successful 1633 after having failed. Defaults to 1. Must 1634 be 1 for liveness and startup. Minimum value 1635 is 1. 1636 format: int32 1637 type: integer 1638 tcpSocket: 1639 description: TCPSocket specifies an action 1640 involving a TCP port. 1641 properties: 1642 host: 1643 description: 'Optional: Host name to connect 1644 to, defaults to the pod IP.' 1645 type: string 1646 port: 1647 anyOf: 1648 - type: integer 1649 - type: string 1650 description: Number or name of the port 1651 to access on the container. Number must 1652 be in the range 1 to 65535. Name must 1653 be an IANA_SVC_NAME. 1654 x-kubernetes-int-or-string: true 1655 required: 1656 - port 1657 type: object 1658 terminationGracePeriodSeconds: 1659 description: Optional duration in seconds 1660 the pod needs to terminate gracefully upon 1661 probe failure. The grace period is the duration 1662 in seconds after the processes running in 1663 the pod are sent a termination signal and 1664 the time when the processes are forcibly 1665 halted with a kill signal. Set this value 1666 longer than the expected cleanup time for 1667 your process. 1668 format: int64 1669 type: integer 1670 timeoutSeconds: 1671 description: 'Number of seconds after which 1672 the probe times out. Defaults to 1 second. 1673 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1674 format: int32 1675 type: integer 1676 type: object 1677 name: 1678 description: Name of the container specified as 1679 a DNS_LABEL. Each container in a pod must have 1680 a unique name (DNS_LABEL). Cannot be updated. 1681 type: string 1682 ports: 1683 description: List of ports to expose from the 1684 container. Not specifying a port here DOES NOT 1685 prevent that port from being exposed. Any port 1686 which is listening on the default "0.0.0.0" 1687 address inside a container will be accessible 1688 from the network. Modifying this array with 1689 strategic merge patch may corrupt the data. 1690 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 1691 items: 1692 description: ContainerPort represents a network 1693 port in a single container. 1694 properties: 1695 containerPort: 1696 description: Number of port to expose on 1697 the pod's IP address. This must be a valid 1698 port number, 0 < x < 65536. 1699 format: int32 1700 type: integer 1701 hostIP: 1702 description: What host IP to bind the external 1703 port to. 1704 type: string 1705 hostPort: 1706 description: Number of port to expose on 1707 the host. If specified, this must be a 1708 valid port number, 0 < x < 65536. If HostNetwork 1709 is specified, this must match ContainerPort. 1710 Most containers do not need this. 1711 format: int32 1712 type: integer 1713 name: 1714 description: If specified, this must be 1715 an IANA_SVC_NAME and unique within the 1716 pod. Each named port in a pod must have 1717 a unique name. Name for the port that 1718 can be referred to by services. 1719 type: string 1720 protocol: 1721 default: TCP 1722 description: Protocol for port. Must be 1723 UDP, TCP, or SCTP. Defaults to "TCP". 1724 type: string 1725 required: 1726 - containerPort 1727 type: object 1728 type: array 1729 x-kubernetes-list-map-keys: 1730 - containerPort 1731 - protocol 1732 x-kubernetes-list-type: map 1733 readinessProbe: 1734 description: 'Periodic probe of container service 1735 readiness. Container will be removed from service 1736 endpoints if the probe fails. Cannot be updated. 1737 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1738 properties: 1739 exec: 1740 description: Exec specifies the action to 1741 take. 1742 properties: 1743 command: 1744 description: Command is the command line 1745 to execute inside the container, the 1746 working directory for the command is 1747 root ('/') in the container's filesystem. 1748 The command is simply exec'd, it is 1749 not run inside a shell, so traditional 1750 shell instructions ('|', etc) won't 1751 work. To use a shell, you need to explicitly 1752 call out to that shell. Exit status 1753 of 0 is treated as live/healthy and 1754 non-zero is unhealthy. 1755 items: 1756 type: string 1757 type: array 1758 type: object 1759 failureThreshold: 1760 description: Minimum consecutive failures 1761 for the probe to be considered failed after 1762 having succeeded. Defaults to 3. Minimum 1763 value is 1. 1764 format: int32 1765 type: integer 1766 grpc: 1767 description: GRPC specifies an action involving 1768 a GRPC port. 1769 properties: 1770 port: 1771 description: Port number of the gRPC service. 1772 Number must be in the range 1 to 65535. 1773 format: int32 1774 type: integer 1775 service: 1776 description: "Service is the name of the 1777 service to place in the gRPC HealthCheckRequest 1778 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1779 \n If this is not specified, the default 1780 behavior is defined by gRPC." 1781 type: string 1782 required: 1783 - port 1784 type: object 1785 httpGet: 1786 description: HTTPGet specifies the http request 1787 to perform. 1788 properties: 1789 host: 1790 description: Host name to connect to, 1791 defaults to the pod IP. You probably 1792 want to set "Host" in httpHeaders instead. 1793 type: string 1794 httpHeaders: 1795 description: Custom headers to set in 1796 the request. HTTP allows repeated headers. 1797 items: 1798 description: HTTPHeader describes a 1799 custom header to be used in HTTP probes 1800 properties: 1801 name: 1802 description: The header field name. 1803 This will be canonicalized upon 1804 output, so case-variant names 1805 will be understood as the same 1806 header. 1807 type: string 1808 value: 1809 description: The header field value 1810 type: string 1811 required: 1812 - name 1813 - value 1814 type: object 1815 type: array 1816 path: 1817 description: Path to access on the HTTP 1818 server. 1819 type: string 1820 port: 1821 anyOf: 1822 - type: integer 1823 - type: string 1824 description: Name or number of the port 1825 to access on the container. Number must 1826 be in the range 1 to 65535. Name must 1827 be an IANA_SVC_NAME. 1828 x-kubernetes-int-or-string: true 1829 scheme: 1830 description: Scheme to use for connecting 1831 to the host. Defaults to HTTP. 1832 type: string 1833 required: 1834 - port 1835 type: object 1836 initialDelaySeconds: 1837 description: 'Number of seconds after the 1838 container has started before liveness probes 1839 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1840 format: int32 1841 type: integer 1842 periodSeconds: 1843 description: How often (in seconds) to perform 1844 the probe. Default to 10 seconds. Minimum 1845 value is 1. 1846 format: int32 1847 type: integer 1848 successThreshold: 1849 description: Minimum consecutive successes 1850 for the probe to be considered successful 1851 after having failed. Defaults to 1. Must 1852 be 1 for liveness and startup. Minimum value 1853 is 1. 1854 format: int32 1855 type: integer 1856 tcpSocket: 1857 description: TCPSocket specifies an action 1858 involving a TCP port. 1859 properties: 1860 host: 1861 description: 'Optional: Host name to connect 1862 to, defaults to the pod IP.' 1863 type: string 1864 port: 1865 anyOf: 1866 - type: integer 1867 - type: string 1868 description: Number or name of the port 1869 to access on the container. Number must 1870 be in the range 1 to 65535. Name must 1871 be an IANA_SVC_NAME. 1872 x-kubernetes-int-or-string: true 1873 required: 1874 - port 1875 type: object 1876 terminationGracePeriodSeconds: 1877 description: Optional duration in seconds 1878 the pod needs to terminate gracefully upon 1879 probe failure. The grace period is the duration 1880 in seconds after the processes running in 1881 the pod are sent a termination signal and 1882 the time when the processes are forcibly 1883 halted with a kill signal. Set this value 1884 longer than the expected cleanup time for 1885 your process. 1886 format: int64 1887 type: integer 1888 timeoutSeconds: 1889 description: 'Number of seconds after which 1890 the probe times out. Defaults to 1 second. 1891 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1892 format: int32 1893 type: integer 1894 type: object 1895 resizePolicy: 1896 description: Resources resize policy for the container. 1897 items: 1898 description: ContainerResizePolicy represents 1899 resource resize policy for the container. 1900 properties: 1901 resourceName: 1902 description: 'Name of the resource to which 1903 this resource resize policy applies. Supported 1904 values: cpu, memory.' 1905 type: string 1906 restartPolicy: 1907 description: Restart policy to apply when 1908 specified resource is resized. If not 1909 specified, it defaults to NotRequired. 1910 type: string 1911 required: 1912 - resourceName 1913 - restartPolicy 1914 type: object 1915 type: array 1916 x-kubernetes-list-type: atomic 1917 resources: 1918 description: 'Compute Resources required by this 1919 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1920 properties: 1921 claims: 1922 description: "Claims lists the names of resources, 1923 defined in spec.resourceClaims, that are 1924 used by this container. \n This is an alpha 1925 field and requires enabling the DynamicResourceAllocation 1926 feature gate. \n This field is immutable. 1927 It can only be set for containers." 1928 items: 1929 description: ResourceClaim references one 1930 entry in PodSpec.ResourceClaims. 1931 properties: 1932 name: 1933 description: Name must match the name 1934 of one entry in pod.spec.resourceClaims 1935 of the Pod where this field is used. 1936 It makes that resource available inside 1937 a container. 1938 type: string 1939 required: 1940 - name 1941 type: object 1942 type: array 1943 x-kubernetes-list-map-keys: 1944 - name 1945 x-kubernetes-list-type: map 1946 limits: 1947 additionalProperties: 1948 anyOf: 1949 - type: integer 1950 - type: string 1951 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1952 x-kubernetes-int-or-string: true 1953 description: 'Limits describes the maximum 1954 amount of compute resources allowed. More 1955 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1956 type: object 1957 requests: 1958 additionalProperties: 1959 anyOf: 1960 - type: integer 1961 - type: string 1962 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1963 x-kubernetes-int-or-string: true 1964 description: 'Requests describes the minimum 1965 amount of compute resources required. If 1966 Requests is omitted for a container, it 1967 defaults to Limits if that is explicitly 1968 specified, otherwise to an implementation-defined 1969 value. Requests cannot exceed Limits. More 1970 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 1971 type: object 1972 type: object 1973 securityContext: 1974 description: 'SecurityContext defines the security 1975 options the container should be run with. If 1976 set, the fields of SecurityContext override 1977 the equivalent fields of PodSecurityContext. 1978 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1979 properties: 1980 allowPrivilegeEscalation: 1981 description: 'AllowPrivilegeEscalation controls 1982 whether a process can gain more privileges 1983 than its parent process. This bool directly 1984 controls if the no_new_privs flag will be 1985 set on the container process. AllowPrivilegeEscalation 1986 is true always when the container is: 1) 1987 run as Privileged 2) has CAP_SYS_ADMIN Note 1988 that this field cannot be set when spec.os.name 1989 is windows.' 1990 type: boolean 1991 capabilities: 1992 description: The capabilities to add/drop 1993 when running containers. Defaults to the 1994 default set of capabilities granted by the 1995 container runtime. Note that this field 1996 cannot be set when spec.os.name is windows. 1997 properties: 1998 add: 1999 description: Added capabilities 2000 items: 2001 description: Capability represent POSIX 2002 capabilities type 2003 type: string 2004 type: array 2005 drop: 2006 description: Removed capabilities 2007 items: 2008 description: Capability represent POSIX 2009 capabilities type 2010 type: string 2011 type: array 2012 type: object 2013 privileged: 2014 description: Run container in privileged mode. 2015 Processes in privileged containers are essentially 2016 equivalent to root on the host. Defaults 2017 to false. Note that this field cannot be 2018 set when spec.os.name is windows. 2019 type: boolean 2020 procMount: 2021 description: procMount denotes the type of 2022 proc mount to use for the containers. The 2023 default is DefaultProcMount which uses the 2024 container runtime defaults for readonly 2025 paths and masked paths. This requires the 2026 ProcMountType feature flag to be enabled. 2027 Note that this field cannot be set when 2028 spec.os.name is windows. 2029 type: string 2030 readOnlyRootFilesystem: 2031 description: Whether this container has a 2032 read-only root filesystem. Default is false. 2033 Note that this field cannot be set when 2034 spec.os.name is windows. 2035 type: boolean 2036 runAsGroup: 2037 description: The GID to run the entrypoint 2038 of the container process. Uses runtime default 2039 if unset. May also be set in PodSecurityContext. If 2040 set in both SecurityContext and PodSecurityContext, 2041 the value specified in SecurityContext takes 2042 precedence. Note that this field cannot 2043 be set when spec.os.name is windows. 2044 format: int64 2045 type: integer 2046 runAsNonRoot: 2047 description: Indicates that the container 2048 must run as a non-root user. If true, the 2049 Kubelet will validate the image at runtime 2050 to ensure that it does not run as UID 0 2051 (root) and fail to start the container if 2052 it does. If unset or false, no such validation 2053 will be performed. May also be set in PodSecurityContext. 2054 type: boolean 2055 runAsUser: 2056 description: The UID to run the entrypoint 2057 of the container process. Defaults to user 2058 specified in image metadata if unspecified. 2059 May also be set in PodSecurityContext. If 2060 set in both SecurityContext and PodSecurityContext, 2061 the value specified in SecurityContext takes 2062 precedence. Note that this field cannot 2063 be set when spec.os.name is windows. 2064 format: int64 2065 type: integer 2066 seLinuxOptions: 2067 description: The SELinux context to be applied 2068 to the container. If unspecified, the container 2069 runtime will allocate a random SELinux context 2070 for each container. May also be set in 2071 PodSecurityContext. If set in both SecurityContext 2072 and PodSecurityContext, the value specified 2073 in SecurityContext takes precedence. Note 2074 that this field cannot be set when spec.os.name 2075 is windows. 2076 properties: 2077 level: 2078 description: Level is SELinux level label 2079 that applies to the container. 2080 type: string 2081 role: 2082 description: Role is a SELinux role label 2083 that applies to the container. 2084 type: string 2085 type: 2086 description: Type is a SELinux type label 2087 that applies to the container. 2088 type: string 2089 user: 2090 description: User is a SELinux user label 2091 that applies to the container. 2092 type: string 2093 type: object 2094 seccompProfile: 2095 description: The seccomp options to use by 2096 this container. If seccomp options are provided 2097 at both the pod & container level, the container 2098 options override the pod options. Note that 2099 this field cannot be set when spec.os.name 2100 is windows. 2101 properties: 2102 localhostProfile: 2103 description: localhostProfile indicates 2104 a profile defined in a file on the node 2105 should be used. The profile must be 2106 preconfigured on the node to work. Must 2107 be a descending path, relative to the 2108 kubelet's configured seccomp profile 2109 location. Must only be set if type is 2110 "Localhost". 2111 type: string 2112 type: 2113 description: "type indicates which kind 2114 of seccomp profile will be applied. 2115 Valid options are: \n Localhost - a 2116 profile defined in a file on the node 2117 should be used. RuntimeDefault - the 2118 container runtime default profile should 2119 be used. Unconfined - no profile should 2120 be applied." 2121 type: string 2122 required: 2123 - type 2124 type: object 2125 windowsOptions: 2126 description: The Windows specific settings 2127 applied to all containers. If unspecified, 2128 the options from the PodSecurityContext 2129 will be used. If set in both SecurityContext 2130 and PodSecurityContext, the value specified 2131 in SecurityContext takes precedence. Note 2132 that this field cannot be set when spec.os.name 2133 is linux. 2134 properties: 2135 gmsaCredentialSpec: 2136 description: GMSACredentialSpec is where 2137 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2138 inlines the contents of the GMSA credential 2139 spec named by the GMSACredentialSpecName 2140 field. 2141 type: string 2142 gmsaCredentialSpecName: 2143 description: GMSACredentialSpecName is 2144 the name of the GMSA credential spec 2145 to use. 2146 type: string 2147 hostProcess: 2148 description: HostProcess determines if 2149 a container should be run as a 'Host 2150 Process' container. This field is alpha-level 2151 and will only be honored by components 2152 that enable the WindowsHostProcessContainers 2153 feature flag. Setting this field without 2154 the feature flag will result in errors 2155 when validating the Pod. 2156 type: boolean 2157 runAsUserName: 2158 description: The UserName in Windows to 2159 run the entrypoint of the container 2160 process. Defaults to the user specified 2161 in image metadata if unspecified. May 2162 also be set in PodSecurityContext. If 2163 set in both SecurityContext and PodSecurityContext, 2164 the value specified in SecurityContext 2165 takes precedence. 2166 type: string 2167 type: object 2168 type: object 2169 startupProbe: 2170 description: StartupProbe indicates that the Pod 2171 has successfully initialized. If specified, 2172 no other probes are executed until this completes 2173 successfully. If this probe fails, the Pod will 2174 be restarted, just as if the livenessProbe failed. 2175 properties: 2176 exec: 2177 description: Exec specifies the action to 2178 take. 2179 properties: 2180 command: 2181 description: Command is the command line 2182 to execute inside the container, the 2183 working directory for the command is 2184 root ('/') in the container's filesystem. 2185 The command is simply exec'd, it is 2186 not run inside a shell, so traditional 2187 shell instructions ('|', etc) won't 2188 work. To use a shell, you need to explicitly 2189 call out to that shell. Exit status 2190 of 0 is treated as live/healthy and 2191 non-zero is unhealthy. 2192 items: 2193 type: string 2194 type: array 2195 type: object 2196 failureThreshold: 2197 description: Minimum consecutive failures 2198 for the probe to be considered failed after 2199 having succeeded. Defaults to 3. Minimum 2200 value is 1. 2201 format: int32 2202 type: integer 2203 grpc: 2204 description: GRPC specifies an action involving 2205 a GRPC port. 2206 properties: 2207 port: 2208 description: Port number of the gRPC service. 2209 Number must be in the range 1 to 65535. 2210 format: int32 2211 type: integer 2212 service: 2213 description: "Service is the name of the 2214 service to place in the gRPC HealthCheckRequest 2215 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2216 \n If this is not specified, the default 2217 behavior is defined by gRPC." 2218 type: string 2219 required: 2220 - port 2221 type: object 2222 httpGet: 2223 description: HTTPGet specifies the http request 2224 to perform. 2225 properties: 2226 host: 2227 description: Host name to connect to, 2228 defaults to the pod IP. You probably 2229 want to set "Host" in httpHeaders instead. 2230 type: string 2231 httpHeaders: 2232 description: Custom headers to set in 2233 the request. HTTP allows repeated headers. 2234 items: 2235 description: HTTPHeader describes a 2236 custom header to be used in HTTP probes 2237 properties: 2238 name: 2239 description: The header field name. 2240 This will be canonicalized upon 2241 output, so case-variant names 2242 will be understood as the same 2243 header. 2244 type: string 2245 value: 2246 description: The header field value 2247 type: string 2248 required: 2249 - name 2250 - value 2251 type: object 2252 type: array 2253 path: 2254 description: Path to access on the HTTP 2255 server. 2256 type: string 2257 port: 2258 anyOf: 2259 - type: integer 2260 - type: string 2261 description: Name or number of the port 2262 to access on the container. Number must 2263 be in the range 1 to 65535. Name must 2264 be an IANA_SVC_NAME. 2265 x-kubernetes-int-or-string: true 2266 scheme: 2267 description: Scheme to use for connecting 2268 to the host. Defaults to HTTP. 2269 type: string 2270 required: 2271 - port 2272 type: object 2273 initialDelaySeconds: 2274 description: 'Number of seconds after the 2275 container has started before liveness probes 2276 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2277 format: int32 2278 type: integer 2279 periodSeconds: 2280 description: How often (in seconds) to perform 2281 the probe. Default to 10 seconds. Minimum 2282 value is 1. 2283 format: int32 2284 type: integer 2285 successThreshold: 2286 description: Minimum consecutive successes 2287 for the probe to be considered successful 2288 after having failed. Defaults to 1. Must 2289 be 1 for liveness and startup. Minimum value 2290 is 1. 2291 format: int32 2292 type: integer 2293 tcpSocket: 2294 description: TCPSocket specifies an action 2295 involving a TCP port. 2296 properties: 2297 host: 2298 description: 'Optional: Host name to connect 2299 to, defaults to the pod IP.' 2300 type: string 2301 port: 2302 anyOf: 2303 - type: integer 2304 - type: string 2305 description: Number or name of the port 2306 to access on the container. Number must 2307 be in the range 1 to 65535. Name must 2308 be an IANA_SVC_NAME. 2309 x-kubernetes-int-or-string: true 2310 required: 2311 - port 2312 type: object 2313 terminationGracePeriodSeconds: 2314 description: Optional duration in seconds 2315 the pod needs to terminate gracefully upon 2316 probe failure. The grace period is the duration 2317 in seconds after the processes running in 2318 the pod are sent a termination signal and 2319 the time when the processes are forcibly 2320 halted with a kill signal. Set this value 2321 longer than the expected cleanup time for 2322 your process. 2323 format: int64 2324 type: integer 2325 timeoutSeconds: 2326 description: 'Number of seconds after which 2327 the probe times out. Defaults to 1 second. 2328 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2329 format: int32 2330 type: integer 2331 type: object 2332 stdin: 2333 description: Whether this container should allocate 2334 a buffer for stdin in the container runtime. 2335 If this is not set, reads from stdin in the 2336 container will always result in EOF. Default 2337 is false. 2338 type: boolean 2339 stdinOnce: 2340 description: Whether the container runtime should 2341 close the stdin channel after it has been opened 2342 by a single attach. When stdin is true the stdin 2343 stream will remain open across multiple attach 2344 sessions. 2345 type: boolean 2346 terminationMessagePath: 2347 description: 'Optional: Path at which the file 2348 to which the container''s termination message 2349 will be written is mounted into the container''s 2350 filesystem. Message written is intended to be 2351 brief final status, such as an assertion failure 2352 message. Will be truncated by the node if greater 2353 than 4096 bytes. The total message length across 2354 all containers will be limited to 12kb. Defaults 2355 to /dev/termination-log.' 2356 type: string 2357 terminationMessagePolicy: 2358 description: Indicate how the termination message 2359 should be populated. File will use the contents 2360 of terminationMessagePath to populate the container 2361 status message on both success and failure. 2362 FallbackToLogsOnError will use the last chunk 2363 of container log output if the termination message 2364 file is empty and the container exited with 2365 an error. 2366 type: string 2367 tty: 2368 description: Whether this container should allocate 2369 a TTY for itself, also requires 'stdin' to be 2370 true. Default is false. 2371 type: boolean 2372 volumeDevices: 2373 description: volumeDevices is the list of block 2374 devices to be used by the container. 2375 items: 2376 description: volumeDevice describes a mapping 2377 of a raw block device within a container. 2378 properties: 2379 devicePath: 2380 description: devicePath is the path inside 2381 of the container that the device will 2382 be mapped to. 2383 type: string 2384 name: 2385 description: name must match the name of 2386 a persistentVolumeClaim in the pod 2387 type: string 2388 required: 2389 - devicePath 2390 - name 2391 type: object 2392 type: array 2393 volumeMounts: 2394 description: Pod volumes to mount into the container's 2395 filesystem. Cannot be updated. 2396 items: 2397 description: VolumeMount describes a mounting 2398 of a Volume within a container. 2399 properties: 2400 mountPath: 2401 description: Path within the container at 2402 which the volume should be mounted. Must 2403 not contain ':'. 2404 type: string 2405 mountPropagation: 2406 description: mountPropagation determines 2407 how mounts are propagated from the host 2408 to container and the other way around. 