github.com/kubeflow/training-operator@v1.7.0/manifests/base/crds/kubeflow.org_paddlejobs.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.12.0 7 name: paddlejobs.kubeflow.org 8 spec: 9 group: kubeflow.org 10 names: 11 kind: PaddleJob 12 listKind: PaddleJobList 13 plural: paddlejobs 14 singular: paddlejob 15 scope: Namespaced 16 versions: 17 - additionalPrinterColumns: 18 - jsonPath: .status.conditions[-1:].type 19 name: State 20 type: string 21 - jsonPath: .metadata.creationTimestamp 22 name: Age 23 type: date 24 name: v1 25 schema: 26 openAPIV3Schema: 27 description: PaddleJob Represents a PaddleJob resource. 28 properties: 29 apiVersion: 30 description: 'APIVersion defines the versioned schema of this representation 31 of an object. Servers should convert recognized schemas to the latest 32 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 33 type: string 34 kind: 35 description: 'Kind is a string value representing the REST resource this 36 object represents. Servers may infer this from the endpoint the client 37 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 38 type: string 39 metadata: 40 type: object 41 spec: 42 description: Specification of the desired state of the PaddleJob. 43 properties: 44 elasticPolicy: 45 description: ElasticPolicy holds the elastic policy for paddle job. 46 properties: 47 maxReplicas: 48 description: upper limit for the number of pods that can be set 49 by the autoscaler; cannot be smaller than MinReplicas, defaults 50 to null. 51 format: int32 52 type: integer 53 maxRestarts: 54 description: MaxRestarts is the limit for restart times of pods 55 in elastic mode. 56 format: int32 57 type: integer 58 metrics: 59 description: Metrics contains the specifications which are used 60 to calculate the desired replica count (the maximum replica 61 count across all metrics will be used). The desired replica 62 count is calculated with multiplying the ratio between the target 63 value and the current value by the current number of pods. Ergo, 64 metrics used must decrease as the pod count is increased, and 65 vice-versa. 66 items: 67 description: MetricSpec specifies how to scale based on a single 68 metric (only `type` and one other matching field should be 69 set at once). 70 properties: 71 containerResource: 72 description: containerResource refers to a resource metric 73 (such as those specified in requests and limits) known 74 to Kubernetes describing a single container in each pod 75 of the current scale target (e.g. CPU or memory). Such 76 metrics are built in to Kubernetes, and have special scaling 77 options on top of those available to normal per-pod metrics 78 using the "pods" source. 79 properties: 80 container: 81 description: container is the name of the container 82 in the pods of the scaling target 83 type: string 84 name: 85 description: name is the name of the resource in question. 86 type: string 87 target: 88 description: target specifies the target value for the 89 given metric 90 properties: 91 averageUtilization: 92 description: averageUtilization is the target value 93 of the average of the resource metric across all 94 relevant pods, represented as a percentage of 95 the requested value of the resource for the pods. 96 Currently only valid for Resource metric source 97 type 98 format: int32 99 type: integer 100 averageValue: 101 anyOf: 102 - type: integer 103 - type: string 104 description: averageValue is the target value of 105 the average of the metric across all relevant 106 pods (as a quantity) 107 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 108 x-kubernetes-int-or-string: true 109 type: 110 description: type represents whether the metric 111 type is Utilization, Value, or AverageValue 112 type: string 113 value: 114 anyOf: 115 - type: integer 116 - type: string 117 description: value is the target value of the metric 118 (as a quantity). 119 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 120 x-kubernetes-int-or-string: true 121 required: 122 - type 123 type: object 124 required: 125 - container 126 - name 127 - target 128 type: object 129 external: 130 description: external refers to a global metric that is 131 not associated with any Kubernetes object. It allows autoscaling 132 based on information coming from components running outside 133 of cluster (for example length of queue in cloud messaging 134 service, or QPS from loadbalancer running outside of cluster). 135 properties: 136 metric: 137 description: metric identifies the target metric by 138 name and selector 139 properties: 140 name: 141 description: name is the name of the given metric 142 type: string 143 selector: 144 description: selector is the string-encoded form 145 of a standard kubernetes label selector for the 146 given metric When set, it is passed as an additional 147 parameter to the metrics server for more specific 148 metrics scoping. When unset, just the metricName 149 will be used to gather metrics. 150 properties: 151 matchExpressions: 152 description: matchExpressions is a list of label 153 selector requirements. The requirements are 154 ANDed. 155 items: 156 description: A label selector requirement 157 is a selector that contains values, a key, 158 and an operator that relates the key and 159 values. 160 properties: 161 key: 162 description: key is the label key that 163 the selector applies to. 164 type: string 165 operator: 166 description: operator represents a key's 167 relationship to a set of values. Valid 168 operators are In, NotIn, Exists and 169 DoesNotExist. 170 type: string 171 values: 172 description: values is an array of string 173 values. If the operator is In or NotIn, 174 the values array must be non-empty. 175 If the operator is Exists or DoesNotExist, 176 the values array must be empty. This 177 array is replaced during a strategic 178 merge patch. 179 items: 180 type: string 181 type: array 182 required: 183 - key 184 - operator 185 type: object 186 type: array 187 matchLabels: 188 additionalProperties: 189 type: string 190 description: matchLabels is a map of {key,value} 191 pairs. A single {key,value} in the matchLabels 192 map is equivalent to an element of matchExpressions, 193 whose key field is "key", the operator is 194 "In", and the values array contains only "value". 195 The requirements are ANDed. 196 type: object 197 type: object 198 x-kubernetes-map-type: atomic 199 required: 200 - name 201 type: object 202 target: 203 description: target specifies the target value for the 204 given metric 205 properties: 206 averageUtilization: 207 description: averageUtilization is the target value 208 of the average of the resource metric across all 209 relevant pods, represented as a percentage of 210 the requested value of the resource for the pods. 211 Currently only valid for Resource metric source 212 type 213 format: int32 214 type: integer 215 averageValue: 216 anyOf: 217 - type: integer 218 - type: string 219 description: averageValue is the target value of 220 the average of the metric across all relevant 221 pods (as a quantity) 222 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 223 x-kubernetes-int-or-string: true 224 type: 225 description: type represents whether the metric 226 type is Utilization, Value, or AverageValue 227 type: string 228 value: 229 anyOf: 230 - type: integer 231 - type: string 232 description: value is the target value of the metric 233 (as a quantity). 234 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 235 x-kubernetes-int-or-string: true 236 required: 237 - type 238 type: object 239 required: 240 - metric 241 - target 242 type: object 243 object: 244 description: object refers to a metric describing a single 245 kubernetes object (for example, hits-per-second on an 246 Ingress object). 247 properties: 248 describedObject: 249 description: describedObject specifies the descriptions 250 of a object,such as kind,name apiVersion 251 properties: 252 apiVersion: 253 description: apiVersion is the API version of the 254 referent 255 type: string 256 kind: 257 description: 'kind is the kind of the referent; 258 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 259 type: string 260 name: 261 description: 'name is the name of the referent; 262 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 263 type: string 264 required: 265 - kind 266 - name 267 type: object 268 metric: 269 description: metric identifies the target metric by 270 name and selector 271 properties: 272 name: 273 description: name is the name of the given metric 274 type: string 275 selector: 276 description: selector is the string-encoded form 277 of a standard kubernetes label selector for the 278 given metric When set, it is passed as an additional 279 parameter to the metrics server for more specific 280 metrics scoping. When unset, just the metricName 281 will be used to gather metrics. 282 properties: 283 matchExpressions: 284 description: matchExpressions is a list of label 285 selector requirements. The requirements are 286 ANDed. 287 items: 288 description: A label selector requirement 289 is a selector that contains values, a key, 290 and an operator that relates the key and 291 values. 292 properties: 293 key: 294 description: key is the label key that 295 the selector applies to. 296 type: string 297 operator: 298 description: operator represents a key's 299 relationship to a set of values. Valid 300 operators are In, NotIn, Exists and 301 DoesNotExist. 302 type: string 303 values: 304 description: values is an array of string 305 values. If the operator is In or NotIn, 306 the values array must be non-empty. 307 If the operator is Exists or DoesNotExist, 308 the values array must be empty. This 309 array is replaced during a strategic 310 merge patch. 311 items: 312 type: string 313 type: array 314 required: 315 - key 316 - operator 317 type: object 318 type: array 319 matchLabels: 320 additionalProperties: 321 type: string 322 description: matchLabels is a map of {key,value} 323 pairs. A single {key,value} in the matchLabels 324 map is equivalent to an element of matchExpressions, 325 whose key field is "key", the operator is 326 "In", and the values array contains only "value". 327 The requirements are ANDed. 328 type: object 329 type: object 330 x-kubernetes-map-type: atomic 331 required: 332 - name 333 type: object 334 target: 335 description: target specifies the target value for the 336 given metric 337 properties: 338 averageUtilization: 339 description: averageUtilization is the target value 340 of the average of the resource metric across all 341 relevant pods, represented as a percentage of 342 the requested value of the resource for the pods. 343 Currently only valid for Resource metric source 344 type 345 format: int32 346 type: integer 347 averageValue: 348 anyOf: 349 - type: integer 350 - type: string 351 description: averageValue is the target value of 352 the average of the metric across all relevant 353 pods (as a quantity) 354 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 355 x-kubernetes-int-or-string: true 356 type: 357 description: type represents whether the metric 358 type is Utilization, Value, or AverageValue 359 type: string 360 value: 361 anyOf: 362 - type: integer 363 - type: string 364 description: value is the target value of the metric 365 (as a quantity). 366 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 367 x-kubernetes-int-or-string: true 368 required: 369 - type 370 type: object 371 required: 372 - describedObject 373 - metric 374 - target 375 type: object 376 pods: 377 description: pods refers to a metric describing each pod 378 in the current scale target (for example, transactions-processed-per-second). The 379 values will be averaged together before being compared 380 to the target value. 381 properties: 382 metric: 383 description: metric identifies the target metric by 384 name and selector 385 properties: 386 name: 387 description: name is the name of the given metric 388 type: string 389 selector: 390 description: selector is the string-encoded form 391 of a standard kubernetes label selector for the 392 given metric When set, it is passed as an additional 393 parameter to the metrics server for more specific 394 metrics scoping. When unset, just the metricName 395 will be used to gather metrics. 396 properties: 397 matchExpressions: 398 description: matchExpressions is a list of label 399 selector requirements. The requirements are 400 ANDed. 401 items: 402 description: A label selector requirement 403 is a selector that contains values, a key, 404 and an operator that relates the key and 405 values. 406 properties: 407 key: 408 description: key is the label key that 409 the selector applies to. 410 type: string 411 operator: 412 description: operator represents a key's 413 relationship to a set of values. Valid 414 operators are In, NotIn, Exists and 415 DoesNotExist. 416 type: string 417 values: 418 description: values is an array of string 419 values. If the operator is In or NotIn, 420 the values array must be non-empty. 421 If the operator is Exists or DoesNotExist, 422 the values array must be empty. This 423 array is replaced during a strategic 424 merge patch. 425 items: 426 type: string 427 type: array 428 required: 429 - key 430 - operator 431 type: object 432 type: array 433 matchLabels: 434 additionalProperties: 435 type: string 436 description: matchLabels is a map of {key,value} 437 pairs. A single {key,value} in the matchLabels 438 map is equivalent to an element of matchExpressions, 439 whose key field is "key", the operator is 440 "In", and the values array contains only "value". 441 The requirements are ANDed. 442 type: object 443 type: object 444 x-kubernetes-map-type: atomic 445 required: 446 - name 447 type: object 448 target: 449 description: target specifies the target value for the 450 given metric 451 properties: 452 averageUtilization: 453 description: averageUtilization is the target value 454 of the average of the resource metric across all 455 relevant pods, represented as a percentage of 456 the requested value of the resource for the pods. 457 Currently only valid for Resource metric source 458 type 459 format: int32 460 type: integer 461 averageValue: 462 anyOf: 463 - type: integer 464 - type: string 465 description: averageValue is the target value of 466 the average of the metric across all relevant 467 pods (as a quantity) 468 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 469 x-kubernetes-int-or-string: true 470 type: 471 description: type represents whether the metric 472 type is Utilization, Value, or AverageValue 473 type: string 474 value: 475 anyOf: 476 - type: integer 477 - type: string 478 description: value is the target value of the metric 479 (as a quantity). 480 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 481 x-kubernetes-int-or-string: true 482 required: 483 - type 484 type: object 485 required: 486 - metric 487 - target 488 type: object 489 resource: 490 description: resource refers to a resource metric (such 491 as those specified in requests and limits) known to Kubernetes 492 describing each pod in the current scale target (e.g. 493 CPU or memory). Such metrics are built in to Kubernetes, 494 and have special scaling options on top of those available 495 to normal per-pod metrics using the "pods" source. 496 properties: 497 name: 498 description: name is the name of the resource in question. 499 type: string 500 target: 501 description: target specifies the target value for the 502 given metric 503 properties: 504 averageUtilization: 505 description: averageUtilization is the target value 506 of the average of the resource metric across all 507 relevant pods, represented as a percentage of 508 the requested value of the resource for the pods. 509 Currently only valid for Resource metric source 510 type 511 format: int32 512 type: integer 513 averageValue: 514 anyOf: 515 - type: integer 516 - type: string 517 description: averageValue is the target value of 518 the average of the metric across all relevant 519 pods (as a quantity) 520 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 521 x-kubernetes-int-or-string: true 522 type: 523 description: type represents whether the metric 524 type is Utilization, Value, or AverageValue 525 type: string 526 value: 527 anyOf: 528 - type: integer 529 - type: string 530 description: value is the target value of the metric 531 (as a quantity). 532 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 533 x-kubernetes-int-or-string: true 534 required: 535 - type 536 type: object 537 required: 538 - name 539 - target 540 type: object 541 type: 542 description: 'type is the type of metric source. It should 543 be one of "ContainerResource", "External", "Object", "Pods" 544 or "Resource", each mapping to a matching field in the 545 object. Note: "ContainerResource" type is available on 546 when the feature-gate HPAContainerMetrics is enabled' 547 type: string 548 required: 549 - type 550 type: object 551 type: array 552 minReplicas: 553 description: minReplicas is the lower limit for the number of 554 replicas to which the training job can scale down. It defaults 555 to null. 556 format: int32 557 type: integer 558 type: object 559 paddleReplicaSpecs: 560 additionalProperties: 561 description: ReplicaSpec is a description of the replica 562 properties: 563 replicas: 564 description: Replicas is the desired number of replicas of the 565 given template. If unspecified, defaults to 1. 566 format: int32 567 type: integer 568 restartPolicy: 569 description: Restart policy for all replicas within the job. 570 One of Always, OnFailure, Never and ExitCode. Default to Never. 571 type: string 572 template: 573 description: Template is the object that describes the pod that 574 will be created for this replica. RestartPolicy in PodTemplateSpec 575 will be overide by RestartPolicy in ReplicaSpec 576 properties: 577 metadata: 578 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 579 properties: 580 annotations: 581 additionalProperties: 582 type: string 583 type: object 584 finalizers: 585 items: 586 type: string 587 type: array 588 labels: 589 additionalProperties: 590 type: string 591 type: object 592 name: 593 type: string 594 namespace: 595 type: string 596 type: object 597 spec: 598 description: 'Specification of the desired behavior of the 599 pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 600 properties: 601 activeDeadlineSeconds: 602 description: Optional duration in seconds the pod may 603 be active on the node relative to StartTime before 604 the system will actively try to mark it failed and 605 kill associated containers. Value must be a positive 606 integer. 607 format: int64 608 type: integer 609 affinity: 610 description: If specified, the pod's scheduling constraints 611 properties: 612 nodeAffinity: 613 description: Describes node affinity scheduling 614 rules for the pod. 615 properties: 616 preferredDuringSchedulingIgnoredDuringExecution: 617 description: The scheduler will prefer to schedule 618 pods to nodes that satisfy the affinity expressions 619 specified by this field, but it may choose 620 a node that violates one or more of the expressions. 621 The node that is most preferred is the one 622 with the greatest sum of weights, i.e. for 623 each node that meets all of the scheduling 624 requirements (resource request, requiredDuringScheduling 625 affinity expressions, etc. 626 items: 627 description: An empty preferred scheduling 628 term matches all objects with implicit weight 629 0 (i.e. it's a no-op). A null preferred 630 scheduling term matches no objects (i.e. 631 is also a no-op). 632 properties: 633 preference: 634 description: A node selector term, associated 635 with the corresponding weight. 636 properties: 637 matchExpressions: 638 description: A list of node selector 639 requirements by node's labels. 640 items: 641 description: A node selector requirement 642 is a selector that contains values, 643 a key, and an operator that relates 644 the key and values. 645 properties: 646 key: 647 description: The label key that 648 the selector applies to. 649 type: string 650 operator: 651 description: Represents a key's 652 relationship to a set of values. 653 Valid operators are In, NotIn, 654 Exists, DoesNotExist. Gt, 655 and Lt. 656 type: string 657 values: 658 description: An array of string 659 values. If the operator is 660 In or NotIn, the values array 661 must be non-empty. If the 662 operator is Exists or DoesNotExist, 663 the values array must be empty. 664 If the operator is Gt or Lt, 665 the values array must have 666 a single element, which will 667 be interpreted as an integer. 668 This array is replaced during 669 a strategic merge patch. 670 items: 671 type: string 672 type: array 673 required: 674 - key 675 - operator 676 type: object 677 type: array 678 matchFields: 679 description: A list of node selector 680 requirements by node's fields. 681 items: 682 description: A node selector requirement 683 is a selector that contains values, 684 a key, and an operator that relates 685 the key and values. 686 properties: 687 key: 688 description: The label key that 689 the selector applies to. 690 type: string 691 operator: 692 description: Represents a key's 693 relationship to a set of values. 694 Valid operators are In, NotIn, 695 Exists, DoesNotExist. Gt, 696 and Lt. 697 type: string 698 values: 699 description: An array of string 700 values. If the operator is 701 In or NotIn, the values array 702 must be non-empty. If the 703 operator is Exists or DoesNotExist, 704 the values array must be empty. 705 If the operator is Gt or Lt, 706 the values array must have 707 a single element, which will 708 be interpreted as an integer. 709 This array is replaced during 710 a strategic merge patch. 711 items: 712 type: string 713 type: array 714 required: 715 - key 716 - operator 717 type: object 718 type: array 719 type: object 720 x-kubernetes-map-type: atomic 721 weight: 722 description: Weight associated with matching 723 the corresponding nodeSelectorTerm, 724 in the range 1-100. 725 format: int32 726 type: integer 727 required: 728 - preference 729 - weight 730 type: object 731 type: array 732 requiredDuringSchedulingIgnoredDuringExecution: 733 description: If the affinity requirements specified 734 by this field are not met at scheduling time, 735 the pod will not be scheduled onto the node. 736 If the affinity requirements specified by 737 this field cease to be met at some point during 738 pod execution (e.g. due to an update), the 739 system may or may not try to eventually evict 740 the pod from its node. 741 properties: 742 nodeSelectorTerms: 743 description: Required. A list of node selector 744 terms. The terms are ORed. 745 items: 746 description: A null or empty node selector 747 term matches no objects. The requirements 748 of them are ANDed. The TopologySelectorTerm 749 type implements a subset of the NodeSelectorTerm. 750 properties: 751 matchExpressions: 752 description: A list of node selector 753 requirements by node's labels. 754 items: 755 description: A node selector requirement 756 is a selector that contains values, 757 a key, and an operator that relates 758 the key and values. 759 properties: 760 key: 761 description: The label key that 762 the selector applies to. 763 type: string 764 operator: 765 description: Represents a key's 766 relationship to a set of values. 767 Valid operators are In, NotIn, 768 Exists, DoesNotExist. Gt, 769 and Lt. 770 type: string 771 values: 772 description: An array of string 773 values. If the operator is 774 In or NotIn, the values array 775 must be non-empty. If the 776 operator is Exists or DoesNotExist, 777 the values array must be empty. 778 If the operator is Gt or Lt, 779 the values array must have 780 a single element, which will 781 be interpreted as an integer. 782 This array is replaced during 783 a strategic merge patch. 784 items: 785 type: string 786 type: array 787 required: 788 - key 789 - operator 790 type: object 791 type: array 792 matchFields: 793 description: A list of node selector 794 requirements by node's fields. 795 items: 796 description: A node selector requirement 797 is a selector that contains values, 798 a key, and an operator that relates 799 the key and values. 800 properties: 801 key: 802 description: The label key that 803 the selector applies to. 804 type: string 805 operator: 806 description: Represents a key's 807 relationship to a set of values. 808 Valid operators are In, NotIn, 809 Exists, DoesNotExist. Gt, 810 and Lt. 811 type: string 812 values: 813 description: An array of string 814 values. If the operator is 815 In or NotIn, the values array 816 must be non-empty. If the 817 operator is Exists or DoesNotExist, 818 the values array must be empty. 819 If the operator is Gt or Lt, 820 the values array must have 821 a single element, which will 822 be interpreted as an integer. 823 This array is replaced during 824 a strategic merge patch. 825 items: 826 type: string 827 type: array 828 required: 829 - key 830 - operator 831 type: object 832 type: array 833 type: object 834 x-kubernetes-map-type: atomic 835 type: array 836 required: 837 - nodeSelectorTerms 838 type: object 839 x-kubernetes-map-type: atomic 840 type: object 841 podAffinity: 842 description: Describes pod affinity scheduling rules 843 (e.g. co-locate this pod in the same node, zone, 844 etc. as some other pod(s)). 845 properties: 846 preferredDuringSchedulingIgnoredDuringExecution: 847 description: The scheduler will prefer to schedule 848 pods to nodes that satisfy the affinity expressions 849 specified by this field, but it may choose 850 a node that violates one or more of the expressions. 851 The node that is most preferred is the one 852 with the greatest sum of weights, i.e. for 853 each node that meets all of the scheduling 854 requirements (resource request, requiredDuringScheduling 855 affinity expressions, etc. 856 items: 857 description: The weights of all of the matched 858 WeightedPodAffinityTerm fields are added 859 per-node to find the most preferred node(s) 860 properties: 861 podAffinityTerm: 862 description: Required. A pod affinity 863 term, associated with the corresponding 864 weight. 865 properties: 866 labelSelector: 867 description: A label query over a 868 set of resources, in this case pods. 869 properties: 870 matchExpressions: 871 description: matchExpressions 872 is a list of label selector 873 requirements. The requirements 874 are ANDed. 875 items: 876 description: A label selector 877 requirement is a selector 878 that contains values, a key, 879 and an operator that relates 880 the key and values. 881 properties: 882 key: 883 description: key is the 884 label key that the selector 885 applies to. 886 type: string 887 operator: 888 description: operator represents 889 a key's relationship to 890 a set of values. Valid 891 operators are In, NotIn, 892 Exists and DoesNotExist. 893 type: string 894 values: 895 description: values is an 896 array of string values. 897 If the operator is In 898 or NotIn, the values array 899 must be non-empty. If 900 the operator is Exists 901 or DoesNotExist, the values 902 array must be empty. This 903 array is replaced during 904 a strategic merge patch. 905 items: 906 type: string 907 type: array 908 required: 909 - key 910 - operator 911 type: object 912 type: array 913 matchLabels: 914 additionalProperties: 915 type: string 916 description: matchLabels is a 917 map of {key,value} pairs. A 918 single {key,value} in the matchLabels 919 map is equivalent to an element 920 of matchExpressions, whose key 921 field is "key", the operator 922 is "In", and the values array 923 contains only "value". The requirements 924 are ANDed. 925 type: object 926 type: object 927 x-kubernetes-map-type: atomic 928 namespaceSelector: 929 description: A label query over the 930 set of namespaces that the term 931 applies to. The term is applied 932 to the union of the namespaces selected 933 by this field and the ones listed 934 in the namespaces field. null selector 935 and null or empty namespaces list 936 means "this pod's namespace". An 937 empty selector ({}) matches all 938 namespaces. 939 properties: 940 matchExpressions: 941 description: matchExpressions 942 is a list of label selector 943 requirements. The requirements 944 are ANDed. 945 items: 946 description: A label selector 947 requirement is a selector 948 that contains values, a key, 949 and an operator that relates 950 the key and values. 951 properties: 952 key: 953 description: key is the 954 label key that the selector 955 applies to. 956 type: string 957 operator: 958 description: operator represents 959 a key's relationship to 960 a set of values. Valid 961 operators are In, NotIn, 962 Exists and DoesNotExist. 963 type: string 964 values: 965 description: values is an 966 array of string values. 967 If the operator is In 968 or NotIn, the values array 969 must be non-empty. If 970 the operator is Exists 971 or DoesNotExist, the values 972 array must be empty. This 973 array is replaced during 974 a strategic merge patch. 975 items: 976 type: string 977 type: array 978 required: 979 - key 980 - operator 981 type: object 982 type: array 983 matchLabels: 984 additionalProperties: 985 type: string 986 description: matchLabels is a 987 map of {key,value} pairs. A 988 single {key,value} in the matchLabels 989 map is equivalent to an element 990 of matchExpressions, whose key 991 field is "key", the operator 992 is "In", and the values array 993 contains only "value". The requirements 994 are ANDed. 995 type: object 996 type: object 997 x-kubernetes-map-type: atomic 998 namespaces: 999 description: namespaces specifies 1000 a static list of namespace names 1001 that the term applies to. The term 1002 is applied to the union of the namespaces 1003 listed in this field and the ones 1004 selected by namespaceSelector. null 1005 or empty namespaces list and null 1006 namespaceSelector means "this pod's 1007 namespace". 1008 items: 1009 type: string 1010 type: array 1011 topologyKey: 1012 description: This pod should be co-located 1013 (affinity) or not co-located (anti-affinity) 1014 with the pods matching the labelSelector 1015 in the specified namespaces, where 1016 co-located is defined as running 1017 on a node whose value of the label 1018 with key topologyKey matches that 1019 of any node on which any of the 1020 selected pods is running. Empty 1021 topologyKey is not allowed. 1022 type: string 1023 required: 1024 - topologyKey 1025 type: object 1026 weight: 1027 description: weight associated with matching 1028 the corresponding podAffinityTerm, in 1029 the range 1-100. 1030 format: int32 1031 type: integer 1032 required: 1033 - podAffinityTerm 1034 - weight 1035 type: object 1036 type: array 1037 requiredDuringSchedulingIgnoredDuringExecution: 1038 description: If the affinity requirements specified 1039 by this field are not met at scheduling time, 1040 the pod will not be scheduled onto the node. 1041 If the affinity requirements specified by 1042 this field cease to be met at some point during 1043 pod execution (e.g. due to a pod label update), 1044 the system may or may not try to eventually 1045 evict the pod from its node. 1046 items: 1047 description: Defines a set of pods (namely 1048 those matching the labelSelector relative 1049 to the given namespace(s)) that this pod 1050 should be co-located (affinity) or not co-located 1051 (anti-affinity) with, where co-located is 1052 defined as running on a node whose value 1053 of the label with key <topologyKey> matches 1054 that of any node on which a pod of the set 1055 of pods is running 1056 properties: 1057 labelSelector: 1058 description: A label query over a set 1059 of resources, in this case pods. 1060 properties: 1061 matchExpressions: 1062 description: matchExpressions is a 1063 list of label selector requirements. 1064 The requirements are ANDed. 1065 items: 1066 description: A label selector requirement 1067 is a selector that contains values, 1068 a key, and an operator that relates 1069 the key and values. 1070 properties: 1071 key: 1072 description: key is the label 1073 key that the selector applies 1074 to. 1075 type: string 1076 operator: 1077 description: operator represents 1078 a key's relationship to a 1079 set of values. Valid operators 1080 are In, NotIn, Exists and 1081 DoesNotExist. 1082 type: string 1083 values: 1084 description: values is an array 1085 of string values. If the operator 1086 is In or NotIn, the values 1087 array must be non-empty. If 1088 the operator is Exists or 1089 DoesNotExist, the values array 1090 must be empty. This array 1091 is replaced during a strategic 1092 merge patch. 1093 items: 1094 type: string 1095 type: array 1096 required: 1097 - key 1098 - operator 1099 type: object 1100 type: array 1101 matchLabels: 1102 additionalProperties: 1103 type: string 1104 description: matchLabels is a map 1105 of {key,value} pairs. A single {key,value} 1106 in the matchLabels map is equivalent 1107 to an element of matchExpressions, 1108 whose key field is "key", the operator 1109 is "In", and the values array contains 1110 only "value". The requirements are 1111 ANDed. 