github.com/kubeflow/training-operator@v1.7.0/manifests/base/crds/kubeflow.org_pytorchjobs.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.12.0 7 name: pytorchjobs.kubeflow.org 8 spec: 9 group: kubeflow.org 10 names: 11 kind: PyTorchJob 12 listKind: PyTorchJobList 13 plural: pytorchjobs 14 singular: pytorchjob 15 scope: Namespaced 16 versions: 17 - additionalPrinterColumns: 18 - jsonPath: .status.conditions[-1:].type 19 name: State 20 type: string 21 - jsonPath: .metadata.creationTimestamp 22 name: Age 23 type: date 24 name: v1 25 schema: 26 openAPIV3Schema: 27 description: PyTorchJob Represents a PyTorchJob resource. 28 properties: 29 apiVersion: 30 description: 'APIVersion defines the versioned schema of this representation 31 of an object. Servers should convert recognized schemas to the latest 32 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 33 type: string 34 kind: 35 description: 'Kind is a string value representing the REST resource this 36 object represents. Servers may infer this from the endpoint the client 37 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 38 type: string 39 metadata: 40 type: object 41 spec: 42 description: Specification of the desired state of the PyTorchJob. 43 properties: 44 elasticPolicy: 45 properties: 46 maxReplicas: 47 description: upper limit for the number of pods that can be set 48 by the autoscaler; cannot be smaller than MinReplicas, defaults 49 to null. 50 format: int32 51 type: integer 52 maxRestarts: 53 format: int32 54 type: integer 55 metrics: 56 description: Metrics contains the specifications which are used 57 to calculate the desired replica count (the maximum replica 58 count across all metrics will be used). The desired replica 59 count is calculated with multiplying the ratio between the target 60 value and the current value by the current number of pods. Ergo, 61 metrics used must decrease as the pod count is increased, and 62 vice-versa. 63 items: 64 description: MetricSpec specifies how to scale based on a single 65 metric (only `type` and one other matching field should be 66 set at once). 67 properties: 68 containerResource: 69 description: containerResource refers to a resource metric 70 (such as those specified in requests and limits) known 71 to Kubernetes describing a single container in each pod 72 of the current scale target (e.g. CPU or memory). Such 73 metrics are built in to Kubernetes, and have special scaling 74 options on top of those available to normal per-pod metrics 75 using the "pods" source. 76 properties: 77 container: 78 description: container is the name of the container 79 in the pods of the scaling target 80 type: string 81 name: 82 description: name is the name of the resource in question. 83 type: string 84 target: 85 description: target specifies the target value for the 86 given metric 87 properties: 88 averageUtilization: 89 description: averageUtilization is the target value 90 of the average of the resource metric across all 91 relevant pods, represented as a percentage of 92 the requested value of the resource for the pods. 93 Currently only valid for Resource metric source 94 type 95 format: int32 96 type: integer 97 averageValue: 98 anyOf: 99 - type: integer 100 - type: string 101 description: averageValue is the target value of 102 the average of the metric across all relevant 103 pods (as a quantity) 104 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 105 x-kubernetes-int-or-string: true 106 type: 107 description: type represents whether the metric 108 type is Utilization, Value, or AverageValue 109 type: string 110 value: 111 anyOf: 112 - type: integer 113 - type: string 114 description: value is the target value of the metric 115 (as a quantity). 116 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 117 x-kubernetes-int-or-string: true 118 required: 119 - type 120 type: object 121 required: 122 - container 123 - name 124 - target 125 type: object 126 external: 127 description: external refers to a global metric that is 128 not associated with any Kubernetes object. It allows autoscaling 129 based on information coming from components running outside 130 of cluster (for example length of queue in cloud messaging 131 service, or QPS from loadbalancer running outside of cluster). 132 properties: 133 metric: 134 description: metric identifies the target metric by 135 name and selector 136 properties: 137 name: 138 description: name is the name of the given metric 139 type: string 140 selector: 141 description: selector is the string-encoded form 142 of a standard kubernetes label selector for the 143 given metric When set, it is passed as an additional 144 parameter to the metrics server for more specific 145 metrics scoping. When unset, just the metricName 146 will be used to gather metrics. 147 properties: 148 matchExpressions: 149 description: matchExpressions is a list of label 150 selector requirements. The requirements are 151 ANDed. 152 items: 153 description: A label selector requirement 154 is a selector that contains values, a key, 155 and an operator that relates the key and 156 values. 157 properties: 158 key: 159 description: key is the label key that 160 the selector applies to. 161 type: string 162 operator: 163 description: operator represents a key's 164 relationship to a set of values. Valid 165 operators are In, NotIn, Exists and 166 DoesNotExist. 167 type: string 168 values: 169 description: values is an array of string 170 values. If the operator is In or NotIn, 171 the values array must be non-empty. 172 If the operator is Exists or DoesNotExist, 173 the values array must be empty. This 174 array is replaced during a strategic 175 merge patch. 176 items: 177 type: string 178 type: array 179 required: 180 - key 181 - operator 182 type: object 183 type: array 184 matchLabels: 185 additionalProperties: 186 type: string 187 description: matchLabels is a map of {key,value} 188 pairs. A single {key,value} in the matchLabels 189 map is equivalent to an element of matchExpressions, 190 whose key field is "key", the operator is 191 "In", and the values array contains only "value". 192 The requirements are ANDed. 193 type: object 194 type: object 195 x-kubernetes-map-type: atomic 196 required: 197 - name 198 type: object 199 target: 200 description: target specifies the target value for the 201 given metric 202 properties: 203 averageUtilization: 204 description: averageUtilization is the target value 205 of the average of the resource metric across all 206 relevant pods, represented as a percentage of 207 the requested value of the resource for the pods. 208 Currently only valid for Resource metric source 209 type 210 format: int32 211 type: integer 212 averageValue: 213 anyOf: 214 - type: integer 215 - type: string 216 description: averageValue is the target value of 217 the average of the metric across all relevant 218 pods (as a quantity) 219 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 220 x-kubernetes-int-or-string: true 221 type: 222 description: type represents whether the metric 223 type is Utilization, Value, or AverageValue 224 type: string 225 value: 226 anyOf: 227 - type: integer 228 - type: string 229 description: value is the target value of the metric 230 (as a quantity). 231 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 232 x-kubernetes-int-or-string: true 233 required: 234 - type 235 type: object 236 required: 237 - metric 238 - target 239 type: object 240 object: 241 description: object refers to a metric describing a single 242 kubernetes object (for example, hits-per-second on an 243 Ingress object). 244 properties: 245 describedObject: 246 description: describedObject specifies the descriptions 247 of a object,such as kind,name apiVersion 248 properties: 249 apiVersion: 250 description: apiVersion is the API version of the 251 referent 252 type: string 253 kind: 254 description: 'kind is the kind of the referent; 255 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 256 type: string 257 name: 258 description: 'name is the name of the referent; 259 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 260 type: string 261 required: 262 - kind 263 - name 264 type: object 265 metric: 266 description: metric identifies the target metric by 267 name and selector 268 properties: 269 name: 270 description: name is the name of the given metric 271 type: string 272 selector: 273 description: selector is the string-encoded form 274 of a standard kubernetes label selector for the 275 given metric When set, it is passed as an additional 276 parameter to the metrics server for more specific 277 metrics scoping. When unset, just the metricName 278 will be used to gather metrics. 279 properties: 280 matchExpressions: 281 description: matchExpressions is a list of label 282 selector requirements. The requirements are 283 ANDed. 284 items: 285 description: A label selector requirement 286 is a selector that contains values, a key, 287 and an operator that relates the key and 288 values. 289 properties: 290 key: 291 description: key is the label key that 292 the selector applies to. 293 type: string 294 operator: 295 description: operator represents a key's 296 relationship to a set of values. Valid 297 operators are In, NotIn, Exists and 298 DoesNotExist. 299 type: string 300 values: 301 description: values is an array of string 302 values. If the operator is In or NotIn, 303 the values array must be non-empty. 304 If the operator is Exists or DoesNotExist, 305 the values array must be empty. This 306 array is replaced during a strategic 307 merge patch. 308 items: 309 type: string 310 type: array 311 required: 312 - key 313 - operator 314 type: object 315 type: array 316 matchLabels: 317 additionalProperties: 318 type: string 319 description: matchLabels is a map of {key,value} 320 pairs. A single {key,value} in the matchLabels 321 map is equivalent to an element of matchExpressions, 322 whose key field is "key", the operator is 323 "In", and the values array contains only "value". 324 The requirements are ANDed. 325 type: object 326 type: object 327 x-kubernetes-map-type: atomic 328 required: 329 - name 330 type: object 331 target: 332 description: target specifies the target value for the 333 given metric 334 properties: 335 averageUtilization: 336 description: averageUtilization is the target value 337 of the average of the resource metric across all 338 relevant pods, represented as a percentage of 339 the requested value of the resource for the pods. 340 Currently only valid for Resource metric source 341 type 342 format: int32 343 type: integer 344 averageValue: 345 anyOf: 346 - type: integer 347 - type: string 348 description: averageValue is the target value of 349 the average of the metric across all relevant 350 pods (as a quantity) 351 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 352 x-kubernetes-int-or-string: true 353 type: 354 description: type represents whether the metric 355 type is Utilization, Value, or AverageValue 356 type: string 357 value: 358 anyOf: 359 - type: integer 360 - type: string 361 description: value is the target value of the metric 362 (as a quantity). 363 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 364 x-kubernetes-int-or-string: true 365 required: 366 - type 367 type: object 368 required: 369 - describedObject 370 - metric 371 - target 372 type: object 373 pods: 374 description: pods refers to a metric describing each pod 375 in the current scale target (for example, transactions-processed-per-second). The 376 values will be averaged together before being compared 377 to the target value. 378 properties: 379 metric: 380 description: metric identifies the target metric by 381 name and selector 382 properties: 383 name: 384 description: name is the name of the given metric 385 type: string 386 selector: 387 description: selector is the string-encoded form 388 of a standard kubernetes label selector for the 389 given metric When set, it is passed as an additional 390 parameter to the metrics server for more specific 391 metrics scoping. When unset, just the metricName 392 will be used to gather metrics. 393 properties: 394 matchExpressions: 395 description: matchExpressions is a list of label 396 selector requirements. The requirements are 397 ANDed. 398 items: 399 description: A label selector requirement 400 is a selector that contains values, a key, 401 and an operator that relates the key and 402 values. 403 properties: 404 key: 405 description: key is the label key that 406 the selector applies to. 407 type: string 408 operator: 409 description: operator represents a key's 410 relationship to a set of values. Valid 411 operators are In, NotIn, Exists and 412 DoesNotExist. 413 type: string 414 values: 415 description: values is an array of string 416 values. If the operator is In or NotIn, 417 the values array must be non-empty. 418 If the operator is Exists or DoesNotExist, 419 the values array must be empty. This 420 array is replaced during a strategic 421 merge patch. 422 items: 423 type: string 424 type: array 425 required: 426 - key 427 - operator 428 type: object 429 type: array 430 matchLabels: 431 additionalProperties: 432 type: string 433 description: matchLabels is a map of {key,value} 434 pairs. A single {key,value} in the matchLabels 435 map is equivalent to an element of matchExpressions, 436 whose key field is "key", the operator is 437 "In", and the values array contains only "value". 438 The requirements are ANDed. 439 type: object 440 type: object 441 x-kubernetes-map-type: atomic 442 required: 443 - name 444 type: object 445 target: 446 description: target specifies the target value for the 447 given metric 448 properties: 449 averageUtilization: 450 description: averageUtilization is the target value 451 of the average of the resource metric across all 452 relevant pods, represented as a percentage of 453 the requested value of the resource for the pods. 454 Currently only valid for Resource metric source 455 type 456 format: int32 457 type: integer 458 averageValue: 459 anyOf: 460 - type: integer 461 - type: string 462 description: averageValue is the target value of 463 the average of the metric across all relevant 464 pods (as a quantity) 465 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 466 x-kubernetes-int-or-string: true 467 type: 468 description: type represents whether the metric 469 type is Utilization, Value, or AverageValue 470 type: string 471 value: 472 anyOf: 473 - type: integer 474 - type: string 475 description: value is the target value of the metric 476 (as a quantity). 477 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 478 x-kubernetes-int-or-string: true 479 required: 480 - type 481 type: object 482 required: 483 - metric 484 - target 485 type: object 486 resource: 487 description: resource refers to a resource metric (such 488 as those specified in requests and limits) known to Kubernetes 489 describing each pod in the current scale target (e.g. 490 CPU or memory). Such metrics are built in to Kubernetes, 491 and have special scaling options on top of those available 492 to normal per-pod metrics using the "pods" source. 493 properties: 494 name: 495 description: name is the name of the resource in question. 496 type: string 497 target: 498 description: target specifies the target value for the 499 given metric 500 properties: 501 averageUtilization: 502 description: averageUtilization is the target value 503 of the average of the resource metric across all 504 relevant pods, represented as a percentage of 505 the requested value of the resource for the pods. 506 Currently only valid for Resource metric source 507 type 508 format: int32 509 type: integer 510 averageValue: 511 anyOf: 512 - type: integer 513 - type: string 514 description: averageValue is the target value of 515 the average of the metric across all relevant 516 pods (as a quantity) 517 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 518 x-kubernetes-int-or-string: true 519 type: 520 description: type represents whether the metric 521 type is Utilization, Value, or AverageValue 522 type: string 523 value: 524 anyOf: 525 - type: integer 526 - type: string 527 description: value is the target value of the metric 528 (as a quantity). 529 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 530 x-kubernetes-int-or-string: true 531 required: 532 - type 533 type: object 534 required: 535 - name 536 - target 537 type: object 538 type: 539 description: 'type is the type of metric source. It should 540 be one of "ContainerResource", "External", "Object", "Pods" 541 or "Resource", each mapping to a matching field in the 542 object. Note: "ContainerResource" type is available on 543 when the feature-gate HPAContainerMetrics is enabled' 544 type: string 545 required: 546 - type 547 type: object 548 type: array 549 minReplicas: 550 description: minReplicas is the lower limit for the number of 551 replicas to which the training job can scale down. It defaults 552 to null. 553 format: int32 554 type: integer 555 nProcPerNode: 556 description: 'Number of workers per node; supported values: [auto, 557 cpu, gpu, int]. Deprecated: This API is deprecated in v1.7+ 558 Use .spec.nprocPerNode instead.' 559 format: int32 560 type: integer 561 rdzvBackend: 562 type: string 563 rdzvConf: 564 description: RDZVConf contains additional rendezvous configuration 565 (<key1>=<value1>,<key2>=<value2>,...). 566 items: 567 properties: 568 key: 569 type: string 570 value: 571 type: string 572 type: object 573 type: array 574 rdzvHost: 575 type: string 576 rdzvId: 577 type: string 578 rdzvPort: 579 format: int32 580 type: integer 581 standalone: 582 description: Start a local standalone rendezvous backend that 583 is represented by a C10d TCP store on port 29400. Useful when 584 launching single-node, multi-worker job. If specified --rdzv_backend, 585 --rdzv_endpoint, --rdzv_id are auto-assigned; any explicitly 586 set values are ignored. 587 type: boolean 588 type: object 589 nprocPerNode: 590 description: 'Number of workers per node; supported values: [auto, 591 cpu, gpu, int]. For more, https://github.com/pytorch/pytorch/blob/26f7f470df64d90e092081e39507e4ac751f55d6/torch/distributed/run.py#L629-L658. 592 Defaults to auto.' 593 type: string 594 pytorchReplicaSpecs: 595 additionalProperties: 596 description: ReplicaSpec is a description of the replica 597 properties: 598 replicas: 599 description: Replicas is the desired number of replicas of the 600 given template. If unspecified, defaults to 1. 601 format: int32 602 type: integer 603 restartPolicy: 604 description: Restart policy for all replicas within the job. 605 One of Always, OnFailure, Never and ExitCode. Default to Never. 606 type: string 607 template: 608 description: Template is the object that describes the pod that 609 will be created for this replica. RestartPolicy in PodTemplateSpec 610 will be overide by RestartPolicy in ReplicaSpec 611 properties: 612 metadata: 613 description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' 614 properties: 615 annotations: 616 additionalProperties: 617 type: string 618 type: object 619 finalizers: 620 items: 621 type: string 622 type: array 623 labels: 624 additionalProperties: 625 type: string 626 type: object 627 name: 628 type: string 629 namespace: 630 type: string 631 type: object 632 spec: 633 description: 'Specification of the desired behavior of the 634 pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 635 properties: 636 activeDeadlineSeconds: 637 description: Optional duration in seconds the pod may 638 be active on the node relative to StartTime before 639 the system will actively try to mark it failed and 640 kill associated containers. Value must be a positive 641 integer. 642 format: int64 643 type: integer 644 affinity: 645 description: If specified, the pod's scheduling constraints 646 properties: 647 nodeAffinity: 648 description: Describes node affinity scheduling 649 rules for the pod. 650 properties: 651 preferredDuringSchedulingIgnoredDuringExecution: 652 description: The scheduler will prefer to schedule 653 pods to nodes that satisfy the affinity expressions 654 specified by this field, but it may choose 655 a node that violates one or more of the expressions. 656 The node that is most preferred is the one 657 with the greatest sum of weights, i.e. for 658 each node that meets all of the scheduling 659 requirements (resource request, requiredDuringScheduling 660 affinity expressions, etc. 661 items: 662 description: An empty preferred scheduling 663 term matches all objects with implicit weight 664 0 (i.e. it's a no-op). A null preferred 665 scheduling term matches no objects (i.e. 666 is also a no-op). 667 properties: 668 preference: 669 description: A node selector term, associated 670 with the corresponding weight. 671 properties: 672 matchExpressions: 673 description: A list of node selector 674 requirements by node's labels. 675 items: 676 description: A node selector requirement 677 is a selector that contains values, 678 a key, and an operator that relates 679 the key and values. 680 properties: 681 key: 682 description: The label key that 683 the selector applies to. 684 type: string 685 operator: 686 description: Represents a key's 687 relationship to a set of values. 688 Valid operators are In, NotIn, 689 Exists, DoesNotExist. Gt, 690 and Lt. 691 type: string 692 values: 693 description: An array of string 694 values. If the operator is 695 In or NotIn, the values array 696 must be non-empty. If the 697 operator is Exists or DoesNotExist, 698 the values array must be empty. 699 If the operator is Gt or Lt, 700 the values array must have 701 a single element, which will 702 be interpreted as an integer. 703 This array is replaced during 704 a strategic merge patch. 705 items: 706 type: string 707 type: array 708 required: 709 - key 710 - operator 711 type: object 712 type: array 713 matchFields: 714 description: A list of node selector 715 requirements by node's fields. 716 items: 717 description: A node selector requirement 718 is a selector that contains values, 719 a key, and an operator that relates 720 the key and values. 721 properties: 722 key: 723 description: The label key that 724 the selector applies to. 725 type: string 726 operator: 727 description: Represents a key's 728 relationship to a set of values. 729 Valid operators are In, NotIn, 730 Exists, DoesNotExist. Gt, 731 and Lt. 732 type: string 733 values: 734 description: An array of string 735 values. If the operator is 736 In or NotIn, the values array 737 must be non-empty. If the 738 operator is Exists or DoesNotExist, 739 the values array must be empty. 740 If the operator is Gt or Lt, 741 the values array must have 742 a single element, which will 743 be interpreted as an integer. 744 This array is replaced during 745 a strategic merge patch. 746 items: 747 type: string 748 type: array 749 required: 750 - key 751 - operator 752 type: object 753 type: array 754 type: object 755 x-kubernetes-map-type: atomic 756 weight: 757 description: Weight associated with matching 758 the corresponding nodeSelectorTerm, 759 in the range 1-100. 760 format: int32 761 type: integer 762 required: 763 - preference 764 - weight 765 type: object 766 type: array 767 requiredDuringSchedulingIgnoredDuringExecution: 768 description: If the affinity requirements specified 769 by this field are not met at scheduling time, 770 the pod will not be scheduled onto the node. 771 If the affinity requirements specified by 772 this field cease to be met at some point during 773 pod execution (e.g. due to an update), the 774 system may or may not try to eventually evict 775 the pod from its node. 776 properties: 777 nodeSelectorTerms: 778 description: Required. A list of node selector 779 terms. The terms are ORed. 780 items: 781 description: A null or empty node selector 782 term matches no objects. The requirements 783 of them are ANDed. The TopologySelectorTerm 784 type implements a subset of the NodeSelectorTerm. 785 properties: 786 matchExpressions: 787 description: A list of node selector 788 requirements by node's labels. 789 items: 790 description: A node selector requirement 791 is a selector that contains values, 792 a key, and an operator that relates 793 the key and values. 794 properties: 795 key: 796 description: The label key that 797 the selector applies to. 798 type: string 799 operator: 800 description: Represents a key's 801 relationship to a set of values. 802 Valid operators are In, NotIn, 803 Exists, DoesNotExist. Gt, 804 and Lt. 805 type: string 806 values: 807 description: An array of string 808 values. If the operator is 809 In or NotIn, the values array 810 must be non-empty. If the 811 operator is Exists or DoesNotExist, 812 the values array must be empty. 813 If the operator is Gt or Lt, 814 the values array must have 815 a single element, which will 816 be interpreted as an integer. 817 This array is replaced during 818 a strategic merge patch. 819 items: 820 type: string 821 type: array 822 required: 823 - key 824 - operator 825 type: object 826 type: array 827 matchFields: 828 description: A list of node selector 829 requirements by node's fields. 830 items: 831 description: A node selector requirement 832 is a selector that contains values, 833 a key, and an operator that relates 834 the key and values. 835 properties: 836 key: 837 description: The label key that 838 the selector applies to. 839 type: string 840 operator: 841 description: Represents a key's 842 relationship to a set of values. 843 Valid operators are In, NotIn, 844 Exists, DoesNotExist. Gt, 845 and Lt. 846 type: string 847 values: 848 description: An array of string 849 values. If the operator is 850 In or NotIn, the values array 851 must be non-empty. If the 852 operator is Exists or DoesNotExist, 853 the values array must be empty. 854 If the operator is Gt or Lt, 855 the values array must have 856 a single element, which will 857 be interpreted as an integer. 858 This array is replaced during 859 a strategic merge patch. 860 items: 861 type: string 862 type: array 863 required: 864 - key 865 - operator 866 type: object 867 type: array 868 type: object 869 x-kubernetes-map-type: atomic 870 type: array 871 required: 872 - nodeSelectorTerms 873 type: object 874 x-kubernetes-map-type: atomic 875 type: object 876 podAffinity: 877 description: Describes pod affinity scheduling rules 878 (e.g. co-locate this pod in the same node, zone, 879 etc. as some other pod(s)). 880 properties: 881 preferredDuringSchedulingIgnoredDuringExecution: 882 description: The scheduler will prefer to schedule 883 pods to nodes that satisfy the affinity expressions 884 specified by this field, but it may choose 885 a node that violates one or more of the expressions. 886 The node that is most preferred is the one 887 with the greatest sum of weights, i.e. for 888 each node that meets all of the scheduling 889 requirements (resource request, requiredDuringScheduling 890 affinity expressions, etc. 891 items: 892 description: The weights of all of the matched 893 WeightedPodAffinityTerm fields are added 894 per-node to find the most preferred node(s) 895 properties: 896 podAffinityTerm: 897 description: Required. A pod affinity 898 term, associated with the corresponding 899 weight. 900 properties: 901 labelSelector: 902 description: A label query over a 903 set of resources, in this case pods. 904 properties: 905 matchExpressions: 906 description: matchExpressions 907 is a list of label selector 908 requirements. The requirements 909 are ANDed. 910 items: 911 description: A label selector 912 requirement is a selector 913 that contains values, a key, 914 and an operator that relates 915 the key and values. 916 properties: 917 key: 918 description: key is the 919 label key that the selector 920 applies to. 921 type: string 922 operator: 923 description: operator represents 924 a key's relationship to 925 a set of values. Valid 926 operators are In, NotIn, 927 Exists and DoesNotExist. 928 type: string 929 values: 930 description: values is an 931 array of string values. 932 If the operator is In 933 or NotIn, the values array 934 must be non-empty. If 935 the operator is Exists 936 or DoesNotExist, the values 937 array must be empty. This 938 array is replaced during 939 a strategic merge patch. 940 items: 941 type: string 942 type: array 943 required: 944 - key 945 - operator 946 type: object 947 type: array 948 matchLabels: 949 additionalProperties: 950 type: string 951 description: matchLabels is a 952 map of {key,value} pairs. A 953 single {key,value} in the matchLabels 954 map is equivalent to an element 955 of matchExpressions, whose key 956 field is "key", the operator 957 is "In", and the values array 958 contains only "value". The requirements 959 are ANDed. 960 type: object 961 type: object 962 x-kubernetes-map-type: atomic 963 namespaceSelector: 964 description: A label query over the 965 set of namespaces that the term 966 applies to. The term is applied 967 to the union of the namespaces selected 968 by this field and the ones listed 969 in the namespaces field. null selector 970 and null or empty namespaces list 971 means "this pod's namespace". An 972 empty selector ({}) matches all 973 namespaces. 974 properties: 975 matchExpressions: 976 description: matchExpressions 977 is a list of label selector 978 requirements. The requirements 979 are ANDed. 980 items: 981 description: A label selector 982 requirement is a selector 983 that contains values, a key, 984 and an operator that relates 985 the key and values. 986 properties: 987 key: 988 description: key is the 989 label key that the selector 990 applies to. 991 type: string 992 operator: 993 description: operator represents 994 a key's relationship to 995 a set of values. Valid 996 operators are In, NotIn, 997 Exists and DoesNotExist. 998 type: string 999 values: 1000 description: values is an 1001 array of string values. 1002 If the operator is In 1003 or NotIn, the values array 1004 must be non-empty. If 1005 the operator is Exists 1006 or DoesNotExist, the values 1007 array must be empty. This 1008 array is replaced during 1009 a strategic merge patch. 1010 items: 1011 type: string 1012 type: array 1013 required: 1014 - key 1015 - operator 1016 type: object 1017 type: array 1018 matchLabels: 1019 additionalProperties: 1020 type: string 1021 description: matchLabels is a 1022 map of {key,value} pairs. A 1023 single {key,value} in the matchLabels 1024 map is equivalent to an element 1025 of matchExpressions, whose key 1026 field is "key", the operator 1027 is "In", and the values array 1028 contains only "value". The requirements 1029 are ANDed. 1030 type: object 1031 type: object 1032 x-kubernetes-map-type: atomic 1033 namespaces: 1034 description: namespaces specifies 1035 a static list of namespace names 1036 that the term applies to. The term 1037 is applied to the union of the namespaces 1038 listed in this field and the ones 1039 selected by namespaceSelector. null 1040 or empty namespaces list and null 1041 namespaceSelector means "this pod's 1042 namespace". 1043 items: 1044 type: string 1045 type: array 1046 topologyKey: 1047 description: This pod should be co-located 1048 (affinity) or not co-located (anti-affinity) 1049 with the pods matching the labelSelector 1050 in the specified namespaces, where 1051 co-located is defined as running 1052 on a node whose value of the label 1053 with key topologyKey matches that 1054 of any node on which any of the 1055 selected pods is running. Empty 1056 topologyKey is not allowed. 1057 type: string 1058 required: 1059 - topologyKey 1060 type: object 1061 weight: 1062 description: weight associated with matching 1063 the corresponding podAffinityTerm, in 1064 the range 1-100. 1065 format: int32 1066 type: integer 1067 required: 1068 - podAffinityTerm 1069 - weight 1070 type: object 1071 type: array 1072 requiredDuringSchedulingIgnoredDuringExecution: 1073 description: If the affinity requirements specified 1074 by this field are not met at scheduling time, 1075 the pod will not be scheduled onto the node. 1076 If the affinity requirements specified by 1077 this field cease to be met at some point during 1078 pod execution (e.g. due to a pod label update), 1079 the system may or may not try to eventually 1080 evict the pod from its node. 1081 items: 1082 description: Defines a set of pods (namely 1083 those matching the labelSelector relative 1084 to the given namespace(s)) that this pod 1085 should be co-located (affinity) or not co-located 1086 (anti-affinity) with, where co-located is 1087 defined as running on a node whose value 1088 of the label with key <topologyKey> matches 1089 that of any node on which a pod of the set 1090 of pods is running 1091 properties: 1092 labelSelector: 1093 description: A label query over a set 1094 of resources, in this case pods. 1095 properties: 1096 matchExpressions: 1097 description: matchExpressions is a 1098 list of label selector requirements. 1099 The requirements are ANDed. 1100 items: 1101 description: A label selector requirement 1102 is a selector that contains values, 1103 a key, and an operator that relates 1104 the key and values. 1105 properties: 1106 key: 1107 description: key is the label 1108 key that the selector applies 1109 to. 1110 type: string 1111 operator: 1112 description: operator represents 1113 a key's relationship to a 1114 set of values. Valid operators 1115 are In, NotIn, Exists and 1116 DoesNotExist. 