github.com/oam-dev/kubevela@v1.9.11/pkg/velaql/providers/query/testdata/machinelearning.seldon.io_seldondeployments.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 6 controller-gen.kubebuilder.io/version: v0.4.1 7 creationTimestamp: null 8 labels: 9 app: seldon 10 app.kubernetes.io/instance: seldon1 11 app.kubernetes.io/name: seldon 12 app.kubernetes.io/version: v0.5 13 name: seldondeployments.machinelearning.seldon.io 14 spec: 15 group: machinelearning.seldon.io 16 names: 17 kind: SeldonDeployment 18 listKind: SeldonDeploymentList 19 plural: seldondeployments 20 shortNames: 21 - sdep 22 singular: seldondeployment 23 scope: Namespaced 24 versions: 25 - name: v1 26 schema: 27 openAPIV3Schema: 28 description: SeldonDeployment is the Schema for the seldondeployments API 29 properties: 30 apiVersion: 31 description: 'APIVersion defines the versioned schema of this representation 32 of an object. Servers should convert recognized schemas to the latest 33 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 34 type: string 35 kind: 36 description: 'Kind is a string value representing the REST resource this 37 object represents. Servers may infer this from the endpoint the client 38 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 39 type: string 40 metadata: 41 type: object 42 spec: 43 description: SeldonDeploymentSpec defines the desired state of SeldonDeployment 44 properties: 45 annotations: 46 additionalProperties: 47 type: string 48 type: object 49 name: 50 description: Name is Deprecated will be removed in future 51 type: string 52 oauth_key: 53 type: string 54 oauth_secret: 55 type: string 56 predictors: 57 items: 58 properties: 59 annotations: 60 additionalProperties: 61 type: string 62 type: object 63 componentSpecs: 64 items: 65 properties: 66 hpaSpec: 67 properties: 68 maxReplicas: 69 format: int32 70 type: integer 71 metrics: 72 items: 73 description: MetricSpec specifies how to scale based 74 on a single metric (only `type` and one other 75 matching field should be set at once). 76 properties: 77 containerResource: 78 description: container resource refers to a 79 resource metric (such as those specified in 80 requests and limits) known to Kubernetes describing 81 a single container in each pod of the current 82 scale target (e.g. CPU or memory). Such metrics 83 are built in to Kubernetes, and have special 84 scaling options on top of those available 85 to normal per-pod metrics using the "pods" 86 source. This is an alpha feature and can be 87 enabled by the HPAContainerMetrics feature 88 flag. 89 properties: 90 container: 91 description: container is the name of the 92 container in the pods of the scaling target 93 type: string 94 name: 95 description: name is the name of the resource 96 in question. 97 type: string 98 targetAverageUtilization: 99 description: targetAverageUtilization is 100 the target value of the average of the 101 resource metric across all relevant pods, 102 represented as a percentage of the requested 103 value of the resource for the pods. 104 format: int32 105 type: integer 106 targetAverageValue: 107 anyOf: 108 - type: integer 109 - type: string 110 description: targetAverageValue is the target 111 value of the average of the resource metric 112 across all relevant pods, as a raw value 113 (instead of as a percentage of the request), 114 similar to the "pods" metric source type. 115 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 116 x-kubernetes-int-or-string: true 117 required: 118 - container 119 - name 120 type: object 121 external: 122 description: external refers to a global metric 123 that is not associated with any Kubernetes 124 object. It allows autoscaling based on information 125 coming from components running outside of 126 cluster (for example length of queue in cloud 127 messaging service, or QPS from loadbalancer 128 running outside of cluster). 129 properties: 130 metricName: 131 description: metricName is the name of the 132 metric in question. 133 type: string 134 metricSelector: 135 description: metricSelector is used to identify 136 a specific time series within a given 137 metric. 138 properties: 139 matchExpressions: 140 description: matchExpressions is a list 141 of label selector requirements. The 142 requirements are ANDed. 143 items: 144 description: A label selector requirement 145 is a selector that contains values, 146 a key, and an operator that relates 147 the key and values. 148 properties: 149 key: 150 description: key is the label 151 key that the selector applies 152 to. 153 type: string 154 operator: 155 description: operator represents 156 a key's relationship to a set 157 of values. Valid operators are 158 In, NotIn, Exists and DoesNotExist. 159 type: string 160 values: 161 description: values is an array 162 of string values. If the operator 163 is In or NotIn, the values array 164 must be non-empty. If the operator 165 is Exists or DoesNotExist, the 166 values array must be empty. 167 This array is replaced during 168 a strategic merge patch. 169 items: 170 type: string 171 type: array 172 required: 173 - key 174 - operator 175 type: object 176 type: array 177 matchLabels: 178 additionalProperties: 179 type: string 180 description: matchLabels is a map of 181 {key,value} pairs. A single {key,value} 182 in the matchLabels map is equivalent 183 to an element of matchExpressions, 184 whose key field is "key", the operator 185 is "In", and the values array contains 186 only "value". The requirements are 187 ANDed. 188 type: object 189 type: object 190 targetAverageValue: 191 anyOf: 192 - type: integer 193 - type: string 194 description: targetAverageValue is the target 195 per-pod value of global metric (as a quantity). 196 Mutually exclusive with TargetValue. 197 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 198 x-kubernetes-int-or-string: true 199 targetValue: 200 anyOf: 201 - type: integer 202 - type: string 203 description: targetValue is the target value 204 of the metric (as a quantity). Mutually 205 exclusive with TargetAverageValue. 206 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 207 x-kubernetes-int-or-string: true 208 required: 209 - metricName 210 type: object 211 object: 212 description: object refers to a metric describing 213 a single kubernetes object (for example, hits-per-second 214 on an Ingress object). 215 properties: 216 averageValue: 217 anyOf: 218 - type: integer 219 - type: string 220 description: averageValue is the target 221 value of the average of the metric across 222 all relevant pods (as a quantity) 223 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 224 x-kubernetes-int-or-string: true 225 metricName: 226 description: metricName is the name of the 227 metric in question. 228 type: string 229 selector: 230 description: selector is the string-encoded 231 form of a standard kubernetes label selector 232 for the given metric When set, it is passed 233 as an additional parameter to the metrics 234 server for more specific metrics scoping 235 When unset, just the metricName will be 236 used to gather metrics. 237 properties: 238 matchExpressions: 239 description: matchExpressions is a list 240 of label selector requirements. The 241 requirements are ANDed. 242 items: 243 description: A label selector requirement 244 is a selector that contains values, 245 a key, and an operator that relates 246 the key and values. 247 properties: 248 key: 249 description: key is the label 250 key that the selector applies 251 to. 252 type: string 253 operator: 254 description: operator represents 255 a key's relationship to a set 256 of values. Valid operators are 257 In, NotIn, Exists and DoesNotExist. 258 type: string 259 values: 260 description: values is an array 261 of string values. If the operator 262 is In or NotIn, the values array 263 must be non-empty. If the operator 264 is Exists or DoesNotExist, the 265 values array must be empty. 266 This array is replaced during 267 a strategic merge patch. 268 items: 269 type: string 270 type: array 271 required: 272 - key 273 - operator 274 type: object 275 type: array 276 matchLabels: 277 additionalProperties: 278 type: string 279 description: matchLabels is a map of 280 {key,value} pairs. A single {key,value} 281 in the matchLabels map is equivalent 282 to an element of matchExpressions, 283 whose key field is "key", the operator 284 is "In", and the values array contains 285 only "value". The requirements are 286 ANDed. 287 type: object 288 type: object 289 target: 290 description: target is the described Kubernetes 291 object. 292 properties: 293 apiVersion: 294 description: API version of the referent 295 type: string 296 kind: 297 description: 'Kind of the referent; 298 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' 299 type: string 300 name: 301 description: 'Name of the referent; 302 More info: http://kubernetes.io/docs/user-guide/identifiers#names' 303 type: string 304 required: 305 - kind 306 - name 307 type: object 308 targetValue: 309 anyOf: 310 - type: integer 311 - type: string 312 description: targetValue is the target value 313 of the metric (as a quantity). 314 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 315 x-kubernetes-int-or-string: true 316 required: 317 - metricName 318 - target 319 - targetValue 320 type: object 321 pods: 322 description: pods refers to a metric describing 323 each pod in the current scale target (for 324 example, transactions-processed-per-second). The 325 values will be averaged together before being 326 compared to the target value. 327 properties: 328 metricName: 329 description: metricName is the name of the 330 metric in question 331 type: string 332 selector: 333 description: selector is the string-encoded 334 form of a standard kubernetes label selector 335 for the given metric When set, it is passed 336 as an additional parameter to the metrics 337 server for more specific metrics scoping 338 When unset, just the metricName will be 339 used to gather metrics. 340 properties: 341 matchExpressions: 342 description: matchExpressions is a list 343 of label selector requirements. The 344 requirements are ANDed. 345 items: 346 description: A label selector requirement 347 is a selector that contains values, 348 a key, and an operator that relates 349 the key and values. 350 properties: 351 key: 352 description: key is the label 353 key that the selector applies 354 to. 355 type: string 356 operator: 357 description: operator represents 358 a key's relationship to a set 359 of values. Valid operators are 360 In, NotIn, Exists and DoesNotExist. 