1112 type: object 1113 type: object 1114 x-kubernetes-map-type: atomic 1115 namespaceSelector: 1116 description: A label query over the set 1117 of namespaces that the term applies 1118 to. The term is applied to the union 1119 of the namespaces selected by this field 1120 and the ones listed in the namespaces 1121 field. null selector and null or empty 1122 namespaces list means "this pod's namespace". 1123 An empty selector ({}) matches all namespaces. 1124 properties: 1125 matchExpressions: 1126 description: matchExpressions is a 1127 list of label selector requirements. 1128 The requirements are ANDed. 1129 items: 1130 description: A label selector requirement 1131 is a selector that contains values, 1132 a key, and an operator that relates 1133 the key and values. 1134 properties: 1135 key: 1136 description: key is the label 1137 key that the selector applies 1138 to. 1139 type: string 1140 operator: 1141 description: operator represents 1142 a key's relationship to a 1143 set of values. Valid operators 1144 are In, NotIn, Exists and 1145 DoesNotExist. 1146 type: string 1147 values: 1148 description: values is an array 1149 of string values. If the operator 1150 is In or NotIn, the values 1151 array must be non-empty. If 1152 the operator is Exists or 1153 DoesNotExist, the values array 1154 must be empty. This array 1155 is replaced during a strategic 1156 merge patch. 1157 items: 1158 type: string 1159 type: array 1160 required: 1161 - key 1162 - operator 1163 type: object 1164 type: array 1165 matchLabels: 1166 additionalProperties: 1167 type: string 1168 description: matchLabels is a map 1169 of {key,value} pairs. A single {key,value} 1170 in the matchLabels map is equivalent 1171 to an element of matchExpressions, 1172 whose key field is "key", the operator 1173 is "In", and the values array contains 1174 only "value". The requirements are 1175 ANDed. 1176 type: object 1177 type: object 1178 x-kubernetes-map-type: atomic 1179 namespaces: 1180 description: namespaces specifies a static 1181 list of namespace names that the term 1182 applies to. The term is applied to the 1183 union of the namespaces listed in this 1184 field and the ones selected by namespaceSelector. 1185 null or empty namespaces list and null 1186 namespaceSelector means "this pod's 1187 namespace". 1188 items: 1189 type: string 1190 type: array 1191 topologyKey: 1192 description: This pod should be co-located 1193 (affinity) or not co-located (anti-affinity) 1194 with the pods matching the labelSelector 1195 in the specified namespaces, where co-located 1196 is defined as running on a node whose 1197 value of the label with key topologyKey 1198 matches that of any node on which any 1199 of the selected pods is running. Empty 1200 topologyKey is not allowed. 1201 type: string 1202 required: 1203 - topologyKey 1204 type: object 1205 type: array 1206 type: object 1207 podAntiAffinity: 1208 description: Describes pod anti-affinity scheduling 1209 rules (e.g. avoid putting this pod in the same 1210 node, zone, etc. as some other pod(s)). 1211 properties: 1212 preferredDuringSchedulingIgnoredDuringExecution: 1213 description: The scheduler will prefer to schedule 1214 pods to nodes that satisfy the anti-affinity 1215 expressions specified by this field, but it 1216 may choose a node that violates one or more 1217 of the expressions. The node that is most 1218 preferred is the one with the greatest sum 1219 of weights, i.e. 1220 items: 1221 description: The weights of all of the matched 1222 WeightedPodAffinityTerm fields are added 1223 per-node to find the most preferred node(s) 1224 properties: 1225 podAffinityTerm: 1226 description: Required. A pod affinity 1227 term, associated with the corresponding 1228 weight. 1229 properties: 1230 labelSelector: 1231 description: A label query over a 1232 set of resources, in this case pods. 1233 properties: 1234 matchExpressions: 1235 description: matchExpressions 1236 is a list of label selector 1237 requirements. The requirements 1238 are ANDed. 1239 items: 1240 description: A label selector 1241 requirement is a selector 1242 that contains values, a key, 1243 and an operator that relates 1244 the key and values. 1245 properties: 1246 key: 1247 description: key is the 1248 label key that the selector 1249 applies to. 1250 type: string 1251 operator: 1252 description: operator represents 1253 a key's relationship to 1254 a set of values. Valid 1255 operators are In, NotIn, 1256 Exists and DoesNotExist. 1257 type: string 1258 values: 1259 description: values is an 1260 array of string values. 1261 If the operator is In 1262 or NotIn, the values array 1263 must be non-empty. If 1264 the operator is Exists 1265 or DoesNotExist, the values 1266 array must be empty. This 1267 array is replaced during 1268 a strategic merge patch. 1269 items: 1270 type: string 1271 type: array 1272 required: 1273 - key 1274 - operator 1275 type: object 1276 type: array 1277 matchLabels: 1278 additionalProperties: 1279 type: string 1280 description: matchLabels is a 1281 map of {key,value} pairs. A 1282 single {key,value} in the matchLabels 1283 map is equivalent to an element 1284 of matchExpressions, whose key 1285 field is "key", the operator 1286 is "In", and the values array 1287 contains only "value". The requirements 1288 are ANDed. 1289 type: object 1290 type: object 1291 x-kubernetes-map-type: atomic 1292 namespaceSelector: 1293 description: A label query over the 1294 set of namespaces that the term 1295 applies to. The term is applied 1296 to the union of the namespaces selected 1297 by this field and the ones listed 1298 in the namespaces field. null selector 1299 and null or empty namespaces list 1300 means "this pod's namespace". An 1301 empty selector ({}) matches all 1302 namespaces. 1303 properties: 1304 matchExpressions: 1305 description: matchExpressions 1306 is a list of label selector 1307 requirements. The requirements 1308 are ANDed. 1309 items: 1310 description: A label selector 1311 requirement is a selector 1312 that contains values, a key, 1313 and an operator that relates 1314 the key and values. 1315 properties: 1316 key: 1317 description: key is the 1318 label key that the selector 1319 applies to. 1320 type: string 1321 operator: 1322 description: operator represents 1323 a key's relationship to 1324 a set of values. Valid 1325 operators are In, NotIn, 1326 Exists and DoesNotExist. 1327 type: string 1328 values: 1329 description: values is an 1330 array of string values. 1331 If the operator is In 1332 or NotIn, the values array 1333 must be non-empty. If 1334 the operator is Exists 1335 or DoesNotExist, the values 1336 array must be empty. This 1337 array is replaced during 1338 a strategic merge patch. 1339 items: 1340 type: string 1341 type: array 1342 required: 1343 - key 1344 - operator 1345 type: object 1346 type: array 1347 matchLabels: 1348 additionalProperties: 1349 type: string 1350 description: matchLabels is a 1351 map of {key,value} pairs. A 1352 single {key,value} in the matchLabels 1353 map is equivalent to an element 1354 of matchExpressions, whose key 1355 field is "key", the operator 1356 is "In", and the values array 1357 contains only "value". The requirements 1358 are ANDed. 1359 type: object 1360 type: object 1361 x-kubernetes-map-type: atomic 1362 namespaces: 1363 description: namespaces specifies 1364 a static list of namespace names 1365 that the term applies to. The term 1366 is applied to the union of the namespaces 1367 listed in this field and the ones 1368 selected by namespaceSelector. null 1369 or empty namespaces list and null 1370 namespaceSelector means "this pod's 1371 namespace". 1372 items: 1373 type: string 1374 type: array 1375 topologyKey: 1376 description: This pod should be co-located 1377 (affinity) or not co-located (anti-affinity) 1378 with the pods matching the labelSelector 1379 in the specified namespaces, where 1380 co-located is defined as running 1381 on a node whose value of the label 1382 with key topologyKey matches that 1383 of any node on which any of the 1384 selected pods is running. Empty 1385 topologyKey is not allowed. 1386 type: string 1387 required: 1388 - topologyKey 1389 type: object 1390 weight: 1391 description: weight associated with matching 1392 the corresponding podAffinityTerm, in 1393 the range 1-100. 1394 format: int32 1395 type: integer 1396 required: 1397 - podAffinityTerm 1398 - weight 1399 type: object 1400 type: array 1401 requiredDuringSchedulingIgnoredDuringExecution: 1402 description: If the anti-affinity requirements 1403 specified by this field are not met at scheduling 1404 time, the pod will not be scheduled onto the 1405 node. If the anti-affinity requirements specified 1406 by this field cease to be met at some point 1407 during pod execution (e.g. due to a pod label 1408 update), the system may or may not try to 1409 eventually evict the pod from its node. 1410 items: 1411 description: Defines a set of pods (namely 1412 those matching the labelSelector relative 1413 to the given namespace(s)) that this pod 1414 should be co-located (affinity) or not co-located 1415 (anti-affinity) with, where co-located is 1416 defined as running on a node whose value 1417 of the label with key <topologyKey> matches 1418 that of any node on which a pod of the set 1419 of pods is running 1420 properties: 1421 labelSelector: 1422 description: A label query over a set 1423 of resources, in this case pods. 1424 properties: 1425 matchExpressions: 1426 description: matchExpressions is a 1427 list of label selector requirements. 1428 The requirements are ANDed. 1429 items: 1430 description: A label selector requirement 1431 is a selector that contains values, 1432 a key, and an operator that relates 1433 the key and values. 1434 properties: 1435 key: 1436 description: key is the label 1437 key that the selector applies 1438 to. 1439 type: string 1440 operator: 1441 description: operator represents 1442 a key's relationship to a 1443 set of values. Valid operators 1444 are In, NotIn, Exists and 1445 DoesNotExist. 1446 type: string 1447 values: 1448 description: values is an array 1449 of string values. If the operator 1450 is In or NotIn, the values 1451 array must be non-empty. If 1452 the operator is Exists or 1453 DoesNotExist, the values array 1454 must be empty. This array 1455 is replaced during a strategic 1456 merge patch. 1457 items: 1458 type: string 1459 type: array 1460 required: 1461 - key 1462 - operator 1463 type: object 1464 type: array 1465 matchLabels: 1466 additionalProperties: 1467 type: string 1468 description: matchLabels is a map 1469 of {key,value} pairs. A single {key,value} 1470 in the matchLabels map is equivalent 1471 to an element of matchExpressions, 1472 whose key field is "key", the operator 1473 is "In", and the values array contains 1474 only "value". The requirements are 1475 ANDed. 1476 type: object 1477 type: object 1478 x-kubernetes-map-type: atomic 1479 namespaceSelector: 1480 description: A label query over the set 1481 of namespaces that the term applies 1482 to. The term is applied to the union 1483 of the namespaces selected by this field 1484 and the ones listed in the namespaces 1485 field. null selector and null or empty 1486 namespaces list means "this pod's namespace". 1487 An empty selector ({}) matches all namespaces. 1488 properties: 1489 matchExpressions: 1490 description: matchExpressions is a 1491 list of label selector requirements. 1492 The requirements are ANDed. 1493 items: 1494 description: A label selector requirement 1495 is a selector that contains values, 1496 a key, and an operator that relates 1497 the key and values. 1498 properties: 1499 key: 1500 description: key is the label 1501 key that the selector applies 1502 to. 1503 type: string 1504 operator: 1505 description: operator represents 1506 a key's relationship to a 1507 set of values. Valid operators 1508 are In, NotIn, Exists and 1509 DoesNotExist. 1510 type: string 1511 values: 1512 description: values is an array 1513 of string values. If the operator 1514 is In or NotIn, the values 1515 array must be non-empty. If 1516 the operator is Exists or 1517 DoesNotExist, the values array 1518 must be empty. This array 1519 is replaced during a strategic 1520 merge patch. 1521 items: 1522 type: string 1523 type: array 1524 required: 1525 - key 1526 - operator 1527 type: object 1528 type: array 1529 matchLabels: 1530 additionalProperties: 1531 type: string 1532 description: matchLabels is a map 1533 of {key,value} pairs. A single {key,value} 1534 in the matchLabels map is equivalent 1535 to an element of matchExpressions, 1536 whose key field is "key", the operator 1537 is "In", and the values array contains 1538 only "value". The requirements are 1539 ANDed. 1540 type: object 1541 type: object 1542 x-kubernetes-map-type: atomic 1543 namespaces: 1544 description: namespaces specifies a static 1545 list of namespace names that the term 1546 applies to. The term is applied to the 1547 union of the namespaces listed in this 1548 field and the ones selected by namespaceSelector. 1549 null or empty namespaces list and null 1550 namespaceSelector means "this pod's 1551 namespace". 1552 items: 1553 type: string 1554 type: array 1555 topologyKey: 1556 description: This pod should be co-located 1557 (affinity) or not co-located (anti-affinity) 1558 with the pods matching the labelSelector 1559 in the specified namespaces, where co-located 1560 is defined as running on a node whose 1561 value of the label with key topologyKey 1562 matches that of any node on which any 1563 of the selected pods is running. Empty 1564 topologyKey is not allowed. 1565 type: string 1566 required: 1567 - topologyKey 1568 type: object 1569 type: array 1570 type: object 1571 type: object 1572 automountServiceAccountToken: 1573 description: AutomountServiceAccountToken indicates 1574 whether a service account token should be automatically 1575 mounted. 1576 type: boolean 1577 containers: 1578 description: List of containers belonging to the pod. 1579 Containers cannot currently be added or removed. There 1580 must be at least one container in a Pod. Cannot be 1581 updated. 1582 items: 1583 description: A single application container that you 1584 want to run within a pod. 1585 properties: 1586 args: 1587 description: 'Arguments to the entrypoint. The 1588 container image''s CMD is used if this is not 1589 provided. Variable references $(VAR_NAME) are 1590 expanded using the container''s environment. 1591 If a variable cannot be resolved, the reference 1592 in the input string will be unchanged. Double 1593 $$ are reduced to a single $, which allows for 1594 escaping the $(VAR_NAME) syntax: i.e.' 1595 items: 1596 type: string 1597 type: array 1598 command: 1599 description: 'Entrypoint array. Not executed within 1600 a shell. The container image''s ENTRYPOINT is 1601 used if this is not provided. Variable references 1602 $(VAR_NAME) are expanded using the container''s 1603 environment. If a variable cannot be resolved, 1604 the reference in the input string will be unchanged. 1605 Double $$ are reduced to a single $, which allows 1606 for escaping the $(VAR_NAME) syntax: i.e.' 1607 items: 1608 type: string 1609 type: array 1610 env: 1611 description: List of environment variables to 1612 set in the container. Cannot be updated. 1613 items: 1614 description: EnvVar represents an environment 1615 variable present in a Container. 1616 properties: 1617 name: 1618 description: Name of the environment variable. 1619 Must be a C_IDENTIFIER. 1620 type: string 1621 value: 1622 description: 'Variable references $(VAR_NAME) 1623 are expanded using the previously defined 1624 environment variables in the container 1625 and any service environment variables. 1626 If a variable cannot be resolved, the 1627 reference in the input string will be 1628 unchanged. Double $$ are reduced to a 1629 single $, which allows for escaping the 1630 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1631 will produce the string literal "$(VAR_NAME)".' 1632 type: string 1633 valueFrom: 1634 description: Source for the environment 1635 variable's value. Cannot be used if value 1636 is not empty. 1637 properties: 1638 configMapKeyRef: 1639 description: Selects a key of a ConfigMap. 1640 properties: 1641 key: 1642 description: The key to select. 1643 type: string 1644 name: 1645 description: 'Name of the referent. 1646 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1647 TODO: Add other useful fields. 1648 apiVersion, kind, uid?' 1649 type: string 1650 optional: 1651 description: Specify whether the 1652 ConfigMap or its key must be defined 1653 type: boolean 1654 required: 1655 - key 1656 type: object 1657 x-kubernetes-map-type: atomic 1658 fieldRef: 1659 description: 'Selects a field of the 1660 pod: supports metadata.name, metadata.namespace, 1661 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 1662 spec.nodeName, spec.serviceAccountName, 1663 status.hostIP, status.podIP, status.podIPs.' 1664 properties: 1665 apiVersion: 1666 description: Version of the schema 1667 the FieldPath is written in terms 1668 of, defaults to "v1". 1669 type: string 1670 fieldPath: 1671 description: Path of the field to 1672 select in the specified API version. 1673 type: string 1674 required: 1675 - fieldPath 1676 type: object 1677 x-kubernetes-map-type: atomic 1678 resourceFieldRef: 1679 description: 'Selects a resource of 1680 the container: only resources limits 1681 and requests (limits.cpu, limits.memory, 1682 limits.ephemeral-storage, requests.cpu, 1683 requests.memory and requests.ephemeral-storage) 1684 are currently supported.' 1685 properties: 1686 containerName: 1687 description: 'Container name: required 1688 for volumes, optional for env 1689 vars' 1690 type: string 1691 divisor: 1692 anyOf: 1693 - type: integer 1694 - type: string 1695 description: Specifies the output 1696 format of the exposed resources, 1697 defaults to "1" 1698 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1699 x-kubernetes-int-or-string: true 1700 resource: 1701 description: 'Required: resource 1702 to select' 1703 type: string 1704 required: 1705 - resource 1706 type: object 1707 x-kubernetes-map-type: atomic 1708 secretKeyRef: 1709 description: Selects a key of a secret 1710 in the pod's namespace 1711 properties: 1712 key: 1713 description: The key of the secret 1714 to select from. Must be a valid 1715 secret key. 1716 type: string 1717 name: 1718 description: 'Name of the referent. 1719 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1720 TODO: Add other useful fields. 1721 apiVersion, kind, uid?' 1722 type: string 1723 optional: 1724 description: Specify whether the 1725 Secret or its key must be defined 1726 type: boolean 1727 required: 1728 - key 1729 type: object 1730 x-kubernetes-map-type: atomic 1731 type: object 1732 required: 1733 - name 1734 type: object 1735 type: array 1736 envFrom: 1737 description: List of sources to populate environment 1738 variables in the container. The keys defined 1739 within a source must be a C_IDENTIFIER. All 1740 invalid keys will be reported as an event when 1741 the container is starting. When a key exists 1742 in multiple sources, the value associated with 1743 the last source will take precedence. Values 1744 defined by an Env with a duplicate key will 1745 take precedence. Cannot be updated. 1746 items: 1747 description: EnvFromSource represents the source 1748 of a set of ConfigMaps 1749 properties: 1750 configMapRef: 1751 description: The ConfigMap to select from 1752 properties: 1753 name: 1754 description: 'Name of the referent. 1755 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1756 TODO: Add other useful fields. apiVersion, 1757 kind, uid?' 1758 type: string 1759 optional: 1760 description: Specify whether the ConfigMap 1761 must be defined 1762 type: boolean 1763 type: object 1764 x-kubernetes-map-type: atomic 1765 prefix: 1766 description: An optional identifier to prepend 1767 to each key in the ConfigMap. Must be 1768 a C_IDENTIFIER. 1769 type: string 1770 secretRef: 1771 description: The Secret to select from 1772 properties: 1773 name: 1774 description: 'Name of the referent. 1775 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1776 TODO: Add other useful fields. apiVersion, 1777 kind, uid?' 1778 type: string 1779 optional: 1780 description: Specify whether the Secret 1781 must be defined 1782 type: boolean 1783 type: object 1784 x-kubernetes-map-type: atomic 1785 type: object 1786 type: array 1787 image: 1788 description: 'Container image name. More info: 1789 https://kubernetes.io/docs/concepts/containers/images 1790 This field is optional to allow higher level 1791 config management to default or override container 1792 images in workload controllers like Deployments 1793 and StatefulSets.' 1794 type: string 1795 imagePullPolicy: 1796 description: 'Image pull policy. One of Always, 1797 Never, IfNotPresent. Defaults to Always if :latest 1798 tag is specified, or IfNotPresent otherwise. 1799 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1800 type: string 1801 lifecycle: 1802 description: Actions that the management system 1803 should take in response to container lifecycle 1804 events. Cannot be updated. 1805 properties: 1806 postStart: 1807 description: 'PostStart is called immediately 1808 after a container is created. If the handler 1809 fails, the container is terminated and restarted 1810 according to its restart policy. Other management 1811 of the container blocks until the hook completes. 1812 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1813 properties: 1814 exec: 1815 description: Exec specifies the action 1816 to take. 1817 properties: 1818 command: 1819 description: Command is the command 1820 line to execute inside the container, 1821 the working directory for the command is 1822 root ('/') in the container's filesystem. 1823 The command is simply exec'd, it 1824 is not run inside a shell, so traditional 1825 shell instructions ('|', etc) won't 1826 work. To use a shell, you need to 1827 explicitly call out to that shell. 1828 Exit status of 0 is treated as live/healthy 1829 and non-zero is unhealthy. 1830 items: 1831 type: string 1832 type: array 1833 type: object 1834 httpGet: 1835 description: HTTPGet specifies the http 1836 request to perform. 1837 properties: 1838 host: 1839 description: Host name to connect 1840 to, defaults to the pod IP. You 1841 probably want to set "Host" in httpHeaders 1842 instead. 1843 type: string 1844 httpHeaders: 1845 description: Custom headers to set 1846 in the request. HTTP allows repeated 1847 headers. 1848 items: 1849 description: HTTPHeader describes 1850 a custom header to be used in 1851 HTTP probes 1852 properties: 1853 name: 1854 description: The header field 1855 name. This will be canonicalized 1856 upon output, so case-variant 1857 names will be understood as 1858 the same header. 1859 type: string 1860 value: 1861 description: The header field 1862 value 1863 type: string 1864 required: 1865 - name 1866 - value 1867 type: object 1868 type: array 1869 path: 1870 description: Path to access on the 1871 HTTP server. 1872 type: string 1873 port: 1874 anyOf: 1875 - type: integer 1876 - type: string 1877 description: Name or number of the 1878 port to access on the container. 1879 Number must be in the range 1 to 1880 65535. Name must be an IANA_SVC_NAME. 1881 x-kubernetes-int-or-string: true 1882 scheme: 1883 description: Scheme to use for connecting 1884 to the host. Defaults to HTTP. 1885 type: string 1886 required: 1887 - port 1888 type: object 1889 tcpSocket: 1890 description: Deprecated. TCPSocket is 1891 NOT supported as a LifecycleHandler 1892 and kept for the backward compatibility. 1893 There are no validation of this field 1894 and lifecycle hooks will fail in runtime 1895 when tcp handler is specified. 1896 properties: 1897 host: 1898 description: 'Optional: Host name 1899 to connect to, defaults to the pod 1900 IP.' 1901 type: string 1902 port: 1903 anyOf: 1904 - type: integer 1905 - type: string 1906 description: Number or name of the 1907 port to access on the container. 1908 Number must be in the range 1 to 1909 65535. Name must be an IANA_SVC_NAME. 1910 x-kubernetes-int-or-string: true 1911 required: 1912 - port 1913 type: object 1914 type: object 1915 preStop: 1916 description: PreStop is called immediately 1917 before a container is terminated due to 1918 an API request or management event such 1919 as liveness/startup probe failure, preemption, 1920 resource contention, etc. The handler is 1921 not called if the container crashes or exits. 1922 The Pod's termination grace period countdown 1923 begins before the PreStop hook is executed. 1924 properties: 1925 exec: 1926 description: Exec specifies the action 1927 to take. 1928 properties: 1929 command: 1930 description: Command is the command 1931 line to execute inside the container, 1932 the working directory for the command is 1933 root ('/') in the container's filesystem. 1934 The command is simply exec'd, it 1935 is not run inside a shell, so traditional 1936 shell instructions ('|', etc) won't 1937 work. To use a shell, you need to 1938 explicitly call out to that shell. 1939 Exit status of 0 is treated as live/healthy 1940 and non-zero is unhealthy. 1941 items: 1942 type: string 1943 type: array 1944 type: object 1945 httpGet: 1946 description: HTTPGet specifies the http 1947 request to perform. 1948 properties: 1949 host: 1950 description: Host name to connect 1951 to, defaults to the pod IP. You 1952 probably want to set "Host" in httpHeaders 1953 instead. 1954 type: string 1955 httpHeaders: 1956 description: Custom headers to set 1957 in the request. HTTP allows repeated 1958 headers. 1959 items: 1960 description: HTTPHeader describes 1961 a custom header to be used in 1962 HTTP probes 1963 properties: 1964 name: 1965 description: The header field 1966 name. This will be canonicalized 1967 upon output, so case-variant 1968 names will be understood as 1969 the same header. 1970 type: string 1971 value: 1972 description: The header field 1973 value 1974 type: string 1975 required: 1976 - name 1977 - value 1978 type: object 1979 type: array 1980 path: 1981 description: Path to access on the 1982 HTTP server. 1983 type: string 1984 port: 1985 anyOf: 1986 - type: integer 1987 - type: string 1988 description: Name or number of the 1989 port to access on the container. 1990 Number must be in the range 1 to 1991 65535. Name must be an IANA_SVC_NAME. 1992 x-kubernetes-int-or-string: true 1993 scheme: 1994 description: Scheme to use for connecting 1995 to the host. Defaults to HTTP. 1996 type: string 1997 required: 1998 - port 1999 type: object 2000 tcpSocket: 2001 description: Deprecated. TCPSocket is 2002 NOT supported as a LifecycleHandler 2003 and kept for the backward compatibility. 2004 There are no validation of this field 2005 and lifecycle hooks will fail in runtime 2006 when tcp handler is specified. 2007 properties: 2008 host: 2009 description: 'Optional: Host name 2010 to connect to, defaults to the pod 2011 IP.' 2012 type: string 2013 port: 2014 anyOf: 2015 - type: integer 2016 - type: string 2017 description: Number or name of the 2018 port to access on the container. 2019 Number must be in the range 1 to 2020 65535. Name must be an IANA_SVC_NAME. 2021 x-kubernetes-int-or-string: true 2022 required: 2023 - port 2024 type: object 2025 type: object 2026 type: object 2027 livenessProbe: 2028 description: 'Periodic probe of container liveness. 2029 Container will be restarted if the probe fails. 2030 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2031 properties: 2032 exec: 2033 description: Exec specifies the action to 2034 take. 2035 properties: 2036 command: 2037 description: Command is the command line 2038 to execute inside the container, the 2039 working directory for the command is 2040 root ('/') in the container's filesystem. 2041 The command is simply exec'd, it is 2042 not run inside a shell, so traditional 2043 shell instructions ('|', etc) won't 2044 work. To use a shell, you need to explicitly 2045 call out to that shell. Exit status 2046 of 0 is treated as live/healthy and 2047 non-zero is unhealthy. 2048 items: 2049 type: string 2050 type: array 2051 type: object 2052 failureThreshold: 2053 description: Minimum consecutive failures 2054 for the probe to be considered failed after 2055 having succeeded. Defaults to 3. Minimum 2056 value is 1. 2057 format: int32 2058 type: integer 2059 grpc: 2060 description: GRPC specifies an action involving 2061 a GRPC port. 2062 properties: 2063 port: 2064 description: Port number of the gRPC service. 2065 Number must be in the range 1 to 65535. 2066 format: int32 2067 type: integer 2068 service: 2069 description: "Service is the name of the 2070 service to place in the gRPC HealthCheckRequest 2071 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2072 \n If this is not specified, the default 2073 behavior is defined by gRPC." 2074 type: string 2075 required: 2076 - port 2077 type: object 2078 httpGet: 2079 description: HTTPGet specifies the http request 2080 to perform. 2081 properties: 2082 host: 2083 description: Host name to connect to, 2084 defaults to the pod IP. You probably 2085 want to set "Host" in httpHeaders instead. 2086 type: string 2087 httpHeaders: 2088 description: Custom headers to set in 2089 the request. HTTP allows repeated headers. 2090 items: 2091 description: HTTPHeader describes a 2092 custom header to be used in HTTP probes 2093 properties: 2094 name: 2095 description: The header field name. 2096 This will be canonicalized upon 2097 output, so case-variant names 2098 will be understood as the same 2099 header. 2100 type: string 2101 value: 2102 description: The header field value 2103 type: string 2104 required: 2105 - name 2106 - value 2107 type: object 2108 type: array 2109 path: 2110 description: Path to access on the HTTP 2111 server. 2112 type: string 2113 port: 2114 anyOf: 2115 - type: integer 2116 - type: string 2117 description: Name or number of the port 2118 to access on the container. Number must 2119 be in the range 1 to 65535. Name must 2120 be an IANA_SVC_NAME. 2121 x-kubernetes-int-or-string: true 2122 scheme: 2123 description: Scheme to use for connecting 2124 to the host. Defaults to HTTP. 2125 type: string 2126 required: 2127 - port 2128 type: object 2129 initialDelaySeconds: 2130 description: 'Number of seconds after the 2131 container has started before liveness probes 2132 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2133 format: int32 2134 type: integer 2135 periodSeconds: 2136 description: How often (in seconds) to perform 2137 the probe. Default to 10 seconds. Minimum 2138 value is 1. 2139 format: int32 2140 type: integer 2141 successThreshold: 2142 description: Minimum consecutive successes 2143 for the probe to be considered successful 2144 after having failed. Defaults to 1. Must 2145 be 1 for liveness and startup. Minimum value 2146 is 1. 2147 format: int32 2148 type: integer 2149 tcpSocket: 2150 description: TCPSocket specifies an action 2151 involving a TCP port. 2152 properties: 2153 host: 2154 description: 'Optional: Host name to connect 2155 to, defaults to the pod IP.' 2156 type: string 2157 port: 2158 anyOf: 2159 - type: integer 2160 - type: string 2161 description: Number or name of the port 2162 to access on the container. Number must 2163 be in the range 1 to 65535. Name must 2164 be an IANA_SVC_NAME. 2165 x-kubernetes-int-or-string: true 2166 required: 2167 - port 2168 type: object 2169 terminationGracePeriodSeconds: 2170 description: Optional duration in seconds 2171 the pod needs to terminate gracefully upon 2172 probe failure. The grace period is the duration 2173 in seconds after the processes running in 2174 the pod are sent a termination signal and 2175 the time when the processes are forcibly 2176 halted with a kill signal. Set this value 2177 longer than the expected cleanup time for 2178 your process. 2179 format: int64 2180 type: integer 2181 timeoutSeconds: 2182 description: 'Number of seconds after which 2183 the probe times out. Defaults to 1 second. 2184 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2185 format: int32 2186 type: integer 2187 type: object 2188 name: 2189 description: Name of the container specified as 2190 a DNS_LABEL. Each container in a pod must have 2191 a unique name (DNS_LABEL). Cannot be updated. 2192 type: string 2193 ports: 2194 description: List of ports to expose from the 2195 container. Not specifying a port here DOES NOT 2196 prevent that port from being exposed. Any port 2197 which is listening on the default "0.0.0.0" 2198 address inside a container will be accessible 2199 from the network. Modifying this array with 2200 strategic merge patch may corrupt the data. 2201 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 2202 items: 2203 description: ContainerPort represents a network 2204 port in a single container. 2205 properties: 2206 containerPort: 2207 description: Number of port to expose on 2208 the pod's IP address. This must be a valid 2209 port number, 0 < x < 65536. 2210 format: int32 2211 type: integer 2212 hostIP: 2213 description: What host IP to bind the external 2214 port to. 2215 type: string 2216 hostPort: 2217 description: Number of port to expose on 2218 the host. If specified, this must be a 2219 valid port number, 0 < x < 65536. If HostNetwork 2220 is specified, this must match ContainerPort. 