2409 When not set, MountPropagationNone is 2410 used. This field is beta in 1.10. 2411 type: string 2412 name: 2413 description: This must match the Name of 2414 a Volume. 2415 type: string 2416 readOnly: 2417 description: Mounted read-only if true, 2418 read-write otherwise (false or unspecified). 2419 Defaults to false. 2420 type: boolean 2421 subPath: 2422 description: Path within the volume from 2423 which the container's volume should be 2424 mounted. Defaults to "" (volume's root). 2425 type: string 2426 subPathExpr: 2427 description: Expanded path within the volume 2428 from which the container's volume should 2429 be mounted. Behaves similarly to SubPath 2430 but environment variable references $(VAR_NAME) 2431 are expanded using the container's environment. 2432 Defaults to "" (volume's root). SubPathExpr 2433 and SubPath are mutually exclusive. 2434 type: string 2435 required: 2436 - mountPath 2437 - name 2438 type: object 2439 type: array 2440 workingDir: 2441 description: Container's working directory. If 2442 not specified, the container runtime's default 2443 will be used, which might be configured in the 2444 container image. Cannot be updated. 2445 type: string 2446 required: 2447 - name 2448 type: object 2449 type: array 2450 dnsConfig: 2451 description: Specifies the DNS parameters of a pod. 2452 Parameters specified here will be merged to the generated 2453 DNS configuration based on DNSPolicy. 2454 properties: 2455 nameservers: 2456 description: A list of DNS name server IP addresses. 2457 This will be appended to the base nameservers 2458 generated from DNSPolicy. Duplicated nameservers 2459 will be removed. 2460 items: 2461 type: string 2462 type: array 2463 options: 2464 description: A list of DNS resolver options. This 2465 will be merged with the base options generated 2466 from DNSPolicy. Duplicated entries will be removed. 2467 Resolution options given in Options will override 2468 those that appear in the base DNSPolicy. 2469 items: 2470 description: PodDNSConfigOption defines DNS resolver 2471 options of a pod. 2472 properties: 2473 name: 2474 description: Required. 2475 type: string 2476 value: 2477 type: string 2478 type: object 2479 type: array 2480 searches: 2481 description: A list of DNS search domains for host-name 2482 lookup. This will be appended to the base search 2483 paths generated from DNSPolicy. Duplicated search 2484 paths will be removed. 2485 items: 2486 type: string 2487 type: array 2488 type: object 2489 dnsPolicy: 2490 description: Set DNS policy for the pod. Defaults to 2491 "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 2492 'ClusterFirst', 'Default' or 'None'. DNS parameters 2493 given in DNSConfig will be merged with the policy 2494 selected with DNSPolicy. To have DNS options set along 2495 with hostNetwork, you have to specify DNS policy explicitly 2496 to 'ClusterFirstWithHostNet'. 2497 type: string 2498 enableServiceLinks: 2499 description: 'EnableServiceLinks indicates whether information 2500 about services should be injected into pod''s environment 2501 variables, matching the syntax of Docker links. Optional: 2502 Defaults to true.' 2503 type: boolean 2504 ephemeralContainers: 2505 description: List of ephemeral containers run in this 2506 pod. Ephemeral containers may be run in an existing 2507 pod to perform user-initiated actions such as debugging. 2508 This list cannot be specified when creating a pod, 2509 and it cannot be modified by updating the pod spec. 2510 In order to add an ephemeral container to an existing 2511 pod, use the pod's ephemeralcontainers subresource. 2512 items: 2513 description: An EphemeralContainer is a temporary 2514 container that you may add to an existing Pod for 2515 user-initiated activities such as debugging. Ephemeral 2516 containers have no resource or scheduling guarantees, 2517 and they will not be restarted when they exit or 2518 when a Pod is removed or restarted. The kubelet 2519 may evict a Pod if an ephemeral container causes 2520 the Pod to exceed its resource allocation. 2521 properties: 2522 args: 2523 description: 'Arguments to the entrypoint. The 2524 image''s CMD is used if this is not provided. 2525 Variable references $(VAR_NAME) are expanded 2526 using the container''s environment. If a variable 2527 cannot be resolved, the reference in the input 2528 string will be unchanged. Double $$ are reduced 2529 to a single $, which allows for escaping the 2530 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 2531 produce the string literal "$(VAR_NAME)".' 2532 items: 2533 type: string 2534 type: array 2535 command: 2536 description: 'Entrypoint array. Not executed within 2537 a shell. The image''s ENTRYPOINT is used if 2538 this is not provided. Variable references $(VAR_NAME) 2539 are expanded using the container''s environment. 2540 If a variable cannot be resolved, the reference 2541 in the input string will be unchanged. Double 2542 $$ are reduced to a single $, which allows for 2543 escaping the $(VAR_NAME) syntax: i.e.' 2544 items: 2545 type: string 2546 type: array 2547 env: 2548 description: List of environment variables to 2549 set in the container. Cannot be updated. 2550 items: 2551 description: EnvVar represents an environment 2552 variable present in a Container. 2553 properties: 2554 name: 2555 description: Name of the environment variable. 2556 Must be a C_IDENTIFIER. 2557 type: string 2558 value: 2559 description: 'Variable references $(VAR_NAME) 2560 are expanded using the previously defined 2561 environment variables in the container 2562 and any service environment variables. 2563 If a variable cannot be resolved, the 2564 reference in the input string will be 2565 unchanged. Double $$ are reduced to a 2566 single $, which allows for escaping the 2567 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 2568 will produce the string literal "$(VAR_NAME)".' 2569 type: string 2570 valueFrom: 2571 description: Source for the environment 2572 variable's value. Cannot be used if value 2573 is not empty. 2574 properties: 2575 configMapKeyRef: 2576 description: Selects a key of a ConfigMap. 2577 properties: 2578 key: 2579 description: The key to select. 2580 type: string 2581 name: 2582 description: 'Name of the referent. 2583 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2584 TODO: Add other useful fields. 2585 apiVersion, kind, uid?' 2586 type: string 2587 optional: 2588 description: Specify whether the 2589 ConfigMap or its key must be defined 2590 type: boolean 2591 required: 2592 - key 2593 type: object 2594 x-kubernetes-map-type: atomic 2595 fieldRef: 2596 description: 'Selects a field of the 2597 pod: supports metadata.name, metadata.namespace, 2598 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 2599 spec.nodeName, spec.serviceAccountName, 2600 status.hostIP, status.podIP, status.podIPs.' 2601 properties: 2602 apiVersion: 2603 description: Version of the schema 2604 the FieldPath is written in terms 2605 of, defaults to "v1". 2606 type: string 2607 fieldPath: 2608 description: Path of the field to 2609 select in the specified API version. 2610 type: string 2611 required: 2612 - fieldPath 2613 type: object 2614 x-kubernetes-map-type: atomic 2615 resourceFieldRef: 2616 description: 'Selects a resource of 2617 the container: only resources limits 2618 and requests (limits.cpu, limits.memory, 2619 limits.ephemeral-storage, requests.cpu, 2620 requests.memory and requests.ephemeral-storage) 2621 are currently supported.' 2622 properties: 2623 containerName: 2624 description: 'Container name: required 2625 for volumes, optional for env 2626 vars' 2627 type: string 2628 divisor: 2629 anyOf: 2630 - type: integer 2631 - type: string 2632 description: Specifies the output 2633 format of the exposed resources, 2634 defaults to "1" 2635 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2636 x-kubernetes-int-or-string: true 2637 resource: 2638 description: 'Required: resource 2639 to select' 2640 type: string 2641 required: 2642 - resource 2643 type: object 2644 x-kubernetes-map-type: atomic 2645 secretKeyRef: 2646 description: Selects a key of a secret 2647 in the pod's namespace 2648 properties: 2649 key: 2650 description: The key of the secret 2651 to select from. Must be a valid 2652 secret key. 2653 type: string 2654 name: 2655 description: 'Name of the referent. 2656 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2657 TODO: Add other useful fields. 2658 apiVersion, kind, uid?' 2659 type: string 2660 optional: 2661 description: Specify whether the 2662 Secret or its key must be defined 2663 type: boolean 2664 required: 2665 - key 2666 type: object 2667 x-kubernetes-map-type: atomic 2668 type: object 2669 required: 2670 - name 2671 type: object 2672 type: array 2673 envFrom: 2674 description: List of sources to populate environment 2675 variables in the container. The keys defined 2676 within a source must be a C_IDENTIFIER. All 2677 invalid keys will be reported as an event when 2678 the container is starting. When a key exists 2679 in multiple sources, the value associated with 2680 the last source will take precedence. Values 2681 defined by an Env with a duplicate key will 2682 take precedence. Cannot be updated. 2683 items: 2684 description: EnvFromSource represents the source 2685 of a set of ConfigMaps 2686 properties: 2687 configMapRef: 2688 description: The ConfigMap to select from 2689 properties: 2690 name: 2691 description: 'Name of the referent. 2692 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2693 TODO: Add other useful fields. apiVersion, 2694 kind, uid?' 2695 type: string 2696 optional: 2697 description: Specify whether the ConfigMap 2698 must be defined 2699 type: boolean 2700 type: object 2701 x-kubernetes-map-type: atomic 2702 prefix: 2703 description: An optional identifier to prepend 2704 to each key in the ConfigMap. Must be 2705 a C_IDENTIFIER. 2706 type: string 2707 secretRef: 2708 description: The Secret to select from 2709 properties: 2710 name: 2711 description: 'Name of the referent. 2712 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2713 TODO: Add other useful fields. apiVersion, 2714 kind, uid?' 2715 type: string 2716 optional: 2717 description: Specify whether the Secret 2718 must be defined 2719 type: boolean 2720 type: object 2721 x-kubernetes-map-type: atomic 2722 type: object 2723 type: array 2724 image: 2725 description: 'Container image name. More info: 2726 https://kubernetes.io/docs/concepts/containers/images' 2727 type: string 2728 imagePullPolicy: 2729 description: 'Image pull policy. One of Always, 2730 Never, IfNotPresent. Defaults to Always if :latest 2731 tag is specified, or IfNotPresent otherwise. 2732 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2733 type: string 2734 lifecycle: 2735 description: Lifecycle is not allowed for ephemeral 2736 containers. 2737 properties: 2738 postStart: 2739 description: 'PostStart is called immediately 2740 after a container is created. If the handler 2741 fails, the container is terminated and restarted 2742 according to its restart policy. Other management 2743 of the container blocks until the hook completes. 2744 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2745 properties: 2746 exec: 2747 description: Exec specifies the action 2748 to take. 2749 properties: 2750 command: 2751 description: Command is the command 2752 line to execute inside the container, 2753 the working directory for the command is 2754 root ('/') in the container's filesystem. 2755 The command is simply exec'd, it 2756 is not run inside a shell, so traditional 2757 shell instructions ('|', etc) won't 2758 work. To use a shell, you need to 2759 explicitly call out to that shell. 2760 Exit status of 0 is treated as live/healthy 2761 and non-zero is unhealthy. 2762 items: 2763 type: string 2764 type: array 2765 type: object 2766 httpGet: 2767 description: HTTPGet specifies the http 2768 request to perform. 2769 properties: 2770 host: 2771 description: Host name to connect 2772 to, defaults to the pod IP. You 2773 probably want to set "Host" in httpHeaders 2774 instead. 2775 type: string 2776 httpHeaders: 2777 description: Custom headers to set 2778 in the request. HTTP allows repeated 2779 headers. 2780 items: 2781 description: HTTPHeader describes 2782 a custom header to be used in 2783 HTTP probes 2784 properties: 2785 name: 2786 description: The header field 2787 name. This will be canonicalized 2788 upon output, so case-variant 2789 names will be understood as 2790 the same header. 2791 type: string 2792 value: 2793 description: The header field 2794 value 2795 type: string 2796 required: 2797 - name 2798 - value 2799 type: object 2800 type: array 2801 path: 2802 description: Path to access on the 2803 HTTP server. 2804 type: string 2805 port: 2806 anyOf: 2807 - type: integer 2808 - type: string 2809 description: Name or number of the 2810 port to access on the container. 2811 Number must be in the range 1 to 2812 65535. Name must be an IANA_SVC_NAME. 2813 x-kubernetes-int-or-string: true 2814 scheme: 2815 description: Scheme to use for connecting 2816 to the host. Defaults to HTTP. 2817 type: string 2818 required: 2819 - port 2820 type: object 2821 tcpSocket: 2822 description: Deprecated. TCPSocket is 2823 NOT supported as a LifecycleHandler 2824 and kept for the backward compatibility. 2825 There are no validation of this field 2826 and lifecycle hooks will fail in runtime 2827 when tcp handler is specified. 2828 properties: 2829 host: 2830 description: 'Optional: Host name 2831 to connect to, defaults to the pod 2832 IP.' 2833 type: string 2834 port: 2835 anyOf: 2836 - type: integer 2837 - type: string 2838 description: Number or name of the 2839 port to access on the container. 2840 Number must be in the range 1 to 2841 65535. Name must be an IANA_SVC_NAME. 2842 x-kubernetes-int-or-string: true 2843 required: 2844 - port 2845 type: object 2846 type: object 2847 preStop: 2848 description: PreStop is called immediately 2849 before a container is terminated due to 2850 an API request or management event such 2851 as liveness/startup probe failure, preemption, 2852 resource contention, etc. The handler is 2853 not called if the container crashes or exits. 2854 The Pod's termination grace period countdown 2855 begins before the PreStop hook is executed. 2856 properties: 2857 exec: 2858 description: Exec specifies the action 2859 to take. 2860 properties: 2861 command: 2862 description: Command is the command 2863 line to execute inside the container, 2864 the working directory for the command is 2865 root ('/') in the container's filesystem. 2866 The command is simply exec'd, it 2867 is not run inside a shell, so traditional 2868 shell instructions ('|', etc) won't 2869 work. To use a shell, you need to 2870 explicitly call out to that shell. 2871 Exit status of 0 is treated as live/healthy 2872 and non-zero is unhealthy. 2873 items: 2874 type: string 2875 type: array 2876 type: object 2877 httpGet: 2878 description: HTTPGet specifies the http 2879 request to perform. 2880 properties: 2881 host: 2882 description: Host name to connect 2883 to, defaults to the pod IP. You 2884 probably want to set "Host" in httpHeaders 2885 instead. 2886 type: string 2887 httpHeaders: 2888 description: Custom headers to set 2889 in the request. HTTP allows repeated 2890 headers. 2891 items: 2892 description: HTTPHeader describes 2893 a custom header to be used in 2894 HTTP probes 2895 properties: 2896 name: 2897 description: The header field 2898 name. This will be canonicalized 2899 upon output, so case-variant 2900 names will be understood as 2901 the same header. 2902 type: string 2903 value: 2904 description: The header field 2905 value 2906 type: string 2907 required: 2908 - name 2909 - value 2910 type: object 2911 type: array 2912 path: 2913 description: Path to access on the 2914 HTTP server. 2915 type: string 2916 port: 2917 anyOf: 2918 - type: integer 2919 - type: string 2920 description: Name or number of the 2921 port to access on the container. 2922 Number must be in the range 1 to 2923 65535. Name must be an IANA_SVC_NAME. 2924 x-kubernetes-int-or-string: true 2925 scheme: 2926 description: Scheme to use for connecting 2927 to the host. Defaults to HTTP. 2928 type: string 2929 required: 2930 - port 2931 type: object 2932 tcpSocket: 2933 description: Deprecated. TCPSocket is 2934 NOT supported as a LifecycleHandler 2935 and kept for the backward compatibility. 2936 There are no validation of this field 2937 and lifecycle hooks will fail in runtime 2938 when tcp handler is specified. 2939 properties: 2940 host: 2941 description: 'Optional: Host name 2942 to connect to, defaults to the pod 2943 IP.' 2944 type: string 2945 port: 2946 anyOf: 2947 - type: integer 2948 - type: string 2949 description: Number or name of the 2950 port to access on the container. 2951 Number must be in the range 1 to 2952 65535. Name must be an IANA_SVC_NAME. 2953 x-kubernetes-int-or-string: true 2954 required: 2955 - port 2956 type: object 2957 type: object 2958 type: object 2959 livenessProbe: 2960 description: Probes are not allowed for ephemeral 2961 containers. 2962 properties: 2963 exec: 2964 description: Exec specifies the action to 2965 take. 2966 properties: 2967 command: 2968 description: Command is the command line 2969 to execute inside the container, the 2970 working directory for the command is 2971 root ('/') in the container's filesystem. 2972 The command is simply exec'd, it is 2973 not run inside a shell, so traditional 2974 shell instructions ('|', etc) won't 2975 work. To use a shell, you need to explicitly 2976 call out to that shell. Exit status 2977 of 0 is treated as live/healthy and 2978 non-zero is unhealthy. 2979 items: 2980 type: string 2981 type: array 2982 type: object 2983 failureThreshold: 2984 description: Minimum consecutive failures 2985 for the probe to be considered failed after 2986 having succeeded. Defaults to 3. Minimum 2987 value is 1. 2988 format: int32 2989 type: integer 2990 grpc: 2991 description: GRPC specifies an action involving 2992 a GRPC port. 2993 properties: 2994 port: 2995 description: Port number of the gRPC service. 2996 Number must be in the range 1 to 65535. 2997 format: int32 2998 type: integer 2999 service: 3000 description: "Service is the name of the 3001 service to place in the gRPC HealthCheckRequest 3002 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3003 \n If this is not specified, the default 3004 behavior is defined by gRPC." 3005 type: string 3006 required: 3007 - port 3008 type: object 3009 httpGet: 3010 description: HTTPGet specifies the http request 3011 to perform. 3012 properties: 3013 host: 3014 description: Host name to connect to, 3015 defaults to the pod IP. You probably 3016 want to set "Host" in httpHeaders instead. 3017 type: string 3018 httpHeaders: 3019 description: Custom headers to set in 3020 the request. HTTP allows repeated headers. 3021 items: 3022 description: HTTPHeader describes a 3023 custom header to be used in HTTP probes 3024 properties: 3025 name: 3026 description: The header field name. 3027 This will be canonicalized upon 3028 output, so case-variant names 3029 will be understood as the same 3030 header. 3031 type: string 3032 value: 3033 description: The header field value 3034 type: string 3035 required: 3036 - name 3037 - value 3038 type: object 3039 type: array 3040 path: 3041 description: Path to access on the HTTP 3042 server. 3043 type: string 3044 port: 3045 anyOf: 3046 - type: integer 3047 - type: string 3048 description: Name or number of the port 3049 to access on the container. Number must 3050 be in the range 1 to 65535. Name must 3051 be an IANA_SVC_NAME. 3052 x-kubernetes-int-or-string: true 3053 scheme: 3054 description: Scheme to use for connecting 3055 to the host. Defaults to HTTP. 3056 type: string 3057 required: 3058 - port 3059 type: object 3060 initialDelaySeconds: 3061 description: 'Number of seconds after the 3062 container has started before liveness probes 3063 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3064 format: int32 3065 type: integer 3066 periodSeconds: 3067 description: How often (in seconds) to perform 3068 the probe. Default to 10 seconds. Minimum 3069 value is 1. 3070 format: int32 3071 type: integer 3072 successThreshold: 3073 description: Minimum consecutive successes 3074 for the probe to be considered successful 3075 after having failed. Defaults to 1. Must 3076 be 1 for liveness and startup. Minimum value 3077 is 1. 3078 format: int32 3079 type: integer 3080 tcpSocket: 3081 description: TCPSocket specifies an action 3082 involving a TCP port. 3083 properties: 3084 host: 3085 description: 'Optional: Host name to connect 3086 to, defaults to the pod IP.' 3087 type: string 3088 port: 3089 anyOf: 3090 - type: integer 3091 - type: string 3092 description: Number or name of the port 3093 to access on the container. Number must 3094 be in the range 1 to 65535. Name must 3095 be an IANA_SVC_NAME. 3096 x-kubernetes-int-or-string: true 3097 required: 3098 - port 3099 type: object 3100 terminationGracePeriodSeconds: 3101 description: Optional duration in seconds 3102 the pod needs to terminate gracefully upon 3103 probe failure. The grace period is the duration 3104 in seconds after the processes running in 3105 the pod are sent a termination signal and 3106 the time when the processes are forcibly 3107 halted with a kill signal. Set this value 3108 longer than the expected cleanup time for 3109 your process. 3110 format: int64 3111 type: integer 3112 timeoutSeconds: 3113 description: 'Number of seconds after which 3114 the probe times out. Defaults to 1 second. 3115 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3116 format: int32 3117 type: integer 3118 type: object 3119 name: 3120 description: Name of the ephemeral container specified 3121 as a DNS_LABEL. This name must be unique among 3122 all containers, init containers and ephemeral 3123 containers. 3124 type: string 3125 ports: 3126 description: Ports are not allowed for ephemeral 3127 containers. 3128 items: 3129 description: ContainerPort represents a network 3130 port in a single container. 3131 properties: 3132 containerPort: 3133 description: Number of port to expose on 3134 the pod's IP address. This must be a valid 3135 port number, 0 < x < 65536. 3136 format: int32 3137 type: integer 3138 hostIP: 3139 description: What host IP to bind the external 3140 port to. 3141 type: string 3142 hostPort: 3143 description: Number of port to expose on 3144 the host. If specified, this must be a 3145 valid port number, 0 < x < 65536. If HostNetwork 3146 is specified, this must match ContainerPort. 3147 Most containers do not need this. 3148 format: int32 3149 type: integer 3150 name: 3151 description: If specified, this must be 3152 an IANA_SVC_NAME and unique within the 3153 pod. Each named port in a pod must have 3154 a unique name. Name for the port that 3155 can be referred to by services. 3156 type: string 3157 protocol: 3158 default: TCP 3159 description: Protocol for port. Must be 3160 UDP, TCP, or SCTP. Defaults to "TCP". 3161 type: string 3162 required: 3163 - containerPort 3164 type: object 3165 type: array 3166 x-kubernetes-list-map-keys: 3167 - containerPort 3168 - protocol 3169 x-kubernetes-list-type: map 3170 readinessProbe: 3171 description: Probes are not allowed for ephemeral 3172 containers. 3173 properties: 3174 exec: 3175 description: Exec specifies the action to 3176 take. 3177 properties: 3178 command: 3179 description: Command is the command line 3180 to execute inside the container, the 3181 working directory for the command is 3182 root ('/') in the container's filesystem. 3183 The command is simply exec'd, it is 3184 not run inside a shell, so traditional 3185 shell instructions ('|', etc) won't 3186 work. To use a shell, you need to explicitly 3187 call out to that shell. Exit status 3188 of 0 is treated as live/healthy and 3189 non-zero is unhealthy. 3190 items: 3191 type: string 3192 type: array 3193 type: object 3194 failureThreshold: 3195 description: Minimum consecutive failures 3196 for the probe to be considered failed after 3197 having succeeded. Defaults to 3. Minimum 3198 value is 1. 3199 format: int32 3200 type: integer 3201 grpc: 3202 description: GRPC specifies an action involving 3203 a GRPC port. 3204 properties: 3205 port: 3206 description: Port number of the gRPC service. 3207 Number must be in the range 1 to 65535. 3208 format: int32 3209 type: integer 3210 service: 3211 description: "Service is the name of the 3212 service to place in the gRPC HealthCheckRequest 3213 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3214 \n If this is not specified, the default 3215 behavior is defined by gRPC." 3216 type: string 3217 required: 3218 - port 3219 type: object 3220 httpGet: 3221 description: HTTPGet specifies the http request 3222 to perform. 3223 properties: 3224 host: 3225 description: Host name to connect to, 3226 defaults to the pod IP. You probably 3227 want to set "Host" in httpHeaders instead. 3228 type: string 3229 httpHeaders: 3230 description: Custom headers to set in 3231 the request. HTTP allows repeated headers. 