361 type: string 362 values: 363 description: values is an array 364 of string values. If the operator 365 is In or NotIn, the values array 366 must be non-empty. If the operator 367 is Exists or DoesNotExist, the 368 values array must be empty. 369 This array is replaced during 370 a strategic merge patch. 371 items: 372 type: string 373 type: array 374 required: 375 - key 376 - operator 377 type: object 378 type: array 379 matchLabels: 380 additionalProperties: 381 type: string 382 description: matchLabels is a map of 383 {key,value} pairs. A single {key,value} 384 in the matchLabels map is equivalent 385 to an element of matchExpressions, 386 whose key field is "key", the operator 387 is "In", and the values array contains 388 only "value". The requirements are 389 ANDed. 390 type: object 391 type: object 392 targetAverageValue: 393 anyOf: 394 - type: integer 395 - type: string 396 description: targetAverageValue is the target 397 value of the average of the metric across 398 all relevant pods (as a quantity) 399 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 400 x-kubernetes-int-or-string: true 401 required: 402 - metricName 403 - targetAverageValue 404 type: object 405 resource: 406 description: resource refers to a resource metric 407 (such as those specified in requests and limits) 408 known to Kubernetes describing each pod in 409 the current scale target (e.g. CPU or memory). 410 Such metrics are built in to Kubernetes, and 411 have special scaling options on top of those 412 available to normal per-pod metrics using 413 the "pods" source. 414 properties: 415 name: 416 description: name is the name of the resource 417 in question. 418 type: string 419 targetAverageUtilization: 420 description: targetAverageUtilization is 421 the target value of the average of the 422 resource metric across all relevant pods, 423 represented as a percentage of the requested 424 value of the resource for the pods. 425 format: int32 426 type: integer 427 targetAverageValue: 428 anyOf: 429 - type: integer 430 - type: string 431 description: targetAverageValue is the target 432 value of the average of the resource metric 433 across all relevant pods, as a raw value 434 (instead of as a percentage of the request), 435 similar to the "pods" metric source type. 436 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 437 x-kubernetes-int-or-string: true 438 required: 439 - name 440 type: object 441 type: 442 description: 'type is the type of metric source. It 443 should be one of "ContainerResource", "External", 444 "Object", "Pods" or "Resource", each mapping 445 to a matching field in the object. Note: "ContainerResource" 446 type is available on when the feature-gate 447 HPAContainerMetrics is enabled' 448 type: string 449 required: 450 - type 451 type: object 452 type: array 453 minReplicas: 454 format: int32 455 type: integer 456 required: 457 - maxReplicas 458 type: object 459 kedaSpec: 460 description: SeldonScaledObjectSpec is the spec for a 461 KEDA ScaledObject resource 462 properties: 463 advanced: 464 description: AdvancedConfig specifies advance scaling 465 options 466 properties: 467 horizontalPodAutoscalerConfig: 468 description: HorizontalPodAutoscalerConfig specifies 469 horizontal scale config 470 properties: 471 behavior: 472 description: HorizontalPodAutoscalerBehavior 473 configures the scaling behavior of the target 474 in both Up and Down directions (scaleUp 475 and scaleDown fields respectively). 476 properties: 477 scaleDown: 478 description: scaleDown is scaling policy 479 for scaling Down. If not set, the default 480 value is to allow to scale down to minReplicas 481 pods, with a 300 second stabilization 482 window (i.e., the highest recommendation 483 for the last 300sec is used). 484 properties: 485 policies: 486 description: policies is a list of 487 potential scaling polices which 488 can be used during scaling. At least 489 one policy must be specified, otherwise 490 the HPAScalingRules will be discarded 491 as invalid 492 items: 493 description: HPAScalingPolicy is 494 a single policy which must hold 495 true for a specified past interval. 496 properties: 497 periodSeconds: 498 description: PeriodSeconds specifies 499 the window of time for which 500 the policy should hold true. 501 PeriodSeconds must be greater 502 than zero and less than or 503 equal to 1800 (30 min). 504 format: int32 505 type: integer 506 type: 507 description: Type is used to 508 specify the scaling policy. 509 type: string 510 value: 511 description: Value contains 512 the amount of change which 513 is permitted by the policy. 514 It must be greater than zero 515 format: int32 516 type: integer 517 required: 518 - periodSeconds 519 - type 520 - value 521 type: object 522 type: array 523 selectPolicy: 524 description: selectPolicy is used 525 to specify which policy should be 526 used. If not set, the default value 527 MaxPolicySelect is used. 528 type: string 529 stabilizationWindowSeconds: 530 description: 'StabilizationWindowSeconds 531 is the number of seconds for which 532 past recommendations should be considered 533 while scaling up or scaling down. 534 StabilizationWindowSeconds must 535 be greater than or equal to zero 536 and less than or equal to 3600 (one 537 hour). If not set, use the default 538 values: - For scale up: 0 (i.e. 539 no stabilization is done). - For 540 scale down: 300 (i.e. the stabilization 541 window is 300 seconds long).' 542 format: int32 543 type: integer 544 type: object 545 scaleUp: 546 description: 'scaleUp is scaling policy 547 for scaling Up. If not set, the default 548 value is the higher of: * increase 549 no more than 4 pods per 60 seconds * 550 double the number of pods per 60 seconds 551 No stabilization is used.' 552 properties: 553 policies: 554 description: policies is a list of 555 potential scaling polices which 556 can be used during scaling. At least 557 one policy must be specified, otherwise 558 the HPAScalingRules will be discarded 559 as invalid 560 items: 561 description: HPAScalingPolicy is 562 a single policy which must hold 563 true for a specified past interval. 564 properties: 565 periodSeconds: 566 description: PeriodSeconds specifies 567 the window of time for which 568 the policy should hold true. 569 PeriodSeconds must be greater 570 than zero and less than or 571 equal to 1800 (30 min). 572 format: int32 573 type: integer 574 type: 575 description: Type is used to 576 specify the scaling policy. 577 type: string 578 value: 579 description: Value contains 580 the amount of change which 581 is permitted by the policy. 582 It must be greater than zero 583 format: int32 584 type: integer 585 required: 586 - periodSeconds 587 - type 588 - value 589 type: object 590 type: array 591 selectPolicy: 592 description: selectPolicy is used 593 to specify which policy should be 594 used. If not set, the default value 595 MaxPolicySelect is used. 596 type: string 597 stabilizationWindowSeconds: 598 description: 'StabilizationWindowSeconds 599 is the number of seconds for which 600 past recommendations should be considered 601 while scaling up or scaling down. 602 StabilizationWindowSeconds must 603 be greater than or equal to zero 604 and less than or equal to 3600 (one 605 hour). If not set, use the default 606 values: - For scale up: 0 (i.e. 607 no stabilization is done). - For 608 scale down: 300 (i.e. the stabilization 609 window is 300 seconds long).' 610 format: int32 611 type: integer 612 type: object 613 type: object 614 resourceMetrics: 615 items: 616 description: ResourceMetricSource indicates 617 how to scale on a resource metric known 618 to Kubernetes, as specified in requests 619 and limits, describing each pod in the 620 current scale target (e.g. CPU or memory). The 621 values will be averaged together before 622 being compared to the target. Such metrics 623 are built in to Kubernetes, and have special 624 scaling options on top of those available 625 to normal per-pod metrics using the "pods" 626 source. Only one "target" type should 627 be set. 628 properties: 629 name: 630 description: name is the name of the 631 resource in question. 632 type: string 633 target: 634 description: target specifies the target 635 value for the given metric 636 properties: 637 averageUtilization: 638 description: averageUtilization 639 is the target value of the average 640 of the resource metric across 641 all relevant pods, represented 642 as a percentage of the requested 643 value of the resource for the 644 pods. Currently only valid for 645 Resource metric source type 646 format: int32 647 type: integer 648 averageValue: 649 anyOf: 650 - type: integer 651 - type: string 652 description: averageValue is the 653 target value of the average of 654 the metric across all relevant 655 pods (as a quantity) 656 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 657 x-kubernetes-int-or-string: true 658 type: 659 description: type represents whether 660 the metric type is Utilization, 661 Value, or AverageValue 662 type: string 663 value: 664 anyOf: 665 - type: integer 666 - type: string 667 description: value is the target 668 value of the metric (as a quantity). 669 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 670 x-kubernetes-int-or-string: true 671 required: 672 - type 673 type: object 674 required: 675 - name 676 - target 677 type: object 678 type: array 679 type: object 680 restoreToOriginalReplicaCount: 681 type: boolean 682 type: object 683 cooldownPeriod: 684 format: int32 685 type: integer 686 maxReplicaCount: 687 format: int32 688 type: integer 689 minReplicaCount: 690 format: int32 691 type: integer 692 pollingInterval: 693 format: int32 694 type: integer 695 triggers: 696 items: 697 description: ScaleTriggers reference the scaler 698 that will be used 699 properties: 700 authenticationRef: 701 description: ScaledObjectAuthRef points to the 702 TriggerAuthentication object that is used 703 to authenticate the scaler with the environment 704 properties: 705 name: 706 type: string 707 required: 708 - name 709 type: object 710 metadata: 711 additionalProperties: 712 type: string 713 type: object 714 name: 715 type: string 716 type: 717 type: string 718 required: 719 - metadata 720 - type 721 type: object 722 type: array 723 required: 724 - triggers 725 type: object 726 metadata: 727 description: 'ObjectMeta is a copy of the "k8s.io/apimachinery/pkg/apis/meta/v1" 728 ObjectMeta. We copy it for 2 reasons: * to be included 729 in the structural schema of the CRD. * to edit the CreationTimestamp 730 to be nullable and a pointer to metav1.Time instead 731 of a struct which allows better serialization. * remove 732 ManagedFields which contain unsupported "Any" type.' 733 properties: 734 annotations: 735 additionalProperties: 736 type: string 737 description: 'Annotations is an unstructured key value 738 map stored with a resource that may be set by external 739 tools to store and retrieve arbitrary metadata. 