2221 Most containers do not need this. 2222 format: int32 2223 type: integer 2224 name: 2225 description: If specified, this must be 2226 an IANA_SVC_NAME and unique within the 2227 pod. Each named port in a pod must have 2228 a unique name. Name for the port that 2229 can be referred to by services. 2230 type: string 2231 protocol: 2232 default: TCP 2233 description: Protocol for port. Must be 2234 UDP, TCP, or SCTP. Defaults to "TCP". 2235 type: string 2236 required: 2237 - containerPort 2238 type: object 2239 type: array 2240 x-kubernetes-list-map-keys: 2241 - containerPort 2242 - protocol 2243 x-kubernetes-list-type: map 2244 readinessProbe: 2245 description: 'Periodic probe of container service 2246 readiness. Container will be removed from service 2247 endpoints if the probe fails. Cannot be updated. 2248 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2249 properties: 2250 exec: 2251 description: Exec specifies the action to 2252 take. 2253 properties: 2254 command: 2255 description: Command is the command line 2256 to execute inside the container, the 2257 working directory for the command is 2258 root ('/') in the container's filesystem. 2259 The command is simply exec'd, it is 2260 not run inside a shell, so traditional 2261 shell instructions ('|', etc) won't 2262 work. To use a shell, you need to explicitly 2263 call out to that shell. Exit status 2264 of 0 is treated as live/healthy and 2265 non-zero is unhealthy. 2266 items: 2267 type: string 2268 type: array 2269 type: object 2270 failureThreshold: 2271 description: Minimum consecutive failures 2272 for the probe to be considered failed after 2273 having succeeded. Defaults to 3. Minimum 2274 value is 1. 2275 format: int32 2276 type: integer 2277 grpc: 2278 description: GRPC specifies an action involving 2279 a GRPC port. 2280 properties: 2281 port: 2282 description: Port number of the gRPC service. 2283 Number must be in the range 1 to 65535. 2284 format: int32 2285 type: integer 2286 service: 2287 description: "Service is the name of the 2288 service to place in the gRPC HealthCheckRequest 2289 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2290 \n If this is not specified, the default 2291 behavior is defined by gRPC." 2292 type: string 2293 required: 2294 - port 2295 type: object 2296 httpGet: 2297 description: HTTPGet specifies the http request 2298 to perform. 2299 properties: 2300 host: 2301 description: Host name to connect to, 2302 defaults to the pod IP. You probably 2303 want to set "Host" in httpHeaders instead. 2304 type: string 2305 httpHeaders: 2306 description: Custom headers to set in 2307 the request. HTTP allows repeated headers. 2308 items: 2309 description: HTTPHeader describes a 2310 custom header to be used in HTTP probes 2311 properties: 2312 name: 2313 description: The header field name. 2314 This will be canonicalized upon 2315 output, so case-variant names 2316 will be understood as the same 2317 header. 2318 type: string 2319 value: 2320 description: The header field value 2321 type: string 2322 required: 2323 - name 2324 - value 2325 type: object 2326 type: array 2327 path: 2328 description: Path to access on the HTTP 2329 server. 2330 type: string 2331 port: 2332 anyOf: 2333 - type: integer 2334 - type: string 2335 description: Name or number of the port 2336 to access on the container. Number must 2337 be in the range 1 to 65535. Name must 2338 be an IANA_SVC_NAME. 2339 x-kubernetes-int-or-string: true 2340 scheme: 2341 description: Scheme to use for connecting 2342 to the host. Defaults to HTTP. 2343 type: string 2344 required: 2345 - port 2346 type: object 2347 initialDelaySeconds: 2348 description: 'Number of seconds after the 2349 container has started before liveness probes 2350 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2351 format: int32 2352 type: integer 2353 periodSeconds: 2354 description: How often (in seconds) to perform 2355 the probe. Default to 10 seconds. Minimum 2356 value is 1. 2357 format: int32 2358 type: integer 2359 successThreshold: 2360 description: Minimum consecutive successes 2361 for the probe to be considered successful 2362 after having failed. Defaults to 1. Must 2363 be 1 for liveness and startup. Minimum value 2364 is 1. 2365 format: int32 2366 type: integer 2367 tcpSocket: 2368 description: TCPSocket specifies an action 2369 involving a TCP port. 2370 properties: 2371 host: 2372 description: 'Optional: Host name to connect 2373 to, defaults to the pod IP.' 2374 type: string 2375 port: 2376 anyOf: 2377 - type: integer 2378 - type: string 2379 description: Number or name of the port 2380 to access on the container. Number must 2381 be in the range 1 to 65535. Name must 2382 be an IANA_SVC_NAME. 2383 x-kubernetes-int-or-string: true 2384 required: 2385 - port 2386 type: object 2387 terminationGracePeriodSeconds: 2388 description: Optional duration in seconds 2389 the pod needs to terminate gracefully upon 2390 probe failure. The grace period is the duration 2391 in seconds after the processes running in 2392 the pod are sent a termination signal and 2393 the time when the processes are forcibly 2394 halted with a kill signal. Set this value 2395 longer than the expected cleanup time for 2396 your process. 2397 format: int64 2398 type: integer 2399 timeoutSeconds: 2400 description: 'Number of seconds after which 2401 the probe times out. Defaults to 1 second. 2402 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2403 format: int32 2404 type: integer 2405 type: object 2406 resizePolicy: 2407 description: Resources resize policy for the container. 2408 items: 2409 description: ContainerResizePolicy represents 2410 resource resize policy for the container. 2411 properties: 2412 resourceName: 2413 description: 'Name of the resource to which 2414 this resource resize policy applies. Supported 2415 values: cpu, memory.' 2416 type: string 2417 restartPolicy: 2418 description: Restart policy to apply when 2419 specified resource is resized. If not 2420 specified, it defaults to NotRequired. 2421 type: string 2422 required: 2423 - resourceName 2424 - restartPolicy 2425 type: object 2426 type: array 2427 x-kubernetes-list-type: atomic 2428 resources: 2429 description: 'Compute Resources required by this 2430 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2431 properties: 2432 claims: 2433 description: "Claims lists the names of resources, 2434 defined in spec.resourceClaims, that are 2435 used by this container. \n This is an alpha 2436 field and requires enabling the DynamicResourceAllocation 2437 feature gate. \n This field is immutable. 2438 It can only be set for containers." 2439 items: 2440 description: ResourceClaim references one 2441 entry in PodSpec.ResourceClaims. 2442 properties: 2443 name: 2444 description: Name must match the name 2445 of one entry in pod.spec.resourceClaims 2446 of the Pod where this field is used. 2447 It makes that resource available inside 2448 a container. 2449 type: string 2450 required: 2451 - name 2452 type: object 2453 type: array 2454 x-kubernetes-list-map-keys: 2455 - name 2456 x-kubernetes-list-type: map 2457 limits: 2458 additionalProperties: 2459 anyOf: 2460 - type: integer 2461 - type: string 2462 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2463 x-kubernetes-int-or-string: true 2464 description: 'Limits describes the maximum 2465 amount of compute resources allowed. More 2466 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2467 type: object 2468 requests: 2469 additionalProperties: 2470 anyOf: 2471 - type: integer 2472 - type: string 2473 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2474 x-kubernetes-int-or-string: true 2475 description: 'Requests describes the minimum 2476 amount of compute resources required. If 2477 Requests is omitted for a container, it 2478 defaults to Limits if that is explicitly 2479 specified, otherwise to an implementation-defined 2480 value. Requests cannot exceed Limits. More 2481 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2482 type: object 2483 type: object 2484 securityContext: 2485 description: 'SecurityContext defines the security 2486 options the container should be run with. If 2487 set, the fields of SecurityContext override 2488 the equivalent fields of PodSecurityContext. 2489 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2490 properties: 2491 allowPrivilegeEscalation: 2492 description: 'AllowPrivilegeEscalation controls 2493 whether a process can gain more privileges 2494 than its parent process. This bool directly 2495 controls if the no_new_privs flag will be 2496 set on the container process. AllowPrivilegeEscalation 2497 is true always when the container is: 1) 2498 run as Privileged 2) has CAP_SYS_ADMIN Note 2499 that this field cannot be set when spec.os.name 2500 is windows.' 2501 type: boolean 2502 capabilities: 2503 description: The capabilities to add/drop 2504 when running containers. Defaults to the 2505 default set of capabilities granted by the 2506 container runtime. Note that this field 2507 cannot be set when spec.os.name is windows. 2508 properties: 2509 add: 2510 description: Added capabilities 2511 items: 2512 description: Capability represent POSIX 2513 capabilities type 2514 type: string 2515 type: array 2516 drop: 2517 description: Removed capabilities 2518 items: 2519 description: Capability represent POSIX 2520 capabilities type 2521 type: string 2522 type: array 2523 type: object 2524 privileged: 2525 description: Run container in privileged mode. 2526 Processes in privileged containers are essentially 2527 equivalent to root on the host. Defaults 2528 to false. Note that this field cannot be 2529 set when spec.os.name is windows. 2530 type: boolean 2531 procMount: 2532 description: procMount denotes the type of 2533 proc mount to use for the containers. The 2534 default is DefaultProcMount which uses the 2535 container runtime defaults for readonly 2536 paths and masked paths. This requires the 2537 ProcMountType feature flag to be enabled. 2538 Note that this field cannot be set when 2539 spec.os.name is windows. 2540 type: string 2541 readOnlyRootFilesystem: 2542 description: Whether this container has a 2543 read-only root filesystem. Default is false. 2544 Note that this field cannot be set when 2545 spec.os.name is windows. 2546 type: boolean 2547 runAsGroup: 2548 description: The GID to run the entrypoint 2549 of the container process. Uses runtime default 2550 if unset. May also be set in PodSecurityContext. If 2551 set in both SecurityContext and PodSecurityContext, 2552 the value specified in SecurityContext takes 2553 precedence. Note that this field cannot 2554 be set when spec.os.name is windows. 2555 format: int64 2556 type: integer 2557 runAsNonRoot: 2558 description: Indicates that the container 2559 must run as a non-root user. If true, the 2560 Kubelet will validate the image at runtime 2561 to ensure that it does not run as UID 0 2562 (root) and fail to start the container if 2563 it does. If unset or false, no such validation 2564 will be performed. May also be set in PodSecurityContext. 2565 type: boolean 2566 runAsUser: 2567 description: The UID to run the entrypoint 2568 of the container process. Defaults to user 2569 specified in image metadata if unspecified. 2570 May also be set in PodSecurityContext. If 2571 set in both SecurityContext and PodSecurityContext, 2572 the value specified in SecurityContext takes 2573 precedence. Note that this field cannot 2574 be set when spec.os.name is windows. 2575 format: int64 2576 type: integer 2577 seLinuxOptions: 2578 description: The SELinux context to be applied 2579 to the container. If unspecified, the container 2580 runtime will allocate a random SELinux context 2581 for each container. May also be set in 2582 PodSecurityContext. If set in both SecurityContext 2583 and PodSecurityContext, the value specified 2584 in SecurityContext takes precedence. Note 2585 that this field cannot be set when spec.os.name 2586 is windows. 2587 properties: 2588 level: 2589 description: Level is SELinux level label 2590 that applies to the container. 2591 type: string 2592 role: 2593 description: Role is a SELinux role label 2594 that applies to the container. 2595 type: string 2596 type: 2597 description: Type is a SELinux type label 2598 that applies to the container. 2599 type: string 2600 user: 2601 description: User is a SELinux user label 2602 that applies to the container. 2603 type: string 2604 type: object 2605 seccompProfile: 2606 description: The seccomp options to use by 2607 this container. If seccomp options are provided 2608 at both the pod & container level, the container 2609 options override the pod options. Note that 2610 this field cannot be set when spec.os.name 2611 is windows. 2612 properties: 2613 localhostProfile: 2614 description: localhostProfile indicates 2615 a profile defined in a file on the node 2616 should be used. The profile must be 2617 preconfigured on the node to work. Must 2618 be a descending path, relative to the 2619 kubelet's configured seccomp profile 2620 location. Must only be set if type is 2621 "Localhost". 2622 type: string 2623 type: 2624 description: "type indicates which kind 2625 of seccomp profile will be applied. 2626 Valid options are: \n Localhost - a 2627 profile defined in a file on the node 2628 should be used. RuntimeDefault - the 2629 container runtime default profile should 2630 be used. Unconfined - no profile should 2631 be applied." 2632 type: string 2633 required: 2634 - type 2635 type: object 2636 windowsOptions: 2637 description: The Windows specific settings 2638 applied to all containers. If unspecified, 2639 the options from the PodSecurityContext 2640 will be used. If set in both SecurityContext 2641 and PodSecurityContext, the value specified 2642 in SecurityContext takes precedence. Note 2643 that this field cannot be set when spec.os.name 2644 is linux. 2645 properties: 2646 gmsaCredentialSpec: 2647 description: GMSACredentialSpec is where 2648 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2649 inlines the contents of the GMSA credential 2650 spec named by the GMSACredentialSpecName 2651 field. 2652 type: string 2653 gmsaCredentialSpecName: 2654 description: GMSACredentialSpecName is 2655 the name of the GMSA credential spec 2656 to use. 2657 type: string 2658 hostProcess: 2659 description: HostProcess determines if 2660 a container should be run as a 'Host 2661 Process' container. This field is alpha-level 2662 and will only be honored by components 2663 that enable the WindowsHostProcessContainers 2664 feature flag. Setting this field without 2665 the feature flag will result in errors 2666 when validating the Pod. 2667 type: boolean 2668 runAsUserName: 2669 description: The UserName in Windows to 2670 run the entrypoint of the container 2671 process. Defaults to the user specified 2672 in image metadata if unspecified. May 2673 also be set in PodSecurityContext. If 2674 set in both SecurityContext and PodSecurityContext, 2675 the value specified in SecurityContext 2676 takes precedence. 2677 type: string 2678 type: object 2679 type: object 2680 startupProbe: 2681 description: StartupProbe indicates that the Pod 2682 has successfully initialized. If specified, 2683 no other probes are executed until this completes 2684 successfully. If this probe fails, the Pod will 2685 be restarted, just as if the livenessProbe failed. 2686 properties: 2687 exec: 2688 description: Exec specifies the action to 2689 take. 2690 properties: 2691 command: 2692 description: Command is the command line 2693 to execute inside the container, the 2694 working directory for the command is 2695 root ('/') in the container's filesystem. 2696 The command is simply exec'd, it is 2697 not run inside a shell, so traditional 2698 shell instructions ('|', etc) won't 2699 work. To use a shell, you need to explicitly 2700 call out to that shell. Exit status 2701 of 0 is treated as live/healthy and 2702 non-zero is unhealthy. 2703 items: 2704 type: string 2705 type: array 2706 type: object 2707 failureThreshold: 2708 description: Minimum consecutive failures 2709 for the probe to be considered failed after 2710 having succeeded. Defaults to 3. Minimum 2711 value is 1. 2712 format: int32 2713 type: integer 2714 grpc: 2715 description: GRPC specifies an action involving 2716 a GRPC port. 2717 properties: 2718 port: 2719 description: Port number of the gRPC service. 2720 Number must be in the range 1 to 65535. 2721 format: int32 2722 type: integer 2723 service: 2724 description: "Service is the name of the 2725 service to place in the gRPC HealthCheckRequest 2726 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2727 \n If this is not specified, the default 2728 behavior is defined by gRPC." 2729 type: string 2730 required: 2731 - port 2732 type: object 2733 httpGet: 2734 description: HTTPGet specifies the http request 2735 to perform. 2736 properties: 2737 host: 2738 description: Host name to connect to, 2739 defaults to the pod IP. You probably 2740 want to set "Host" in httpHeaders instead. 2741 type: string 2742 httpHeaders: 2743 description: Custom headers to set in 2744 the request. HTTP allows repeated headers. 2745 items: 2746 description: HTTPHeader describes a 2747 custom header to be used in HTTP probes 2748 properties: 2749 name: 2750 description: The header field name. 2751 This will be canonicalized upon 2752 output, so case-variant names 2753 will be understood as the same 2754 header. 2755 type: string 2756 value: 2757 description: The header field value 2758 type: string 2759 required: 2760 - name 2761 - value 2762 type: object 2763 type: array 2764 path: 2765 description: Path to access on the HTTP 2766 server. 2767 type: string 2768 port: 2769 anyOf: 2770 - type: integer 2771 - type: string 2772 description: Name or number of the port 2773 to access on the container. Number must 2774 be in the range 1 to 65535. Name must 2775 be an IANA_SVC_NAME. 2776 x-kubernetes-int-or-string: true 2777 scheme: 2778 description: Scheme to use for connecting 2779 to the host. Defaults to HTTP. 2780 type: string 2781 required: 2782 - port 2783 type: object 2784 initialDelaySeconds: 2785 description: 'Number of seconds after the 2786 container has started before liveness probes 2787 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2788 format: int32 2789 type: integer 2790 periodSeconds: 2791 description: How often (in seconds) to perform 2792 the probe. Default to 10 seconds. Minimum 2793 value is 1. 2794 format: int32 2795 type: integer 2796 successThreshold: 2797 description: Minimum consecutive successes 2798 for the probe to be considered successful 2799 after having failed. Defaults to 1. Must 2800 be 1 for liveness and startup. Minimum value 2801 is 1. 2802 format: int32 2803 type: integer 2804 tcpSocket: 2805 description: TCPSocket specifies an action 2806 involving a TCP port. 2807 properties: 2808 host: 2809 description: 'Optional: Host name to connect 2810 to, defaults to the pod IP.' 2811 type: string 2812 port: 2813 anyOf: 2814 - type: integer 2815 - type: string 2816 description: Number or name of the port 2817 to access on the container. Number must 2818 be in the range 1 to 65535. Name must 2819 be an IANA_SVC_NAME. 2820 x-kubernetes-int-or-string: true 2821 required: 2822 - port 2823 type: object 2824 terminationGracePeriodSeconds: 2825 description: Optional duration in seconds 2826 the pod needs to terminate gracefully upon 2827 probe failure. The grace period is the duration 2828 in seconds after the processes running in 2829 the pod are sent a termination signal and 2830 the time when the processes are forcibly 2831 halted with a kill signal. Set this value 2832 longer than the expected cleanup time for 2833 your process. 2834 format: int64 2835 type: integer 2836 timeoutSeconds: 2837 description: 'Number of seconds after which 2838 the probe times out. Defaults to 1 second. 2839 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2840 format: int32 2841 type: integer 2842 type: object 2843 stdin: 2844 description: Whether this container should allocate 2845 a buffer for stdin in the container runtime. 2846 If this is not set, reads from stdin in the 2847 container will always result in EOF. Default 2848 is false. 2849 type: boolean 2850 stdinOnce: 2851 description: Whether the container runtime should 2852 close the stdin channel after it has been opened 2853 by a single attach. When stdin is true the stdin 2854 stream will remain open across multiple attach 2855 sessions. 2856 type: boolean 2857 terminationMessagePath: 2858 description: 'Optional: Path at which the file 2859 to which the container''s termination message 2860 will be written is mounted into the container''s 2861 filesystem. Message written is intended to be 2862 brief final status, such as an assertion failure 2863 message. Will be truncated by the node if greater 2864 than 4096 bytes. The total message length across 2865 all containers will be limited to 12kb. Defaults 2866 to /dev/termination-log.' 2867 type: string 2868 terminationMessagePolicy: 2869 description: Indicate how the termination message 2870 should be populated. File will use the contents 2871 of terminationMessagePath to populate the container 2872 status message on both success and failure. 2873 FallbackToLogsOnError will use the last chunk 2874 of container log output if the termination message 2875 file is empty and the container exited with 2876 an error. 2877 type: string 2878 tty: 2879 description: Whether this container should allocate 2880 a TTY for itself, also requires 'stdin' to be 2881 true. Default is false. 2882 type: boolean 2883 volumeDevices: 2884 description: volumeDevices is the list of block 2885 devices to be used by the container. 2886 items: 2887 description: volumeDevice describes a mapping 2888 of a raw block device within a container. 2889 properties: 2890 devicePath: 2891 description: devicePath is the path inside 2892 of the container that the device will 2893 be mapped to. 2894 type: string 2895 name: 2896 description: name must match the name of 2897 a persistentVolumeClaim in the pod 2898 type: string 2899 required: 2900 - devicePath 2901 - name 2902 type: object 2903 type: array 2904 volumeMounts: 2905 description: Pod volumes to mount into the container's 2906 filesystem. Cannot be updated. 2907 items: 2908 description: VolumeMount describes a mounting 2909 of a Volume within a container. 2910 properties: 2911 mountPath: 2912 description: Path within the container at 2913 which the volume should be mounted. Must 2914 not contain ':'. 2915 type: string 2916 mountPropagation: 2917 description: mountPropagation determines 2918 how mounts are propagated from the host 2919 to container and the other way around. 2920 When not set, MountPropagationNone is 2921 used. This field is beta in 1.10. 2922 type: string 2923 name: 2924 description: This must match the Name of 2925 a Volume. 2926 type: string 2927 readOnly: 2928 description: Mounted read-only if true, 2929 read-write otherwise (false or unspecified). 2930 Defaults to false. 2931 type: boolean 2932 subPath: 2933 description: Path within the volume from 2934 which the container's volume should be 2935 mounted. Defaults to "" (volume's root). 2936 type: string 2937 subPathExpr: 2938 description: Expanded path within the volume 2939 from which the container's volume should 2940 be mounted. Behaves similarly to SubPath 2941 but environment variable references $(VAR_NAME) 2942 are expanded using the container's environment. 2943 Defaults to "" (volume's root). SubPathExpr 2944 and SubPath are mutually exclusive. 2945 type: string 2946 required: 2947 - mountPath 2948 - name 2949 type: object 2950 type: array 2951 workingDir: 2952 description: Container's working directory. If 2953 not specified, the container runtime's default 2954 will be used, which might be configured in the 2955 container image. Cannot be updated. 2956 type: string 2957 required: 2958 - name 2959 type: object 2960 type: array 2961 dnsConfig: 2962 description: Specifies the DNS parameters of a pod. 2963 Parameters specified here will be merged to the generated 2964 DNS configuration based on DNSPolicy. 2965 properties: 2966 nameservers: 2967 description: A list of DNS name server IP addresses. 2968 This will be appended to the base nameservers 2969 generated from DNSPolicy. Duplicated nameservers 2970 will be removed. 2971 items: 2972 type: string 2973 type: array 2974 options: 2975 description: A list of DNS resolver options. This 2976 will be merged with the base options generated 2977 from DNSPolicy. Duplicated entries will be removed. 2978 Resolution options given in Options will override 2979 those that appear in the base DNSPolicy. 2980 items: 2981 description: PodDNSConfigOption defines DNS resolver 2982 options of a pod. 2983 properties: 2984 name: 2985 description: Required. 2986 type: string 2987 value: 2988 type: string 2989 type: object 2990 type: array 2991 searches: 2992 description: A list of DNS search domains for host-name 2993 lookup. This will be appended to the base search 2994 paths generated from DNSPolicy. Duplicated search 2995 paths will be removed. 2996 items: 2997 type: string 2998 type: array 2999 type: object 3000 dnsPolicy: 3001 description: Set DNS policy for the pod. Defaults to 3002 "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 3003 'ClusterFirst', 'Default' or 'None'. DNS parameters 3004 given in DNSConfig will be merged with the policy 3005 selected with DNSPolicy. To have DNS options set along 3006 with hostNetwork, you have to specify DNS policy explicitly 3007 to 'ClusterFirstWithHostNet'. 3008 type: string 3009 enableServiceLinks: 3010 description: 'EnableServiceLinks indicates whether information 3011 about services should be injected into pod''s environment 3012 variables, matching the syntax of Docker links. Optional: 3013 Defaults to true.' 3014 type: boolean 3015 ephemeralContainers: 3016 description: List of ephemeral containers run in this 3017 pod. Ephemeral containers may be run in an existing 3018 pod to perform user-initiated actions such as debugging. 3019 This list cannot be specified when creating a pod, 3020 and it cannot be modified by updating the pod spec. 3021 In order to add an ephemeral container to an existing 3022 pod, use the pod's ephemeralcontainers subresource. 3023 items: 3024 description: An EphemeralContainer is a temporary 3025 container that you may add to an existing Pod for 3026 user-initiated activities such as debugging. Ephemeral 3027 containers have no resource or scheduling guarantees, 3028 and they will not be restarted when they exit or 3029 when a Pod is removed or restarted. The kubelet 3030 may evict a Pod if an ephemeral container causes 3031 the Pod to exceed its resource allocation. 3032 properties: 3033 args: 3034 description: 'Arguments to the entrypoint. The 3035 image''s CMD is used if this is not provided. 3036 Variable references $(VAR_NAME) are expanded 3037 using the container''s environment. If a variable 3038 cannot be resolved, the reference in the input 3039 string will be unchanged. Double $$ are reduced 3040 to a single $, which allows for escaping the 3041 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 3042 produce the string literal "$(VAR_NAME)".' 3043 items: 3044 type: string 3045 type: array 3046 command: 3047 description: 'Entrypoint array. Not executed within 3048 a shell. The image''s ENTRYPOINT is used if 3049 this is not provided. Variable references $(VAR_NAME) 3050 are expanded using the container''s environment. 3051 If a variable cannot be resolved, the reference 3052 in the input string will be unchanged. Double 3053 $$ are reduced to a single $, which allows for 3054 escaping the $(VAR_NAME) syntax: i.e.' 3055 items: 3056 type: string 3057 type: array 3058 env: 3059 description: List of environment variables to 3060 set in the container. Cannot be updated. 3061 items: 3062 description: EnvVar represents an environment 3063 variable present in a Container. 3064 properties: 3065 name: 3066 description: Name of the environment variable. 3067 Must be a C_IDENTIFIER. 3068 type: string 3069 value: 3070 description: 'Variable references $(VAR_NAME) 3071 are expanded using the previously defined 3072 environment variables in the container 3073 and any service environment variables. 3074 If a variable cannot be resolved, the 3075 reference in the input string will be 3076 unchanged. Double $$ are reduced to a 3077 single $, which allows for escaping the 3078 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3079 will produce the string literal "$(VAR_NAME)".' 3080 type: string 3081 valueFrom: 3082 description: Source for the environment 3083 variable's value. Cannot be used if value 3084 is not empty. 3085 properties: 3086 configMapKeyRef: 3087 description: Selects a key of a ConfigMap. 3088 properties: 3089 key: 3090 description: The key to select. 3091 type: string 3092 name: 3093 description: 'Name of the referent. 3094 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3095 TODO: Add other useful fields. 3096 apiVersion, kind, uid?' 3097 type: string 3098 optional: 3099 description: Specify whether the 3100 ConfigMap or its key must be defined 3101 type: boolean 3102 required: 3103 - key 3104 type: object 3105 x-kubernetes-map-type: atomic 3106 fieldRef: 3107 description: 'Selects a field of the 3108 pod: supports metadata.name, metadata.namespace, 3109 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 3110 spec.nodeName, spec.serviceAccountName, 3111 status.hostIP, status.podIP, status.podIPs.' 3112 properties: 3113 apiVersion: 3114 description: Version of the schema 3115 the FieldPath is written in terms 3116 of, defaults to "v1". 3117 type: string 3118 fieldPath: 3119 description: Path of the field to 3120 select in the specified API version. 3121 type: string 3122 required: 3123 - fieldPath 3124 type: object 3125 x-kubernetes-map-type: atomic 3126 resourceFieldRef: 3127 description: 'Selects a resource of 3128 the container: only resources limits 3129 and requests (limits.cpu, limits.memory, 3130 limits.ephemeral-storage, requests.cpu, 3131 requests.memory and requests.ephemeral-storage) 3132 are currently supported.' 3133 properties: 3134 containerName: 3135 description: 'Container name: required 3136 for volumes, optional for env 3137 vars' 3138 type: string 3139 divisor: 3140 anyOf: 3141 - type: integer 3142 - type: string 3143 description: Specifies the output 3144 format of the exposed resources, 3145 defaults to "1" 3146 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3147 x-kubernetes-int-or-string: true 3148 resource: 3149 description: 'Required: resource 3150 to select' 3151 type: string 3152 required: 3153 - resource 3154 type: object 3155 x-kubernetes-map-type: atomic 3156 secretKeyRef: 3157 description: Selects a key of a secret 3158 in the pod's namespace 3159 properties: 3160 key: 3161 description: The key of the secret 3162 to select from. Must be a valid 3163 secret key. 3164 type: string 3165 name: 3166 description: 'Name of the referent. 3167 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3168 TODO: Add other useful fields. 3169 apiVersion, kind, uid?' 3170 type: string 3171 optional: 3172 description: Specify whether the 3173 Secret or its key must be defined 3174 type: boolean 3175 required: 3176 - key 3177 type: object 3178 x-kubernetes-map-type: atomic 3179 type: object 3180 required: 3181 - name 3182 type: object 3183 type: array 3184 envFrom: 3185 description: List of sources to populate environment 3186 variables in the container. The keys defined 3187 within a source must be a C_IDENTIFIER. All 3188 invalid keys will be reported as an event when 3189 the container is starting. When a key exists 3190 in multiple sources, the value associated with 3191 the last source will take precedence. Values 3192 defined by an Env with a duplicate key will 3193 take precedence. Cannot be updated. 3194 items: 3195 description: EnvFromSource represents the source 3196 of a set of ConfigMaps 3197 properties: 3198 configMapRef: 3199 description: The ConfigMap to select from 3200 properties: 3201 name: 3202 description: 'Name of the referent. 3203 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3204 TODO: Add other useful fields. apiVersion, 3205 kind, uid?' 3206 type: string 3207 optional: 3208 description: Specify whether the ConfigMap 3209 must be defined 3210 type: boolean 3211 type: object 3212 x-kubernetes-map-type: atomic 3213 prefix: 3214 description: An optional identifier to prepend 3215 to each key in the ConfigMap. Must be 3216 a C_IDENTIFIER. 3217 type: string 3218 secretRef: 3219 description: The Secret to select from 3220 properties: 3221 name: 3222 description: 'Name of the referent. 3223 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3224 TODO: Add other useful fields. apiVersion, 3225 kind, uid?' 3226 type: string 3227 optional: 3228 description: Specify whether the Secret 3229 must be defined 3230 type: boolean 3231 type: object 3232 x-kubernetes-map-type: atomic 3233 type: object 3234 type: array 3235 image: 3236 description: 'Container image name. More info: 3237 https://kubernetes.io/docs/concepts/containers/images' 3238 type: string 3239 imagePullPolicy: 3240 description: 'Image pull policy. One of Always, 3241 Never, IfNotPresent. Defaults to Always if :latest 3242 tag is specified, or IfNotPresent otherwise. 