1117 type: string 1118 values: 1119 description: values is an array 1120 of string values. If the operator 1121 is In or NotIn, the values 1122 array must be non-empty. If 1123 the operator is Exists or 1124 DoesNotExist, the values array 1125 must be empty. This array 1126 is replaced during a strategic 1127 merge patch. 1128 items: 1129 type: string 1130 type: array 1131 required: 1132 - key 1133 - operator 1134 type: object 1135 type: array 1136 matchLabels: 1137 additionalProperties: 1138 type: string 1139 description: matchLabels is a map 1140 of {key,value} pairs. A single {key,value} 1141 in the matchLabels map is equivalent 1142 to an element of matchExpressions, 1143 whose key field is "key", the operator 1144 is "In", and the values array contains 1145 only "value". The requirements are 1146 ANDed. 1147 type: object 1148 type: object 1149 x-kubernetes-map-type: atomic 1150 namespaceSelector: 1151 description: A label query over the set 1152 of namespaces that the term applies 1153 to. The term is applied to the union 1154 of the namespaces selected by this field 1155 and the ones listed in the namespaces 1156 field. null selector and null or empty 1157 namespaces list means "this pod's namespace". 1158 An empty selector ({}) matches all namespaces. 1159 properties: 1160 matchExpressions: 1161 description: matchExpressions is a 1162 list of label selector requirements. 1163 The requirements are ANDed. 1164 items: 1165 description: A label selector requirement 1166 is a selector that contains values, 1167 a key, and an operator that relates 1168 the key and values. 1169 properties: 1170 key: 1171 description: key is the label 1172 key that the selector applies 1173 to. 1174 type: string 1175 operator: 1176 description: operator represents 1177 a key's relationship to a 1178 set of values. Valid operators 1179 are In, NotIn, Exists and 1180 DoesNotExist. 1181 type: string 1182 values: 1183 description: values is an array 1184 of string values. If the operator 1185 is In or NotIn, the values 1186 array must be non-empty. If 1187 the operator is Exists or 1188 DoesNotExist, the values array 1189 must be empty. This array 1190 is replaced during a strategic 1191 merge patch. 1192 items: 1193 type: string 1194 type: array 1195 required: 1196 - key 1197 - operator 1198 type: object 1199 type: array 1200 matchLabels: 1201 additionalProperties: 1202 type: string 1203 description: matchLabels is a map 1204 of {key,value} pairs. A single {key,value} 1205 in the matchLabels map is equivalent 1206 to an element of matchExpressions, 1207 whose key field is "key", the operator 1208 is "In", and the values array contains 1209 only "value". The requirements are 1210 ANDed. 1211 type: object 1212 type: object 1213 x-kubernetes-map-type: atomic 1214 namespaces: 1215 description: namespaces specifies a static 1216 list of namespace names that the term 1217 applies to. The term is applied to the 1218 union of the namespaces listed in this 1219 field and the ones selected by namespaceSelector. 1220 null or empty namespaces list and null 1221 namespaceSelector means "this pod's 1222 namespace". 1223 items: 1224 type: string 1225 type: array 1226 topologyKey: 1227 description: This pod should be co-located 1228 (affinity) or not co-located (anti-affinity) 1229 with the pods matching the labelSelector 1230 in the specified namespaces, where co-located 1231 is defined as running on a node whose 1232 value of the label with key topologyKey 1233 matches that of any node on which any 1234 of the selected pods is running. Empty 1235 topologyKey is not allowed. 1236 type: string 1237 required: 1238 - topologyKey 1239 type: object 1240 type: array 1241 type: object 1242 podAntiAffinity: 1243 description: Describes pod anti-affinity scheduling 1244 rules (e.g. avoid putting this pod in the same 1245 node, zone, etc. as some other pod(s)). 1246 properties: 1247 preferredDuringSchedulingIgnoredDuringExecution: 1248 description: The scheduler will prefer to schedule 1249 pods to nodes that satisfy the anti-affinity 1250 expressions specified by this field, but it 1251 may choose a node that violates one or more 1252 of the expressions. The node that is most 1253 preferred is the one with the greatest sum 1254 of weights, i.e. 1255 items: 1256 description: The weights of all of the matched 1257 WeightedPodAffinityTerm fields are added 1258 per-node to find the most preferred node(s) 1259 properties: 1260 podAffinityTerm: 1261 description: Required. A pod affinity 1262 term, associated with the corresponding 1263 weight. 1264 properties: 1265 labelSelector: 1266 description: A label query over a 1267 set of resources, in this case pods. 1268 properties: 1269 matchExpressions: 1270 description: matchExpressions 1271 is a list of label selector 1272 requirements. The requirements 1273 are ANDed. 1274 items: 1275 description: A label selector 1276 requirement is a selector 1277 that contains values, a key, 1278 and an operator that relates 1279 the key and values. 1280 properties: 1281 key: 1282 description: key is the 1283 label key that the selector 1284 applies to. 1285 type: string 1286 operator: 1287 description: operator represents 1288 a key's relationship to 1289 a set of values. Valid 1290 operators are In, NotIn, 1291 Exists and DoesNotExist. 1292 type: string 1293 values: 1294 description: values is an 1295 array of string values. 1296 If the operator is In 1297 or NotIn, the values array 1298 must be non-empty. If 1299 the operator is Exists 1300 or DoesNotExist, the values 1301 array must be empty. This 1302 array is replaced during 1303 a strategic merge patch. 1304 items: 1305 type: string 1306 type: array 1307 required: 1308 - key 1309 - operator 1310 type: object 1311 type: array 1312 matchLabels: 1313 additionalProperties: 1314 type: string 1315 description: matchLabels is a 1316 map of {key,value} pairs. A 1317 single {key,value} in the matchLabels 1318 map is equivalent to an element 1319 of matchExpressions, whose key 1320 field is "key", the operator 1321 is "In", and the values array 1322 contains only "value". The requirements 1323 are ANDed. 1324 type: object 1325 type: object 1326 x-kubernetes-map-type: atomic 1327 namespaceSelector: 1328 description: A label query over the 1329 set of namespaces that the term 1330 applies to. The term is applied 1331 to the union of the namespaces selected 1332 by this field and the ones listed 1333 in the namespaces field. null selector 1334 and null or empty namespaces list 1335 means "this pod's namespace". An 1336 empty selector ({}) matches all 1337 namespaces. 1338 properties: 1339 matchExpressions: 1340 description: matchExpressions 1341 is a list of label selector 1342 requirements. The requirements 1343 are ANDed. 1344 items: 1345 description: A label selector 1346 requirement is a selector 1347 that contains values, a key, 1348 and an operator that relates 1349 the key and values. 1350 properties: 1351 key: 1352 description: key is the 1353 label key that the selector 1354 applies to. 1355 type: string 1356 operator: 1357 description: operator represents 1358 a key's relationship to 1359 a set of values. Valid 1360 operators are In, NotIn, 1361 Exists and DoesNotExist. 1362 type: string 1363 values: 1364 description: values is an 1365 array of string values. 1366 If the operator is In 1367 or NotIn, the values array 1368 must be non-empty. If 1369 the operator is Exists 1370 or DoesNotExist, the values 1371 array must be empty. This 1372 array is replaced during 1373 a strategic merge patch. 1374 items: 1375 type: string 1376 type: array 1377 required: 1378 - key 1379 - operator 1380 type: object 1381 type: array 1382 matchLabels: 1383 additionalProperties: 1384 type: string 1385 description: matchLabels is a 1386 map of {key,value} pairs. A 1387 single {key,value} in the matchLabels 1388 map is equivalent to an element 1389 of matchExpressions, whose key 1390 field is "key", the operator 1391 is "In", and the values array 1392 contains only "value". The requirements 1393 are ANDed. 1394 type: object 1395 type: object 1396 x-kubernetes-map-type: atomic 1397 namespaces: 1398 description: namespaces specifies 1399 a static list of namespace names 1400 that the term applies to. The term 1401 is applied to the union of the namespaces 1402 listed in this field and the ones 1403 selected by namespaceSelector. null 1404 or empty namespaces list and null 1405 namespaceSelector means "this pod's 1406 namespace". 1407 items: 1408 type: string 1409 type: array 1410 topologyKey: 1411 description: This pod should be co-located 1412 (affinity) or not co-located (anti-affinity) 1413 with the pods matching the labelSelector 1414 in the specified namespaces, where 1415 co-located is defined as running 1416 on a node whose value of the label 1417 with key topologyKey matches that 1418 of any node on which any of the 1419 selected pods is running. Empty 1420 topologyKey is not allowed. 1421 type: string 1422 required: 1423 - topologyKey 1424 type: object 1425 weight: 1426 description: weight associated with matching 1427 the corresponding podAffinityTerm, in 1428 the range 1-100. 1429 format: int32 1430 type: integer 1431 required: 1432 - podAffinityTerm 1433 - weight 1434 type: object 1435 type: array 1436 requiredDuringSchedulingIgnoredDuringExecution: 1437 description: If the anti-affinity requirements 1438 specified by this field are not met at scheduling 1439 time, the pod will not be scheduled onto the 1440 node. If the anti-affinity requirements specified 1441 by this field cease to be met at some point 1442 during pod execution (e.g. due to a pod label 1443 update), the system may or may not try to 1444 eventually evict the pod from its node. 1445 items: 1446 description: Defines a set of pods (namely 1447 those matching the labelSelector relative 1448 to the given namespace(s)) that this pod 1449 should be co-located (affinity) or not co-located 1450 (anti-affinity) with, where co-located is 1451 defined as running on a node whose value 1452 of the label with key <topologyKey> matches 1453 that of any node on which a pod of the set 1454 of pods is running 1455 properties: 1456 labelSelector: 1457 description: A label query over a set 1458 of resources, in this case pods. 1459 properties: 1460 matchExpressions: 1461 description: matchExpressions is a 1462 list of label selector requirements. 1463 The requirements are ANDed. 1464 items: 1465 description: A label selector requirement 1466 is a selector that contains values, 1467 a key, and an operator that relates 1468 the key and values. 1469 properties: 1470 key: 1471 description: key is the label 1472 key that the selector applies 1473 to. 1474 type: string 1475 operator: 1476 description: operator represents 1477 a key's relationship to a 1478 set of values. Valid operators 1479 are In, NotIn, Exists and 1480 DoesNotExist. 1481 type: string 1482 values: 1483 description: values is an array 1484 of string values. If the operator 1485 is In or NotIn, the values 1486 array must be non-empty. If 1487 the operator is Exists or 1488 DoesNotExist, the values array 1489 must be empty. This array 1490 is replaced during a strategic 1491 merge patch. 1492 items: 1493 type: string 1494 type: array 1495 required: 1496 - key 1497 - operator 1498 type: object 1499 type: array 1500 matchLabels: 1501 additionalProperties: 1502 type: string 1503 description: matchLabels is a map 1504 of {key,value} pairs. A single {key,value} 1505 in the matchLabels map is equivalent 1506 to an element of matchExpressions, 1507 whose key field is "key", the operator 1508 is "In", and the values array contains 1509 only "value". The requirements are 1510 ANDed. 1511 type: object 1512 type: object 1513 x-kubernetes-map-type: atomic 1514 namespaceSelector: 1515 description: A label query over the set 1516 of namespaces that the term applies 1517 to. The term is applied to the union 1518 of the namespaces selected by this field 1519 and the ones listed in the namespaces 1520 field. null selector and null or empty 1521 namespaces list means "this pod's namespace". 1522 An empty selector ({}) matches all namespaces. 1523 properties: 1524 matchExpressions: 1525 description: matchExpressions is a 1526 list of label selector requirements. 1527 The requirements are ANDed. 1528 items: 1529 description: A label selector requirement 1530 is a selector that contains values, 1531 a key, and an operator that relates 1532 the key and values. 1533 properties: 1534 key: 1535 description: key is the label 1536 key that the selector applies 1537 to. 1538 type: string 1539 operator: 1540 description: operator represents 1541 a key's relationship to a 1542 set of values. Valid operators 1543 are In, NotIn, Exists and 1544 DoesNotExist. 1545 type: string 1546 values: 1547 description: values is an array 1548 of string values. If the operator 1549 is In or NotIn, the values 1550 array must be non-empty. If 1551 the operator is Exists or 1552 DoesNotExist, the values array 1553 must be empty. This array 1554 is replaced during a strategic 1555 merge patch. 1556 items: 1557 type: string 1558 type: array 1559 required: 1560 - key 1561 - operator 1562 type: object 1563 type: array 1564 matchLabels: 1565 additionalProperties: 1566 type: string 1567 description: matchLabels is a map 1568 of {key,value} pairs. A single {key,value} 1569 in the matchLabels map is equivalent 1570 to an element of matchExpressions, 1571 whose key field is "key", the operator 1572 is "In", and the values array contains 1573 only "value". The requirements are 1574 ANDed. 1575 type: object 1576 type: object 1577 x-kubernetes-map-type: atomic 1578 namespaces: 1579 description: namespaces specifies a static 1580 list of namespace names that the term 1581 applies to. The term is applied to the 1582 union of the namespaces listed in this 1583 field and the ones selected by namespaceSelector. 1584 null or empty namespaces list and null 1585 namespaceSelector means "this pod's 1586 namespace". 1587 items: 1588 type: string 1589 type: array 1590 topologyKey: 1591 description: This pod should be co-located 1592 (affinity) or not co-located (anti-affinity) 1593 with the pods matching the labelSelector 1594 in the specified namespaces, where co-located 1595 is defined as running on a node whose 1596 value of the label with key topologyKey 1597 matches that of any node on which any 1598 of the selected pods is running. Empty 1599 topologyKey is not allowed. 1600 type: string 1601 required: 1602 - topologyKey 1603 type: object 1604 type: array 1605 type: object 1606 type: object 1607 automountServiceAccountToken: 1608 description: AutomountServiceAccountToken indicates 1609 whether a service account token should be automatically 1610 mounted. 1611 type: boolean 1612 containers: 1613 description: List of containers belonging to the pod. 1614 Containers cannot currently be added or removed. There 1615 must be at least one container in a Pod. Cannot be 1616 updated. 1617 items: 1618 description: A single application container that you 1619 want to run within a pod. 1620 properties: 1621 args: 1622 description: 'Arguments to the entrypoint. The 1623 container image''s CMD is used if this is not 1624 provided. Variable references $(VAR_NAME) are 1625 expanded using the container''s environment. 1626 If a variable cannot be resolved, the reference 1627 in the input string will be unchanged. Double 1628 $$ are reduced to a single $, which allows for 1629 escaping the $(VAR_NAME) syntax: i.e.' 1630 items: 1631 type: string 1632 type: array 1633 command: 1634 description: 'Entrypoint array. Not executed within 1635 a shell. The container image''s ENTRYPOINT is 1636 used if this is not provided. Variable references 1637 $(VAR_NAME) are expanded using the container''s 1638 environment. If a variable cannot be resolved, 1639 the reference in the input string will be unchanged. 1640 Double $$ are reduced to a single $, which allows 1641 for escaping the $(VAR_NAME) syntax: i.e.' 1642 items: 1643 type: string 1644 type: array 1645 env: 1646 description: List of environment variables to 1647 set in the container. Cannot be updated. 1648 items: 1649 description: EnvVar represents an environment 1650 variable present in a Container. 1651 properties: 1652 name: 1653 description: Name of the environment variable. 1654 Must be a C_IDENTIFIER. 1655 type: string 1656 value: 1657 description: 'Variable references $(VAR_NAME) 1658 are expanded using the previously defined 1659 environment variables in the container 1660 and any service environment variables. 1661 If a variable cannot be resolved, the 1662 reference in the input string will be 1663 unchanged. Double $$ are reduced to a 1664 single $, which allows for escaping the 1665 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 1666 will produce the string literal "$(VAR_NAME)".' 1667 type: string 1668 valueFrom: 1669 description: Source for the environment 1670 variable's value. Cannot be used if value 1671 is not empty. 1672 properties: 1673 configMapKeyRef: 1674 description: Selects a key of a ConfigMap. 1675 properties: 1676 key: 1677 description: The key to select. 1678 type: string 1679 name: 1680 description: 'Name of the referent. 1681 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1682 TODO: Add other useful fields. 1683 apiVersion, kind, uid?' 1684 type: string 1685 optional: 1686 description: Specify whether the 1687 ConfigMap or its key must be defined 1688 type: boolean 1689 required: 1690 - key 1691 type: object 1692 x-kubernetes-map-type: atomic 1693 fieldRef: 1694 description: 'Selects a field of the 1695 pod: supports metadata.name, metadata.namespace, 1696 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 1697 spec.nodeName, spec.serviceAccountName, 1698 status.hostIP, status.podIP, status.podIPs.' 1699 properties: 1700 apiVersion: 1701 description: Version of the schema 1702 the FieldPath is written in terms 1703 of, defaults to "v1". 1704 type: string 1705 fieldPath: 1706 description: Path of the field to 1707 select in the specified API version. 1708 type: string 1709 required: 1710 - fieldPath 1711 type: object 1712 x-kubernetes-map-type: atomic 1713 resourceFieldRef: 1714 description: 'Selects a resource of 1715 the container: only resources limits 1716 and requests (limits.cpu, limits.memory, 1717 limits.ephemeral-storage, requests.cpu, 1718 requests.memory and requests.ephemeral-storage) 1719 are currently supported.' 1720 properties: 1721 containerName: 1722 description: 'Container name: required 1723 for volumes, optional for env 1724 vars' 1725 type: string 1726 divisor: 1727 anyOf: 1728 - type: integer 1729 - type: string 1730 description: Specifies the output 1731 format of the exposed resources, 1732 defaults to "1" 1733 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1734 x-kubernetes-int-or-string: true 1735 resource: 1736 description: 'Required: resource 1737 to select' 1738 type: string 1739 required: 1740 - resource 1741 type: object 1742 x-kubernetes-map-type: atomic 1743 secretKeyRef: 1744 description: Selects a key of a secret 1745 in the pod's namespace 1746 properties: 1747 key: 1748 description: The key of the secret 1749 to select from. Must be a valid 1750 secret key. 1751 type: string 1752 name: 1753 description: 'Name of the referent. 1754 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1755 TODO: Add other useful fields. 1756 apiVersion, kind, uid?' 1757 type: string 1758 optional: 1759 description: Specify whether the 1760 Secret or its key must be defined 1761 type: boolean 1762 required: 1763 - key 1764 type: object 1765 x-kubernetes-map-type: atomic 1766 type: object 1767 required: 1768 - name 1769 type: object 1770 type: array 1771 envFrom: 1772 description: List of sources to populate environment 1773 variables in the container. The keys defined 1774 within a source must be a C_IDENTIFIER. All 1775 invalid keys will be reported as an event when 1776 the container is starting. When a key exists 1777 in multiple sources, the value associated with 1778 the last source will take precedence. Values 1779 defined by an Env with a duplicate key will 1780 take precedence. Cannot be updated. 1781 items: 1782 description: EnvFromSource represents the source 1783 of a set of ConfigMaps 1784 properties: 1785 configMapRef: 1786 description: The ConfigMap to select from 1787 properties: 1788 name: 1789 description: 'Name of the referent. 1790 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1791 TODO: Add other useful fields. apiVersion, 1792 kind, uid?' 1793 type: string 1794 optional: 1795 description: Specify whether the ConfigMap 1796 must be defined 1797 type: boolean 1798 type: object 1799 x-kubernetes-map-type: atomic 1800 prefix: 1801 description: An optional identifier to prepend 1802 to each key in the ConfigMap. Must be 1803 a C_IDENTIFIER. 1804 type: string 1805 secretRef: 1806 description: The Secret to select from 1807 properties: 1808 name: 1809 description: 'Name of the referent. 1810 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1811 TODO: Add other useful fields. apiVersion, 1812 kind, uid?' 1813 type: string 1814 optional: 1815 description: Specify whether the Secret 1816 must be defined 1817 type: boolean 1818 type: object 1819 x-kubernetes-map-type: atomic 1820 type: object 1821 type: array 1822 image: 1823 description: 'Container image name. More info: 1824 https://kubernetes.io/docs/concepts/containers/images 1825 This field is optional to allow higher level 1826 config management to default or override container 1827 images in workload controllers like Deployments 1828 and StatefulSets.' 1829 type: string 1830 imagePullPolicy: 1831 description: 'Image pull policy. One of Always, 1832 Never, IfNotPresent. Defaults to Always if :latest 1833 tag is specified, or IfNotPresent otherwise. 1834 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1835 type: string 1836 lifecycle: 1837 description: Actions that the management system 1838 should take in response to container lifecycle 1839 events. Cannot be updated. 1840 properties: 1841 postStart: 1842 description: 'PostStart is called immediately 1843 after a container is created. If the handler 1844 fails, the container is terminated and restarted 1845 according to its restart policy. Other management 1846 of the container blocks until the hook completes. 1847 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1848 properties: 1849 exec: 1850 description: Exec specifies the action 1851 to take. 1852 properties: 1853 command: 1854 description: Command is the command 1855 line to execute inside the container, 1856 the working directory for the command is 1857 root ('/') in the container's filesystem. 1858 The command is simply exec'd, it 1859 is not run inside a shell, so traditional 1860 shell instructions ('|', etc) won't 1861 work. To use a shell, you need to 1862 explicitly call out to that shell. 1863 Exit status of 0 is treated as live/healthy 1864 and non-zero is unhealthy. 1865 items: 1866 type: string 1867 type: array 1868 type: object 1869 httpGet: 1870 description: HTTPGet specifies the http 1871 request to perform. 1872 properties: 1873 host: 1874 description: Host name to connect 1875 to, defaults to the pod IP. You 1876 probably want to set "Host" in httpHeaders 1877 instead. 1878 type: string 1879 httpHeaders: 1880 description: Custom headers to set 1881 in the request. HTTP allows repeated 1882 headers. 1883 items: 1884 description: HTTPHeader describes 1885 a custom header to be used in 1886 HTTP probes 1887 properties: 1888 name: 1889 description: The header field 1890 name. This will be canonicalized 1891 upon output, so case-variant 1892 names will be understood as 1893 the same header. 1894 type: string 1895 value: 1896 description: The header field 1897 value 1898 type: string 1899 required: 1900 - name 1901 - value 1902 type: object 1903 type: array 1904 path: 1905 description: Path to access on the 1906 HTTP server. 1907 type: string 1908 port: 1909 anyOf: 1910 - type: integer 1911 - type: string 1912 description: Name or number of the 1913 port to access on the container. 1914 Number must be in the range 1 to 1915 65535. Name must be an IANA_SVC_NAME. 1916 x-kubernetes-int-or-string: true 1917 scheme: 1918 description: Scheme to use for connecting 1919 to the host. Defaults to HTTP. 1920 type: string 1921 required: 1922 - port 1923 type: object 1924 tcpSocket: 1925 description: Deprecated. TCPSocket is 1926 NOT supported as a LifecycleHandler 1927 and kept for the backward compatibility. 1928 There are no validation of this field 1929 and lifecycle hooks will fail in runtime 1930 when tcp handler is specified. 1931 properties: 1932 host: 1933 description: 'Optional: Host name 1934 to connect to, defaults to the pod 1935 IP.' 1936 type: string 1937 port: 1938 anyOf: 1939 - type: integer 1940 - type: string 1941 description: Number or name of the 1942 port to access on the container. 1943 Number must be in the range 1 to 1944 65535. Name must be an IANA_SVC_NAME. 1945 x-kubernetes-int-or-string: true 1946 required: 1947 - port 1948 type: object 1949 type: object 1950 preStop: 1951 description: PreStop is called immediately 1952 before a container is terminated due to 1953 an API request or management event such 1954 as liveness/startup probe failure, preemption, 1955 resource contention, etc. The handler is 1956 not called if the container crashes or exits. 1957 The Pod's termination grace period countdown 1958 begins before the PreStop hook is executed. 1959 properties: 1960 exec: 1961 description: Exec specifies the action 1962 to take. 1963 properties: 1964 command: 1965 description: Command is the command 1966 line to execute inside the container, 1967 the working directory for the command is 1968 root ('/') in the container's filesystem. 1969 The command is simply exec'd, it 1970 is not run inside a shell, so traditional 1971 shell instructions ('|', etc) won't 1972 work. To use a shell, you need to 1973 explicitly call out to that shell. 1974 Exit status of 0 is treated as live/healthy 1975 and non-zero is unhealthy. 1976 items: 1977 type: string 1978 type: array 1979 type: object 1980 httpGet: 1981 description: HTTPGet specifies the http 1982 request to perform. 1983 properties: 1984 host: 1985 description: Host name to connect 1986 to, defaults to the pod IP. You 1987 probably want to set "Host" in httpHeaders 1988 instead. 1989 type: string 1990 httpHeaders: 1991 description: Custom headers to set 1992 in the request. HTTP allows repeated 1993 headers. 1994 items: 1995 description: HTTPHeader describes 1996 a custom header to be used in 1997 HTTP probes 1998 properties: 1999 name: 2000 description: The header field 2001 name. This will be canonicalized 2002 upon output, so case-variant 2003 names will be understood as 2004 the same header. 2005 type: string 2006 value: 2007 description: The header field 2008 value 2009 type: string 2010 required: 2011 - name 2012 - value 2013 type: object 2014 type: array 2015 path: 2016 description: Path to access on the 2017 HTTP server. 2018 type: string 2019 port: 2020 anyOf: 2021 - type: integer 2022 - type: string 2023 description: Name or number of the 2024 port to access on the container. 2025 Number must be in the range 1 to 2026 65535. Name must be an IANA_SVC_NAME. 2027 x-kubernetes-int-or-string: true 2028 scheme: 2029 description: Scheme to use for connecting 2030 to the host. Defaults to HTTP. 2031 type: string 2032 required: 2033 - port 2034 type: object 2035 tcpSocket: 2036 description: Deprecated. TCPSocket is 2037 NOT supported as a LifecycleHandler 2038 and kept for the backward compatibility. 2039 There are no validation of this field 2040 and lifecycle hooks will fail in runtime 2041 when tcp handler is specified. 2042 properties: 2043 host: 2044 description: 'Optional: Host name 2045 to connect to, defaults to the pod 2046 IP.' 2047 type: string 2048 port: 2049 anyOf: 2050 - type: integer 2051 - type: string 2052 description: Number or name of the 2053 port to access on the container. 2054 Number must be in the range 1 to 2055 65535. Name must be an IANA_SVC_NAME. 2056 x-kubernetes-int-or-string: true 2057 required: 2058 - port 2059 type: object 2060 type: object 2061 type: object 2062 livenessProbe: 2063 description: 'Periodic probe of container liveness. 2064 Container will be restarted if the probe fails. 2065 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2066 properties: 2067 exec: 2068 description: Exec specifies the action to 2069 take. 2070 properties: 2071 command: 2072 description: Command is the command line 2073 to execute inside the container, the 2074 working directory for the command is 2075 root ('/') in the container's filesystem. 2076 The command is simply exec'd, it is 2077 not run inside a shell, so traditional 2078 shell instructions ('|', etc) won't 2079 work. To use a shell, you need to explicitly 2080 call out to that shell. Exit status 2081 of 0 is treated as live/healthy and 2082 non-zero is unhealthy. 2083 items: 2084 type: string 2085 type: array 2086 type: object 2087 failureThreshold: 2088 description: Minimum consecutive failures 2089 for the probe to be considered failed after 2090 having succeeded. Defaults to 3. Minimum 2091 value is 1. 2092 format: int32 2093 type: integer 2094 grpc: 2095 description: GRPC specifies an action involving 2096 a GRPC port. 2097 properties: 2098 port: 2099 description: Port number of the gRPC service. 2100 Number must be in the range 1 to 65535. 2101 format: int32 2102 type: integer 2103 service: 2104 description: "Service is the name of the 2105 service to place in the gRPC HealthCheckRequest 2106 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2107 \n If this is not specified, the default 2108 behavior is defined by gRPC." 2109 type: string 2110 required: 2111 - port 2112 type: object 2113 httpGet: 2114 description: HTTPGet specifies the http request 2115 to perform. 2116 properties: 2117 host: 2118 description: Host name to connect to, 2119 defaults to the pod IP. You probably 2120 want to set "Host" in httpHeaders instead. 2121 type: string 2122 httpHeaders: 2123 description: Custom headers to set in 2124 the request. HTTP allows repeated headers. 2125 items: 2126 description: HTTPHeader describes a 2127 custom header to be used in HTTP probes 2128 properties: 2129 name: 2130 description: The header field name. 2131 This will be canonicalized upon 2132 output, so case-variant names 2133 will be understood as the same 2134 header. 2135 type: string 2136 value: 2137 description: The header field value 2138 type: string 2139 required: 2140 - name 2141 - value 2142 type: object 2143 type: array 2144 path: 2145 description: Path to access on the HTTP 2146 server. 2147 type: string 2148 port: 2149 anyOf: 2150 - type: integer 2151 - type: string 2152 description: Name or number of the port 2153 to access on the container. Number must 2154 be in the range 1 to 65535. Name must 2155 be an IANA_SVC_NAME. 2156 x-kubernetes-int-or-string: true 2157 scheme: 2158 description: Scheme to use for connecting 2159 to the host. Defaults to HTTP. 2160 type: string 2161 required: 2162 - port 2163 type: object 2164 initialDelaySeconds: 2165 description: 'Number of seconds after the 2166 container has started before liveness probes 2167 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2168 format: int32 2169 type: integer 2170 periodSeconds: 2171 description: How often (in seconds) to perform 2172 the probe. Default to 10 seconds. Minimum 2173 value is 1. 2174 format: int32 2175 type: integer 2176 successThreshold: 2177 description: Minimum consecutive successes 2178 for the probe to be considered successful 2179 after having failed. Defaults to 1. Must 2180 be 1 for liveness and startup. Minimum value 2181 is 1. 2182 format: int32 2183 type: integer 2184 tcpSocket: 2185 description: TCPSocket specifies an action 2186 involving a TCP port. 2187 properties: 2188 host: 2189 description: 'Optional: Host name to connect 2190 to, defaults to the pod IP.' 2191 type: string 2192 port: 2193 anyOf: 2194 - type: integer 2195 - type: string 2196 description: Number or name of the port 2197 to access on the container. Number must 2198 be in the range 1 to 65535. Name must 2199 be an IANA_SVC_NAME. 2200 x-kubernetes-int-or-string: true 2201 required: 2202 - port 2203 type: object 2204 terminationGracePeriodSeconds: 2205 description: Optional duration in seconds 2206 the pod needs to terminate gracefully upon 2207 probe failure. The grace period is the duration 2208 in seconds after the processes running in 2209 the pod are sent a termination signal and 2210 the time when the processes are forcibly 2211 halted with a kill signal. Set this value 2212 longer than the expected cleanup time for 2213 your process. 2214 format: int64 2215 type: integer 2216 timeoutSeconds: 2217 description: 'Number of seconds after which 2218 the probe times out. Defaults to 1 second. 2219 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2220 format: int32 2221 type: integer 2222 type: object 2223 name: 2224 description: Name of the container specified as 2225 a DNS_LABEL. Each container in a pod must have 2226 a unique name (DNS_LABEL). Cannot be updated. 2227 type: string 2228 ports: 2229 description: List of ports to expose from the 2230 container. Not specifying a port here DOES NOT 2231 prevent that port from being exposed. Any port 2232 which is listening on the default "0.0.0.0" 2233 address inside a container will be accessible 2234 from the network. Modifying this array with 2235 strategic merge patch may corrupt the data. 2236 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 2237 items: 2238 description: ContainerPort represents a network 2239 port in a single container. 