740 They are not queryable and should be preserved when 741 modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 742 type: object 743 clusterName: 744 description: The name of the cluster which the object 745 belongs to. This is used to distinguish resources 746 with same name and namespace in different clusters. 747 This field is not set anywhere right now and apiserver 748 is going to ignore it if set in create or update 749 request. 750 type: string 751 creationTimestamp: 752 description: "CreationTimestamp is a timestamp representing 753 the server time when this object was created. It 754 is not guaranteed to be set in happens-before order 755 across separate operations. Clients may not set 756 this value. It is represented in RFC3339 form and 757 is in UTC. \n Populated by the system. Read-only. 758 Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" 759 format: date-time 760 nullable: true 761 type: string 762 deletionGracePeriodSeconds: 763 description: Number of seconds allowed for this object 764 to gracefully terminate before it will be removed 765 from the system. Only set when deletionTimestamp 766 is also set. May only be shortened. Read-only. 767 format: int64 768 type: integer 769 deletionTimestamp: 770 description: "DeletionTimestamp is RFC 3339 date and 771 time at which this resource will be deleted. This 772 field is set by the server when a graceful deletion 773 is requested by the user, and is not directly settable 774 by a client. The resource is expected to be deleted 775 (no longer visible from resource lists, and not 776 reachable by name) after the time in this field, 777 once the finalizers list is empty. As long as the 778 finalizers list contains items, deletion is blocked. 779 Once the deletionTimestamp is set, this value may 780 not be unset or be set further into the future, 781 although it may be shortened or the resource may 782 be deleted prior to this time. For example, a user 783 may request that a pod is deleted in 30 seconds. 784 The Kubelet will react by sending a graceful termination 785 signal to the containers in the pod. After that 786 30 seconds, the Kubelet will send a hard termination 787 signal (SIGKILL) to the container and after cleanup, 788 remove the pod from the API. In the presence of 789 network partitions, this object may still exist 790 after this timestamp, until an administrator or 791 automated process can determine the resource is 792 fully terminated. If not set, graceful deletion 793 of the object has not been requested. \n Populated 794 by the system when a graceful deletion is requested. 795 Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" 796 format: date-time 797 type: string 798 finalizers: 799 description: Must be empty before the object is deleted 800 from the registry. Each entry is an identifier for 801 the responsible component that will remove the entry 802 from the list. If the deletionTimestamp of the object 803 is non-nil, entries in this list can only be removed. 804 Finalizers may be processed and removed in any order. Order 805 is NOT enforced because it introduces significant 806 risk of stuck finalizers. finalizers is a shared 807 field, any actor with permission can reorder it. 808 If the finalizer list is processed in order, then 809 this can lead to a situation in which the component 810 responsible for the first finalizer in the list 811 is waiting for a signal (field value, external system, 812 or other) produced by a component responsible for 813 a finalizer later in the list, resulting in a deadlock. 814 Without enforced ordering finalizers are free to 815 order amongst themselves and are not vulnerable 816 to ordering changes in the list. 817 items: 818 type: string 819 type: array 820 generateName: 821 description: "GenerateName is an optional prefix, 822 used by the server, to generate a unique name ONLY 823 IF the Name field has not been provided. If this 824 field is used, the name returned to the client will 825 be different than the name passed. This value will 826 also be combined with a unique suffix. The provided 827 value has the same validation rules as the Name 828 field, and may be truncated by the length of the 829 suffix required to make the value unique on the 830 server. \n If this field is specified and the generated 831 name exists, the server will NOT return a 409 - 832 instead, it will either return 201 Created or 500 833 with Reason ServerTimeout indicating a unique name 834 could not be found in the time allotted, and the 835 client should retry (optionally after the time indicated 836 in the Retry-After header). \n Applied only if Name 837 is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" 838 type: string 839 generation: 840 description: A sequence number representing a specific 841 generation of the desired state. Populated by the 842 system. Read-only. 843 format: int64 844 type: integer 845 labels: 846 additionalProperties: 847 type: string 848 description: 'Map of string keys and values that can 849 be used to organize and categorize (scope and select) 850 objects. May match selectors of replication controllers 851 and services. More info: http://kubernetes.io/docs/user-guide/labels' 852 type: object 853 name: 854 description: 'Name must be unique within a namespace. 855 Is required when creating resources, although some 856 resources may allow a client to request the generation 857 of an appropriate name automatically. Name is primarily 858 intended for creation idempotence and configuration 859 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 860 type: string 861 namespace: 862 description: "Namespace defines the space within each 863 name must be unique. An empty namespace is equivalent 864 to the \"default\" namespace, but \"default\" is 865 the canonical representation. Not all objects are 866 required to be scoped to a namespace - the value 867 of this field for those objects will be empty. \n 868 Must be a DNS_LABEL. Cannot be updated. More info: 869 http://kubernetes.io/docs/user-guide/namespaces" 870 type: string 871 ownerReferences: 872 description: List of objects depended by this object. 873 If ALL objects in the list have been deleted, this 874 object will be garbage collected. If this object 875 is managed by a controller, then an entry in this 876 list will point to this controller, with the controller 877 field set to true. There cannot be more than one 878 managing controller. 879 items: 880 description: OwnerReference contains enough information 881 to let you identify an owning object. An owning 882 object must be in the same namespace as the dependent, 883 or be cluster-scoped, so there is no namespace 884 field. 885 properties: 886 apiVersion: 887 description: API version of the referent. 888 type: string 889 blockOwnerDeletion: 890 description: If true, AND if the owner has the 891 "foregroundDeletion" finalizer, then the owner 892 cannot be deleted from the key-value store 893 until this reference is removed. Defaults 894 to false. To set this field, a user needs 895 "delete" permission of the owner, otherwise 896 422 (Unprocessable Entity) will be returned. 897 type: boolean 898 controller: 899 description: If true, this reference points 900 to the managing controller. 901 type: boolean 902 kind: 903 description: 'Kind of the referent. More info: 904 https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 905 type: string 906 name: 907 description: 'Name of the referent. More info: 908 http://kubernetes.io/docs/user-guide/identifiers#names' 909 type: string 910 uid: 911 description: 'UID of the referent. More info: 912 http://kubernetes.io/docs/user-guide/identifiers#uids' 913 type: string 914 required: 915 - apiVersion 916 - kind 917 - name 918 - uid 919 type: object 920 type: array 921 resourceVersion: 922 description: "An opaque value that represents the 923 internal version of this object that can be used 924 by clients to determine when objects have changed. 925 May be used for optimistic concurrency, change detection, 926 and the watch operation on a resource or set of 927 resources. Clients must treat these values as opaque 928 and passed unmodified back to the server. They may 929 only be valid for a particular resource or set of 930 resources. \n Populated by the system. Read-only. 931 Value must be treated as opaque by clients and . 932 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" 933 type: string 934 selfLink: 935 description: "SelfLink is a URL representing this 936 object. Populated by the system. Read-only. \n DEPRECATED 937 Kubernetes will stop propagating this field in 1.20 938 release and the field is planned to be removed in 939 1.21 release." 940 type: string 941 uid: 942 description: "UID is the unique in time and space 943 value for this object. It is typically generated 944 by the server on successful creation of a resource 945 and is not allowed to change on PUT operations. 946 \n Populated by the system. Read-only. More info: 947 http://kubernetes.io/docs/user-guide/identifiers#uids" 948 type: string 949 type: object 950 pdbSpec: 951 properties: 952 maxUnavailable: 953 anyOf: 954 - type: integer 955 - type: string 956 description: An eviction is allowed if at most "maxUnavailable" 957 pods in the deployment corresponding to a componentSpec 958 are unavailable after the eviction, i.e. even in 959 absence of the evicted pod. For example, one can 960 prevent all voluntary evictions by specifying 0. 961 MaxUnavailable and MinAvailable are mutually exclusive. 962 x-kubernetes-int-or-string: true 963 minAvailable: 964 anyOf: 965 - type: integer 966 - type: string 967 description: An eviction is allowed if at least "minAvailable" 968 pods in the deployment corresponding to a componentSpec 969 will still be available after the eviction, i.e. 970 even in the absence of the evicted pod. So for 971 example you can prevent all voluntary evictions 972 by specifying "100%". 