3232 items: 3233 description: HTTPHeader describes a 3234 custom header to be used in HTTP probes 3235 properties: 3236 name: 3237 description: The header field name. 3238 This will be canonicalized upon 3239 output, so case-variant names 3240 will be understood as the same 3241 header. 3242 type: string 3243 value: 3244 description: The header field value 3245 type: string 3246 required: 3247 - name 3248 - value 3249 type: object 3250 type: array 3251 path: 3252 description: Path to access on the HTTP 3253 server. 3254 type: string 3255 port: 3256 anyOf: 3257 - type: integer 3258 - type: string 3259 description: Name or number of the port 3260 to access on the container. Number must 3261 be in the range 1 to 65535. Name must 3262 be an IANA_SVC_NAME. 3263 x-kubernetes-int-or-string: true 3264 scheme: 3265 description: Scheme to use for connecting 3266 to the host. Defaults to HTTP. 3267 type: string 3268 required: 3269 - port 3270 type: object 3271 initialDelaySeconds: 3272 description: 'Number of seconds after the 3273 container has started before liveness probes 3274 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3275 format: int32 3276 type: integer 3277 periodSeconds: 3278 description: How often (in seconds) to perform 3279 the probe. Default to 10 seconds. Minimum 3280 value is 1. 3281 format: int32 3282 type: integer 3283 successThreshold: 3284 description: Minimum consecutive successes 3285 for the probe to be considered successful 3286 after having failed. Defaults to 1. Must 3287 be 1 for liveness and startup. Minimum value 3288 is 1. 3289 format: int32 3290 type: integer 3291 tcpSocket: 3292 description: TCPSocket specifies an action 3293 involving a TCP port. 3294 properties: 3295 host: 3296 description: 'Optional: Host name to connect 3297 to, defaults to the pod IP.' 3298 type: string 3299 port: 3300 anyOf: 3301 - type: integer 3302 - type: string 3303 description: Number or name of the port 3304 to access on the container. Number must 3305 be in the range 1 to 65535. Name must 3306 be an IANA_SVC_NAME. 3307 x-kubernetes-int-or-string: true 3308 required: 3309 - port 3310 type: object 3311 terminationGracePeriodSeconds: 3312 description: Optional duration in seconds 3313 the pod needs to terminate gracefully upon 3314 probe failure. The grace period is the duration 3315 in seconds after the processes running in 3316 the pod are sent a termination signal and 3317 the time when the processes are forcibly 3318 halted with a kill signal. Set this value 3319 longer than the expected cleanup time for 3320 your process. 3321 format: int64 3322 type: integer 3323 timeoutSeconds: 3324 description: 'Number of seconds after which 3325 the probe times out. Defaults to 1 second. 3326 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3327 format: int32 3328 type: integer 3329 type: object 3330 resizePolicy: 3331 description: Resources resize policy for the container. 3332 items: 3333 description: ContainerResizePolicy represents 3334 resource resize policy for the container. 3335 properties: 3336 resourceName: 3337 description: 'Name of the resource to which 3338 this resource resize policy applies. Supported 3339 values: cpu, memory.' 3340 type: string 3341 restartPolicy: 3342 description: Restart policy to apply when 3343 specified resource is resized. If not 3344 specified, it defaults to NotRequired. 3345 type: string 3346 required: 3347 - resourceName 3348 - restartPolicy 3349 type: object 3350 type: array 3351 x-kubernetes-list-type: atomic 3352 resources: 3353 description: Resources are not allowed for ephemeral 3354 containers. Ephemeral containers use spare resources 3355 already allocated to the pod. 3356 properties: 3357 claims: 3358 description: "Claims lists the names of resources, 3359 defined in spec.resourceClaims, that are 3360 used by this container. \n This is an alpha 3361 field and requires enabling the DynamicResourceAllocation 3362 feature gate. \n This field is immutable. 3363 It can only be set for containers." 3364 items: 3365 description: ResourceClaim references one 3366 entry in PodSpec.ResourceClaims. 3367 properties: 3368 name: 3369 description: Name must match the name 3370 of one entry in pod.spec.resourceClaims 3371 of the Pod where this field is used. 3372 It makes that resource available inside 3373 a container. 3374 type: string 3375 required: 3376 - name 3377 type: object 3378 type: array 3379 x-kubernetes-list-map-keys: 3380 - name 3381 x-kubernetes-list-type: map 3382 limits: 3383 additionalProperties: 3384 anyOf: 3385 - type: integer 3386 - type: string 3387 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3388 x-kubernetes-int-or-string: true 3389 description: 'Limits describes the maximum 3390 amount of compute resources allowed. More 3391 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3392 type: object 3393 requests: 3394 additionalProperties: 3395 anyOf: 3396 - type: integer 3397 - type: string 3398 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3399 x-kubernetes-int-or-string: true 3400 description: 'Requests describes the minimum 3401 amount of compute resources required. If 3402 Requests is omitted for a container, it 3403 defaults to Limits if that is explicitly 3404 specified, otherwise to an implementation-defined 3405 value. Requests cannot exceed Limits. More 3406 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3407 type: object 3408 type: object 3409 securityContext: 3410 description: 'Optional: SecurityContext defines 3411 the security options the ephemeral container 3412 should be run with. If set, the fields of SecurityContext 3413 override the equivalent fields of PodSecurityContext.' 3414 properties: 3415 allowPrivilegeEscalation: 3416 description: 'AllowPrivilegeEscalation controls 3417 whether a process can gain more privileges 3418 than its parent process. This bool directly 3419 controls if the no_new_privs flag will be 3420 set on the container process. AllowPrivilegeEscalation 3421 is true always when the container is: 1) 3422 run as Privileged 2) has CAP_SYS_ADMIN Note 3423 that this field cannot be set when spec.os.name 3424 is windows.' 3425 type: boolean 3426 capabilities: 3427 description: The capabilities to add/drop 3428 when running containers. Defaults to the 3429 default set of capabilities granted by the 3430 container runtime. Note that this field 3431 cannot be set when spec.os.name is windows. 3432 properties: 3433 add: 3434 description: Added capabilities 3435 items: 3436 description: Capability represent POSIX 3437 capabilities type 3438 type: string 3439 type: array 3440 drop: 3441 description: Removed capabilities 3442 items: 3443 description: Capability represent POSIX 3444 capabilities type 3445 type: string 3446 type: array 3447 type: object 3448 privileged: 3449 description: Run container in privileged mode. 3450 Processes in privileged containers are essentially 3451 equivalent to root on the host. Defaults 3452 to false. Note that this field cannot be 3453 set when spec.os.name is windows. 3454 type: boolean 3455 procMount: 3456 description: procMount denotes the type of 3457 proc mount to use for the containers. The 3458 default is DefaultProcMount which uses the 3459 container runtime defaults for readonly 3460 paths and masked paths. This requires the 3461 ProcMountType feature flag to be enabled. 3462 Note that this field cannot be set when 3463 spec.os.name is windows. 3464 type: string 3465 readOnlyRootFilesystem: 3466 description: Whether this container has a 3467 read-only root filesystem. Default is false. 3468 Note that this field cannot be set when 3469 spec.os.name is windows. 3470 type: boolean 3471 runAsGroup: 3472 description: The GID to run the entrypoint 3473 of the container process. Uses runtime default 3474 if unset. May also be set in PodSecurityContext. If 3475 set in both SecurityContext and PodSecurityContext, 3476 the value specified in SecurityContext takes 3477 precedence. Note that this field cannot 3478 be set when spec.os.name is windows. 3479 format: int64 3480 type: integer 3481 runAsNonRoot: 3482 description: Indicates that the container 3483 must run as a non-root user. If true, the 3484 Kubelet will validate the image at runtime 3485 to ensure that it does not run as UID 0 3486 (root) and fail to start the container if 3487 it does. If unset or false, no such validation 3488 will be performed. May also be set in PodSecurityContext. 3489 type: boolean 3490 runAsUser: 3491 description: The UID to run the entrypoint 3492 of the container process. Defaults to user 3493 specified in image metadata if unspecified. 3494 May also be set in PodSecurityContext. If 3495 set in both SecurityContext and PodSecurityContext, 3496 the value specified in SecurityContext takes 3497 precedence. Note that this field cannot 3498 be set when spec.os.name is windows. 3499 format: int64 3500 type: integer 3501 seLinuxOptions: 3502 description: The SELinux context to be applied 3503 to the container. If unspecified, the container 3504 runtime will allocate a random SELinux context 3505 for each container. May also be set in 3506 PodSecurityContext. If set in both SecurityContext 3507 and PodSecurityContext, the value specified 3508 in SecurityContext takes precedence. Note 3509 that this field cannot be set when spec.os.name 3510 is windows. 3511 properties: 3512 level: 3513 description: Level is SELinux level label 3514 that applies to the container. 3515 type: string 3516 role: 3517 description: Role is a SELinux role label 3518 that applies to the container. 3519 type: string 3520 type: 3521 description: Type is a SELinux type label 3522 that applies to the container. 3523 type: string 3524 user: 3525 description: User is a SELinux user label 3526 that applies to the container. 3527 type: string 3528 type: object 3529 seccompProfile: 3530 description: The seccomp options to use by 3531 this container. If seccomp options are provided 3532 at both the pod & container level, the container 3533 options override the pod options. Note that 3534 this field cannot be set when spec.os.name 3535 is windows. 3536 properties: 3537 localhostProfile: 3538 description: localhostProfile indicates 3539 a profile defined in a file on the node 3540 should be used. The profile must be 3541 preconfigured on the node to work. Must 3542 be a descending path, relative to the 3543 kubelet's configured seccomp profile 3544 location. Must only be set if type is 3545 "Localhost". 3546 type: string 3547 type: 3548 description: "type indicates which kind 3549 of seccomp profile will be applied. 3550 Valid options are: \n Localhost - a 3551 profile defined in a file on the node 3552 should be used. RuntimeDefault - the 3553 container runtime default profile should 3554 be used. Unconfined - no profile should 3555 be applied." 3556 type: string 3557 required: 3558 - type 3559 type: object 3560 windowsOptions: 3561 description: The Windows specific settings 3562 applied to all containers. If unspecified, 3563 the options from the PodSecurityContext 3564 will be used. If set in both SecurityContext 3565 and PodSecurityContext, the value specified 3566 in SecurityContext takes precedence. Note 3567 that this field cannot be set when spec.os.name 3568 is linux. 3569 properties: 3570 gmsaCredentialSpec: 3571 description: GMSACredentialSpec is where 3572 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3573 inlines the contents of the GMSA credential 3574 spec named by the GMSACredentialSpecName 3575 field. 3576 type: string 3577 gmsaCredentialSpecName: 3578 description: GMSACredentialSpecName is 3579 the name of the GMSA credential spec 3580 to use. 3581 type: string 3582 hostProcess: 3583 description: HostProcess determines if 3584 a container should be run as a 'Host 3585 Process' container. This field is alpha-level 3586 and will only be honored by components 3587 that enable the WindowsHostProcessContainers 3588 feature flag. Setting this field without 3589 the feature flag will result in errors 3590 when validating the Pod. 3591 type: boolean 3592 runAsUserName: 3593 description: The UserName in Windows to 3594 run the entrypoint of the container 3595 process. Defaults to the user specified 3596 in image metadata if unspecified. May 3597 also be set in PodSecurityContext. If 3598 set in both SecurityContext and PodSecurityContext, 3599 the value specified in SecurityContext 3600 takes precedence. 3601 type: string 3602 type: object 3603 type: object 3604 startupProbe: 3605 description: Probes are not allowed for ephemeral 3606 containers. 3607 properties: 3608 exec: 3609 description: Exec specifies the action to 3610 take. 3611 properties: 3612 command: 3613 description: Command is the command line 3614 to execute inside the container, the 3615 working directory for the command is 3616 root ('/') in the container's filesystem. 3617 The command is simply exec'd, it is 3618 not run inside a shell, so traditional 3619 shell instructions ('|', etc) won't 3620 work. To use a shell, you need to explicitly 3621 call out to that shell. Exit status 3622 of 0 is treated as live/healthy and 3623 non-zero is unhealthy. 3624 items: 3625 type: string 3626 type: array 3627 type: object 3628 failureThreshold: 3629 description: Minimum consecutive failures 3630 for the probe to be considered failed after 3631 having succeeded. Defaults to 3. Minimum 3632 value is 1. 3633 format: int32 3634 type: integer 3635 grpc: 3636 description: GRPC specifies an action involving 3637 a GRPC port. 3638 properties: 3639 port: 3640 description: Port number of the gRPC service. 3641 Number must be in the range 1 to 65535. 3642 format: int32 3643 type: integer 3644 service: 3645 description: "Service is the name of the 3646 service to place in the gRPC HealthCheckRequest 3647 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3648 \n If this is not specified, the default 3649 behavior is defined by gRPC." 3650 type: string 3651 required: 3652 - port 3653 type: object 3654 httpGet: 3655 description: HTTPGet specifies the http request 3656 to perform. 3657 properties: 3658 host: 3659 description: Host name to connect to, 3660 defaults to the pod IP. You probably 3661 want to set "Host" in httpHeaders instead. 3662 type: string 3663 httpHeaders: 3664 description: Custom headers to set in 3665 the request. HTTP allows repeated headers. 3666 items: 3667 description: HTTPHeader describes a 3668 custom header to be used in HTTP probes 3669 properties: 3670 name: 3671 description: The header field name. 3672 This will be canonicalized upon 3673 output, so case-variant names 3674 will be understood as the same 3675 header. 3676 type: string 3677 value: 3678 description: The header field value 3679 type: string 3680 required: 3681 - name 3682 - value 3683 type: object 3684 type: array 3685 path: 3686 description: Path to access on the HTTP 3687 server. 3688 type: string 3689 port: 3690 anyOf: 3691 - type: integer 3692 - type: string 3693 description: Name or number of the port 3694 to access on the container. Number must 3695 be in the range 1 to 65535. Name must 3696 be an IANA_SVC_NAME. 3697 x-kubernetes-int-or-string: true 3698 scheme: 3699 description: Scheme to use for connecting 3700 to the host. Defaults to HTTP. 3701 type: string 3702 required: 3703 - port 3704 type: object 3705 initialDelaySeconds: 3706 description: 'Number of seconds after the 3707 container has started before liveness probes 3708 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3709 format: int32 3710 type: integer 3711 periodSeconds: 3712 description: How often (in seconds) to perform 3713 the probe. Default to 10 seconds. Minimum 3714 value is 1. 3715 format: int32 3716 type: integer 3717 successThreshold: 3718 description: Minimum consecutive successes 3719 for the probe to be considered successful 3720 after having failed. Defaults to 1. Must 3721 be 1 for liveness and startup. Minimum value 3722 is 1. 3723 format: int32 3724 type: integer 3725 tcpSocket: 3726 description: TCPSocket specifies an action 3727 involving a TCP port. 3728 properties: 3729 host: 3730 description: 'Optional: Host name to connect 3731 to, defaults to the pod IP.' 3732 type: string 3733 port: 3734 anyOf: 3735 - type: integer 3736 - type: string 3737 description: Number or name of the port 3738 to access on the container. Number must 3739 be in the range 1 to 65535. Name must 3740 be an IANA_SVC_NAME. 3741 x-kubernetes-int-or-string: true 3742 required: 3743 - port 3744 type: object 3745 terminationGracePeriodSeconds: 3746 description: Optional duration in seconds 3747 the pod needs to terminate gracefully upon 3748 probe failure. The grace period is the duration 3749 in seconds after the processes running in 3750 the pod are sent a termination signal and 3751 the time when the processes are forcibly 3752 halted with a kill signal. Set this value 3753 longer than the expected cleanup time for 3754 your process. 3755 format: int64 3756 type: integer 3757 timeoutSeconds: 3758 description: 'Number of seconds after which 3759 the probe times out. Defaults to 1 second. 3760 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3761 format: int32 3762 type: integer 3763 type: object 3764 stdin: 3765 description: Whether this container should allocate 3766 a buffer for stdin in the container runtime. 3767 If this is not set, reads from stdin in the 3768 container will always result in EOF. Default 3769 is false. 3770 type: boolean 3771 stdinOnce: 3772 description: Whether the container runtime should 3773 close the stdin channel after it has been opened 3774 by a single attach. When stdin is true the stdin 3775 stream will remain open across multiple attach 3776 sessions. 3777 type: boolean 3778 targetContainerName: 3779 description: "If set, the name of the container 3780 from PodSpec that this ephemeral container targets. 3781 The ephemeral container will be run in the namespaces 3782 (IPC, PID, etc) of this container. If not set 3783 then the ephemeral container uses the namespaces 3784 configured in the Pod spec. \n The container 3785 runtime must implement support for this feature." 3786 type: string 3787 terminationMessagePath: 3788 description: 'Optional: Path at which the file 3789 to which the container''s termination message 3790 will be written is mounted into the container''s 3791 filesystem. Message written is intended to be 3792 brief final status, such as an assertion failure 3793 message. Will be truncated by the node if greater 3794 than 4096 bytes. The total message length across 3795 all containers will be limited to 12kb. Defaults 3796 to /dev/termination-log.' 3797 type: string 3798 terminationMessagePolicy: 3799 description: Indicate how the termination message 3800 should be populated. File will use the contents 3801 of terminationMessagePath to populate the container 3802 status message on both success and failure. 3803 FallbackToLogsOnError will use the last chunk 3804 of container log output if the termination message 3805 file is empty and the container exited with 3806 an error. 3807 type: string 3808 tty: 3809 description: Whether this container should allocate 3810 a TTY for itself, also requires 'stdin' to be 3811 true. Default is false. 3812 type: boolean 3813 volumeDevices: 3814 description: volumeDevices is the list of block 3815 devices to be used by the container. 3816 items: 3817 description: volumeDevice describes a mapping 3818 of a raw block device within a container. 3819 properties: 3820 devicePath: 3821 description: devicePath is the path inside 3822 of the container that the device will 3823 be mapped to. 3824 type: string 3825 name: 3826 description: name must match the name of 3827 a persistentVolumeClaim in the pod 3828 type: string 3829 required: 3830 - devicePath 3831 - name 3832 type: object 3833 type: array 3834 volumeMounts: 3835 description: Pod volumes to mount into the container's 3836 filesystem. Subpath mounts are not allowed for 3837 ephemeral containers. Cannot be updated. 3838 items: 3839 description: VolumeMount describes a mounting 3840 of a Volume within a container. 3841 properties: 3842 mountPath: 3843 description: Path within the container at 3844 which the volume should be mounted. Must 3845 not contain ':'. 3846 type: string 3847 mountPropagation: 3848 description: mountPropagation determines 3849 how mounts are propagated from the host 3850 to container and the other way around. 3851 When not set, MountPropagationNone is 3852 used. This field is beta in 1.10. 3853 type: string 3854 name: 3855 description: This must match the Name of 3856 a Volume. 3857 type: string 3858 readOnly: 3859 description: Mounted read-only if true, 3860 read-write otherwise (false or unspecified). 3861 Defaults to false. 3862 type: boolean 3863 subPath: 3864 description: Path within the volume from 3865 which the container's volume should be 3866 mounted. Defaults to "" (volume's root). 3867 type: string 3868 subPathExpr: 3869 description: Expanded path within the volume 3870 from which the container's volume should 3871 be mounted. Behaves similarly to SubPath 3872 but environment variable references $(VAR_NAME) 3873 are expanded using the container's environment. 3874 Defaults to "" (volume's root). SubPathExpr 3875 and SubPath are mutually exclusive. 3876 type: string 3877 required: 3878 - mountPath 3879 - name 3880 type: object 3881 type: array 3882 workingDir: 3883 description: Container's working directory. If 3884 not specified, the container runtime's default 3885 will be used, which might be configured in the 3886 container image. Cannot be updated. 3887 type: string 3888 required: 3889 - name 3890 type: object 3891 type: array 3892 hostAliases: 3893 description: HostAliases is an optional list of hosts 3894 and IPs that will be injected into the pod's hosts 3895 file if specified. This is only valid for non-hostNetwork 3896 pods. 3897 items: 3898 description: HostAlias holds the mapping between IP 3899 and hostnames that will be injected as an entry 3900 in the pod's hosts file. 3901 properties: 3902 hostnames: 3903 description: Hostnames for the above IP address. 3904 items: 3905 type: string 3906 type: array 3907 ip: 3908 description: IP address of the host file entry. 3909 type: string 3910 type: object 3911 type: array 3912 hostIPC: 3913 description: 'Use the host''s ipc namespace. Optional: 3914 Default to false.' 3915 type: boolean 3916 hostNetwork: 3917 description: Host networking requested for this pod. 3918 Use the host's network namespace. If this option is 3919 set, the ports that will be used must be specified. 3920 Default to false. 3921 type: boolean 3922 hostPID: 3923 description: 'Use the host''s pid namespace. Optional: 3924 Default to false.' 3925 type: boolean 3926 hostUsers: 3927 description: 'Use the host''s user namespace. Optional: 3928 Default to true. If set to true or not present, the 3929 pod will be run in the host user namespace, useful 3930 for when the pod needs a feature only available to 3931 the host user namespace, such as loading a kernel 3932 module with CAP_SYS_MODULE. When set to false, a new 3933 userns is created for the pod.' 3934 type: boolean 3935 hostname: 3936 description: Specifies the hostname of the Pod If not 3937 specified, the pod's hostname will be set to a system-defined 3938 value. 3939 type: string 3940 imagePullSecrets: 3941 description: 'ImagePullSecrets is an optional list of 3942 references to secrets in the same namespace to use 3943 for pulling any of the images used by this PodSpec. 3944 If specified, these secrets will be passed to individual 3945 puller implementations for them to use. More info: 3946 https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 3947 items: 3948 description: LocalObjectReference contains enough 3949 information to let you locate the referenced object 3950 inside the same namespace. 3951 properties: 3952 name: 3953 description: 'Name of the referent. More info: 3954 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3955 TODO: Add other useful fields. apiVersion, kind, 3956 uid?' 3957 type: string 3958 type: object 3959 x-kubernetes-map-type: atomic 3960 type: array 3961 initContainers: 3962 description: List of initialization containers belonging 3963 to the pod. Init containers are executed in order 3964 prior to containers being started. If any init container 3965 fails, the pod is considered to have failed and is 3966 handled according to its restartPolicy. The name for 3967 an init container or normal container must be unique 3968 among all containers. 3969 items: 3970 description: A single application container that you 3971 want to run within a pod. 3972 properties: 3973 args: 3974 description: 'Arguments to the entrypoint. The 3975 container image''s CMD is used if this is not 3976 provided. Variable references $(VAR_NAME) are 3977 expanded using the container''s environment. 3978 If a variable cannot be resolved, the reference 3979 in the input string will be unchanged. Double 3980 $$ are reduced to a single $, which allows for 3981 escaping the $(VAR_NAME) syntax: i.e.' 3982 items: 3983 type: string 3984 type: array 3985 command: 3986 description: 'Entrypoint array. Not executed within 3987 a shell. The container image''s ENTRYPOINT is 3988 used if this is not provided. Variable references 3989 $(VAR_NAME) are expanded using the container''s 3990 environment. If a variable cannot be resolved, 3991 the reference in the input string will be unchanged. 