2240 properties: 2241 containerPort: 2242 description: Number of port to expose on 2243 the pod's IP address. This must be a valid 2244 port number, 0 < x < 65536. 2245 format: int32 2246 type: integer 2247 hostIP: 2248 description: What host IP to bind the external 2249 port to. 2250 type: string 2251 hostPort: 2252 description: Number of port to expose on 2253 the host. If specified, this must be a 2254 valid port number, 0 < x < 65536. If HostNetwork 2255 is specified, this must match ContainerPort. 2256 Most containers do not need this. 2257 format: int32 2258 type: integer 2259 name: 2260 description: If specified, this must be 2261 an IANA_SVC_NAME and unique within the 2262 pod. Each named port in a pod must have 2263 a unique name. Name for the port that 2264 can be referred to by services. 2265 type: string 2266 protocol: 2267 default: TCP 2268 description: Protocol for port. Must be 2269 UDP, TCP, or SCTP. Defaults to "TCP". 2270 type: string 2271 required: 2272 - containerPort 2273 type: object 2274 type: array 2275 x-kubernetes-list-map-keys: 2276 - containerPort 2277 - protocol 2278 x-kubernetes-list-type: map 2279 readinessProbe: 2280 description: 'Periodic probe of container service 2281 readiness. Container will be removed from service 2282 endpoints if the probe fails. Cannot be updated. 2283 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2284 properties: 2285 exec: 2286 description: Exec specifies the action to 2287 take. 2288 properties: 2289 command: 2290 description: Command is the command line 2291 to execute inside the container, the 2292 working directory for the command is 2293 root ('/') in the container's filesystem. 2294 The command is simply exec'd, it is 2295 not run inside a shell, so traditional 2296 shell instructions ('|', etc) won't 2297 work. To use a shell, you need to explicitly 2298 call out to that shell. Exit status 2299 of 0 is treated as live/healthy and 2300 non-zero is unhealthy. 2301 items: 2302 type: string 2303 type: array 2304 type: object 2305 failureThreshold: 2306 description: Minimum consecutive failures 2307 for the probe to be considered failed after 2308 having succeeded. Defaults to 3. Minimum 2309 value is 1. 2310 format: int32 2311 type: integer 2312 grpc: 2313 description: GRPC specifies an action involving 2314 a GRPC port. 2315 properties: 2316 port: 2317 description: Port number of the gRPC service. 2318 Number must be in the range 1 to 65535. 2319 format: int32 2320 type: integer 2321 service: 2322 description: "Service is the name of the 2323 service to place in the gRPC HealthCheckRequest 2324 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2325 \n If this is not specified, the default 2326 behavior is defined by gRPC." 2327 type: string 2328 required: 2329 - port 2330 type: object 2331 httpGet: 2332 description: HTTPGet specifies the http request 2333 to perform. 2334 properties: 2335 host: 2336 description: Host name to connect to, 2337 defaults to the pod IP. You probably 2338 want to set "Host" in httpHeaders instead. 2339 type: string 2340 httpHeaders: 2341 description: Custom headers to set in 2342 the request. HTTP allows repeated headers. 2343 items: 2344 description: HTTPHeader describes a 2345 custom header to be used in HTTP probes 2346 properties: 2347 name: 2348 description: The header field name. 2349 This will be canonicalized upon 2350 output, so case-variant names 2351 will be understood as the same 2352 header. 2353 type: string 2354 value: 2355 description: The header field value 2356 type: string 2357 required: 2358 - name 2359 - value 2360 type: object 2361 type: array 2362 path: 2363 description: Path to access on the HTTP 2364 server. 2365 type: string 2366 port: 2367 anyOf: 2368 - type: integer 2369 - type: string 2370 description: Name or number of the port 2371 to access on the container. Number must 2372 be in the range 1 to 65535. Name must 2373 be an IANA_SVC_NAME. 2374 x-kubernetes-int-or-string: true 2375 scheme: 2376 description: Scheme to use for connecting 2377 to the host. Defaults to HTTP. 2378 type: string 2379 required: 2380 - port 2381 type: object 2382 initialDelaySeconds: 2383 description: 'Number of seconds after the 2384 container has started before liveness probes 2385 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2386 format: int32 2387 type: integer 2388 periodSeconds: 2389 description: How often (in seconds) to perform 2390 the probe. Default to 10 seconds. Minimum 2391 value is 1. 2392 format: int32 2393 type: integer 2394 successThreshold: 2395 description: Minimum consecutive successes 2396 for the probe to be considered successful 2397 after having failed. Defaults to 1. Must 2398 be 1 for liveness and startup. Minimum value 2399 is 1. 2400 format: int32 2401 type: integer 2402 tcpSocket: 2403 description: TCPSocket specifies an action 2404 involving a TCP port. 2405 properties: 2406 host: 2407 description: 'Optional: Host name to connect 2408 to, defaults to the pod IP.' 2409 type: string 2410 port: 2411 anyOf: 2412 - type: integer 2413 - type: string 2414 description: Number or name of the port 2415 to access on the container. Number must 2416 be in the range 1 to 65535. Name must 2417 be an IANA_SVC_NAME. 2418 x-kubernetes-int-or-string: true 2419 required: 2420 - port 2421 type: object 2422 terminationGracePeriodSeconds: 2423 description: Optional duration in seconds 2424 the pod needs to terminate gracefully upon 2425 probe failure. The grace period is the duration 2426 in seconds after the processes running in 2427 the pod are sent a termination signal and 2428 the time when the processes are forcibly 2429 halted with a kill signal. Set this value 2430 longer than the expected cleanup time for 2431 your process. 2432 format: int64 2433 type: integer 2434 timeoutSeconds: 2435 description: 'Number of seconds after which 2436 the probe times out. Defaults to 1 second. 2437 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2438 format: int32 2439 type: integer 2440 type: object 2441 resizePolicy: 2442 description: Resources resize policy for the container. 2443 items: 2444 description: ContainerResizePolicy represents 2445 resource resize policy for the container. 2446 properties: 2447 resourceName: 2448 description: 'Name of the resource to which 2449 this resource resize policy applies. Supported 2450 values: cpu, memory.' 2451 type: string 2452 restartPolicy: 2453 description: Restart policy to apply when 2454 specified resource is resized. If not 2455 specified, it defaults to NotRequired. 2456 type: string 2457 required: 2458 - resourceName 2459 - restartPolicy 2460 type: object 2461 type: array 2462 x-kubernetes-list-type: atomic 2463 resources: 2464 description: 'Compute Resources required by this 2465 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2466 properties: 2467 claims: 2468 description: "Claims lists the names of resources, 2469 defined in spec.resourceClaims, that are 2470 used by this container. \n This is an alpha 2471 field and requires enabling the DynamicResourceAllocation 2472 feature gate. \n This field is immutable. 2473 It can only be set for containers." 2474 items: 2475 description: ResourceClaim references one 2476 entry in PodSpec.ResourceClaims. 2477 properties: 2478 name: 2479 description: Name must match the name 2480 of one entry in pod.spec.resourceClaims 2481 of the Pod where this field is used. 2482 It makes that resource available inside 2483 a container. 2484 type: string 2485 required: 2486 - name 2487 type: object 2488 type: array 2489 x-kubernetes-list-map-keys: 2490 - name 2491 x-kubernetes-list-type: map 2492 limits: 2493 additionalProperties: 2494 anyOf: 2495 - type: integer 2496 - type: string 2497 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2498 x-kubernetes-int-or-string: true 2499 description: 'Limits describes the maximum 2500 amount of compute resources allowed. More 2501 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2502 type: object 2503 requests: 2504 additionalProperties: 2505 anyOf: 2506 - type: integer 2507 - type: string 2508 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2509 x-kubernetes-int-or-string: true 2510 description: 'Requests describes the minimum 2511 amount of compute resources required. If 2512 Requests is omitted for a container, it 2513 defaults to Limits if that is explicitly 2514 specified, otherwise to an implementation-defined 2515 value. Requests cannot exceed Limits. More 2516 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2517 type: object 2518 type: object 2519 securityContext: 2520 description: 'SecurityContext defines the security 2521 options the container should be run with. If 2522 set, the fields of SecurityContext override 2523 the equivalent fields of PodSecurityContext. 2524 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2525 properties: 2526 allowPrivilegeEscalation: 2527 description: 'AllowPrivilegeEscalation controls 2528 whether a process can gain more privileges 2529 than its parent process. This bool directly 2530 controls if the no_new_privs flag will be 2531 set on the container process. AllowPrivilegeEscalation 2532 is true always when the container is: 1) 2533 run as Privileged 2) has CAP_SYS_ADMIN Note 2534 that this field cannot be set when spec.os.name 2535 is windows.' 2536 type: boolean 2537 capabilities: 2538 description: The capabilities to add/drop 2539 when running containers. Defaults to the 2540 default set of capabilities granted by the 2541 container runtime. Note that this field 2542 cannot be set when spec.os.name is windows. 2543 properties: 2544 add: 2545 description: Added capabilities 2546 items: 2547 description: Capability represent POSIX 2548 capabilities type 2549 type: string 2550 type: array 2551 drop: 2552 description: Removed capabilities 2553 items: 2554 description: Capability represent POSIX 2555 capabilities type 2556 type: string 2557 type: array 2558 type: object 2559 privileged: 2560 description: Run container in privileged mode. 2561 Processes in privileged containers are essentially 2562 equivalent to root on the host. Defaults 2563 to false. Note that this field cannot be 2564 set when spec.os.name is windows. 2565 type: boolean 2566 procMount: 2567 description: procMount denotes the type of 2568 proc mount to use for the containers. The 2569 default is DefaultProcMount which uses the 2570 container runtime defaults for readonly 2571 paths and masked paths. This requires the 2572 ProcMountType feature flag to be enabled. 2573 Note that this field cannot be set when 2574 spec.os.name is windows. 2575 type: string 2576 readOnlyRootFilesystem: 2577 description: Whether this container has a 2578 read-only root filesystem. Default is false. 2579 Note that this field cannot be set when 2580 spec.os.name is windows. 2581 type: boolean 2582 runAsGroup: 2583 description: The GID to run the entrypoint 2584 of the container process. Uses runtime default 2585 if unset. May also be set in PodSecurityContext. If 2586 set in both SecurityContext and PodSecurityContext, 2587 the value specified in SecurityContext takes 2588 precedence. Note that this field cannot 2589 be set when spec.os.name is windows. 2590 format: int64 2591 type: integer 2592 runAsNonRoot: 2593 description: Indicates that the container 2594 must run as a non-root user. If true, the 2595 Kubelet will validate the image at runtime 2596 to ensure that it does not run as UID 0 2597 (root) and fail to start the container if 2598 it does. If unset or false, no such validation 2599 will be performed. May also be set in PodSecurityContext. 2600 type: boolean 2601 runAsUser: 2602 description: The UID to run the entrypoint 2603 of the container process. Defaults to user 2604 specified in image metadata if unspecified. 2605 May also be set in PodSecurityContext. If 2606 set in both SecurityContext and PodSecurityContext, 2607 the value specified in SecurityContext takes 2608 precedence. Note that this field cannot 2609 be set when spec.os.name is windows. 2610 format: int64 2611 type: integer 2612 seLinuxOptions: 2613 description: The SELinux context to be applied 2614 to the container. If unspecified, the container 2615 runtime will allocate a random SELinux context 2616 for each container. May also be set in 2617 PodSecurityContext. If set in both SecurityContext 2618 and PodSecurityContext, the value specified 2619 in SecurityContext takes precedence. Note 2620 that this field cannot be set when spec.os.name 2621 is windows. 2622 properties: 2623 level: 2624 description: Level is SELinux level label 2625 that applies to the container. 2626 type: string 2627 role: 2628 description: Role is a SELinux role label 2629 that applies to the container. 2630 type: string 2631 type: 2632 description: Type is a SELinux type label 2633 that applies to the container. 2634 type: string 2635 user: 2636 description: User is a SELinux user label 2637 that applies to the container. 2638 type: string 2639 type: object 2640 seccompProfile: 2641 description: The seccomp options to use by 2642 this container. If seccomp options are provided 2643 at both the pod & container level, the container 2644 options override the pod options. Note that 2645 this field cannot be set when spec.os.name 2646 is windows. 2647 properties: 2648 localhostProfile: 2649 description: localhostProfile indicates 2650 a profile defined in a file on the node 2651 should be used. The profile must be 2652 preconfigured on the node to work. Must 2653 be a descending path, relative to the 2654 kubelet's configured seccomp profile 2655 location. Must only be set if type is 2656 "Localhost". 2657 type: string 2658 type: 2659 description: "type indicates which kind 2660 of seccomp profile will be applied. 2661 Valid options are: \n Localhost - a 2662 profile defined in a file on the node 2663 should be used. RuntimeDefault - the 2664 container runtime default profile should 2665 be used. Unconfined - no profile should 2666 be applied." 2667 type: string 2668 required: 2669 - type 2670 type: object 2671 windowsOptions: 2672 description: The Windows specific settings 2673 applied to all containers. If unspecified, 2674 the options from the PodSecurityContext 2675 will be used. If set in both SecurityContext 2676 and PodSecurityContext, the value specified 2677 in SecurityContext takes precedence. Note 2678 that this field cannot be set when spec.os.name 2679 is linux. 2680 properties: 2681 gmsaCredentialSpec: 2682 description: GMSACredentialSpec is where 2683 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2684 inlines the contents of the GMSA credential 2685 spec named by the GMSACredentialSpecName 2686 field. 2687 type: string 2688 gmsaCredentialSpecName: 2689 description: GMSACredentialSpecName is 2690 the name of the GMSA credential spec 2691 to use. 2692 type: string 2693 hostProcess: 2694 description: HostProcess determines if 2695 a container should be run as a 'Host 2696 Process' container. This field is alpha-level 2697 and will only be honored by components 2698 that enable the WindowsHostProcessContainers 2699 feature flag. Setting this field without 2700 the feature flag will result in errors 2701 when validating the Pod. 2702 type: boolean 2703 runAsUserName: 2704 description: The UserName in Windows to 2705 run the entrypoint of the container 2706 process. Defaults to the user specified 2707 in image metadata if unspecified. May 2708 also be set in PodSecurityContext. If 2709 set in both SecurityContext and PodSecurityContext, 2710 the value specified in SecurityContext 2711 takes precedence. 2712 type: string 2713 type: object 2714 type: object 2715 startupProbe: 2716 description: StartupProbe indicates that the Pod 2717 has successfully initialized. If specified, 2718 no other probes are executed until this completes 2719 successfully. If this probe fails, the Pod will 2720 be restarted, just as if the livenessProbe failed. 2721 properties: 2722 exec: 2723 description: Exec specifies the action to 2724 take. 2725 properties: 2726 command: 2727 description: Command is the command line 2728 to execute inside the container, the 2729 working directory for the command is 2730 root ('/') in the container's filesystem. 2731 The command is simply exec'd, it is 2732 not run inside a shell, so traditional 2733 shell instructions ('|', etc) won't 2734 work. To use a shell, you need to explicitly 2735 call out to that shell. Exit status 2736 of 0 is treated as live/healthy and 2737 non-zero is unhealthy. 2738 items: 2739 type: string 2740 type: array 2741 type: object 2742 failureThreshold: 2743 description: Minimum consecutive failures 2744 for the probe to be considered failed after 2745 having succeeded. Defaults to 3. Minimum 2746 value is 1. 2747 format: int32 2748 type: integer 2749 grpc: 2750 description: GRPC specifies an action involving 2751 a GRPC port. 2752 properties: 2753 port: 2754 description: Port number of the gRPC service. 2755 Number must be in the range 1 to 65535. 2756 format: int32 2757 type: integer 2758 service: 2759 description: "Service is the name of the 2760 service to place in the gRPC HealthCheckRequest 2761 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2762 \n If this is not specified, the default 2763 behavior is defined by gRPC." 2764 type: string 2765 required: 2766 - port 2767 type: object 2768 httpGet: 2769 description: HTTPGet specifies the http request 2770 to perform. 2771 properties: 2772 host: 2773 description: Host name to connect to, 2774 defaults to the pod IP. You probably 2775 want to set "Host" in httpHeaders instead. 2776 type: string 2777 httpHeaders: 2778 description: Custom headers to set in 2779 the request. HTTP allows repeated headers. 2780 items: 2781 description: HTTPHeader describes a 2782 custom header to be used in HTTP probes 2783 properties: 2784 name: 2785 description: The header field name. 2786 This will be canonicalized upon 2787 output, so case-variant names 2788 will be understood as the same 2789 header. 2790 type: string 2791 value: 2792 description: The header field value 2793 type: string 2794 required: 2795 - name 2796 - value 2797 type: object 2798 type: array 2799 path: 2800 description: Path to access on the HTTP 2801 server. 2802 type: string 2803 port: 2804 anyOf: 2805 - type: integer 2806 - type: string 2807 description: Name or number of the port 2808 to access on the container. Number must 2809 be in the range 1 to 65535. Name must 2810 be an IANA_SVC_NAME. 2811 x-kubernetes-int-or-string: true 2812 scheme: 2813 description: Scheme to use for connecting 2814 to the host. Defaults to HTTP. 2815 type: string 2816 required: 2817 - port 2818 type: object 2819 initialDelaySeconds: 2820 description: 'Number of seconds after the 2821 container has started before liveness probes 2822 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2823 format: int32 2824 type: integer 2825 periodSeconds: 2826 description: How often (in seconds) to perform 2827 the probe. Default to 10 seconds. Minimum 2828 value is 1. 2829 format: int32 2830 type: integer 2831 successThreshold: 2832 description: Minimum consecutive successes 2833 for the probe to be considered successful 2834 after having failed. Defaults to 1. Must 2835 be 1 for liveness and startup. Minimum value 2836 is 1. 2837 format: int32 2838 type: integer 2839 tcpSocket: 2840 description: TCPSocket specifies an action 2841 involving a TCP port. 2842 properties: 2843 host: 2844 description: 'Optional: Host name to connect 2845 to, defaults to the pod IP.' 2846 type: string 2847 port: 2848 anyOf: 2849 - type: integer 2850 - type: string 2851 description: Number or name of the port 2852 to access on the container. Number must 2853 be in the range 1 to 65535. Name must 2854 be an IANA_SVC_NAME. 2855 x-kubernetes-int-or-string: true 2856 required: 2857 - port 2858 type: object 2859 terminationGracePeriodSeconds: 2860 description: Optional duration in seconds 2861 the pod needs to terminate gracefully upon 2862 probe failure. The grace period is the duration 2863 in seconds after the processes running in 2864 the pod are sent a termination signal and 2865 the time when the processes are forcibly 2866 halted with a kill signal. Set this value 2867 longer than the expected cleanup time for 2868 your process. 2869 format: int64 2870 type: integer 2871 timeoutSeconds: 2872 description: 'Number of seconds after which 2873 the probe times out. Defaults to 1 second. 2874 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2875 format: int32 2876 type: integer 2877 type: object 2878 stdin: 2879 description: Whether this container should allocate 2880 a buffer for stdin in the container runtime. 2881 If this is not set, reads from stdin in the 2882 container will always result in EOF. Default 2883 is false. 2884 type: boolean 2885 stdinOnce: 2886 description: Whether the container runtime should 2887 close the stdin channel after it has been opened 2888 by a single attach. When stdin is true the stdin 2889 stream will remain open across multiple attach 2890 sessions. 2891 type: boolean 2892 terminationMessagePath: 2893 description: 'Optional: Path at which the file 2894 to which the container''s termination message 2895 will be written is mounted into the container''s 2896 filesystem. Message written is intended to be 2897 brief final status, such as an assertion failure 2898 message. Will be truncated by the node if greater 2899 than 4096 bytes. The total message length across 2900 all containers will be limited to 12kb. Defaults 2901 to /dev/termination-log.' 2902 type: string 2903 terminationMessagePolicy: 2904 description: Indicate how the termination message 2905 should be populated. File will use the contents 2906 of terminationMessagePath to populate the container 2907 status message on both success and failure. 2908 FallbackToLogsOnError will use the last chunk 2909 of container log output if the termination message 2910 file is empty and the container exited with 2911 an error. 2912 type: string 2913 tty: 2914 description: Whether this container should allocate 2915 a TTY for itself, also requires 'stdin' to be 2916 true. Default is false. 2917 type: boolean 2918 volumeDevices: 2919 description: volumeDevices is the list of block 2920 devices to be used by the container. 2921 items: 2922 description: volumeDevice describes a mapping 2923 of a raw block device within a container. 2924 properties: 2925 devicePath: 2926 description: devicePath is the path inside 2927 of the container that the device will 2928 be mapped to. 2929 type: string 2930 name: 2931 description: name must match the name of 2932 a persistentVolumeClaim in the pod 2933 type: string 2934 required: 2935 - devicePath 2936 - name 2937 type: object 2938 type: array 2939 volumeMounts: 2940 description: Pod volumes to mount into the container's 2941 filesystem. Cannot be updated. 2942 items: 2943 description: VolumeMount describes a mounting 2944 of a Volume within a container. 2945 properties: 2946 mountPath: 2947 description: Path within the container at 2948 which the volume should be mounted. Must 2949 not contain ':'. 2950 type: string 2951 mountPropagation: 2952 description: mountPropagation determines 2953 how mounts are propagated from the host 2954 to container and the other way around. 2955 When not set, MountPropagationNone is 2956 used. This field is beta in 1.10. 2957 type: string 2958 name: 2959 description: This must match the Name of 2960 a Volume. 2961 type: string 2962 readOnly: 2963 description: Mounted read-only if true, 2964 read-write otherwise (false or unspecified). 2965 Defaults to false. 2966 type: boolean 2967 subPath: 2968 description: Path within the volume from 2969 which the container's volume should be 2970 mounted. Defaults to "" (volume's root). 2971 type: string 2972 subPathExpr: 2973 description: Expanded path within the volume 2974 from which the container's volume should 2975 be mounted. Behaves similarly to SubPath 2976 but environment variable references $(VAR_NAME) 2977 are expanded using the container's environment. 2978 Defaults to "" (volume's root). SubPathExpr 2979 and SubPath are mutually exclusive. 2980 type: string 2981 required: 2982 - mountPath 2983 - name 2984 type: object 2985 type: array 2986 workingDir: 2987 description: Container's working directory. If 2988 not specified, the container runtime's default 2989 will be used, which might be configured in the 2990 container image. Cannot be updated. 2991 type: string 2992 required: 2993 - name 2994 type: object 2995 type: array 2996 dnsConfig: 2997 description: Specifies the DNS parameters of a pod. 2998 Parameters specified here will be merged to the generated 2999 DNS configuration based on DNSPolicy. 3000 properties: 3001 nameservers: 3002 description: A list of DNS name server IP addresses. 3003 This will be appended to the base nameservers 3004 generated from DNSPolicy. Duplicated nameservers 3005 will be removed. 3006 items: 3007 type: string 3008 type: array 3009 options: 3010 description: A list of DNS resolver options. This 3011 will be merged with the base options generated 3012 from DNSPolicy. Duplicated entries will be removed. 3013 Resolution options given in Options will override 3014 those that appear in the base DNSPolicy. 3015 items: 3016 description: PodDNSConfigOption defines DNS resolver 3017 options of a pod. 3018 properties: 3019 name: 3020 description: Required. 3021 type: string 3022 value: 3023 type: string 3024 type: object 3025 type: array 3026 searches: 3027 description: A list of DNS search domains for host-name 3028 lookup. This will be appended to the base search 3029 paths generated from DNSPolicy. Duplicated search 3030 paths will be removed. 3031 items: 3032 type: string 3033 type: array 3034 type: object 3035 dnsPolicy: 3036 description: Set DNS policy for the pod. Defaults to 3037 "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 3038 'ClusterFirst', 'Default' or 'None'. DNS parameters 3039 given in DNSConfig will be merged with the policy 3040 selected with DNSPolicy. To have DNS options set along 3041 with hostNetwork, you have to specify DNS policy explicitly 3042 to 'ClusterFirstWithHostNet'. 3043 type: string 3044 enableServiceLinks: 3045 description: 'EnableServiceLinks indicates whether information 3046 about services should be injected into pod''s environment 3047 variables, matching the syntax of Docker links. Optional: 3048 Defaults to true.' 3049 type: boolean 3050 ephemeralContainers: 3051 description: List of ephemeral containers run in this 3052 pod. Ephemeral containers may be run in an existing 3053 pod to perform user-initiated actions such as debugging. 3054 This list cannot be specified when creating a pod, 3055 and it cannot be modified by updating the pod spec. 3056 In order to add an ephemeral container to an existing 3057 pod, use the pod's ephemeralcontainers subresource. 3058 items: 3059 description: An EphemeralContainer is a temporary 3060 container that you may add to an existing Pod for 3061 user-initiated activities such as debugging. Ephemeral 3062 containers have no resource or scheduling guarantees, 3063 and they will not be restarted when they exit or 3064 when a Pod is removed or restarted. The kubelet 3065 may evict a Pod if an ephemeral container causes 3066 the Pod to exceed its resource allocation. 3067 properties: 3068 args: 3069 description: 'Arguments to the entrypoint. The 3070 image''s CMD is used if this is not provided. 3071 Variable references $(VAR_NAME) are expanded 3072 using the container''s environment. If a variable 3073 cannot be resolved, the reference in the input 3074 string will be unchanged. Double $$ are reduced 3075 to a single $, which allows for escaping the 3076 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 3077 produce the string literal "$(VAR_NAME)".' 3078 items: 3079 type: string 3080 type: array 3081 command: 3082 description: 'Entrypoint array. Not executed within 3083 a shell. The image''s ENTRYPOINT is used if 3084 this is not provided. Variable references $(VAR_NAME) 3085 are expanded using the container''s environment. 3086 If a variable cannot be resolved, the reference 3087 in the input string will be unchanged. Double 3088 $$ are reduced to a single $, which allows for 3089 escaping the $(VAR_NAME) syntax: i.e.' 3090 items: 3091 type: string 3092 type: array 3093 env: 3094 description: List of environment variables to 3095 set in the container. Cannot be updated. 3096 items: 3097 description: EnvVar represents an environment 3098 variable present in a Container. 3099 properties: 3100 name: 3101 description: Name of the environment variable. 3102 Must be a C_IDENTIFIER. 3103 type: string 3104 value: 3105 description: 'Variable references $(VAR_NAME) 3106 are expanded using the previously defined 3107 environment variables in the container 3108 and any service environment variables. 3109 If a variable cannot be resolved, the 3110 reference in the input string will be 3111 unchanged. Double $$ are reduced to a 3112 single $, which allows for escaping the 3113 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 3114 will produce the string literal "$(VAR_NAME)".' 3115 type: string 3116 valueFrom: 3117 description: Source for the environment 3118 variable's value. Cannot be used if value 3119 is not empty. 3120 properties: 3121 configMapKeyRef: 3122 description: Selects a key of a ConfigMap. 3123 properties: 3124 key: 3125 description: The key to select. 3126 type: string 3127 name: 3128 description: 'Name of the referent. 3129 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3130 TODO: Add other useful fields. 3131 apiVersion, kind, uid?' 3132 type: string 3133 optional: 3134 description: Specify whether the 3135 ConfigMap or its key must be defined 3136 type: boolean 3137 required: 3138 - key 3139 type: object 3140 x-kubernetes-map-type: atomic 3141 fieldRef: 3142 description: 'Selects a field of the 3143 pod: supports metadata.name, metadata.namespace, 3144 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 3145 spec.nodeName, spec.serviceAccountName, 3146 status.hostIP, status.podIP, status.podIPs.' 3147 properties: 3148 apiVersion: 3149 description: Version of the schema 3150 the FieldPath is written in terms 3151 of, defaults to "v1". 3152 type: string 3153 fieldPath: 3154 description: Path of the field to 3155 select in the specified API version. 3156 type: string 3157 required: 3158 - fieldPath 3159 type: object 3160 x-kubernetes-map-type: atomic 3161 resourceFieldRef: 3162 description: 'Selects a resource of 3163 the container: only resources limits 3164 and requests (limits.cpu, limits.memory, 3165 limits.ephemeral-storage, requests.cpu, 3166 requests.memory and requests.ephemeral-storage) 3167 are currently supported.' 3168 properties: 3169 containerName: 3170 description: 'Container name: required 3171 for volumes, optional for env 3172 vars' 3173 type: string 3174 divisor: 3175 anyOf: 3176 - type: integer 3177 - type: string 3178 description: Specifies the output 3179 format of the exposed resources, 3180 defaults to "1" 3181 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3182 x-kubernetes-int-or-string: true 3183 resource: 3184 description: 'Required: resource 3185 to select' 3186 type: string 3187 required: 3188 - resource 3189 type: object 3190 x-kubernetes-map-type: atomic 3191 secretKeyRef: 3192 description: Selects a key of a secret 3193 in the pod's namespace 3194 properties: 3195 key: 3196 description: The key of the secret 3197 to select from. Must be a valid 3198 secret key. 3199 type: string 3200 name: 3201 description: 'Name of the referent. 3202 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3203 TODO: Add other useful fields. 3204 apiVersion, kind, uid?' 3205 type: string 3206 optional: 3207 description: Specify whether the 3208 Secret or its key must be defined 3209 type: boolean 3210 required: 3211 - key 3212 type: object 3213 x-kubernetes-map-type: atomic 3214 type: object 3215 required: 3216 - name 3217 type: object 3218 type: array 3219 envFrom: 3220 description: List of sources to populate environment 3221 variables in the container. The keys defined 3222 within a source must be a C_IDENTIFIER. All 3223 invalid keys will be reported as an event when 3224 the container is starting. When a key exists 3225 in multiple sources, the value associated with 3226 the last source will take precedence. Values 3227 defined by an Env with a duplicate key will 3228 take precedence. Cannot be updated. 3229 items: 3230 description: EnvFromSource represents the source 3231 of a set of ConfigMaps 3232 properties: 3233 configMapRef: 3234 description: The ConfigMap to select from 3235 properties: 3236 name: 3237 description: 'Name of the referent. 3238 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3239 TODO: Add other useful fields. apiVersion, 3240 kind, uid?' 3241 type: string 3242 optional: 3243 description: Specify whether the ConfigMap 3244 must be defined 3245 type: boolean 3246 type: object 3247 x-kubernetes-map-type: atomic 3248 prefix: 3249 description: An optional identifier to prepend 3250 to each key in the ConfigMap. Must be 3251 a C_IDENTIFIER. 3252 type: string 3253 secretRef: 3254 description: The Secret to select from 3255 properties: 3256 name: 3257 description: 'Name of the referent. 