973 x-kubernetes-int-or-string: true 974 type: object 975 replicas: 976 format: int32 977 type: integer 978 spec: 979 description: PodSpec is a description of a pod. 980 properties: 981 activeDeadlineSeconds: 982 description: Optional duration in seconds the pod 983 may be active on the node relative to StartTime 984 before the system will actively try to mark it failed 985 and kill associated containers. Value must be a 986 positive integer. 987 format: int64 988 type: integer 989 affinity: 990 description: If specified, the pod's scheduling constraints 991 properties: 992 nodeAffinity: 993 description: Describes node affinity scheduling 994 rules for the pod. 995 properties: 996 preferredDuringSchedulingIgnoredDuringExecution: 997 description: The scheduler will prefer to 998 schedule pods to nodes that satisfy the 999 affinity expressions specified by this field, 1000 but it may choose a node that violates one 1001 or more of the expressions. The node that 1002 is most preferred is the one with the greatest 1003 sum of weights, i.e. for each node that 1004 meets all of the scheduling requirements 1005 (resource request, requiredDuringScheduling 1006 affinity expressions, etc.), compute a sum 1007 by iterating through the elements of this 1008 field and adding "weight" to the sum if 1009 the node matches the corresponding matchExpressions; 1010 the node(s) with the highest sum are the 1011 most preferred. 1012 items: 1013 description: An empty preferred scheduling 1014 term matches all objects with implicit 1015 weight 0 (i.e. it's a no-op). A null preferred 1016 scheduling term matches no objects (i.e. 1017 is also a no-op). 1018 properties: 1019 preference: 1020 description: A node selector term, associated 1021 with the corresponding weight. 1022 properties: 1023 matchExpressions: 1024 description: A list of node selector 1025 requirements by node's labels. 1026 items: 1027 description: A node selector requirement 1028 is a selector that contains 1029 values, a key, and an operator 1030 that relates the key and values. 1031 properties: 1032 key: 1033 description: The label key 1034 that the selector applies 1035 to. 1036 type: string 1037 operator: 1038 description: Represents a 1039 key's relationship to a 1040 set of values. Valid operators 1041 are In, NotIn, Exists, DoesNotExist. 1042 Gt, and Lt. 1043 type: string 1044 values: 1045 description: An array of string 1046 values. If the operator 1047 is In or NotIn, the values 1048 array must be non-empty. 1049 If the operator is Exists 1050 or DoesNotExist, the values 1051 array must be empty. If 1052 the operator is Gt or Lt, 1053 the values array must have 1054 a single element, which 1055 will be interpreted as an 1056 integer. This array is replaced 1057 during a strategic merge 1058 patch. 1059 items: 1060 type: string 1061 type: array 1062 required: 1063 - key 1064 - operator 1065 type: object 1066 type: array 1067 matchFields: 1068 description: A list of node selector 1069 requirements by node's fields. 1070 items: 1071 description: A node selector requirement 1072 is a selector that contains 1073 values, a key, and an operator 1074 that relates the key and values. 1075 properties: 1076 key: 1077 description: The label key 1078 that the selector applies 1079 to. 1080 type: string 1081 operator: 1082 description: Represents a 1083 key's relationship to a 1084 set of values. Valid operators 1085 are In, NotIn, Exists, DoesNotExist. 1086 Gt, and Lt. 1087 type: string 1088 values: 1089 description: An array of string 1090 values. If the operator 1091 is In or NotIn, the values 1092 array must be non-empty. 1093 If the operator is Exists 1094 or DoesNotExist, the values 1095 array must be empty. If 1096 the operator is Gt or Lt, 1097 the values array must have 1098 a single element, which 1099 will be interpreted as an 1100 integer. This array is replaced 1101 during a strategic merge 1102 patch. 1103 items: 1104 type: string 1105 type: array 1106 required: 1107 - key 1108 - operator 1109 type: object 1110 type: array 1111 type: object 1112 weight: 1113 description: Weight associated with 1114 matching the corresponding nodeSelectorTerm, 1115 in the range 1-100. 1116 format: int32 1117 type: integer 1118 required: 1119 - preference 1120 - weight 1121 type: object 1122 type: array 1123 requiredDuringSchedulingIgnoredDuringExecution: 1124 description: If the affinity requirements 1125 specified by this field are not met at scheduling 1126 time, the pod will not be scheduled onto 1127 the node. If the affinity requirements specified 1128 by this field cease to be met at some point 1129 during pod execution (e.g. due to an update), 1130 the system may or may not try to eventually 1131 evict the pod from its node. 1132 properties: 1133 nodeSelectorTerms: 1134 description: Required. A list of node 1135 selector terms. The terms are ORed. 1136 items: 1137 description: A null or empty node selector 1138 term matches no objects. The requirements 1139 of them are ANDed. The TopologySelectorTerm 1140 type implements a subset of the NodeSelectorTerm. 1141 properties: 1142 matchExpressions: 1143 description: A list of node selector 1144 requirements by node's labels. 1145 items: 1146 description: A node selector requirement 1147 is a selector that contains 1148 values, a key, and an operator 1149 that relates the key and values. 1150 properties: 1151 key: 1152 description: The label key 1153 that the selector applies 1154 to. 1155 type: string 1156 operator: 1157 description: Represents a 1158 key's relationship to a 1159 set of values. Valid operators 1160 are In, NotIn, Exists, DoesNotExist. 1161 Gt, and Lt. 1162 type: string 1163 values: 1164 description: An array of string 1165 values. If the operator 1166 is In or NotIn, the values 1167 array must be non-empty. 1168 If the operator is Exists 1169 or DoesNotExist, the values 1170 array must be empty. If 1171 the operator is Gt or Lt, 1172 the values array must have 1173 a single element, which 1174 will be interpreted as an 1175 integer. This array is replaced 1176 during a strategic merge 1177 patch. 1178 items: 1179 type: string 1180 type: array 1181 required: 1182 - key 1183 - operator 1184 type: object 1185 type: array 1186 matchFields: 1187 description: A list of node selector 1188 requirements by node's fields. 1189 items: 1190 description: A node selector requirement 1191 is a selector that contains 1192 values, a key, and an operator 1193 that relates the key and values. 1194 properties: 1195 key: 1196 description: The label key 1197 that the selector applies 1198 to. 1199 type: string 1200 operator: 1201 description: Represents a 1202 key's relationship to a 1203 set of values. Valid operators 1204 are In, NotIn, Exists, DoesNotExist. 1205 Gt, and Lt. 1206 type: string 1207 values: 1208 description: An array of string 1209 values. If the operator 1210 is In or NotIn, the values 1211 array must be non-empty. 1212 If the operator is Exists 1213 or DoesNotExist, the values 1214 array must be empty. If 1215 the operator is Gt or Lt, 1216 the values array must have 1217 a single element, which 1218 will be interpreted as an 1219 integer. This array is replaced 1220 during a strategic merge 1221 patch. 1222 items: 1223 type: string 1224 type: array 1225 required: 1226 - key 1227 - operator 1228 type: object 1229 type: array 1230 type: object 1231 type: array 1232 required: 1233 - nodeSelectorTerms 1234 type: object 1235 type: object 1236 podAffinity: 1237 description: Describes pod affinity scheduling 1238 rules (e.g. co-locate this pod in the same node, 1239 zone, etc. as some other pod(s)). 1240 properties: 1241 preferredDuringSchedulingIgnoredDuringExecution: 1242 description: The scheduler will prefer to 1243 schedule pods to nodes that satisfy the 1244 affinity expressions specified by this field, 1245 but it may choose a node that violates one 1246 or more of the expressions. The node that 1247 is most preferred is the one with the greatest 1248 sum of weights, i.e. for each node that 1249 meets all of the scheduling requirements 1250 (resource request, requiredDuringScheduling 1251 affinity expressions, etc.), compute a sum 1252 by iterating through the elements of this 1253 field and adding "weight" to the sum if 1254 the node has pods which matches the corresponding 1255 podAffinityTerm; the node(s) with the highest 1256 sum are the most preferred. 1257 items: 1258 description: The weights of all of the matched 1259 WeightedPodAffinityTerm fields are added 1260 per-node to find the most preferred node(s) 1261 properties: 1262 podAffinityTerm: 1263 description: Required. A pod affinity 1264 term, associated with the corresponding 1265 weight. 1266 properties: 1267 labelSelector: 1268 description: A label query over 1269 a set of resources, in this case 1270 pods. 1271 properties: 1272 matchExpressions: 1273 description: matchExpressions 1274 is a list of label selector 1275 requirements. The requirements 1276 are ANDed. 1277 items: 1278 description: A label selector 1279 requirement is a selector 1280 that contains values, a 1281 key, and an operator that 1282 relates the key and values. 1283 properties: 1284 key: 1285 description: key is the 1286 label key that the selector 1287 applies to. 1288 type: string 1289 operator: 1290 description: operator 1291 represents a key's relationship 1292 to a set of values. 1293 Valid operators are 1294 In, NotIn, Exists and 1295 DoesNotExist. 1296 type: string 1297 values: 1298 description: values is 1299 an array of string values. 1300 If the operator is In 1301 or NotIn, the values 1302 array must be non-empty. 1303 If the operator is Exists 1304 or DoesNotExist, the 1305 values array must be 1306 empty. This array is 1307 replaced during a strategic 1308 merge patch. 1309 items: 1310 type: string 1311 type: array 1312 required: 1313 - key 1314 - operator 1315 type: object 1316 type: array 1317 matchLabels: 1318 additionalProperties: 1319 type: string 1320 description: matchLabels is 1321 a map of {key,value} pairs. 1322 A single {key,value} in the 1323 matchLabels map is equivalent 1324 to an element of matchExpressions, 1325 whose key field is "key", 1326 the operator is "In", and 1327 the values array contains 1328 only "value". The requirements 1329 are ANDed. 1330 type: object 1331 type: object 1332 namespaceSelector: 1333 description: A label query over 1334 the set of namespaces that the 1335 term applies to. The term is applied 1336 to the union of the namespaces 1337 selected by this field and the 1338 ones listed in the namespaces 1339 field. null selector and null 1340 or empty namespaces list means 1341 "this pod's namespace". An empty 1342 selector ({}) matches all namespaces. 