3992 Double $$ are reduced to a single $, which allows 3993 for escaping the $(VAR_NAME) syntax: i.e.' 3994 items: 3995 type: string 3996 type: array 3997 env: 3998 description: List of environment variables to 3999 set in the container. Cannot be updated. 4000 items: 4001 description: EnvVar represents an environment 4002 variable present in a Container. 4003 properties: 4004 name: 4005 description: Name of the environment variable. 4006 Must be a C_IDENTIFIER. 4007 type: string 4008 value: 4009 description: 'Variable references $(VAR_NAME) 4010 are expanded using the previously defined 4011 environment variables in the container 4012 and any service environment variables. 4013 If a variable cannot be resolved, the 4014 reference in the input string will be 4015 unchanged. Double $$ are reduced to a 4016 single $, which allows for escaping the 4017 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4018 will produce the string literal "$(VAR_NAME)".' 4019 type: string 4020 valueFrom: 4021 description: Source for the environment 4022 variable's value. Cannot be used if value 4023 is not empty. 4024 properties: 4025 configMapKeyRef: 4026 description: Selects a key of a ConfigMap. 4027 properties: 4028 key: 4029 description: The key to select. 4030 type: string 4031 name: 4032 description: 'Name of the referent. 4033 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4034 TODO: Add other useful fields. 4035 apiVersion, kind, uid?' 4036 type: string 4037 optional: 4038 description: Specify whether the 4039 ConfigMap or its key must be defined 4040 type: boolean 4041 required: 4042 - key 4043 type: object 4044 x-kubernetes-map-type: atomic 4045 fieldRef: 4046 description: 'Selects a field of the 4047 pod: supports metadata.name, metadata.namespace, 4048 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4049 spec.nodeName, spec.serviceAccountName, 4050 status.hostIP, status.podIP, status.podIPs.' 4051 properties: 4052 apiVersion: 4053 description: Version of the schema 4054 the FieldPath is written in terms 4055 of, defaults to "v1". 4056 type: string 4057 fieldPath: 4058 description: Path of the field to 4059 select in the specified API version. 4060 type: string 4061 required: 4062 - fieldPath 4063 type: object 4064 x-kubernetes-map-type: atomic 4065 resourceFieldRef: 4066 description: 'Selects a resource of 4067 the container: only resources limits 4068 and requests (limits.cpu, limits.memory, 4069 limits.ephemeral-storage, requests.cpu, 4070 requests.memory and requests.ephemeral-storage) 4071 are currently supported.' 4072 properties: 4073 containerName: 4074 description: 'Container name: required 4075 for volumes, optional for env 4076 vars' 4077 type: string 4078 divisor: 4079 anyOf: 4080 - type: integer 4081 - type: string 4082 description: Specifies the output 4083 format of the exposed resources, 4084 defaults to "1" 4085 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4086 x-kubernetes-int-or-string: true 4087 resource: 4088 description: 'Required: resource 4089 to select' 4090 type: string 4091 required: 4092 - resource 4093 type: object 4094 x-kubernetes-map-type: atomic 4095 secretKeyRef: 4096 description: Selects a key of a secret 4097 in the pod's namespace 4098 properties: 4099 key: 4100 description: The key of the secret 4101 to select from. Must be a valid 4102 secret key. 4103 type: string 4104 name: 4105 description: 'Name of the referent. 4106 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4107 TODO: Add other useful fields. 4108 apiVersion, kind, uid?' 4109 type: string 4110 optional: 4111 description: Specify whether the 4112 Secret or its key must be defined 4113 type: boolean 4114 required: 4115 - key 4116 type: object 4117 x-kubernetes-map-type: atomic 4118 type: object 4119 required: 4120 - name 4121 type: object 4122 type: array 4123 envFrom: 4124 description: List of sources to populate environment 4125 variables in the container. The keys defined 4126 within a source must be a C_IDENTIFIER. All 4127 invalid keys will be reported as an event when 4128 the container is starting. When a key exists 4129 in multiple sources, the value associated with 4130 the last source will take precedence. Values 4131 defined by an Env with a duplicate key will 4132 take precedence. Cannot be updated. 4133 items: 4134 description: EnvFromSource represents the source 4135 of a set of ConfigMaps 4136 properties: 4137 configMapRef: 4138 description: The ConfigMap to select from 4139 properties: 4140 name: 4141 description: 'Name of the referent. 4142 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4143 TODO: Add other useful fields. apiVersion, 4144 kind, uid?' 4145 type: string 4146 optional: 4147 description: Specify whether the ConfigMap 4148 must be defined 4149 type: boolean 4150 type: object 4151 x-kubernetes-map-type: atomic 4152 prefix: 4153 description: An optional identifier to prepend 4154 to each key in the ConfigMap. Must be 4155 a C_IDENTIFIER. 4156 type: string 4157 secretRef: 4158 description: The Secret to select from 4159 properties: 4160 name: 4161 description: 'Name of the referent. 4162 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4163 TODO: Add other useful fields. apiVersion, 4164 kind, uid?' 4165 type: string 4166 optional: 4167 description: Specify whether the Secret 4168 must be defined 4169 type: boolean 4170 type: object 4171 x-kubernetes-map-type: atomic 4172 type: object 4173 type: array 4174 image: 4175 description: 'Container image name. More info: 4176 https://kubernetes.io/docs/concepts/containers/images 4177 This field is optional to allow higher level 4178 config management to default or override container 4179 images in workload controllers like Deployments 4180 and StatefulSets.' 4181 type: string 4182 imagePullPolicy: 4183 description: 'Image pull policy. One of Always, 4184 Never, IfNotPresent. Defaults to Always if :latest 4185 tag is specified, or IfNotPresent otherwise. 4186 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4187 type: string 4188 lifecycle: 4189 description: Actions that the management system 4190 should take in response to container lifecycle 4191 events. Cannot be updated. 4192 properties: 4193 postStart: 4194 description: 'PostStart is called immediately 4195 after a container is created. If the handler 4196 fails, the container is terminated and restarted 4197 according to its restart policy. Other management 4198 of the container blocks until the hook completes. 4199 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4200 properties: 4201 exec: 4202 description: Exec specifies the action 4203 to take. 4204 properties: 4205 command: 4206 description: Command is the command 4207 line to execute inside the container, 4208 the working directory for the command is 4209 root ('/') in the container's filesystem. 4210 The command is simply exec'd, it 4211 is not run inside a shell, so traditional 4212 shell instructions ('|', etc) won't 4213 work. To use a shell, you need to 4214 explicitly call out to that shell. 4215 Exit status of 0 is treated as live/healthy 4216 and non-zero is unhealthy. 4217 items: 4218 type: string 4219 type: array 4220 type: object 4221 httpGet: 4222 description: HTTPGet specifies the http 4223 request to perform. 4224 properties: 4225 host: 4226 description: Host name to connect 4227 to, defaults to the pod IP. You 4228 probably want to set "Host" in httpHeaders 4229 instead. 4230 type: string 4231 httpHeaders: 4232 description: Custom headers to set 4233 in the request. HTTP allows repeated 4234 headers. 4235 items: 4236 description: HTTPHeader describes 4237 a custom header to be used in 4238 HTTP probes 4239 properties: 4240 name: 4241 description: The header field 4242 name. This will be canonicalized 4243 upon output, so case-variant 4244 names will be understood as 4245 the same header. 4246 type: string 4247 value: 4248 description: The header field 4249 value 4250 type: string 4251 required: 4252 - name 4253 - value 4254 type: object 4255 type: array 4256 path: 4257 description: Path to access on the 4258 HTTP server. 4259 type: string 4260 port: 4261 anyOf: 4262 - type: integer 4263 - type: string 4264 description: Name or number of the 4265 port to access on the container. 4266 Number must be in the range 1 to 4267 65535. Name must be an IANA_SVC_NAME. 4268 x-kubernetes-int-or-string: true 4269 scheme: 4270 description: Scheme to use for connecting 4271 to the host. Defaults to HTTP. 4272 type: string 4273 required: 4274 - port 4275 type: object 4276 tcpSocket: 4277 description: Deprecated. TCPSocket is 4278 NOT supported as a LifecycleHandler 4279 and kept for the backward compatibility. 4280 There are no validation of this field 4281 and lifecycle hooks will fail in runtime 4282 when tcp handler is specified. 4283 properties: 4284 host: 4285 description: 'Optional: Host name 4286 to connect to, defaults to the pod 4287 IP.' 4288 type: string 4289 port: 4290 anyOf: 4291 - type: integer 4292 - type: string 4293 description: Number or name of the 4294 port to access on the container. 4295 Number must be in the range 1 to 4296 65535. Name must be an IANA_SVC_NAME. 4297 x-kubernetes-int-or-string: true 4298 required: 4299 - port 4300 type: object 4301 type: object 4302 preStop: 4303 description: PreStop is called immediately 4304 before a container is terminated due to 4305 an API request or management event such 4306 as liveness/startup probe failure, preemption, 4307 resource contention, etc. The handler is 4308 not called if the container crashes or exits. 4309 The Pod's termination grace period countdown 4310 begins before the PreStop hook is executed. 4311 properties: 4312 exec: 4313 description: Exec specifies the action 4314 to take. 4315 properties: 4316 command: 4317 description: Command is the command 4318 line to execute inside the container, 4319 the working directory for the command is 4320 root ('/') in the container's filesystem. 4321 The command is simply exec'd, it 4322 is not run inside a shell, so traditional 4323 shell instructions ('|', etc) won't 4324 work. To use a shell, you need to 4325 explicitly call out to that shell. 4326 Exit status of 0 is treated as live/healthy 4327 and non-zero is unhealthy. 4328 items: 4329 type: string 4330 type: array 4331 type: object 4332 httpGet: 4333 description: HTTPGet specifies the http 4334 request to perform. 4335 properties: 4336 host: 4337 description: Host name to connect 4338 to, defaults to the pod IP. You 4339 probably want to set "Host" in httpHeaders 4340 instead. 4341 type: string 4342 httpHeaders: 4343 description: Custom headers to set 4344 in the request. HTTP allows repeated 4345 headers. 4346 items: 4347 description: HTTPHeader describes 4348 a custom header to be used in 4349 HTTP probes 4350 properties: 4351 name: 4352 description: The header field 4353 name. This will be canonicalized 4354 upon output, so case-variant 4355 names will be understood as 4356 the same header. 4357 type: string 4358 value: 4359 description: The header field 4360 value 4361 type: string 4362 required: 4363 - name 4364 - value 4365 type: object 4366 type: array 4367 path: 4368 description: Path to access on the 4369 HTTP server. 4370 type: string 4371 port: 4372 anyOf: 4373 - type: integer 4374 - type: string 4375 description: Name or number of the 4376 port to access on the container. 4377 Number must be in the range 1 to 4378 65535. Name must be an IANA_SVC_NAME. 4379 x-kubernetes-int-or-string: true 4380 scheme: 4381 description: Scheme to use for connecting 4382 to the host. Defaults to HTTP. 4383 type: string 4384 required: 4385 - port 4386 type: object 4387 tcpSocket: 4388 description: Deprecated. TCPSocket is 4389 NOT supported as a LifecycleHandler 4390 and kept for the backward compatibility. 4391 There are no validation of this field 4392 and lifecycle hooks will fail in runtime 4393 when tcp handler is specified. 4394 properties: 4395 host: 4396 description: 'Optional: Host name 4397 to connect to, defaults to the pod 4398 IP.' 4399 type: string 4400 port: 4401 anyOf: 4402 - type: integer 4403 - type: string 4404 description: Number or name of the 4405 port to access on the container. 4406 Number must be in the range 1 to 4407 65535. Name must be an IANA_SVC_NAME. 4408 x-kubernetes-int-or-string: true 4409 required: 4410 - port 4411 type: object 4412 type: object 4413 type: object 4414 livenessProbe: 4415 description: 'Periodic probe of container liveness. 4416 Container will be restarted if the probe fails. 4417 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4418 properties: 4419 exec: 4420 description: Exec specifies the action to 4421 take. 4422 properties: 4423 command: 4424 description: Command is the command line 4425 to execute inside the container, the 4426 working directory for the command is 4427 root ('/') in the container's filesystem. 4428 The command is simply exec'd, it is 4429 not run inside a shell, so traditional 4430 shell instructions ('|', etc) won't 4431 work. To use a shell, you need to explicitly 4432 call out to that shell. Exit status 4433 of 0 is treated as live/healthy and 4434 non-zero is unhealthy. 4435 items: 4436 type: string 4437 type: array 4438 type: object 4439 failureThreshold: 4440 description: Minimum consecutive failures 4441 for the probe to be considered failed after 4442 having succeeded. Defaults to 3. Minimum 4443 value is 1. 4444 format: int32 4445 type: integer 4446 grpc: 4447 description: GRPC specifies an action involving 4448 a GRPC port. 4449 properties: 4450 port: 4451 description: Port number of the gRPC service. 4452 Number must be in the range 1 to 65535. 4453 format: int32 4454 type: integer 4455 service: 4456 description: "Service is the name of the 4457 service to place in the gRPC HealthCheckRequest 4458 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4459 \n If this is not specified, the default 4460 behavior is defined by gRPC." 4461 type: string 4462 required: 4463 - port 4464 type: object 4465 httpGet: 4466 description: HTTPGet specifies the http request 4467 to perform. 4468 properties: 4469 host: 4470 description: Host name to connect to, 4471 defaults to the pod IP. You probably 4472 want to set "Host" in httpHeaders instead. 4473 type: string 4474 httpHeaders: 4475 description: Custom headers to set in 4476 the request. HTTP allows repeated headers. 4477 items: 4478 description: HTTPHeader describes a 4479 custom header to be used in HTTP probes 4480 properties: 4481 name: 4482 description: The header field name. 4483 This will be canonicalized upon 4484 output, so case-variant names 4485 will be understood as the same 4486 header. 4487 type: string 4488 value: 4489 description: The header field value 4490 type: string 4491 required: 4492 - name 4493 - value 4494 type: object 4495 type: array 4496 path: 4497 description: Path to access on the HTTP 4498 server. 4499 type: string 4500 port: 4501 anyOf: 4502 - type: integer 4503 - type: string 4504 description: Name or number of the port 4505 to access on the container. Number must 4506 be in the range 1 to 65535. Name must 4507 be an IANA_SVC_NAME. 4508 x-kubernetes-int-or-string: true 4509 scheme: 4510 description: Scheme to use for connecting 4511 to the host. Defaults to HTTP. 4512 type: string 4513 required: 4514 - port 4515 type: object 4516 initialDelaySeconds: 4517 description: 'Number of seconds after the 4518 container has started before liveness probes 4519 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4520 format: int32 4521 type: integer 4522 periodSeconds: 4523 description: How often (in seconds) to perform 4524 the probe. Default to 10 seconds. Minimum 4525 value is 1. 4526 format: int32 4527 type: integer 4528 successThreshold: 4529 description: Minimum consecutive successes 4530 for the probe to be considered successful 4531 after having failed. Defaults to 1. Must 4532 be 1 for liveness and startup. Minimum value 4533 is 1. 4534 format: int32 4535 type: integer 4536 tcpSocket: 4537 description: TCPSocket specifies an action 4538 involving a TCP port. 4539 properties: 4540 host: 4541 description: 'Optional: Host name to connect 4542 to, defaults to the pod IP.' 4543 type: string 4544 port: 4545 anyOf: 4546 - type: integer 4547 - type: string 4548 description: Number or name of the port 4549 to access on the container. Number must 4550 be in the range 1 to 65535. Name must 4551 be an IANA_SVC_NAME. 4552 x-kubernetes-int-or-string: true 4553 required: 4554 - port 4555 type: object 4556 terminationGracePeriodSeconds: 4557 description: Optional duration in seconds 4558 the pod needs to terminate gracefully upon 4559 probe failure. The grace period is the duration 4560 in seconds after the processes running in 4561 the pod are sent a termination signal and 4562 the time when the processes are forcibly 4563 halted with a kill signal. Set this value 4564 longer than the expected cleanup time for 4565 your process. 4566 format: int64 4567 type: integer 4568 timeoutSeconds: 4569 description: 'Number of seconds after which 4570 the probe times out. Defaults to 1 second. 4571 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4572 format: int32 4573 type: integer 4574 type: object 4575 name: 4576 description: Name of the container specified as 4577 a DNS_LABEL. Each container in a pod must have 4578 a unique name (DNS_LABEL). Cannot be updated. 4579 type: string 4580 ports: 4581 description: List of ports to expose from the 4582 container. Not specifying a port here DOES NOT 4583 prevent that port from being exposed. Any port 4584 which is listening on the default "0.0.0.0" 4585 address inside a container will be accessible 4586 from the network. Modifying this array with 4587 strategic merge patch may corrupt the data. 4588 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 4589 items: 4590 description: ContainerPort represents a network 4591 port in a single container. 4592 properties: 4593 containerPort: 4594 description: Number of port to expose on 4595 the pod's IP address. This must be a valid 4596 port number, 0 < x < 65536. 4597 format: int32 4598 type: integer 4599 hostIP: 4600 description: What host IP to bind the external 4601 port to. 4602 type: string 4603 hostPort: 4604 description: Number of port to expose on 4605 the host. If specified, this must be a 4606 valid port number, 0 < x < 65536. If HostNetwork 4607 is specified, this must match ContainerPort. 4608 Most containers do not need this. 4609 format: int32 4610 type: integer 4611 name: 4612 description: If specified, this must be 4613 an IANA_SVC_NAME and unique within the 4614 pod. Each named port in a pod must have 4615 a unique name. Name for the port that 4616 can be referred to by services. 4617 type: string 4618 protocol: 4619 default: TCP 4620 description: Protocol for port. Must be 4621 UDP, TCP, or SCTP. Defaults to "TCP". 4622 type: string 4623 required: 4624 - containerPort 4625 type: object 4626 type: array 4627 x-kubernetes-list-map-keys: 4628 - containerPort 4629 - protocol 4630 x-kubernetes-list-type: map 4631 readinessProbe: 4632 description: 'Periodic probe of container service 4633 readiness. Container will be removed from service 4634 endpoints if the probe fails. Cannot be updated. 4635 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4636 properties: 4637 exec: 4638 description: Exec specifies the action to 4639 take. 4640 properties: 4641 command: 4642 description: Command is the command line 4643 to execute inside the container, the 4644 working directory for the command is 4645 root ('/') in the container's filesystem. 4646 The command is simply exec'd, it is 4647 not run inside a shell, so traditional 4648 shell instructions ('|', etc) won't 4649 work. To use a shell, you need to explicitly 4650 call out to that shell. Exit status 4651 of 0 is treated as live/healthy and 4652 non-zero is unhealthy. 4653 items: 4654 type: string 4655 type: array 4656 type: object 4657 failureThreshold: 4658 description: Minimum consecutive failures 4659 for the probe to be considered failed after 4660 having succeeded. Defaults to 3. Minimum 4661 value is 1. 4662 format: int32 4663 type: integer 4664 grpc: 4665 description: GRPC specifies an action involving 4666 a GRPC port. 4667 properties: 4668 port: 4669 description: Port number of the gRPC service. 4670 Number must be in the range 1 to 65535. 4671 format: int32 4672 type: integer 4673 service: 4674 description: "Service is the name of the 4675 service to place in the gRPC HealthCheckRequest 4676 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4677 \n If this is not specified, the default 4678 behavior is defined by gRPC." 4679 type: string 4680 required: 4681 - port 4682 type: object 4683 httpGet: 4684 description: HTTPGet specifies the http request 4685 to perform. 4686 properties: 4687 host: 4688 description: Host name to connect to, 4689 defaults to the pod IP. You probably 4690 want to set "Host" in httpHeaders instead. 4691 type: string 4692 httpHeaders: 4693 description: Custom headers to set in 4694 the request. HTTP allows repeated headers. 4695 items: 4696 description: HTTPHeader describes a 4697 custom header to be used in HTTP probes 4698 properties: 4699 name: 4700 description: The header field name. 4701 This will be canonicalized upon 4702 output, so case-variant names 4703 will be understood as the same 4704 header. 4705 type: string 4706 value: 4707 description: The header field value 4708 type: string 4709 required: 4710 - name 4711 - value 4712 type: object 4713 type: array 4714 path: 4715 description: Path to access on the HTTP 4716 server. 4717 type: string 4718 port: 4719 anyOf: 4720 - type: integer 4721 - type: string 4722 description: Name or number of the port 4723 to access on the container. Number must 4724 be in the range 1 to 65535. Name must 4725 be an IANA_SVC_NAME. 4726 x-kubernetes-int-or-string: true 4727 scheme: 4728 description: Scheme to use for connecting 4729 to the host. Defaults to HTTP. 4730 type: string 4731 required: 4732 - port 4733 type: object 4734 initialDelaySeconds: 4735 description: 'Number of seconds after the 4736 container has started before liveness probes 4737 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4738 format: int32 4739 type: integer 4740 periodSeconds: 4741 description: How often (in seconds) to perform 4742 the probe. Default to 10 seconds. Minimum 4743 value is 1. 4744 format: int32 4745 type: integer 4746 successThreshold: 4747 description: Minimum consecutive successes 4748 for the probe to be considered successful 4749 after having failed. Defaults to 1. Must 4750 be 1 for liveness and startup. Minimum value 4751 is 1. 4752 format: int32 4753 type: integer 4754 tcpSocket: 4755 description: TCPSocket specifies an action 4756 involving a TCP port. 4757 properties: 4758 host: 4759 description: 'Optional: Host name to connect 4760 to, defaults to the pod IP.' 4761 type: string 4762 port: 4763 anyOf: 4764 - type: integer 4765 - type: string 4766 description: Number or name of the port 4767 to access on the container. Number must 4768 be in the range 1 to 65535. Name must 4769 be an IANA_SVC_NAME. 4770 x-kubernetes-int-or-string: true 4771 required: 4772 - port 4773 type: object 4774 terminationGracePeriodSeconds: 4775 description: Optional duration in seconds 4776 the pod needs to terminate gracefully upon 4777 probe failure. The grace period is the duration 4778 in seconds after the processes running in 4779 the pod are sent a termination signal and 4780 the time when the processes are forcibly 4781 halted with a kill signal. Set this value 4782 longer than the expected cleanup time for 4783 your process. 4784 format: int64 4785 type: integer 4786 timeoutSeconds: 4787 description: 'Number of seconds after which 4788 the probe times out. Defaults to 1 second. 4789 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4790 format: int32 4791 type: integer 4792 type: object 4793 resizePolicy: 4794 description: Resources resize policy for the container. 4795 items: 4796 description: ContainerResizePolicy represents 4797 resource resize policy for the container. 4798 properties: 4799 resourceName: 4800 description: 'Name of the resource to which 4801 this resource resize policy applies. Supported 4802 values: cpu, memory.' 4803 type: string 4804 restartPolicy: 4805 description: Restart policy to apply when 4806 specified resource is resized. If not 4807 specified, it defaults to NotRequired. 4808 type: string 4809 required: 4810 - resourceName 4811 - restartPolicy 4812 type: object 4813 type: array 4814 x-kubernetes-list-type: atomic 4815 resources: 4816 description: 'Compute Resources required by this 4817 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4818 properties: 4819 claims: 4820 description: "Claims lists the names of resources, 4821 defined in spec.resourceClaims, that are 4822 used by this container. \n This is an alpha 4823 field and requires enabling the DynamicResourceAllocation 4824 feature gate. \n This field is immutable. 4825 It can only be set for containers." 4826 items: 4827 description: ResourceClaim references one 4828 entry in PodSpec.ResourceClaims. 4829 properties: 4830 name: 4831 description: Name must match the name 4832 of one entry in pod.spec.resourceClaims 4833 of the Pod where this field is used. 4834 It makes that resource available inside 4835 a container. 