3243 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3244 type: string 3245 lifecycle: 3246 description: Lifecycle is not allowed for ephemeral 3247 containers. 3248 properties: 3249 postStart: 3250 description: 'PostStart is called immediately 3251 after a container is created. If the handler 3252 fails, the container is terminated and restarted 3253 according to its restart policy. Other management 3254 of the container blocks until the hook completes. 3255 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3256 properties: 3257 exec: 3258 description: Exec specifies the action 3259 to take. 3260 properties: 3261 command: 3262 description: Command is the command 3263 line to execute inside the container, 3264 the working directory for the command is 3265 root ('/') in the container's filesystem. 3266 The command is simply exec'd, it 3267 is not run inside a shell, so traditional 3268 shell instructions ('|', etc) won't 3269 work. To use a shell, you need to 3270 explicitly call out to that shell. 3271 Exit status of 0 is treated as live/healthy 3272 and non-zero is unhealthy. 3273 items: 3274 type: string 3275 type: array 3276 type: object 3277 httpGet: 3278 description: HTTPGet specifies the http 3279 request to perform. 3280 properties: 3281 host: 3282 description: Host name to connect 3283 to, defaults to the pod IP. You 3284 probably want to set "Host" in httpHeaders 3285 instead. 3286 type: string 3287 httpHeaders: 3288 description: Custom headers to set 3289 in the request. HTTP allows repeated 3290 headers. 3291 items: 3292 description: HTTPHeader describes 3293 a custom header to be used in 3294 HTTP probes 3295 properties: 3296 name: 3297 description: The header field 3298 name. This will be canonicalized 3299 upon output, so case-variant 3300 names will be understood as 3301 the same header. 3302 type: string 3303 value: 3304 description: The header field 3305 value 3306 type: string 3307 required: 3308 - name 3309 - value 3310 type: object 3311 type: array 3312 path: 3313 description: Path to access on the 3314 HTTP server. 3315 type: string 3316 port: 3317 anyOf: 3318 - type: integer 3319 - type: string 3320 description: Name or number of the 3321 port to access on the container. 3322 Number must be in the range 1 to 3323 65535. Name must be an IANA_SVC_NAME. 3324 x-kubernetes-int-or-string: true 3325 scheme: 3326 description: Scheme to use for connecting 3327 to the host. Defaults to HTTP. 3328 type: string 3329 required: 3330 - port 3331 type: object 3332 tcpSocket: 3333 description: Deprecated. TCPSocket is 3334 NOT supported as a LifecycleHandler 3335 and kept for the backward compatibility. 3336 There are no validation of this field 3337 and lifecycle hooks will fail in runtime 3338 when tcp handler is specified. 3339 properties: 3340 host: 3341 description: 'Optional: Host name 3342 to connect to, defaults to the pod 3343 IP.' 3344 type: string 3345 port: 3346 anyOf: 3347 - type: integer 3348 - type: string 3349 description: Number or name of the 3350 port to access on the container. 3351 Number must be in the range 1 to 3352 65535. Name must be an IANA_SVC_NAME. 3353 x-kubernetes-int-or-string: true 3354 required: 3355 - port 3356 type: object 3357 type: object 3358 preStop: 3359 description: PreStop is called immediately 3360 before a container is terminated due to 3361 an API request or management event such 3362 as liveness/startup probe failure, preemption, 3363 resource contention, etc. The handler is 3364 not called if the container crashes or exits. 3365 The Pod's termination grace period countdown 3366 begins before the PreStop hook is executed. 3367 properties: 3368 exec: 3369 description: Exec specifies the action 3370 to take. 3371 properties: 3372 command: 3373 description: Command is the command 3374 line to execute inside the container, 3375 the working directory for the command is 3376 root ('/') in the container's filesystem. 3377 The command is simply exec'd, it 3378 is not run inside a shell, so traditional 3379 shell instructions ('|', etc) won't 3380 work. To use a shell, you need to 3381 explicitly call out to that shell. 3382 Exit status of 0 is treated as live/healthy 3383 and non-zero is unhealthy. 3384 items: 3385 type: string 3386 type: array 3387 type: object 3388 httpGet: 3389 description: HTTPGet specifies the http 3390 request to perform. 3391 properties: 3392 host: 3393 description: Host name to connect 3394 to, defaults to the pod IP. You 3395 probably want to set "Host" in httpHeaders 3396 instead. 3397 type: string 3398 httpHeaders: 3399 description: Custom headers to set 3400 in the request. HTTP allows repeated 3401 headers. 3402 items: 3403 description: HTTPHeader describes 3404 a custom header to be used in 3405 HTTP probes 3406 properties: 3407 name: 3408 description: The header field 3409 name. This will be canonicalized 3410 upon output, so case-variant 3411 names will be understood as 3412 the same header. 3413 type: string 3414 value: 3415 description: The header field 3416 value 3417 type: string 3418 required: 3419 - name 3420 - value 3421 type: object 3422 type: array 3423 path: 3424 description: Path to access on the 3425 HTTP server. 3426 type: string 3427 port: 3428 anyOf: 3429 - type: integer 3430 - type: string 3431 description: Name or number of the 3432 port to access on the container. 3433 Number must be in the range 1 to 3434 65535. Name must be an IANA_SVC_NAME. 3435 x-kubernetes-int-or-string: true 3436 scheme: 3437 description: Scheme to use for connecting 3438 to the host. Defaults to HTTP. 3439 type: string 3440 required: 3441 - port 3442 type: object 3443 tcpSocket: 3444 description: Deprecated. TCPSocket is 3445 NOT supported as a LifecycleHandler 3446 and kept for the backward compatibility. 3447 There are no validation of this field 3448 and lifecycle hooks will fail in runtime 3449 when tcp handler is specified. 3450 properties: 3451 host: 3452 description: 'Optional: Host name 3453 to connect to, defaults to the pod 3454 IP.' 3455 type: string 3456 port: 3457 anyOf: 3458 - type: integer 3459 - type: string 3460 description: Number or name of the 3461 port to access on the container. 3462 Number must be in the range 1 to 3463 65535. Name must be an IANA_SVC_NAME. 3464 x-kubernetes-int-or-string: true 3465 required: 3466 - port 3467 type: object 3468 type: object 3469 type: object 3470 livenessProbe: 3471 description: Probes are not allowed for ephemeral 3472 containers. 3473 properties: 3474 exec: 3475 description: Exec specifies the action to 3476 take. 3477 properties: 3478 command: 3479 description: Command is the command line 3480 to execute inside the container, the 3481 working directory for the command is 3482 root ('/') in the container's filesystem. 3483 The command is simply exec'd, it is 3484 not run inside a shell, so traditional 3485 shell instructions ('|', etc) won't 3486 work. To use a shell, you need to explicitly 3487 call out to that shell. Exit status 3488 of 0 is treated as live/healthy and 3489 non-zero is unhealthy. 3490 items: 3491 type: string 3492 type: array 3493 type: object 3494 failureThreshold: 3495 description: Minimum consecutive failures 3496 for the probe to be considered failed after 3497 having succeeded. Defaults to 3. Minimum 3498 value is 1. 3499 format: int32 3500 type: integer 3501 grpc: 3502 description: GRPC specifies an action involving 3503 a GRPC port. 3504 properties: 3505 port: 3506 description: Port number of the gRPC service. 3507 Number must be in the range 1 to 65535. 3508 format: int32 3509 type: integer 3510 service: 3511 description: "Service is the name of the 3512 service to place in the gRPC HealthCheckRequest 3513 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3514 \n If this is not specified, the default 3515 behavior is defined by gRPC." 3516 type: string 3517 required: 3518 - port 3519 type: object 3520 httpGet: 3521 description: HTTPGet specifies the http request 3522 to perform. 3523 properties: 3524 host: 3525 description: Host name to connect to, 3526 defaults to the pod IP. You probably 3527 want to set "Host" in httpHeaders instead. 3528 type: string 3529 httpHeaders: 3530 description: Custom headers to set in 3531 the request. HTTP allows repeated headers. 3532 items: 3533 description: HTTPHeader describes a 3534 custom header to be used in HTTP probes 3535 properties: 3536 name: 3537 description: The header field name. 3538 This will be canonicalized upon 3539 output, so case-variant names 3540 will be understood as the same 3541 header. 3542 type: string 3543 value: 3544 description: The header field value 3545 type: string 3546 required: 3547 - name 3548 - value 3549 type: object 3550 type: array 3551 path: 3552 description: Path to access on the HTTP 3553 server. 3554 type: string 3555 port: 3556 anyOf: 3557 - type: integer 3558 - type: string 3559 description: Name or number of the port 3560 to access on the container. Number must 3561 be in the range 1 to 65535. Name must 3562 be an IANA_SVC_NAME. 3563 x-kubernetes-int-or-string: true 3564 scheme: 3565 description: Scheme to use for connecting 3566 to the host. Defaults to HTTP. 3567 type: string 3568 required: 3569 - port 3570 type: object 3571 initialDelaySeconds: 3572 description: 'Number of seconds after the 3573 container has started before liveness probes 3574 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3575 format: int32 3576 type: integer 3577 periodSeconds: 3578 description: How often (in seconds) to perform 3579 the probe. Default to 10 seconds. Minimum 3580 value is 1. 3581 format: int32 3582 type: integer 3583 successThreshold: 3584 description: Minimum consecutive successes 3585 for the probe to be considered successful 3586 after having failed. Defaults to 1. Must 3587 be 1 for liveness and startup. Minimum value 3588 is 1. 3589 format: int32 3590 type: integer 3591 tcpSocket: 3592 description: TCPSocket specifies an action 3593 involving a TCP port. 3594 properties: 3595 host: 3596 description: 'Optional: Host name to connect 3597 to, defaults to the pod IP.' 3598 type: string 3599 port: 3600 anyOf: 3601 - type: integer 3602 - type: string 3603 description: Number or name of the port 3604 to access on the container. Number must 3605 be in the range 1 to 65535. Name must 3606 be an IANA_SVC_NAME. 3607 x-kubernetes-int-or-string: true 3608 required: 3609 - port 3610 type: object 3611 terminationGracePeriodSeconds: 3612 description: Optional duration in seconds 3613 the pod needs to terminate gracefully upon 3614 probe failure. The grace period is the duration 3615 in seconds after the processes running in 3616 the pod are sent a termination signal and 3617 the time when the processes are forcibly 3618 halted with a kill signal. Set this value 3619 longer than the expected cleanup time for 3620 your process. 3621 format: int64 3622 type: integer 3623 timeoutSeconds: 3624 description: 'Number of seconds after which 3625 the probe times out. Defaults to 1 second. 3626 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3627 format: int32 3628 type: integer 3629 type: object 3630 name: 3631 description: Name of the ephemeral container specified 3632 as a DNS_LABEL. This name must be unique among 3633 all containers, init containers and ephemeral 3634 containers. 3635 type: string 3636 ports: 3637 description: Ports are not allowed for ephemeral 3638 containers. 3639 items: 3640 description: ContainerPort represents a network 3641 port in a single container. 3642 properties: 3643 containerPort: 3644 description: Number of port to expose on 3645 the pod's IP address. This must be a valid 3646 port number, 0 < x < 65536. 3647 format: int32 3648 type: integer 3649 hostIP: 3650 description: What host IP to bind the external 3651 port to. 3652 type: string 3653 hostPort: 3654 description: Number of port to expose on 3655 the host. If specified, this must be a 3656 valid port number, 0 < x < 65536. If HostNetwork 3657 is specified, this must match ContainerPort. 3658 Most containers do not need this. 3659 format: int32 3660 type: integer 3661 name: 3662 description: If specified, this must be 3663 an IANA_SVC_NAME and unique within the 3664 pod. Each named port in a pod must have 3665 a unique name. Name for the port that 3666 can be referred to by services. 3667 type: string 3668 protocol: 3669 default: TCP 3670 description: Protocol for port. Must be 3671 UDP, TCP, or SCTP. Defaults to "TCP". 3672 type: string 3673 required: 3674 - containerPort 3675 type: object 3676 type: array 3677 x-kubernetes-list-map-keys: 3678 - containerPort 3679 - protocol 3680 x-kubernetes-list-type: map 3681 readinessProbe: 3682 description: Probes are not allowed for ephemeral 3683 containers. 3684 properties: 3685 exec: 3686 description: Exec specifies the action to 3687 take. 3688 properties: 3689 command: 3690 description: Command is the command line 3691 to execute inside the container, the 3692 working directory for the command is 3693 root ('/') in the container's filesystem. 3694 The command is simply exec'd, it is 3695 not run inside a shell, so traditional 3696 shell instructions ('|', etc) won't 3697 work. To use a shell, you need to explicitly 3698 call out to that shell. Exit status 3699 of 0 is treated as live/healthy and 3700 non-zero is unhealthy. 3701 items: 3702 type: string 3703 type: array 3704 type: object 3705 failureThreshold: 3706 description: Minimum consecutive failures 3707 for the probe to be considered failed after 3708 having succeeded. Defaults to 3. Minimum 3709 value is 1. 3710 format: int32 3711 type: integer 3712 grpc: 3713 description: GRPC specifies an action involving 3714 a GRPC port. 3715 properties: 3716 port: 3717 description: Port number of the gRPC service. 3718 Number must be in the range 1 to 65535. 3719 format: int32 3720 type: integer 3721 service: 3722 description: "Service is the name of the 3723 service to place in the gRPC HealthCheckRequest 3724 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3725 \n If this is not specified, the default 3726 behavior is defined by gRPC." 3727 type: string 3728 required: 3729 - port 3730 type: object 3731 httpGet: 3732 description: HTTPGet specifies the http request 3733 to perform. 3734 properties: 3735 host: 3736 description: Host name to connect to, 3737 defaults to the pod IP. You probably 3738 want to set "Host" in httpHeaders instead. 3739 type: string 3740 httpHeaders: 3741 description: Custom headers to set in 3742 the request. HTTP allows repeated headers. 3743 items: 3744 description: HTTPHeader describes a 3745 custom header to be used in HTTP probes 3746 properties: 3747 name: 3748 description: The header field name. 3749 This will be canonicalized upon 3750 output, so case-variant names 3751 will be understood as the same 3752 header. 3753 type: string 3754 value: 3755 description: The header field value 3756 type: string 3757 required: 3758 - name 3759 - value 3760 type: object 3761 type: array 3762 path: 3763 description: Path to access on the HTTP 3764 server. 3765 type: string 3766 port: 3767 anyOf: 3768 - type: integer 3769 - type: string 3770 description: Name or number of the port 3771 to access on the container. Number must 3772 be in the range 1 to 65535. Name must 3773 be an IANA_SVC_NAME. 3774 x-kubernetes-int-or-string: true 3775 scheme: 3776 description: Scheme to use for connecting 3777 to the host. Defaults to HTTP. 3778 type: string 3779 required: 3780 - port 3781 type: object 3782 initialDelaySeconds: 3783 description: 'Number of seconds after the 3784 container has started before liveness probes 3785 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3786 format: int32 3787 type: integer 3788 periodSeconds: 3789 description: How often (in seconds) to perform 3790 the probe. Default to 10 seconds. Minimum 3791 value is 1. 3792 format: int32 3793 type: integer 3794 successThreshold: 3795 description: Minimum consecutive successes 3796 for the probe to be considered successful 3797 after having failed. Defaults to 1. Must 3798 be 1 for liveness and startup. Minimum value 3799 is 1. 3800 format: int32 3801 type: integer 3802 tcpSocket: 3803 description: TCPSocket specifies an action 3804 involving a TCP port. 3805 properties: 3806 host: 3807 description: 'Optional: Host name to connect 3808 to, defaults to the pod IP.' 3809 type: string 3810 port: 3811 anyOf: 3812 - type: integer 3813 - type: string 3814 description: Number or name of the port 3815 to access on the container. Number must 3816 be in the range 1 to 65535. Name must 3817 be an IANA_SVC_NAME. 3818 x-kubernetes-int-or-string: true 3819 required: 3820 - port 3821 type: object 3822 terminationGracePeriodSeconds: 3823 description: Optional duration in seconds 3824 the pod needs to terminate gracefully upon 3825 probe failure. The grace period is the duration 3826 in seconds after the processes running in 3827 the pod are sent a termination signal and 3828 the time when the processes are forcibly 3829 halted with a kill signal. Set this value 3830 longer than the expected cleanup time for 3831 your process. 3832 format: int64 3833 type: integer 3834 timeoutSeconds: 3835 description: 'Number of seconds after which 3836 the probe times out. Defaults to 1 second. 3837 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3838 format: int32 3839 type: integer 3840 type: object 3841 resizePolicy: 3842 description: Resources resize policy for the container. 3843 items: 3844 description: ContainerResizePolicy represents 3845 resource resize policy for the container. 3846 properties: 3847 resourceName: 3848 description: 'Name of the resource to which 3849 this resource resize policy applies. Supported 3850 values: cpu, memory.' 3851 type: string 3852 restartPolicy: 3853 description: Restart policy to apply when 3854 specified resource is resized. If not 3855 specified, it defaults to NotRequired. 3856 type: string 3857 required: 3858 - resourceName 3859 - restartPolicy 3860 type: object 3861 type: array 3862 x-kubernetes-list-type: atomic 3863 resources: 3864 description: Resources are not allowed for ephemeral 3865 containers. Ephemeral containers use spare resources 3866 already allocated to the pod. 3867 properties: 3868 claims: 3869 description: "Claims lists the names of resources, 3870 defined in spec.resourceClaims, that are 3871 used by this container. \n This is an alpha 3872 field and requires enabling the DynamicResourceAllocation 3873 feature gate. \n This field is immutable. 3874 It can only be set for containers." 3875 items: 3876 description: ResourceClaim references one 3877 entry in PodSpec.ResourceClaims. 3878 properties: 3879 name: 3880 description: Name must match the name 3881 of one entry in pod.spec.resourceClaims 3882 of the Pod where this field is used. 3883 It makes that resource available inside 3884 a container. 3885 type: string 3886 required: 3887 - name 3888 type: object 3889 type: array 3890 x-kubernetes-list-map-keys: 3891 - name 3892 x-kubernetes-list-type: map 3893 limits: 3894 additionalProperties: 3895 anyOf: 3896 - type: integer 3897 - type: string 3898 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3899 x-kubernetes-int-or-string: true 3900 description: 'Limits describes the maximum 3901 amount of compute resources allowed. More 3902 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3903 type: object 3904 requests: 3905 additionalProperties: 3906 anyOf: 3907 - type: integer 3908 - type: string 3909 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3910 x-kubernetes-int-or-string: true 3911 description: 'Requests describes the minimum 3912 amount of compute resources required. If 3913 Requests is omitted for a container, it 3914 defaults to Limits if that is explicitly 3915 specified, otherwise to an implementation-defined 3916 value. Requests cannot exceed Limits. More 3917 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3918 type: object 3919 type: object 3920 securityContext: 3921 description: 'Optional: SecurityContext defines 3922 the security options the ephemeral container 3923 should be run with. If set, the fields of SecurityContext 3924 override the equivalent fields of PodSecurityContext.' 3925 properties: 3926 allowPrivilegeEscalation: 3927 description: 'AllowPrivilegeEscalation controls 3928 whether a process can gain more privileges 3929 than its parent process. This bool directly 3930 controls if the no_new_privs flag will be 3931 set on the container process. AllowPrivilegeEscalation 3932 is true always when the container is: 1) 3933 run as Privileged 2) has CAP_SYS_ADMIN Note 3934 that this field cannot be set when spec.os.name 3935 is windows.' 3936 type: boolean 3937 capabilities: 3938 description: The capabilities to add/drop 3939 when running containers. Defaults to the 3940 default set of capabilities granted by the 3941 container runtime. Note that this field 3942 cannot be set when spec.os.name is windows. 3943 properties: 3944 add: 3945 description: Added capabilities 3946 items: 3947 description: Capability represent POSIX 3948 capabilities type 3949 type: string 3950 type: array 3951 drop: 3952 description: Removed capabilities 3953 items: 3954 description: Capability represent POSIX 3955 capabilities type 3956 type: string 3957 type: array 3958 type: object 3959 privileged: 3960 description: Run container in privileged mode. 3961 Processes in privileged containers are essentially 3962 equivalent to root on the host. Defaults 3963 to false. Note that this field cannot be 3964 set when spec.os.name is windows. 3965 type: boolean 3966 procMount: 3967 description: procMount denotes the type of 3968 proc mount to use for the containers. The 3969 default is DefaultProcMount which uses the 3970 container runtime defaults for readonly 3971 paths and masked paths. This requires the 3972 ProcMountType feature flag to be enabled. 3973 Note that this field cannot be set when 3974 spec.os.name is windows. 3975 type: string 3976 readOnlyRootFilesystem: 3977 description: Whether this container has a 3978 read-only root filesystem. Default is false. 3979 Note that this field cannot be set when 3980 spec.os.name is windows. 3981 type: boolean 3982 runAsGroup: 3983 description: The GID to run the entrypoint 3984 of the container process. Uses runtime default 3985 if unset. May also be set in PodSecurityContext. If 3986 set in both SecurityContext and PodSecurityContext, 3987 the value specified in SecurityContext takes 3988 precedence. Note that this field cannot 3989 be set when spec.os.name is windows. 3990 format: int64 3991 type: integer 3992 runAsNonRoot: 3993 description: Indicates that the container 3994 must run as a non-root user. If true, the 3995 Kubelet will validate the image at runtime 3996 to ensure that it does not run as UID 0 3997 (root) and fail to start the container if 3998 it does. If unset or false, no such validation 3999 will be performed. May also be set in PodSecurityContext. 4000 type: boolean 4001 runAsUser: 4002 description: The UID to run the entrypoint 4003 of the container process. Defaults to user 4004 specified in image metadata if unspecified. 4005 May also be set in PodSecurityContext. If 4006 set in both SecurityContext and PodSecurityContext, 4007 the value specified in SecurityContext takes 4008 precedence. Note that this field cannot 4009 be set when spec.os.name is windows. 4010 format: int64 4011 type: integer 4012 seLinuxOptions: 4013 description: The SELinux context to be applied 4014 to the container. If unspecified, the container 4015 runtime will allocate a random SELinux context 4016 for each container. May also be set in 4017 PodSecurityContext. If set in both SecurityContext 4018 and PodSecurityContext, the value specified 4019 in SecurityContext takes precedence. Note 4020 that this field cannot be set when spec.os.name 4021 is windows. 4022 properties: 4023 level: 4024 description: Level is SELinux level label 4025 that applies to the container. 4026 type: string 4027 role: 4028 description: Role is a SELinux role label 4029 that applies to the container. 4030 type: string 4031 type: 4032 description: Type is a SELinux type label 4033 that applies to the container. 4034 type: string 4035 user: 4036 description: User is a SELinux user label 4037 that applies to the container. 4038 type: string 4039 type: object 4040 seccompProfile: 4041 description: The seccomp options to use by 4042 this container. If seccomp options are provided 4043 at both the pod & container level, the container 4044 options override the pod options. Note that 4045 this field cannot be set when spec.os.name 4046 is windows. 4047 properties: 4048 localhostProfile: 4049 description: localhostProfile indicates 4050 a profile defined in a file on the node 4051 should be used. The profile must be 4052 preconfigured on the node to work. Must 4053 be a descending path, relative to the 4054 kubelet's configured seccomp profile 4055 location. Must only be set if type is 4056 "Localhost". 4057 type: string 4058 type: 4059 description: "type indicates which kind 4060 of seccomp profile will be applied. 4061 Valid options are: \n Localhost - a 4062 profile defined in a file on the node 4063 should be used. RuntimeDefault - the 4064 container runtime default profile should 4065 be used. Unconfined - no profile should 4066 be applied." 4067 type: string 4068 required: 4069 - type 4070 type: object 4071 windowsOptions: 4072 description: The Windows specific settings 4073 applied to all containers. If unspecified, 4074 the options from the PodSecurityContext 4075 will be used. If set in both SecurityContext 4076 and PodSecurityContext, the value specified 4077 in SecurityContext takes precedence. Note 4078 that this field cannot be set when spec.os.name 4079 is linux. 4080 properties: 4081 gmsaCredentialSpec: 4082 description: GMSACredentialSpec is where 4083 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4084 inlines the contents of the GMSA credential 4085 spec named by the GMSACredentialSpecName 4086 field. 4087 type: string 4088 gmsaCredentialSpecName: 4089 description: GMSACredentialSpecName is 4090 the name of the GMSA credential spec 4091 to use. 4092 type: string 4093 hostProcess: 4094 description: HostProcess determines if 4095 a container should be run as a 'Host 4096 Process' container. This field is alpha-level 4097 and will only be honored by components 4098 that enable the WindowsHostProcessContainers 4099 feature flag. Setting this field without 4100 the feature flag will result in errors 4101 when validating the Pod. 4102 type: boolean 4103 runAsUserName: 4104 description: The UserName in Windows to 4105 run the entrypoint of the container 4106 process. Defaults to the user specified 4107 in image metadata if unspecified. May 4108 also be set in PodSecurityContext. If 4109 set in both SecurityContext and PodSecurityContext, 4110 the value specified in SecurityContext 4111 takes precedence. 4112 type: string 4113 type: object 4114 type: object 4115 startupProbe: 4116 description: Probes are not allowed for ephemeral 4117 containers. 4118 properties: 4119 exec: 4120 description: Exec specifies the action to 4121 take. 4122 properties: 4123 command: 4124 description: Command is the command line 4125 to execute inside the container, the 4126 working directory for the command is 4127 root ('/') in the container's filesystem. 4128 The command is simply exec'd, it is 4129 not run inside a shell, so traditional 4130 shell instructions ('|', etc) won't 4131 work. To use a shell, you need to explicitly 4132 call out to that shell. Exit status 4133 of 0 is treated as live/healthy and 4134 non-zero is unhealthy. 4135 items: 4136 type: string 4137 type: array 4138 type: object 4139 failureThreshold: 4140 description: Minimum consecutive failures 4141 for the probe to be considered failed after 4142 having succeeded. Defaults to 3. Minimum 4143 value is 1. 4144 format: int32 4145 type: integer 4146 grpc: 4147 description: GRPC specifies an action involving 4148 a GRPC port. 4149 properties: 4150 port: 4151 description: Port number of the gRPC service. 4152 Number must be in the range 1 to 65535. 4153 format: int32 4154 type: integer 4155 service: 4156 description: "Service is the name of the 4157 service to place in the gRPC HealthCheckRequest 4158 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4159 \n If this is not specified, the default 4160 behavior is defined by gRPC." 4161 type: string 4162 required: 4163 - port 4164 type: object 4165 httpGet: 4166 description: HTTPGet specifies the http request 4167 to perform. 4168 properties: 4169 host: 4170 description: Host name to connect to, 4171 defaults to the pod IP. You probably 4172 want to set "Host" in httpHeaders instead. 4173 type: string 4174 httpHeaders: 4175 description: Custom headers to set in 4176 the request. HTTP allows repeated headers. 4177 items: 4178 description: HTTPHeader describes a 4179 custom header to be used in HTTP probes 4180 properties: 4181 name: 4182 description: The header field name. 4183 This will be canonicalized upon 4184 output, so case-variant names 4185 will be understood as the same 4186 header. 4187 type: string 4188 value: 4189 description: The header field value 4190 type: string 4191 required: 4192 - name 4193 - value 4194 type: object 4195 type: array 4196 path: 4197 description: Path to access on the HTTP 4198 server. 4199 type: string 4200 port: 4201 anyOf: 4202 - type: integer 4203 - type: string 4204 description: Name or number of the port 4205 to access on the container. Number must 4206 be in the range 1 to 65535. Name must 4207 be an IANA_SVC_NAME. 4208 x-kubernetes-int-or-string: true 4209 scheme: 4210 description: Scheme to use for connecting 4211 to the host. Defaults to HTTP. 4212 type: string 4213 required: 4214 - port 4215 type: object 4216 initialDelaySeconds: 4217 description: 'Number of seconds after the 4218 container has started before liveness probes 4219 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4220 format: int32 4221 type: integer 4222 periodSeconds: 4223 description: How often (in seconds) to perform 4224 the probe. Default to 10 seconds. Minimum 4225 value is 1. 4226 format: int32 4227 type: integer 4228 successThreshold: 4229 description: Minimum consecutive successes 4230 for the probe to be considered successful 4231 after having failed. Defaults to 1. Must 4232 be 1 for liveness and startup. Minimum value 4233 is 1. 4234 format: int32 4235 type: integer 4236 tcpSocket: 4237 description: TCPSocket specifies an action 4238 involving a TCP port. 4239 properties: 4240 host: 4241 description: 'Optional: Host name to connect 4242 to, defaults to the pod IP.' 4243 type: string 4244 port: 4245 anyOf: 4246 - type: integer 4247 - type: string 4248 description: Number or name of the port 4249 to access on the container. Number must 4250 be in the range 1 to 65535. Name must 4251 be an IANA_SVC_NAME. 4252 x-kubernetes-int-or-string: true 4253 required: 4254 - port 4255 type: object 4256 terminationGracePeriodSeconds: 4257 description: Optional duration in seconds 4258 the pod needs to terminate gracefully upon 4259 probe failure. The grace period is the duration 4260 in seconds after the processes running in 4261 the pod are sent a termination signal and 4262 the time when the processes are forcibly 4263 halted with a kill signal. Set this value 4264 longer than the expected cleanup time for 4265 your process. 4266 format: int64 4267 type: integer 4268 timeoutSeconds: 4269 description: 'Number of seconds after which 4270 the probe times out. Defaults to 1 second. 4271 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4272 format: int32 4273 type: integer 4274 type: object 4275 stdin: 4276 description: Whether this container should allocate 4277 a buffer for stdin in the container runtime. 4278 If this is not set, reads from stdin in the 4279 container will always result in EOF. Default 4280 is false. 4281 type: boolean 4282 stdinOnce: 4283 description: Whether the container runtime should 4284 close the stdin channel after it has been opened 4285 by a single attach. When stdin is true the stdin 4286 stream will remain open across multiple attach 4287 sessions. 4288 type: boolean 4289 targetContainerName: 4290 description: "If set, the name of the container 4291 from PodSpec that this ephemeral container targets. 4292 The ephemeral container will be run in the namespaces 4293 (IPC, PID, etc) of this container. If not set 4294 then the ephemeral container uses the namespaces 4295 configured in the Pod spec. \n The container 4296 runtime must implement support for this feature." 4297 type: string 4298 terminationMessagePath: 4299 description: 'Optional: Path at which the file 4300 to which the container''s termination message 4301 will be written is mounted into the container''s 4302 filesystem. Message written is intended to be 4303 brief final status, such as an assertion failure 4304 message. Will be truncated by the node if greater 4305 than 4096 bytes. The total message length across 4306 all containers will be limited to 12kb. Defaults 4307 to /dev/termination-log.' 4308 type: string 4309 terminationMessagePolicy: 4310 description: Indicate how the termination message 4311 should be populated. File will use the contents 4312 of terminationMessagePath to populate the container 4313 status message on both success and failure. 