1343 This field is alpha-level and 1344 is only honored when PodAffinityNamespaceSelector 1345 feature is enabled. 1346 properties: 1347 matchExpressions: 1348 description: matchExpressions 1349 is a list of label selector 1350 requirements. The requirements 1351 are ANDed. 1352 items: 1353 description: A label selector 1354 requirement is a selector 1355 that contains values, a 1356 key, and an operator that 1357 relates the key and values. 1358 properties: 1359 key: 1360 description: key is the 1361 label key that the selector 1362 applies to. 1363 type: string 1364 operator: 1365 description: operator 1366 represents a key's relationship 1367 to a set of values. 1368 Valid operators are 1369 In, NotIn, Exists and 1370 DoesNotExist. 1371 type: string 1372 values: 1373 description: values is 1374 an array of string values. 1375 If the operator is In 1376 or NotIn, the values 1377 array must be non-empty. 1378 If the operator is Exists 1379 or DoesNotExist, the 1380 values array must be 1381 empty. This array is 1382 replaced during a strategic 1383 merge patch. 1384 items: 1385 type: string 1386 type: array 1387 required: 1388 - key 1389 - operator 1390 type: object 1391 type: array 1392 matchLabels: 1393 additionalProperties: 1394 type: string 1395 description: matchLabels is 1396 a map of {key,value} pairs. 1397 A single {key,value} in the 1398 matchLabels map is equivalent 1399 to an element of matchExpressions, 1400 whose key field is "key", 1401 the operator is "In", and 1402 the values array contains 1403 only "value". The requirements 1404 are ANDed. 1405 type: object 1406 type: object 1407 namespaces: 1408 description: namespaces specifies 1409 a static list of namespace names 1410 that the term applies to. The 1411 term is applied to the union of 1412 the namespaces listed in this 1413 field and the ones selected by 1414 namespaceSelector. null or empty 1415 namespaces list and null namespaceSelector 1416 means "this pod's namespace" 1417 items: 1418 type: string 1419 type: array 1420 topologyKey: 1421 description: This pod should be 1422 co-located (affinity) or not co-located 1423 (anti-affinity) with the pods 1424 matching the labelSelector in 1425 the specified namespaces, where 1426 co-located is defined as running 1427 on a node whose value of the label 1428 with key topologyKey matches that 1429 of any node on which any of the 1430 selected pods is running. Empty 1431 topologyKey is not allowed. 1432 type: string 1433 required: 1434 - topologyKey 1435 type: object 1436 weight: 1437 description: weight associated with 1438 matching the corresponding podAffinityTerm, 1439 in the range 1-100. 1440 format: int32 1441 type: integer 1442 required: 1443 - podAffinityTerm 1444 - weight 1445 type: object 1446 type: array 1447 requiredDuringSchedulingIgnoredDuringExecution: 1448 description: If the affinity requirements 1449 specified by this field are not met at scheduling 1450 time, the pod will not be scheduled onto 1451 the node. If the affinity requirements specified 1452 by this field cease to be met at some point 1453 during pod execution (e.g. due to a pod 1454 label update), the system may or may not 1455 try to eventually evict the pod from its 1456 node. When there are multiple elements, 1457 the lists of nodes corresponding to each 1458 podAffinityTerm are intersected, i.e. all 1459 terms must be satisfied. 1460 items: 1461 description: Defines a set of pods (namely 1462 those matching the labelSelector relative 1463 to the given namespace(s)) that this pod 1464 should be co-located (affinity) or not 1465 co-located (anti-affinity) with, where 1466 co-located is defined as running on a 1467 node whose value of the label with key 1468 <topologyKey> matches that of any node 1469 on which a pod of the set of pods is running 1470 properties: 1471 labelSelector: 1472 description: A label query over a set 1473 of resources, in this case pods. 1474 properties: 1475 matchExpressions: 1476 description: matchExpressions is 1477 a list of label selector requirements. 1478 The requirements are ANDed. 1479 items: 1480 description: A label selector 1481 requirement is a selector that 1482 contains values, a key, and 1483 an operator that relates the 1484 key and values. 1485 properties: 1486 key: 1487 description: key is the label 1488 key that the selector applies 1489 to. 1490 type: string 1491 operator: 1492 description: operator represents 1493 a key's relationship to 1494 a set of values. Valid operators 1495 are In, NotIn, Exists and 1496 DoesNotExist. 1497 type: string 1498 values: 1499 description: values is an 1500 array of string values. 1501 If the operator is In or 1502 NotIn, the values array 1503 must be non-empty. If the 1504 operator is Exists or DoesNotExist, 1505 the values array must be 1506 empty. This array is replaced 1507 during a strategic merge 1508 patch. 1509 items: 1510 type: string 1511 type: array 1512 required: 1513 - key 1514 - operator 1515 type: object 1516 type: array 1517 matchLabels: 1518 additionalProperties: 1519 type: string 1520 description: matchLabels is a map 1521 of {key,value} pairs. A single 1522 {key,value} in the matchLabels 1523 map is equivalent to an element 1524 of matchExpressions, whose key 1525 field is "key", the operator is 1526 "In", and the values array contains 1527 only "value". The requirements 1528 are ANDed. 1529 type: object 1530 type: object 1531 namespaceSelector: 1532 description: A label query over the 1533 set of namespaces that the term applies 1534 to. The term is applied to the union 1535 of the namespaces selected by this 1536 field and the ones listed in the namespaces 1537 field. null selector and null or empty 1538 namespaces list means "this pod's 1539 namespace". An empty selector ({}) 1540 matches all namespaces. This field 1541 is alpha-level and is only honored 1542 when PodAffinityNamespaceSelector 1543 feature is enabled. 1544 properties: 1545 matchExpressions: 1546 description: matchExpressions is 1547 a list of label selector requirements. 1548 The requirements are ANDed. 1549 items: 1550 description: A label selector 1551 requirement is a selector that 1552 contains values, a key, and 1553 an operator that relates the 1554 key and values. 1555 properties: 1556 key: 1557 description: key is the label 1558 key that the selector applies 1559 to. 1560 type: string 1561 operator: 1562 description: operator represents 1563 a key's relationship to 1564 a set of values. Valid operators 1565 are In, NotIn, Exists and 1566 DoesNotExist. 1567 type: string 1568 values: 1569 description: values is an 1570 array of string values. 1571 If the operator is In or 1572 NotIn, the values array 1573 must be non-empty. If the 1574 operator is Exists or DoesNotExist, 1575 the values array must be 1576 empty. This array is replaced 1577 during a strategic merge 1578 patch. 1579 items: 1580 type: string 1581 type: array 1582 required: 1583 - key 1584 - operator 1585 type: object 1586 type: array 1587 matchLabels: 1588 additionalProperties: 1589 type: string 1590 description: matchLabels is a map 1591 of {key,value} pairs. A single 1592 {key,value} in the matchLabels 1593 map is equivalent to an element 1594 of matchExpressions, whose key 1595 field is "key", the operator is 1596 "In", and the values array contains 1597 only "value". The requirements 1598 are ANDed. 1599 type: object 1600 type: object 1601 namespaces: 1602 description: namespaces specifies a 1603 static list of namespace names that 1604 the term applies to. The term is applied 1605 to the union of the namespaces listed 1606 in this field and the ones selected 1607 by namespaceSelector. null or empty 1608 namespaces list and null namespaceSelector 1609 means "this pod's namespace" 1610 items: 1611 type: string 1612 type: array 1613 topologyKey: 1614 description: This pod should be co-located 1615 (affinity) or not co-located (anti-affinity) 1616 with the pods matching the labelSelector 1617 in the specified namespaces, where 1618 co-located is defined as running on 1619 a node whose value of the label with 1620 key topologyKey matches that of any 1621 node on which any of the selected 1622 pods is running. Empty topologyKey 1623 is not allowed. 1624 type: string 1625 required: 1626 - topologyKey 1627 type: object 1628 type: array 1629 type: object 1630 podAntiAffinity: 1631 description: Describes pod anti-affinity scheduling 1632 rules (e.g. avoid putting this pod in the same 1633 node, zone, etc. as some other pod(s)). 1634 properties: 1635 preferredDuringSchedulingIgnoredDuringExecution: 1636 description: The scheduler will prefer to 1637 schedule pods to nodes that satisfy the 1638 anti-affinity expressions specified by this 1639 field, but it may choose a node that violates 1640 one or more of the expressions. The node 1641 that is most preferred is the one with the 1642 greatest sum of weights, i.e. for each node 1643 that meets all of the scheduling requirements 1644 (resource request, requiredDuringScheduling 1645 anti-affinity expressions, etc.), compute 1646 a sum by iterating through the elements 1647 of this field and adding "weight" to the 1648 sum if the node has pods which matches the 1649 corresponding podAffinityTerm; the node(s) 1650 with the highest sum are the most preferred. 1651 items: 1652 description: The weights of all of the matched 1653 WeightedPodAffinityTerm fields are added 1654 per-node to find the most preferred node(s) 1655 properties: 1656 podAffinityTerm: 1657 description: Required. A pod affinity 1658 term, associated with the corresponding 1659 weight. 1660 properties: 1661 labelSelector: 1662 description: A label query over 1663 a set of resources, in this case 1664 pods. 1665 properties: 1666 matchExpressions: 1667 description: matchExpressions 1668 is a list of label selector 1669 requirements. The requirements 1670 are ANDed. 1671 items: 1672 description: A label selector 1673 requirement is a selector 1674 that contains values, a 1675 key, and an operator that 1676 relates the key and values. 1677 properties: 1678 key: 1679 description: key is the 1680 label key that the selector 1681 applies to. 1682 type: string 1683 operator: 1684 description: operator 1685 represents a key's relationship 1686 to a set of values. 