4836 type: string 4837 required: 4838 - name 4839 type: object 4840 type: array 4841 x-kubernetes-list-map-keys: 4842 - name 4843 x-kubernetes-list-type: map 4844 limits: 4845 additionalProperties: 4846 anyOf: 4847 - type: integer 4848 - type: string 4849 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4850 x-kubernetes-int-or-string: true 4851 description: 'Limits describes the maximum 4852 amount of compute resources allowed. More 4853 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4854 type: object 4855 requests: 4856 additionalProperties: 4857 anyOf: 4858 - type: integer 4859 - type: string 4860 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4861 x-kubernetes-int-or-string: true 4862 description: 'Requests describes the minimum 4863 amount of compute resources required. If 4864 Requests is omitted for a container, it 4865 defaults to Limits if that is explicitly 4866 specified, otherwise to an implementation-defined 4867 value. Requests cannot exceed Limits. More 4868 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4869 type: object 4870 type: object 4871 securityContext: 4872 description: 'SecurityContext defines the security 4873 options the container should be run with. If 4874 set, the fields of SecurityContext override 4875 the equivalent fields of PodSecurityContext. 4876 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 4877 properties: 4878 allowPrivilegeEscalation: 4879 description: 'AllowPrivilegeEscalation controls 4880 whether a process can gain more privileges 4881 than its parent process. This bool directly 4882 controls if the no_new_privs flag will be 4883 set on the container process. AllowPrivilegeEscalation 4884 is true always when the container is: 1) 4885 run as Privileged 2) has CAP_SYS_ADMIN Note 4886 that this field cannot be set when spec.os.name 4887 is windows.' 4888 type: boolean 4889 capabilities: 4890 description: The capabilities to add/drop 4891 when running containers. Defaults to the 4892 default set of capabilities granted by the 4893 container runtime. Note that this field 4894 cannot be set when spec.os.name is windows. 4895 properties: 4896 add: 4897 description: Added capabilities 4898 items: 4899 description: Capability represent POSIX 4900 capabilities type 4901 type: string 4902 type: array 4903 drop: 4904 description: Removed capabilities 4905 items: 4906 description: Capability represent POSIX 4907 capabilities type 4908 type: string 4909 type: array 4910 type: object 4911 privileged: 4912 description: Run container in privileged mode. 4913 Processes in privileged containers are essentially 4914 equivalent to root on the host. Defaults 4915 to false. Note that this field cannot be 4916 set when spec.os.name is windows. 4917 type: boolean 4918 procMount: 4919 description: procMount denotes the type of 4920 proc mount to use for the containers. The 4921 default is DefaultProcMount which uses the 4922 container runtime defaults for readonly 4923 paths and masked paths. This requires the 4924 ProcMountType feature flag to be enabled. 4925 Note that this field cannot be set when 4926 spec.os.name is windows. 4927 type: string 4928 readOnlyRootFilesystem: 4929 description: Whether this container has a 4930 read-only root filesystem. Default is false. 4931 Note that this field cannot be set when 4932 spec.os.name is windows. 4933 type: boolean 4934 runAsGroup: 4935 description: The GID to run the entrypoint 4936 of the container process. Uses runtime default 4937 if unset. May also be set in PodSecurityContext. If 4938 set in both SecurityContext and PodSecurityContext, 4939 the value specified in SecurityContext takes 4940 precedence. Note that this field cannot 4941 be set when spec.os.name is windows. 4942 format: int64 4943 type: integer 4944 runAsNonRoot: 4945 description: Indicates that the container 4946 must run as a non-root user. If true, the 4947 Kubelet will validate the image at runtime 4948 to ensure that it does not run as UID 0 4949 (root) and fail to start the container if 4950 it does. If unset or false, no such validation 4951 will be performed. May also be set in PodSecurityContext. 4952 type: boolean 4953 runAsUser: 4954 description: The UID to run the entrypoint 4955 of the container process. Defaults to user 4956 specified in image metadata if unspecified. 4957 May also be set in PodSecurityContext. If 4958 set in both SecurityContext and PodSecurityContext, 4959 the value specified in SecurityContext takes 4960 precedence. Note that this field cannot 4961 be set when spec.os.name is windows. 4962 format: int64 4963 type: integer 4964 seLinuxOptions: 4965 description: The SELinux context to be applied 4966 to the container. If unspecified, the container 4967 runtime will allocate a random SELinux context 4968 for each container. May also be set in 4969 PodSecurityContext. If set in both SecurityContext 4970 and PodSecurityContext, the value specified 4971 in SecurityContext takes precedence. Note 4972 that this field cannot be set when spec.os.name 4973 is windows. 4974 properties: 4975 level: 4976 description: Level is SELinux level label 4977 that applies to the container. 4978 type: string 4979 role: 4980 description: Role is a SELinux role label 4981 that applies to the container. 4982 type: string 4983 type: 4984 description: Type is a SELinux type label 4985 that applies to the container. 4986 type: string 4987 user: 4988 description: User is a SELinux user label 4989 that applies to the container. 4990 type: string 4991 type: object 4992 seccompProfile: 4993 description: The seccomp options to use by 4994 this container. If seccomp options are provided 4995 at both the pod & container level, the container 4996 options override the pod options. Note that 4997 this field cannot be set when spec.os.name 4998 is windows. 4999 properties: 5000 localhostProfile: 5001 description: localhostProfile indicates 5002 a profile defined in a file on the node 5003 should be used. The profile must be 5004 preconfigured on the node to work. Must 5005 be a descending path, relative to the 5006 kubelet's configured seccomp profile 5007 location. Must only be set if type is 5008 "Localhost". 5009 type: string 5010 type: 5011 description: "type indicates which kind 5012 of seccomp profile will be applied. 5013 Valid options are: \n Localhost - a 5014 profile defined in a file on the node 5015 should be used. RuntimeDefault - the 5016 container runtime default profile should 5017 be used. Unconfined - no profile should 5018 be applied." 5019 type: string 5020 required: 5021 - type 5022 type: object 5023 windowsOptions: 5024 description: The Windows specific settings 5025 applied to all containers. If unspecified, 5026 the options from the PodSecurityContext 5027 will be used. If set in both SecurityContext 5028 and PodSecurityContext, the value specified 5029 in SecurityContext takes precedence. Note 5030 that this field cannot be set when spec.os.name 5031 is linux. 5032 properties: 5033 gmsaCredentialSpec: 5034 description: GMSACredentialSpec is where 5035 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5036 inlines the contents of the GMSA credential 5037 spec named by the GMSACredentialSpecName 5038 field. 5039 type: string 5040 gmsaCredentialSpecName: 5041 description: GMSACredentialSpecName is 5042 the name of the GMSA credential spec 5043 to use. 5044 type: string 5045 hostProcess: 5046 description: HostProcess determines if 5047 a container should be run as a 'Host 5048 Process' container. This field is alpha-level 5049 and will only be honored by components 5050 that enable the WindowsHostProcessContainers 5051 feature flag. Setting this field without 5052 the feature flag will result in errors 5053 when validating the Pod. 5054 type: boolean 5055 runAsUserName: 5056 description: The UserName in Windows to 5057 run the entrypoint of the container 5058 process. Defaults to the user specified 5059 in image metadata if unspecified. May 5060 also be set in PodSecurityContext. If 5061 set in both SecurityContext and PodSecurityContext, 5062 the value specified in SecurityContext 5063 takes precedence. 5064 type: string 5065 type: object 5066 type: object 5067 startupProbe: 5068 description: StartupProbe indicates that the Pod 5069 has successfully initialized. If specified, 5070 no other probes are executed until this completes 5071 successfully. If this probe fails, the Pod will 5072 be restarted, just as if the livenessProbe failed. 5073 properties: 5074 exec: 5075 description: Exec specifies the action to 5076 take. 5077 properties: 5078 command: 5079 description: Command is the command line 5080 to execute inside the container, the 5081 working directory for the command is 5082 root ('/') in the container's filesystem. 5083 The command is simply exec'd, it is 5084 not run inside a shell, so traditional 5085 shell instructions ('|', etc) won't 5086 work. To use a shell, you need to explicitly 5087 call out to that shell. Exit status 5088 of 0 is treated as live/healthy and 5089 non-zero is unhealthy. 5090 items: 5091 type: string 5092 type: array 5093 type: object 5094 failureThreshold: 5095 description: Minimum consecutive failures 5096 for the probe to be considered failed after 5097 having succeeded. Defaults to 3. Minimum 5098 value is 1. 5099 format: int32 5100 type: integer 5101 grpc: 5102 description: GRPC specifies an action involving 5103 a GRPC port. 5104 properties: 5105 port: 5106 description: Port number of the gRPC service. 5107 Number must be in the range 1 to 65535. 5108 format: int32 5109 type: integer 5110 service: 5111 description: "Service is the name of the 5112 service to place in the gRPC HealthCheckRequest 5113 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5114 \n If this is not specified, the default 5115 behavior is defined by gRPC." 5116 type: string 5117 required: 5118 - port 5119 type: object 5120 httpGet: 5121 description: HTTPGet specifies the http request 5122 to perform. 5123 properties: 5124 host: 5125 description: Host name to connect to, 5126 defaults to the pod IP. You probably 5127 want to set "Host" in httpHeaders instead. 5128 type: string 5129 httpHeaders: 5130 description: Custom headers to set in 5131 the request. HTTP allows repeated headers. 5132 items: 5133 description: HTTPHeader describes a 5134 custom header to be used in HTTP probes 5135 properties: 5136 name: 5137 description: The header field name. 5138 This will be canonicalized upon 5139 output, so case-variant names 5140 will be understood as the same 5141 header. 5142 type: string 5143 value: 5144 description: The header field value 5145 type: string 5146 required: 5147 - name 5148 - value 5149 type: object 5150 type: array 5151 path: 5152 description: Path to access on the HTTP 5153 server. 5154 type: string 5155 port: 5156 anyOf: 5157 - type: integer 5158 - type: string 5159 description: Name or number of the port 5160 to access on the container. Number must 5161 be in the range 1 to 65535. Name must 5162 be an IANA_SVC_NAME. 5163 x-kubernetes-int-or-string: true 5164 scheme: 5165 description: Scheme to use for connecting 5166 to the host. Defaults to HTTP. 5167 type: string 5168 required: 5169 - port 5170 type: object 5171 initialDelaySeconds: 5172 description: 'Number of seconds after the 5173 container has started before liveness probes 5174 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5175 format: int32 5176 type: integer 5177 periodSeconds: 5178 description: How often (in seconds) to perform 5179 the probe. Default to 10 seconds. Minimum 5180 value is 1. 5181 format: int32 5182 type: integer 5183 successThreshold: 5184 description: Minimum consecutive successes 5185 for the probe to be considered successful 5186 after having failed. Defaults to 1. Must 5187 be 1 for liveness and startup. Minimum value 5188 is 1. 5189 format: int32 5190 type: integer 5191 tcpSocket: 5192 description: TCPSocket specifies an action 5193 involving a TCP port. 5194 properties: 5195 host: 5196 description: 'Optional: Host name to connect 5197 to, defaults to the pod IP.' 5198 type: string 5199 port: 5200 anyOf: 5201 - type: integer 5202 - type: string 5203 description: Number or name of the port 5204 to access on the container. Number must 5205 be in the range 1 to 65535. Name must 5206 be an IANA_SVC_NAME. 5207 x-kubernetes-int-or-string: true 5208 required: 5209 - port 5210 type: object 5211 terminationGracePeriodSeconds: 5212 description: Optional duration in seconds 5213 the pod needs to terminate gracefully upon 5214 probe failure. The grace period is the duration 5215 in seconds after the processes running in 5216 the pod are sent a termination signal and 5217 the time when the processes are forcibly 5218 halted with a kill signal. Set this value 5219 longer than the expected cleanup time for 5220 your process. 5221 format: int64 5222 type: integer 5223 timeoutSeconds: 5224 description: 'Number of seconds after which 5225 the probe times out. Defaults to 1 second. 5226 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5227 format: int32 5228 type: integer 5229 type: object 5230 stdin: 5231 description: Whether this container should allocate 5232 a buffer for stdin in the container runtime. 5233 If this is not set, reads from stdin in the 5234 container will always result in EOF. Default 5235 is false. 5236 type: boolean 5237 stdinOnce: 5238 description: Whether the container runtime should 5239 close the stdin channel after it has been opened 5240 by a single attach. When stdin is true the stdin 5241 stream will remain open across multiple attach 5242 sessions. 5243 type: boolean 5244 terminationMessagePath: 5245 description: 'Optional: Path at which the file 5246 to which the container''s termination message 5247 will be written is mounted into the container''s 5248 filesystem. Message written is intended to be 5249 brief final status, such as an assertion failure 5250 message. Will be truncated by the node if greater 5251 than 4096 bytes. The total message length across 5252 all containers will be limited to 12kb. Defaults 5253 to /dev/termination-log.' 5254 type: string 5255 terminationMessagePolicy: 5256 description: Indicate how the termination message 5257 should be populated. File will use the contents 5258 of terminationMessagePath to populate the container 5259 status message on both success and failure. 5260 FallbackToLogsOnError will use the last chunk 5261 of container log output if the termination message 5262 file is empty and the container exited with 5263 an error. 5264 type: string 5265 tty: 5266 description: Whether this container should allocate 5267 a TTY for itself, also requires 'stdin' to be 5268 true. Default is false. 5269 type: boolean 5270 volumeDevices: 5271 description: volumeDevices is the list of block 5272 devices to be used by the container. 5273 items: 5274 description: volumeDevice describes a mapping 5275 of a raw block device within a container. 5276 properties: 5277 devicePath: 5278 description: devicePath is the path inside 5279 of the container that the device will 5280 be mapped to. 5281 type: string 5282 name: 5283 description: name must match the name of 5284 a persistentVolumeClaim in the pod 5285 type: string 5286 required: 5287 - devicePath 5288 - name 5289 type: object 5290 type: array 5291 volumeMounts: 5292 description: Pod volumes to mount into the container's 5293 filesystem. Cannot be updated. 5294 items: 5295 description: VolumeMount describes a mounting 5296 of a Volume within a container. 5297 properties: 5298 mountPath: 5299 description: Path within the container at 5300 which the volume should be mounted. Must 5301 not contain ':'. 5302 type: string 5303 mountPropagation: 5304 description: mountPropagation determines 5305 how mounts are propagated from the host 5306 to container and the other way around. 5307 When not set, MountPropagationNone is 5308 used. This field is beta in 1.10. 5309 type: string 5310 name: 5311 description: This must match the Name of 5312 a Volume. 5313 type: string 5314 readOnly: 5315 description: Mounted read-only if true, 5316 read-write otherwise (false or unspecified). 5317 Defaults to false. 5318 type: boolean 5319 subPath: 5320 description: Path within the volume from 5321 which the container's volume should be 5322 mounted. Defaults to "" (volume's root). 5323 type: string 5324 subPathExpr: 5325 description: Expanded path within the volume 5326 from which the container's volume should 5327 be mounted. Behaves similarly to SubPath 5328 but environment variable references $(VAR_NAME) 5329 are expanded using the container's environment. 5330 Defaults to "" (volume's root). SubPathExpr 5331 and SubPath are mutually exclusive. 5332 type: string 5333 required: 5334 - mountPath 5335 - name 5336 type: object 5337 type: array 5338 workingDir: 5339 description: Container's working directory. If 5340 not specified, the container runtime's default 5341 will be used, which might be configured in the 5342 container image. Cannot be updated. 5343 type: string 5344 required: 5345 - name 5346 type: object 5347 type: array 5348 nodeName: 5349 description: NodeName is a request to schedule this 5350 pod onto a specific node. If it is non-empty, the 5351 scheduler simply schedules this pod onto that node, 5352 assuming that it fits resource requirements. 5353 type: string 5354 nodeSelector: 5355 additionalProperties: 5356 type: string 5357 description: 'NodeSelector is a selector which must 5358 be true for the pod to fit on a node. Selector which 5359 must match a node''s labels for the pod to be scheduled 5360 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 5361 type: object 5362 x-kubernetes-map-type: atomic 5363 os: 5364 description: "Specifies the OS of the containers in 5365 the pod. Some pod and container fields are restricted 5366 if this is set. \n If the OS field is set to linux, 5367 the following fields must be unset: -securityContext.windowsOptions 5368 \n If the OS field is set to windows, following fields 5369 must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers 5370 - spec.securityContext.seLinuxOptions - spec.securityContext." 5371 properties: 5372 name: 5373 description: 'Name is the name of the operating 5374 system. The currently supported values are linux 5375 and windows. Additional value may be defined in 5376 future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration 5377 Clients should expect to handle additional values 5378 and treat unrecognized values in this field as 5379 os: null' 5380 type: string 5381 required: 5382 - name 5383 type: object 5384 overhead: 5385 additionalProperties: 5386 anyOf: 5387 - type: integer 5388 - type: string 5389 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5390 x-kubernetes-int-or-string: true 5391 description: Overhead represents the resource overhead 5392 associated with running a pod for a given RuntimeClass. 5393 This field will be autopopulated at admission time 5394 by the RuntimeClass admission controller. If the RuntimeClass 5395 admission controller is enabled, overhead must not 5396 be set in Pod create requests. The RuntimeClass admission 5397 controller will reject Pod create requests which have 5398 the overhead already set. 5399 type: object 5400 preemptionPolicy: 5401 description: PreemptionPolicy is the Policy for preempting 5402 pods with lower priority. One of Never, PreemptLowerPriority. 5403 Defaults to PreemptLowerPriority if unset. 5404 type: string 5405 priority: 5406 description: The priority value. Various system components 5407 use this field to find the priority of the pod. When 5408 Priority Admission Controller is enabled, it prevents 5409 users from setting this field. The admission controller 5410 populates this field from PriorityClassName. The higher 5411 the value, the higher the priority. 5412 format: int32 5413 type: integer 5414 priorityClassName: 5415 description: If specified, indicates the pod's priority. 5416 "system-node-critical" and "system-cluster-critical" 5417 are two special keywords which indicate the highest 5418 priorities with the former being the highest priority. 5419 Any other name must be defined by creating a PriorityClass 5420 object with that name. If not specified, the pod priority 5421 will be default or zero if there is no default. 5422 type: string 5423 readinessGates: 5424 description: 'If specified, all readiness gates will 5425 be evaluated for pod readiness. A pod is ready when 5426 all its containers are ready AND all conditions specified 5427 in the readiness gates have status equal to "True" 5428 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' 5429 items: 5430 description: PodReadinessGate contains the reference 5431 to a pod condition 5432 properties: 5433 conditionType: 5434 description: ConditionType refers to a condition 5435 in the pod's condition list with matching type. 5436 type: string 5437 required: 5438 - conditionType 5439 type: object 5440 type: array 5441 resourceClaims: 5442 description: "ResourceClaims defines which ResourceClaims 5443 must be allocated and reserved before the Pod is allowed 5444 to start. The resources will be made available to 5445 those containers which consume them by name. \n This 5446 is an alpha field and requires enabling the DynamicResourceAllocation 5447 feature gate. \n This field is immutable." 5448 items: 5449 description: PodResourceClaim references exactly one 5450 ResourceClaim through a ClaimSource. It adds a name 5451 to it that uniquely identifies the ResourceClaim 5452 inside the Pod. Containers that need access to the 5453 ResourceClaim reference it with this name. 5454 properties: 5455 name: 5456 description: Name uniquely identifies this resource 5457 claim inside the pod. This must be a DNS_LABEL. 5458 type: string 5459 source: 5460 description: Source describes where to find the 5461 ResourceClaim. 5462 properties: 5463 resourceClaimName: 5464 description: ResourceClaimName is the name 5465 of a ResourceClaim object in the same namespace 5466 as this pod. 5467 type: string 5468 resourceClaimTemplateName: 5469 description: "ResourceClaimTemplateName is 5470 the name of a ResourceClaimTemplate object 5471 in the same namespace as this pod. \n The 5472 template will be used to create a new ResourceClaim, 5473 which will be bound to this pod. When this 5474 pod is deleted, the ResourceClaim will also 5475 be deleted. The name of the ResourceClaim 5476 will be <pod name>-<resource name>, where 5477 <resource name> is the PodResourceClaim.Name." 5478 type: string 5479 type: object 5480 required: 5481 - name 5482 type: object 5483 type: array 5484 x-kubernetes-list-map-keys: 5485 - name 5486 x-kubernetes-list-type: map 5487 restartPolicy: 5488 description: 'Restart policy for all containers within 5489 the pod. One of Always, OnFailure, Never. In some 5490 contexts, only a subset of those values may be permitted. 5491 Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 5492 type: string 5493 runtimeClassName: 5494 description: 'RuntimeClassName refers to a RuntimeClass 5495 object in the node.k8s.io group, which should be used 5496 to run this pod. If no RuntimeClass resource matches 5497 the named class, the pod will not be run. If unset 5498 or empty, the "legacy" RuntimeClass will be used, 5499 which is an implicit class with an empty definition 5500 that uses the default runtime handler. More info: 5501 https://git.k8s.' 5502 type: string 5503 schedulerName: 5504 description: If specified, the pod will be dispatched 5505 by specified scheduler. If not specified, the pod 5506 will be dispatched by default scheduler. 5507 type: string 5508 schedulingGates: 5509 description: "SchedulingGates is an opaque list of values 5510 that if specified will block scheduling the pod. If 5511 schedulingGates is not empty, the pod will stay in 5512 the SchedulingGated state and the scheduler will not 5513 attempt to schedule the pod. \n SchedulingGates can 5514 only be set at pod creation time, and be removed only 5515 afterwards. \n This is a beta feature enabled by the 5516 PodSchedulingReadiness feature gate." 5517 items: 5518 description: PodSchedulingGate is associated to a 5519 Pod to guard its scheduling. 5520 properties: 5521 name: 5522 description: Name of the scheduling gate. Each 5523 scheduling gate must have a unique name field. 5524 type: string 5525 required: 5526 - name 5527 type: object 5528 type: array 5529 x-kubernetes-list-map-keys: 5530 - name 5531 x-kubernetes-list-type: map 5532 securityContext: 5533 description: 'SecurityContext holds pod-level security 5534 attributes and common container settings. Optional: 5535 Defaults to empty. See type description for default 5536 values of each field.' 5537 properties: 5538 fsGroup: 5539 description: "A special supplemental group that 5540 applies to all containers in a pod. Some volume 5541 types allow the Kubelet to change the ownership 5542 of that volume to be owned by the pod: \n 1. The 5543 owning GID will be the FSGroup 2. The setgid bit 5544 is set (new files created in the volume will be 5545 owned by FSGroup) 3." 