4314 FallbackToLogsOnError will use the last chunk 4315 of container log output if the termination message 4316 file is empty and the container exited with 4317 an error. 4318 type: string 4319 tty: 4320 description: Whether this container should allocate 4321 a TTY for itself, also requires 'stdin' to be 4322 true. Default is false. 4323 type: boolean 4324 volumeDevices: 4325 description: volumeDevices is the list of block 4326 devices to be used by the container. 4327 items: 4328 description: volumeDevice describes a mapping 4329 of a raw block device within a container. 4330 properties: 4331 devicePath: 4332 description: devicePath is the path inside 4333 of the container that the device will 4334 be mapped to. 4335 type: string 4336 name: 4337 description: name must match the name of 4338 a persistentVolumeClaim in the pod 4339 type: string 4340 required: 4341 - devicePath 4342 - name 4343 type: object 4344 type: array 4345 volumeMounts: 4346 description: Pod volumes to mount into the container's 4347 filesystem. Subpath mounts are not allowed for 4348 ephemeral containers. Cannot be updated. 4349 items: 4350 description: VolumeMount describes a mounting 4351 of a Volume within a container. 4352 properties: 4353 mountPath: 4354 description: Path within the container at 4355 which the volume should be mounted. Must 4356 not contain ':'. 4357 type: string 4358 mountPropagation: 4359 description: mountPropagation determines 4360 how mounts are propagated from the host 4361 to container and the other way around. 4362 When not set, MountPropagationNone is 4363 used. This field is beta in 1.10. 4364 type: string 4365 name: 4366 description: This must match the Name of 4367 a Volume. 4368 type: string 4369 readOnly: 4370 description: Mounted read-only if true, 4371 read-write otherwise (false or unspecified). 4372 Defaults to false. 4373 type: boolean 4374 subPath: 4375 description: Path within the volume from 4376 which the container's volume should be 4377 mounted. Defaults to "" (volume's root). 4378 type: string 4379 subPathExpr: 4380 description: Expanded path within the volume 4381 from which the container's volume should 4382 be mounted. Behaves similarly to SubPath 4383 but environment variable references $(VAR_NAME) 4384 are expanded using the container's environment. 4385 Defaults to "" (volume's root). SubPathExpr 4386 and SubPath are mutually exclusive. 4387 type: string 4388 required: 4389 - mountPath 4390 - name 4391 type: object 4392 type: array 4393 workingDir: 4394 description: Container's working directory. If 4395 not specified, the container runtime's default 4396 will be used, which might be configured in the 4397 container image. Cannot be updated. 4398 type: string 4399 required: 4400 - name 4401 type: object 4402 type: array 4403 hostAliases: 4404 description: HostAliases is an optional list of hosts 4405 and IPs that will be injected into the pod's hosts 4406 file if specified. This is only valid for non-hostNetwork 4407 pods. 4408 items: 4409 description: HostAlias holds the mapping between IP 4410 and hostnames that will be injected as an entry 4411 in the pod's hosts file. 4412 properties: 4413 hostnames: 4414 description: Hostnames for the above IP address. 4415 items: 4416 type: string 4417 type: array 4418 ip: 4419 description: IP address of the host file entry. 4420 type: string 4421 type: object 4422 type: array 4423 hostIPC: 4424 description: 'Use the host''s ipc namespace. Optional: 4425 Default to false.' 4426 type: boolean 4427 hostNetwork: 4428 description: Host networking requested for this pod. 4429 Use the host's network namespace. If this option is 4430 set, the ports that will be used must be specified. 4431 Default to false. 4432 type: boolean 4433 hostPID: 4434 description: 'Use the host''s pid namespace. Optional: 4435 Default to false.' 4436 type: boolean 4437 hostUsers: 4438 description: 'Use the host''s user namespace. Optional: 4439 Default to true. If set to true or not present, the 4440 pod will be run in the host user namespace, useful 4441 for when the pod needs a feature only available to 4442 the host user namespace, such as loading a kernel 4443 module with CAP_SYS_MODULE. When set to false, a new 4444 userns is created for the pod.' 4445 type: boolean 4446 hostname: 4447 description: Specifies the hostname of the Pod If not 4448 specified, the pod's hostname will be set to a system-defined 4449 value. 4450 type: string 4451 imagePullSecrets: 4452 description: 'ImagePullSecrets is an optional list of 4453 references to secrets in the same namespace to use 4454 for pulling any of the images used by this PodSpec. 4455 If specified, these secrets will be passed to individual 4456 puller implementations for them to use. More info: 4457 https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 4458 items: 4459 description: LocalObjectReference contains enough 4460 information to let you locate the referenced object 4461 inside the same namespace. 4462 properties: 4463 name: 4464 description: 'Name of the referent. More info: 4465 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4466 TODO: Add other useful fields. apiVersion, kind, 4467 uid?' 4468 type: string 4469 type: object 4470 x-kubernetes-map-type: atomic 4471 type: array 4472 initContainers: 4473 description: List of initialization containers belonging 4474 to the pod. Init containers are executed in order 4475 prior to containers being started. If any init container 4476 fails, the pod is considered to have failed and is 4477 handled according to its restartPolicy. The name for 4478 an init container or normal container must be unique 4479 among all containers. 4480 items: 4481 description: A single application container that you 4482 want to run within a pod. 4483 properties: 4484 args: 4485 description: 'Arguments to the entrypoint. The 4486 container image''s CMD is used if this is not 4487 provided. Variable references $(VAR_NAME) are 4488 expanded using the container''s environment. 4489 If a variable cannot be resolved, the reference 4490 in the input string will be unchanged. Double 4491 $$ are reduced to a single $, which allows for 4492 escaping the $(VAR_NAME) syntax: i.e.' 4493 items: 4494 type: string 4495 type: array 4496 command: 4497 description: 'Entrypoint array. Not executed within 4498 a shell. The container image''s ENTRYPOINT is 4499 used if this is not provided. Variable references 4500 $(VAR_NAME) are expanded using the container''s 4501 environment. If a variable cannot be resolved, 4502 the reference in the input string will be unchanged. 4503 Double $$ are reduced to a single $, which allows 4504 for escaping the $(VAR_NAME) syntax: i.e.' 4505 items: 4506 type: string 4507 type: array 4508 env: 4509 description: List of environment variables to 4510 set in the container. Cannot be updated. 4511 items: 4512 description: EnvVar represents an environment 4513 variable present in a Container. 4514 properties: 4515 name: 4516 description: Name of the environment variable. 4517 Must be a C_IDENTIFIER. 4518 type: string 4519 value: 4520 description: 'Variable references $(VAR_NAME) 4521 are expanded using the previously defined 4522 environment variables in the container 4523 and any service environment variables. 4524 If a variable cannot be resolved, the 4525 reference in the input string will be 4526 unchanged. Double $$ are reduced to a 4527 single $, which allows for escaping the 4528 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4529 will produce the string literal "$(VAR_NAME)".' 4530 type: string 4531 valueFrom: 4532 description: Source for the environment 4533 variable's value. Cannot be used if value 4534 is not empty. 4535 properties: 4536 configMapKeyRef: 4537 description: Selects a key of a ConfigMap. 4538 properties: 4539 key: 4540 description: The key to select. 4541 type: string 4542 name: 4543 description: 'Name of the referent. 4544 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4545 TODO: Add other useful fields. 4546 apiVersion, kind, uid?' 4547 type: string 4548 optional: 4549 description: Specify whether the 4550 ConfigMap or its key must be defined 4551 type: boolean 4552 required: 4553 - key 4554 type: object 4555 x-kubernetes-map-type: atomic 4556 fieldRef: 4557 description: 'Selects a field of the 4558 pod: supports metadata.name, metadata.namespace, 4559 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4560 spec.nodeName, spec.serviceAccountName, 4561 status.hostIP, status.podIP, status.podIPs.' 4562 properties: 4563 apiVersion: 4564 description: Version of the schema 4565 the FieldPath is written in terms 4566 of, defaults to "v1". 4567 type: string 4568 fieldPath: 4569 description: Path of the field to 4570 select in the specified API version. 4571 type: string 4572 required: 4573 - fieldPath 4574 type: object 4575 x-kubernetes-map-type: atomic 4576 resourceFieldRef: 4577 description: 'Selects a resource of 4578 the container: only resources limits 4579 and requests (limits.cpu, limits.memory, 4580 limits.ephemeral-storage, requests.cpu, 4581 requests.memory and requests.ephemeral-storage) 4582 are currently supported.' 4583 properties: 4584 containerName: 4585 description: 'Container name: required 4586 for volumes, optional for env 4587 vars' 4588 type: string 4589 divisor: 4590 anyOf: 4591 - type: integer 4592 - type: string 4593 description: Specifies the output 4594 format of the exposed resources, 4595 defaults to "1" 4596 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4597 x-kubernetes-int-or-string: true 4598 resource: 4599 description: 'Required: resource 4600 to select' 4601 type: string 4602 required: 4603 - resource 4604 type: object 4605 x-kubernetes-map-type: atomic 4606 secretKeyRef: 4607 description: Selects a key of a secret 4608 in the pod's namespace 4609 properties: 4610 key: 4611 description: The key of the secret 4612 to select from. Must be a valid 4613 secret key. 4614 type: string 4615 name: 4616 description: 'Name of the referent. 4617 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4618 TODO: Add other useful fields. 4619 apiVersion, kind, uid?' 4620 type: string 4621 optional: 4622 description: Specify whether the 4623 Secret or its key must be defined 4624 type: boolean 4625 required: 4626 - key 4627 type: object 4628 x-kubernetes-map-type: atomic 4629 type: object 4630 required: 4631 - name 4632 type: object 4633 type: array 4634 envFrom: 4635 description: List of sources to populate environment 4636 variables in the container. The keys defined 4637 within a source must be a C_IDENTIFIER. All 4638 invalid keys will be reported as an event when 4639 the container is starting. When a key exists 4640 in multiple sources, the value associated with 4641 the last source will take precedence. Values 4642 defined by an Env with a duplicate key will 4643 take precedence. Cannot be updated. 4644 items: 4645 description: EnvFromSource represents the source 4646 of a set of ConfigMaps 4647 properties: 4648 configMapRef: 4649 description: The ConfigMap to select from 4650 properties: 4651 name: 4652 description: 'Name of the referent. 4653 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4654 TODO: Add other useful fields. apiVersion, 4655 kind, uid?' 4656 type: string 4657 optional: 4658 description: Specify whether the ConfigMap 4659 must be defined 4660 type: boolean 4661 type: object 4662 x-kubernetes-map-type: atomic 4663 prefix: 4664 description: An optional identifier to prepend 4665 to each key in the ConfigMap. Must be 4666 a C_IDENTIFIER. 4667 type: string 4668 secretRef: 4669 description: The Secret to select from 4670 properties: 4671 name: 4672 description: 'Name of the referent. 4673 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4674 TODO: Add other useful fields. apiVersion, 4675 kind, uid?' 4676 type: string 4677 optional: 4678 description: Specify whether the Secret 4679 must be defined 4680 type: boolean 4681 type: object 4682 x-kubernetes-map-type: atomic 4683 type: object 4684 type: array 4685 image: 4686 description: 'Container image name. More info: 4687 https://kubernetes.io/docs/concepts/containers/images 4688 This field is optional to allow higher level 4689 config management to default or override container 4690 images in workload controllers like Deployments 4691 and StatefulSets.' 4692 type: string 4693 imagePullPolicy: 4694 description: 'Image pull policy. One of Always, 4695 Never, IfNotPresent. Defaults to Always if :latest 4696 tag is specified, or IfNotPresent otherwise. 4697 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4698 type: string 4699 lifecycle: 4700 description: Actions that the management system 4701 should take in response to container lifecycle 4702 events. Cannot be updated. 4703 properties: 4704 postStart: 4705 description: 'PostStart is called immediately 4706 after a container is created. If the handler 4707 fails, the container is terminated and restarted 4708 according to its restart policy. Other management 4709 of the container blocks until the hook completes. 4710 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4711 properties: 4712 exec: 4713 description: Exec specifies the action 4714 to take. 4715 properties: 4716 command: 4717 description: Command is the command 4718 line to execute inside the container, 4719 the working directory for the command is 4720 root ('/') in the container's filesystem. 4721 The command is simply exec'd, it 4722 is not run inside a shell, so traditional 4723 shell instructions ('|', etc) won't 4724 work. To use a shell, you need to 4725 explicitly call out to that shell. 4726 Exit status of 0 is treated as live/healthy 4727 and non-zero is unhealthy. 4728 items: 4729 type: string 4730 type: array 4731 type: object 4732 httpGet: 4733 description: HTTPGet specifies the http 4734 request to perform. 4735 properties: 4736 host: 4737 description: Host name to connect 4738 to, defaults to the pod IP. You 4739 probably want to set "Host" in httpHeaders 4740 instead. 4741 type: string 4742 httpHeaders: 4743 description: Custom headers to set 4744 in the request. HTTP allows repeated 4745 headers. 4746 items: 4747 description: HTTPHeader describes 4748 a custom header to be used in 4749 HTTP probes 4750 properties: 4751 name: 4752 description: The header field 4753 name. This will be canonicalized 4754 upon output, so case-variant 4755 names will be understood as 4756 the same header. 4757 type: string 4758 value: 4759 description: The header field 4760 value 4761 type: string 4762 required: 4763 - name 4764 - value 4765 type: object 4766 type: array 4767 path: 4768 description: Path to access on the 4769 HTTP server. 4770 type: string 4771 port: 4772 anyOf: 4773 - type: integer 4774 - type: string 4775 description: Name or number of the 4776 port to access on the container. 4777 Number must be in the range 1 to 4778 65535. Name must be an IANA_SVC_NAME. 4779 x-kubernetes-int-or-string: true 4780 scheme: 4781 description: Scheme to use for connecting 4782 to the host. Defaults to HTTP. 4783 type: string 4784 required: 4785 - port 4786 type: object 4787 tcpSocket: 4788 description: Deprecated. TCPSocket is 4789 NOT supported as a LifecycleHandler 4790 and kept for the backward compatibility. 4791 There are no validation of this field 4792 and lifecycle hooks will fail in runtime 4793 when tcp handler is specified. 4794 properties: 4795 host: 4796 description: 'Optional: Host name 4797 to connect to, defaults to the pod 4798 IP.' 4799 type: string 4800 port: 4801 anyOf: 4802 - type: integer 4803 - type: string 4804 description: Number or name of the 4805 port to access on the container. 4806 Number must be in the range 1 to 4807 65535. Name must be an IANA_SVC_NAME. 4808 x-kubernetes-int-or-string: true 4809 required: 4810 - port 4811 type: object 4812 type: object 4813 preStop: 4814 description: PreStop is called immediately 4815 before a container is terminated due to 4816 an API request or management event such 4817 as liveness/startup probe failure, preemption, 4818 resource contention, etc. The handler is 4819 not called if the container crashes or exits. 4820 The Pod's termination grace period countdown 4821 begins before the PreStop hook is executed. 4822 properties: 4823 exec: 4824 description: Exec specifies the action 4825 to take. 4826 properties: 4827 command: 4828 description: Command is the command 4829 line to execute inside the container, 4830 the working directory for the command is 4831 root ('/') in the container's filesystem. 4832 The command is simply exec'd, it 4833 is not run inside a shell, so traditional 4834 shell instructions ('|', etc) won't 4835 work. To use a shell, you need to 4836 explicitly call out to that shell. 4837 Exit status of 0 is treated as live/healthy 4838 and non-zero is unhealthy. 4839 items: 4840 type: string 4841 type: array 4842 type: object 4843 httpGet: 4844 description: HTTPGet specifies the http 4845 request to perform. 4846 properties: 4847 host: 4848 description: Host name to connect 4849 to, defaults to the pod IP. You 4850 probably want to set "Host" in httpHeaders 4851 instead. 4852 type: string 4853 httpHeaders: 4854 description: Custom headers to set 4855 in the request. HTTP allows repeated 4856 headers. 4857 items: 4858 description: HTTPHeader describes 4859 a custom header to be used in 4860 HTTP probes 4861 properties: 4862 name: 4863 description: The header field 4864 name. This will be canonicalized 4865 upon output, so case-variant 4866 names will be understood as 4867 the same header. 4868 type: string 4869 value: 4870 description: The header field 4871 value 4872 type: string 4873 required: 4874 - name 4875 - value 4876 type: object 4877 type: array 4878 path: 4879 description: Path to access on the 4880 HTTP server. 4881 type: string 4882 port: 4883 anyOf: 4884 - type: integer 4885 - type: string 4886 description: Name or number of the 4887 port to access on the container. 4888 Number must be in the range 1 to 4889 65535. Name must be an IANA_SVC_NAME. 4890 x-kubernetes-int-or-string: true 4891 scheme: 4892 description: Scheme to use for connecting 4893 to the host. Defaults to HTTP. 4894 type: string 4895 required: 4896 - port 4897 type: object 4898 tcpSocket: 4899 description: Deprecated. TCPSocket is 4900 NOT supported as a LifecycleHandler 4901 and kept for the backward compatibility. 4902 There are no validation of this field 4903 and lifecycle hooks will fail in runtime 4904 when tcp handler is specified. 4905 properties: 4906 host: 4907 description: 'Optional: Host name 4908 to connect to, defaults to the pod 4909 IP.' 4910 type: string 4911 port: 4912 anyOf: 4913 - type: integer 4914 - type: string 4915 description: Number or name of the 4916 port to access on the container. 4917 Number must be in the range 1 to 4918 65535. Name must be an IANA_SVC_NAME. 4919 x-kubernetes-int-or-string: true 4920 required: 4921 - port 4922 type: object 4923 type: object 4924 type: object 4925 livenessProbe: 4926 description: 'Periodic probe of container liveness. 4927 Container will be restarted if the probe fails. 4928 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4929 properties: 4930 exec: 4931 description: Exec specifies the action to 4932 take. 4933 properties: 4934 command: 4935 description: Command is the command line 4936 to execute inside the container, the 4937 working directory for the command is 4938 root ('/') in the container's filesystem. 4939 The command is simply exec'd, it is 4940 not run inside a shell, so traditional 4941 shell instructions ('|', etc) won't 4942 work. To use a shell, you need to explicitly 4943 call out to that shell. Exit status 4944 of 0 is treated as live/healthy and 4945 non-zero is unhealthy. 4946 items: 4947 type: string 4948 type: array 4949 type: object 4950 failureThreshold: 4951 description: Minimum consecutive failures 4952 for the probe to be considered failed after 4953 having succeeded. Defaults to 3. Minimum 4954 value is 1. 4955 format: int32 4956 type: integer 4957 grpc: 4958 description: GRPC specifies an action involving 4959 a GRPC port. 4960 properties: 4961 port: 4962 description: Port number of the gRPC service. 4963 Number must be in the range 1 to 65535. 4964 format: int32 4965 type: integer 4966 service: 4967 description: "Service is the name of the 4968 service to place in the gRPC HealthCheckRequest 4969 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4970 \n If this is not specified, the default 4971 behavior is defined by gRPC." 4972 type: string 4973 required: 4974 - port 4975 type: object 4976 httpGet: 4977 description: HTTPGet specifies the http request 4978 to perform. 4979 properties: 4980 host: 4981 description: Host name to connect to, 4982 defaults to the pod IP. You probably 4983 want to set "Host" in httpHeaders instead. 4984 type: string 4985 httpHeaders: 4986 description: Custom headers to set in 4987 the request. HTTP allows repeated headers. 4988 items: 4989 description: HTTPHeader describes a 4990 custom header to be used in HTTP probes 4991 properties: 4992 name: 4993 description: The header field name. 4994 This will be canonicalized upon 4995 output, so case-variant names 4996 will be understood as the same 4997 header. 4998 type: string 4999 value: 5000 description: The header field value 5001 type: string 5002 required: 5003 - name 5004 - value 5005 type: object 5006 type: array 5007 path: 5008 description: Path to access on the HTTP 5009 server. 5010 type: string 5011 port: 5012 anyOf: 5013 - type: integer 5014 - type: string 5015 description: Name or number of the port 5016 to access on the container. Number must 5017 be in the range 1 to 65535. Name must 5018 be an IANA_SVC_NAME. 5019 x-kubernetes-int-or-string: true 5020 scheme: 5021 description: Scheme to use for connecting 5022 to the host. Defaults to HTTP. 5023 type: string 5024 required: 5025 - port 5026 type: object 5027 initialDelaySeconds: 5028 description: 'Number of seconds after the 5029 container has started before liveness probes 5030 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5031 format: int32 5032 type: integer 5033 periodSeconds: 5034 description: How often (in seconds) to perform 5035 the probe. Default to 10 seconds. Minimum 5036 value is 1. 5037 format: int32 5038 type: integer 5039 successThreshold: 5040 description: Minimum consecutive successes 5041 for the probe to be considered successful 5042 after having failed. Defaults to 1. Must 5043 be 1 for liveness and startup. Minimum value 5044 is 1. 5045 format: int32 5046 type: integer 5047 tcpSocket: 5048 description: TCPSocket specifies an action 5049 involving a TCP port. 5050 properties: 5051 host: 5052 description: 'Optional: Host name to connect 5053 to, defaults to the pod IP.' 5054 type: string 5055 port: 5056 anyOf: 5057 - type: integer 5058 - type: string 5059 description: Number or name of the port 5060 to access on the container. Number must 5061 be in the range 1 to 65535. Name must 5062 be an IANA_SVC_NAME. 5063 x-kubernetes-int-or-string: true 5064 required: 5065 - port 5066 type: object 5067 terminationGracePeriodSeconds: 5068 description: Optional duration in seconds 5069 the pod needs to terminate gracefully upon 5070 probe failure. The grace period is the duration 5071 in seconds after the processes running in 5072 the pod are sent a termination signal and 5073 the time when the processes are forcibly 5074 halted with a kill signal. Set this value 5075 longer than the expected cleanup time for 5076 your process. 5077 format: int64 5078 type: integer 5079 timeoutSeconds: 5080 description: 'Number of seconds after which 5081 the probe times out. Defaults to 1 second. 5082 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5083 format: int32 5084 type: integer 5085 type: object 5086 name: 5087 description: Name of the container specified as 5088 a DNS_LABEL. Each container in a pod must have 5089 a unique name (DNS_LABEL). Cannot be updated. 5090 type: string 5091 ports: 5092 description: List of ports to expose from the 5093 container. Not specifying a port here DOES NOT 5094 prevent that port from being exposed. Any port 5095 which is listening on the default "0.0.0.0" 5096 address inside a container will be accessible 5097 from the network. Modifying this array with 5098 strategic merge patch may corrupt the data. 5099 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 5100 items: 5101 description: ContainerPort represents a network 5102 port in a single container. 5103 properties: 5104 containerPort: 5105 description: Number of port to expose on 5106 the pod's IP address. This must be a valid 5107 port number, 0 < x < 65536. 5108 format: int32 5109 type: integer 5110 hostIP: 5111 description: What host IP to bind the external 5112 port to. 5113 type: string 5114 hostPort: 5115 description: Number of port to expose on 5116 the host. If specified, this must be a 5117 valid port number, 0 < x < 65536. If HostNetwork 5118 is specified, this must match ContainerPort. 5119 Most containers do not need this. 5120 format: int32 5121 type: integer 5122 name: 5123 description: If specified, this must be 5124 an IANA_SVC_NAME and unique within the 5125 pod. Each named port in a pod must have 5126 a unique name. Name for the port that 5127 can be referred to by services. 5128 type: string 5129 protocol: 5130 default: TCP 5131 description: Protocol for port. Must be 5132 UDP, TCP, or SCTP. Defaults to "TCP". 5133 type: string 5134 required: 5135 - containerPort 5136 type: object 5137 type: array 5138 x-kubernetes-list-map-keys: 5139 - containerPort 5140 - protocol 5141 x-kubernetes-list-type: map 5142 readinessProbe: 5143 description: 'Periodic probe of container service 5144 readiness. Container will be removed from service 5145 endpoints if the probe fails. Cannot be updated. 5146 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5147 properties: 5148 exec: 5149 description: Exec specifies the action to 5150 take. 5151 properties: 5152 command: 5153 description: Command is the command line 5154 to execute inside the container, the 5155 working directory for the command is 5156 root ('/') in the container's filesystem. 5157 The command is simply exec'd, it is 5158 not run inside a shell, so traditional 5159 shell instructions ('|', etc) won't 5160 work. To use a shell, you need to explicitly 5161 call out to that shell. Exit status 5162 of 0 is treated as live/healthy and 5163 non-zero is unhealthy. 5164 items: 5165 type: string 5166 type: array 5167 type: object 5168 failureThreshold: 5169 description: Minimum consecutive failures 5170 for the probe to be considered failed after 5171 having succeeded. Defaults to 3. Minimum 5172 value is 1. 5173 format: int32 5174 type: integer 5175 grpc: 5176 description: GRPC specifies an action involving 5177 a GRPC port. 5178 properties: 5179 port: 5180 description: Port number of the gRPC service. 5181 Number must be in the range 1 to 65535. 5182 format: int32 5183 type: integer 5184 service: 5185 description: "Service is the name of the 5186 service to place in the gRPC HealthCheckRequest 5187 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5188 \n If this is not specified, the default 5189 behavior is defined by gRPC." 5190 type: string 5191 required: 5192 - port 5193 type: object 5194 httpGet: 5195 description: HTTPGet specifies the http request 5196 to perform. 5197 properties: 5198 host: 5199 description: Host name to connect to, 5200 defaults to the pod IP. You probably 5201 want to set "Host" in httpHeaders instead. 5202 type: string 5203 httpHeaders: 5204 description: Custom headers to set in 5205 the request. HTTP allows repeated headers. 5206 items: 5207 description: HTTPHeader describes a 5208 custom header to be used in HTTP probes 5209 properties: 5210 name: 5211 description: The header field name. 5212 This will be canonicalized upon 5213 output, so case-variant names 5214 will be understood as the same 5215 header. 5216 type: string 5217 value: 5218 description: The header field value 5219 type: string 5220 required: 5221 - name 5222 - value 5223 type: object 5224 type: array 5225 path: 5226 description: Path to access on the HTTP 5227 server. 5228 type: string 5229 port: 5230 anyOf: 5231 - type: integer 5232 - type: string 5233 description: Name or number of the port 5234 to access on the container. Number must 5235 be in the range 1 to 65535. Name must 5236 be an IANA_SVC_NAME. 5237 x-kubernetes-int-or-string: true 5238 scheme: 5239 description: Scheme to use for connecting 5240 to the host. Defaults to HTTP. 5241 type: string 5242 required: 5243 - port 5244 type: object 5245 initialDelaySeconds: 5246 description: 'Number of seconds after the 5247 container has started before liveness probes 5248 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5249 format: int32 5250 type: integer 5251 periodSeconds: 5252 description: How often (in seconds) to perform 5253 the probe. Default to 10 seconds. Minimum 5254 value is 1. 5255 format: int32 5256 type: integer 5257 successThreshold: 5258 description: Minimum consecutive successes 5259 for the probe to be considered successful 5260 after having failed. Defaults to 1. Must 5261 be 1 for liveness and startup. Minimum value 5262 is 1. 5263 format: int32 5264 type: integer 5265 tcpSocket: 5266 description: TCPSocket specifies an action 5267 involving a TCP port. 5268 properties: 5269 host: 5270 description: 'Optional: Host name to connect 5271 to, defaults to the pod IP.' 5272 type: string 5273 port: 5274 anyOf: 5275 - type: integer 5276 - type: string 5277 description: Number or name of the port 5278 to access on the container. Number must 5279 be in the range 1 to 65535. Name must 5280 be an IANA_SVC_NAME. 5281 x-kubernetes-int-or-string: true 5282 required: 5283 - port 5284 type: object 5285 terminationGracePeriodSeconds: 5286 description: Optional duration in seconds 5287 the pod needs to terminate gracefully upon 5288 probe failure. The grace period is the duration 5289 in seconds after the processes running in 5290 the pod are sent a termination signal and 5291 the time when the processes are forcibly 5292 halted with a kill signal. Set this value 5293 longer than the expected cleanup time for 5294 your process. 5295 format: int64 5296 type: integer 5297 timeoutSeconds: 5298 description: 'Number of seconds after which 5299 the probe times out. Defaults to 1 second. 5300 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5301 format: int32 5302 type: integer 5303 type: object 5304 resizePolicy: 5305 description: Resources resize policy for the container. 5306 items: 5307 description: ContainerResizePolicy represents 5308 resource resize policy for the container. 5309 properties: 5310 resourceName: 5311 description: 'Name of the resource to which 5312 this resource resize policy applies. Supported 5313 values: cpu, memory.' 5314 type: string 5315 restartPolicy: 5316 description: Restart policy to apply when 5317 specified resource is resized. If not 5318 specified, it defaults to NotRequired. 5319 type: string 5320 required: 5321 - resourceName 5322 - restartPolicy 5323 type: object 5324 type: array 5325 x-kubernetes-list-type: atomic 5326 resources: 5327 description: 'Compute Resources required by this 5328 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5329 properties: 5330 claims: 5331 description: "Claims lists the names of resources, 5332 defined in spec.resourceClaims, that are 5333 used by this container. \n This is an alpha 5334 field and requires enabling the DynamicResourceAllocation 5335 feature gate. \n This field is immutable. 5336 It can only be set for containers." 5337 items: 5338 description: ResourceClaim references one 5339 entry in PodSpec.ResourceClaims. 5340 properties: 5341 name: 5342 description: Name must match the name 5343 of one entry in pod.spec.resourceClaims 5344 of the Pod where this field is used. 5345 It makes that resource available inside 5346 a container. 5347 type: string 5348 required: 5349 - name 5350 type: object 5351 type: array 5352 x-kubernetes-list-map-keys: 5353 - name 5354 x-kubernetes-list-type: map 5355 limits: 5356 additionalProperties: 5357 anyOf: 5358 - type: integer 5359 - type: string 5360 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5361 x-kubernetes-int-or-string: true 5362 description: 'Limits describes the maximum 5363 amount of compute resources allowed. More 5364 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5365 type: object 5366 requests: 5367 additionalProperties: 5368 anyOf: 5369 - type: integer 5370 - type: string 5371 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5372 x-kubernetes-int-or-string: true 5373 description: 'Requests describes the minimum 5374 amount of compute resources required. If 5375 Requests is omitted for a container, it 5376 defaults to Limits if that is explicitly 5377 specified, otherwise to an implementation-defined 5378 value. Requests cannot exceed Limits. More 5379 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5380 type: object 5381 type: object 5382 securityContext: 5383 description: 'SecurityContext defines the security 5384 options the container should be run with. If 5385 set, the fields of SecurityContext override 5386 the equivalent fields of PodSecurityContext. 