3258 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3259 TODO: Add other useful fields. apiVersion, 3260 kind, uid?' 3261 type: string 3262 optional: 3263 description: Specify whether the Secret 3264 must be defined 3265 type: boolean 3266 type: object 3267 x-kubernetes-map-type: atomic 3268 type: object 3269 type: array 3270 image: 3271 description: 'Container image name. More info: 3272 https://kubernetes.io/docs/concepts/containers/images' 3273 type: string 3274 imagePullPolicy: 3275 description: 'Image pull policy. One of Always, 3276 Never, IfNotPresent. Defaults to Always if :latest 3277 tag is specified, or IfNotPresent otherwise. 3278 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3279 type: string 3280 lifecycle: 3281 description: Lifecycle is not allowed for ephemeral 3282 containers. 3283 properties: 3284 postStart: 3285 description: 'PostStart is called immediately 3286 after a container is created. If the handler 3287 fails, the container is terminated and restarted 3288 according to its restart policy. Other management 3289 of the container blocks until the hook completes. 3290 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3291 properties: 3292 exec: 3293 description: Exec specifies the action 3294 to take. 3295 properties: 3296 command: 3297 description: Command is the command 3298 line to execute inside the container, 3299 the working directory for the command is 3300 root ('/') in the container's filesystem. 3301 The command is simply exec'd, it 3302 is not run inside a shell, so traditional 3303 shell instructions ('|', etc) won't 3304 work. To use a shell, you need to 3305 explicitly call out to that shell. 3306 Exit status of 0 is treated as live/healthy 3307 and non-zero is unhealthy. 3308 items: 3309 type: string 3310 type: array 3311 type: object 3312 httpGet: 3313 description: HTTPGet specifies the http 3314 request to perform. 3315 properties: 3316 host: 3317 description: Host name to connect 3318 to, defaults to the pod IP. You 3319 probably want to set "Host" in httpHeaders 3320 instead. 3321 type: string 3322 httpHeaders: 3323 description: Custom headers to set 3324 in the request. HTTP allows repeated 3325 headers. 3326 items: 3327 description: HTTPHeader describes 3328 a custom header to be used in 3329 HTTP probes 3330 properties: 3331 name: 3332 description: The header field 3333 name. This will be canonicalized 3334 upon output, so case-variant 3335 names will be understood as 3336 the same header. 3337 type: string 3338 value: 3339 description: The header field 3340 value 3341 type: string 3342 required: 3343 - name 3344 - value 3345 type: object 3346 type: array 3347 path: 3348 description: Path to access on the 3349 HTTP server. 3350 type: string 3351 port: 3352 anyOf: 3353 - type: integer 3354 - type: string 3355 description: Name or number of the 3356 port to access on the container. 3357 Number must be in the range 1 to 3358 65535. Name must be an IANA_SVC_NAME. 3359 x-kubernetes-int-or-string: true 3360 scheme: 3361 description: Scheme to use for connecting 3362 to the host. Defaults to HTTP. 3363 type: string 3364 required: 3365 - port 3366 type: object 3367 tcpSocket: 3368 description: Deprecated. TCPSocket is 3369 NOT supported as a LifecycleHandler 3370 and kept for the backward compatibility. 3371 There are no validation of this field 3372 and lifecycle hooks will fail in runtime 3373 when tcp handler is specified. 3374 properties: 3375 host: 3376 description: 'Optional: Host name 3377 to connect to, defaults to the pod 3378 IP.' 3379 type: string 3380 port: 3381 anyOf: 3382 - type: integer 3383 - type: string 3384 description: Number or name of the 3385 port to access on the container. 3386 Number must be in the range 1 to 3387 65535. Name must be an IANA_SVC_NAME. 3388 x-kubernetes-int-or-string: true 3389 required: 3390 - port 3391 type: object 3392 type: object 3393 preStop: 3394 description: PreStop is called immediately 3395 before a container is terminated due to 3396 an API request or management event such 3397 as liveness/startup probe failure, preemption, 3398 resource contention, etc. The handler is 3399 not called if the container crashes or exits. 3400 The Pod's termination grace period countdown 3401 begins before the PreStop hook is executed. 3402 properties: 3403 exec: 3404 description: Exec specifies the action 3405 to take. 3406 properties: 3407 command: 3408 description: Command is the command 3409 line to execute inside the container, 3410 the working directory for the command is 3411 root ('/') in the container's filesystem. 3412 The command is simply exec'd, it 3413 is not run inside a shell, so traditional 3414 shell instructions ('|', etc) won't 3415 work. To use a shell, you need to 3416 explicitly call out to that shell. 3417 Exit status of 0 is treated as live/healthy 3418 and non-zero is unhealthy. 3419 items: 3420 type: string 3421 type: array 3422 type: object 3423 httpGet: 3424 description: HTTPGet specifies the http 3425 request to perform. 3426 properties: 3427 host: 3428 description: Host name to connect 3429 to, defaults to the pod IP. You 3430 probably want to set "Host" in httpHeaders 3431 instead. 3432 type: string 3433 httpHeaders: 3434 description: Custom headers to set 3435 in the request. HTTP allows repeated 3436 headers. 3437 items: 3438 description: HTTPHeader describes 3439 a custom header to be used in 3440 HTTP probes 3441 properties: 3442 name: 3443 description: The header field 3444 name. This will be canonicalized 3445 upon output, so case-variant 3446 names will be understood as 3447 the same header. 3448 type: string 3449 value: 3450 description: The header field 3451 value 3452 type: string 3453 required: 3454 - name 3455 - value 3456 type: object 3457 type: array 3458 path: 3459 description: Path to access on the 3460 HTTP server. 3461 type: string 3462 port: 3463 anyOf: 3464 - type: integer 3465 - type: string 3466 description: Name or number of the 3467 port to access on the container. 3468 Number must be in the range 1 to 3469 65535. Name must be an IANA_SVC_NAME. 3470 x-kubernetes-int-or-string: true 3471 scheme: 3472 description: Scheme to use for connecting 3473 to the host. Defaults to HTTP. 3474 type: string 3475 required: 3476 - port 3477 type: object 3478 tcpSocket: 3479 description: Deprecated. TCPSocket is 3480 NOT supported as a LifecycleHandler 3481 and kept for the backward compatibility. 3482 There are no validation of this field 3483 and lifecycle hooks will fail in runtime 3484 when tcp handler is specified. 3485 properties: 3486 host: 3487 description: 'Optional: Host name 3488 to connect to, defaults to the pod 3489 IP.' 3490 type: string 3491 port: 3492 anyOf: 3493 - type: integer 3494 - type: string 3495 description: Number or name of the 3496 port to access on the container. 3497 Number must be in the range 1 to 3498 65535. Name must be an IANA_SVC_NAME. 3499 x-kubernetes-int-or-string: true 3500 required: 3501 - port 3502 type: object 3503 type: object 3504 type: object 3505 livenessProbe: 3506 description: Probes are not allowed for ephemeral 3507 containers. 3508 properties: 3509 exec: 3510 description: Exec specifies the action to 3511 take. 3512 properties: 3513 command: 3514 description: Command is the command line 3515 to execute inside the container, the 3516 working directory for the command is 3517 root ('/') in the container's filesystem. 3518 The command is simply exec'd, it is 3519 not run inside a shell, so traditional 3520 shell instructions ('|', etc) won't 3521 work. To use a shell, you need to explicitly 3522 call out to that shell. Exit status 3523 of 0 is treated as live/healthy and 3524 non-zero is unhealthy. 3525 items: 3526 type: string 3527 type: array 3528 type: object 3529 failureThreshold: 3530 description: Minimum consecutive failures 3531 for the probe to be considered failed after 3532 having succeeded. Defaults to 3. Minimum 3533 value is 1. 3534 format: int32 3535 type: integer 3536 grpc: 3537 description: GRPC specifies an action involving 3538 a GRPC port. 3539 properties: 3540 port: 3541 description: Port number of the gRPC service. 3542 Number must be in the range 1 to 65535. 3543 format: int32 3544 type: integer 3545 service: 3546 description: "Service is the name of the 3547 service to place in the gRPC HealthCheckRequest 3548 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3549 \n If this is not specified, the default 3550 behavior is defined by gRPC." 3551 type: string 3552 required: 3553 - port 3554 type: object 3555 httpGet: 3556 description: HTTPGet specifies the http request 3557 to perform. 3558 properties: 3559 host: 3560 description: Host name to connect to, 3561 defaults to the pod IP. You probably 3562 want to set "Host" in httpHeaders instead. 3563 type: string 3564 httpHeaders: 3565 description: Custom headers to set in 3566 the request. HTTP allows repeated headers. 3567 items: 3568 description: HTTPHeader describes a 3569 custom header to be used in HTTP probes 3570 properties: 3571 name: 3572 description: The header field name. 3573 This will be canonicalized upon 3574 output, so case-variant names 3575 will be understood as the same 3576 header. 3577 type: string 3578 value: 3579 description: The header field value 3580 type: string 3581 required: 3582 - name 3583 - value 3584 type: object 3585 type: array 3586 path: 3587 description: Path to access on the HTTP 3588 server. 3589 type: string 3590 port: 3591 anyOf: 3592 - type: integer 3593 - type: string 3594 description: Name or number of the port 3595 to access on the container. Number must 3596 be in the range 1 to 65535. Name must 3597 be an IANA_SVC_NAME. 3598 x-kubernetes-int-or-string: true 3599 scheme: 3600 description: Scheme to use for connecting 3601 to the host. Defaults to HTTP. 3602 type: string 3603 required: 3604 - port 3605 type: object 3606 initialDelaySeconds: 3607 description: 'Number of seconds after the 3608 container has started before liveness probes 3609 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3610 format: int32 3611 type: integer 3612 periodSeconds: 3613 description: How often (in seconds) to perform 3614 the probe. Default to 10 seconds. Minimum 3615 value is 1. 3616 format: int32 3617 type: integer 3618 successThreshold: 3619 description: Minimum consecutive successes 3620 for the probe to be considered successful 3621 after having failed. Defaults to 1. Must 3622 be 1 for liveness and startup. Minimum value 3623 is 1. 3624 format: int32 3625 type: integer 3626 tcpSocket: 3627 description: TCPSocket specifies an action 3628 involving a TCP port. 3629 properties: 3630 host: 3631 description: 'Optional: Host name to connect 3632 to, defaults to the pod IP.' 3633 type: string 3634 port: 3635 anyOf: 3636 - type: integer 3637 - type: string 3638 description: Number or name of the port 3639 to access on the container. Number must 3640 be in the range 1 to 65535. Name must 3641 be an IANA_SVC_NAME. 3642 x-kubernetes-int-or-string: true 3643 required: 3644 - port 3645 type: object 3646 terminationGracePeriodSeconds: 3647 description: Optional duration in seconds 3648 the pod needs to terminate gracefully upon 3649 probe failure. The grace period is the duration 3650 in seconds after the processes running in 3651 the pod are sent a termination signal and 3652 the time when the processes are forcibly 3653 halted with a kill signal. Set this value 3654 longer than the expected cleanup time for 3655 your process. 3656 format: int64 3657 type: integer 3658 timeoutSeconds: 3659 description: 'Number of seconds after which 3660 the probe times out. Defaults to 1 second. 3661 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3662 format: int32 3663 type: integer 3664 type: object 3665 name: 3666 description: Name of the ephemeral container specified 3667 as a DNS_LABEL. This name must be unique among 3668 all containers, init containers and ephemeral 3669 containers. 3670 type: string 3671 ports: 3672 description: Ports are not allowed for ephemeral 3673 containers. 3674 items: 3675 description: ContainerPort represents a network 3676 port in a single container. 3677 properties: 3678 containerPort: 3679 description: Number of port to expose on 3680 the pod's IP address. This must be a valid 3681 port number, 0 < x < 65536. 3682 format: int32 3683 type: integer 3684 hostIP: 3685 description: What host IP to bind the external 3686 port to. 3687 type: string 3688 hostPort: 3689 description: Number of port to expose on 3690 the host. If specified, this must be a 3691 valid port number, 0 < x < 65536. If HostNetwork 3692 is specified, this must match ContainerPort. 3693 Most containers do not need this. 3694 format: int32 3695 type: integer 3696 name: 3697 description: If specified, this must be 3698 an IANA_SVC_NAME and unique within the 3699 pod. Each named port in a pod must have 3700 a unique name. Name for the port that 3701 can be referred to by services. 3702 type: string 3703 protocol: 3704 default: TCP 3705 description: Protocol for port. Must be 3706 UDP, TCP, or SCTP. Defaults to "TCP". 3707 type: string 3708 required: 3709 - containerPort 3710 type: object 3711 type: array 3712 x-kubernetes-list-map-keys: 3713 - containerPort 3714 - protocol 3715 x-kubernetes-list-type: map 3716 readinessProbe: 3717 description: Probes are not allowed for ephemeral 3718 containers. 3719 properties: 3720 exec: 3721 description: Exec specifies the action to 3722 take. 3723 properties: 3724 command: 3725 description: Command is the command line 3726 to execute inside the container, the 3727 working directory for the command is 3728 root ('/') in the container's filesystem. 3729 The command is simply exec'd, it is 3730 not run inside a shell, so traditional 3731 shell instructions ('|', etc) won't 3732 work. To use a shell, you need to explicitly 3733 call out to that shell. Exit status 3734 of 0 is treated as live/healthy and 3735 non-zero is unhealthy. 3736 items: 3737 type: string 3738 type: array 3739 type: object 3740 failureThreshold: 3741 description: Minimum consecutive failures 3742 for the probe to be considered failed after 3743 having succeeded. Defaults to 3. Minimum 3744 value is 1. 3745 format: int32 3746 type: integer 3747 grpc: 3748 description: GRPC specifies an action involving 3749 a GRPC port. 3750 properties: 3751 port: 3752 description: Port number of the gRPC service. 3753 Number must be in the range 1 to 65535. 3754 format: int32 3755 type: integer 3756 service: 3757 description: "Service is the name of the 3758 service to place in the gRPC HealthCheckRequest 3759 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3760 \n If this is not specified, the default 3761 behavior is defined by gRPC." 3762 type: string 3763 required: 3764 - port 3765 type: object 3766 httpGet: 3767 description: HTTPGet specifies the http request 3768 to perform. 3769 properties: 3770 host: 3771 description: Host name to connect to, 3772 defaults to the pod IP. You probably 3773 want to set "Host" in httpHeaders instead. 3774 type: string 3775 httpHeaders: 3776 description: Custom headers to set in 3777 the request. HTTP allows repeated headers. 3778 items: 3779 description: HTTPHeader describes a 3780 custom header to be used in HTTP probes 3781 properties: 3782 name: 3783 description: The header field name. 3784 This will be canonicalized upon 3785 output, so case-variant names 3786 will be understood as the same 3787 header. 3788 type: string 3789 value: 3790 description: The header field value 3791 type: string 3792 required: 3793 - name 3794 - value 3795 type: object 3796 type: array 3797 path: 3798 description: Path to access on the HTTP 3799 server. 3800 type: string 3801 port: 3802 anyOf: 3803 - type: integer 3804 - type: string 3805 description: Name or number of the port 3806 to access on the container. Number must 3807 be in the range 1 to 65535. Name must 3808 be an IANA_SVC_NAME. 3809 x-kubernetes-int-or-string: true 3810 scheme: 3811 description: Scheme to use for connecting 3812 to the host. Defaults to HTTP. 3813 type: string 3814 required: 3815 - port 3816 type: object 3817 initialDelaySeconds: 3818 description: 'Number of seconds after the 3819 container has started before liveness probes 3820 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3821 format: int32 3822 type: integer 3823 periodSeconds: 3824 description: How often (in seconds) to perform 3825 the probe. Default to 10 seconds. Minimum 3826 value is 1. 3827 format: int32 3828 type: integer 3829 successThreshold: 3830 description: Minimum consecutive successes 3831 for the probe to be considered successful 3832 after having failed. Defaults to 1. Must 3833 be 1 for liveness and startup. Minimum value 3834 is 1. 3835 format: int32 3836 type: integer 3837 tcpSocket: 3838 description: TCPSocket specifies an action 3839 involving a TCP port. 3840 properties: 3841 host: 3842 description: 'Optional: Host name to connect 3843 to, defaults to the pod IP.' 3844 type: string 3845 port: 3846 anyOf: 3847 - type: integer 3848 - type: string 3849 description: Number or name of the port 3850 to access on the container. Number must 3851 be in the range 1 to 65535. Name must 3852 be an IANA_SVC_NAME. 3853 x-kubernetes-int-or-string: true 3854 required: 3855 - port 3856 type: object 3857 terminationGracePeriodSeconds: 3858 description: Optional duration in seconds 3859 the pod needs to terminate gracefully upon 3860 probe failure. The grace period is the duration 3861 in seconds after the processes running in 3862 the pod are sent a termination signal and 3863 the time when the processes are forcibly 3864 halted with a kill signal. Set this value 3865 longer than the expected cleanup time for 3866 your process. 3867 format: int64 3868 type: integer 3869 timeoutSeconds: 3870 description: 'Number of seconds after which 3871 the probe times out. Defaults to 1 second. 3872 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3873 format: int32 3874 type: integer 3875 type: object 3876 resizePolicy: 3877 description: Resources resize policy for the container. 3878 items: 3879 description: ContainerResizePolicy represents 3880 resource resize policy for the container. 3881 properties: 3882 resourceName: 3883 description: 'Name of the resource to which 3884 this resource resize policy applies. Supported 3885 values: cpu, memory.' 3886 type: string 3887 restartPolicy: 3888 description: Restart policy to apply when 3889 specified resource is resized. If not 3890 specified, it defaults to NotRequired. 3891 type: string 3892 required: 3893 - resourceName 3894 - restartPolicy 3895 type: object 3896 type: array 3897 x-kubernetes-list-type: atomic 3898 resources: 3899 description: Resources are not allowed for ephemeral 3900 containers. Ephemeral containers use spare resources 3901 already allocated to the pod. 3902 properties: 3903 claims: 3904 description: "Claims lists the names of resources, 3905 defined in spec.resourceClaims, that are 3906 used by this container. \n This is an alpha 3907 field and requires enabling the DynamicResourceAllocation 3908 feature gate. \n This field is immutable. 3909 It can only be set for containers." 3910 items: 3911 description: ResourceClaim references one 3912 entry in PodSpec.ResourceClaims. 3913 properties: 3914 name: 3915 description: Name must match the name 3916 of one entry in pod.spec.resourceClaims 3917 of the Pod where this field is used. 3918 It makes that resource available inside 3919 a container. 3920 type: string 3921 required: 3922 - name 3923 type: object 3924 type: array 3925 x-kubernetes-list-map-keys: 3926 - name 3927 x-kubernetes-list-type: map 3928 limits: 3929 additionalProperties: 3930 anyOf: 3931 - type: integer 3932 - type: string 3933 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3934 x-kubernetes-int-or-string: true 3935 description: 'Limits describes the maximum 3936 amount of compute resources allowed. More 3937 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3938 type: object 3939 requests: 3940 additionalProperties: 3941 anyOf: 3942 - type: integer 3943 - type: string 3944 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3945 x-kubernetes-int-or-string: true 3946 description: 'Requests describes the minimum 3947 amount of compute resources required. If 3948 Requests is omitted for a container, it 3949 defaults to Limits if that is explicitly 3950 specified, otherwise to an implementation-defined 3951 value. Requests cannot exceed Limits. More 3952 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3953 type: object 3954 type: object 3955 securityContext: 3956 description: 'Optional: SecurityContext defines 3957 the security options the ephemeral container 3958 should be run with. If set, the fields of SecurityContext 3959 override the equivalent fields of PodSecurityContext.' 3960 properties: 3961 allowPrivilegeEscalation: 3962 description: 'AllowPrivilegeEscalation controls 3963 whether a process can gain more privileges 3964 than its parent process. This bool directly 3965 controls if the no_new_privs flag will be 3966 set on the container process. AllowPrivilegeEscalation 3967 is true always when the container is: 1) 3968 run as Privileged 2) has CAP_SYS_ADMIN Note 3969 that this field cannot be set when spec.os.name 3970 is windows.' 3971 type: boolean 3972 capabilities: 3973 description: The capabilities to add/drop 3974 when running containers. Defaults to the 3975 default set of capabilities granted by the 3976 container runtime. Note that this field 3977 cannot be set when spec.os.name is windows. 3978 properties: 3979 add: 3980 description: Added capabilities 3981 items: 3982 description: Capability represent POSIX 3983 capabilities type 3984 type: string 3985 type: array 3986 drop: 3987 description: Removed capabilities 3988 items: 3989 description: Capability represent POSIX 3990 capabilities type 3991 type: string 3992 type: array 3993 type: object 3994 privileged: 3995 description: Run container in privileged mode. 3996 Processes in privileged containers are essentially 3997 equivalent to root on the host. Defaults 3998 to false. Note that this field cannot be 3999 set when spec.os.name is windows. 4000 type: boolean 4001 procMount: 4002 description: procMount denotes the type of 4003 proc mount to use for the containers. The 4004 default is DefaultProcMount which uses the 4005 container runtime defaults for readonly 4006 paths and masked paths. This requires the 4007 ProcMountType feature flag to be enabled. 4008 Note that this field cannot be set when 4009 spec.os.name is windows. 4010 type: string 4011 readOnlyRootFilesystem: 4012 description: Whether this container has a 4013 read-only root filesystem. Default is false. 4014 Note that this field cannot be set when 4015 spec.os.name is windows. 4016 type: boolean 4017 runAsGroup: 4018 description: The GID to run the entrypoint 4019 of the container process. Uses runtime default 4020 if unset. May also be set in PodSecurityContext. If 4021 set in both SecurityContext and PodSecurityContext, 4022 the value specified in SecurityContext takes 4023 precedence. Note that this field cannot 4024 be set when spec.os.name is windows. 4025 format: int64 4026 type: integer 4027 runAsNonRoot: 4028 description: Indicates that the container 4029 must run as a non-root user. If true, the 4030 Kubelet will validate the image at runtime 4031 to ensure that it does not run as UID 0 4032 (root) and fail to start the container if 4033 it does. If unset or false, no such validation 4034 will be performed. May also be set in PodSecurityContext. 4035 type: boolean 4036 runAsUser: 4037 description: The UID to run the entrypoint 4038 of the container process. Defaults to user 4039 specified in image metadata if unspecified. 4040 May also be set in PodSecurityContext. If 4041 set in both SecurityContext and PodSecurityContext, 4042 the value specified in SecurityContext takes 4043 precedence. Note that this field cannot 4044 be set when spec.os.name is windows. 4045 format: int64 4046 type: integer 4047 seLinuxOptions: 4048 description: The SELinux context to be applied 4049 to the container. If unspecified, the container 4050 runtime will allocate a random SELinux context 4051 for each container. May also be set in 4052 PodSecurityContext. If set in both SecurityContext 4053 and PodSecurityContext, the value specified 4054 in SecurityContext takes precedence. Note 4055 that this field cannot be set when spec.os.name 4056 is windows. 4057 properties: 4058 level: 4059 description: Level is SELinux level label 4060 that applies to the container. 4061 type: string 4062 role: 4063 description: Role is a SELinux role label 4064 that applies to the container. 4065 type: string 4066 type: 4067 description: Type is a SELinux type label 4068 that applies to the container. 4069 type: string 4070 user: 4071 description: User is a SELinux user label 4072 that applies to the container. 4073 type: string 4074 type: object 4075 seccompProfile: 4076 description: The seccomp options to use by 4077 this container. If seccomp options are provided 4078 at both the pod & container level, the container 4079 options override the pod options. Note that 4080 this field cannot be set when spec.os.name 4081 is windows. 4082 properties: 4083 localhostProfile: 4084 description: localhostProfile indicates 4085 a profile defined in a file on the node 4086 should be used. The profile must be 4087 preconfigured on the node to work. Must 4088 be a descending path, relative to the 4089 kubelet's configured seccomp profile 4090 location. Must only be set if type is 4091 "Localhost". 4092 type: string 4093 type: 4094 description: "type indicates which kind 4095 of seccomp profile will be applied. 4096 Valid options are: \n Localhost - a 4097 profile defined in a file on the node 4098 should be used. RuntimeDefault - the 4099 container runtime default profile should 4100 be used. Unconfined - no profile should 4101 be applied." 4102 type: string 4103 required: 4104 - type 4105 type: object 4106 windowsOptions: 4107 description: The Windows specific settings 4108 applied to all containers. If unspecified, 4109 the options from the PodSecurityContext 4110 will be used. If set in both SecurityContext 4111 and PodSecurityContext, the value specified 4112 in SecurityContext takes precedence. Note 4113 that this field cannot be set when spec.os.name 4114 is linux. 4115 properties: 4116 gmsaCredentialSpec: 4117 description: GMSACredentialSpec is where 4118 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4119 inlines the contents of the GMSA credential 4120 spec named by the GMSACredentialSpecName 4121 field. 4122 type: string 4123 gmsaCredentialSpecName: 4124 description: GMSACredentialSpecName is 4125 the name of the GMSA credential spec 4126 to use. 4127 type: string 4128 hostProcess: 4129 description: HostProcess determines if 4130 a container should be run as a 'Host 4131 Process' container. This field is alpha-level 4132 and will only be honored by components 4133 that enable the WindowsHostProcessContainers 4134 feature flag. Setting this field without 4135 the feature flag will result in errors 4136 when validating the Pod. 4137 type: boolean 4138 runAsUserName: 4139 description: The UserName in Windows to 4140 run the entrypoint of the container 4141 process. Defaults to the user specified 4142 in image metadata if unspecified. May 4143 also be set in PodSecurityContext. If 4144 set in both SecurityContext and PodSecurityContext, 4145 the value specified in SecurityContext 4146 takes precedence. 4147 type: string 4148 type: object 4149 type: object 4150 startupProbe: 4151 description: Probes are not allowed for ephemeral 4152 containers. 4153 properties: 4154 exec: 4155 description: Exec specifies the action to 4156 take. 4157 properties: 4158 command: 4159 description: Command is the command line 4160 to execute inside the container, the 4161 working directory for the command is 4162 root ('/') in the container's filesystem. 4163 The command is simply exec'd, it is 4164 not run inside a shell, so traditional 4165 shell instructions ('|', etc) won't 4166 work. To use a shell, you need to explicitly 4167 call out to that shell. Exit status 4168 of 0 is treated as live/healthy and 4169 non-zero is unhealthy. 4170 items: 4171 type: string 4172 type: array 4173 type: object 4174 failureThreshold: 4175 description: Minimum consecutive failures 4176 for the probe to be considered failed after 4177 having succeeded. Defaults to 3. Minimum 4178 value is 1. 4179 format: int32 4180 type: integer 4181 grpc: 4182 description: GRPC specifies an action involving 4183 a GRPC port. 4184 properties: 4185 port: 4186 description: Port number of the gRPC service. 4187 Number must be in the range 1 to 65535. 4188 format: int32 4189 type: integer 4190 service: 4191 description: "Service is the name of the 4192 service to place in the gRPC HealthCheckRequest 4193 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4194 \n If this is not specified, the default 4195 behavior is defined by gRPC." 4196 type: string 4197 required: 4198 - port 4199 type: object 4200 httpGet: 4201 description: HTTPGet specifies the http request 4202 to perform. 4203 properties: 4204 host: 4205 description: Host name to connect to, 4206 defaults to the pod IP. You probably 4207 want to set "Host" in httpHeaders instead. 4208 type: string 4209 httpHeaders: 4210 description: Custom headers to set in 4211 the request. HTTP allows repeated headers. 4212 items: 4213 description: HTTPHeader describes a 4214 custom header to be used in HTTP probes 4215 properties: 4216 name: 4217 description: The header field name. 4218 This will be canonicalized upon 4219 output, so case-variant names 4220 will be understood as the same 4221 header. 4222 type: string 4223 value: 4224 description: The header field value 4225 type: string 4226 required: 4227 - name 4228 - value 4229 type: object 4230 type: array 4231 path: 4232 description: Path to access on the HTTP 4233 server. 4234 type: string 4235 port: 4236 anyOf: 4237 - type: integer 4238 - type: string 4239 description: Name or number of the port 4240 to access on the container. Number must 4241 be in the range 1 to 65535. Name must 4242 be an IANA_SVC_NAME. 4243 x-kubernetes-int-or-string: true 4244 scheme: 4245 description: Scheme to use for connecting 4246 to the host. Defaults to HTTP. 4247 type: string 4248 required: 4249 - port 4250 type: object 4251 initialDelaySeconds: 4252 description: 'Number of seconds after the 4253 container has started before liveness probes 4254 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4255 format: int32 4256 type: integer 4257 periodSeconds: 4258 description: How often (in seconds) to perform 4259 the probe. Default to 10 seconds. Minimum 4260 value is 1. 4261 format: int32 4262 type: integer 4263 successThreshold: 4264 description: Minimum consecutive successes 4265 for the probe to be considered successful 4266 after having failed. Defaults to 1. Must 4267 be 1 for liveness and startup. Minimum value 4268 is 1. 4269 format: int32 4270 type: integer 4271 tcpSocket: 4272 description: TCPSocket specifies an action 4273 involving a TCP port. 4274 properties: 4275 host: 4276 description: 'Optional: Host name to connect 4277 to, defaults to the pod IP.' 4278 type: string 4279 port: 4280 anyOf: 4281 - type: integer 4282 - type: string 4283 description: Number or name of the port 4284 to access on the container. Number must 4285 be in the range 1 to 65535. Name must 4286 be an IANA_SVC_NAME. 4287 x-kubernetes-int-or-string: true 4288 required: 4289 - port 4290 type: object 4291 terminationGracePeriodSeconds: 4292 description: Optional duration in seconds 4293 the pod needs to terminate gracefully upon 4294 probe failure. The grace period is the duration 4295 in seconds after the processes running in 4296 the pod are sent a termination signal and 4297 the time when the processes are forcibly 4298 halted with a kill signal. Set this value 4299 longer than the expected cleanup time for 4300 your process. 4301 format: int64 4302 type: integer 4303 timeoutSeconds: 4304 description: 'Number of seconds after which 4305 the probe times out. Defaults to 1 second. 4306 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4307 format: int32 4308 type: integer 4309 type: object 4310 stdin: 4311 description: Whether this container should allocate 4312 a buffer for stdin in the container runtime. 4313 If this is not set, reads from stdin in the 4314 container will always result in EOF. Default 4315 is false. 4316 type: boolean 4317 stdinOnce: 4318 description: Whether the container runtime should 4319 close the stdin channel after it has been opened 4320 by a single attach. When stdin is true the stdin 4321 stream will remain open across multiple attach 4322 sessions. 4323 type: boolean 4324 targetContainerName: 4325 description: "If set, the name of the container 4326 from PodSpec that this ephemeral container targets. 4327 The ephemeral container will be run in the namespaces 4328 (IPC, PID, etc) of this container. If not set 4329 then the ephemeral container uses the namespaces 4330 configured in the Pod spec. \n The container 4331 runtime must implement support for this feature." 