5546 format: int64 5547 type: integer 5548 fsGroupChangePolicy: 5549 description: 'fsGroupChangePolicy defines behavior 5550 of changing ownership and permission of the volume 5551 before being exposed inside Pod. This field will 5552 only apply to volume types which support fsGroup 5553 based ownership(and permissions). It will have 5554 no effect on ephemeral volume types such as: secret, 5555 configmaps and emptydir. Valid values are "OnRootMismatch" 5556 and "Always". If not specified, "Always" is used.' 5557 type: string 5558 runAsGroup: 5559 description: The GID to run the entrypoint of the 5560 container process. Uses runtime default if unset. 5561 May also be set in SecurityContext. If set in 5562 both SecurityContext and PodSecurityContext, the 5563 value specified in SecurityContext takes precedence 5564 for that container. Note that this field cannot 5565 be set when spec.os.name is windows. 5566 format: int64 5567 type: integer 5568 runAsNonRoot: 5569 description: Indicates that the container must run 5570 as a non-root user. If true, the Kubelet will 5571 validate the image at runtime to ensure that it 5572 does not run as UID 0 (root) and fail to start 5573 the container if it does. If unset or false, no 5574 such validation will be performed. May also be 5575 set in SecurityContext. 5576 type: boolean 5577 runAsUser: 5578 description: The UID to run the entrypoint of the 5579 container process. Defaults to user specified 5580 in image metadata if unspecified. May also be 5581 set in SecurityContext. If set in both SecurityContext 5582 and PodSecurityContext, the value specified in 5583 SecurityContext takes precedence for that container. 5584 Note that this field cannot be set when spec.os.name 5585 is windows. 5586 format: int64 5587 type: integer 5588 seLinuxOptions: 5589 description: The SELinux context to be applied to 5590 all containers. If unspecified, the container 5591 runtime will allocate a random SELinux context 5592 for each container. May also be set in SecurityContext. If 5593 set in both SecurityContext and PodSecurityContext, 5594 the value specified in SecurityContext takes precedence 5595 for that container. Note that this field cannot 5596 be set when spec.os.name is windows. 5597 properties: 5598 level: 5599 description: Level is SELinux level label that 5600 applies to the container. 5601 type: string 5602 role: 5603 description: Role is a SELinux role label that 5604 applies to the container. 5605 type: string 5606 type: 5607 description: Type is a SELinux type label that 5608 applies to the container. 5609 type: string 5610 user: 5611 description: User is a SELinux user label that 5612 applies to the container. 5613 type: string 5614 type: object 5615 seccompProfile: 5616 description: The seccomp options to use by the containers 5617 in this pod. Note that this field cannot be set 5618 when spec.os.name is windows. 5619 properties: 5620 localhostProfile: 5621 description: localhostProfile indicates a profile 5622 defined in a file on the node should be used. 5623 The profile must be preconfigured on the node 5624 to work. Must be a descending path, relative 5625 to the kubelet's configured seccomp profile 5626 location. Must only be set if type is "Localhost". 5627 type: string 5628 type: 5629 description: "type indicates which kind of seccomp 5630 profile will be applied. Valid options are: 5631 \n Localhost - a profile defined in a file 5632 on the node should be used. RuntimeDefault 5633 - the container runtime default profile should 5634 be used. Unconfined - no profile should be 5635 applied." 5636 type: string 5637 required: 5638 - type 5639 type: object 5640 supplementalGroups: 5641 description: A list of groups applied to the first 5642 process run in each container, in addition to 5643 the container's primary GID, the fsGroup (if specified), 5644 and group memberships defined in the container 5645 image for the uid of the container process. If 5646 unspecified, no additional groups are added to 5647 any container. 5648 items: 5649 format: int64 5650 type: integer 5651 type: array 5652 sysctls: 5653 description: Sysctls hold a list of namespaced sysctls 5654 used for the pod. Pods with unsupported sysctls 5655 (by the container runtime) might fail to launch. 5656 Note that this field cannot be set when spec.os.name 5657 is windows. 5658 items: 5659 description: Sysctl defines a kernel parameter 5660 to be set 5661 properties: 5662 name: 5663 description: Name of a property to set 5664 type: string 5665 value: 5666 description: Value of a property to set 5667 type: string 5668 required: 5669 - name 5670 - value 5671 type: object 5672 type: array 5673 windowsOptions: 5674 description: The Windows specific settings applied 5675 to all containers. If unspecified, the options 5676 within a container's SecurityContext will be used. 5677 If set in both SecurityContext and PodSecurityContext, 5678 the value specified in SecurityContext takes precedence. 5679 Note that this field cannot be set when spec.os.name 5680 is linux. 5681 properties: 5682 gmsaCredentialSpec: 5683 description: GMSACredentialSpec is where the 5684 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5685 inlines the contents of the GMSA credential 5686 spec named by the GMSACredentialSpecName field. 5687 type: string 5688 gmsaCredentialSpecName: 5689 description: GMSACredentialSpecName is the name 5690 of the GMSA credential spec to use. 5691 type: string 5692 hostProcess: 5693 description: HostProcess determines if a container 5694 should be run as a 'Host Process' container. 5695 This field is alpha-level and will only be 5696 honored by components that enable the WindowsHostProcessContainers 5697 feature flag. Setting this field without the 5698 feature flag will result in errors when validating 5699 the Pod. 5700 type: boolean 5701 runAsUserName: 5702 description: The UserName in Windows to run 5703 the entrypoint of the container process. Defaults 5704 to the user specified in image metadata if 5705 unspecified. May also be set in PodSecurityContext. 5706 If set in both SecurityContext and PodSecurityContext, 5707 the value specified in SecurityContext takes 5708 precedence. 5709 type: string 5710 type: object 5711 type: object 5712 serviceAccount: 5713 description: 'DeprecatedServiceAccount is a depreciated 5714 alias for ServiceAccountName. Deprecated: Use serviceAccountName 5715 instead.' 5716 type: string 5717 serviceAccountName: 5718 description: 'ServiceAccountName is the name of the 5719 ServiceAccount to use to run this pod. More info: 5720 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 5721 type: string 5722 setHostnameAsFQDN: 5723 description: If true the pod's hostname will be configured 5724 as the pod's FQDN, rather than the leaf name (the 5725 default). In Linux containers, this means setting 5726 the FQDN in the hostname field of the kernel (the 5727 nodename field of struct utsname). 5728 type: boolean 5729 shareProcessNamespace: 5730 description: 'Share a single process namespace between 5731 all of the containers in a pod. When this is set containers 5732 will be able to view and signal processes from other 5733 containers in the same pod, and the first process 5734 in each container will not be assigned PID 1. HostPID 5735 and ShareProcessNamespace cannot both be set. Optional: 5736 Default to false.' 5737 type: boolean 5738 subdomain: 5739 description: If specified, the fully qualified Pod hostname 5740 will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 5741 domain>". If not specified, the pod will not have 5742 a domainname at all. 5743 type: string 5744 terminationGracePeriodSeconds: 5745 description: Optional duration in seconds the pod needs 5746 to terminate gracefully. May be decreased in delete 5747 request. Value must be non-negative integer. The value 5748 zero indicates stop immediately via the kill signal 5749 (no opportunity to shut down). If this value is nil, 5750 the default grace period will be used instead. 5751 format: int64 5752 type: integer 5753 tolerations: 5754 description: If specified, the pod's tolerations. 5755 items: 5756 description: The pod this Toleration is attached to 5757 tolerates any taint that matches the triple <key,value,effect> 5758 using the matching operator <operator>. 5759 properties: 5760 effect: 5761 description: Effect indicates the taint effect 5762 to match. Empty means match all taint effects. 5763 When specified, allowed values are NoSchedule, 5764 PreferNoSchedule and NoExecute. 5765 type: string 5766 key: 5767 description: Key is the taint key that the toleration 5768 applies to. Empty means match all taint keys. 5769 If the key is empty, operator must be Exists; 5770 this combination means to match all values and 5771 all keys. 5772 type: string 5773 operator: 5774 description: Operator represents a key's relationship 5775 to the value. Valid operators are Exists and 5776 Equal. Defaults to Equal. Exists is equivalent 5777 to wildcard for value, so that a pod can tolerate 5778 all taints of a particular category. 5779 type: string 5780 tolerationSeconds: 5781 description: TolerationSeconds represents the 5782 period of time the toleration (which must be 5783 of effect NoExecute, otherwise this field is 5784 ignored) tolerates the taint. By default, it 5785 is not set, which means tolerate the taint forever 5786 (do not evict). Zero and negative values will 5787 be treated as 0 (evict immediately) by the system. 5788 format: int64 5789 type: integer 5790 value: 5791 description: Value is the taint value the toleration 5792 matches to. If the operator is Exists, the value 5793 should be empty, otherwise just a regular string. 5794 type: string 5795 type: object 5796 type: array 5797 topologySpreadConstraints: 5798 description: TopologySpreadConstraints describes how 5799 a group of pods ought to spread across topology domains. 5800 Scheduler will schedule pods in a way which abides 5801 by the constraints. All topologySpreadConstraints 5802 are ANDed. 5803 items: 5804 description: TopologySpreadConstraint specifies how 5805 to spread matching pods among the given topology. 5806 properties: 5807 labelSelector: 5808 description: LabelSelector is used to find matching 5809 pods. Pods that match this label selector are 5810 counted to determine the number of pods in their 5811 corresponding topology domain. 5812 properties: 5813 matchExpressions: 5814 description: matchExpressions is a list of 5815 label selector requirements. The requirements 5816 are ANDed. 5817 items: 5818 description: A label selector requirement 5819 is a selector that contains values, a 5820 key, and an operator that relates the 5821 key and values. 5822 properties: 5823 key: 5824 description: key is the label key that 5825 the selector applies to. 5826 type: string 5827 operator: 5828 description: operator represents a key's 5829 relationship to a set of values. Valid 5830 operators are In, NotIn, Exists and 5831 DoesNotExist. 5832 type: string 5833 values: 5834 description: values is an array of string 5835 values. If the operator is In or NotIn, 5836 the values array must be non-empty. 5837 If the operator is Exists or DoesNotExist, 5838 the values array must be empty. This 5839 array is replaced during a strategic 5840 merge patch. 5841 items: 5842 type: string 5843 type: array 5844 required: 5845 - key 5846 - operator 5847 type: object 5848 type: array 5849 matchLabels: 5850 additionalProperties: 5851 type: string 5852 description: matchLabels is a map of {key,value} 5853 pairs. A single {key,value} in the matchLabels 5854 map is equivalent to an element of matchExpressions, 5855 whose key field is "key", the operator is 5856 "In", and the values array contains only 5857 "value". The requirements are ANDed. 5858 type: object 5859 type: object 5860 x-kubernetes-map-type: atomic 5861 matchLabelKeys: 5862 description: MatchLabelKeys is a set of pod label 5863 keys to select the pods over which spreading 5864 will be calculated. The keys are used to lookup 5865 values from the incoming pod labels, those key-value 5866 labels are ANDed with labelSelector to select 5867 the group of existing pods over which spreading 5868 will be calculated for the incoming pod. The 5869 same key is forbidden to exist in both MatchLabelKeys 5870 and LabelSelector. 5871 items: 5872 type: string 5873 type: array 5874 x-kubernetes-list-type: atomic 5875 maxSkew: 5876 description: MaxSkew describes the degree to which 5877 pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 5878 it is the maximum permitted difference between 5879 the number of matching pods in the target topology 5880 and the global minimum. The global minimum is 5881 the minimum number of matching pods in an eligible 5882 domain or zero if the number of eligible domains 5883 is less than MinDomains. 5884 format: int32 5885 type: integer 5886 minDomains: 5887 description: MinDomains indicates a minimum number 5888 of eligible domains. When the number of eligible 5889 domains with matching topology keys is less 5890 than minDomains, Pod Topology Spread treats 5891 "global minimum" as 0, and then the calculation 5892 of Skew is performed. And when the number of 5893 eligible domains with matching topology keys 5894 equals or greater than minDomains, this value 5895 has no effect on scheduling. 5896 format: int32 5897 type: integer 5898 nodeAffinityPolicy: 5899 description: "NodeAffinityPolicy indicates how 5900 we will treat Pod's nodeAffinity/nodeSelector 5901 when calculating pod topology spread skew. Options 5902 are: - Honor: only nodes matching nodeAffinity/nodeSelector 5903 are included in the calculations. - Ignore: 5904 nodeAffinity/nodeSelector are ignored. All nodes 5905 are included in the calculations. \n If this 5906 value is nil, the behavior is equivalent to 5907 the Honor policy." 5908 type: string 5909 nodeTaintsPolicy: 5910 description: "NodeTaintsPolicy indicates how we 5911 will treat node taints when calculating pod 5912 topology spread skew. Options are: - Honor: 5913 nodes without taints, along with tainted nodes 5914 for which the incoming pod has a toleration, 5915 are included. - Ignore: node taints are ignored. 5916 All nodes are included. \n If this value is 5917 nil, the behavior is equivalent to the Ignore 5918 policy." 5919 type: string 5920 topologyKey: 5921 description: TopologyKey is the key of node labels. 5922 Nodes that have a label with this key and identical 5923 values are considered to be in the same topology. 5924 We consider each <key, value> as a "bucket", 5925 and try to put balanced number of pods into 5926 each bucket. We define a domain as a particular 5927 instance of a topology. 5928 type: string 5929 whenUnsatisfiable: 5930 description: WhenUnsatisfiable indicates how to 5931 deal with a pod if it doesn't satisfy the spread 5932 constraint. - DoNotSchedule (default) tells 5933 the scheduler not to schedule it. - ScheduleAnyway 5934 tells the scheduler to schedule the pod in any 5935 location, but giving higher precedence to topologies 5936 that would help reduce the skew. 5937 type: string 5938 required: 5939 - maxSkew 5940 - topologyKey 5941 - whenUnsatisfiable 5942 type: object 5943 type: array 5944 x-kubernetes-list-map-keys: 5945 - topologyKey 5946 - whenUnsatisfiable 5947 x-kubernetes-list-type: map 5948 volumes: 5949 description: 'List of volumes that can be mounted by 5950 containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 5951 items: 5952 description: Volume represents a named volume in a 5953 pod that may be accessed by any container in the 5954 pod. 5955 properties: 5956 awsElasticBlockStore: 5957 description: 'awsElasticBlockStore represents 5958 an AWS Disk resource that is attached to a kubelet''s 5959 host machine and then exposed to the pod. More 5960 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5961 properties: 5962 fsType: 5963 description: 'fsType is the filesystem type 5964 of the volume that you want to mount. Tip: 5965 Ensure that the filesystem type is supported 5966 by the host operating system. Examples: 5967 "ext4", "xfs", "ntfs". Implicitly inferred 5968 to be "ext4" if unspecified. More info: 5969 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 5970 TODO: how do we prevent errors in the filesystem 5971 from compromising the machine' 5972 type: string 5973 partition: 5974 description: 'partition is the partition in 5975 the volume that you want to mount. If omitted, 5976 the default is to mount by volume name. 5977 Examples: For volume /dev/sda1, you specify 5978 the partition as "1". Similarly, the volume 5979 partition for /dev/sda is "0" (or you can 5980 leave the property empty).' 5981 format: int32 5982 type: integer 5983 readOnly: 5984 description: 'readOnly value true will force 5985 the readOnly setting in VolumeMounts. More 5986 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5987 type: boolean 5988 volumeID: 5989 description: 'volumeID is unique ID of the 5990 persistent disk resource in AWS (Amazon 5991 EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5992 type: string 5993 required: 5994 - volumeID 5995 type: object 5996 azureDisk: 5997 description: azureDisk represents an Azure Data 5998 Disk mount on the host and bind mount to the 5999 pod. 6000 properties: 6001 cachingMode: 6002 description: 'cachingMode is the Host Caching 6003 mode: None, Read Only, Read Write.' 6004 type: string 6005 diskName: 6006 description: diskName is the Name of the data 6007 disk in the blob storage 6008 type: string 6009 diskURI: 6010 description: diskURI is the URI of data disk 6011 in the blob storage 6012 type: string 6013 fsType: 6014 description: fsType is Filesystem type to 6015 mount. Must be a filesystem type supported 6016 by the host operating system. Ex. "ext4", 6017 "xfs", "ntfs". Implicitly inferred to be 6018 "ext4" if unspecified. 6019 type: string 6020 kind: 6021 description: 'kind expected values are Shared: 6022 multiple blob disks per storage account Dedicated: 6023 single blob disk per storage account Managed: 6024 azure managed data disk (only in managed 6025 availability set). defaults to shared' 6026 type: string 6027 readOnly: 6028 description: readOnly Defaults to false (read/write). 6029 ReadOnly here will force the ReadOnly setting 6030 in VolumeMounts. 6031 type: boolean 6032 required: 6033 - diskName 6034 - diskURI 6035 type: object 6036 azureFile: 6037 description: azureFile represents an Azure File 6038 Service mount on the host and bind mount to 6039 the pod. 6040 properties: 6041 readOnly: 6042 description: readOnly defaults to false (read/write). 6043 ReadOnly here will force the ReadOnly setting 6044 in VolumeMounts. 6045 type: boolean 6046 secretName: 6047 description: secretName is the name of secret 6048 that contains Azure Storage Account Name 6049 and Key 6050 type: string 6051 shareName: 6052 description: shareName is the azure share 6053 Name 6054 type: string 6055 required: 6056 - secretName 6057 - shareName 6058 type: object 6059 cephfs: 6060 description: cephFS represents a Ceph FS mount 6061 on the host that shares a pod's lifetime 6062 properties: 6063 monitors: 6064 description: 'monitors is Required: Monitors 6065 is a collection of Ceph monitors More info: 6066 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6067 items: 6068 type: string 6069 type: array 6070 path: 6071 description: 'path is Optional: Used as the 6072 mounted root, rather than the full Ceph 6073 tree, default is /' 6074 type: string 6075 readOnly: 6076 description: 'readOnly is Optional: Defaults 6077 to false (read/write). ReadOnly here will 6078 force the ReadOnly setting in VolumeMounts. 6079 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6080 type: boolean 6081 secretFile: 6082 description: 'secretFile is Optional: SecretFile 6083 is the path to key ring for User, default 6084 is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6085 type: string 6086 secretRef: 6087 description: 'secretRef is Optional: SecretRef 6088 is reference to the authentication secret 6089 for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6090 properties: 6091 name: 6092 description: 'Name of the referent. More 6093 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6094 TODO: Add other useful fields. apiVersion, 6095 kind, uid?' 6096 type: string 6097 type: object 6098 x-kubernetes-map-type: atomic 6099 user: 6100 description: 'user is optional: User is the 6101 rados user name, default is admin More info: 6102 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6103 type: string 6104 required: 6105 - monitors 6106 type: object 6107 cinder: 6108 description: 'cinder represents a cinder volume 6109 attached and mounted on kubelets host machine. 6110 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6111 properties: 6112 fsType: 6113 description: 'fsType is the filesystem type 6114 to mount. Must be a filesystem type supported 6115 by the host operating system. Examples: 6116 "ext4", "xfs", "ntfs". Implicitly inferred 6117 to be "ext4" if unspecified. More info: 6118 https://examples.k8s.io/mysql-cinder-pd/README.md' 6119 type: string 6120 readOnly: 6121 description: 'readOnly defaults to false (read/write). 6122 ReadOnly here will force the ReadOnly setting 6123 in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6124 type: boolean 6125 secretRef: 6126 description: 'secretRef is optional: points 6127 to a secret object containing parameters 6128 used to connect to OpenStack.' 6129 properties: 6130 name: 6131 description: 'Name of the referent. More 6132 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6133 TODO: Add other useful fields. apiVersion, 6134 kind, uid?' 6135 type: string 6136 type: object 6137 x-kubernetes-map-type: atomic 6138 volumeID: 6139 description: 'volumeID used to identify the 6140 volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6141 type: string 6142 required: 6143 - volumeID 6144 type: object 6145 configMap: 6146 description: configMap represents a configMap 6147 that should populate this volume 6148 properties: 6149 defaultMode: 6150 description: 'defaultMode is optional: mode 6151 bits used to set permissions on created 6152 files by default. Must be an octal value 6153 between 0000 and 0777 or a decimal value 6154 between 0 and 511. YAML accepts both octal 6155 and decimal values, JSON requires decimal 6156 values for mode bits. Defaults to 0644. 6157 Directories within the path are not affected 6158 by this setting.' 6159 format: int32 6160 type: integer 6161 items: 6162 description: items if unspecified, each key-value 6163 pair in the Data field of the referenced 6164 ConfigMap will be projected into the volume 6165 as a file whose name is the key and content 6166 is the value. If specified, the listed keys 6167 will be projected into the specified paths, 6168 and unlisted keys will not be present. 6169 items: 6170 description: Maps a string key to a path 6171 within a volume. 6172 properties: 6173 key: 6174 description: key is the key to project. 6175 type: string 6176 mode: 6177 description: 'mode is Optional: mode 6178 bits used to set permissions on this 6179 file. Must be an octal value between 6180 0000 and 0777 or a decimal value between 6181 0 and 511. YAML accepts both octal 6182 and decimal values, JSON requires 6183 decimal values for mode bits. If not 6184 specified, the volume defaultMode 6185 will be used.' 6186 format: int32 6187 type: integer 6188 path: 6189 description: path is the relative path 6190 of the file to map the key to. May 6191 not be an absolute path. May not contain 6192 the path element '..'. May not start 6193 with the string '..'. 6194 type: string 6195 required: 6196 - key 6197 - path 6198 type: object 6199 type: array 6200 name: 6201 description: 'Name of the referent. More info: 6202 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6203 TODO: Add other useful fields. apiVersion, 6204 kind, uid?' 6205 type: string 6206 optional: 6207 description: optional specify whether the 6208 ConfigMap or its keys must be defined 6209 type: boolean 6210 type: object 6211 x-kubernetes-map-type: atomic 6212 csi: 6213 description: csi (Container Storage Interface) 6214 represents ephemeral storage that is handled 6215 by certain external CSI drivers (Beta feature). 6216 properties: 6217 driver: 6218 description: driver is the name of the CSI 6219 driver that handles this volume. Consult 6220 with your admin for the correct name as 6221 registered in the cluster. 6222 type: string 6223 fsType: 6224 description: fsType to mount. Ex. "ext4", 6225 "xfs", "ntfs". If not provided, the empty 6226 value is passed to the associated CSI driver 6227 which will determine the default filesystem 6228 to apply. 6229 type: string 6230 nodePublishSecretRef: 6231 description: nodePublishSecretRef is a reference 6232 to the secret object containing sensitive 6233 information to pass to the CSI driver to 6234 complete the CSI NodePublishVolume and NodeUnpublishVolume 6235 calls. This field is optional, and may 6236 be empty if no secret is required. If the 6237 secret object contains more than one secret, 6238 all secret references are passed. 6239 properties: 6240 name: 6241 description: 'Name of the referent. More 6242 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6243 TODO: Add other useful fields. apiVersion, 6244 kind, uid?' 6245 type: string 6246 type: object 6247 x-kubernetes-map-type: atomic 6248 readOnly: 6249 description: readOnly specifies a read-only 6250 configuration for the volume. Defaults to 6251 false (read/write). 