1687 Valid operators are 1688 In, NotIn, Exists and 1689 DoesNotExist. 1690 type: string 1691 values: 1692 description: values is 1693 an array of string values. 1694 If the operator is In 1695 or NotIn, the values 1696 array must be non-empty. 1697 If the operator is Exists 1698 or DoesNotExist, the 1699 values array must be 1700 empty. This array is 1701 replaced during a strategic 1702 merge patch. 1703 items: 1704 type: string 1705 type: array 1706 required: 1707 - key 1708 - operator 1709 type: object 1710 type: array 1711 matchLabels: 1712 additionalProperties: 1713 type: string 1714 description: matchLabels is 1715 a map of {key,value} pairs. 1716 A single {key,value} in the 1717 matchLabels map is equivalent 1718 to an element of matchExpressions, 1719 whose key field is "key", 1720 the operator is "In", and 1721 the values array contains 1722 only "value". The requirements 1723 are ANDed. 1724 type: object 1725 type: object 1726 namespaceSelector: 1727 description: A label query over 1728 the set of namespaces that the 1729 term applies to. The term is applied 1730 to the union of the namespaces 1731 selected by this field and the 1732 ones listed in the namespaces 1733 field. null selector and null 1734 or empty namespaces list means 1735 "this pod's namespace". An empty 1736 selector ({}) matches all namespaces. 1737 This field is alpha-level and 1738 is only honored when PodAffinityNamespaceSelector 1739 feature is enabled. 1740 properties: 1741 matchExpressions: 1742 description: matchExpressions 1743 is a list of label selector 1744 requirements. The requirements 1745 are ANDed. 1746 items: 1747 description: A label selector 1748 requirement is a selector 1749 that contains values, a 1750 key, and an operator that 1751 relates the key and values. 1752 properties: 1753 key: 1754 description: key is the 1755 label key that the selector 1756 applies to. 1757 type: string 1758 operator: 1759 description: operator 1760 represents a key's relationship 1761 to a set of values. 1762 Valid operators are 1763 In, NotIn, Exists and 1764 DoesNotExist. 1765 type: string 1766 values: 1767 description: values is 1768 an array of string values. 1769 If the operator is In 1770 or NotIn, the values 1771 array must be non-empty. 1772 If the operator is Exists 1773 or DoesNotExist, the 1774 values array must be 1775 empty. This array is 1776 replaced during a strategic 1777 merge patch. 1778 items: 1779 type: string 1780 type: array 1781 required: 1782 - key 1783 - operator 1784 type: object 1785 type: array 1786 matchLabels: 1787 additionalProperties: 1788 type: string 1789 description: matchLabels is 1790 a map of {key,value} pairs. 1791 A single {key,value} in the 1792 matchLabels map is equivalent 1793 to an element of matchExpressions, 1794 whose key field is "key", 1795 the operator is "In", and 1796 the values array contains 1797 only "value". The requirements 1798 are ANDed. 1799 type: object 1800 type: object 1801 namespaces: 1802 description: namespaces specifies 1803 a static list of namespace names 1804 that the term applies to. The 1805 term is applied to the union of 1806 the namespaces listed in this 1807 field and the ones selected by 1808 namespaceSelector. null or empty 1809 namespaces list and null namespaceSelector 1810 means "this pod's namespace" 1811 items: 1812 type: string 1813 type: array 1814 topologyKey: 1815 description: This pod should be 1816 co-located (affinity) or not co-located 1817 (anti-affinity) with the pods 1818 matching the labelSelector in 1819 the specified namespaces, where 1820 co-located is defined as running 1821 on a node whose value of the label 1822 with key topologyKey matches that 1823 of any node on which any of the 1824 selected pods is running. Empty 1825 topologyKey is not allowed. 1826 type: string 1827 required: 1828 - topologyKey 1829 type: object 1830 weight: 1831 description: weight associated with 1832 matching the corresponding podAffinityTerm, 1833 in the range 1-100. 1834 format: int32 1835 type: integer 1836 required: 1837 - podAffinityTerm 1838 - weight 1839 type: object 1840 type: array 1841 requiredDuringSchedulingIgnoredDuringExecution: 1842 description: If the anti-affinity requirements 1843 specified by this field are not met at scheduling 1844 time, the pod will not be scheduled onto 1845 the node. If the anti-affinity requirements 1846 specified by this field cease to be met 1847 at some point during pod execution (e.g. 1848 due to a pod label update), the system may 1849 or may not try to eventually evict the pod 1850 from its node. When there are multiple elements, 1851 the lists of nodes corresponding to each 1852 podAffinityTerm are intersected, i.e. all 1853 terms must be satisfied. 1854 items: 1855 description: Defines a set of pods (namely 1856 those matching the labelSelector relative 1857 to the given namespace(s)) that this pod 1858 should be co-located (affinity) or not 1859 co-located (anti-affinity) with, where 1860 co-located is defined as running on a 1861 node whose value of the label with key 1862 <topologyKey> matches that of any node 1863 on which a pod of the set of pods is running 1864 properties: 1865 labelSelector: 1866 description: A label query over a set 1867 of resources, in this case pods. 1868 properties: 1869 matchExpressions: 1870 description: matchExpressions is 1871 a list of label selector requirements. 1872 The requirements are ANDed. 1873 items: 1874 description: A label selector 1875 requirement is a selector that 1876 contains values, a key, and 1877 an operator that relates the 1878 key and values. 1879 properties: 1880 key: 1881 description: key is the label 1882 key that the selector applies 1883 to. 1884 type: string 1885 operator: 1886 description: operator represents 1887 a key's relationship to 1888 a set of values. Valid operators 1889 are In, NotIn, Exists and 1890 DoesNotExist. 1891 type: string 1892 values: 1893 description: values is an 1894 array of string values. 1895 If the operator is In or 1896 NotIn, the values array 1897 must be non-empty. If the 1898 operator is Exists or DoesNotExist, 1899 the values array must be 1900 empty. This array is replaced 1901 during a strategic merge 1902 patch. 1903 items: 1904 type: string 1905 type: array 1906 required: 1907 - key 1908 - operator 1909 type: object 1910 type: array 1911 matchLabels: 1912 additionalProperties: 1913 type: string 1914 description: matchLabels is a map 1915 of {key,value} pairs. A single 1916 {key,value} in the matchLabels 1917 map is equivalent to an element 1918 of matchExpressions, whose key 1919 field is "key", the operator is 1920 "In", and the values array contains 1921 only "value". The requirements 1922 are ANDed. 1923 type: object 1924 type: object 1925 namespaceSelector: 1926 description: A label query over the 1927 set of namespaces that the term applies 1928 to. The term is applied to the union 1929 of the namespaces selected by this 1930 field and the ones listed in the namespaces 1931 field. null selector and null or empty 1932 namespaces list means "this pod's 1933 namespace". An empty selector ({}) 1934 matches all namespaces. This field 1935 is alpha-level and is only honored 1936 when PodAffinityNamespaceSelector 1937 feature is enabled. 1938 properties: 1939 matchExpressions: 1940 description: matchExpressions is 1941 a list of label selector requirements. 1942 The requirements are ANDed. 1943 items: 1944 description: A label selector 1945 requirement is a selector that 1946 contains values, a key, and 1947 an operator that relates the 1948 key and values. 1949 properties: 1950 key: 1951 description: key is the label 1952 key that the selector applies 1953 to. 1954 type: string 1955 operator: 1956 description: operator represents 1957 a key's relationship to 1958 a set of values. Valid operators 1959 are In, NotIn, Exists and 1960 DoesNotExist. 1961 type: string 1962 values: 1963 description: values is an 1964 array of string values. 1965 If the operator is In or 1966 NotIn, the values array 1967 must be non-empty. If the 1968 operator is Exists or DoesNotExist, 1969 the values array must be 1970 empty. This array is replaced 1971 during a strategic merge 1972 patch. 1973 items: 1974 type: string 1975 type: array 1976 required: 1977 - key 1978 - operator 1979 type: object 1980 type: array 1981 matchLabels: 1982 additionalProperties: 1983 type: string 1984 description: matchLabels is a map 1985 of {key,value} pairs. A single 1986 {key,value} in the matchLabels 1987 map is equivalent to an element 1988 of matchExpressions, whose key 1989 field is "key", the operator is 1990 "In", and the values array contains 1991 only "value". The requirements 1992 are ANDed. 1993 type: object 1994 type: object 1995 namespaces: 1996 description: namespaces specifies a 1997 static list of namespace names that 1998 the term applies to. The term is applied 1999 to the union of the namespaces listed 2000 in this field and the ones selected 2001 by namespaceSelector. null or empty 2002 namespaces list and null namespaceSelector 2003 means "this pod's namespace" 2004 items: 2005 type: string 2006 type: array 2007 topologyKey: 2008 description: This pod should be co-located 2009 (affinity) or not co-located (anti-affinity) 2010 with the pods matching the labelSelector 2011 in the specified namespaces, where 2012 co-located is defined as running on 2013 a node whose value of the label with 2014 key topologyKey matches that of any 2015 node on which any of the selected 2016 pods is running. Empty topologyKey 2017 is not allowed. 2018 type: string 2019 required: 2020 - topologyKey 2021 type: object 2022 type: array 2023 type: object 2024 type: object 2025 automountServiceAccountToken: 2026 description: AutomountServiceAccountToken indicates 2027 whether a service account token should be automatically 2028 mounted. 2029 type: boolean 2030 containers: 2031 description: List of containers belonging to the pod. 2032 Containers cannot currently be added or removed. 2033 There must be at least one container in a Pod. Cannot 2034 be updated. 2035 items: 2036 description: A single application container that 2037 you want to run within a pod. 2038 properties: 2039 args: 2040 description: 'Arguments to the entrypoint. The 2041 docker image''s CMD is used if this is not 2042 provided. Variable references $(VAR_NAME) 2043 are expanded using the container''s environment. 