4332 type: string 4333 terminationMessagePath: 4334 description: 'Optional: Path at which the file 4335 to which the container''s termination message 4336 will be written is mounted into the container''s 4337 filesystem. Message written is intended to be 4338 brief final status, such as an assertion failure 4339 message. Will be truncated by the node if greater 4340 than 4096 bytes. The total message length across 4341 all containers will be limited to 12kb. Defaults 4342 to /dev/termination-log.' 4343 type: string 4344 terminationMessagePolicy: 4345 description: Indicate how the termination message 4346 should be populated. File will use the contents 4347 of terminationMessagePath to populate the container 4348 status message on both success and failure. 4349 FallbackToLogsOnError will use the last chunk 4350 of container log output if the termination message 4351 file is empty and the container exited with 4352 an error. 4353 type: string 4354 tty: 4355 description: Whether this container should allocate 4356 a TTY for itself, also requires 'stdin' to be 4357 true. Default is false. 4358 type: boolean 4359 volumeDevices: 4360 description: volumeDevices is the list of block 4361 devices to be used by the container. 4362 items: 4363 description: volumeDevice describes a mapping 4364 of a raw block device within a container. 4365 properties: 4366 devicePath: 4367 description: devicePath is the path inside 4368 of the container that the device will 4369 be mapped to. 4370 type: string 4371 name: 4372 description: name must match the name of 4373 a persistentVolumeClaim in the pod 4374 type: string 4375 required: 4376 - devicePath 4377 - name 4378 type: object 4379 type: array 4380 volumeMounts: 4381 description: Pod volumes to mount into the container's 4382 filesystem. Subpath mounts are not allowed for 4383 ephemeral containers. Cannot be updated. 4384 items: 4385 description: VolumeMount describes a mounting 4386 of a Volume within a container. 4387 properties: 4388 mountPath: 4389 description: Path within the container at 4390 which the volume should be mounted. Must 4391 not contain ':'. 4392 type: string 4393 mountPropagation: 4394 description: mountPropagation determines 4395 how mounts are propagated from the host 4396 to container and the other way around. 4397 When not set, MountPropagationNone is 4398 used. This field is beta in 1.10. 4399 type: string 4400 name: 4401 description: This must match the Name of 4402 a Volume. 4403 type: string 4404 readOnly: 4405 description: Mounted read-only if true, 4406 read-write otherwise (false or unspecified). 4407 Defaults to false. 4408 type: boolean 4409 subPath: 4410 description: Path within the volume from 4411 which the container's volume should be 4412 mounted. Defaults to "" (volume's root). 4413 type: string 4414 subPathExpr: 4415 description: Expanded path within the volume 4416 from which the container's volume should 4417 be mounted. Behaves similarly to SubPath 4418 but environment variable references $(VAR_NAME) 4419 are expanded using the container's environment. 4420 Defaults to "" (volume's root). SubPathExpr 4421 and SubPath are mutually exclusive. 4422 type: string 4423 required: 4424 - mountPath 4425 - name 4426 type: object 4427 type: array 4428 workingDir: 4429 description: Container's working directory. If 4430 not specified, the container runtime's default 4431 will be used, which might be configured in the 4432 container image. Cannot be updated. 4433 type: string 4434 required: 4435 - name 4436 type: object 4437 type: array 4438 hostAliases: 4439 description: HostAliases is an optional list of hosts 4440 and IPs that will be injected into the pod's hosts 4441 file if specified. This is only valid for non-hostNetwork 4442 pods. 4443 items: 4444 description: HostAlias holds the mapping between IP 4445 and hostnames that will be injected as an entry 4446 in the pod's hosts file. 4447 properties: 4448 hostnames: 4449 description: Hostnames for the above IP address. 4450 items: 4451 type: string 4452 type: array 4453 ip: 4454 description: IP address of the host file entry. 4455 type: string 4456 type: object 4457 type: array 4458 hostIPC: 4459 description: 'Use the host''s ipc namespace. Optional: 4460 Default to false.' 4461 type: boolean 4462 hostNetwork: 4463 description: Host networking requested for this pod. 4464 Use the host's network namespace. If this option is 4465 set, the ports that will be used must be specified. 4466 Default to false. 4467 type: boolean 4468 hostPID: 4469 description: 'Use the host''s pid namespace. Optional: 4470 Default to false.' 4471 type: boolean 4472 hostUsers: 4473 description: 'Use the host''s user namespace. Optional: 4474 Default to true. If set to true or not present, the 4475 pod will be run in the host user namespace, useful 4476 for when the pod needs a feature only available to 4477 the host user namespace, such as loading a kernel 4478 module with CAP_SYS_MODULE. When set to false, a new 4479 userns is created for the pod.' 4480 type: boolean 4481 hostname: 4482 description: Specifies the hostname of the Pod If not 4483 specified, the pod's hostname will be set to a system-defined 4484 value. 4485 type: string 4486 imagePullSecrets: 4487 description: 'ImagePullSecrets is an optional list of 4488 references to secrets in the same namespace to use 4489 for pulling any of the images used by this PodSpec. 4490 If specified, these secrets will be passed to individual 4491 puller implementations for them to use. More info: 4492 https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 4493 items: 4494 description: LocalObjectReference contains enough 4495 information to let you locate the referenced object 4496 inside the same namespace. 4497 properties: 4498 name: 4499 description: 'Name of the referent. More info: 4500 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4501 TODO: Add other useful fields. apiVersion, kind, 4502 uid?' 4503 type: string 4504 type: object 4505 x-kubernetes-map-type: atomic 4506 type: array 4507 initContainers: 4508 description: List of initialization containers belonging 4509 to the pod. Init containers are executed in order 4510 prior to containers being started. If any init container 4511 fails, the pod is considered to have failed and is 4512 handled according to its restartPolicy. The name for 4513 an init container or normal container must be unique 4514 among all containers. 4515 items: 4516 description: A single application container that you 4517 want to run within a pod. 4518 properties: 4519 args: 4520 description: 'Arguments to the entrypoint. The 4521 container image''s CMD is used if this is not 4522 provided. Variable references $(VAR_NAME) are 4523 expanded using the container''s environment. 4524 If a variable cannot be resolved, the reference 4525 in the input string will be unchanged. Double 4526 $$ are reduced to a single $, which allows for 4527 escaping the $(VAR_NAME) syntax: i.e.' 4528 items: 4529 type: string 4530 type: array 4531 command: 4532 description: 'Entrypoint array. Not executed within 4533 a shell. The container image''s ENTRYPOINT is 4534 used if this is not provided. Variable references 4535 $(VAR_NAME) are expanded using the container''s 4536 environment. If a variable cannot be resolved, 4537 the reference in the input string will be unchanged. 4538 Double $$ are reduced to a single $, which allows 4539 for escaping the $(VAR_NAME) syntax: i.e.' 4540 items: 4541 type: string 4542 type: array 4543 env: 4544 description: List of environment variables to 4545 set in the container. Cannot be updated. 4546 items: 4547 description: EnvVar represents an environment 4548 variable present in a Container. 4549 properties: 4550 name: 4551 description: Name of the environment variable. 4552 Must be a C_IDENTIFIER. 4553 type: string 4554 value: 4555 description: 'Variable references $(VAR_NAME) 4556 are expanded using the previously defined 4557 environment variables in the container 4558 and any service environment variables. 4559 If a variable cannot be resolved, the 4560 reference in the input string will be 4561 unchanged. Double $$ are reduced to a 4562 single $, which allows for escaping the 4563 $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" 4564 will produce the string literal "$(VAR_NAME)".' 4565 type: string 4566 valueFrom: 4567 description: Source for the environment 4568 variable's value. Cannot be used if value 4569 is not empty. 4570 properties: 4571 configMapKeyRef: 4572 description: Selects a key of a ConfigMap. 4573 properties: 4574 key: 4575 description: The key to select. 4576 type: string 4577 name: 4578 description: 'Name of the referent. 4579 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4580 TODO: Add other useful fields. 4581 apiVersion, kind, uid?' 4582 type: string 4583 optional: 4584 description: Specify whether the 4585 ConfigMap or its key must be defined 4586 type: boolean 4587 required: 4588 - key 4589 type: object 4590 x-kubernetes-map-type: atomic 4591 fieldRef: 4592 description: 'Selects a field of the 4593 pod: supports metadata.name, metadata.namespace, 4594 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4595 spec.nodeName, spec.serviceAccountName, 4596 status.hostIP, status.podIP, status.podIPs.' 4597 properties: 4598 apiVersion: 4599 description: Version of the schema 4600 the FieldPath is written in terms 4601 of, defaults to "v1". 4602 type: string 4603 fieldPath: 4604 description: Path of the field to 4605 select in the specified API version. 4606 type: string 4607 required: 4608 - fieldPath 4609 type: object 4610 x-kubernetes-map-type: atomic 4611 resourceFieldRef: 4612 description: 'Selects a resource of 4613 the container: only resources limits 4614 and requests (limits.cpu, limits.memory, 4615 limits.ephemeral-storage, requests.cpu, 4616 requests.memory and requests.ephemeral-storage) 4617 are currently supported.' 4618 properties: 4619 containerName: 4620 description: 'Container name: required 4621 for volumes, optional for env 4622 vars' 4623 type: string 4624 divisor: 4625 anyOf: 4626 - type: integer 4627 - type: string 4628 description: Specifies the output 4629 format of the exposed resources, 4630 defaults to "1" 4631 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4632 x-kubernetes-int-or-string: true 4633 resource: 4634 description: 'Required: resource 4635 to select' 4636 type: string 4637 required: 4638 - resource 4639 type: object 4640 x-kubernetes-map-type: atomic 4641 secretKeyRef: 4642 description: Selects a key of a secret 4643 in the pod's namespace 4644 properties: 4645 key: 4646 description: The key of the secret 4647 to select from. Must be a valid 4648 secret key. 4649 type: string 4650 name: 4651 description: 'Name of the referent. 4652 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4653 TODO: Add other useful fields. 4654 apiVersion, kind, uid?' 4655 type: string 4656 optional: 4657 description: Specify whether the 4658 Secret or its key must be defined 4659 type: boolean 4660 required: 4661 - key 4662 type: object 4663 x-kubernetes-map-type: atomic 4664 type: object 4665 required: 4666 - name 4667 type: object 4668 type: array 4669 envFrom: 4670 description: List of sources to populate environment 4671 variables in the container. The keys defined 4672 within a source must be a C_IDENTIFIER. All 4673 invalid keys will be reported as an event when 4674 the container is starting. When a key exists 4675 in multiple sources, the value associated with 4676 the last source will take precedence. Values 4677 defined by an Env with a duplicate key will 4678 take precedence. Cannot be updated. 4679 items: 4680 description: EnvFromSource represents the source 4681 of a set of ConfigMaps 4682 properties: 4683 configMapRef: 4684 description: The ConfigMap to select from 4685 properties: 4686 name: 4687 description: 'Name of the referent. 4688 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4689 TODO: Add other useful fields. apiVersion, 4690 kind, uid?' 4691 type: string 4692 optional: 4693 description: Specify whether the ConfigMap 4694 must be defined 4695 type: boolean 4696 type: object 4697 x-kubernetes-map-type: atomic 4698 prefix: 4699 description: An optional identifier to prepend 4700 to each key in the ConfigMap. Must be 4701 a C_IDENTIFIER. 4702 type: string 4703 secretRef: 4704 description: The Secret to select from 4705 properties: 4706 name: 4707 description: 'Name of the referent. 4708 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4709 TODO: Add other useful fields. apiVersion, 4710 kind, uid?' 4711 type: string 4712 optional: 4713 description: Specify whether the Secret 4714 must be defined 4715 type: boolean 4716 type: object 4717 x-kubernetes-map-type: atomic 4718 type: object 4719 type: array 4720 image: 4721 description: 'Container image name. More info: 4722 https://kubernetes.io/docs/concepts/containers/images 4723 This field is optional to allow higher level 4724 config management to default or override container 4725 images in workload controllers like Deployments 4726 and StatefulSets.' 4727 type: string 4728 imagePullPolicy: 4729 description: 'Image pull policy. One of Always, 4730 Never, IfNotPresent. Defaults to Always if :latest 4731 tag is specified, or IfNotPresent otherwise. 4732 Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 4733 type: string 4734 lifecycle: 4735 description: Actions that the management system 4736 should take in response to container lifecycle 4737 events. Cannot be updated. 4738 properties: 4739 postStart: 4740 description: 'PostStart is called immediately 4741 after a container is created. If the handler 4742 fails, the container is terminated and restarted 4743 according to its restart policy. Other management 4744 of the container blocks until the hook completes. 4745 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4746 properties: 4747 exec: 4748 description: Exec specifies the action 4749 to take. 4750 properties: 4751 command: 4752 description: Command is the command 4753 line to execute inside the container, 4754 the working directory for the command is 4755 root ('/') in the container's filesystem. 4756 The command is simply exec'd, it 4757 is not run inside a shell, so traditional 4758 shell instructions ('|', etc) won't 4759 work. To use a shell, you need to 4760 explicitly call out to that shell. 4761 Exit status of 0 is treated as live/healthy 4762 and non-zero is unhealthy. 4763 items: 4764 type: string 4765 type: array 4766 type: object 4767 httpGet: 4768 description: HTTPGet specifies the http 4769 request to perform. 4770 properties: 4771 host: 4772 description: Host name to connect 4773 to, defaults to the pod IP. You 4774 probably want to set "Host" in httpHeaders 4775 instead. 4776 type: string 4777 httpHeaders: 4778 description: Custom headers to set 4779 in the request. HTTP allows repeated 4780 headers. 4781 items: 4782 description: HTTPHeader describes 4783 a custom header to be used in 4784 HTTP probes 4785 properties: 4786 name: 4787 description: The header field 4788 name. This will be canonicalized 4789 upon output, so case-variant 4790 names will be understood as 4791 the same header. 4792 type: string 4793 value: 4794 description: The header field 4795 value 4796 type: string 4797 required: 4798 - name 4799 - value 4800 type: object 4801 type: array 4802 path: 4803 description: Path to access on the 4804 HTTP server. 4805 type: string 4806 port: 4807 anyOf: 4808 - type: integer 4809 - type: string 4810 description: Name or number of the 4811 port to access on the container. 4812 Number must be in the range 1 to 4813 65535. Name must be an IANA_SVC_NAME. 4814 x-kubernetes-int-or-string: true 4815 scheme: 4816 description: Scheme to use for connecting 4817 to the host. Defaults to HTTP. 4818 type: string 4819 required: 4820 - port 4821 type: object 4822 tcpSocket: 4823 description: Deprecated. TCPSocket is 4824 NOT supported as a LifecycleHandler 4825 and kept for the backward compatibility. 4826 There are no validation of this field 4827 and lifecycle hooks will fail in runtime 4828 when tcp handler is specified. 4829 properties: 4830 host: 4831 description: 'Optional: Host name 4832 to connect to, defaults to the pod 4833 IP.' 4834 type: string 4835 port: 4836 anyOf: 4837 - type: integer 4838 - type: string 4839 description: Number or name of the 4840 port to access on the container. 4841 Number must be in the range 1 to 4842 65535. Name must be an IANA_SVC_NAME. 4843 x-kubernetes-int-or-string: true 4844 required: 4845 - port 4846 type: object 4847 type: object 4848 preStop: 4849 description: PreStop is called immediately 4850 before a container is terminated due to 4851 an API request or management event such 4852 as liveness/startup probe failure, preemption, 4853 resource contention, etc. The handler is 4854 not called if the container crashes or exits. 4855 The Pod's termination grace period countdown 4856 begins before the PreStop hook is executed. 4857 properties: 4858 exec: 4859 description: Exec specifies the action 4860 to take. 4861 properties: 4862 command: 4863 description: Command is the command 4864 line to execute inside the container, 4865 the working directory for the command is 4866 root ('/') in the container's filesystem. 4867 The command is simply exec'd, it 4868 is not run inside a shell, so traditional 4869 shell instructions ('|', etc) won't 4870 work. To use a shell, you need to 4871 explicitly call out to that shell. 4872 Exit status of 0 is treated as live/healthy 4873 and non-zero is unhealthy. 4874 items: 4875 type: string 4876 type: array 4877 type: object 4878 httpGet: 4879 description: HTTPGet specifies the http 4880 request to perform. 4881 properties: 4882 host: 4883 description: Host name to connect 4884 to, defaults to the pod IP. You 4885 probably want to set "Host" in httpHeaders 4886 instead. 4887 type: string 4888 httpHeaders: 4889 description: Custom headers to set 4890 in the request. HTTP allows repeated 4891 headers. 4892 items: 4893 description: HTTPHeader describes 4894 a custom header to be used in 4895 HTTP probes 4896 properties: 4897 name: 4898 description: The header field 4899 name. This will be canonicalized 4900 upon output, so case-variant 4901 names will be understood as 4902 the same header. 4903 type: string 4904 value: 4905 description: The header field 4906 value 4907 type: string 4908 required: 4909 - name 4910 - value 4911 type: object 4912 type: array 4913 path: 4914 description: Path to access on the 4915 HTTP server. 4916 type: string 4917 port: 4918 anyOf: 4919 - type: integer 4920 - type: string 4921 description: Name or number of the 4922 port to access on the container. 4923 Number must be in the range 1 to 4924 65535. Name must be an IANA_SVC_NAME. 4925 x-kubernetes-int-or-string: true 4926 scheme: 4927 description: Scheme to use for connecting 4928 to the host. Defaults to HTTP. 4929 type: string 4930 required: 4931 - port 4932 type: object 4933 tcpSocket: 4934 description: Deprecated. TCPSocket is 4935 NOT supported as a LifecycleHandler 4936 and kept for the backward compatibility. 4937 There are no validation of this field 4938 and lifecycle hooks will fail in runtime 4939 when tcp handler is specified. 4940 properties: 4941 host: 4942 description: 'Optional: Host name 4943 to connect to, defaults to the pod 4944 IP.' 4945 type: string 4946 port: 4947 anyOf: 4948 - type: integer 4949 - type: string 4950 description: Number or name of the 4951 port to access on the container. 4952 Number must be in the range 1 to 4953 65535. Name must be an IANA_SVC_NAME. 4954 x-kubernetes-int-or-string: true 4955 required: 4956 - port 4957 type: object 4958 type: object 4959 type: object 4960 livenessProbe: 4961 description: 'Periodic probe of container liveness. 4962 Container will be restarted if the probe fails. 4963 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4964 properties: 4965 exec: 4966 description: Exec specifies the action to 4967 take. 4968 properties: 4969 command: 4970 description: Command is the command line 4971 to execute inside the container, the 4972 working directory for the command is 4973 root ('/') in the container's filesystem. 4974 The command is simply exec'd, it is 4975 not run inside a shell, so traditional 4976 shell instructions ('|', etc) won't 4977 work. To use a shell, you need to explicitly 4978 call out to that shell. Exit status 4979 of 0 is treated as live/healthy and 4980 non-zero is unhealthy. 4981 items: 4982 type: string 4983 type: array 4984 type: object 4985 failureThreshold: 4986 description: Minimum consecutive failures 4987 for the probe to be considered failed after 4988 having succeeded. Defaults to 3. Minimum 4989 value is 1. 4990 format: int32 4991 type: integer 4992 grpc: 4993 description: GRPC specifies an action involving 4994 a GRPC port. 4995 properties: 4996 port: 4997 description: Port number of the gRPC service. 4998 Number must be in the range 1 to 65535. 4999 format: int32 5000 type: integer 5001 service: 5002 description: "Service is the name of the 5003 service to place in the gRPC HealthCheckRequest 5004 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5005 \n If this is not specified, the default 5006 behavior is defined by gRPC." 5007 type: string 5008 required: 5009 - port 5010 type: object 5011 httpGet: 5012 description: HTTPGet specifies the http request 5013 to perform. 5014 properties: 5015 host: 5016 description: Host name to connect to, 5017 defaults to the pod IP. You probably 5018 want to set "Host" in httpHeaders instead. 5019 type: string 5020 httpHeaders: 5021 description: Custom headers to set in 5022 the request. HTTP allows repeated headers. 5023 items: 5024 description: HTTPHeader describes a 5025 custom header to be used in HTTP probes 5026 properties: 5027 name: 5028 description: The header field name. 5029 This will be canonicalized upon 5030 output, so case-variant names 5031 will be understood as the same 5032 header. 5033 type: string 5034 value: 5035 description: The header field value 5036 type: string 5037 required: 5038 - name 5039 - value 5040 type: object 5041 type: array 5042 path: 5043 description: Path to access on the HTTP 5044 server. 5045 type: string 5046 port: 5047 anyOf: 5048 - type: integer 5049 - type: string 5050 description: Name or number of the port 5051 to access on the container. Number must 5052 be in the range 1 to 65535. Name must 5053 be an IANA_SVC_NAME. 5054 x-kubernetes-int-or-string: true 5055 scheme: 5056 description: Scheme to use for connecting 5057 to the host. Defaults to HTTP. 5058 type: string 5059 required: 5060 - port 5061 type: object 5062 initialDelaySeconds: 5063 description: 'Number of seconds after the 5064 container has started before liveness probes 5065 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5066 format: int32 5067 type: integer 5068 periodSeconds: 5069 description: How often (in seconds) to perform 5070 the probe. Default to 10 seconds. Minimum 5071 value is 1. 5072 format: int32 5073 type: integer 5074 successThreshold: 5075 description: Minimum consecutive successes 5076 for the probe to be considered successful 5077 after having failed. Defaults to 1. Must 5078 be 1 for liveness and startup. Minimum value 5079 is 1. 5080 format: int32 5081 type: integer 5082 tcpSocket: 5083 description: TCPSocket specifies an action 5084 involving a TCP port. 5085 properties: 5086 host: 5087 description: 'Optional: Host name to connect 5088 to, defaults to the pod IP.' 5089 type: string 5090 port: 5091 anyOf: 5092 - type: integer 5093 - type: string 5094 description: Number or name of the port 5095 to access on the container. Number must 5096 be in the range 1 to 65535. Name must 5097 be an IANA_SVC_NAME. 5098 x-kubernetes-int-or-string: true 5099 required: 5100 - port 5101 type: object 5102 terminationGracePeriodSeconds: 5103 description: Optional duration in seconds 5104 the pod needs to terminate gracefully upon 5105 probe failure. The grace period is the duration 5106 in seconds after the processes running in 5107 the pod are sent a termination signal and 5108 the time when the processes are forcibly 5109 halted with a kill signal. Set this value 5110 longer than the expected cleanup time for 5111 your process. 5112 format: int64 5113 type: integer 5114 timeoutSeconds: 5115 description: 'Number of seconds after which 5116 the probe times out. Defaults to 1 second. 5117 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5118 format: int32 5119 type: integer 5120 type: object 5121 name: 5122 description: Name of the container specified as 5123 a DNS_LABEL. Each container in a pod must have 5124 a unique name (DNS_LABEL). Cannot be updated. 5125 type: string 5126 ports: 5127 description: List of ports to expose from the 5128 container. Not specifying a port here DOES NOT 5129 prevent that port from being exposed. Any port 5130 which is listening on the default "0.0.0.0" 5131 address inside a container will be accessible 5132 from the network. Modifying this array with 5133 strategic merge patch may corrupt the data. 5134 For more information See https://github.com/kubernetes/kubernetes/issues/108255. 5135 items: 5136 description: ContainerPort represents a network 5137 port in a single container. 5138 properties: 5139 containerPort: 5140 description: Number of port to expose on 5141 the pod's IP address. This must be a valid 5142 port number, 0 < x < 65536. 5143 format: int32 5144 type: integer 5145 hostIP: 5146 description: What host IP to bind the external 5147 port to. 5148 type: string 5149 hostPort: 5150 description: Number of port to expose on 5151 the host. If specified, this must be a 5152 valid port number, 0 < x < 65536. If HostNetwork 5153 is specified, this must match ContainerPort. 5154 Most containers do not need this. 5155 format: int32 5156 type: integer 5157 name: 5158 description: If specified, this must be 5159 an IANA_SVC_NAME and unique within the 5160 pod. Each named port in a pod must have 5161 a unique name. Name for the port that 5162 can be referred to by services. 5163 type: string 5164 protocol: 5165 default: TCP 5166 description: Protocol for port. Must be 5167 UDP, TCP, or SCTP. Defaults to "TCP". 5168 type: string 5169 required: 5170 - containerPort 5171 type: object 5172 type: array 5173 x-kubernetes-list-map-keys: 5174 - containerPort 5175 - protocol 5176 x-kubernetes-list-type: map 5177 readinessProbe: 5178 description: 'Periodic probe of container service 5179 readiness. Container will be removed from service 5180 endpoints if the probe fails. Cannot be updated. 5181 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5182 properties: 5183 exec: 5184 description: Exec specifies the action to 5185 take. 5186 properties: 5187 command: 5188 description: Command is the command line 5189 to execute inside the container, the 5190 working directory for the command is 5191 root ('/') in the container's filesystem. 5192 The command is simply exec'd, it is 5193 not run inside a shell, so traditional 5194 shell instructions ('|', etc) won't 5195 work. To use a shell, you need to explicitly 5196 call out to that shell. Exit status 5197 of 0 is treated as live/healthy and 5198 non-zero is unhealthy. 5199 items: 5200 type: string 5201 type: array 5202 type: object 5203 failureThreshold: 5204 description: Minimum consecutive failures 5205 for the probe to be considered failed after 5206 having succeeded. Defaults to 3. Minimum 5207 value is 1. 5208 format: int32 5209 type: integer 5210 grpc: 5211 description: GRPC specifies an action involving 5212 a GRPC port. 5213 properties: 5214 port: 5215 description: Port number of the gRPC service. 5216 Number must be in the range 1 to 65535. 5217 format: int32 5218 type: integer 5219 service: 5220 description: "Service is the name of the 5221 service to place in the gRPC HealthCheckRequest 5222 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5223 \n If this is not specified, the default 5224 behavior is defined by gRPC." 5225 type: string 5226 required: 5227 - port 5228 type: object 5229 httpGet: 5230 description: HTTPGet specifies the http request 5231 to perform. 5232 properties: 5233 host: 5234 description: Host name to connect to, 5235 defaults to the pod IP. You probably 5236 want to set "Host" in httpHeaders instead. 5237 type: string 5238 httpHeaders: 5239 description: Custom headers to set in 5240 the request. HTTP allows repeated headers. 5241 items: 5242 description: HTTPHeader describes a 5243 custom header to be used in HTTP probes 5244 properties: 5245 name: 5246 description: The header field name. 5247 This will be canonicalized upon 5248 output, so case-variant names 5249 will be understood as the same 5250 header. 5251 type: string 5252 value: 5253 description: The header field value 5254 type: string 5255 required: 5256 - name 5257 - value 5258 type: object 5259 type: array 5260 path: 5261 description: Path to access on the HTTP 5262 server. 5263 type: string 5264 port: 5265 anyOf: 5266 - type: integer 5267 - type: string 5268 description: Name or number of the port 5269 to access on the container. Number must 5270 be in the range 1 to 65535. Name must 5271 be an IANA_SVC_NAME. 5272 x-kubernetes-int-or-string: true 5273 scheme: 5274 description: Scheme to use for connecting 5275 to the host. Defaults to HTTP. 5276 type: string 5277 required: 5278 - port 5279 type: object 5280 initialDelaySeconds: 5281 description: 'Number of seconds after the 5282 container has started before liveness probes 5283 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5284 format: int32 5285 type: integer 5286 periodSeconds: 5287 description: How often (in seconds) to perform 5288 the probe. Default to 10 seconds. Minimum 5289 value is 1. 5290 format: int32 5291 type: integer 5292 successThreshold: 5293 description: Minimum consecutive successes 5294 for the probe to be considered successful 5295 after having failed. Defaults to 1. Must 5296 be 1 for liveness and startup. Minimum value 5297 is 1. 5298 format: int32 5299 type: integer 5300 tcpSocket: 5301 description: TCPSocket specifies an action 5302 involving a TCP port. 5303 properties: 5304 host: 5305 description: 'Optional: Host name to connect 5306 to, defaults to the pod IP.' 5307 type: string 5308 port: 5309 anyOf: 5310 - type: integer 5311 - type: string 5312 description: Number or name of the port 5313 to access on the container. Number must 5314 be in the range 1 to 65535. Name must 5315 be an IANA_SVC_NAME. 5316 x-kubernetes-int-or-string: true 5317 required: 5318 - port 5319 type: object 5320 terminationGracePeriodSeconds: 5321 description: Optional duration in seconds 5322 the pod needs to terminate gracefully upon 5323 probe failure. The grace period is the duration 5324 in seconds after the processes running in 5325 the pod are sent a termination signal and 5326 the time when the processes are forcibly 5327 halted with a kill signal. Set this value 5328 longer than the expected cleanup time for 5329 your process. 5330 format: int64 5331 type: integer 5332 timeoutSeconds: 5333 description: 'Number of seconds after which 5334 the probe times out. Defaults to 1 second. 5335 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5336 format: int32 5337 type: integer 5338 type: object 5339 resizePolicy: 5340 description: Resources resize policy for the container. 5341 items: 5342 description: ContainerResizePolicy represents 5343 resource resize policy for the container. 5344 properties: 5345 resourceName: 5346 description: 'Name of the resource to which 5347 this resource resize policy applies. Supported 5348 values: cpu, memory.' 5349 type: string 5350 restartPolicy: 5351 description: Restart policy to apply when 5352 specified resource is resized. If not 5353 specified, it defaults to NotRequired. 5354 type: string 5355 required: 5356 - resourceName 5357 - restartPolicy 5358 type: object 5359 type: array 5360 x-kubernetes-list-type: atomic 5361 resources: 5362 description: 'Compute Resources required by this 5363 container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5364 properties: 5365 claims: 5366 description: "Claims lists the names of resources, 5367 defined in spec.resourceClaims, that are 5368 used by this container. \n This is an alpha 5369 field and requires enabling the DynamicResourceAllocation 5370 feature gate. \n This field is immutable. 5371 It can only be set for containers." 5372 items: 5373 description: ResourceClaim references one 5374 entry in PodSpec.ResourceClaims. 5375 properties: 5376 name: 5377 description: Name must match the name 5378 of one entry in pod.spec.resourceClaims 5379 of the Pod where this field is used. 5380 It makes that resource available inside 5381 a container. 5382 type: string 5383 required: 5384 - name 5385 type: object 5386 type: array 5387 x-kubernetes-list-map-keys: 5388 - name 5389 x-kubernetes-list-type: map 5390 limits: 5391 additionalProperties: 5392 anyOf: 5393 - type: integer 5394 - type: string 5395 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5396 x-kubernetes-int-or-string: true 5397 description: 'Limits describes the maximum 5398 amount of compute resources allowed. More 5399 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5400 type: object 5401 requests: 5402 additionalProperties: 5403 anyOf: 5404 - type: integer 5405 - type: string 5406 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5407 x-kubernetes-int-or-string: true 5408 description: 'Requests describes the minimum 5409 amount of compute resources required. If 5410 Requests is omitted for a container, it 5411 defaults to Limits if that is explicitly 5412 specified, otherwise to an implementation-defined 5413 value. Requests cannot exceed Limits. More 5414 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5415 type: object 5416 type: object 5417 securityContext: 5418 description: 'SecurityContext defines the security 5419 options the container should be run with. If 5420 set, the fields of SecurityContext override 5421 the equivalent fields of PodSecurityContext. 