5387 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 5388 properties: 5389 allowPrivilegeEscalation: 5390 description: 'AllowPrivilegeEscalation controls 5391 whether a process can gain more privileges 5392 than its parent process. This bool directly 5393 controls if the no_new_privs flag will be 5394 set on the container process. AllowPrivilegeEscalation 5395 is true always when the container is: 1) 5396 run as Privileged 2) has CAP_SYS_ADMIN Note 5397 that this field cannot be set when spec.os.name 5398 is windows.' 5399 type: boolean 5400 capabilities: 5401 description: The capabilities to add/drop 5402 when running containers. Defaults to the 5403 default set of capabilities granted by the 5404 container runtime. Note that this field 5405 cannot be set when spec.os.name is windows. 5406 properties: 5407 add: 5408 description: Added capabilities 5409 items: 5410 description: Capability represent POSIX 5411 capabilities type 5412 type: string 5413 type: array 5414 drop: 5415 description: Removed capabilities 5416 items: 5417 description: Capability represent POSIX 5418 capabilities type 5419 type: string 5420 type: array 5421 type: object 5422 privileged: 5423 description: Run container in privileged mode. 5424 Processes in privileged containers are essentially 5425 equivalent to root on the host. Defaults 5426 to false. Note that this field cannot be 5427 set when spec.os.name is windows. 5428 type: boolean 5429 procMount: 5430 description: procMount denotes the type of 5431 proc mount to use for the containers. The 5432 default is DefaultProcMount which uses the 5433 container runtime defaults for readonly 5434 paths and masked paths. This requires the 5435 ProcMountType feature flag to be enabled. 5436 Note that this field cannot be set when 5437 spec.os.name is windows. 5438 type: string 5439 readOnlyRootFilesystem: 5440 description: Whether this container has a 5441 read-only root filesystem. Default is false. 5442 Note that this field cannot be set when 5443 spec.os.name is windows. 5444 type: boolean 5445 runAsGroup: 5446 description: The GID to run the entrypoint 5447 of the container process. Uses runtime default 5448 if unset. May also be set in PodSecurityContext. If 5449 set in both SecurityContext and PodSecurityContext, 5450 the value specified in SecurityContext takes 5451 precedence. Note that this field cannot 5452 be set when spec.os.name is windows. 5453 format: int64 5454 type: integer 5455 runAsNonRoot: 5456 description: Indicates that the container 5457 must run as a non-root user. If true, the 5458 Kubelet will validate the image at runtime 5459 to ensure that it does not run as UID 0 5460 (root) and fail to start the container if 5461 it does. If unset or false, no such validation 5462 will be performed. May also be set in PodSecurityContext. 5463 type: boolean 5464 runAsUser: 5465 description: The UID to run the entrypoint 5466 of the container process. Defaults to user 5467 specified in image metadata if unspecified. 5468 May also be set in PodSecurityContext. If 5469 set in both SecurityContext and PodSecurityContext, 5470 the value specified in SecurityContext takes 5471 precedence. Note that this field cannot 5472 be set when spec.os.name is windows. 5473 format: int64 5474 type: integer 5475 seLinuxOptions: 5476 description: The SELinux context to be applied 5477 to the container. If unspecified, the container 5478 runtime will allocate a random SELinux context 5479 for each container. May also be set in 5480 PodSecurityContext. If set in both SecurityContext 5481 and PodSecurityContext, the value specified 5482 in SecurityContext takes precedence. Note 5483 that this field cannot be set when spec.os.name 5484 is windows. 5485 properties: 5486 level: 5487 description: Level is SELinux level label 5488 that applies to the container. 5489 type: string 5490 role: 5491 description: Role is a SELinux role label 5492 that applies to the container. 5493 type: string 5494 type: 5495 description: Type is a SELinux type label 5496 that applies to the container. 5497 type: string 5498 user: 5499 description: User is a SELinux user label 5500 that applies to the container. 5501 type: string 5502 type: object 5503 seccompProfile: 5504 description: The seccomp options to use by 5505 this container. If seccomp options are provided 5506 at both the pod & container level, the container 5507 options override the pod options. Note that 5508 this field cannot be set when spec.os.name 5509 is windows. 5510 properties: 5511 localhostProfile: 5512 description: localhostProfile indicates 5513 a profile defined in a file on the node 5514 should be used. The profile must be 5515 preconfigured on the node to work. Must 5516 be a descending path, relative to the 5517 kubelet's configured seccomp profile 5518 location. Must only be set if type is 5519 "Localhost". 5520 type: string 5521 type: 5522 description: "type indicates which kind 5523 of seccomp profile will be applied. 5524 Valid options are: \n Localhost - a 5525 profile defined in a file on the node 5526 should be used. RuntimeDefault - the 5527 container runtime default profile should 5528 be used. Unconfined - no profile should 5529 be applied." 5530 type: string 5531 required: 5532 - type 5533 type: object 5534 windowsOptions: 5535 description: The Windows specific settings 5536 applied to all containers. If unspecified, 5537 the options from the PodSecurityContext 5538 will be used. If set in both SecurityContext 5539 and PodSecurityContext, the value specified 5540 in SecurityContext takes precedence. Note 5541 that this field cannot be set when spec.os.name 5542 is linux. 5543 properties: 5544 gmsaCredentialSpec: 5545 description: GMSACredentialSpec is where 5546 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5547 inlines the contents of the GMSA credential 5548 spec named by the GMSACredentialSpecName 5549 field. 5550 type: string 5551 gmsaCredentialSpecName: 5552 description: GMSACredentialSpecName is 5553 the name of the GMSA credential spec 5554 to use. 5555 type: string 5556 hostProcess: 5557 description: HostProcess determines if 5558 a container should be run as a 'Host 5559 Process' container. This field is alpha-level 5560 and will only be honored by components 5561 that enable the WindowsHostProcessContainers 5562 feature flag. Setting this field without 5563 the feature flag will result in errors 5564 when validating the Pod. 5565 type: boolean 5566 runAsUserName: 5567 description: The UserName in Windows to 5568 run the entrypoint of the container 5569 process. Defaults to the user specified 5570 in image metadata if unspecified. May 5571 also be set in PodSecurityContext. If 5572 set in both SecurityContext and PodSecurityContext, 5573 the value specified in SecurityContext 5574 takes precedence. 5575 type: string 5576 type: object 5577 type: object 5578 startupProbe: 5579 description: StartupProbe indicates that the Pod 5580 has successfully initialized. If specified, 5581 no other probes are executed until this completes 5582 successfully. If this probe fails, the Pod will 5583 be restarted, just as if the livenessProbe failed. 5584 properties: 5585 exec: 5586 description: Exec specifies the action to 5587 take. 5588 properties: 5589 command: 5590 description: Command is the command line 5591 to execute inside the container, the 5592 working directory for the command is 5593 root ('/') in the container's filesystem. 5594 The command is simply exec'd, it is 5595 not run inside a shell, so traditional 5596 shell instructions ('|', etc) won't 5597 work. To use a shell, you need to explicitly 5598 call out to that shell. Exit status 5599 of 0 is treated as live/healthy and 5600 non-zero is unhealthy. 5601 items: 5602 type: string 5603 type: array 5604 type: object 5605 failureThreshold: 5606 description: Minimum consecutive failures 5607 for the probe to be considered failed after 5608 having succeeded. Defaults to 3. Minimum 5609 value is 1. 5610 format: int32 5611 type: integer 5612 grpc: 5613 description: GRPC specifies an action involving 5614 a GRPC port. 5615 properties: 5616 port: 5617 description: Port number of the gRPC service. 5618 Number must be in the range 1 to 65535. 5619 format: int32 5620 type: integer 5621 service: 5622 description: "Service is the name of the 5623 service to place in the gRPC HealthCheckRequest 5624 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5625 \n If this is not specified, the default 5626 behavior is defined by gRPC." 5627 type: string 5628 required: 5629 - port 5630 type: object 5631 httpGet: 5632 description: HTTPGet specifies the http request 5633 to perform. 5634 properties: 5635 host: 5636 description: Host name to connect to, 5637 defaults to the pod IP. You probably 5638 want to set "Host" in httpHeaders instead. 5639 type: string 5640 httpHeaders: 5641 description: Custom headers to set in 5642 the request. HTTP allows repeated headers. 5643 items: 5644 description: HTTPHeader describes a 5645 custom header to be used in HTTP probes 5646 properties: 5647 name: 5648 description: The header field name. 5649 This will be canonicalized upon 5650 output, so case-variant names 5651 will be understood as the same 5652 header. 5653 type: string 5654 value: 5655 description: The header field value 5656 type: string 5657 required: 5658 - name 5659 - value 5660 type: object 5661 type: array 5662 path: 5663 description: Path to access on the HTTP 5664 server. 5665 type: string 5666 port: 5667 anyOf: 5668 - type: integer 5669 - type: string 5670 description: Name or number of the port 5671 to access on the container. Number must 5672 be in the range 1 to 65535. Name must 5673 be an IANA_SVC_NAME. 5674 x-kubernetes-int-or-string: true 5675 scheme: 5676 description: Scheme to use for connecting 5677 to the host. Defaults to HTTP. 5678 type: string 5679 required: 5680 - port 5681 type: object 5682 initialDelaySeconds: 5683 description: 'Number of seconds after the 5684 container has started before liveness probes 5685 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5686 format: int32 5687 type: integer 5688 periodSeconds: 5689 description: How often (in seconds) to perform 5690 the probe. Default to 10 seconds. Minimum 5691 value is 1. 5692 format: int32 5693 type: integer 5694 successThreshold: 5695 description: Minimum consecutive successes 5696 for the probe to be considered successful 5697 after having failed. Defaults to 1. Must 5698 be 1 for liveness and startup. Minimum value 5699 is 1. 5700 format: int32 5701 type: integer 5702 tcpSocket: 5703 description: TCPSocket specifies an action 5704 involving a TCP port. 5705 properties: 5706 host: 5707 description: 'Optional: Host name to connect 5708 to, defaults to the pod IP.' 5709 type: string 5710 port: 5711 anyOf: 5712 - type: integer 5713 - type: string 5714 description: Number or name of the port 5715 to access on the container. Number must 5716 be in the range 1 to 65535. Name must 5717 be an IANA_SVC_NAME. 5718 x-kubernetes-int-or-string: true 5719 required: 5720 - port 5721 type: object 5722 terminationGracePeriodSeconds: 5723 description: Optional duration in seconds 5724 the pod needs to terminate gracefully upon 5725 probe failure. The grace period is the duration 5726 in seconds after the processes running in 5727 the pod are sent a termination signal and 5728 the time when the processes are forcibly 5729 halted with a kill signal. Set this value 5730 longer than the expected cleanup time for 5731 your process. 5732 format: int64 5733 type: integer 5734 timeoutSeconds: 5735 description: 'Number of seconds after which 5736 the probe times out. Defaults to 1 second. 5737 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5738 format: int32 5739 type: integer 5740 type: object 5741 stdin: 5742 description: Whether this container should allocate 5743 a buffer for stdin in the container runtime. 5744 If this is not set, reads from stdin in the 5745 container will always result in EOF. Default 5746 is false. 5747 type: boolean 5748 stdinOnce: 5749 description: Whether the container runtime should 5750 close the stdin channel after it has been opened 5751 by a single attach. When stdin is true the stdin 5752 stream will remain open across multiple attach 5753 sessions. 5754 type: boolean 5755 terminationMessagePath: 5756 description: 'Optional: Path at which the file 5757 to which the container''s termination message 5758 will be written is mounted into the container''s 5759 filesystem. Message written is intended to be 5760 brief final status, such as an assertion failure 5761 message. Will be truncated by the node if greater 5762 than 4096 bytes. The total message length across 5763 all containers will be limited to 12kb. Defaults 5764 to /dev/termination-log.' 5765 type: string 5766 terminationMessagePolicy: 5767 description: Indicate how the termination message 5768 should be populated. File will use the contents 5769 of terminationMessagePath to populate the container 5770 status message on both success and failure. 5771 FallbackToLogsOnError will use the last chunk 5772 of container log output if the termination message 5773 file is empty and the container exited with 5774 an error. 5775 type: string 5776 tty: 5777 description: Whether this container should allocate 5778 a TTY for itself, also requires 'stdin' to be 5779 true. Default is false. 5780 type: boolean 5781 volumeDevices: 5782 description: volumeDevices is the list of block 5783 devices to be used by the container. 5784 items: 5785 description: volumeDevice describes a mapping 5786 of a raw block device within a container. 5787 properties: 5788 devicePath: 5789 description: devicePath is the path inside 5790 of the container that the device will 5791 be mapped to. 5792 type: string 5793 name: 5794 description: name must match the name of 5795 a persistentVolumeClaim in the pod 5796 type: string 5797 required: 5798 - devicePath 5799 - name 5800 type: object 5801 type: array 5802 volumeMounts: 5803 description: Pod volumes to mount into the container's 5804 filesystem. Cannot be updated. 5805 items: 5806 description: VolumeMount describes a mounting 5807 of a Volume within a container. 5808 properties: 5809 mountPath: 5810 description: Path within the container at 5811 which the volume should be mounted. Must 5812 not contain ':'. 5813 type: string 5814 mountPropagation: 5815 description: mountPropagation determines 5816 how mounts are propagated from the host 5817 to container and the other way around. 5818 When not set, MountPropagationNone is 5819 used. This field is beta in 1.10. 5820 type: string 5821 name: 5822 description: This must match the Name of 5823 a Volume. 5824 type: string 5825 readOnly: 5826 description: Mounted read-only if true, 5827 read-write otherwise (false or unspecified). 5828 Defaults to false. 5829 type: boolean 5830 subPath: 5831 description: Path within the volume from 5832 which the container's volume should be 5833 mounted. Defaults to "" (volume's root). 5834 type: string 5835 subPathExpr: 5836 description: Expanded path within the volume 5837 from which the container's volume should 5838 be mounted. Behaves similarly to SubPath 5839 but environment variable references $(VAR_NAME) 5840 are expanded using the container's environment. 5841 Defaults to "" (volume's root). SubPathExpr 5842 and SubPath are mutually exclusive. 5843 type: string 5844 required: 5845 - mountPath 5846 - name 5847 type: object 5848 type: array 5849 workingDir: 5850 description: Container's working directory. If 5851 not specified, the container runtime's default 5852 will be used, which might be configured in the 5853 container image. Cannot be updated. 5854 type: string 5855 required: 5856 - name 5857 type: object 5858 type: array 5859 nodeName: 5860 description: NodeName is a request to schedule this 5861 pod onto a specific node. If it is non-empty, the 5862 scheduler simply schedules this pod onto that node, 5863 assuming that it fits resource requirements. 5864 type: string 5865 nodeSelector: 5866 additionalProperties: 5867 type: string 5868 description: 'NodeSelector is a selector which must 5869 be true for the pod to fit on a node. Selector which 5870 must match a node''s labels for the pod to be scheduled 5871 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 5872 type: object 5873 x-kubernetes-map-type: atomic 5874 os: 5875 description: "Specifies the OS of the containers in 5876 the pod. Some pod and container fields are restricted 5877 if this is set. \n If the OS field is set to linux, 5878 the following fields must be unset: -securityContext.windowsOptions 5879 \n If the OS field is set to windows, following fields 5880 must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers 5881 - spec.securityContext.seLinuxOptions - spec.securityContext." 5882 properties: 5883 name: 5884 description: 'Name is the name of the operating 5885 system. The currently supported values are linux 5886 and windows. Additional value may be defined in 5887 future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration 5888 Clients should expect to handle additional values 5889 and treat unrecognized values in this field as 5890 os: null' 5891 type: string 5892 required: 5893 - name 5894 type: object 5895 overhead: 5896 additionalProperties: 5897 anyOf: 5898 - type: integer 5899 - type: string 5900 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5901 x-kubernetes-int-or-string: true 5902 description: Overhead represents the resource overhead 5903 associated with running a pod for a given RuntimeClass. 5904 This field will be autopopulated at admission time 5905 by the RuntimeClass admission controller. If the RuntimeClass 5906 admission controller is enabled, overhead must not 5907 be set in Pod create requests. The RuntimeClass admission 5908 controller will reject Pod create requests which have 5909 the overhead already set. 5910 type: object 5911 preemptionPolicy: 5912 description: PreemptionPolicy is the Policy for preempting 5913 pods with lower priority. One of Never, PreemptLowerPriority. 5914 Defaults to PreemptLowerPriority if unset. 5915 type: string 5916 priority: 5917 description: The priority value. Various system components 5918 use this field to find the priority of the pod. When 5919 Priority Admission Controller is enabled, it prevents 5920 users from setting this field. The admission controller 5921 populates this field from PriorityClassName. The higher 5922 the value, the higher the priority. 5923 format: int32 5924 type: integer 5925 priorityClassName: 5926 description: If specified, indicates the pod's priority. 5927 "system-node-critical" and "system-cluster-critical" 5928 are two special keywords which indicate the highest 5929 priorities with the former being the highest priority. 5930 Any other name must be defined by creating a PriorityClass 5931 object with that name. If not specified, the pod priority 5932 will be default or zero if there is no default. 5933 type: string 5934 readinessGates: 5935 description: 'If specified, all readiness gates will 5936 be evaluated for pod readiness. A pod is ready when 5937 all its containers are ready AND all conditions specified 5938 in the readiness gates have status equal to "True" 5939 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' 5940 items: 5941 description: PodReadinessGate contains the reference 5942 to a pod condition 5943 properties: 5944 conditionType: 5945 description: ConditionType refers to a condition 5946 in the pod's condition list with matching type. 5947 type: string 5948 required: 5949 - conditionType 5950 type: object 5951 type: array 5952 resourceClaims: 5953 description: "ResourceClaims defines which ResourceClaims 5954 must be allocated and reserved before the Pod is allowed 5955 to start. The resources will be made available to 5956 those containers which consume them by name. \n This 5957 is an alpha field and requires enabling the DynamicResourceAllocation 5958 feature gate. \n This field is immutable." 5959 items: 5960 description: PodResourceClaim references exactly one 5961 ResourceClaim through a ClaimSource. It adds a name 5962 to it that uniquely identifies the ResourceClaim 5963 inside the Pod. Containers that need access to the 5964 ResourceClaim reference it with this name. 5965 properties: 5966 name: 5967 description: Name uniquely identifies this resource 5968 claim inside the pod. This must be a DNS_LABEL. 5969 type: string 5970 source: 5971 description: Source describes where to find the 5972 ResourceClaim. 5973 properties: 5974 resourceClaimName: 5975 description: ResourceClaimName is the name 5976 of a ResourceClaim object in the same namespace 5977 as this pod. 5978 type: string 5979 resourceClaimTemplateName: 5980 description: "ResourceClaimTemplateName is 5981 the name of a ResourceClaimTemplate object 5982 in the same namespace as this pod. \n The 5983 template will be used to create a new ResourceClaim, 5984 which will be bound to this pod. When this 5985 pod is deleted, the ResourceClaim will also 5986 be deleted. The name of the ResourceClaim 5987 will be <pod name>-<resource name>, where 5988 <resource name> is the PodResourceClaim.Name." 5989 type: string 5990 type: object 5991 required: 5992 - name 5993 type: object 5994 type: array 5995 x-kubernetes-list-map-keys: 5996 - name 5997 x-kubernetes-list-type: map 5998 restartPolicy: 5999 description: 'Restart policy for all containers within 6000 the pod. One of Always, OnFailure, Never. In some 6001 contexts, only a subset of those values may be permitted. 6002 Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 6003 type: string 6004 runtimeClassName: 6005 description: 'RuntimeClassName refers to a RuntimeClass 6006 object in the node.k8s.io group, which should be used 6007 to run this pod. If no RuntimeClass resource matches 6008 the named class, the pod will not be run. If unset 6009 or empty, the "legacy" RuntimeClass will be used, 6010 which is an implicit class with an empty definition 6011 that uses the default runtime handler. More info: 6012 https://git.k8s.' 6013 type: string 6014 schedulerName: 6015 description: If specified, the pod will be dispatched 6016 by specified scheduler. If not specified, the pod 6017 will be dispatched by default scheduler. 6018 type: string 6019 schedulingGates: 6020 description: "SchedulingGates is an opaque list of values 6021 that if specified will block scheduling the pod. If 6022 schedulingGates is not empty, the pod will stay in 6023 the SchedulingGated state and the scheduler will not 6024 attempt to schedule the pod. \n SchedulingGates can 6025 only be set at pod creation time, and be removed only 6026 afterwards. \n This is a beta feature enabled by the 6027 PodSchedulingReadiness feature gate." 6028 items: 6029 description: PodSchedulingGate is associated to a 6030 Pod to guard its scheduling. 6031 properties: 6032 name: 6033 description: Name of the scheduling gate. Each 6034 scheduling gate must have a unique name field. 6035 type: string 6036 required: 6037 - name 6038 type: object 6039 type: array 6040 x-kubernetes-list-map-keys: 6041 - name 6042 x-kubernetes-list-type: map 6043 securityContext: 6044 description: 'SecurityContext holds pod-level security 6045 attributes and common container settings. Optional: 6046 Defaults to empty. See type description for default 6047 values of each field.' 6048 properties: 6049 fsGroup: 6050 description: "A special supplemental group that 6051 applies to all containers in a pod. Some volume 6052 types allow the Kubelet to change the ownership 6053 of that volume to be owned by the pod: \n 1. The 6054 owning GID will be the FSGroup 2. The setgid bit 6055 is set (new files created in the volume will be 6056 owned by FSGroup) 3." 6057 format: int64 6058 type: integer 6059 fsGroupChangePolicy: 6060 description: 'fsGroupChangePolicy defines behavior 6061 of changing ownership and permission of the volume 6062 before being exposed inside Pod. This field will 6063 only apply to volume types which support fsGroup 6064 based ownership(and permissions). It will have 6065 no effect on ephemeral volume types such as: secret, 6066 configmaps and emptydir. Valid values are "OnRootMismatch" 6067 and "Always". If not specified, "Always" is used.' 6068 type: string 6069 runAsGroup: 6070 description: The GID to run the entrypoint of the 6071 container process. Uses runtime default if unset. 6072 May also be set in SecurityContext. If set in 6073 both SecurityContext and PodSecurityContext, the 6074 value specified in SecurityContext takes precedence 6075 for that container. Note that this field cannot 6076 be set when spec.os.name is windows. 6077 format: int64 6078 type: integer 6079 runAsNonRoot: 6080 description: Indicates that the container must run 6081 as a non-root user. If true, the Kubelet will 6082 validate the image at runtime to ensure that it 6083 does not run as UID 0 (root) and fail to start 6084 the container if it does. If unset or false, no 6085 such validation will be performed. May also be 6086 set in SecurityContext. 6087 type: boolean 6088 runAsUser: 6089 description: The UID to run the entrypoint of the 6090 container process. Defaults to user specified 6091 in image metadata if unspecified. May also be 6092 set in SecurityContext. If set in both SecurityContext 6093 and PodSecurityContext, the value specified in 6094 SecurityContext takes precedence for that container. 6095 Note that this field cannot be set when spec.os.name 6096 is windows. 6097 format: int64 6098 type: integer 6099 seLinuxOptions: 6100 description: The SELinux context to be applied to 6101 all containers. If unspecified, the container 6102 runtime will allocate a random SELinux context 6103 for each container. May also be set in SecurityContext. If 6104 set in both SecurityContext and PodSecurityContext, 6105 the value specified in SecurityContext takes precedence 6106 for that container. Note that this field cannot 6107 be set when spec.os.name is windows. 6108 properties: 6109 level: 6110 description: Level is SELinux level label that 6111 applies to the container. 6112 type: string 6113 role: 6114 description: Role is a SELinux role label that 6115 applies to the container. 6116 type: string 6117 type: 6118 description: Type is a SELinux type label that 6119 applies to the container. 6120 type: string 6121 user: 6122 description: User is a SELinux user label that 6123 applies to the container. 6124 type: string 6125 type: object 6126 seccompProfile: 6127 description: The seccomp options to use by the containers 6128 in this pod. Note that this field cannot be set 6129 when spec.os.name is windows. 6130 properties: 6131 localhostProfile: 6132 description: localhostProfile indicates a profile 6133 defined in a file on the node should be used. 6134 The profile must be preconfigured on the node 6135 to work. Must be a descending path, relative 6136 to the kubelet's configured seccomp profile 6137 location. Must only be set if type is "Localhost". 6138 type: string 6139 type: 6140 description: "type indicates which kind of seccomp 6141 profile will be applied. Valid options are: 6142 \n Localhost - a profile defined in a file 6143 on the node should be used. RuntimeDefault 6144 - the container runtime default profile should 6145 be used. Unconfined - no profile should be 6146 applied." 6147 type: string 6148 required: 6149 - type 6150 type: object 6151 supplementalGroups: 6152 description: A list of groups applied to the first 6153 process run in each container, in addition to 6154 the container's primary GID, the fsGroup (if specified), 6155 and group memberships defined in the container 6156 image for the uid of the container process. If 6157 unspecified, no additional groups are added to 6158 any container. 6159 items: 6160 format: int64 6161 type: integer 6162 type: array 6163 sysctls: 6164 description: Sysctls hold a list of namespaced sysctls 6165 used for the pod. Pods with unsupported sysctls 6166 (by the container runtime) might fail to launch. 6167 Note that this field cannot be set when spec.os.name 6168 is windows. 6169 items: 6170 description: Sysctl defines a kernel parameter 6171 to be set 6172 properties: 6173 name: 6174 description: Name of a property to set 6175 type: string 6176 value: 6177 description: Value of a property to set 6178 type: string 6179 required: 6180 - name 6181 - value 6182 type: object 6183 type: array 6184 windowsOptions: 6185 description: The Windows specific settings applied 6186 to all containers. If unspecified, the options 6187 within a container's SecurityContext will be used. 6188 If set in both SecurityContext and PodSecurityContext, 6189 the value specified in SecurityContext takes precedence. 6190 Note that this field cannot be set when spec.os.name 6191 is linux. 6192 properties: 6193 gmsaCredentialSpec: 6194 description: GMSACredentialSpec is where the 6195 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6196 inlines the contents of the GMSA credential 6197 spec named by the GMSACredentialSpecName field. 6198 type: string 6199 gmsaCredentialSpecName: 6200 description: GMSACredentialSpecName is the name 6201 of the GMSA credential spec to use. 6202 type: string 6203 hostProcess: 6204 description: HostProcess determines if a container 6205 should be run as a 'Host Process' container. 6206 This field is alpha-level and will only be 6207 honored by components that enable the WindowsHostProcessContainers 6208 feature flag. Setting this field without the 6209 feature flag will result in errors when validating 6210 the Pod. 6211 type: boolean 6212 runAsUserName: 6213 description: The UserName in Windows to run 6214 the entrypoint of the container process. Defaults 6215 to the user specified in image metadata if 6216 unspecified. May also be set in PodSecurityContext. 6217 If set in both SecurityContext and PodSecurityContext, 6218 the value specified in SecurityContext takes 6219 precedence. 6220 type: string 6221 type: object 6222 type: object 6223 serviceAccount: 6224 description: 'DeprecatedServiceAccount is a depreciated 6225 alias for ServiceAccountName. Deprecated: Use serviceAccountName 6226 instead.' 6227 type: string 6228 serviceAccountName: 6229 description: 'ServiceAccountName is the name of the 6230 ServiceAccount to use to run this pod. More info: 6231 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 6232 type: string 6233 setHostnameAsFQDN: 6234 description: If true the pod's hostname will be configured 6235 as the pod's FQDN, rather than the leaf name (the 6236 default). In Linux containers, this means setting 6237 the FQDN in the hostname field of the kernel (the 6238 nodename field of struct utsname). 6239 type: boolean 6240 shareProcessNamespace: 6241 description: 'Share a single process namespace between 6242 all of the containers in a pod. When this is set containers 6243 will be able to view and signal processes from other 6244 containers in the same pod, and the first process 6245 in each container will not be assigned PID 1. HostPID 6246 and ShareProcessNamespace cannot both be set. Optional: 6247 Default to false.' 6248 type: boolean 6249 subdomain: 6250 description: If specified, the fully qualified Pod hostname 6251 will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 6252 domain>". If not specified, the pod will not have 6253 a domainname at all. 6254 type: string 6255 terminationGracePeriodSeconds: 6256 description: Optional duration in seconds the pod needs 6257 to terminate gracefully. May be decreased in delete 6258 request. Value must be non-negative integer. The value 6259 zero indicates stop immediately via the kill signal 6260 (no opportunity to shut down). If this value is nil, 6261 the default grace period will be used instead. 6262 format: int64 6263 type: integer 6264 tolerations: 6265 description: If specified, the pod's tolerations. 6266 items: 6267 description: The pod this Toleration is attached to 6268 tolerates any taint that matches the triple <key,value,effect> 6269 using the matching operator <operator>. 6270 properties: 6271 effect: 6272 description: Effect indicates the taint effect 6273 to match. Empty means match all taint effects. 6274 When specified, allowed values are NoSchedule, 6275 PreferNoSchedule and NoExecute. 6276 type: string 6277 key: 6278 description: Key is the taint key that the toleration 6279 applies to. Empty means match all taint keys. 6280 If the key is empty, operator must be Exists; 6281 this combination means to match all values and 6282 all keys. 6283 type: string 6284 operator: 6285 description: Operator represents a key's relationship 6286 to the value. Valid operators are Exists and 6287 Equal. Defaults to Equal. Exists is equivalent 6288 to wildcard for value, so that a pod can tolerate 6289 all taints of a particular category. 6290 type: string 6291 tolerationSeconds: 6292 description: TolerationSeconds represents the 6293 period of time the toleration (which must be 6294 of effect NoExecute, otherwise this field is 6295 ignored) tolerates the taint. By default, it 6296 is not set, which means tolerate the taint forever 6297 (do not evict). Zero and negative values will 6298 be treated as 0 (evict immediately) by the system. 6299 format: int64 6300 type: integer 6301 value: 6302 description: Value is the taint value the toleration 6303 matches to. If the operator is Exists, the value 6304 should be empty, otherwise just a regular string. 