2044 If a variable cannot be resolved, the reference 2045 in the input string will be unchanged. The 2046 $(VAR_NAME) syntax can be escaped with a double 2047 $$, ie: $$(VAR_NAME). Escaped references will 2048 never be expanded, regardless of whether the 2049 variable exists or not. Cannot be updated. 2050 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2051 items: 2052 type: string 2053 type: array 2054 command: 2055 description: 'Entrypoint array. Not executed 2056 within a shell. The docker image''s ENTRYPOINT 2057 is used if this is not provided. Variable 2058 references $(VAR_NAME) are expanded using 2059 the container''s environment. If a variable 2060 cannot be resolved, the reference in the input 2061 string will be unchanged. The $(VAR_NAME) 2062 syntax can be escaped with a double $$, ie: 2063 $$(VAR_NAME). Escaped references will never 2064 be expanded, regardless of whether the variable 2065 exists or not. Cannot be updated. More info: 2066 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2067 items: 2068 type: string 2069 type: array 2070 env: 2071 description: List of environment variables to 2072 set in the container. Cannot be updated. 2073 items: 2074 description: EnvVar represents an environment 2075 variable present in a Container. 2076 properties: 2077 name: 2078 description: Name of the environment variable. 2079 Must be a C_IDENTIFIER. 2080 type: string 2081 value: 2082 description: 'Variable references $(VAR_NAME) 2083 are expanded using the previous defined 2084 environment variables in the container 2085 and any service environment variables. 2086 If a variable cannot be resolved, the 2087 reference in the input string will be 2088 unchanged. The $(VAR_NAME) syntax can 2089 be escaped with a double $$, ie: $$(VAR_NAME). 2090 Escaped references will never be expanded, 2091 regardless of whether the variable exists 2092 or not. Defaults to "".' 2093 type: string 2094 valueFrom: 2095 description: Source for the environment 2096 variable's value. Cannot be used if 2097 value is not empty. 2098 properties: 2099 configMapKeyRef: 2100 description: Selects a key of a ConfigMap. 2101 properties: 2102 key: 2103 description: The key to select. 2104 type: string 2105 name: 2106 description: 'Name of the referent. 2107 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2108 TODO: Add other useful fields. 2109 apiVersion, kind, uid?' 2110 type: string 2111 optional: 2112 description: Specify whether the 2113 ConfigMap or its key must be 2114 defined 2115 type: boolean 2116 required: 2117 - key 2118 type: object 2119 fieldRef: 2120 description: 'Selects a field of the 2121 pod: supports metadata.name, metadata.namespace, 2122 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 2123 spec.nodeName, spec.serviceAccountName, 2124 status.hostIP, status.podIP, status.podIPs.' 2125 properties: 2126 apiVersion: 2127 description: Version of the schema 2128 the FieldPath is written in 2129 terms of, defaults to "v1". 2130 type: string 2131 fieldPath: 2132 description: Path of the field 2133 to select in the specified API 2134 version. 2135 type: string 2136 required: 2137 - fieldPath 2138 type: object 2139 resourceFieldRef: 2140 description: 'Selects a resource of 2141 the container: only resources limits 2142 and requests (limits.cpu, limits.memory, 2143 limits.ephemeral-storage, requests.cpu, 2144 requests.memory and requests.ephemeral-storage) 2145 are currently supported.' 2146 properties: 2147 containerName: 2148 description: 'Container name: 2149 required for volumes, optional 2150 for env vars' 2151 type: string 2152 divisor: 2153 anyOf: 2154 - type: integer 2155 - type: string 2156 description: Specifies the output 2157 format of the exposed resources, 2158 defaults to "1" 2159 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2160 x-kubernetes-int-or-string: true 2161 resource: 2162 description: 'Required: resource 2163 to select' 2164 type: string 2165 required: 2166 - resource 2167 type: object 2168 secretKeyRef: 2169 description: Selects a key of a secret 2170 in the pod's namespace 2171 properties: 2172 key: 2173 description: The key of the secret 2174 to select from. Must be a valid 2175 secret key. 2176 type: string 2177 name: 2178 description: 'Name of the referent. 2179 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2180 TODO: Add other useful fields. 2181 apiVersion, kind, uid?' 2182 type: string 2183 optional: 2184 description: Specify whether the 2185 Secret or its key must be defined 2186 type: boolean 2187 required: 2188 - key 2189 type: object 2190 type: object 2191 required: 2192 - name 2193 type: object 2194 type: array 2195 envFrom: 2196 description: List of sources to populate environment 2197 variables in the container. The keys defined 2198 within a source must be a C_IDENTIFIER. All 2199 invalid keys will be reported as an event 2200 when the container is starting. When a key 2201 exists in multiple sources, the value associated 2202 with the last source will take precedence. 2203 Values defined by an Env with a duplicate 2204 key will take precedence. Cannot be updated. 2205 items: 2206 description: EnvFromSource represents the 2207 source of a set of ConfigMaps 2208 properties: 2209 configMapRef: 2210 description: The ConfigMap to select from 2211 properties: 2212 name: 2213 description: 'Name of the referent. 2214 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2215 TODO: Add other useful fields. apiVersion, 2216 kind, uid?' 2217 type: string 2218 optional: 2219 description: Specify whether the ConfigMap 2220 must be defined 2221 type: boolean 2222 type: object 2223 prefix: 2224 description: An optional identifier to 2225 prepend to each key in the ConfigMap. 2226 Must be a C_IDENTIFIER. 2227 type: string 2228 secretRef: 2229 description: The Secret to select from 2230 properties: 2231 name: 2232 description: 'Name of the referent. 2233 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2234 TODO: Add other useful fields. apiVersion, 2235 kind, uid?' 2236 type: string 2237 optional: 2238 description: Specify whether the Secret 2239 must be defined 2240 type: boolean 2241 type: object 2242 type: object 2243 type: array 2244 image: 2245 description: 'Docker image name. More info: 2246 https://kubernetes.io/docs/concepts/containers/images 2247 This field is optional to allow higher level 2248 config management to default or override container 2249 images in workload controllers like Deployments 2250 and StatefulSets.' 2251 type: string 2252 imagePullPolicy: 2253 description: 'Image pull policy. One of Always, 2254 Never, IfNotPresent. Defaults to Always if 2255 :latest tag is specified, or IfNotPresent 2256 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2257 type: string 2258 lifecycle: 2259 description: Actions that the management system 2260 should take in response to container lifecycle 2261 events. Cannot be updated. 2262 properties: 2263 postStart: 2264 description: 'PostStart is called immediately 2265 after a container is created. If the handler 2266 fails, the container is terminated and 2267 restarted according to its restart policy. 2268 Other management of the container blocks 2269 until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2270 properties: 2271 exec: 2272 description: One and only one of the 2273 following should be specified. Exec 2274 specifies the action to take. 2275 properties: 2276 command: 2277 description: Command is the command 2278 line to execute inside the container, 2279 the working directory for the 2280 command is root ('/') in the 2281 container's filesystem. The command 2282 is simply exec'd, it is not run 2283 inside a shell, so traditional 2284 shell instructions ('|', etc) 2285 won't work. To use a shell, you 2286 need to explicitly call out to 2287 that shell. Exit status of 0 is 2288 treated as live/healthy and non-zero 2289 is unhealthy. 2290 items: 2291 type: string 2292 type: array 2293 type: object 2294 httpGet: 2295 description: HTTPGet specifies the http 2296 request to perform. 2297 properties: 2298 host: 2299 description: Host name to connect 2300 to, defaults to the pod IP. You 2301 probably want to set "Host" in 2302 httpHeaders instead. 2303 type: string 2304 httpHeaders: 2305 description: Custom headers to set 2306 in the request. HTTP allows repeated 2307 headers. 2308 items: 2309 description: HTTPHeader describes 2310 a custom header to be used in 2311 HTTP probes 2312 properties: 2313 name: 2314 description: The header field 2315 name 2316 type: string 2317 value: 2318 description: The header field 2319 value 2320 type: string 2321 required: 2322 - name 2323 - value 2324 type: object 2325 type: array 2326 path: 2327 description: Path to access on the 2328 HTTP server. 2329 type: string 2330 port: 2331 anyOf: 2332 - type: integer 2333 - type: string 2334 description: Name or number of the 2335 port to access on the container. 2336 Number must be in the range 1 2337 to 65535. Name must be an IANA_SVC_NAME. 2338 x-kubernetes-int-or-string: true 2339 scheme: 2340 description: Scheme to use for connecting 2341 to the host. Defaults to HTTP. 2342 type: string 2343 required: 2344 - port 2345 type: object 2346 tcpSocket: 2347 description: 'TCPSocket specifies an 2348 action involving a TCP port. TCP hooks 2349 not yet supported TODO: implement 2350 a realistic TCP lifecycle hook' 2351 properties: 2352 host: 2353 description: 'Optional: Host name 2354 to connect to, defaults to the 2355 pod IP.' 2356 type: string 2357 port: 2358 anyOf: 2359 - type: integer 2360 - type: string 2361 description: Number or name of the 2362 port to access on the container. 2363 Number must be in the range 1 2364 to 65535. Name must be an IANA_SVC_NAME. 2365 x-kubernetes-int-or-string: true 2366 required: 2367 - port 2368 type: object 2369 type: object 2370 preStop: 2371 description: 'PreStop is called immediately 2372 before a container is terminated due to 2373 an API request or management event such 2374 as liveness/startup probe failure, preemption, 2375 resource contention, etc. The handler 2376 is not called if the container crashes 2377 or exits. The reason for termination is 2378 passed to the handler. The Pod''s termination 2379 grace period countdown begins before the 2380 PreStop hooked is executed. Regardless 2381 of the outcome of the handler, the container 2382 will eventually terminate within the Pod''s 2383 termination grace period. Other management 2384 of the container blocks until the hook 2385 completes or until the termination grace 2386 period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2387 properties: 2388 exec: 2389 description: One and only one of the 2390 following should be specified. Exec 2391 specifies the action to take. 2392 properties: 2393 command: 2394 description: Command is the command 2395 line to execute inside the container, 2396 the working directory for the 2397 command is root ('/') in the 2398 container's filesystem. The command 2399 is simply exec'd, it is not run 2400 inside a shell, so traditional 2401 shell instructions ('|', etc) 2402 won't work. To use a shell, you 2403 need to explicitly call out to 2404 that shell. Exit status of 0 is 2405 treated as live/healthy and non-zero 2406 is unhealthy. 