5422 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 5423 properties: 5424 allowPrivilegeEscalation: 5425 description: 'AllowPrivilegeEscalation controls 5426 whether a process can gain more privileges 5427 than its parent process. This bool directly 5428 controls if the no_new_privs flag will be 5429 set on the container process. AllowPrivilegeEscalation 5430 is true always when the container is: 1) 5431 run as Privileged 2) has CAP_SYS_ADMIN Note 5432 that this field cannot be set when spec.os.name 5433 is windows.' 5434 type: boolean 5435 capabilities: 5436 description: The capabilities to add/drop 5437 when running containers. Defaults to the 5438 default set of capabilities granted by the 5439 container runtime. Note that this field 5440 cannot be set when spec.os.name is windows. 5441 properties: 5442 add: 5443 description: Added capabilities 5444 items: 5445 description: Capability represent POSIX 5446 capabilities type 5447 type: string 5448 type: array 5449 drop: 5450 description: Removed capabilities 5451 items: 5452 description: Capability represent POSIX 5453 capabilities type 5454 type: string 5455 type: array 5456 type: object 5457 privileged: 5458 description: Run container in privileged mode. 5459 Processes in privileged containers are essentially 5460 equivalent to root on the host. Defaults 5461 to false. Note that this field cannot be 5462 set when spec.os.name is windows. 5463 type: boolean 5464 procMount: 5465 description: procMount denotes the type of 5466 proc mount to use for the containers. The 5467 default is DefaultProcMount which uses the 5468 container runtime defaults for readonly 5469 paths and masked paths. This requires the 5470 ProcMountType feature flag to be enabled. 5471 Note that this field cannot be set when 5472 spec.os.name is windows. 5473 type: string 5474 readOnlyRootFilesystem: 5475 description: Whether this container has a 5476 read-only root filesystem. Default is false. 5477 Note that this field cannot be set when 5478 spec.os.name is windows. 5479 type: boolean 5480 runAsGroup: 5481 description: The GID to run the entrypoint 5482 of the container process. Uses runtime default 5483 if unset. May also be set in PodSecurityContext. If 5484 set in both SecurityContext and PodSecurityContext, 5485 the value specified in SecurityContext takes 5486 precedence. Note that this field cannot 5487 be set when spec.os.name is windows. 5488 format: int64 5489 type: integer 5490 runAsNonRoot: 5491 description: Indicates that the container 5492 must run as a non-root user. If true, the 5493 Kubelet will validate the image at runtime 5494 to ensure that it does not run as UID 0 5495 (root) and fail to start the container if 5496 it does. If unset or false, no such validation 5497 will be performed. May also be set in PodSecurityContext. 5498 type: boolean 5499 runAsUser: 5500 description: The UID to run the entrypoint 5501 of the container process. Defaults to user 5502 specified in image metadata if unspecified. 5503 May also be set in PodSecurityContext. If 5504 set in both SecurityContext and PodSecurityContext, 5505 the value specified in SecurityContext takes 5506 precedence. Note that this field cannot 5507 be set when spec.os.name is windows. 5508 format: int64 5509 type: integer 5510 seLinuxOptions: 5511 description: The SELinux context to be applied 5512 to the container. If unspecified, the container 5513 runtime will allocate a random SELinux context 5514 for each container. May also be set in 5515 PodSecurityContext. If set in both SecurityContext 5516 and PodSecurityContext, the value specified 5517 in SecurityContext takes precedence. Note 5518 that this field cannot be set when spec.os.name 5519 is windows. 5520 properties: 5521 level: 5522 description: Level is SELinux level label 5523 that applies to the container. 5524 type: string 5525 role: 5526 description: Role is a SELinux role label 5527 that applies to the container. 5528 type: string 5529 type: 5530 description: Type is a SELinux type label 5531 that applies to the container. 5532 type: string 5533 user: 5534 description: User is a SELinux user label 5535 that applies to the container. 5536 type: string 5537 type: object 5538 seccompProfile: 5539 description: The seccomp options to use by 5540 this container. If seccomp options are provided 5541 at both the pod & container level, the container 5542 options override the pod options. Note that 5543 this field cannot be set when spec.os.name 5544 is windows. 5545 properties: 5546 localhostProfile: 5547 description: localhostProfile indicates 5548 a profile defined in a file on the node 5549 should be used. The profile must be 5550 preconfigured on the node to work. Must 5551 be a descending path, relative to the 5552 kubelet's configured seccomp profile 5553 location. Must only be set if type is 5554 "Localhost". 5555 type: string 5556 type: 5557 description: "type indicates which kind 5558 of seccomp profile will be applied. 5559 Valid options are: \n Localhost - a 5560 profile defined in a file on the node 5561 should be used. RuntimeDefault - the 5562 container runtime default profile should 5563 be used. Unconfined - no profile should 5564 be applied." 5565 type: string 5566 required: 5567 - type 5568 type: object 5569 windowsOptions: 5570 description: The Windows specific settings 5571 applied to all containers. If unspecified, 5572 the options from the PodSecurityContext 5573 will be used. If set in both SecurityContext 5574 and PodSecurityContext, the value specified 5575 in SecurityContext takes precedence. Note 5576 that this field cannot be set when spec.os.name 5577 is linux. 5578 properties: 5579 gmsaCredentialSpec: 5580 description: GMSACredentialSpec is where 5581 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5582 inlines the contents of the GMSA credential 5583 spec named by the GMSACredentialSpecName 5584 field. 5585 type: string 5586 gmsaCredentialSpecName: 5587 description: GMSACredentialSpecName is 5588 the name of the GMSA credential spec 5589 to use. 5590 type: string 5591 hostProcess: 5592 description: HostProcess determines if 5593 a container should be run as a 'Host 5594 Process' container. This field is alpha-level 5595 and will only be honored by components 5596 that enable the WindowsHostProcessContainers 5597 feature flag. Setting this field without 5598 the feature flag will result in errors 5599 when validating the Pod. 5600 type: boolean 5601 runAsUserName: 5602 description: The UserName in Windows to 5603 run the entrypoint of the container 5604 process. Defaults to the user specified 5605 in image metadata if unspecified. May 5606 also be set in PodSecurityContext. If 5607 set in both SecurityContext and PodSecurityContext, 5608 the value specified in SecurityContext 5609 takes precedence. 5610 type: string 5611 type: object 5612 type: object 5613 startupProbe: 5614 description: StartupProbe indicates that the Pod 5615 has successfully initialized. If specified, 5616 no other probes are executed until this completes 5617 successfully. If this probe fails, the Pod will 5618 be restarted, just as if the livenessProbe failed. 5619 properties: 5620 exec: 5621 description: Exec specifies the action to 5622 take. 5623 properties: 5624 command: 5625 description: Command is the command line 5626 to execute inside the container, the 5627 working directory for the command is 5628 root ('/') in the container's filesystem. 5629 The command is simply exec'd, it is 5630 not run inside a shell, so traditional 5631 shell instructions ('|', etc) won't 5632 work. To use a shell, you need to explicitly 5633 call out to that shell. Exit status 5634 of 0 is treated as live/healthy and 5635 non-zero is unhealthy. 5636 items: 5637 type: string 5638 type: array 5639 type: object 5640 failureThreshold: 5641 description: Minimum consecutive failures 5642 for the probe to be considered failed after 5643 having succeeded. Defaults to 3. Minimum 5644 value is 1. 5645 format: int32 5646 type: integer 5647 grpc: 5648 description: GRPC specifies an action involving 5649 a GRPC port. 5650 properties: 5651 port: 5652 description: Port number of the gRPC service. 5653 Number must be in the range 1 to 65535. 5654 format: int32 5655 type: integer 5656 service: 5657 description: "Service is the name of the 5658 service to place in the gRPC HealthCheckRequest 5659 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 5660 \n If this is not specified, the default 5661 behavior is defined by gRPC." 5662 type: string 5663 required: 5664 - port 5665 type: object 5666 httpGet: 5667 description: HTTPGet specifies the http request 5668 to perform. 5669 properties: 5670 host: 5671 description: Host name to connect to, 5672 defaults to the pod IP. You probably 5673 want to set "Host" in httpHeaders instead. 5674 type: string 5675 httpHeaders: 5676 description: Custom headers to set in 5677 the request. HTTP allows repeated headers. 5678 items: 5679 description: HTTPHeader describes a 5680 custom header to be used in HTTP probes 5681 properties: 5682 name: 5683 description: The header field name. 5684 This will be canonicalized upon 5685 output, so case-variant names 5686 will be understood as the same 5687 header. 5688 type: string 5689 value: 5690 description: The header field value 5691 type: string 5692 required: 5693 - name 5694 - value 5695 type: object 5696 type: array 5697 path: 5698 description: Path to access on the HTTP 5699 server. 5700 type: string 5701 port: 5702 anyOf: 5703 - type: integer 5704 - type: string 5705 description: Name or number of the port 5706 to access on the container. Number must 5707 be in the range 1 to 65535. Name must 5708 be an IANA_SVC_NAME. 5709 x-kubernetes-int-or-string: true 5710 scheme: 5711 description: Scheme to use for connecting 5712 to the host. Defaults to HTTP. 5713 type: string 5714 required: 5715 - port 5716 type: object 5717 initialDelaySeconds: 5718 description: 'Number of seconds after the 5719 container has started before liveness probes 5720 are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5721 format: int32 5722 type: integer 5723 periodSeconds: 5724 description: How often (in seconds) to perform 5725 the probe. Default to 10 seconds. Minimum 5726 value is 1. 5727 format: int32 5728 type: integer 5729 successThreshold: 5730 description: Minimum consecutive successes 5731 for the probe to be considered successful 5732 after having failed. Defaults to 1. Must 5733 be 1 for liveness and startup. Minimum value 5734 is 1. 5735 format: int32 5736 type: integer 5737 tcpSocket: 5738 description: TCPSocket specifies an action 5739 involving a TCP port. 5740 properties: 5741 host: 5742 description: 'Optional: Host name to connect 5743 to, defaults to the pod IP.' 5744 type: string 5745 port: 5746 anyOf: 5747 - type: integer 5748 - type: string 5749 description: Number or name of the port 5750 to access on the container. Number must 5751 be in the range 1 to 65535. Name must 5752 be an IANA_SVC_NAME. 5753 x-kubernetes-int-or-string: true 5754 required: 5755 - port 5756 type: object 5757 terminationGracePeriodSeconds: 5758 description: Optional duration in seconds 5759 the pod needs to terminate gracefully upon 5760 probe failure. The grace period is the duration 5761 in seconds after the processes running in 5762 the pod are sent a termination signal and 5763 the time when the processes are forcibly 5764 halted with a kill signal. Set this value 5765 longer than the expected cleanup time for 5766 your process. 5767 format: int64 5768 type: integer 5769 timeoutSeconds: 5770 description: 'Number of seconds after which 5771 the probe times out. Defaults to 1 second. 5772 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5773 format: int32 5774 type: integer 5775 type: object 5776 stdin: 5777 description: Whether this container should allocate 5778 a buffer for stdin in the container runtime. 5779 If this is not set, reads from stdin in the 5780 container will always result in EOF. Default 5781 is false. 5782 type: boolean 5783 stdinOnce: 5784 description: Whether the container runtime should 5785 close the stdin channel after it has been opened 5786 by a single attach. When stdin is true the stdin 5787 stream will remain open across multiple attach 5788 sessions. 5789 type: boolean 5790 terminationMessagePath: 5791 description: 'Optional: Path at which the file 5792 to which the container''s termination message 5793 will be written is mounted into the container''s 5794 filesystem. Message written is intended to be 5795 brief final status, such as an assertion failure 5796 message. Will be truncated by the node if greater 5797 than 4096 bytes. The total message length across 5798 all containers will be limited to 12kb. Defaults 5799 to /dev/termination-log.' 5800 type: string 5801 terminationMessagePolicy: 5802 description: Indicate how the termination message 5803 should be populated. File will use the contents 5804 of terminationMessagePath to populate the container 5805 status message on both success and failure. 5806 FallbackToLogsOnError will use the last chunk 5807 of container log output if the termination message 5808 file is empty and the container exited with 5809 an error. 5810 type: string 5811 tty: 5812 description: Whether this container should allocate 5813 a TTY for itself, also requires 'stdin' to be 5814 true. Default is false. 5815 type: boolean 5816 volumeDevices: 5817 description: volumeDevices is the list of block 5818 devices to be used by the container. 5819 items: 5820 description: volumeDevice describes a mapping 5821 of a raw block device within a container. 5822 properties: 5823 devicePath: 5824 description: devicePath is the path inside 5825 of the container that the device will 5826 be mapped to. 5827 type: string 5828 name: 5829 description: name must match the name of 5830 a persistentVolumeClaim in the pod 5831 type: string 5832 required: 5833 - devicePath 5834 - name 5835 type: object 5836 type: array 5837 volumeMounts: 5838 description: Pod volumes to mount into the container's 5839 filesystem. Cannot be updated. 5840 items: 5841 description: VolumeMount describes a mounting 5842 of a Volume within a container. 5843 properties: 5844 mountPath: 5845 description: Path within the container at 5846 which the volume should be mounted. Must 5847 not contain ':'. 5848 type: string 5849 mountPropagation: 5850 description: mountPropagation determines 5851 how mounts are propagated from the host 5852 to container and the other way around. 5853 When not set, MountPropagationNone is 5854 used. This field is beta in 1.10. 5855 type: string 5856 name: 5857 description: This must match the Name of 5858 a Volume. 5859 type: string 5860 readOnly: 5861 description: Mounted read-only if true, 5862 read-write otherwise (false or unspecified). 5863 Defaults to false. 5864 type: boolean 5865 subPath: 5866 description: Path within the volume from 5867 which the container's volume should be 5868 mounted. Defaults to "" (volume's root). 5869 type: string 5870 subPathExpr: 5871 description: Expanded path within the volume 5872 from which the container's volume should 5873 be mounted. Behaves similarly to SubPath 5874 but environment variable references $(VAR_NAME) 5875 are expanded using the container's environment. 5876 Defaults to "" (volume's root). SubPathExpr 5877 and SubPath are mutually exclusive. 5878 type: string 5879 required: 5880 - mountPath 5881 - name 5882 type: object 5883 type: array 5884 workingDir: 5885 description: Container's working directory. If 5886 not specified, the container runtime's default 5887 will be used, which might be configured in the 5888 container image. Cannot be updated. 5889 type: string 5890 required: 5891 - name 5892 type: object 5893 type: array 5894 nodeName: 5895 description: NodeName is a request to schedule this 5896 pod onto a specific node. If it is non-empty, the 5897 scheduler simply schedules this pod onto that node, 5898 assuming that it fits resource requirements. 5899 type: string 5900 nodeSelector: 5901 additionalProperties: 5902 type: string 5903 description: 'NodeSelector is a selector which must 5904 be true for the pod to fit on a node. Selector which 5905 must match a node''s labels for the pod to be scheduled 5906 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 5907 type: object 5908 x-kubernetes-map-type: atomic 5909 os: 5910 description: "Specifies the OS of the containers in 5911 the pod. Some pod and container fields are restricted 5912 if this is set. \n If the OS field is set to linux, 5913 the following fields must be unset: -securityContext.windowsOptions 5914 \n If the OS field is set to windows, following fields 5915 must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers 5916 - spec.securityContext.seLinuxOptions - spec.securityContext." 5917 properties: 5918 name: 5919 description: 'Name is the name of the operating 5920 system. The currently supported values are linux 5921 and windows. Additional value may be defined in 5922 future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration 5923 Clients should expect to handle additional values 5924 and treat unrecognized values in this field as 5925 os: null' 5926 type: string 5927 required: 5928 - name 5929 type: object 5930 overhead: 5931 additionalProperties: 5932 anyOf: 5933 - type: integer 5934 - type: string 5935 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5936 x-kubernetes-int-or-string: true 5937 description: Overhead represents the resource overhead 5938 associated with running a pod for a given RuntimeClass. 5939 This field will be autopopulated at admission time 5940 by the RuntimeClass admission controller. If the RuntimeClass 5941 admission controller is enabled, overhead must not 5942 be set in Pod create requests. The RuntimeClass admission 5943 controller will reject Pod create requests which have 5944 the overhead already set. 5945 type: object 5946 preemptionPolicy: 5947 description: PreemptionPolicy is the Policy for preempting 5948 pods with lower priority. One of Never, PreemptLowerPriority. 5949 Defaults to PreemptLowerPriority if unset. 5950 type: string 5951 priority: 5952 description: The priority value. Various system components 5953 use this field to find the priority of the pod. When 5954 Priority Admission Controller is enabled, it prevents 5955 users from setting this field. The admission controller 5956 populates this field from PriorityClassName. The higher 5957 the value, the higher the priority. 5958 format: int32 5959 type: integer 5960 priorityClassName: 5961 description: If specified, indicates the pod's priority. 5962 "system-node-critical" and "system-cluster-critical" 5963 are two special keywords which indicate the highest 5964 priorities with the former being the highest priority. 5965 Any other name must be defined by creating a PriorityClass 5966 object with that name. If not specified, the pod priority 5967 will be default or zero if there is no default. 5968 type: string 5969 readinessGates: 5970 description: 'If specified, all readiness gates will 5971 be evaluated for pod readiness. A pod is ready when 5972 all its containers are ready AND all conditions specified 5973 in the readiness gates have status equal to "True" 5974 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' 5975 items: 5976 description: PodReadinessGate contains the reference 5977 to a pod condition 5978 properties: 5979 conditionType: 5980 description: ConditionType refers to a condition 5981 in the pod's condition list with matching type. 5982 type: string 5983 required: 5984 - conditionType 5985 type: object 5986 type: array 5987 resourceClaims: 5988 description: "ResourceClaims defines which ResourceClaims 5989 must be allocated and reserved before the Pod is allowed 5990 to start. The resources will be made available to 5991 those containers which consume them by name. \n This 5992 is an alpha field and requires enabling the DynamicResourceAllocation 5993 feature gate. \n This field is immutable." 5994 items: 5995 description: PodResourceClaim references exactly one 5996 ResourceClaim through a ClaimSource. It adds a name 5997 to it that uniquely identifies the ResourceClaim 5998 inside the Pod. Containers that need access to the 5999 ResourceClaim reference it with this name. 6000 properties: 6001 name: 6002 description: Name uniquely identifies this resource 6003 claim inside the pod. This must be a DNS_LABEL. 6004 type: string 6005 source: 6006 description: Source describes where to find the 6007 ResourceClaim. 6008 properties: 6009 resourceClaimName: 6010 description: ResourceClaimName is the name 6011 of a ResourceClaim object in the same namespace 6012 as this pod. 6013 type: string 6014 resourceClaimTemplateName: 6015 description: "ResourceClaimTemplateName is 6016 the name of a ResourceClaimTemplate object 6017 in the same namespace as this pod. \n The 6018 template will be used to create a new ResourceClaim, 6019 which will be bound to this pod. When this 6020 pod is deleted, the ResourceClaim will also 6021 be deleted. The name of the ResourceClaim 6022 will be <pod name>-<resource name>, where 6023 <resource name> is the PodResourceClaim.Name." 6024 type: string 6025 type: object 6026 required: 6027 - name 6028 type: object 6029 type: array 6030 x-kubernetes-list-map-keys: 6031 - name 6032 x-kubernetes-list-type: map 6033 restartPolicy: 6034 description: 'Restart policy for all containers within 6035 the pod. One of Always, OnFailure, Never. In some 6036 contexts, only a subset of those values may be permitted. 6037 Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 6038 type: string 6039 runtimeClassName: 6040 description: 'RuntimeClassName refers to a RuntimeClass 6041 object in the node.k8s.io group, which should be used 6042 to run this pod. If no RuntimeClass resource matches 6043 the named class, the pod will not be run. If unset 6044 or empty, the "legacy" RuntimeClass will be used, 6045 which is an implicit class with an empty definition 6046 that uses the default runtime handler. More info: 6047 https://git.k8s.' 6048 type: string 6049 schedulerName: 6050 description: If specified, the pod will be dispatched 6051 by specified scheduler. If not specified, the pod 6052 will be dispatched by default scheduler. 6053 type: string 6054 schedulingGates: 6055 description: "SchedulingGates is an opaque list of values 6056 that if specified will block scheduling the pod. If 6057 schedulingGates is not empty, the pod will stay in 6058 the SchedulingGated state and the scheduler will not 6059 attempt to schedule the pod. \n SchedulingGates can 6060 only be set at pod creation time, and be removed only 6061 afterwards. \n This is a beta feature enabled by the 6062 PodSchedulingReadiness feature gate." 6063 items: 6064 description: PodSchedulingGate is associated to a 6065 Pod to guard its scheduling. 6066 properties: 6067 name: 6068 description: Name of the scheduling gate. Each 6069 scheduling gate must have a unique name field. 6070 type: string 6071 required: 6072 - name 6073 type: object 6074 type: array 6075 x-kubernetes-list-map-keys: 6076 - name 6077 x-kubernetes-list-type: map 6078 securityContext: 6079 description: 'SecurityContext holds pod-level security 6080 attributes and common container settings. Optional: 6081 Defaults to empty. See type description for default 6082 values of each field.' 6083 properties: 6084 fsGroup: 6085 description: "A special supplemental group that 6086 applies to all containers in a pod. Some volume 6087 types allow the Kubelet to change the ownership 6088 of that volume to be owned by the pod: \n 1. The 6089 owning GID will be the FSGroup 2. The setgid bit 6090 is set (new files created in the volume will be 6091 owned by FSGroup) 3." 6092 format: int64 6093 type: integer 6094 fsGroupChangePolicy: 6095 description: 'fsGroupChangePolicy defines behavior 6096 of changing ownership and permission of the volume 6097 before being exposed inside Pod. This field will 6098 only apply to volume types which support fsGroup 6099 based ownership(and permissions). It will have 6100 no effect on ephemeral volume types such as: secret, 6101 configmaps and emptydir. Valid values are "OnRootMismatch" 6102 and "Always". If not specified, "Always" is used.' 6103 type: string 6104 runAsGroup: 6105 description: The GID to run the entrypoint of the 6106 container process. Uses runtime default if unset. 6107 May also be set in SecurityContext. If set in 6108 both SecurityContext and PodSecurityContext, the 6109 value specified in SecurityContext takes precedence 6110 for that container. Note that this field cannot 6111 be set when spec.os.name is windows. 6112 format: int64 6113 type: integer 6114 runAsNonRoot: 6115 description: Indicates that the container must run 6116 as a non-root user. If true, the Kubelet will 6117 validate the image at runtime to ensure that it 6118 does not run as UID 0 (root) and fail to start 6119 the container if it does. If unset or false, no 6120 such validation will be performed. May also be 6121 set in SecurityContext. 6122 type: boolean 6123 runAsUser: 6124 description: The UID to run the entrypoint of the 6125 container process. Defaults to user specified 6126 in image metadata if unspecified. May also be 6127 set in SecurityContext. If set in both SecurityContext 6128 and PodSecurityContext, the value specified in 6129 SecurityContext takes precedence for that container. 6130 Note that this field cannot be set when spec.os.name 6131 is windows. 6132 format: int64 6133 type: integer 6134 seLinuxOptions: 6135 description: The SELinux context to be applied to 6136 all containers. If unspecified, the container 6137 runtime will allocate a random SELinux context 6138 for each container. May also be set in SecurityContext. If 6139 set in both SecurityContext and PodSecurityContext, 6140 the value specified in SecurityContext takes precedence 6141 for that container. Note that this field cannot 6142 be set when spec.os.name is windows. 6143 properties: 6144 level: 6145 description: Level is SELinux level label that 6146 applies to the container. 6147 type: string 6148 role: 6149 description: Role is a SELinux role label that 6150 applies to the container. 6151 type: string 6152 type: 6153 description: Type is a SELinux type label that 6154 applies to the container. 6155 type: string 6156 user: 6157 description: User is a SELinux user label that 6158 applies to the container. 6159 type: string 6160 type: object 6161 seccompProfile: 6162 description: The seccomp options to use by the containers 6163 in this pod. Note that this field cannot be set 6164 when spec.os.name is windows. 6165 properties: 6166 localhostProfile: 6167 description: localhostProfile indicates a profile 6168 defined in a file on the node should be used. 6169 The profile must be preconfigured on the node 6170 to work. Must be a descending path, relative 6171 to the kubelet's configured seccomp profile 6172 location. Must only be set if type is "Localhost". 6173 type: string 6174 type: 6175 description: "type indicates which kind of seccomp 6176 profile will be applied. Valid options are: 6177 \n Localhost - a profile defined in a file 6178 on the node should be used. RuntimeDefault 6179 - the container runtime default profile should 6180 be used. Unconfined - no profile should be 6181 applied." 6182 type: string 6183 required: 6184 - type 6185 type: object 6186 supplementalGroups: 6187 description: A list of groups applied to the first 6188 process run in each container, in addition to 6189 the container's primary GID, the fsGroup (if specified), 6190 and group memberships defined in the container 6191 image for the uid of the container process. If 6192 unspecified, no additional groups are added to 6193 any container. 6194 items: 6195 format: int64 6196 type: integer 6197 type: array 6198 sysctls: 6199 description: Sysctls hold a list of namespaced sysctls 6200 used for the pod. Pods with unsupported sysctls 6201 (by the container runtime) might fail to launch. 6202 Note that this field cannot be set when spec.os.name 6203 is windows. 6204 items: 6205 description: Sysctl defines a kernel parameter 6206 to be set 6207 properties: 6208 name: 6209 description: Name of a property to set 6210 type: string 6211 value: 6212 description: Value of a property to set 6213 type: string 6214 required: 6215 - name 6216 - value 6217 type: object 6218 type: array 6219 windowsOptions: 6220 description: The Windows specific settings applied 6221 to all containers. If unspecified, the options 6222 within a container's SecurityContext will be used. 6223 If set in both SecurityContext and PodSecurityContext, 6224 the value specified in SecurityContext takes precedence. 6225 Note that this field cannot be set when spec.os.name 6226 is linux. 6227 properties: 6228 gmsaCredentialSpec: 6229 description: GMSACredentialSpec is where the 6230 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6231 inlines the contents of the GMSA credential 6232 spec named by the GMSACredentialSpecName field. 6233 type: string 6234 gmsaCredentialSpecName: 6235 description: GMSACredentialSpecName is the name 6236 of the GMSA credential spec to use. 6237 type: string 6238 hostProcess: 6239 description: HostProcess determines if a container 6240 should be run as a 'Host Process' container. 6241 This field is alpha-level and will only be 6242 honored by components that enable the WindowsHostProcessContainers 6243 feature flag. Setting this field without the 6244 feature flag will result in errors when validating 6245 the Pod. 6246 type: boolean 6247 runAsUserName: 6248 description: The UserName in Windows to run 6249 the entrypoint of the container process. Defaults 6250 to the user specified in image metadata if 6251 unspecified. May also be set in PodSecurityContext. 6252 If set in both SecurityContext and PodSecurityContext, 6253 the value specified in SecurityContext takes 6254 precedence. 6255 type: string 6256 type: object 6257 type: object 6258 serviceAccount: 6259 description: 'DeprecatedServiceAccount is a depreciated 6260 alias for ServiceAccountName. Deprecated: Use serviceAccountName 6261 instead.' 6262 type: string 6263 serviceAccountName: 6264 description: 'ServiceAccountName is the name of the 6265 ServiceAccount to use to run this pod. More info: 6266 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 6267 type: string 6268 setHostnameAsFQDN: 6269 description: If true the pod's hostname will be configured 6270 as the pod's FQDN, rather than the leaf name (the 6271 default). In Linux containers, this means setting 6272 the FQDN in the hostname field of the kernel (the 6273 nodename field of struct utsname). 6274 type: boolean 6275 shareProcessNamespace: 6276 description: 'Share a single process namespace between 6277 all of the containers in a pod. When this is set containers 6278 will be able to view and signal processes from other 6279 containers in the same pod, and the first process 6280 in each container will not be assigned PID 1. HostPID 6281 and ShareProcessNamespace cannot both be set. Optional: 6282 Default to false.' 6283 type: boolean 6284 subdomain: 6285 description: If specified, the fully qualified Pod hostname 6286 will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 6287 domain>". If not specified, the pod will not have 6288 a domainname at all. 6289 type: string 6290 terminationGracePeriodSeconds: 6291 description: Optional duration in seconds the pod needs 6292 to terminate gracefully. May be decreased in delete 6293 request. Value must be non-negative integer. The value 6294 zero indicates stop immediately via the kill signal 6295 (no opportunity to shut down). If this value is nil, 6296 the default grace period will be used instead. 6297 format: int64 6298 type: integer 6299 tolerations: 6300 description: If specified, the pod's tolerations. 6301 items: 6302 description: The pod this Toleration is attached to 6303 tolerates any taint that matches the triple <key,value,effect> 6304 using the matching operator <operator>. 6305 properties: 6306 effect: 6307 description: Effect indicates the taint effect 6308 to match. Empty means match all taint effects. 6309 When specified, allowed values are NoSchedule, 6310 PreferNoSchedule and NoExecute. 6311 type: string 6312 key: 6313 description: Key is the taint key that the toleration 6314 applies to. Empty means match all taint keys. 6315 If the key is empty, operator must be Exists; 6316 this combination means to match all values and 6317 all keys. 6318 type: string 6319 operator: 6320 description: Operator represents a key's relationship 6321 to the value. Valid operators are Exists and 6322 Equal. Defaults to Equal. Exists is equivalent 6323 to wildcard for value, so that a pod can tolerate 6324 all taints of a particular category. 6325 type: string 6326 tolerationSeconds: 6327 description: TolerationSeconds represents the 6328 period of time the toleration (which must be 6329 of effect NoExecute, otherwise this field is 6330 ignored) tolerates the taint. By default, it 6331 is not set, which means tolerate the taint forever 6332 (do not evict). Zero and negative values will 6333 be treated as 0 (evict immediately) by the system. 