6305 type: string 6306 type: object 6307 type: array 6308 topologySpreadConstraints: 6309 description: TopologySpreadConstraints describes how 6310 a group of pods ought to spread across topology domains. 6311 Scheduler will schedule pods in a way which abides 6312 by the constraints. All topologySpreadConstraints 6313 are ANDed. 6314 items: 6315 description: TopologySpreadConstraint specifies how 6316 to spread matching pods among the given topology. 6317 properties: 6318 labelSelector: 6319 description: LabelSelector is used to find matching 6320 pods. Pods that match this label selector are 6321 counted to determine the number of pods in their 6322 corresponding topology domain. 6323 properties: 6324 matchExpressions: 6325 description: matchExpressions is a list of 6326 label selector requirements. The requirements 6327 are ANDed. 6328 items: 6329 description: A label selector requirement 6330 is a selector that contains values, a 6331 key, and an operator that relates the 6332 key and values. 6333 properties: 6334 key: 6335 description: key is the label key that 6336 the selector applies to. 6337 type: string 6338 operator: 6339 description: operator represents a key's 6340 relationship to a set of values. Valid 6341 operators are In, NotIn, Exists and 6342 DoesNotExist. 6343 type: string 6344 values: 6345 description: values is an array of string 6346 values. If the operator is In or NotIn, 6347 the values array must be non-empty. 6348 If the operator is Exists or DoesNotExist, 6349 the values array must be empty. This 6350 array is replaced during a strategic 6351 merge patch. 6352 items: 6353 type: string 6354 type: array 6355 required: 6356 - key 6357 - operator 6358 type: object 6359 type: array 6360 matchLabels: 6361 additionalProperties: 6362 type: string 6363 description: matchLabels is a map of {key,value} 6364 pairs. A single {key,value} in the matchLabels 6365 map is equivalent to an element of matchExpressions, 6366 whose key field is "key", the operator is 6367 "In", and the values array contains only 6368 "value". The requirements are ANDed. 6369 type: object 6370 type: object 6371 x-kubernetes-map-type: atomic 6372 matchLabelKeys: 6373 description: MatchLabelKeys is a set of pod label 6374 keys to select the pods over which spreading 6375 will be calculated. The keys are used to lookup 6376 values from the incoming pod labels, those key-value 6377 labels are ANDed with labelSelector to select 6378 the group of existing pods over which spreading 6379 will be calculated for the incoming pod. The 6380 same key is forbidden to exist in both MatchLabelKeys 6381 and LabelSelector. 6382 items: 6383 type: string 6384 type: array 6385 x-kubernetes-list-type: atomic 6386 maxSkew: 6387 description: MaxSkew describes the degree to which 6388 pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 6389 it is the maximum permitted difference between 6390 the number of matching pods in the target topology 6391 and the global minimum. The global minimum is 6392 the minimum number of matching pods in an eligible 6393 domain or zero if the number of eligible domains 6394 is less than MinDomains. 6395 format: int32 6396 type: integer 6397 minDomains: 6398 description: MinDomains indicates a minimum number 6399 of eligible domains. When the number of eligible 6400 domains with matching topology keys is less 6401 than minDomains, Pod Topology Spread treats 6402 "global minimum" as 0, and then the calculation 6403 of Skew is performed. And when the number of 6404 eligible domains with matching topology keys 6405 equals or greater than minDomains, this value 6406 has no effect on scheduling. 6407 format: int32 6408 type: integer 6409 nodeAffinityPolicy: 6410 description: "NodeAffinityPolicy indicates how 6411 we will treat Pod's nodeAffinity/nodeSelector 6412 when calculating pod topology spread skew. Options 6413 are: - Honor: only nodes matching nodeAffinity/nodeSelector 6414 are included in the calculations. - Ignore: 6415 nodeAffinity/nodeSelector are ignored. All nodes 6416 are included in the calculations. \n If this 6417 value is nil, the behavior is equivalent to 6418 the Honor policy." 6419 type: string 6420 nodeTaintsPolicy: 6421 description: "NodeTaintsPolicy indicates how we 6422 will treat node taints when calculating pod 6423 topology spread skew. Options are: - Honor: 6424 nodes without taints, along with tainted nodes 6425 for which the incoming pod has a toleration, 6426 are included. - Ignore: node taints are ignored. 6427 All nodes are included. \n If this value is 6428 nil, the behavior is equivalent to the Ignore 6429 policy." 6430 type: string 6431 topologyKey: 6432 description: TopologyKey is the key of node labels. 6433 Nodes that have a label with this key and identical 6434 values are considered to be in the same topology. 6435 We consider each <key, value> as a "bucket", 6436 and try to put balanced number of pods into 6437 each bucket. We define a domain as a particular 6438 instance of a topology. 6439 type: string 6440 whenUnsatisfiable: 6441 description: WhenUnsatisfiable indicates how to 6442 deal with a pod if it doesn't satisfy the spread 6443 constraint. - DoNotSchedule (default) tells 6444 the scheduler not to schedule it. - ScheduleAnyway 6445 tells the scheduler to schedule the pod in any 6446 location, but giving higher precedence to topologies 6447 that would help reduce the skew. 6448 type: string 6449 required: 6450 - maxSkew 6451 - topologyKey 6452 - whenUnsatisfiable 6453 type: object 6454 type: array 6455 x-kubernetes-list-map-keys: 6456 - topologyKey 6457 - whenUnsatisfiable 6458 x-kubernetes-list-type: map 6459 volumes: 6460 description: 'List of volumes that can be mounted by 6461 containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 6462 items: 6463 description: Volume represents a named volume in a 6464 pod that may be accessed by any container in the 6465 pod. 6466 properties: 6467 awsElasticBlockStore: 6468 description: 'awsElasticBlockStore represents 6469 an AWS Disk resource that is attached to a kubelet''s 6470 host machine and then exposed to the pod. More 6471 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6472 properties: 6473 fsType: 6474 description: 'fsType is the filesystem type 6475 of the volume that you want to mount. Tip: 6476 Ensure that the filesystem type is supported 6477 by the host operating system. Examples: 6478 "ext4", "xfs", "ntfs". Implicitly inferred 6479 to be "ext4" if unspecified. More info: 6480 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 6481 TODO: how do we prevent errors in the filesystem 6482 from compromising the machine' 6483 type: string 6484 partition: 6485 description: 'partition is the partition in 6486 the volume that you want to mount. If omitted, 6487 the default is to mount by volume name. 6488 Examples: For volume /dev/sda1, you specify 6489 the partition as "1". Similarly, the volume 6490 partition for /dev/sda is "0" (or you can 6491 leave the property empty).' 6492 format: int32 6493 type: integer 6494 readOnly: 6495 description: 'readOnly value true will force 6496 the readOnly setting in VolumeMounts. More 6497 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6498 type: boolean 6499 volumeID: 6500 description: 'volumeID is unique ID of the 6501 persistent disk resource in AWS (Amazon 6502 EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6503 type: string 6504 required: 6505 - volumeID 6506 type: object 6507 azureDisk: 6508 description: azureDisk represents an Azure Data 6509 Disk mount on the host and bind mount to the 6510 pod. 6511 properties: 6512 cachingMode: 6513 description: 'cachingMode is the Host Caching 6514 mode: None, Read Only, Read Write.' 6515 type: string 6516 diskName: 6517 description: diskName is the Name of the data 6518 disk in the blob storage 6519 type: string 6520 diskURI: 6521 description: diskURI is the URI of data disk 6522 in the blob storage 6523 type: string 6524 fsType: 6525 description: fsType is Filesystem type to 6526 mount. Must be a filesystem type supported 6527 by the host operating system. Ex. "ext4", 6528 "xfs", "ntfs". Implicitly inferred to be 6529 "ext4" if unspecified. 6530 type: string 6531 kind: 6532 description: 'kind expected values are Shared: 6533 multiple blob disks per storage account Dedicated: 6534 single blob disk per storage account Managed: 6535 azure managed data disk (only in managed 6536 availability set). defaults to shared' 6537 type: string 6538 readOnly: 6539 description: readOnly Defaults to false (read/write). 6540 ReadOnly here will force the ReadOnly setting 6541 in VolumeMounts. 6542 type: boolean 6543 required: 6544 - diskName 6545 - diskURI 6546 type: object 6547 azureFile: 6548 description: azureFile represents an Azure File 6549 Service mount on the host and bind mount to 6550 the pod. 6551 properties: 6552 readOnly: 6553 description: readOnly defaults to false (read/write). 6554 ReadOnly here will force the ReadOnly setting 6555 in VolumeMounts. 6556 type: boolean 6557 secretName: 6558 description: secretName is the name of secret 6559 that contains Azure Storage Account Name 6560 and Key 6561 type: string 6562 shareName: 6563 description: shareName is the azure share 6564 Name 6565 type: string 6566 required: 6567 - secretName 6568 - shareName 6569 type: object 6570 cephfs: 6571 description: cephFS represents a Ceph FS mount 6572 on the host that shares a pod's lifetime 6573 properties: 6574 monitors: 6575 description: 'monitors is Required: Monitors 6576 is a collection of Ceph monitors More info: 6577 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6578 items: 6579 type: string 6580 type: array 6581 path: 6582 description: 'path is Optional: Used as the 6583 mounted root, rather than the full Ceph 6584 tree, default is /' 6585 type: string 6586 readOnly: 6587 description: 'readOnly is Optional: Defaults 6588 to false (read/write). ReadOnly here will 6589 force the ReadOnly setting in VolumeMounts. 6590 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6591 type: boolean 6592 secretFile: 6593 description: 'secretFile is Optional: SecretFile 6594 is the path to key ring for User, default 6595 is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6596 type: string 6597 secretRef: 6598 description: 'secretRef is Optional: SecretRef 6599 is reference to the authentication secret 6600 for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6601 properties: 6602 name: 6603 description: 'Name of the referent. More 6604 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6605 TODO: Add other useful fields. apiVersion, 6606 kind, uid?' 6607 type: string 6608 type: object 6609 x-kubernetes-map-type: atomic 6610 user: 6611 description: 'user is optional: User is the 6612 rados user name, default is admin More info: 6613 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6614 type: string 6615 required: 6616 - monitors 6617 type: object 6618 cinder: 6619 description: 'cinder represents a cinder volume 6620 attached and mounted on kubelets host machine. 6621 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6622 properties: 6623 fsType: 6624 description: 'fsType is the filesystem type 6625 to mount. Must be a filesystem type supported 6626 by the host operating system. Examples: 6627 "ext4", "xfs", "ntfs". Implicitly inferred 6628 to be "ext4" if unspecified. More info: 6629 https://examples.k8s.io/mysql-cinder-pd/README.md' 6630 type: string 6631 readOnly: 6632 description: 'readOnly defaults to false (read/write). 6633 ReadOnly here will force the ReadOnly setting 6634 in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6635 type: boolean 6636 secretRef: 6637 description: 'secretRef is optional: points 6638 to a secret object containing parameters 6639 used to connect to OpenStack.' 6640 properties: 6641 name: 6642 description: 'Name of the referent. More 6643 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6644 TODO: Add other useful fields. apiVersion, 6645 kind, uid?' 6646 type: string 6647 type: object 6648 x-kubernetes-map-type: atomic 6649 volumeID: 6650 description: 'volumeID used to identify the 6651 volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6652 type: string 6653 required: 6654 - volumeID 6655 type: object 6656 configMap: 6657 description: configMap represents a configMap 6658 that should populate this volume 6659 properties: 6660 defaultMode: 6661 description: 'defaultMode is optional: mode 6662 bits used to set permissions on created 6663 files by default. Must be an octal value 6664 between 0000 and 0777 or a decimal value 6665 between 0 and 511. YAML accepts both octal 6666 and decimal values, JSON requires decimal 6667 values for mode bits. Defaults to 0644. 6668 Directories within the path are not affected 6669 by this setting.' 6670 format: int32 6671 type: integer 6672 items: 6673 description: items if unspecified, each key-value 6674 pair in the Data field of the referenced 6675 ConfigMap will be projected into the volume 6676 as a file whose name is the key and content 6677 is the value. If specified, the listed keys 6678 will be projected into the specified paths, 6679 and unlisted keys will not be present. 6680 items: 6681 description: Maps a string key to a path 6682 within a volume. 6683 properties: 6684 key: 6685 description: key is the key to project. 6686 type: string 6687 mode: 6688 description: 'mode is Optional: mode 6689 bits used to set permissions on this 6690 file. Must be an octal value between 6691 0000 and 0777 or a decimal value between 6692 0 and 511. YAML accepts both octal 6693 and decimal values, JSON requires 6694 decimal values for mode bits. If not 6695 specified, the volume defaultMode 6696 will be used.' 6697 format: int32 6698 type: integer 6699 path: 6700 description: path is the relative path 6701 of the file to map the key to. May 6702 not be an absolute path. May not contain 6703 the path element '..'. May not start 6704 with the string '..'. 6705 type: string 6706 required: 6707 - key 6708 - path 6709 type: object 6710 type: array 6711 name: 6712 description: 'Name of the referent. More info: 6713 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6714 TODO: Add other useful fields. apiVersion, 6715 kind, uid?' 6716 type: string 6717 optional: 6718 description: optional specify whether the 6719 ConfigMap or its keys must be defined 6720 type: boolean 6721 type: object 6722 x-kubernetes-map-type: atomic 6723 csi: 6724 description: csi (Container Storage Interface) 6725 represents ephemeral storage that is handled 6726 by certain external CSI drivers (Beta feature). 6727 properties: 6728 driver: 6729 description: driver is the name of the CSI 6730 driver that handles this volume. Consult 6731 with your admin for the correct name as 6732 registered in the cluster. 6733 type: string 6734 fsType: 6735 description: fsType to mount. Ex. "ext4", 6736 "xfs", "ntfs". If not provided, the empty 6737 value is passed to the associated CSI driver 6738 which will determine the default filesystem 6739 to apply. 6740 type: string 6741 nodePublishSecretRef: 6742 description: nodePublishSecretRef is a reference 6743 to the secret object containing sensitive 6744 information to pass to the CSI driver to 6745 complete the CSI NodePublishVolume and NodeUnpublishVolume 6746 calls. This field is optional, and may 6747 be empty if no secret is required. If the 6748 secret object contains more than one secret, 6749 all secret references are passed. 6750 properties: 6751 name: 6752 description: 'Name of the referent. More 6753 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6754 TODO: Add other useful fields. apiVersion, 6755 kind, uid?' 6756 type: string 6757 type: object 6758 x-kubernetes-map-type: atomic 6759 readOnly: 6760 description: readOnly specifies a read-only 6761 configuration for the volume. Defaults to 6762 false (read/write). 6763 type: boolean 6764 volumeAttributes: 6765 additionalProperties: 6766 type: string 6767 description: volumeAttributes stores driver-specific 6768 properties that are passed to the CSI driver. 6769 Consult your driver's documentation for 6770 supported values. 6771 type: object 6772 required: 6773 - driver 6774 type: object 6775 downwardAPI: 6776 description: downwardAPI represents downward API 6777 about the pod that should populate this volume 6778 properties: 6779 defaultMode: 6780 description: 'Optional: mode bits to use on 6781 created files by default. Must be a Optional: 6782 mode bits used to set permissions on created 6783 files by default. Must be an octal value 6784 between 0000 and 0777 or a decimal value 6785 between 0 and 511. YAML accepts both octal 6786 and decimal values, JSON requires decimal 6787 values for mode bits. Defaults to 0644. 6788 Directories within the path are not affected 6789 by this setting.' 6790 format: int32 6791 type: integer 6792 items: 6793 description: Items is a list of downward API 6794 volume file 6795 items: 6796 description: DownwardAPIVolumeFile represents 6797 information to create the file containing 6798 the pod field 6799 properties: 6800 fieldRef: 6801 description: 'Required: Selects a field 6802 of the pod: only annotations, labels, 6803 name and namespace are supported.' 6804 properties: 6805 apiVersion: 6806 description: Version of the schema 6807 the FieldPath is written in terms 6808 of, defaults to "v1". 6809 type: string 6810 fieldPath: 6811 description: Path of the field to 6812 select in the specified API version. 6813 type: string 6814 required: 6815 - fieldPath 6816 type: object 6817 x-kubernetes-map-type: atomic 6818 mode: 6819 description: 'Optional: mode bits used 6820 to set permissions on this file, must 6821 be an octal value between 0000 and 6822 0777 or a decimal value between 0 6823 and 511. YAML accepts both octal and 6824 decimal values, JSON requires decimal 6825 values for mode bits. If not specified, 6826 the volume defaultMode will be used.' 6827 format: int32 6828 type: integer 6829 path: 6830 description: 'Required: Path is the 6831 relative path name of the file to 6832 be created. Must not be absolute or 6833 contain the ''..'' path. Must be utf-8 6834 encoded. The first item of the relative 6835 path must not start with ''..''' 6836 type: string 6837 resourceFieldRef: 6838 description: 'Selects a resource of 6839 the container: only resources limits 6840 and requests (limits.cpu, limits.memory, 6841 requests.cpu and requests.memory) 6842 are currently supported.' 6843 properties: 6844 containerName: 6845 description: 'Container name: required 6846 for volumes, optional for env 6847 vars' 6848 type: string 6849 divisor: 6850 anyOf: 6851 - type: integer 6852 - type: string 6853 description: Specifies the output 6854 format of the exposed resources, 6855 defaults to "1" 6856 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6857 x-kubernetes-int-or-string: true 6858 resource: 6859 description: 'Required: resource 6860 to select' 6861 type: string 6862 required: 6863 - resource 6864 type: object 6865 x-kubernetes-map-type: atomic 6866 required: 6867 - path 6868 type: object 6869 type: array 6870 type: object 6871 emptyDir: 6872 description: 'emptyDir represents a temporary 6873 directory that shares a pod''s lifetime. More 6874 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6875 properties: 6876 medium: 6877 description: 'medium represents what type 6878 of storage medium should back this directory. 6879 The default is "" which means to use the 6880 node''s default medium. Must be an empty 6881 string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6882 type: string 6883 sizeLimit: 6884 anyOf: 6885 - type: integer 6886 - type: string 6887 description: 'sizeLimit is the total amount 6888 of local storage required for this EmptyDir 6889 volume. The size limit is also applicable 6890 for memory medium. The maximum usage on 6891 memory medium EmptyDir would be the minimum 6892 value between the SizeLimit specified here 6893 and the sum of memory limits of all containers 6894 in a pod. The default is nil which means 6895 that the limit is undefined. More info: 6896 https://kubernetes.' 6897 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6898 x-kubernetes-int-or-string: true 6899 type: object 6900 ephemeral: 6901 description: ephemeral represents a volume that 6902 is handled by a cluster storage driver. The 6903 volume's lifecycle is tied to the pod that defines 6904 it - it will be created before the pod starts, 6905 and deleted when the pod is removed. 6906 properties: 6907 volumeClaimTemplate: 6908 description: Will be used to create a stand-alone 6909 PVC to provision the volume. The pod in 6910 which this EphemeralVolumeSource is embedded 6911 will be the owner of the PVC, i.e. the PVC 6912 will be deleted together with the pod. The 6913 name of the PVC will be `<pod name>-<volume 6914 name>` where `<volume name>` is the name 6915 from the `PodSpec.Volumes` array entry. 6916 properties: 6917 metadata: 6918 description: May contain labels and annotations 6919 that will be copied into the PVC when 6920 creating it. No other fields are allowed 6921 and will be rejected during validation. 6922 properties: 6923 annotations: 6924 additionalProperties: 6925 type: string 6926 type: object 6927 finalizers: 6928 items: 6929 type: string 6930 type: array 6931 labels: 6932 additionalProperties: 6933 type: string 6934 type: object 6935 name: 6936 type: string 6937 namespace: 6938 type: string 6939 type: object 6940 spec: 6941 description: The specification for the 6942 PersistentVolumeClaim. The entire content 6943 is copied unchanged into the PVC that 6944 gets created from this template. The 6945 same fields as in a PersistentVolumeClaim 6946 are also valid here. 6947 properties: 6948 accessModes: 6949 description: 'accessModes contains 6950 the desired access modes the volume 6951 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6952 items: 6953 type: string 6954 type: array 6955 dataSource: 6956 description: 'dataSource field can 6957 be used to specify either: * An 6958 existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6959 * An existing PVC (PersistentVolumeClaim) 6960 If the provisioner or an external 6961 controller can support the specified 6962 data source, it will create a new 6963 volume based on the contents of 6964 the specified data source.' 6965 properties: 6966 apiGroup: 6967 description: APIGroup is the group 6968 for the resource being referenced. 6969 If APIGroup is not specified, 6970 the specified Kind must be in 6971 the core API group. For any 6972 other third-party types, APIGroup 6973 is required. 6974 type: string 6975 kind: 6976 description: Kind is the type 6977 of resource being referenced 6978 type: string 6979 name: 6980 description: Name is the name 6981 of resource being referenced 6982 type: string 6983 required: 6984 - kind 6985 - name 6986 type: object 6987 x-kubernetes-map-type: atomic 6988 dataSourceRef: 6989 description: dataSourceRef specifies 6990 the object from which to populate 6991 the volume with data, if a non-empty 6992 volume is desired. This may be any 6993 object from a non-empty API group 6994 (non core object) or a PersistentVolumeClaim 6995 object. When this field is specified, 6996 volume binding will only succeed 6997 if the type of the specified object 6998 matches some installed volume populator 6999 or dynamic provisioner. 7000 properties: 7001 apiGroup: 7002 description: APIGroup is the group 7003 for the resource being referenced. 7004 If APIGroup is not specified, 7005 the specified Kind must be in 7006 the core API group. For any 7007 other third-party types, APIGroup 7008 is required. 7009 type: string 7010 kind: 7011 description: Kind is the type 7012 of resource being referenced 7013 type: string 7014 name: 7015 description: Name is the name 7016 of resource being referenced 7017 type: string 7018 namespace: 7019 description: Namespace is the 7020 namespace of resource being 7021 referenced Note that when a 7022 namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 7023 object is required in the referent 7024 namespace to allow that namespace's 7025 owner to accept the reference. 7026 See the ReferenceGrant documentation 7027 for details. (Alpha) This field 7028 requires the CrossNamespaceVolumeDataSource 7029 feature gate to be enabled. 7030 type: string 7031 required: 7032 - kind 7033 - name 7034 type: object 7035 resources: 7036 description: 'resources represents 7037 the minimum resources the volume 7038 should have. If RecoverVolumeExpansionFailure 7039 feature is enabled users are allowed 7040 to specify resource requirements 7041 that are lower than previous value 7042 but must still be higher than capacity 7043 recorded in the status field of 7044 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7045 properties: 7046 claims: 7047 description: "Claims lists the 7048 names of resources, defined 7049 in spec.resourceClaims, that 7050 are used by this container. 7051 \n This is an alpha field and 7052 requires enabling the DynamicResourceAllocation 7053 feature gate. \n This field 7054 is immutable. It can only be 7055 set for containers." 7056 items: 7057 description: ResourceClaim references 7058 one entry in PodSpec.ResourceClaims. 7059 properties: 7060 name: 7061 description: Name must match 7062 the name of one entry 7063 in pod.spec.resourceClaims 7064 of the Pod where this 7065 field is used. It makes 7066 that resource available 7067 inside a container. 7068 type: string 7069 required: 7070 - name 7071 type: object 7072 type: array 7073 x-kubernetes-list-map-keys: 7074 - name 7075 x-kubernetes-list-type: map 7076 limits: 7077 additionalProperties: 7078 anyOf: 7079 - type: integer 7080 - type: string 7081 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7082 x-kubernetes-int-or-string: true 7083 description: 'Limits describes 7084 the maximum amount of compute 7085 resources allowed. More info: 7086 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7087 type: object 7088 requests: 7089 additionalProperties: 7090 anyOf: 7091 - type: integer 7092 - type: string 7093 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7094 x-kubernetes-int-or-string: true 7095 description: 'Requests describes 7096 the minimum amount of compute 7097 resources required. If Requests 7098 is omitted for a container, 7099 it defaults to Limits if that 7100 is explicitly specified, otherwise 7101 to an implementation-defined 7102 value. Requests cannot exceed 7103 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7104 type: object 7105 type: object 7106 selector: 7107 description: selector is a label query 7108 over volumes to consider for binding. 7109 properties: 7110 matchExpressions: 7111 description: matchExpressions 7112 is a list of label selector 7113 requirements. The requirements 7114 are ANDed. 7115 items: 7116 description: A label selector 7117 requirement is a selector 7118 that contains values, a key, 7119 and an operator that relates 7120 the key and values. 7121 properties: 7122 key: 7123 description: key is the 7124 label key that the selector 7125 applies to. 7126 type: string 7127 operator: 7128 description: operator represents 7129 a key's relationship to 7130 a set of values. Valid 7131 operators are In, NotIn, 7132 Exists and DoesNotExist. 7133 type: string 7134 values: 7135 description: values is an 7136 array of string values. 7137 If the operator is In 7138 or NotIn, the values array 7139 must be non-empty. If 7140 the operator is Exists 7141 or DoesNotExist, the values 7142 array must be empty. This 7143 array is replaced during 7144 a strategic merge patch. 7145 items: 7146 type: string 7147 type: array 7148 required: 7149 - key 7150 - operator 7151 type: object 7152 type: array 7153 matchLabels: 7154 additionalProperties: 7155 type: string 7156 description: matchLabels is a 7157 map of {key,value} pairs. A 7158 single {key,value} in the matchLabels 7159 map is equivalent to an element 7160 of matchExpressions, whose key 7161 field is "key", the operator 7162 is "In", and the values array 7163 contains only "value". The requirements 7164 are ANDed. 7165 type: object 7166 type: object 7167 x-kubernetes-map-type: atomic 7168 storageClassName: 7169 description: 'storageClassName is 7170 the name of the StorageClass required 7171 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7172 type: string 7173 volumeMode: 7174 description: volumeMode defines what 7175 type of volume is required by the 7176 claim. Value of Filesystem is implied 7177 when not included in claim spec. 7178 type: string 7179 volumeName: 7180 description: volumeName is the binding 7181 reference to the PersistentVolume 7182 backing this claim. 7183 type: string 7184 type: object 7185 required: 7186 - spec 7187 type: object 7188 type: object 7189 fc: 7190 description: fc represents a Fibre Channel resource 7191 that is attached to a kubelet's host machine 7192 and then exposed to the pod. 7193 properties: 7194 fsType: 7195 description: 'fsType is the filesystem type 7196 to mount. Must be a filesystem type supported 7197 by the host operating system. Ex. "ext4", 7198 "xfs", "ntfs". Implicitly inferred to be 7199 "ext4" if unspecified. TODO: how do we prevent 7200 errors in the filesystem from compromising 7201 the machine' 7202 type: string 7203 lun: 7204 description: 'lun is Optional: FC target lun 7205 number' 7206 format: int32 7207 type: integer 7208 readOnly: 7209 description: 'readOnly is Optional: Defaults 7210 to false (read/write). ReadOnly here will 7211 force the ReadOnly setting in VolumeMounts.' 7212 type: boolean 7213 targetWWNs: 7214 description: 'targetWWNs is Optional: FC target 7215 worldwide names (WWNs)' 7216 items: 7217 type: string 7218 type: array 7219 wwids: 7220 description: 'wwids Optional: FC volume world 7221 wide identifiers (wwids) Either wwids or 7222 combination of targetWWNs and lun must be 7223 set, but not both simultaneously.' 7224 items: 7225 type: string 7226 type: array 7227 type: object 7228 flexVolume: 7229 description: flexVolume represents a generic volume 7230 resource that is provisioned/attached using 7231 an exec based plugin. 7232 properties: 7233 driver: 7234 description: driver is the name of the driver 7235 to use for this volume. 7236 type: string 7237 fsType: 7238 description: fsType is the filesystem type 7239 to mount. Must be a filesystem type supported 7240 by the host operating system. Ex. "ext4", 7241 "xfs", "ntfs". The default filesystem depends 7242 on FlexVolume script. 7243 type: string 7244 options: 7245 additionalProperties: 7246 type: string 7247 description: 'options is Optional: this field 7248 holds extra command options if any.' 7249 type: object 7250 readOnly: 7251 description: 'readOnly is Optional: defaults 7252 to false (read/write). ReadOnly here will 7253 force the ReadOnly setting in VolumeMounts.' 7254 type: boolean 7255 secretRef: 7256 description: 'secretRef is Optional: secretRef 7257 is reference to the secret object containing 7258 sensitive information to pass to the plugin 7259 scripts. This may be empty if no secret 7260 object is specified. If the secret object 7261 contains more than one secret, all secrets 7262 are passed to the plugin scripts.' 7263 properties: 7264 name: 7265 description: 'Name of the referent. More 7266 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7267 TODO: Add other useful fields. apiVersion, 7268 kind, uid?' 7269 type: string 7270 type: object 7271 x-kubernetes-map-type: atomic 7272 required: 7273 - driver 7274 type: object 7275 flocker: 7276 description: flocker represents a Flocker volume 7277 attached to a kubelet's host machine. This depends 7278 on the Flocker control service being running 7279 properties: 7280 datasetName: 7281 description: datasetName is Name of the dataset 7282 stored as metadata -> name on the dataset 7283 for Flocker should be considered as deprecated 7284 type: string 7285 datasetUUID: 7286 description: datasetUUID is the UUID of the 7287 dataset. This is unique identifier of a 7288 Flocker dataset 7289 type: string 7290 type: object 7291 gcePersistentDisk: 7292 description: 'gcePersistentDisk represents a GCE 7293 Disk resource that is attached to a kubelet''s 7294 host machine and then exposed to the pod. More 7295 info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7296 properties: 7297 fsType: 7298 description: 'fsType is filesystem type of 7299 the volume that you want to mount. Tip: 7300 Ensure that the filesystem type is supported 7301 by the host operating system. Examples: 7302 "ext4", "xfs", "ntfs". Implicitly inferred 7303 to be "ext4" if unspecified. More info: 7304 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 7305 TODO: how do we prevent errors in the filesystem 7306 from compromising the machine' 7307 type: string 7308 partition: 7309 description: 'partition is the partition in 7310 the volume that you want to mount. If omitted, 7311 the default is to mount by volume name. 7312 Examples: For volume /dev/sda1, you specify 7313 the partition as "1". Similarly, the volume 7314 partition for /dev/sda is "0" (or you can 7315 leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7316 format: int32 7317 type: integer 7318 pdName: 7319 description: 'pdName is unique name of the 7320 PD resource in GCE. Used to identify the 7321 disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7322 type: string 7323 readOnly: 7324 description: 'readOnly here will force the 7325 ReadOnly setting in VolumeMounts. Defaults 7326 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7327 type: boolean 7328 required: 7329 - pdName 7330 type: object 7331 gitRepo: 7332 description: 'gitRepo represents a git repository 7333 at a particular revision. DEPRECATED: GitRepo 7334 is deprecated. To provision a container with 7335 a git repo, mount an EmptyDir into an InitContainer 7336 that clones the repo using git, then mount the 7337 EmptyDir into the Pod''s container.' 