6252 type: boolean 6253 volumeAttributes: 6254 additionalProperties: 6255 type: string 6256 description: volumeAttributes stores driver-specific 6257 properties that are passed to the CSI driver. 6258 Consult your driver's documentation for 6259 supported values. 6260 type: object 6261 required: 6262 - driver 6263 type: object 6264 downwardAPI: 6265 description: downwardAPI represents downward API 6266 about the pod that should populate this volume 6267 properties: 6268 defaultMode: 6269 description: 'Optional: mode bits to use on 6270 created files by default. Must be a Optional: 6271 mode bits used to set permissions on created 6272 files by default. Must be an octal value 6273 between 0000 and 0777 or a decimal value 6274 between 0 and 511. YAML accepts both octal 6275 and decimal values, JSON requires decimal 6276 values for mode bits. Defaults to 0644. 6277 Directories within the path are not affected 6278 by this setting.' 6279 format: int32 6280 type: integer 6281 items: 6282 description: Items is a list of downward API 6283 volume file 6284 items: 6285 description: DownwardAPIVolumeFile represents 6286 information to create the file containing 6287 the pod field 6288 properties: 6289 fieldRef: 6290 description: 'Required: Selects a field 6291 of the pod: only annotations, labels, 6292 name and namespace are supported.' 6293 properties: 6294 apiVersion: 6295 description: Version of the schema 6296 the FieldPath is written in terms 6297 of, defaults to "v1". 6298 type: string 6299 fieldPath: 6300 description: Path of the field to 6301 select in the specified API version. 6302 type: string 6303 required: 6304 - fieldPath 6305 type: object 6306 x-kubernetes-map-type: atomic 6307 mode: 6308 description: 'Optional: mode bits used 6309 to set permissions on this file, must 6310 be an octal value between 0000 and 6311 0777 or a decimal value between 0 6312 and 511. YAML accepts both octal and 6313 decimal values, JSON requires decimal 6314 values for mode bits. If not specified, 6315 the volume defaultMode will be used.' 6316 format: int32 6317 type: integer 6318 path: 6319 description: 'Required: Path is the 6320 relative path name of the file to 6321 be created. Must not be absolute or 6322 contain the ''..'' path. Must be utf-8 6323 encoded. The first item of the relative 6324 path must not start with ''..''' 6325 type: string 6326 resourceFieldRef: 6327 description: 'Selects a resource of 6328 the container: only resources limits 6329 and requests (limits.cpu, limits.memory, 6330 requests.cpu and requests.memory) 6331 are currently supported.' 6332 properties: 6333 containerName: 6334 description: 'Container name: required 6335 for volumes, optional for env 6336 vars' 6337 type: string 6338 divisor: 6339 anyOf: 6340 - type: integer 6341 - type: string 6342 description: Specifies the output 6343 format of the exposed resources, 6344 defaults to "1" 6345 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6346 x-kubernetes-int-or-string: true 6347 resource: 6348 description: 'Required: resource 6349 to select' 6350 type: string 6351 required: 6352 - resource 6353 type: object 6354 x-kubernetes-map-type: atomic 6355 required: 6356 - path 6357 type: object 6358 type: array 6359 type: object 6360 emptyDir: 6361 description: 'emptyDir represents a temporary 6362 directory that shares a pod''s lifetime. More 6363 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6364 properties: 6365 medium: 6366 description: 'medium represents what type 6367 of storage medium should back this directory. 6368 The default is "" which means to use the 6369 node''s default medium. Must be an empty 6370 string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6371 type: string 6372 sizeLimit: 6373 anyOf: 6374 - type: integer 6375 - type: string 6376 description: 'sizeLimit is the total amount 6377 of local storage required for this EmptyDir 6378 volume. The size limit is also applicable 6379 for memory medium. The maximum usage on 6380 memory medium EmptyDir would be the minimum 6381 value between the SizeLimit specified here 6382 and the sum of memory limits of all containers 6383 in a pod. The default is nil which means 6384 that the limit is undefined. More info: 6385 https://kubernetes.' 6386 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6387 x-kubernetes-int-or-string: true 6388 type: object 6389 ephemeral: 6390 description: ephemeral represents a volume that 6391 is handled by a cluster storage driver. The 6392 volume's lifecycle is tied to the pod that defines 6393 it - it will be created before the pod starts, 6394 and deleted when the pod is removed. 6395 properties: 6396 volumeClaimTemplate: 6397 description: Will be used to create a stand-alone 6398 PVC to provision the volume. The pod in 6399 which this EphemeralVolumeSource is embedded 6400 will be the owner of the PVC, i.e. the PVC 6401 will be deleted together with the pod. The 6402 name of the PVC will be `<pod name>-<volume 6403 name>` where `<volume name>` is the name 6404 from the `PodSpec.Volumes` array entry. 6405 properties: 6406 metadata: 6407 description: May contain labels and annotations 6408 that will be copied into the PVC when 6409 creating it. No other fields are allowed 6410 and will be rejected during validation. 6411 properties: 6412 annotations: 6413 additionalProperties: 6414 type: string 6415 type: object 6416 finalizers: 6417 items: 6418 type: string 6419 type: array 6420 labels: 6421 additionalProperties: 6422 type: string 6423 type: object 6424 name: 6425 type: string 6426 namespace: 6427 type: string 6428 type: object 6429 spec: 6430 description: The specification for the 6431 PersistentVolumeClaim. The entire content 6432 is copied unchanged into the PVC that 6433 gets created from this template. The 6434 same fields as in a PersistentVolumeClaim 6435 are also valid here. 6436 properties: 6437 accessModes: 6438 description: 'accessModes contains 6439 the desired access modes the volume 6440 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6441 items: 6442 type: string 6443 type: array 6444 dataSource: 6445 description: 'dataSource field can 6446 be used to specify either: * An 6447 existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6448 * An existing PVC (PersistentVolumeClaim) 6449 If the provisioner or an external 6450 controller can support the specified 6451 data source, it will create a new 6452 volume based on the contents of 6453 the specified data source.' 6454 properties: 6455 apiGroup: 6456 description: APIGroup is the group 6457 for the resource being referenced. 6458 If APIGroup is not specified, 6459 the specified Kind must be in 6460 the core API group. For any 6461 other third-party types, APIGroup 6462 is required. 6463 type: string 6464 kind: 6465 description: Kind is the type 6466 of resource being referenced 6467 type: string 6468 name: 6469 description: Name is the name 6470 of resource being referenced 6471 type: string 6472 required: 6473 - kind 6474 - name 6475 type: object 6476 x-kubernetes-map-type: atomic 6477 dataSourceRef: 6478 description: dataSourceRef specifies 6479 the object from which to populate 6480 the volume with data, if a non-empty 6481 volume is desired. This may be any 6482 object from a non-empty API group 6483 (non core object) or a PersistentVolumeClaim 6484 object. When this field is specified, 6485 volume binding will only succeed 6486 if the type of the specified object 6487 matches some installed volume populator 6488 or dynamic provisioner. 6489 properties: 6490 apiGroup: 6491 description: APIGroup is the group 6492 for the resource being referenced. 6493 If APIGroup is not specified, 6494 the specified Kind must be in 6495 the core API group. For any 6496 other third-party types, APIGroup 6497 is required. 6498 type: string 6499 kind: 6500 description: Kind is the type 6501 of resource being referenced 6502 type: string 6503 name: 6504 description: Name is the name 6505 of resource being referenced 6506 type: string 6507 namespace: 6508 description: Namespace is the 6509 namespace of resource being 6510 referenced Note that when a 6511 namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 6512 object is required in the referent 6513 namespace to allow that namespace's 6514 owner to accept the reference. 6515 See the ReferenceGrant documentation 6516 for details. (Alpha) This field 6517 requires the CrossNamespaceVolumeDataSource 6518 feature gate to be enabled. 6519 type: string 6520 required: 6521 - kind 6522 - name 6523 type: object 6524 resources: 6525 description: 'resources represents 6526 the minimum resources the volume 6527 should have. If RecoverVolumeExpansionFailure 6528 feature is enabled users are allowed 6529 to specify resource requirements 6530 that are lower than previous value 6531 but must still be higher than capacity 6532 recorded in the status field of 6533 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6534 properties: 6535 claims: 6536 description: "Claims lists the 6537 names of resources, defined 6538 in spec.resourceClaims, that 6539 are used by this container. 6540 \n This is an alpha field and 6541 requires enabling the DynamicResourceAllocation 6542 feature gate. \n This field 6543 is immutable. It can only be 6544 set for containers." 6545 items: 6546 description: ResourceClaim references 6547 one entry in PodSpec.ResourceClaims. 6548 properties: 6549 name: 6550 description: Name must match 6551 the name of one entry 6552 in pod.spec.resourceClaims 6553 of the Pod where this 6554 field is used. It makes 6555 that resource available 6556 inside a container. 6557 type: string 6558 required: 6559 - name 6560 type: object 6561 type: array 6562 x-kubernetes-list-map-keys: 6563 - name 6564 x-kubernetes-list-type: map 6565 limits: 6566 additionalProperties: 6567 anyOf: 6568 - type: integer 6569 - type: string 6570 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6571 x-kubernetes-int-or-string: true 6572 description: 'Limits describes 6573 the maximum amount of compute 6574 resources allowed. More info: 6575 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6576 type: object 6577 requests: 6578 additionalProperties: 6579 anyOf: 6580 - type: integer 6581 - type: string 6582 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6583 x-kubernetes-int-or-string: true 6584 description: 'Requests describes 6585 the minimum amount of compute 6586 resources required. If Requests 6587 is omitted for a container, 6588 it defaults to Limits if that 6589 is explicitly specified, otherwise 6590 to an implementation-defined 6591 value. Requests cannot exceed 6592 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6593 type: object 6594 type: object 6595 selector: 6596 description: selector is a label query 6597 over volumes to consider for binding. 6598 properties: 6599 matchExpressions: 6600 description: matchExpressions 6601 is a list of label selector 6602 requirements. The requirements 6603 are ANDed. 6604 items: 6605 description: A label selector 6606 requirement is a selector 6607 that contains values, a key, 6608 and an operator that relates 6609 the key and values. 6610 properties: 6611 key: 6612 description: key is the 6613 label key that the selector 6614 applies to. 6615 type: string 6616 operator: 6617 description: operator represents 6618 a key's relationship to 6619 a set of values. Valid 6620 operators are In, NotIn, 6621 Exists and DoesNotExist. 6622 type: string 6623 values: 6624 description: values is an 6625 array of string values. 6626 If the operator is In 6627 or NotIn, the values array 6628 must be non-empty. If 6629 the operator is Exists 6630 or DoesNotExist, the values 6631 array must be empty. This 6632 array is replaced during 6633 a strategic merge patch. 6634 items: 6635 type: string 6636 type: array 6637 required: 6638 - key 6639 - operator 6640 type: object 6641 type: array 6642 matchLabels: 6643 additionalProperties: 6644 type: string 6645 description: matchLabels is a 6646 map of {key,value} pairs. A 6647 single {key,value} in the matchLabels 6648 map is equivalent to an element 6649 of matchExpressions, whose key 6650 field is "key", the operator 6651 is "In", and the values array 6652 contains only "value". The requirements 6653 are ANDed. 6654 type: object 6655 type: object 6656 x-kubernetes-map-type: atomic 6657 storageClassName: 6658 description: 'storageClassName is 6659 the name of the StorageClass required 6660 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6661 type: string 6662 volumeMode: 6663 description: volumeMode defines what 6664 type of volume is required by the 6665 claim. Value of Filesystem is implied 6666 when not included in claim spec. 6667 type: string 6668 volumeName: 6669 description: volumeName is the binding 6670 reference to the PersistentVolume 6671 backing this claim. 6672 type: string 6673 type: object 6674 required: 6675 - spec 6676 type: object 6677 type: object 6678 fc: 6679 description: fc represents a Fibre Channel resource 6680 that is attached to a kubelet's host machine 6681 and then exposed to the pod. 6682 properties: 6683 fsType: 6684 description: 'fsType is the filesystem type 6685 to mount. Must be a filesystem type supported 6686 by the host operating system. Ex. "ext4", 6687 "xfs", "ntfs". Implicitly inferred to be 6688 "ext4" if unspecified. TODO: how do we prevent 6689 errors in the filesystem from compromising 6690 the machine' 6691 type: string 6692 lun: 6693 description: 'lun is Optional: FC target lun 6694 number' 6695 format: int32 6696 type: integer 6697 readOnly: 6698 description: 'readOnly is Optional: Defaults 6699 to false (read/write). ReadOnly here will 6700 force the ReadOnly setting in VolumeMounts.' 6701 type: boolean 6702 targetWWNs: 6703 description: 'targetWWNs is Optional: FC target 6704 worldwide names (WWNs)' 6705 items: 6706 type: string 6707 type: array 6708 wwids: 6709 description: 'wwids Optional: FC volume world 6710 wide identifiers (wwids) Either wwids or 6711 combination of targetWWNs and lun must be 6712 set, but not both simultaneously.' 6713 items: 6714 type: string 6715 type: array 6716 type: object 6717 flexVolume: 6718 description: flexVolume represents a generic volume 6719 resource that is provisioned/attached using 6720 an exec based plugin. 6721 properties: 6722 driver: 6723 description: driver is the name of the driver 6724 to use for this volume. 6725 type: string 6726 fsType: 6727 description: fsType is the filesystem type 6728 to mount. Must be a filesystem type supported 6729 by the host operating system. Ex. "ext4", 6730 "xfs", "ntfs". The default filesystem depends 6731 on FlexVolume script. 6732 type: string 6733 options: 6734 additionalProperties: 6735 type: string 6736 description: 'options is Optional: this field 6737 holds extra command options if any.' 6738 type: object 6739 readOnly: 6740 description: 'readOnly is Optional: defaults 6741 to false (read/write). ReadOnly here will 6742 force the ReadOnly setting in VolumeMounts.' 6743 type: boolean 6744 secretRef: 6745 description: 'secretRef is Optional: secretRef 6746 is reference to the secret object containing 6747 sensitive information to pass to the plugin 6748 scripts. This may be empty if no secret 6749 object is specified. If the secret object 6750 contains more than one secret, all secrets 6751 are passed to the plugin scripts.' 6752 properties: 6753 name: 6754 description: 'Name of the referent. More 6755 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6756 TODO: Add other useful fields. apiVersion, 6757 kind, uid?' 6758 type: string 6759 type: object 6760 x-kubernetes-map-type: atomic 6761 required: 6762 - driver 6763 type: object 6764 flocker: 6765 description: flocker represents a Flocker volume 6766 attached to a kubelet's host machine. This depends 6767 on the Flocker control service being running 6768 properties: 6769 datasetName: 6770 description: datasetName is Name of the dataset 6771 stored as metadata -> name on the dataset 6772 for Flocker should be considered as deprecated 6773 type: string 6774 datasetUUID: 6775 description: datasetUUID is the UUID of the 6776 dataset. This is unique identifier of a 6777 Flocker dataset 6778 type: string 6779 type: object 6780 gcePersistentDisk: 6781 description: 'gcePersistentDisk represents a GCE 6782 Disk resource that is attached to a kubelet''s 6783 host machine and then exposed to the pod. More 6784 info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6785 properties: 6786 fsType: 6787 description: 'fsType is filesystem type of 6788 the volume that you want to mount. Tip: 6789 Ensure that the filesystem type is supported 6790 by the host operating system. Examples: 6791 "ext4", "xfs", "ntfs". Implicitly inferred 6792 to be "ext4" if unspecified. More info: 6793 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 6794 TODO: how do we prevent errors in the filesystem 6795 from compromising the machine' 6796 type: string 6797 partition: 6798 description: 'partition is the partition in 6799 the volume that you want to mount. If omitted, 6800 the default is to mount by volume name. 6801 Examples: For volume /dev/sda1, you specify 6802 the partition as "1". Similarly, the volume 6803 partition for /dev/sda is "0" (or you can 6804 leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6805 format: int32 6806 type: integer 6807 pdName: 6808 description: 'pdName is unique name of the 6809 PD resource in GCE. Used to identify the 6810 disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6811 type: string 6812 readOnly: 6813 description: 'readOnly here will force the 6814 ReadOnly setting in VolumeMounts. Defaults 6815 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6816 type: boolean 6817 required: 6818 - pdName 6819 type: object 6820 gitRepo: 6821 description: 'gitRepo represents a git repository 6822 at a particular revision. DEPRECATED: GitRepo 6823 is deprecated. To provision a container with 6824 a git repo, mount an EmptyDir into an InitContainer 6825 that clones the repo using git, then mount the 6826 EmptyDir into the Pod''s container.' 6827 properties: 6828 directory: 6829 description: directory is the target directory 6830 name. Must not contain or start with '..'. If 6831 '.' is supplied, the volume directory will 6832 be the git repository. Otherwise, if specified, 6833 the volume will contain the git repository 6834 in the subdirectory with the given name. 6835 type: string 6836 repository: 6837 description: repository is the URL 6838 type: string 6839 revision: 6840 description: revision is the commit hash for 6841 the specified revision. 6842 type: string 6843 required: 6844 - repository 6845 type: object 6846 glusterfs: 6847 description: 'glusterfs represents a Glusterfs 6848 mount on the host that shares a pod''s lifetime. 6849 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 6850 properties: 6851 endpoints: 6852 description: 'endpoints is the endpoint name 6853 that details Glusterfs topology. More info: 6854 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6855 type: string 6856 path: 6857 description: 'path is the Glusterfs volume 6858 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6859 type: string 6860 readOnly: 6861 description: 'readOnly here will force the 6862 Glusterfs volume to be mounted with read-only 6863 permissions. Defaults to false. More info: 6864 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6865 type: boolean 6866 required: 6867 - endpoints 6868 - path 6869 type: object 6870 hostPath: 6871 description: 'hostPath represents a pre-existing 6872 file or directory on the host machine that is 6873 directly exposed to the container. This is generally 6874 used for system agents or other privileged things 6875 that are allowed to see the host machine. Most 6876 containers will NOT need this. More info: https://kubernetes.' 6877 properties: 6878 path: 6879 description: 'path of the directory on the 6880 host. If the path is a symlink, it will 6881 follow the link to the real path. More info: 6882 https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6883 type: string 6884 type: 6885 description: 'type for HostPath Volume Defaults 6886 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6887 type: string 6888 required: 6889 - path 6890 type: object 6891 iscsi: 6892 description: 'iscsi represents an ISCSI Disk resource 6893 that is attached to a kubelet''s host machine 6894 and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 6895 properties: 6896 chapAuthDiscovery: 6897 description: chapAuthDiscovery defines whether 6898 support iSCSI Discovery CHAP authentication 6899 type: boolean 6900 chapAuthSession: 6901 description: chapAuthSession defines whether 6902 support iSCSI Session CHAP authentication 6903 type: boolean 6904 fsType: 6905 description: 'fsType is the filesystem type 6906 of the volume that you want to mount. Tip: 6907 Ensure that the filesystem type is supported 6908 by the host operating system. Examples: 6909 "ext4", "xfs", "ntfs". Implicitly inferred 6910 to be "ext4" if unspecified. More info: 6911 https://kubernetes.io/docs/concepts/storage/volumes#iscsi 6912 TODO: how do we prevent errors in the filesystem 6913 from compromising the machine' 6914 type: string 6915 initiatorName: 6916 description: initiatorName is the custom iSCSI 6917 Initiator Name. If initiatorName is specified 6918 with iscsiInterface simultaneously, new 6919 iSCSI interface <target portal>:<volume 6920 name> will be created for the connection. 6921 type: string 6922 iqn: 6923 description: iqn is the target iSCSI Qualified 6924 Name. 6925 type: string 6926 iscsiInterface: 6927 description: iscsiInterface is the interface 6928 Name that uses an iSCSI transport. Defaults 6929 to 'default' (tcp). 6930 type: string 6931 lun: 6932 description: lun represents iSCSI Target Lun 6933 number. 6934 format: int32 6935 type: integer 6936 portals: 6937 description: portals is the iSCSI Target Portal 6938 List. The portal is either an IP or ip_addr:port 6939 if the port is other than default (typically 6940 TCP ports 860 and 3260). 6941 items: 6942 type: string 6943 type: array 6944 readOnly: 6945 description: readOnly here will force the 6946 ReadOnly setting in VolumeMounts. Defaults 6947 to false. 6948 type: boolean 6949 secretRef: 6950 description: secretRef is the CHAP Secret 6951 for iSCSI target and initiator authentication 6952 properties: 6953 name: 6954 description: 'Name of the referent. More 6955 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6956 TODO: Add other useful fields. apiVersion, 6957 kind, uid?' 6958 type: string 6959 type: object 6960 x-kubernetes-map-type: atomic 6961 targetPortal: 6962 description: targetPortal is iSCSI Target 6963 Portal. The Portal is either an IP or ip_addr:port 6964 if the port is other than default (typically 6965 TCP ports 860 and 3260). 6966 type: string 6967 required: 6968 - iqn 6969 - lun 6970 - targetPortal 6971 type: object 6972 name: 6973 description: 'name of the volume. Must be a DNS_LABEL 6974 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 6975 type: string 6976 nfs: 6977 description: 'nfs represents an NFS mount on the 6978 host that shares a pod''s lifetime More info: 6979 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6980 properties: 6981 path: 6982 description: 'path that is exported by the 6983 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6984 type: string 6985 readOnly: 6986 description: 'readOnly here will force the 6987 NFS export to be mounted with read-only 6988 permissions. Defaults to false. More info: 6989 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6990 type: boolean 6991 server: 6992 description: 'server is the hostname or IP 6993 address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6994 type: string 6995 required: 6996 - path 6997 - server 6998 type: object 6999 persistentVolumeClaim: 7000 description: 'persistentVolumeClaimVolumeSource 7001 represents a reference to a PersistentVolumeClaim 7002 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7003 properties: 7004 claimName: 7005 description: 'claimName is the name of a PersistentVolumeClaim 7006 in the same namespace as the pod using this 7007 volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7008 type: string 7009 readOnly: 7010 description: readOnly Will force the ReadOnly 7011 setting in VolumeMounts. Default false. 7012 type: boolean 7013 required: 7014 - claimName 7015 type: object 7016 photonPersistentDisk: 7017 description: photonPersistentDisk represents a 7018 PhotonController persistent disk attached and 7019 mounted on kubelets host machine 7020 properties: 7021 fsType: 7022 description: fsType is the filesystem type 7023 to mount. Must be a filesystem type supported 7024 by the host operating system. Ex. "ext4", 7025 "xfs", "ntfs". Implicitly inferred to be 7026 "ext4" if unspecified. 7027 type: string 7028 pdID: 7029 description: pdID is the ID that identifies 7030 Photon Controller persistent disk 7031 type: string 7032 required: 7033 - pdID 7034 type: object 7035 portworxVolume: 7036 description: portworxVolume represents a portworx 7037 volume attached and mounted on kubelets host 7038 machine 7039 properties: 7040 fsType: 7041 description: fSType represents the filesystem 7042 type to mount Must be a filesystem type 7043 supported by the host operating system. 7044 Ex. "ext4", "xfs". Implicitly inferred to 7045 be "ext4" if unspecified. 