6334 format: int64 6335 type: integer 6336 value: 6337 description: Value is the taint value the toleration 6338 matches to. If the operator is Exists, the value 6339 should be empty, otherwise just a regular string. 6340 type: string 6341 type: object 6342 type: array 6343 topologySpreadConstraints: 6344 description: TopologySpreadConstraints describes how 6345 a group of pods ought to spread across topology domains. 6346 Scheduler will schedule pods in a way which abides 6347 by the constraints. All topologySpreadConstraints 6348 are ANDed. 6349 items: 6350 description: TopologySpreadConstraint specifies how 6351 to spread matching pods among the given topology. 6352 properties: 6353 labelSelector: 6354 description: LabelSelector is used to find matching 6355 pods. Pods that match this label selector are 6356 counted to determine the number of pods in their 6357 corresponding topology domain. 6358 properties: 6359 matchExpressions: 6360 description: matchExpressions is a list of 6361 label selector requirements. The requirements 6362 are ANDed. 6363 items: 6364 description: A label selector requirement 6365 is a selector that contains values, a 6366 key, and an operator that relates the 6367 key and values. 6368 properties: 6369 key: 6370 description: key is the label key that 6371 the selector applies to. 6372 type: string 6373 operator: 6374 description: operator represents a key's 6375 relationship to a set of values. Valid 6376 operators are In, NotIn, Exists and 6377 DoesNotExist. 6378 type: string 6379 values: 6380 description: values is an array of string 6381 values. If the operator is In or NotIn, 6382 the values array must be non-empty. 6383 If the operator is Exists or DoesNotExist, 6384 the values array must be empty. This 6385 array is replaced during a strategic 6386 merge patch. 6387 items: 6388 type: string 6389 type: array 6390 required: 6391 - key 6392 - operator 6393 type: object 6394 type: array 6395 matchLabels: 6396 additionalProperties: 6397 type: string 6398 description: matchLabels is a map of {key,value} 6399 pairs. A single {key,value} in the matchLabels 6400 map is equivalent to an element of matchExpressions, 6401 whose key field is "key", the operator is 6402 "In", and the values array contains only 6403 "value". The requirements are ANDed. 6404 type: object 6405 type: object 6406 x-kubernetes-map-type: atomic 6407 matchLabelKeys: 6408 description: MatchLabelKeys is a set of pod label 6409 keys to select the pods over which spreading 6410 will be calculated. The keys are used to lookup 6411 values from the incoming pod labels, those key-value 6412 labels are ANDed with labelSelector to select 6413 the group of existing pods over which spreading 6414 will be calculated for the incoming pod. The 6415 same key is forbidden to exist in both MatchLabelKeys 6416 and LabelSelector. 6417 items: 6418 type: string 6419 type: array 6420 x-kubernetes-list-type: atomic 6421 maxSkew: 6422 description: MaxSkew describes the degree to which 6423 pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 6424 it is the maximum permitted difference between 6425 the number of matching pods in the target topology 6426 and the global minimum. The global minimum is 6427 the minimum number of matching pods in an eligible 6428 domain or zero if the number of eligible domains 6429 is less than MinDomains. 6430 format: int32 6431 type: integer 6432 minDomains: 6433 description: MinDomains indicates a minimum number 6434 of eligible domains. When the number of eligible 6435 domains with matching topology keys is less 6436 than minDomains, Pod Topology Spread treats 6437 "global minimum" as 0, and then the calculation 6438 of Skew is performed. And when the number of 6439 eligible domains with matching topology keys 6440 equals or greater than minDomains, this value 6441 has no effect on scheduling. 6442 format: int32 6443 type: integer 6444 nodeAffinityPolicy: 6445 description: "NodeAffinityPolicy indicates how 6446 we will treat Pod's nodeAffinity/nodeSelector 6447 when calculating pod topology spread skew. Options 6448 are: - Honor: only nodes matching nodeAffinity/nodeSelector 6449 are included in the calculations. - Ignore: 6450 nodeAffinity/nodeSelector are ignored. All nodes 6451 are included in the calculations. \n If this 6452 value is nil, the behavior is equivalent to 6453 the Honor policy." 6454 type: string 6455 nodeTaintsPolicy: 6456 description: "NodeTaintsPolicy indicates how we 6457 will treat node taints when calculating pod 6458 topology spread skew. Options are: - Honor: 6459 nodes without taints, along with tainted nodes 6460 for which the incoming pod has a toleration, 6461 are included. - Ignore: node taints are ignored. 6462 All nodes are included. \n If this value is 6463 nil, the behavior is equivalent to the Ignore 6464 policy." 6465 type: string 6466 topologyKey: 6467 description: TopologyKey is the key of node labels. 6468 Nodes that have a label with this key and identical 6469 values are considered to be in the same topology. 6470 We consider each <key, value> as a "bucket", 6471 and try to put balanced number of pods into 6472 each bucket. We define a domain as a particular 6473 instance of a topology. 6474 type: string 6475 whenUnsatisfiable: 6476 description: WhenUnsatisfiable indicates how to 6477 deal with a pod if it doesn't satisfy the spread 6478 constraint. - DoNotSchedule (default) tells 6479 the scheduler not to schedule it. - ScheduleAnyway 6480 tells the scheduler to schedule the pod in any 6481 location, but giving higher precedence to topologies 6482 that would help reduce the skew. 6483 type: string 6484 required: 6485 - maxSkew 6486 - topologyKey 6487 - whenUnsatisfiable 6488 type: object 6489 type: array 6490 x-kubernetes-list-map-keys: 6491 - topologyKey 6492 - whenUnsatisfiable 6493 x-kubernetes-list-type: map 6494 volumes: 6495 description: 'List of volumes that can be mounted by 6496 containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 6497 items: 6498 description: Volume represents a named volume in a 6499 pod that may be accessed by any container in the 6500 pod. 6501 properties: 6502 awsElasticBlockStore: 6503 description: 'awsElasticBlockStore represents 6504 an AWS Disk resource that is attached to a kubelet''s 6505 host machine and then exposed to the pod. More 6506 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6507 properties: 6508 fsType: 6509 description: 'fsType is the filesystem type 6510 of the volume that you want to mount. Tip: 6511 Ensure that the filesystem type is supported 6512 by the host operating system. Examples: 6513 "ext4", "xfs", "ntfs". Implicitly inferred 6514 to be "ext4" if unspecified. More info: 6515 https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 6516 TODO: how do we prevent errors in the filesystem 6517 from compromising the machine' 6518 type: string 6519 partition: 6520 description: 'partition is the partition in 6521 the volume that you want to mount. If omitted, 6522 the default is to mount by volume name. 6523 Examples: For volume /dev/sda1, you specify 6524 the partition as "1". Similarly, the volume 6525 partition for /dev/sda is "0" (or you can 6526 leave the property empty).' 6527 format: int32 6528 type: integer 6529 readOnly: 6530 description: 'readOnly value true will force 6531 the readOnly setting in VolumeMounts. More 6532 info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6533 type: boolean 6534 volumeID: 6535 description: 'volumeID is unique ID of the 6536 persistent disk resource in AWS (Amazon 6537 EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6538 type: string 6539 required: 6540 - volumeID 6541 type: object 6542 azureDisk: 6543 description: azureDisk represents an Azure Data 6544 Disk mount on the host and bind mount to the 6545 pod. 6546 properties: 6547 cachingMode: 6548 description: 'cachingMode is the Host Caching 6549 mode: None, Read Only, Read Write.' 6550 type: string 6551 diskName: 6552 description: diskName is the Name of the data 6553 disk in the blob storage 6554 type: string 6555 diskURI: 6556 description: diskURI is the URI of data disk 6557 in the blob storage 6558 type: string 6559 fsType: 6560 description: fsType is Filesystem type to 6561 mount. Must be a filesystem type supported 6562 by the host operating system. Ex. "ext4", 6563 "xfs", "ntfs". Implicitly inferred to be 6564 "ext4" if unspecified. 6565 type: string 6566 kind: 6567 description: 'kind expected values are Shared: 6568 multiple blob disks per storage account Dedicated: 6569 single blob disk per storage account Managed: 6570 azure managed data disk (only in managed 6571 availability set). defaults to shared' 6572 type: string 6573 readOnly: 6574 description: readOnly Defaults to false (read/write). 6575 ReadOnly here will force the ReadOnly setting 6576 in VolumeMounts. 6577 type: boolean 6578 required: 6579 - diskName 6580 - diskURI 6581 type: object 6582 azureFile: 6583 description: azureFile represents an Azure File 6584 Service mount on the host and bind mount to 6585 the pod. 6586 properties: 6587 readOnly: 6588 description: readOnly defaults to false (read/write). 6589 ReadOnly here will force the ReadOnly setting 6590 in VolumeMounts. 6591 type: boolean 6592 secretName: 6593 description: secretName is the name of secret 6594 that contains Azure Storage Account Name 6595 and Key 6596 type: string 6597 shareName: 6598 description: shareName is the azure share 6599 Name 6600 type: string 6601 required: 6602 - secretName 6603 - shareName 6604 type: object 6605 cephfs: 6606 description: cephFS represents a Ceph FS mount 6607 on the host that shares a pod's lifetime 6608 properties: 6609 monitors: 6610 description: 'monitors is Required: Monitors 6611 is a collection of Ceph monitors More info: 6612 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6613 items: 6614 type: string 6615 type: array 6616 path: 6617 description: 'path is Optional: Used as the 6618 mounted root, rather than the full Ceph 6619 tree, default is /' 6620 type: string 6621 readOnly: 6622 description: 'readOnly is Optional: Defaults 6623 to false (read/write). ReadOnly here will 6624 force the ReadOnly setting in VolumeMounts. 6625 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6626 type: boolean 6627 secretFile: 6628 description: 'secretFile is Optional: SecretFile 6629 is the path to key ring for User, default 6630 is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6631 type: string 6632 secretRef: 6633 description: 'secretRef is Optional: SecretRef 6634 is reference to the authentication secret 6635 for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6636 properties: 6637 name: 6638 description: 'Name of the referent. More 6639 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6640 TODO: Add other useful fields. apiVersion, 6641 kind, uid?' 6642 type: string 6643 type: object 6644 x-kubernetes-map-type: atomic 6645 user: 6646 description: 'user is optional: User is the 6647 rados user name, default is admin More info: 6648 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6649 type: string 6650 required: 6651 - monitors 6652 type: object 6653 cinder: 6654 description: 'cinder represents a cinder volume 6655 attached and mounted on kubelets host machine. 6656 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6657 properties: 6658 fsType: 6659 description: 'fsType is the filesystem type 6660 to mount. Must be a filesystem type supported 6661 by the host operating system. Examples: 6662 "ext4", "xfs", "ntfs". Implicitly inferred 6663 to be "ext4" if unspecified. More info: 6664 https://examples.k8s.io/mysql-cinder-pd/README.md' 6665 type: string 6666 readOnly: 6667 description: 'readOnly defaults to false (read/write). 6668 ReadOnly here will force the ReadOnly setting 6669 in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6670 type: boolean 6671 secretRef: 6672 description: 'secretRef is optional: points 6673 to a secret object containing parameters 6674 used to connect to OpenStack.' 6675 properties: 6676 name: 6677 description: 'Name of the referent. More 6678 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6679 TODO: Add other useful fields. apiVersion, 6680 kind, uid?' 6681 type: string 6682 type: object 6683 x-kubernetes-map-type: atomic 6684 volumeID: 6685 description: 'volumeID used to identify the 6686 volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6687 type: string 6688 required: 6689 - volumeID 6690 type: object 6691 configMap: 6692 description: configMap represents a configMap 6693 that should populate this volume 6694 properties: 6695 defaultMode: 6696 description: 'defaultMode is optional: mode 6697 bits used to set permissions on created 6698 files by default. Must be an octal value 6699 between 0000 and 0777 or a decimal value 6700 between 0 and 511. YAML accepts both octal 6701 and decimal values, JSON requires decimal 6702 values for mode bits. Defaults to 0644. 6703 Directories within the path are not affected 6704 by this setting.' 6705 format: int32 6706 type: integer 6707 items: 6708 description: items if unspecified, each key-value 6709 pair in the Data field of the referenced 6710 ConfigMap will be projected into the volume 6711 as a file whose name is the key and content 6712 is the value. If specified, the listed keys 6713 will be projected into the specified paths, 6714 and unlisted keys will not be present. 6715 items: 6716 description: Maps a string key to a path 6717 within a volume. 6718 properties: 6719 key: 6720 description: key is the key to project. 6721 type: string 6722 mode: 6723 description: 'mode is Optional: mode 6724 bits used to set permissions on this 6725 file. Must be an octal value between 6726 0000 and 0777 or a decimal value between 6727 0 and 511. YAML accepts both octal 6728 and decimal values, JSON requires 6729 decimal values for mode bits. If not 6730 specified, the volume defaultMode 6731 will be used.' 6732 format: int32 6733 type: integer 6734 path: 6735 description: path is the relative path 6736 of the file to map the key to. May 6737 not be an absolute path. May not contain 6738 the path element '..'. May not start 6739 with the string '..'. 6740 type: string 6741 required: 6742 - key 6743 - path 6744 type: object 6745 type: array 6746 name: 6747 description: 'Name of the referent. More info: 6748 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6749 TODO: Add other useful fields. apiVersion, 6750 kind, uid?' 6751 type: string 6752 optional: 6753 description: optional specify whether the 6754 ConfigMap or its keys must be defined 6755 type: boolean 6756 type: object 6757 x-kubernetes-map-type: atomic 6758 csi: 6759 description: csi (Container Storage Interface) 6760 represents ephemeral storage that is handled 6761 by certain external CSI drivers (Beta feature). 6762 properties: 6763 driver: 6764 description: driver is the name of the CSI 6765 driver that handles this volume. Consult 6766 with your admin for the correct name as 6767 registered in the cluster. 6768 type: string 6769 fsType: 6770 description: fsType to mount. Ex. "ext4", 6771 "xfs", "ntfs". If not provided, the empty 6772 value is passed to the associated CSI driver 6773 which will determine the default filesystem 6774 to apply. 6775 type: string 6776 nodePublishSecretRef: 6777 description: nodePublishSecretRef is a reference 6778 to the secret object containing sensitive 6779 information to pass to the CSI driver to 6780 complete the CSI NodePublishVolume and NodeUnpublishVolume 6781 calls. This field is optional, and may 6782 be empty if no secret is required. If the 6783 secret object contains more than one secret, 6784 all secret references are passed. 6785 properties: 6786 name: 6787 description: 'Name of the referent. More 6788 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6789 TODO: Add other useful fields. apiVersion, 6790 kind, uid?' 6791 type: string 6792 type: object 6793 x-kubernetes-map-type: atomic 6794 readOnly: 6795 description: readOnly specifies a read-only 6796 configuration for the volume. Defaults to 6797 false (read/write). 6798 type: boolean 6799 volumeAttributes: 6800 additionalProperties: 6801 type: string 6802 description: volumeAttributes stores driver-specific 6803 properties that are passed to the CSI driver. 6804 Consult your driver's documentation for 6805 supported values. 6806 type: object 6807 required: 6808 - driver 6809 type: object 6810 downwardAPI: 6811 description: downwardAPI represents downward API 6812 about the pod that should populate this volume 6813 properties: 6814 defaultMode: 6815 description: 'Optional: mode bits to use on 6816 created files by default. Must be a Optional: 6817 mode bits used to set permissions on created 6818 files by default. Must be an octal value 6819 between 0000 and 0777 or a decimal value 6820 between 0 and 511. YAML accepts both octal 6821 and decimal values, JSON requires decimal 6822 values for mode bits. Defaults to 0644. 6823 Directories within the path are not affected 6824 by this setting.' 6825 format: int32 6826 type: integer 6827 items: 6828 description: Items is a list of downward API 6829 volume file 6830 items: 6831 description: DownwardAPIVolumeFile represents 6832 information to create the file containing 6833 the pod field 6834 properties: 6835 fieldRef: 6836 description: 'Required: Selects a field 6837 of the pod: only annotations, labels, 6838 name and namespace are supported.' 6839 properties: 6840 apiVersion: 6841 description: Version of the schema 6842 the FieldPath is written in terms 6843 of, defaults to "v1". 6844 type: string 6845 fieldPath: 6846 description: Path of the field to 6847 select in the specified API version. 6848 type: string 6849 required: 6850 - fieldPath 6851 type: object 6852 x-kubernetes-map-type: atomic 6853 mode: 6854 description: 'Optional: mode bits used 6855 to set permissions on this file, must 6856 be an octal value between 0000 and 6857 0777 or a decimal value between 0 6858 and 511. YAML accepts both octal and 6859 decimal values, JSON requires decimal 6860 values for mode bits. If not specified, 6861 the volume defaultMode will be used.' 6862 format: int32 6863 type: integer 6864 path: 6865 description: 'Required: Path is the 6866 relative path name of the file to 6867 be created. Must not be absolute or 6868 contain the ''..'' path. Must be utf-8 6869 encoded. The first item of the relative 6870 path must not start with ''..''' 6871 type: string 6872 resourceFieldRef: 6873 description: 'Selects a resource of 6874 the container: only resources limits 6875 and requests (limits.cpu, limits.memory, 6876 requests.cpu and requests.memory) 6877 are currently supported.' 6878 properties: 6879 containerName: 6880 description: 'Container name: required 6881 for volumes, optional for env 6882 vars' 6883 type: string 6884 divisor: 6885 anyOf: 6886 - type: integer 6887 - type: string 6888 description: Specifies the output 6889 format of the exposed resources, 6890 defaults to "1" 6891 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6892 x-kubernetes-int-or-string: true 6893 resource: 6894 description: 'Required: resource 6895 to select' 6896 type: string 6897 required: 6898 - resource 6899 type: object 6900 x-kubernetes-map-type: atomic 6901 required: 6902 - path 6903 type: object 6904 type: array 6905 type: object 6906 emptyDir: 6907 description: 'emptyDir represents a temporary 6908 directory that shares a pod''s lifetime. More 6909 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6910 properties: 6911 medium: 6912 description: 'medium represents what type 6913 of storage medium should back this directory. 6914 The default is "" which means to use the 6915 node''s default medium. Must be an empty 6916 string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6917 type: string 6918 sizeLimit: 6919 anyOf: 6920 - type: integer 6921 - type: string 6922 description: 'sizeLimit is the total amount 6923 of local storage required for this EmptyDir 6924 volume. The size limit is also applicable 6925 for memory medium. The maximum usage on 6926 memory medium EmptyDir would be the minimum 6927 value between the SizeLimit specified here 6928 and the sum of memory limits of all containers 6929 in a pod. The default is nil which means 6930 that the limit is undefined. More info: 6931 https://kubernetes.' 6932 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6933 x-kubernetes-int-or-string: true 6934 type: object 6935 ephemeral: 6936 description: ephemeral represents a volume that 6937 is handled by a cluster storage driver. The 6938 volume's lifecycle is tied to the pod that defines 6939 it - it will be created before the pod starts, 6940 and deleted when the pod is removed. 6941 properties: 6942 volumeClaimTemplate: 6943 description: Will be used to create a stand-alone 6944 PVC to provision the volume. The pod in 6945 which this EphemeralVolumeSource is embedded 6946 will be the owner of the PVC, i.e. the PVC 6947 will be deleted together with the pod. The 6948 name of the PVC will be `<pod name>-<volume 6949 name>` where `<volume name>` is the name 6950 from the `PodSpec.Volumes` array entry. 6951 properties: 6952 metadata: 6953 description: May contain labels and annotations 6954 that will be copied into the PVC when 6955 creating it. No other fields are allowed 6956 and will be rejected during validation. 6957 properties: 6958 annotations: 6959 additionalProperties: 6960 type: string 6961 type: object 6962 finalizers: 6963 items: 6964 type: string 6965 type: array 6966 labels: 6967 additionalProperties: 6968 type: string 6969 type: object 6970 name: 6971 type: string 6972 namespace: 6973 type: string 6974 type: object 6975 spec: 6976 description: The specification for the 6977 PersistentVolumeClaim. The entire content 6978 is copied unchanged into the PVC that 6979 gets created from this template. The 6980 same fields as in a PersistentVolumeClaim 6981 are also valid here. 6982 properties: 6983 accessModes: 6984 description: 'accessModes contains 6985 the desired access modes the volume 6986 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6987 items: 6988 type: string 6989 type: array 6990 dataSource: 6991 description: 'dataSource field can 6992 be used to specify either: * An 6993 existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6994 * An existing PVC (PersistentVolumeClaim) 6995 If the provisioner or an external 6996 controller can support the specified 6997 data source, it will create a new 6998 volume based on the contents of 6999 the specified data source.' 7000 properties: 7001 apiGroup: 7002 description: APIGroup is the group 7003 for the resource being referenced. 7004 If APIGroup is not specified, 7005 the specified Kind must be in 7006 the core API group. For any 7007 other third-party types, APIGroup 7008 is required. 7009 type: string 7010 kind: 7011 description: Kind is the type 7012 of resource being referenced 7013 type: string 7014 name: 7015 description: Name is the name 7016 of resource being referenced 7017 type: string 7018 required: 7019 - kind 7020 - name 7021 type: object 7022 x-kubernetes-map-type: atomic 7023 dataSourceRef: 7024 description: dataSourceRef specifies 7025 the object from which to populate 7026 the volume with data, if a non-empty 7027 volume is desired. This may be any 7028 object from a non-empty API group 7029 (non core object) or a PersistentVolumeClaim 7030 object. When this field is specified, 7031 volume binding will only succeed 7032 if the type of the specified object 7033 matches some installed volume populator 7034 or dynamic provisioner. 7035 properties: 7036 apiGroup: 7037 description: APIGroup is the group 7038 for the resource being referenced. 7039 If APIGroup is not specified, 7040 the specified Kind must be in 7041 the core API group. For any 7042 other third-party types, APIGroup 7043 is required. 7044 type: string 7045 kind: 7046 description: Kind is the type 7047 of resource being referenced 7048 type: string 7049 name: 7050 description: Name is the name 7051 of resource being referenced 7052 type: string 7053 namespace: 7054 description: Namespace is the 7055 namespace of resource being 7056 referenced Note that when a 7057 namespace is specified, a gateway.networking.k8s.io/ReferenceGrant 7058 object is required in the referent 7059 namespace to allow that namespace's 7060 owner to accept the reference. 7061 See the ReferenceGrant documentation 7062 for details. (Alpha) This field 7063 requires the CrossNamespaceVolumeDataSource 7064 feature gate to be enabled. 7065 type: string 7066 required: 7067 - kind 7068 - name 7069 type: object 7070 resources: 7071 description: 'resources represents 7072 the minimum resources the volume 7073 should have. If RecoverVolumeExpansionFailure 7074 feature is enabled users are allowed 7075 to specify resource requirements 7076 that are lower than previous value 7077 but must still be higher than capacity 7078 recorded in the status field of 7079 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7080 properties: 7081 claims: 7082 description: "Claims lists the 7083 names of resources, defined 7084 in spec.resourceClaims, that 7085 are used by this container. 7086 \n This is an alpha field and 7087 requires enabling the DynamicResourceAllocation 7088 feature gate. \n This field 7089 is immutable. It can only be 7090 set for containers." 7091 items: 7092 description: ResourceClaim references 7093 one entry in PodSpec.ResourceClaims. 7094 properties: 7095 name: 7096 description: Name must match 7097 the name of one entry 7098 in pod.spec.resourceClaims 7099 of the Pod where this 7100 field is used. It makes 7101 that resource available 7102 inside a container. 7103 type: string 7104 required: 7105 - name 7106 type: object 7107 type: array 7108 x-kubernetes-list-map-keys: 7109 - name 7110 x-kubernetes-list-type: map 7111 limits: 7112 additionalProperties: 7113 anyOf: 7114 - type: integer 7115 - type: string 7116 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7117 x-kubernetes-int-or-string: true 7118 description: 'Limits describes 7119 the maximum amount of compute 7120 resources allowed. More info: 7121 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7122 type: object 7123 requests: 7124 additionalProperties: 7125 anyOf: 7126 - type: integer 7127 - type: string 7128 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7129 x-kubernetes-int-or-string: true 7130 description: 'Requests describes 7131 the minimum amount of compute 7132 resources required. If Requests 7133 is omitted for a container, 7134 it defaults to Limits if that 7135 is explicitly specified, otherwise 7136 to an implementation-defined 7137 value. Requests cannot exceed 7138 Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7139 type: object 7140 type: object 7141 selector: 7142 description: selector is a label query 7143 over volumes to consider for binding. 7144 properties: 7145 matchExpressions: 7146 description: matchExpressions 7147 is a list of label selector 7148 requirements. The requirements 7149 are ANDed. 7150 items: 7151 description: A label selector 7152 requirement is a selector 7153 that contains values, a key, 7154 and an operator that relates 7155 the key and values. 7156 properties: 7157 key: 7158 description: key is the 7159 label key that the selector 7160 applies to. 7161 type: string 7162 operator: 7163 description: operator represents 7164 a key's relationship to 7165 a set of values. Valid 7166 operators are In, NotIn, 7167 Exists and DoesNotExist. 7168 type: string 7169 values: 7170 description: values is an 7171 array of string values. 7172 If the operator is In 7173 or NotIn, the values array 7174 must be non-empty. If 7175 the operator is Exists 7176 or DoesNotExist, the values 7177 array must be empty. This 7178 array is replaced during 7179 a strategic merge patch. 7180 items: 7181 type: string 7182 type: array 7183 required: 7184 - key 7185 - operator 7186 type: object 7187 type: array 7188 matchLabels: 7189 additionalProperties: 7190 type: string 7191 description: matchLabels is a 7192 map of {key,value} pairs. A 7193 single {key,value} in the matchLabels 7194 map is equivalent to an element 7195 of matchExpressions, whose key 7196 field is "key", the operator 7197 is "In", and the values array 7198 contains only "value". The requirements 7199 are ANDed. 7200 type: object 7201 type: object 7202 x-kubernetes-map-type: atomic 7203 storageClassName: 7204 description: 'storageClassName is 7205 the name of the StorageClass required 7206 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7207 type: string 7208 volumeMode: 7209 description: volumeMode defines what 7210 type of volume is required by the 7211 claim. Value of Filesystem is implied 7212 when not included in claim spec. 7213 type: string 7214 volumeName: 7215 description: volumeName is the binding 7216 reference to the PersistentVolume 7217 backing this claim. 7218 type: string 7219 type: object 7220 required: 7221 - spec 7222 type: object 7223 type: object 7224 fc: 7225 description: fc represents a Fibre Channel resource 7226 that is attached to a kubelet's host machine 7227 and then exposed to the pod. 7228 properties: 7229 fsType: 7230 description: 'fsType is the filesystem type 7231 to mount. Must be a filesystem type supported 7232 by the host operating system. Ex. "ext4", 7233 "xfs", "ntfs". Implicitly inferred to be 7234 "ext4" if unspecified. TODO: how do we prevent 7235 errors in the filesystem from compromising 7236 the machine' 7237 type: string 7238 lun: 7239 description: 'lun is Optional: FC target lun 7240 number' 7241 format: int32 7242 type: integer 7243 readOnly: 7244 description: 'readOnly is Optional: Defaults 7245 to false (read/write). ReadOnly here will 7246 force the ReadOnly setting in VolumeMounts.' 7247 type: boolean 7248 targetWWNs: 7249 description: 'targetWWNs is Optional: FC target 7250 worldwide names (WWNs)' 7251 items: 7252 type: string 7253 type: array 7254 wwids: 7255 description: 'wwids Optional: FC volume world 7256 wide identifiers (wwids) Either wwids or 7257 combination of targetWWNs and lun must be 7258 set, but not both simultaneously.' 7259 items: 7260 type: string 7261 type: array 7262 type: object 7263 flexVolume: 7264 description: flexVolume represents a generic volume 7265 resource that is provisioned/attached using 7266 an exec based plugin. 7267 properties: 7268 driver: 7269 description: driver is the name of the driver 7270 to use for this volume. 7271 type: string 7272 fsType: 7273 description: fsType is the filesystem type 7274 to mount. Must be a filesystem type supported 7275 by the host operating system. Ex. "ext4", 7276 "xfs", "ntfs". The default filesystem depends 7277 on FlexVolume script. 7278 type: string 7279 options: 7280 additionalProperties: 7281 type: string 7282 description: 'options is Optional: this field 7283 holds extra command options if any.' 7284 type: object 7285 readOnly: 7286 description: 'readOnly is Optional: defaults 7287 to false (read/write). ReadOnly here will 7288 force the ReadOnly setting in VolumeMounts.' 7289 type: boolean 7290 secretRef: 7291 description: 'secretRef is Optional: secretRef 7292 is reference to the secret object containing 7293 sensitive information to pass to the plugin 7294 scripts. This may be empty if no secret 7295 object is specified. If the secret object 7296 contains more than one secret, all secrets 7297 are passed to the plugin scripts.' 7298 properties: 7299 name: 7300 description: 'Name of the referent. More 7301 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7302 TODO: Add other useful fields. apiVersion, 7303 kind, uid?' 7304 type: string 7305 type: object 7306 x-kubernetes-map-type: atomic 7307 required: 7308 - driver 7309 type: object 7310 flocker: 7311 description: flocker represents a Flocker volume 7312 attached to a kubelet's host machine. This depends 7313 on the Flocker control service being running 7314 properties: 7315 datasetName: 7316 description: datasetName is Name of the dataset 7317 stored as metadata -> name on the dataset 7318 for Flocker should be considered as deprecated 7319 type: string 7320 datasetUUID: 7321 description: datasetUUID is the UUID of the 7322 dataset. This is unique identifier of a 7323 Flocker dataset 7324 type: string 7325 type: object 7326 gcePersistentDisk: 7327 description: 'gcePersistentDisk represents a GCE 7328 Disk resource that is attached to a kubelet''s 7329 host machine and then exposed to the pod. More 7330 info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7331 properties: 7332 fsType: 7333 description: 'fsType is filesystem type of 7334 the volume that you want to mount. Tip: 7335 Ensure that the filesystem type is supported 7336 by the host operating system. Examples: 7337 "ext4", "xfs", "ntfs". Implicitly inferred 7338 to be "ext4" if unspecified. More info: 7339 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 7340 TODO: how do we prevent errors in the filesystem 7341 from compromising the machine' 7342 type: string 7343 partition: 7344 description: 'partition is the partition in 7345 the volume that you want to mount. If omitted, 7346 the default is to mount by volume name. 7347 Examples: For volume /dev/sda1, you specify 7348 the partition as "1". Similarly, the volume 7349 partition for /dev/sda is "0" (or you can 7350 leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7351 format: int32 7352 type: integer 7353 pdName: 7354 description: 'pdName is unique name of the 7355 PD resource in GCE. Used to identify the 7356 disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7357 type: string 7358 readOnly: 7359 description: 'readOnly here will force the 7360 ReadOnly setting in VolumeMounts. Defaults 7361 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7362 type: boolean 7363 required: 7364 - pdName 7365 type: object 7366 gitRepo: 7367 description: 'gitRepo represents a git repository 7368 at a particular revision. DEPRECATED: GitRepo 7369 is deprecated. To provision a container with 7370 a git repo, mount an EmptyDir into an InitContainer 7371 that clones the repo using git, then mount the 7372 EmptyDir into the Pod''s container.' 