7338 properties: 7339 directory: 7340 description: directory is the target directory 7341 name. Must not contain or start with '..'. If 7342 '.' is supplied, the volume directory will 7343 be the git repository. Otherwise, if specified, 7344 the volume will contain the git repository 7345 in the subdirectory with the given name. 7346 type: string 7347 repository: 7348 description: repository is the URL 7349 type: string 7350 revision: 7351 description: revision is the commit hash for 7352 the specified revision. 7353 type: string 7354 required: 7355 - repository 7356 type: object 7357 glusterfs: 7358 description: 'glusterfs represents a Glusterfs 7359 mount on the host that shares a pod''s lifetime. 7360 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 7361 properties: 7362 endpoints: 7363 description: 'endpoints is the endpoint name 7364 that details Glusterfs topology. More info: 7365 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7366 type: string 7367 path: 7368 description: 'path is the Glusterfs volume 7369 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7370 type: string 7371 readOnly: 7372 description: 'readOnly here will force the 7373 Glusterfs volume to be mounted with read-only 7374 permissions. Defaults to false. More info: 7375 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7376 type: boolean 7377 required: 7378 - endpoints 7379 - path 7380 type: object 7381 hostPath: 7382 description: 'hostPath represents a pre-existing 7383 file or directory on the host machine that is 7384 directly exposed to the container. This is generally 7385 used for system agents or other privileged things 7386 that are allowed to see the host machine. Most 7387 containers will NOT need this. More info: https://kubernetes.' 7388 properties: 7389 path: 7390 description: 'path of the directory on the 7391 host. If the path is a symlink, it will 7392 follow the link to the real path. More info: 7393 https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7394 type: string 7395 type: 7396 description: 'type for HostPath Volume Defaults 7397 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7398 type: string 7399 required: 7400 - path 7401 type: object 7402 iscsi: 7403 description: 'iscsi represents an ISCSI Disk resource 7404 that is attached to a kubelet''s host machine 7405 and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 7406 properties: 7407 chapAuthDiscovery: 7408 description: chapAuthDiscovery defines whether 7409 support iSCSI Discovery CHAP authentication 7410 type: boolean 7411 chapAuthSession: 7412 description: chapAuthSession defines whether 7413 support iSCSI Session CHAP authentication 7414 type: boolean 7415 fsType: 7416 description: 'fsType is the filesystem type 7417 of the volume that you want to mount. Tip: 7418 Ensure that the filesystem type is supported 7419 by the host operating system. Examples: 7420 "ext4", "xfs", "ntfs". Implicitly inferred 7421 to be "ext4" if unspecified. More info: 7422 https://kubernetes.io/docs/concepts/storage/volumes#iscsi 7423 TODO: how do we prevent errors in the filesystem 7424 from compromising the machine' 7425 type: string 7426 initiatorName: 7427 description: initiatorName is the custom iSCSI 7428 Initiator Name. If initiatorName is specified 7429 with iscsiInterface simultaneously, new 7430 iSCSI interface <target portal>:<volume 7431 name> will be created for the connection. 7432 type: string 7433 iqn: 7434 description: iqn is the target iSCSI Qualified 7435 Name. 7436 type: string 7437 iscsiInterface: 7438 description: iscsiInterface is the interface 7439 Name that uses an iSCSI transport. Defaults 7440 to 'default' (tcp). 7441 type: string 7442 lun: 7443 description: lun represents iSCSI Target Lun 7444 number. 7445 format: int32 7446 type: integer 7447 portals: 7448 description: portals is the iSCSI Target Portal 7449 List. The portal is either an IP or ip_addr:port 7450 if the port is other than default (typically 7451 TCP ports 860 and 3260). 7452 items: 7453 type: string 7454 type: array 7455 readOnly: 7456 description: readOnly here will force the 7457 ReadOnly setting in VolumeMounts. Defaults 7458 to false. 7459 type: boolean 7460 secretRef: 7461 description: secretRef is the CHAP Secret 7462 for iSCSI target and initiator authentication 7463 properties: 7464 name: 7465 description: 'Name of the referent. More 7466 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7467 TODO: Add other useful fields. apiVersion, 7468 kind, uid?' 7469 type: string 7470 type: object 7471 x-kubernetes-map-type: atomic 7472 targetPortal: 7473 description: targetPortal is iSCSI Target 7474 Portal. The Portal is either an IP or ip_addr:port 7475 if the port is other than default (typically 7476 TCP ports 860 and 3260). 7477 type: string 7478 required: 7479 - iqn 7480 - lun 7481 - targetPortal 7482 type: object 7483 name: 7484 description: 'name of the volume. Must be a DNS_LABEL 7485 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 7486 type: string 7487 nfs: 7488 description: 'nfs represents an NFS mount on the 7489 host that shares a pod''s lifetime More info: 7490 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7491 properties: 7492 path: 7493 description: 'path that is exported by the 7494 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7495 type: string 7496 readOnly: 7497 description: 'readOnly here will force the 7498 NFS export to be mounted with read-only 7499 permissions. Defaults to false. More info: 7500 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7501 type: boolean 7502 server: 7503 description: 'server is the hostname or IP 7504 address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7505 type: string 7506 required: 7507 - path 7508 - server 7509 type: object 7510 persistentVolumeClaim: 7511 description: 'persistentVolumeClaimVolumeSource 7512 represents a reference to a PersistentVolumeClaim 7513 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7514 properties: 7515 claimName: 7516 description: 'claimName is the name of a PersistentVolumeClaim 7517 in the same namespace as the pod using this 7518 volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7519 type: string 7520 readOnly: 7521 description: readOnly Will force the ReadOnly 7522 setting in VolumeMounts. Default false. 7523 type: boolean 7524 required: 7525 - claimName 7526 type: object 7527 photonPersistentDisk: 7528 description: photonPersistentDisk represents a 7529 PhotonController persistent disk attached and 7530 mounted on kubelets host machine 7531 properties: 7532 fsType: 7533 description: fsType is the filesystem type 7534 to mount. Must be a filesystem type supported 7535 by the host operating system. Ex. "ext4", 7536 "xfs", "ntfs". Implicitly inferred to be 7537 "ext4" if unspecified. 7538 type: string 7539 pdID: 7540 description: pdID is the ID that identifies 7541 Photon Controller persistent disk 7542 type: string 7543 required: 7544 - pdID 7545 type: object 7546 portworxVolume: 7547 description: portworxVolume represents a portworx 7548 volume attached and mounted on kubelets host 7549 machine 7550 properties: 7551 fsType: 7552 description: fSType represents the filesystem 7553 type to mount Must be a filesystem type 7554 supported by the host operating system. 7555 Ex. "ext4", "xfs". Implicitly inferred to 7556 be "ext4" if unspecified. 7557 type: string 7558 readOnly: 7559 description: readOnly defaults to false (read/write). 7560 ReadOnly here will force the ReadOnly setting 7561 in VolumeMounts. 7562 type: boolean 7563 volumeID: 7564 description: volumeID uniquely identifies 7565 a Portworx volume 7566 type: string 7567 required: 7568 - volumeID 7569 type: object 7570 projected: 7571 description: projected items for all in one resources 7572 secrets, configmaps, and downward API 7573 properties: 7574 defaultMode: 7575 description: defaultMode are the mode bits 7576 used to set permissions on created files 7577 by default. Must be an octal value between 7578 0000 and 0777 or a decimal value between 7579 0 and 511. YAML accepts both octal and decimal 7580 values, JSON requires decimal values for 7581 mode bits. Directories within the path are 7582 not affected by this setting. 7583 format: int32 7584 type: integer 7585 sources: 7586 description: sources is the list of volume 7587 projections 7588 items: 7589 description: Projection that may be projected 7590 along with other supported volume types 7591 properties: 7592 configMap: 7593 description: configMap information about 7594 the configMap data to project 7595 properties: 7596 items: 7597 description: items if unspecified, 7598 each key-value pair in the Data 7599 field of the referenced ConfigMap 7600 will be projected into the volume 7601 as a file whose name is the key 7602 and content is the value. If specified, 7603 the listed keys will be projected 7604 into the specified paths, and 7605 unlisted keys will not be present. 7606 items: 7607 description: Maps a string key 7608 to a path within a volume. 7609 properties: 7610 key: 7611 description: key is the key 7612 to project. 7613 type: string 7614 mode: 7615 description: 'mode is Optional: 7616 mode bits used to set permissions 7617 on this file. Must be an 7618 octal value between 0000 7619 and 0777 or a decimal value 7620 between 0 and 511. YAML 7621 accepts both octal and decimal 7622 values, JSON requires decimal 7623 values for mode bits. If 7624 not specified, the volume 7625 defaultMode will be used.' 7626 format: int32 7627 type: integer 7628 path: 7629 description: path is the relative 7630 path of the file to map 7631 the key to. May not be an 7632 absolute path. May not contain 7633 the path element '..'. May 7634 not start with the string 7635 '..'. 7636 type: string 7637 required: 7638 - key 7639 - path 7640 type: object 7641 type: array 7642 name: 7643 description: 'Name of the referent. 7644 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7645 TODO: Add other useful fields. 7646 apiVersion, kind, uid?' 7647 type: string 7648 optional: 7649 description: optional specify whether 7650 the ConfigMap or its keys must 7651 be defined 7652 type: boolean 7653 type: object 7654 x-kubernetes-map-type: atomic 7655 downwardAPI: 7656 description: downwardAPI information 7657 about the downwardAPI data to project 7658 properties: 7659 items: 7660 description: Items is a list of 7661 DownwardAPIVolume file 7662 items: 7663 description: DownwardAPIVolumeFile 7664 represents information to create 7665 the file containing the pod 7666 field 7667 properties: 7668 fieldRef: 7669 description: 'Required: Selects 7670 a field of the pod: only 7671 annotations, labels, name 7672 and namespace are supported.' 7673 properties: 7674 apiVersion: 7675 description: Version of 7676 the schema the FieldPath 7677 is written in terms 7678 of, defaults to "v1". 7679 type: string 7680 fieldPath: 7681 description: Path of the 7682 field to select in the 7683 specified API version. 7684 type: string 7685 required: 7686 - fieldPath 7687 type: object 7688 x-kubernetes-map-type: atomic 7689 mode: 7690 description: 'Optional: mode 7691 bits used to set permissions 7692 on this file, must be an 7693 octal value between 0000 7694 and 0777 or a decimal value 7695 between 0 and 511. YAML 7696 accepts both octal and decimal 7697 values, JSON requires decimal 7698 values for mode bits. If 7699 not specified, the volume 7700 defaultMode will be used.' 7701 format: int32 7702 type: integer 7703 path: 7704 description: 'Required: Path 7705 is the relative path name 7706 of the file to be created. 7707 Must not be absolute or 7708 contain the ''..'' path. 7709 Must be utf-8 encoded. The 7710 first item of the relative 7711 path must not start with 7712 ''..''' 7713 type: string 7714 resourceFieldRef: 7715 description: 'Selects a resource 7716 of the container: only resources 7717 limits and requests (limits.cpu, 7718 limits.memory, requests.cpu 7719 and requests.memory) are 7720 currently supported.' 7721 properties: 7722 containerName: 7723 description: 'Container 7724 name: required for volumes, 7725 optional for env vars' 7726 type: string 7727 divisor: 7728 anyOf: 7729 - type: integer 7730 - type: string 7731 description: Specifies 7732 the output format of 7733 the exposed resources, 7734 defaults to "1" 7735 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7736 x-kubernetes-int-or-string: true 7737 resource: 7738 description: 'Required: 7739 resource to select' 7740 type: string 7741 required: 7742 - resource 7743 type: object 7744 x-kubernetes-map-type: atomic 7745 required: 7746 - path 7747 type: object 7748 type: array 7749 type: object 7750 secret: 7751 description: secret information about 7752 the secret data to project 7753 properties: 7754 items: 7755 description: items if unspecified, 7756 each key-value pair in the Data 7757 field of the referenced Secret 7758 will be projected into the volume 7759 as a file whose name is the key 7760 and content is the value. If specified, 7761 the listed keys will be projected 7762 into the specified paths, and 7763 unlisted keys will not be present. 7764 items: 7765 description: Maps a string key 7766 to a path within a volume. 7767 properties: 7768 key: 7769 description: key is the key 7770 to project. 7771 type: string 7772 mode: 7773 description: 'mode is Optional: 7774 mode bits used to set permissions 7775 on this file. Must be an 7776 octal value between 0000 7777 and 0777 or a decimal value 7778 between 0 and 511. YAML 7779 accepts both octal and decimal 7780 values, JSON requires decimal 7781 values for mode bits. If 7782 not specified, the volume 7783 defaultMode will be used.' 7784 format: int32 7785 type: integer 7786 path: 7787 description: path is the relative 7788 path of the file to map 7789 the key to. May not be an 7790 absolute path. May not contain 7791 the path element '..'. May 7792 not start with the string 7793 '..'. 7794 type: string 7795 required: 7796 - key 7797 - path 7798 type: object 7799 type: array 7800 name: 7801 description: 'Name of the referent. 7802 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7803 TODO: Add other useful fields. 7804 apiVersion, kind, uid?' 7805 type: string 7806 optional: 7807 description: optional field specify 7808 whether the Secret or its key 7809 must be defined 7810 type: boolean 7811 type: object 7812 x-kubernetes-map-type: atomic 7813 serviceAccountToken: 7814 description: serviceAccountToken is 7815 information about the serviceAccountToken 7816 data to project 7817 properties: 7818 audience: 7819 description: audience is the intended 7820 audience of the token. A recipient 7821 of a token must identify itself 7822 with an identifier specified in 7823 the audience of the token, and 7824 otherwise should reject the token. 7825 The audience defaults to the identifier 7826 of the apiserver. 7827 type: string 7828 expirationSeconds: 7829 description: expirationSeconds is 7830 the requested duration of validity 7831 of the service account token. 7832 As the token approaches expiration, 7833 the kubelet volume plugin will 7834 proactively rotate the service 7835 account token. The kubelet will 7836 start trying to rotate the token 7837 if the token is older than 80 7838 percent of its time to live or 7839 if the token is older than 24 7840 hours.Defaults to 1 hour and must 7841 be at least 10 minutes. 7842 format: int64 7843 type: integer 7844 path: 7845 description: path is the path relative 7846 to the mount point of the file 7847 to project the token into. 7848 type: string 7849 required: 7850 - path 7851 type: object 7852 type: object 7853 type: array 7854 type: object 7855 quobyte: 7856 description: quobyte represents a Quobyte mount 7857 on the host that shares a pod's lifetime 7858 properties: 7859 group: 7860 description: group to map volume access to 7861 Default is no group 7862 type: string 7863 readOnly: 7864 description: readOnly here will force the 7865 Quobyte volume to be mounted with read-only 7866 permissions. Defaults to false. 7867 type: boolean 7868 registry: 7869 description: registry represents a single 7870 or multiple Quobyte Registry services specified 7871 as a string as host:port pair (multiple 7872 entries are separated with commas) which 7873 acts as the central registry for volumes 7874 type: string 7875 tenant: 7876 description: tenant owning the given Quobyte 7877 volume in the Backend Used with dynamically 7878 provisioned Quobyte volumes, value is set 7879 by the plugin 7880 type: string 7881 user: 7882 description: user to map volume access to 7883 Defaults to serivceaccount user 7884 type: string 7885 volume: 7886 description: volume is a string that references 7887 an already created Quobyte volume by name. 7888 type: string 7889 required: 7890 - registry 7891 - volume 7892 type: object 7893 rbd: 7894 description: 'rbd represents a Rados Block Device 7895 mount on the host that shares a pod''s lifetime. 7896 More info: https://examples.k8s.io/volumes/rbd/README.md' 7897 properties: 7898 fsType: 7899 description: 'fsType is the filesystem type 7900 of the volume that you want to mount. Tip: 7901 Ensure that the filesystem type is supported 7902 by the host operating system. Examples: 7903 "ext4", "xfs", "ntfs". Implicitly inferred 7904 to be "ext4" if unspecified. More info: 7905 https://kubernetes.io/docs/concepts/storage/volumes#rbd 7906 TODO: how do we prevent errors in the filesystem 7907 from compromising the machine' 7908 type: string 7909 image: 7910 description: 'image is the rados image name. 7911 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7912 type: string 7913 keyring: 7914 description: 'keyring is the path to key ring 7915 for RBDUser. Default is /etc/ceph/keyring. 7916 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7917 type: string 7918 monitors: 7919 description: 'monitors is a collection of 7920 Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7921 items: 7922 type: string 7923 type: array 7924 pool: 7925 description: 'pool is the rados pool name. 7926 Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7927 type: string 7928 readOnly: 7929 description: 'readOnly here will force the 7930 ReadOnly setting in VolumeMounts. Defaults 7931 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7932 type: boolean 7933 secretRef: 7934 description: 'secretRef is name of the authentication 7935 secret for RBDUser. If provided overrides 7936 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7937 properties: 7938 name: 7939 description: 'Name of the referent. More 7940 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7941 TODO: Add other useful fields. apiVersion, 7942 kind, uid?' 7943 type: string 7944 type: object 7945 x-kubernetes-map-type: atomic 7946 user: 7947 description: 'user is the rados user name. 7948 Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7949 type: string 7950 required: 7951 - image 7952 - monitors 7953 type: object 7954 scaleIO: 7955 description: scaleIO represents a ScaleIO persistent 7956 volume attached and mounted on Kubernetes nodes. 7957 properties: 7958 fsType: 7959 description: fsType is the filesystem type 7960 to mount. Must be a filesystem type supported 7961 by the host operating system. Ex. "ext4", 7962 "xfs", "ntfs". Default is "xfs". 7963 type: string 7964 gateway: 7965 description: gateway is the host address of 7966 the ScaleIO API Gateway. 7967 type: string 7968 protectionDomain: 7969 description: protectionDomain is the name 7970 of the ScaleIO Protection Domain for the 7971 configured storage. 7972 type: string 7973 readOnly: 7974 description: readOnly Defaults to false (read/write). 7975 ReadOnly here will force the ReadOnly setting 7976 in VolumeMounts. 7977 type: boolean 7978 secretRef: 7979 description: secretRef references to the secret 7980 for ScaleIO user and other sensitive information. 7981 If this is not provided, Login operation 7982 will fail. 7983 properties: 7984 name: 7985 description: 'Name of the referent. More 7986 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7987 TODO: Add other useful fields. apiVersion, 7988 kind, uid?' 7989 type: string 7990 type: object 7991 x-kubernetes-map-type: atomic 7992 sslEnabled: 7993 description: sslEnabled Flag enable/disable 7994 SSL communication with Gateway, default 7995 false 7996 type: boolean 7997 storageMode: 7998 description: storageMode indicates whether 7999 the storage for a volume should be ThickProvisioned 8000 or ThinProvisioned. Default is ThinProvisioned. 8001 type: string 8002 storagePool: 8003 description: storagePool is the ScaleIO Storage 8004 Pool associated with the protection domain. 8005 type: string 8006 system: 8007 description: system is the name of the storage 8008 system as configured in ScaleIO. 8009 type: string 8010 volumeName: 8011 description: volumeName is the name of a volume 8012 already created in the ScaleIO system that 8013 is associated with this volume source. 8014 type: string 8015 required: 8016 - gateway 8017 - secretRef 8018 - system 8019 type: object 8020 secret: 8021 description: 'secret represents a secret that 8022 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8023 properties: 8024 defaultMode: 8025 description: 'defaultMode is Optional: mode 8026 bits used to set permissions on created 8027 files by default. Must be an octal value 8028 between 0000 and 0777 or a decimal value 8029 between 0 and 511. YAML accepts both octal 8030 and decimal values, JSON requires decimal 8031 values for mode bits. Defaults to 0644. 8032 Directories within the path are not affected 8033 by this setting.' 8034 format: int32 8035 type: integer 8036 items: 8037 description: items If unspecified, each key-value 8038 pair in the Data field of the referenced 8039 Secret will be projected into the volume 8040 as a file whose name is the key and content 8041 is the value. If specified, the listed keys 8042 will be projected into the specified paths, 8043 and unlisted keys will not be present. 8044 items: 8045 description: Maps a string key to a path 8046 within a volume. 8047 properties: 8048 key: 8049 description: key is the key to project. 8050 type: string 8051 mode: 8052 description: 'mode is Optional: mode 8053 bits used to set permissions on this 8054 file. Must be an octal value between 8055 0000 and 0777 or a decimal value between 8056 0 and 511. YAML accepts both octal 8057 and decimal values, JSON requires 8058 decimal values for mode bits. If not 8059 specified, the volume defaultMode 8060 will be used.' 8061 format: int32 8062 type: integer 8063 path: 8064 description: path is the relative path 8065 of the file to map the key to. May 8066 not be an absolute path. May not contain 8067 the path element '..'. May not start 8068 with the string '..'. 8069 type: string 8070 required: 8071 - key 8072 - path 8073 type: object 8074 type: array 8075 optional: 8076 description: optional field specify whether 8077 the Secret or its keys must be defined 8078 type: boolean 8079 secretName: 8080 description: 'secretName is the name of the 8081 secret in the pod''s namespace to use. More 8082 info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8083 type: string 8084 type: object 8085 storageos: 8086 description: storageOS represents a StorageOS 8087 volume attached and mounted on Kubernetes nodes. 8088 properties: 8089 fsType: 8090 description: fsType is the filesystem type 8091 to mount. Must be a filesystem type supported 8092 by the host operating system. Ex. "ext4", 8093 "xfs", "ntfs". Implicitly inferred to be 8094 "ext4" if unspecified. 8095 type: string 8096 readOnly: 8097 description: readOnly defaults to false (read/write). 8098 ReadOnly here will force the ReadOnly setting 8099 in VolumeMounts. 8100 type: boolean 8101 secretRef: 8102 description: secretRef specifies the secret 8103 to use for obtaining the StorageOS API credentials. If 8104 not specified, default values will be attempted. 8105 properties: 8106 name: 8107 description: 'Name of the referent. More 8108 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8109 TODO: Add other useful fields. apiVersion, 8110 kind, uid?' 8111 type: string 8112 type: object 8113 x-kubernetes-map-type: atomic 8114 volumeName: 8115 description: volumeName is the human-readable 8116 name of the StorageOS volume. Volume names 8117 are only unique within a namespace. 8118 type: string 8119 volumeNamespace: 8120 description: volumeNamespace specifies the 8121 scope of the volume within StorageOS. If 8122 no namespace is specified then the Pod's 8123 namespace will be used. This allows the 8124 Kubernetes name scoping to be mirrored within 8125 StorageOS for tighter integration. Set VolumeName 8126 to any name to override the default behaviour. 8127 Set to "default" if you are not using namespaces 8128 within StorageOS. 8129 type: string 8130 type: object 8131 vsphereVolume: 8132 description: vsphereVolume represents a vSphere 8133 volume attached and mounted on kubelets host 8134 machine 8135 properties: 8136 fsType: 8137 description: fsType is filesystem type to 8138 mount. Must be a filesystem type supported 8139 by the host operating system. Ex. "ext4", 8140 "xfs", "ntfs". Implicitly inferred to be 8141 "ext4" if unspecified. 8142 type: string 8143 storagePolicyID: 8144 description: storagePolicyID is the storage 8145 Policy Based Management (SPBM) profile ID 8146 associated with the StoragePolicyName. 8147 type: string 8148 storagePolicyName: 8149 description: storagePolicyName is the storage 8150 Policy Based Management (SPBM) profile name. 8151 type: string 8152 volumePath: 8153 description: volumePath is the path that identifies 8154 vSphere volume vmdk 8155 type: string 8156 required: 8157 - volumePath 8158 type: object 8159 required: 8160 - name 8161 type: object 8162 type: array 8163 required: 8164 - containers 8165 type: object 8166 type: object 8167 type: object 8168 description: 'A map of PaddleReplicaType (type) to ReplicaSpec (value). 8169 Specifies the Paddle cluster configuration. For example, { "Master": 8170 PaddleReplicaSpec, "Worker": PaddleReplicaSpec, }' 8171 type: object 8172 runPolicy: 8173 description: RunPolicy encapsulates various runtime policies of the 8174 distributed training job, for example how to clean up resources 8175 and how long the job can stay active. 8176 properties: 8177 activeDeadlineSeconds: 8178 description: Specifies the duration in seconds relative to the 8179 startTime that the job may be active before the system tries 8180 to terminate it; value must be positive integer. 8181 format: int64 8182 type: integer 8183 backoffLimit: 8184 description: Optional number of retries before marking this job 8185 failed. 8186 format: int32 8187 type: integer 8188 cleanPodPolicy: 8189 description: CleanPodPolicy defines the policy to kill pods after 8190 the job completes. Default to None. 8191 type: string 8192 schedulingPolicy: 8193 description: SchedulingPolicy defines the policy related to scheduling, 8194 e.g. gang-scheduling 8195 properties: 8196 minAvailable: 8197 format: int32 8198 type: integer 8199 minResources: 8200 additionalProperties: 8201 anyOf: 8202 - type: integer 8203 - type: string 8204 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8205 x-kubernetes-int-or-string: true 8206 type: object 8207 priorityClass: 8208 type: string 8209 queue: 8210 type: string 8211 scheduleTimeoutSeconds: 8212 format: int32 8213 type: integer 8214 type: object 8215 suspend: 8216 default: false 8217 description: suspend specifies whether the Job controller should 8218 create Pods or not. If a Job is created with suspend set to 8219 true, no Pods are created by the Job controller. If a Job is 8220 suspended after creation (i.e. the flag goes from false to true), 8221 the Job controller will delete all active Pods and PodGroups 8222 associated with this Job. Users must design their workload to 8223 gracefully handle this. 8224 type: boolean 8225 ttlSecondsAfterFinished: 8226 description: TTLSecondsAfterFinished is the TTL to clean up jobs. 8227 It may take extra ReconcilePeriod seconds for the cleanup, since 8228 reconcile gets called periodically. Default to infinite. 8229 format: int32 8230 type: integer 8231 type: object 8232 required: 8233 - paddleReplicaSpecs 8234 type: object 8235 status: 8236 description: Most recently observed status of the PaddleJob. Read-only 8237 (modified by the system). 8238 properties: 8239 completionTime: 8240 description: Represents time when the job was completed. It is not 8241 guaranteed to be set in happens-before order across separate operations. 8242 It is represented in RFC3339 form and is in UTC. 8243 format: date-time 8244 type: string 8245 conditions: 8246 description: Conditions is an array of current observed job conditions. 8247 items: 8248 description: JobCondition describes the state of the job at a certain 8249 point. 8250 properties: 8251 lastTransitionTime: 8252 description: Last time the condition transitioned from one status 8253 to another. 8254 format: date-time 8255 type: string 8256 lastUpdateTime: 8257 description: The last time this condition was updated. 8258 format: date-time 8259 type: string 8260 message: 8261 description: A human readable message indicating details about 8262 the transition. 8263 type: string 8264 reason: 8265 description: The reason for the condition's last transition. 8266 type: string 8267 status: 8268 description: Status of the condition, one of True, False, Unknown. 8269 type: string 8270 type: 8271 description: Type of job condition. 8272 type: string 8273 required: 8274 - status 8275 - type 8276 type: object 8277 type: array 8278 lastReconcileTime: 8279 description: Represents last time when the job was reconciled. It 8280 is not guaranteed to be set in happens-before order across separate 8281 operations. It is represented in RFC3339 form and is in UTC. 8282 format: date-time 8283 type: string 8284 replicaStatuses: 8285 additionalProperties: 8286 description: ReplicaStatus represents the current observed state 8287 of the replica. 8288 properties: 8289 active: 8290 description: The number of actively running pods. 8291 format: int32 8292 type: integer 8293 failed: 8294 description: The number of pods which reached phase Failed. 8295 format: int32 8296 type: integer 8297 labelSelector: 8298 description: 'Deprecated: Use Selector instead' 8299 properties: 8300 matchExpressions: 8301 description: matchExpressions is a list of label selector 8302 requirements. The requirements are ANDed. 8303 items: 8304 description: A label selector requirement is a selector 8305 that contains values, a key, and an operator that relates 8306 the key and values. 8307 properties: 8308 key: 8309 description: key is the label key that the selector 8310 applies to. 8311 type: string 8312 operator: 8313 description: operator represents a key's relationship 8314 to a set of values. Valid operators are In, NotIn, 8315 Exists and DoesNotExist. 8316 type: string 8317 values: 8318 description: values is an array of string values. 8319 If the operator is In or NotIn, the values array 8320 must be non-empty. If the operator is Exists or 8321 DoesNotExist, the values array must be empty. This 8322 array is replaced during a strategic merge patch. 8323 items: 8324 type: string 8325 type: array 8326 required: 8327 - key 8328 - operator 8329 type: object 8330 type: array 8331 matchLabels: 8332 additionalProperties: 8333 type: string 8334 description: matchLabels is a map of {key,value} pairs. 8335 A single {key,value} in the matchLabels map is equivalent 8336 to an element of matchExpressions, whose key field is 8337 "key", the operator is "In", and the values array contains 8338 only "value". The requirements are ANDed. 8339 type: object 8340 type: object 8341 x-kubernetes-map-type: atomic 8342 selector: 8343 description: A Selector is a label query over a set of resources. 8344 The result of matchLabels and matchExpressions are ANDed. 8345 An empty Selector matches all objects. A null Selector matches 8346 no objects. 8347 type: string 8348 succeeded: 8349 description: The number of pods which reached phase Succeeded. 8350 format: int32 8351 type: integer 8352 type: object 8353 description: ReplicaStatuses is map of ReplicaType and ReplicaStatus, 8354 specifies the status of each replica. 8355 type: object 8356 startTime: 8357 description: Represents time when the job was acknowledged by the 8358 job controller. It is not guaranteed to be set in happens-before 8359 order across separate operations. It is represented in RFC3339 form 8360 and is in UTC. 8361 format: date-time 8362 type: string 8363 type: object 8364 type: object 8365 served: true 8366 storage: true 8367 subresources: 8368 scale: 8369 labelSelectorPath: .status.replicaStatuses.Worker.selector 8370 specReplicasPath: .spec.paddleReplicaSpecs.Worker.replicas 8371 statusReplicasPath: .status.replicaStatuses.Worker.active 8372 status: {}