7046 type: string 7047 readOnly: 7048 description: readOnly defaults to false (read/write). 7049 ReadOnly here will force the ReadOnly setting 7050 in VolumeMounts. 7051 type: boolean 7052 volumeID: 7053 description: volumeID uniquely identifies 7054 a Portworx volume 7055 type: string 7056 required: 7057 - volumeID 7058 type: object 7059 projected: 7060 description: projected items for all in one resources 7061 secrets, configmaps, and downward API 7062 properties: 7063 defaultMode: 7064 description: defaultMode are the mode bits 7065 used to set permissions on created files 7066 by default. Must be an octal value between 7067 0000 and 0777 or a decimal value between 7068 0 and 511. YAML accepts both octal and decimal 7069 values, JSON requires decimal values for 7070 mode bits. Directories within the path are 7071 not affected by this setting. 7072 format: int32 7073 type: integer 7074 sources: 7075 description: sources is the list of volume 7076 projections 7077 items: 7078 description: Projection that may be projected 7079 along with other supported volume types 7080 properties: 7081 configMap: 7082 description: configMap information about 7083 the configMap data to project 7084 properties: 7085 items: 7086 description: items if unspecified, 7087 each key-value pair in the Data 7088 field of the referenced ConfigMap 7089 will be projected into the volume 7090 as a file whose name is the key 7091 and content is the value. If specified, 7092 the listed keys will be projected 7093 into the specified paths, and 7094 unlisted keys will not be present. 7095 items: 7096 description: Maps a string key 7097 to a path within a volume. 7098 properties: 7099 key: 7100 description: key is the key 7101 to project. 7102 type: string 7103 mode: 7104 description: 'mode is Optional: 7105 mode bits used to set permissions 7106 on this file. Must be an 7107 octal value between 0000 7108 and 0777 or a decimal value 7109 between 0 and 511. YAML 7110 accepts both octal and decimal 7111 values, JSON requires decimal 7112 values for mode bits. If 7113 not specified, the volume 7114 defaultMode will be used.' 7115 format: int32 7116 type: integer 7117 path: 7118 description: path is the relative 7119 path of the file to map 7120 the key to. May not be an 7121 absolute path. May not contain 7122 the path element '..'. May 7123 not start with the string 7124 '..'. 7125 type: string 7126 required: 7127 - key 7128 - path 7129 type: object 7130 type: array 7131 name: 7132 description: 'Name of the referent. 7133 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7134 TODO: Add other useful fields. 7135 apiVersion, kind, uid?' 7136 type: string 7137 optional: 7138 description: optional specify whether 7139 the ConfigMap or its keys must 7140 be defined 7141 type: boolean 7142 type: object 7143 x-kubernetes-map-type: atomic 7144 downwardAPI: 7145 description: downwardAPI information 7146 about the downwardAPI data to project 7147 properties: 7148 items: 7149 description: Items is a list of 7150 DownwardAPIVolume file 7151 items: 7152 description: DownwardAPIVolumeFile 7153 represents information to create 7154 the file containing the pod 7155 field 7156 properties: 7157 fieldRef: 7158 description: 'Required: Selects 7159 a field of the pod: only 7160 annotations, labels, name 7161 and namespace are supported.' 7162 properties: 7163 apiVersion: 7164 description: Version of 7165 the schema the FieldPath 7166 is written in terms 7167 of, defaults to "v1". 7168 type: string 7169 fieldPath: 7170 description: Path of the 7171 field to select in the 7172 specified API version. 7173 type: string 7174 required: 7175 - fieldPath 7176 type: object 7177 x-kubernetes-map-type: atomic 7178 mode: 7179 description: 'Optional: mode 7180 bits used to set permissions 7181 on this file, must be an 7182 octal value between 0000 7183 and 0777 or a decimal value 7184 between 0 and 511. YAML 7185 accepts both octal and decimal 7186 values, JSON requires decimal 7187 values for mode bits. If 7188 not specified, the volume 7189 defaultMode will be used.' 7190 format: int32 7191 type: integer 7192 path: 7193 description: 'Required: Path 7194 is the relative path name 7195 of the file to be created. 7196 Must not be absolute or 7197 contain the ''..'' path. 7198 Must be utf-8 encoded. The 7199 first item of the relative 7200 path must not start with 7201 ''..''' 7202 type: string 7203 resourceFieldRef: 7204 description: 'Selects a resource 7205 of the container: only resources 7206 limits and requests (limits.cpu, 7207 limits.memory, requests.cpu 7208 and requests.memory) are 7209 currently supported.' 7210 properties: 7211 containerName: 7212 description: 'Container 7213 name: required for volumes, 7214 optional for env vars' 7215 type: string 7216 divisor: 7217 anyOf: 7218 - type: integer 7219 - type: string 7220 description: Specifies 7221 the output format of 7222 the exposed resources, 7223 defaults to "1" 7224 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7225 x-kubernetes-int-or-string: true 7226 resource: 7227 description: 'Required: 7228 resource to select' 7229 type: string 7230 required: 7231 - resource 7232 type: object 7233 x-kubernetes-map-type: atomic 7234 required: 7235 - path 7236 type: object 7237 type: array 7238 type: object 7239 secret: 7240 description: secret information about 7241 the secret data to project 7242 properties: 7243 items: 7244 description: items if unspecified, 7245 each key-value pair in the Data 7246 field of the referenced Secret 7247 will be projected into the volume 7248 as a file whose name is the key 7249 and content is the value. If specified, 7250 the listed keys will be projected 7251 into the specified paths, and 7252 unlisted keys will not be present. 7253 items: 7254 description: Maps a string key 7255 to a path within a volume. 7256 properties: 7257 key: 7258 description: key is the key 7259 to project. 7260 type: string 7261 mode: 7262 description: 'mode is Optional: 7263 mode bits used to set permissions 7264 on this file. Must be an 7265 octal value between 0000 7266 and 0777 or a decimal value 7267 between 0 and 511. YAML 7268 accepts both octal and decimal 7269 values, JSON requires decimal 7270 values for mode bits. If 7271 not specified, the volume 7272 defaultMode will be used.' 7273 format: int32 7274 type: integer 7275 path: 7276 description: path is the relative 7277 path of the file to map 7278 the key to. May not be an 7279 absolute path. May not contain 7280 the path element '..'. May 7281 not start with the string 7282 '..'. 7283 type: string 7284 required: 7285 - key 7286 - path 7287 type: object 7288 type: array 7289 name: 7290 description: 'Name of the referent. 7291 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7292 TODO: Add other useful fields. 7293 apiVersion, kind, uid?' 7294 type: string 7295 optional: 7296 description: optional field specify 7297 whether the Secret or its key 7298 must be defined 7299 type: boolean 7300 type: object 7301 x-kubernetes-map-type: atomic 7302 serviceAccountToken: 7303 description: serviceAccountToken is 7304 information about the serviceAccountToken 7305 data to project 7306 properties: 7307 audience: 7308 description: audience is the intended 7309 audience of the token. A recipient 7310 of a token must identify itself 7311 with an identifier specified in 7312 the audience of the token, and 7313 otherwise should reject the token. 7314 The audience defaults to the identifier 7315 of the apiserver. 7316 type: string 7317 expirationSeconds: 7318 description: expirationSeconds is 7319 the requested duration of validity 7320 of the service account token. 7321 As the token approaches expiration, 7322 the kubelet volume plugin will 7323 proactively rotate the service 7324 account token. The kubelet will 7325 start trying to rotate the token 7326 if the token is older than 80 7327 percent of its time to live or 7328 if the token is older than 24 7329 hours.Defaults to 1 hour and must 7330 be at least 10 minutes. 7331 format: int64 7332 type: integer 7333 path: 7334 description: path is the path relative 7335 to the mount point of the file 7336 to project the token into. 7337 type: string 7338 required: 7339 - path 7340 type: object 7341 type: object 7342 type: array 7343 type: object 7344 quobyte: 7345 description: quobyte represents a Quobyte mount 7346 on the host that shares a pod's lifetime 7347 properties: 7348 group: 7349 description: group to map volume access to 7350 Default is no group 7351 type: string 7352 readOnly: 7353 description: readOnly here will force the 7354 Quobyte volume to be mounted with read-only 7355 permissions. Defaults to false. 7356 type: boolean 7357 registry: 7358 description: registry represents a single 7359 or multiple Quobyte Registry services specified 7360 as a string as host:port pair (multiple 7361 entries are separated with commas) which 7362 acts as the central registry for volumes 7363 type: string 7364 tenant: 7365 description: tenant owning the given Quobyte 7366 volume in the Backend Used with dynamically 7367 provisioned Quobyte volumes, value is set 7368 by the plugin 7369 type: string 7370 user: 7371 description: user to map volume access to 7372 Defaults to serivceaccount user 7373 type: string 7374 volume: 7375 description: volume is a string that references 7376 an already created Quobyte volume by name. 7377 type: string 7378 required: 7379 - registry 7380 - volume 7381 type: object 7382 rbd: 7383 description: 'rbd represents a Rados Block Device 7384 mount on the host that shares a pod''s lifetime. 7385 More info: https://examples.k8s.io/volumes/rbd/README.md' 7386 properties: 7387 fsType: 7388 description: 'fsType is the filesystem type 7389 of the volume that you want to mount. Tip: 7390 Ensure that the filesystem type is supported 7391 by the host operating system. Examples: 7392 "ext4", "xfs", "ntfs". Implicitly inferred 7393 to be "ext4" if unspecified. More info: 7394 https://kubernetes.io/docs/concepts/storage/volumes#rbd 7395 TODO: how do we prevent errors in the filesystem 7396 from compromising the machine' 7397 type: string 7398 image: 7399 description: 'image is the rados image name. 7400 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7401 type: string 7402 keyring: 7403 description: 'keyring is the path to key ring 7404 for RBDUser. Default is /etc/ceph/keyring. 7405 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7406 type: string 7407 monitors: 7408 description: 'monitors is a collection of 7409 Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7410 items: 7411 type: string 7412 type: array 7413 pool: 7414 description: 'pool is the rados pool name. 7415 Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7416 type: string 7417 readOnly: 7418 description: 'readOnly here will force the 7419 ReadOnly setting in VolumeMounts. Defaults 7420 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7421 type: boolean 7422 secretRef: 7423 description: 'secretRef is name of the authentication 7424 secret for RBDUser. If provided overrides 7425 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7426 properties: 7427 name: 7428 description: 'Name of the referent. More 7429 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7430 TODO: Add other useful fields. apiVersion, 7431 kind, uid?' 7432 type: string 7433 type: object 7434 x-kubernetes-map-type: atomic 7435 user: 7436 description: 'user is the rados user name. 7437 Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7438 type: string 7439 required: 7440 - image 7441 - monitors 7442 type: object 7443 scaleIO: 7444 description: scaleIO represents a ScaleIO persistent 7445 volume attached and mounted on Kubernetes nodes. 7446 properties: 7447 fsType: 7448 description: fsType is the filesystem type 7449 to mount. Must be a filesystem type supported 7450 by the host operating system. Ex. "ext4", 7451 "xfs", "ntfs". Default is "xfs". 7452 type: string 7453 gateway: 7454 description: gateway is the host address of 7455 the ScaleIO API Gateway. 7456 type: string 7457 protectionDomain: 7458 description: protectionDomain is the name 7459 of the ScaleIO Protection Domain for the 7460 configured storage. 7461 type: string 7462 readOnly: 7463 description: readOnly Defaults to false (read/write). 7464 ReadOnly here will force the ReadOnly setting 7465 in VolumeMounts. 7466 type: boolean 7467 secretRef: 7468 description: secretRef references to the secret 7469 for ScaleIO user and other sensitive information. 7470 If this is not provided, Login operation 7471 will fail. 7472 properties: 7473 name: 7474 description: 'Name of the referent. More 7475 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7476 TODO: Add other useful fields. apiVersion, 7477 kind, uid?' 7478 type: string 7479 type: object 7480 x-kubernetes-map-type: atomic 7481 sslEnabled: 7482 description: sslEnabled Flag enable/disable 7483 SSL communication with Gateway, default 7484 false 7485 type: boolean 7486 storageMode: 7487 description: storageMode indicates whether 7488 the storage for a volume should be ThickProvisioned 7489 or ThinProvisioned. Default is ThinProvisioned. 7490 type: string 7491 storagePool: 7492 description: storagePool is the ScaleIO Storage 7493 Pool associated with the protection domain. 7494 type: string 7495 system: 7496 description: system is the name of the storage 7497 system as configured in ScaleIO. 7498 type: string 7499 volumeName: 7500 description: volumeName is the name of a volume 7501 already created in the ScaleIO system that 7502 is associated with this volume source. 7503 type: string 7504 required: 7505 - gateway 7506 - secretRef 7507 - system 7508 type: object 7509 secret: 7510 description: 'secret represents a secret that 7511 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 7512 properties: 7513 defaultMode: 7514 description: 'defaultMode is Optional: mode 7515 bits used to set permissions on created 7516 files by default. Must be an octal value 7517 between 0000 and 0777 or a decimal value 7518 between 0 and 511. YAML accepts both octal 7519 and decimal values, JSON requires decimal 7520 values for mode bits. Defaults to 0644. 7521 Directories within the path are not affected 7522 by this setting.' 7523 format: int32 7524 type: integer 7525 items: 7526 description: items If unspecified, each key-value 7527 pair in the Data field of the referenced 7528 Secret will be projected into the volume 7529 as a file whose name is the key and content 7530 is the value. If specified, the listed keys 7531 will be projected into the specified paths, 7532 and unlisted keys will not be present. 7533 items: 7534 description: Maps a string key to a path 7535 within a volume. 7536 properties: 7537 key: 7538 description: key is the key to project. 7539 type: string 7540 mode: 7541 description: 'mode is Optional: mode 7542 bits used to set permissions on this 7543 file. Must be an octal value between 7544 0000 and 0777 or a decimal value between 7545 0 and 511. YAML accepts both octal 7546 and decimal values, JSON requires 7547 decimal values for mode bits. If not 7548 specified, the volume defaultMode 7549 will be used.' 7550 format: int32 7551 type: integer 7552 path: 7553 description: path is the relative path 7554 of the file to map the key to. May 7555 not be an absolute path. May not contain 7556 the path element '..'. May not start 7557 with the string '..'. 7558 type: string 7559 required: 7560 - key 7561 - path 7562 type: object 7563 type: array 7564 optional: 7565 description: optional field specify whether 7566 the Secret or its keys must be defined 7567 type: boolean 7568 secretName: 7569 description: 'secretName is the name of the 7570 secret in the pod''s namespace to use. More 7571 info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 7572 type: string 7573 type: object 7574 storageos: 7575 description: storageOS represents a StorageOS 7576 volume attached and mounted on Kubernetes nodes. 7577 properties: 7578 fsType: 7579 description: fsType is the filesystem type 7580 to mount. Must be a filesystem type supported 7581 by the host operating system. Ex. "ext4", 7582 "xfs", "ntfs". Implicitly inferred to be 7583 "ext4" if unspecified. 7584 type: string 7585 readOnly: 7586 description: readOnly defaults to false (read/write). 7587 ReadOnly here will force the ReadOnly setting 7588 in VolumeMounts. 7589 type: boolean 7590 secretRef: 7591 description: secretRef specifies the secret 7592 to use for obtaining the StorageOS API credentials. If 7593 not specified, default values will be attempted. 7594 properties: 7595 name: 7596 description: 'Name of the referent. More 7597 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7598 TODO: Add other useful fields. apiVersion, 7599 kind, uid?' 7600 type: string 7601 type: object 7602 x-kubernetes-map-type: atomic 7603 volumeName: 7604 description: volumeName is the human-readable 7605 name of the StorageOS volume. Volume names 7606 are only unique within a namespace. 7607 type: string 7608 volumeNamespace: 7609 description: volumeNamespace specifies the 7610 scope of the volume within StorageOS. If 7611 no namespace is specified then the Pod's 7612 namespace will be used. This allows the 7613 Kubernetes name scoping to be mirrored within 7614 StorageOS for tighter integration. Set VolumeName 7615 to any name to override the default behaviour. 7616 Set to "default" if you are not using namespaces 7617 within StorageOS. 7618 type: string 7619 type: object 7620 vsphereVolume: 7621 description: vsphereVolume represents a vSphere 7622 volume attached and mounted on kubelets host 7623 machine 7624 properties: 7625 fsType: 7626 description: fsType is filesystem type to 7627 mount. Must be a filesystem type supported 7628 by the host operating system. Ex. "ext4", 7629 "xfs", "ntfs". Implicitly inferred to be 7630 "ext4" if unspecified. 7631 type: string 7632 storagePolicyID: 7633 description: storagePolicyID is the storage 7634 Policy Based Management (SPBM) profile ID 7635 associated with the StoragePolicyName. 7636 type: string 7637 storagePolicyName: 7638 description: storagePolicyName is the storage 7639 Policy Based Management (SPBM) profile name. 7640 type: string 7641 volumePath: 7642 description: volumePath is the path that identifies 7643 vSphere volume vmdk 7644 type: string 7645 required: 7646 - volumePath 7647 type: object 7648 required: 7649 - name 7650 type: object 7651 type: array 7652 required: 7653 - containers 7654 type: object 7655 type: object 7656 type: object 7657 description: 'MXReplicaSpecs is map of ReplicaType and ReplicaSpec 7658 specifies the MX replicas to run. For example, { "Scheduler": ReplicaSpec, 7659 "Server": ReplicaSpec, "Worker": ReplicaSpec, }' 7660 type: object 7661 runPolicy: 7662 description: RunPolicy encapsulates various runtime policies of the 7663 distributed training job, for example how to clean up resources 7664 and how long the job can stay active. 7665 properties: 7666 activeDeadlineSeconds: 7667 description: Specifies the duration in seconds relative to the 7668 startTime that the job may be active before the system tries 7669 to terminate it; value must be positive integer. 7670 format: int64 7671 type: integer 7672 backoffLimit: 7673 description: Optional number of retries before marking this job 7674 failed. 7675 format: int32 7676 type: integer 7677 cleanPodPolicy: 7678 description: CleanPodPolicy defines the policy to kill pods after 7679 the job completes. Default to None. 7680 type: string 7681 schedulingPolicy: 7682 description: SchedulingPolicy defines the policy related to scheduling, 7683 e.g. gang-scheduling 7684 properties: 7685 minAvailable: 7686 format: int32 7687 type: integer 7688 minResources: 7689 additionalProperties: 7690 anyOf: 7691 - type: integer 7692 - type: string 7693 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7694 x-kubernetes-int-or-string: true 7695 type: object 7696 priorityClass: 7697 type: string 7698 queue: 7699 type: string 7700 scheduleTimeoutSeconds: 7701 format: int32 7702 type: integer 7703 type: object 7704 suspend: 7705 default: false 7706 description: suspend specifies whether the Job controller should 7707 create Pods or not. If a Job is created with suspend set to 7708 true, no Pods are created by the Job controller. If a Job is 7709 suspended after creation (i.e. the flag goes from false to true), 7710 the Job controller will delete all active Pods and PodGroups 7711 associated with this Job. Users must design their workload to 7712 gracefully handle this. 7713 type: boolean 7714 ttlSecondsAfterFinished: 7715 description: TTLSecondsAfterFinished is the TTL to clean up jobs. 7716 It may take extra ReconcilePeriod seconds for the cleanup, since 7717 reconcile gets called periodically. Default to infinite. 7718 format: int32 7719 type: integer 7720 type: object 7721 required: 7722 - jobMode 7723 - mxReplicaSpecs 7724 type: object 7725 status: 7726 description: JobStatus represents the current observed state of the training 7727 Job. 7728 properties: 7729 completionTime: 7730 description: Represents time when the job was completed. It is not 7731 guaranteed to be set in happens-before order across separate operations. 7732 It is represented in RFC3339 form and is in UTC. 7733 format: date-time 7734 type: string 7735 conditions: 7736 description: Conditions is an array of current observed job conditions. 7737 items: 7738 description: JobCondition describes the state of the job at a certain 7739 point. 7740 properties: 7741 lastTransitionTime: 7742 description: Last time the condition transitioned from one status 7743 to another. 7744 format: date-time 7745 type: string 7746 lastUpdateTime: 7747 description: The last time this condition was updated. 7748 format: date-time 7749 type: string 7750 message: 7751 description: A human readable message indicating details about 7752 the transition. 7753 type: string 7754 reason: 7755 description: The reason for the condition's last transition. 7756 type: string 7757 status: 7758 description: Status of the condition, one of True, False, Unknown. 7759 type: string 7760 type: 7761 description: Type of job condition. 7762 type: string 7763 required: 7764 - status 7765 - type 7766 type: object 7767 type: array 7768 lastReconcileTime: 7769 description: Represents last time when the job was reconciled. It 7770 is not guaranteed to be set in happens-before order across separate 7771 operations. It is represented in RFC3339 form and is in UTC. 7772 format: date-time 7773 type: string 7774 replicaStatuses: 7775 additionalProperties: 7776 description: ReplicaStatus represents the current observed state 7777 of the replica. 7778 properties: 7779 active: 7780 description: The number of actively running pods. 7781 format: int32 7782 type: integer 7783 failed: 7784 description: The number of pods which reached phase Failed. 7785 format: int32 7786 type: integer 7787 labelSelector: 7788 description: 'Deprecated: Use Selector instead' 7789 properties: 7790 matchExpressions: 7791 description: matchExpressions is a list of label selector 7792 requirements. The requirements are ANDed. 7793 items: 7794 description: A label selector requirement is a selector 7795 that contains values, a key, and an operator that relates 7796 the key and values. 7797 properties: 7798 key: 7799 description: key is the label key that the selector 7800 applies to. 7801 type: string 7802 operator: 7803 description: operator represents a key's relationship 7804 to a set of values. Valid operators are In, NotIn, 7805 Exists and DoesNotExist. 7806 type: string 7807 values: 7808 description: values is an array of string values. 7809 If the operator is In or NotIn, the values array 7810 must be non-empty. If the operator is Exists or 7811 DoesNotExist, the values array must be empty. This 7812 array is replaced during a strategic merge patch. 7813 items: 7814 type: string 7815 type: array 7816 required: 7817 - key 7818 - operator 7819 type: object 7820 type: array 7821 matchLabels: 7822 additionalProperties: 7823 type: string 7824 description: matchLabels is a map of {key,value} pairs. 7825 A single {key,value} in the matchLabels map is equivalent 7826 to an element of matchExpressions, whose key field is 7827 "key", the operator is "In", and the values array contains 7828 only "value". The requirements are ANDed. 7829 type: object 7830 type: object 7831 x-kubernetes-map-type: atomic 7832 selector: 7833 description: A Selector is a label query over a set of resources. 7834 The result of matchLabels and matchExpressions are ANDed. 7835 An empty Selector matches all objects. A null Selector matches 7836 no objects. 7837 type: string 7838 succeeded: 7839 description: The number of pods which reached phase Succeeded. 7840 format: int32 7841 type: integer 7842 type: object 7843 description: ReplicaStatuses is map of ReplicaType and ReplicaStatus, 7844 specifies the status of each replica. 7845 type: object 7846 startTime: 7847 description: Represents time when the job was acknowledged by the 7848 job controller. It is not guaranteed to be set in happens-before 7849 order across separate operations. It is represented in RFC3339 form 7850 and is in UTC. 7851 format: date-time 7852 type: string 7853 type: object 7854 type: object 7855 served: true 7856 storage: true 7857 subresources: 7858 status: {}