7373 properties: 7374 directory: 7375 description: directory is the target directory 7376 name. Must not contain or start with '..'. If 7377 '.' is supplied, the volume directory will 7378 be the git repository. Otherwise, if specified, 7379 the volume will contain the git repository 7380 in the subdirectory with the given name. 7381 type: string 7382 repository: 7383 description: repository is the URL 7384 type: string 7385 revision: 7386 description: revision is the commit hash for 7387 the specified revision. 7388 type: string 7389 required: 7390 - repository 7391 type: object 7392 glusterfs: 7393 description: 'glusterfs represents a Glusterfs 7394 mount on the host that shares a pod''s lifetime. 7395 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 7396 properties: 7397 endpoints: 7398 description: 'endpoints is the endpoint name 7399 that details Glusterfs topology. More info: 7400 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7401 type: string 7402 path: 7403 description: 'path is the Glusterfs volume 7404 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7405 type: string 7406 readOnly: 7407 description: 'readOnly here will force the 7408 Glusterfs volume to be mounted with read-only 7409 permissions. Defaults to false. More info: 7410 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7411 type: boolean 7412 required: 7413 - endpoints 7414 - path 7415 type: object 7416 hostPath: 7417 description: 'hostPath represents a pre-existing 7418 file or directory on the host machine that is 7419 directly exposed to the container. This is generally 7420 used for system agents or other privileged things 7421 that are allowed to see the host machine. Most 7422 containers will NOT need this. More info: https://kubernetes.' 7423 properties: 7424 path: 7425 description: 'path of the directory on the 7426 host. If the path is a symlink, it will 7427 follow the link to the real path. More info: 7428 https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7429 type: string 7430 type: 7431 description: 'type for HostPath Volume Defaults 7432 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7433 type: string 7434 required: 7435 - path 7436 type: object 7437 iscsi: 7438 description: 'iscsi represents an ISCSI Disk resource 7439 that is attached to a kubelet''s host machine 7440 and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 7441 properties: 7442 chapAuthDiscovery: 7443 description: chapAuthDiscovery defines whether 7444 support iSCSI Discovery CHAP authentication 7445 type: boolean 7446 chapAuthSession: 7447 description: chapAuthSession defines whether 7448 support iSCSI Session CHAP authentication 7449 type: boolean 7450 fsType: 7451 description: 'fsType is the filesystem type 7452 of the volume that you want to mount. Tip: 7453 Ensure that the filesystem type is supported 7454 by the host operating system. Examples: 7455 "ext4", "xfs", "ntfs". Implicitly inferred 7456 to be "ext4" if unspecified. More info: 7457 https://kubernetes.io/docs/concepts/storage/volumes#iscsi 7458 TODO: how do we prevent errors in the filesystem 7459 from compromising the machine' 7460 type: string 7461 initiatorName: 7462 description: initiatorName is the custom iSCSI 7463 Initiator Name. If initiatorName is specified 7464 with iscsiInterface simultaneously, new 7465 iSCSI interface <target portal>:<volume 7466 name> will be created for the connection. 7467 type: string 7468 iqn: 7469 description: iqn is the target iSCSI Qualified 7470 Name. 7471 type: string 7472 iscsiInterface: 7473 description: iscsiInterface is the interface 7474 Name that uses an iSCSI transport. Defaults 7475 to 'default' (tcp). 7476 type: string 7477 lun: 7478 description: lun represents iSCSI Target Lun 7479 number. 7480 format: int32 7481 type: integer 7482 portals: 7483 description: portals is the iSCSI Target Portal 7484 List. The portal is either an IP or ip_addr:port 7485 if the port is other than default (typically 7486 TCP ports 860 and 3260). 7487 items: 7488 type: string 7489 type: array 7490 readOnly: 7491 description: readOnly here will force the 7492 ReadOnly setting in VolumeMounts. Defaults 7493 to false. 7494 type: boolean 7495 secretRef: 7496 description: secretRef is the CHAP Secret 7497 for iSCSI target and initiator authentication 7498 properties: 7499 name: 7500 description: 'Name of the referent. More 7501 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7502 TODO: Add other useful fields. apiVersion, 7503 kind, uid?' 7504 type: string 7505 type: object 7506 x-kubernetes-map-type: atomic 7507 targetPortal: 7508 description: targetPortal is iSCSI Target 7509 Portal. The Portal is either an IP or ip_addr:port 7510 if the port is other than default (typically 7511 TCP ports 860 and 3260). 7512 type: string 7513 required: 7514 - iqn 7515 - lun 7516 - targetPortal 7517 type: object 7518 name: 7519 description: 'name of the volume. Must be a DNS_LABEL 7520 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 7521 type: string 7522 nfs: 7523 description: 'nfs represents an NFS mount on the 7524 host that shares a pod''s lifetime More info: 7525 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7526 properties: 7527 path: 7528 description: 'path that is exported by the 7529 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7530 type: string 7531 readOnly: 7532 description: 'readOnly here will force the 7533 NFS export to be mounted with read-only 7534 permissions. Defaults to false. More info: 7535 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7536 type: boolean 7537 server: 7538 description: 'server is the hostname or IP 7539 address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7540 type: string 7541 required: 7542 - path 7543 - server 7544 type: object 7545 persistentVolumeClaim: 7546 description: 'persistentVolumeClaimVolumeSource 7547 represents a reference to a PersistentVolumeClaim 7548 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7549 properties: 7550 claimName: 7551 description: 'claimName is the name of a PersistentVolumeClaim 7552 in the same namespace as the pod using this 7553 volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7554 type: string 7555 readOnly: 7556 description: readOnly Will force the ReadOnly 7557 setting in VolumeMounts. Default false. 7558 type: boolean 7559 required: 7560 - claimName 7561 type: object 7562 photonPersistentDisk: 7563 description: photonPersistentDisk represents a 7564 PhotonController persistent disk attached and 7565 mounted on kubelets host machine 7566 properties: 7567 fsType: 7568 description: fsType is the filesystem type 7569 to mount. Must be a filesystem type supported 7570 by the host operating system. Ex. "ext4", 7571 "xfs", "ntfs". Implicitly inferred to be 7572 "ext4" if unspecified. 7573 type: string 7574 pdID: 7575 description: pdID is the ID that identifies 7576 Photon Controller persistent disk 7577 type: string 7578 required: 7579 - pdID 7580 type: object 7581 portworxVolume: 7582 description: portworxVolume represents a portworx 7583 volume attached and mounted on kubelets host 7584 machine 7585 properties: 7586 fsType: 7587 description: fSType represents the filesystem 7588 type to mount Must be a filesystem type 7589 supported by the host operating system. 7590 Ex. "ext4", "xfs". Implicitly inferred to 7591 be "ext4" if unspecified. 7592 type: string 7593 readOnly: 7594 description: readOnly defaults to false (read/write). 7595 ReadOnly here will force the ReadOnly setting 7596 in VolumeMounts. 7597 type: boolean 7598 volumeID: 7599 description: volumeID uniquely identifies 7600 a Portworx volume 7601 type: string 7602 required: 7603 - volumeID 7604 type: object 7605 projected: 7606 description: projected items for all in one resources 7607 secrets, configmaps, and downward API 7608 properties: 7609 defaultMode: 7610 description: defaultMode are the mode bits 7611 used to set permissions on created files 7612 by default. Must be an octal value between 7613 0000 and 0777 or a decimal value between 7614 0 and 511. YAML accepts both octal and decimal 7615 values, JSON requires decimal values for 7616 mode bits. Directories within the path are 7617 not affected by this setting. 7618 format: int32 7619 type: integer 7620 sources: 7621 description: sources is the list of volume 7622 projections 7623 items: 7624 description: Projection that may be projected 7625 along with other supported volume types 7626 properties: 7627 configMap: 7628 description: configMap information about 7629 the configMap data to project 7630 properties: 7631 items: 7632 description: items if unspecified, 7633 each key-value pair in the Data 7634 field of the referenced ConfigMap 7635 will be projected into the volume 7636 as a file whose name is the key 7637 and content is the value. If specified, 7638 the listed keys will be projected 7639 into the specified paths, and 7640 unlisted keys will not be present. 7641 items: 7642 description: Maps a string key 7643 to a path within a volume. 7644 properties: 7645 key: 7646 description: key is the key 7647 to project. 7648 type: string 7649 mode: 7650 description: 'mode is Optional: 7651 mode bits used to set permissions 7652 on this file. Must be an 7653 octal value between 0000 7654 and 0777 or a decimal value 7655 between 0 and 511. YAML 7656 accepts both octal and decimal 7657 values, JSON requires decimal 7658 values for mode bits. If 7659 not specified, the volume 7660 defaultMode will be used.' 7661 format: int32 7662 type: integer 7663 path: 7664 description: path is the relative 7665 path of the file to map 7666 the key to. May not be an 7667 absolute path. May not contain 7668 the path element '..'. May 7669 not start with the string 7670 '..'. 7671 type: string 7672 required: 7673 - key 7674 - path 7675 type: object 7676 type: array 7677 name: 7678 description: 'Name of the referent. 7679 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7680 TODO: Add other useful fields. 7681 apiVersion, kind, uid?' 7682 type: string 7683 optional: 7684 description: optional specify whether 7685 the ConfigMap or its keys must 7686 be defined 7687 type: boolean 7688 type: object 7689 x-kubernetes-map-type: atomic 7690 downwardAPI: 7691 description: downwardAPI information 7692 about the downwardAPI data to project 7693 properties: 7694 items: 7695 description: Items is a list of 7696 DownwardAPIVolume file 7697 items: 7698 description: DownwardAPIVolumeFile 7699 represents information to create 7700 the file containing the pod 7701 field 7702 properties: 7703 fieldRef: 7704 description: 'Required: Selects 7705 a field of the pod: only 7706 annotations, labels, name 7707 and namespace are supported.' 7708 properties: 7709 apiVersion: 7710 description: Version of 7711 the schema the FieldPath 7712 is written in terms 7713 of, defaults to "v1". 7714 type: string 7715 fieldPath: 7716 description: Path of the 7717 field to select in the 7718 specified API version. 7719 type: string 7720 required: 7721 - fieldPath 7722 type: object 7723 x-kubernetes-map-type: atomic 7724 mode: 7725 description: 'Optional: mode 7726 bits used to set permissions 7727 on this file, must be an 7728 octal value between 0000 7729 and 0777 or a decimal value 7730 between 0 and 511. YAML 7731 accepts both octal and decimal 7732 values, JSON requires decimal 7733 values for mode bits. If 7734 not specified, the volume 7735 defaultMode will be used.' 7736 format: int32 7737 type: integer 7738 path: 7739 description: 'Required: Path 7740 is the relative path name 7741 of the file to be created. 7742 Must not be absolute or 7743 contain the ''..'' path. 7744 Must be utf-8 encoded. The 7745 first item of the relative 7746 path must not start with 7747 ''..''' 7748 type: string 7749 resourceFieldRef: 7750 description: 'Selects a resource 7751 of the container: only resources 7752 limits and requests (limits.cpu, 7753 limits.memory, requests.cpu 7754 and requests.memory) are 7755 currently supported.' 7756 properties: 7757 containerName: 7758 description: 'Container 7759 name: required for volumes, 7760 optional for env vars' 7761 type: string 7762 divisor: 7763 anyOf: 7764 - type: integer 7765 - type: string 7766 description: Specifies 7767 the output format of 7768 the exposed resources, 7769 defaults to "1" 7770 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7771 x-kubernetes-int-or-string: true 7772 resource: 7773 description: 'Required: 7774 resource to select' 7775 type: string 7776 required: 7777 - resource 7778 type: object 7779 x-kubernetes-map-type: atomic 7780 required: 7781 - path 7782 type: object 7783 type: array 7784 type: object 7785 secret: 7786 description: secret information about 7787 the secret data to project 7788 properties: 7789 items: 7790 description: items if unspecified, 7791 each key-value pair in the Data 7792 field of the referenced Secret 7793 will be projected into the volume 7794 as a file whose name is the key 7795 and content is the value. If specified, 7796 the listed keys will be projected 7797 into the specified paths, and 7798 unlisted keys will not be present. 7799 items: 7800 description: Maps a string key 7801 to a path within a volume. 7802 properties: 7803 key: 7804 description: key is the key 7805 to project. 7806 type: string 7807 mode: 7808 description: 'mode is Optional: 7809 mode bits used to set permissions 7810 on this file. Must be an 7811 octal value between 0000 7812 and 0777 or a decimal value 7813 between 0 and 511. YAML 7814 accepts both octal and decimal 7815 values, JSON requires decimal 7816 values for mode bits. If 7817 not specified, the volume 7818 defaultMode will be used.' 7819 format: int32 7820 type: integer 7821 path: 7822 description: path is the relative 7823 path of the file to map 7824 the key to. May not be an 7825 absolute path. May not contain 7826 the path element '..'. May 7827 not start with the string 7828 '..'. 7829 type: string 7830 required: 7831 - key 7832 - path 7833 type: object 7834 type: array 7835 name: 7836 description: 'Name of the referent. 7837 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7838 TODO: Add other useful fields. 7839 apiVersion, kind, uid?' 7840 type: string 7841 optional: 7842 description: optional field specify 7843 whether the Secret or its key 7844 must be defined 7845 type: boolean 7846 type: object 7847 x-kubernetes-map-type: atomic 7848 serviceAccountToken: 7849 description: serviceAccountToken is 7850 information about the serviceAccountToken 7851 data to project 7852 properties: 7853 audience: 7854 description: audience is the intended 7855 audience of the token. A recipient 7856 of a token must identify itself 7857 with an identifier specified in 7858 the audience of the token, and 7859 otherwise should reject the token. 7860 The audience defaults to the identifier 7861 of the apiserver. 7862 type: string 7863 expirationSeconds: 7864 description: expirationSeconds is 7865 the requested duration of validity 7866 of the service account token. 7867 As the token approaches expiration, 7868 the kubelet volume plugin will 7869 proactively rotate the service 7870 account token. The kubelet will 7871 start trying to rotate the token 7872 if the token is older than 80 7873 percent of its time to live or 7874 if the token is older than 24 7875 hours.Defaults to 1 hour and must 7876 be at least 10 minutes. 7877 format: int64 7878 type: integer 7879 path: 7880 description: path is the path relative 7881 to the mount point of the file 7882 to project the token into. 7883 type: string 7884 required: 7885 - path 7886 type: object 7887 type: object 7888 type: array 7889 type: object 7890 quobyte: 7891 description: quobyte represents a Quobyte mount 7892 on the host that shares a pod's lifetime 7893 properties: 7894 group: 7895 description: group to map volume access to 7896 Default is no group 7897 type: string 7898 readOnly: 7899 description: readOnly here will force the 7900 Quobyte volume to be mounted with read-only 7901 permissions. Defaults to false. 7902 type: boolean 7903 registry: 7904 description: registry represents a single 7905 or multiple Quobyte Registry services specified 7906 as a string as host:port pair (multiple 7907 entries are separated with commas) which 7908 acts as the central registry for volumes 7909 type: string 7910 tenant: 7911 description: tenant owning the given Quobyte 7912 volume in the Backend Used with dynamically 7913 provisioned Quobyte volumes, value is set 7914 by the plugin 7915 type: string 7916 user: 7917 description: user to map volume access to 7918 Defaults to serivceaccount user 7919 type: string 7920 volume: 7921 description: volume is a string that references 7922 an already created Quobyte volume by name. 7923 type: string 7924 required: 7925 - registry 7926 - volume 7927 type: object 7928 rbd: 7929 description: 'rbd represents a Rados Block Device 7930 mount on the host that shares a pod''s lifetime. 7931 More info: https://examples.k8s.io/volumes/rbd/README.md' 7932 properties: 7933 fsType: 7934 description: 'fsType is the filesystem type 7935 of the volume that you want to mount. Tip: 7936 Ensure that the filesystem type is supported 7937 by the host operating system. Examples: 7938 "ext4", "xfs", "ntfs". Implicitly inferred 7939 to be "ext4" if unspecified. More info: 7940 https://kubernetes.io/docs/concepts/storage/volumes#rbd 7941 TODO: how do we prevent errors in the filesystem 7942 from compromising the machine' 7943 type: string 7944 image: 7945 description: 'image is the rados image name. 7946 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7947 type: string 7948 keyring: 7949 description: 'keyring is the path to key ring 7950 for RBDUser. Default is /etc/ceph/keyring. 7951 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7952 type: string 7953 monitors: 7954 description: 'monitors is a collection of 7955 Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7956 items: 7957 type: string 7958 type: array 7959 pool: 7960 description: 'pool is the rados pool name. 7961 Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7962 type: string 7963 readOnly: 7964 description: 'readOnly here will force the 7965 ReadOnly setting in VolumeMounts. Defaults 7966 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7967 type: boolean 7968 secretRef: 7969 description: 'secretRef is name of the authentication 7970 secret for RBDUser. If provided overrides 7971 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7972 properties: 7973 name: 7974 description: 'Name of the referent. More 7975 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7976 TODO: Add other useful fields. apiVersion, 7977 kind, uid?' 7978 type: string 7979 type: object 7980 x-kubernetes-map-type: atomic 7981 user: 7982 description: 'user is the rados user name. 7983 Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 7984 type: string 7985 required: 7986 - image 7987 - monitors 7988 type: object 7989 scaleIO: 7990 description: scaleIO represents a ScaleIO persistent 7991 volume attached and mounted on Kubernetes nodes. 7992 properties: 7993 fsType: 7994 description: fsType is the filesystem type 7995 to mount. Must be a filesystem type supported 7996 by the host operating system. Ex. "ext4", 7997 "xfs", "ntfs". Default is "xfs". 7998 type: string 7999 gateway: 8000 description: gateway is the host address of 8001 the ScaleIO API Gateway. 8002 type: string 8003 protectionDomain: 8004 description: protectionDomain is the name 8005 of the ScaleIO Protection Domain for the 8006 configured storage. 8007 type: string 8008 readOnly: 8009 description: readOnly Defaults to false (read/write). 8010 ReadOnly here will force the ReadOnly setting 8011 in VolumeMounts. 8012 type: boolean 8013 secretRef: 8014 description: secretRef references to the secret 8015 for ScaleIO user and other sensitive information. 8016 If this is not provided, Login operation 8017 will fail. 8018 properties: 8019 name: 8020 description: 'Name of the referent. More 8021 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8022 TODO: Add other useful fields. apiVersion, 8023 kind, uid?' 8024 type: string 8025 type: object 8026 x-kubernetes-map-type: atomic 8027 sslEnabled: 8028 description: sslEnabled Flag enable/disable 8029 SSL communication with Gateway, default 8030 false 8031 type: boolean 8032 storageMode: 8033 description: storageMode indicates whether 8034 the storage for a volume should be ThickProvisioned 8035 or ThinProvisioned. Default is ThinProvisioned. 8036 type: string 8037 storagePool: 8038 description: storagePool is the ScaleIO Storage 8039 Pool associated with the protection domain. 8040 type: string 8041 system: 8042 description: system is the name of the storage 8043 system as configured in ScaleIO. 8044 type: string 8045 volumeName: 8046 description: volumeName is the name of a volume 8047 already created in the ScaleIO system that 8048 is associated with this volume source. 8049 type: string 8050 required: 8051 - gateway 8052 - secretRef 8053 - system 8054 type: object 8055 secret: 8056 description: 'secret represents a secret that 8057 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8058 properties: 8059 defaultMode: 8060 description: 'defaultMode is Optional: mode 8061 bits used to set permissions on created 8062 files by default. Must be an octal value 8063 between 0000 and 0777 or a decimal value 8064 between 0 and 511. YAML accepts both octal 8065 and decimal values, JSON requires decimal 8066 values for mode bits. Defaults to 0644. 8067 Directories within the path are not affected 8068 by this setting.' 8069 format: int32 8070 type: integer 8071 items: 8072 description: items If unspecified, each key-value 8073 pair in the Data field of the referenced 8074 Secret will be projected into the volume 8075 as a file whose name is the key and content 8076 is the value. If specified, the listed keys 8077 will be projected into the specified paths, 8078 and unlisted keys will not be present. 8079 items: 8080 description: Maps a string key to a path 8081 within a volume. 8082 properties: 8083 key: 8084 description: key is the key to project. 8085 type: string 8086 mode: 8087 description: 'mode is Optional: mode 8088 bits used to set permissions on this 8089 file. Must be an octal value between 8090 0000 and 0777 or a decimal value between 8091 0 and 511. YAML accepts both octal 8092 and decimal values, JSON requires 8093 decimal values for mode bits. If not 8094 specified, the volume defaultMode 8095 will be used.' 8096 format: int32 8097 type: integer 8098 path: 8099 description: path is the relative path 8100 of the file to map the key to. May 8101 not be an absolute path. May not contain 8102 the path element '..'. May not start 8103 with the string '..'. 8104 type: string 8105 required: 8106 - key 8107 - path 8108 type: object 8109 type: array 8110 optional: 8111 description: optional field specify whether 8112 the Secret or its keys must be defined 8113 type: boolean 8114 secretName: 8115 description: 'secretName is the name of the 8116 secret in the pod''s namespace to use. More 8117 info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8118 type: string 8119 type: object 8120 storageos: 8121 description: storageOS represents a StorageOS 8122 volume attached and mounted on Kubernetes nodes. 8123 properties: 8124 fsType: 8125 description: fsType is the filesystem type 8126 to mount. Must be a filesystem type supported 8127 by the host operating system. Ex. "ext4", 8128 "xfs", "ntfs". Implicitly inferred to be 8129 "ext4" if unspecified. 8130 type: string 8131 readOnly: 8132 description: readOnly defaults to false (read/write). 8133 ReadOnly here will force the ReadOnly setting 8134 in VolumeMounts. 8135 type: boolean 8136 secretRef: 8137 description: secretRef specifies the secret 8138 to use for obtaining the StorageOS API credentials. If 8139 not specified, default values will be attempted. 8140 properties: 8141 name: 8142 description: 'Name of the referent. More 8143 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8144 TODO: Add other useful fields. apiVersion, 8145 kind, uid?' 8146 type: string 8147 type: object 8148 x-kubernetes-map-type: atomic 8149 volumeName: 8150 description: volumeName is the human-readable 8151 name of the StorageOS volume. Volume names 8152 are only unique within a namespace. 8153 type: string 8154 volumeNamespace: 8155 description: volumeNamespace specifies the 8156 scope of the volume within StorageOS. If 8157 no namespace is specified then the Pod's 8158 namespace will be used. This allows the 8159 Kubernetes name scoping to be mirrored within 8160 StorageOS for tighter integration. Set VolumeName 8161 to any name to override the default behaviour. 8162 Set to "default" if you are not using namespaces 8163 within StorageOS. 8164 type: string 8165 type: object 8166 vsphereVolume: 8167 description: vsphereVolume represents a vSphere 8168 volume attached and mounted on kubelets host 8169 machine 8170 properties: 8171 fsType: 8172 description: fsType is filesystem type to 8173 mount. Must be a filesystem type supported 8174 by the host operating system. Ex. "ext4", 8175 "xfs", "ntfs". Implicitly inferred to be 8176 "ext4" if unspecified. 8177 type: string 8178 storagePolicyID: 8179 description: storagePolicyID is the storage 8180 Policy Based Management (SPBM) profile ID 8181 associated with the StoragePolicyName. 8182 type: string 8183 storagePolicyName: 8184 description: storagePolicyName is the storage 8185 Policy Based Management (SPBM) profile name. 8186 type: string 8187 volumePath: 8188 description: volumePath is the path that identifies 8189 vSphere volume vmdk 8190 type: string 8191 required: 8192 - volumePath 8193 type: object 8194 required: 8195 - name 8196 type: object 8197 type: array 8198 required: 8199 - containers 8200 type: object 8201 type: object 8202 type: object 8203 description: 'A map of PyTorchReplicaType (type) to ReplicaSpec (value). 8204 Specifies the PyTorch cluster configuration. For example, { "Master": 8205 PyTorchReplicaSpec, "Worker": PyTorchReplicaSpec, }' 8206 type: object 8207 runPolicy: 8208 description: RunPolicy encapsulates various runtime policies of the 8209 distributed training job, for example how to clean up resources 8210 and how long the job can stay active. 8211 properties: 8212 activeDeadlineSeconds: 8213 description: Specifies the duration in seconds relative to the 8214 startTime that the job may be active before the system tries 8215 to terminate it; value must be positive integer. 8216 format: int64 8217 type: integer 8218 backoffLimit: 8219 description: Optional number of retries before marking this job 8220 failed. 8221 format: int32 8222 type: integer 8223 cleanPodPolicy: 8224 description: CleanPodPolicy defines the policy to kill pods after 8225 the job completes. Default to None. 8226 type: string 8227 schedulingPolicy: 8228 description: SchedulingPolicy defines the policy related to scheduling, 8229 e.g. gang-scheduling 8230 properties: 8231 minAvailable: 8232 format: int32 8233 type: integer 8234 minResources: 8235 additionalProperties: 8236 anyOf: 8237 - type: integer 8238 - type: string 8239 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8240 x-kubernetes-int-or-string: true 8241 type: object 8242 priorityClass: 8243 type: string 8244 queue: 8245 type: string 8246 scheduleTimeoutSeconds: 8247 format: int32 8248 type: integer 8249 type: object 8250 suspend: 8251 default: false 8252 description: suspend specifies whether the Job controller should 8253 create Pods or not. If a Job is created with suspend set to 8254 true, no Pods are created by the Job controller. If a Job is 8255 suspended after creation (i.e. the flag goes from false to true), 8256 the Job controller will delete all active Pods and PodGroups 8257 associated with this Job. Users must design their workload to 8258 gracefully handle this. 8259 type: boolean 8260 ttlSecondsAfterFinished: 8261 description: TTLSecondsAfterFinished is the TTL to clean up jobs. 8262 It may take extra ReconcilePeriod seconds for the cleanup, since 8263 reconcile gets called periodically. Default to infinite. 8264 format: int32 8265 type: integer 8266 type: object 8267 required: 8268 - pytorchReplicaSpecs 8269 type: object 8270 status: 8271 description: Most recently observed status of the PyTorchJob. Read-only 8272 (modified by the system). 8273 properties: 8274 completionTime: 8275 description: Represents time when the job was completed. It is not 8276 guaranteed to be set in happens-before order across separate operations. 8277 It is represented in RFC3339 form and is in UTC. 8278 format: date-time 8279 type: string 8280 conditions: 8281 description: Conditions is an array of current observed job conditions. 8282 items: 8283 description: JobCondition describes the state of the job at a certain 8284 point. 8285 properties: 8286 lastTransitionTime: 8287 description: Last time the condition transitioned from one status 8288 to another. 8289 format: date-time 8290 type: string 8291 lastUpdateTime: 8292 description: The last time this condition was updated. 8293 format: date-time 8294 type: string 8295 message: 8296 description: A human readable message indicating details about 8297 the transition. 8298 type: string 8299 reason: 8300 description: The reason for the condition's last transition. 8301 type: string 8302 status: 8303 description: Status of the condition, one of True, False, Unknown. 8304 type: string 8305 type: 8306 description: Type of job condition. 8307 type: string 8308 required: 8309 - status 8310 - type 8311 type: object 8312 type: array 8313 lastReconcileTime: 8314 description: Represents last time when the job was reconciled. It 8315 is not guaranteed to be set in happens-before order across separate 8316 operations. It is represented in RFC3339 form and is in UTC. 8317 format: date-time 8318 type: string 8319 replicaStatuses: 8320 additionalProperties: 8321 description: ReplicaStatus represents the current observed state 8322 of the replica. 8323 properties: 8324 active: 8325 description: The number of actively running pods. 8326 format: int32 8327 type: integer 8328 failed: 8329 description: The number of pods which reached phase Failed. 8330 format: int32 8331 type: integer 8332 labelSelector: 8333 description: 'Deprecated: Use Selector instead' 8334 properties: 8335 matchExpressions: 8336 description: matchExpressions is a list of label selector 8337 requirements. The requirements are ANDed. 8338 items: 8339 description: A label selector requirement is a selector 8340 that contains values, a key, and an operator that relates 8341 the key and values. 8342 properties: 8343 key: 8344 description: key is the label key that the selector 8345 applies to. 8346 type: string 8347 operator: 8348 description: operator represents a key's relationship 8349 to a set of values. Valid operators are In, NotIn, 8350 Exists and DoesNotExist. 8351 type: string 8352 values: 8353 description: values is an array of string values. 8354 If the operator is In or NotIn, the values array 8355 must be non-empty. If the operator is Exists or 8356 DoesNotExist, the values array must be empty. This 8357 array is replaced during a strategic merge patch. 8358 items: 8359 type: string 8360 type: array 8361 required: 8362 - key 8363 - operator 8364 type: object 8365 type: array 8366 matchLabels: 8367 additionalProperties: 8368 type: string 8369 description: matchLabels is a map of {key,value} pairs. 8370 A single {key,value} in the matchLabels map is equivalent 8371 to an element of matchExpressions, whose key field is 8372 "key", the operator is "In", and the values array contains 8373 only "value". The requirements are ANDed. 8374 type: object 8375 type: object 8376 x-kubernetes-map-type: atomic 8377 selector: 8378 description: A Selector is a label query over a set of resources. 8379 The result of matchLabels and matchExpressions are ANDed. 8380 An empty Selector matches all objects. A null Selector matches 8381 no objects. 8382 type: string 8383 succeeded: 8384 description: The number of pods which reached phase Succeeded. 8385 format: int32 8386 type: integer 8387 type: object 8388 description: ReplicaStatuses is map of ReplicaType and ReplicaStatus, 8389 specifies the status of each replica. 8390 type: object 8391 startTime: 8392 description: Represents time when the job was acknowledged by the 8393 job controller. It is not guaranteed to be set in happens-before 8394 order across separate operations. It is represented in RFC3339 form 8395 and is in UTC. 8396 format: date-time 8397 type: string 8398 type: object 8399 type: object 8400 served: true 8401 storage: true 8402 subresources: 8403 scale: 8404 labelSelectorPath: .status.replicaStatuses.Worker.selector 8405 specReplicasPath: .spec.pytorchReplicaSpecs.Worker.replicas 8406 statusReplicasPath: .status.replicaStatuses.Worker.active 8407 status: {}