2407 items: 2408 type: string 2409 type: array 2410 type: object 2411 httpGet: 2412 description: HTTPGet specifies the http 2413 request to perform. 2414 properties: 2415 host: 2416 description: Host name to connect 2417 to, defaults to the pod IP. You 2418 probably want to set "Host" in 2419 httpHeaders instead. 2420 type: string 2421 httpHeaders: 2422 description: Custom headers to set 2423 in the request. HTTP allows repeated 2424 headers. 2425 items: 2426 description: HTTPHeader describes 2427 a custom header to be used in 2428 HTTP probes 2429 properties: 2430 name: 2431 description: The header field 2432 name 2433 type: string 2434 value: 2435 description: The header field 2436 value 2437 type: string 2438 required: 2439 - name 2440 - value 2441 type: object 2442 type: array 2443 path: 2444 description: Path to access on the 2445 HTTP server. 2446 type: string 2447 port: 2448 anyOf: 2449 - type: integer 2450 - type: string 2451 description: Name or number of the 2452 port to access on the container. 2453 Number must be in the range 1 2454 to 65535. Name must be an IANA_SVC_NAME. 2455 x-kubernetes-int-or-string: true 2456 scheme: 2457 description: Scheme to use for connecting 2458 to the host. Defaults to HTTP. 2459 type: string 2460 required: 2461 - port 2462 type: object 2463 tcpSocket: 2464 description: 'TCPSocket specifies an 2465 action involving a TCP port. TCP hooks 2466 not yet supported TODO: implement 2467 a realistic TCP lifecycle hook' 2468 properties: 2469 host: 2470 description: 'Optional: Host name 2471 to connect to, defaults to the 2472 pod IP.' 2473 type: string 2474 port: 2475 anyOf: 2476 - type: integer 2477 - type: string 2478 description: Number or name of the 2479 port to access on the container. 2480 Number must be in the range 1 2481 to 65535. Name must be an IANA_SVC_NAME. 2482 x-kubernetes-int-or-string: true 2483 required: 2484 - port 2485 type: object 2486 type: object 2487 type: object 2488 livenessProbe: 2489 description: 'Periodic probe of container liveness. 2490 Container will be restarted if the probe fails. 2491 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2492 properties: 2493 exec: 2494 description: One and only one of the following 2495 should be specified. Exec specifies the 2496 action to take. 2497 properties: 2498 command: 2499 description: Command is the command 2500 line to execute inside the container, 2501 the working directory for the command is 2502 root ('/') in the container's filesystem. 2503 The command is simply exec'd, it is 2504 not run inside a shell, so traditional 2505 shell instructions ('|', etc) won't 2506 work. To use a shell, you need to 2507 explicitly call out to that shell. 2508 Exit status of 0 is treated as live/healthy 2509 and non-zero is unhealthy. 2510 items: 2511 type: string 2512 type: array 2513 type: object 2514 failureThreshold: 2515 description: Minimum consecutive failures 2516 for the probe to be considered failed 2517 after having succeeded. Defaults to 3. 2518 Minimum value is 1. 2519 format: int32 2520 type: integer 2521 httpGet: 2522 description: HTTPGet specifies the http 2523 request to perform. 2524 properties: 2525 host: 2526 description: Host name to connect to, 2527 defaults to the pod IP. You probably 2528 want to set "Host" in httpHeaders 2529 instead. 2530 type: string 2531 httpHeaders: 2532 description: Custom headers to set in 2533 the request. HTTP allows repeated 2534 headers. 2535 items: 2536 description: HTTPHeader describes 2537 a custom header to be used in HTTP 2538 probes 2539 properties: 2540 name: 2541 description: The header field 2542 name 2543 type: string 2544 value: 2545 description: The header field 2546 value 2547 type: string 2548 required: 2549 - name 2550 - value 2551 type: object 2552 type: array 2553 path: 2554 description: Path to access on the HTTP 2555 server. 2556 type: string 2557 port: 2558 anyOf: 2559 - type: integer 2560 - type: string 2561 description: Name or number of the port 2562 to access on the container. Number 2563 must be in the range 1 to 65535. Name 2564 must be an IANA_SVC_NAME. 2565 x-kubernetes-int-or-string: true 2566 scheme: 2567 description: Scheme to use for connecting 2568 to the host. Defaults to HTTP. 2569 type: string 2570 required: 2571 - port 2572 type: object 2573 initialDelaySeconds: 2574 description: 'Number of seconds after the 2575 container has started before liveness 2576 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2577 format: int32 2578 type: integer 2579 periodSeconds: 2580 description: How often (in seconds) to perform 2581 the probe. Default to 10 seconds. Minimum 2582 value is 1. 2583 format: int32 2584 type: integer 2585 successThreshold: 2586 description: Minimum consecutive successes 2587 for the probe to be considered successful 2588 after having failed. Defaults to 1. Must 2589 be 1 for liveness and startup. Minimum 2590 value is 1. 2591 format: int32 2592 type: integer 2593 tcpSocket: 2594 description: 'TCPSocket specifies an action 2595 involving a TCP port. TCP hooks not yet 2596 supported TODO: implement a realistic 2597 TCP lifecycle hook' 2598 properties: 2599 host: 2600 description: 'Optional: Host name to 2601 connect to, defaults to the pod IP.' 2602 type: string 2603 port: 2604 anyOf: 2605 - type: integer 2606 - type: string 2607 description: Number or name of the port 2608 to access on the container. Number 2609 must be in the range 1 to 65535. Name 2610 must be an IANA_SVC_NAME. 2611 x-kubernetes-int-or-string: true 2612 required: 2613 - port 2614 type: object 2615 terminationGracePeriodSeconds: 2616 description: Optional duration in seconds 2617 the pod needs to terminate gracefully 2618 upon probe failure. The grace period is 2619 the duration in seconds after the processes 2620 running in the pod are sent a termination 2621 signal and the time when the processes 2622 are forcibly halted with a kill signal. 2623 Set this value longer than the expected 2624 cleanup time for your process. If this 2625 value is nil, the pod's terminationGracePeriodSeconds 2626 will be used. Otherwise, this value overrides 2627 the value provided by the pod spec. Value 2628 must be non-negative integer. The value 2629 zero indicates stop immediately via the 2630 kill signal (no opportunity to shut down). 2631 This is an alpha field and requires enabling 2632 ProbeTerminationGracePeriod feature gate. 2633 format: int64 2634 type: integer 2635 timeoutSeconds: 2636 description: 'Number of seconds after which 2637 the probe times out. Defaults to 1 second. 2638 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2639 format: int32 2640 type: integer 2641 type: object 2642 name: 2643 description: Name of the container specified 2644 as a DNS_LABEL. Each container in a pod must 2645 have a unique name (DNS_LABEL). Cannot be 2646 updated. 2647 type: string 2648 ports: 2649 description: List of ports to expose from the 2650 container. Exposing a port here gives the 2651 system additional information about the network 2652 connections a container uses, but is primarily 2653 informational. Not specifying a port here 2654 DOES NOT prevent that port from being exposed. 2655 Any port which is listening on the default 2656 "0.0.0.0" address inside a container will 2657 be accessible from the network. Cannot be 2658 updated. 2659 items: 2660 description: ContainerPort represents a network 2661 port in a single container. 2662 properties: 2663 containerPort: 2664 description: Number of port to expose 2665 on the pod's IP address. This must be 2666 a valid port number, 0 < x < 65536. 2667 format: int32 2668 type: integer 2669 hostIP: 2670 description: What host IP to bind the 2671 external port to. 2672 type: string 2673 hostPort: 2674 description: Number of port to expose 2675 on the host. If specified, this must 2676 be a valid port number, 0 < x < 65536. 2677 If HostNetwork is specified, this must 2678 match ContainerPort. Most containers 2679 do not need this. 2680 format: int32 2681 type: integer 2682 name: 2683 description: If specified, this must be 2684 an IANA_SVC_NAME and unique within the 2685 pod. Each named port in a pod must have 2686 a unique name. Name for the port that 2687 can be referred to by services. 2688 type: string 2689 protocol: 2690 default: TCP 2691 description: Protocol for port. Must be 2692 UDP, TCP, or SCTP. Defaults to "TCP". 2693 type: string 2694 required: 2695 - containerPort 2696 type: object 2697 type: array 2698 x-kubernetes-list-map-keys: 2699 - containerPort 2700 - protocol 2701 x-kubernetes-list-type: map 2702 readinessProbe: 2703 description: 'Periodic probe of container service 2704 readiness. Container will be removed from 2705 service endpoints if the probe fails. Cannot 2706 be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2707 properties: 2708 exec: 2709 description: One and only one of the following 2710 should be specified. Exec specifies the 2711 action to take. 2712 properties: 2713 command: 2714 description: Command is the command 2715 line to execute inside the container, 2716 the working directory for the command is 2717 root ('/') in the container's filesystem. 2718 The command is simply exec'd, it is 2719 not run inside a shell, so traditional 2720 shell instructions ('|', etc) won't 2721 work. To use a shell, you need to 2722 explicitly call out to that shell. 2723 Exit status of 0 is treated as live/healthy 2724 and non-zero is unhealthy. 2725 items: 2726 type: string 2727 type: array 2728 type: object 2729 failureThreshold: 2730 description: Minimum consecutive failures 2731 for the probe to be considered failed 2732 after having succeeded. Defaults to 3. 2733 Minimum value is 1. 2734 format: int32 2735 type: integer 2736 httpGet: 2737 description: HTTPGet specifies the http 2738 request to perform. 2739 properties: 2740 host: 2741 description: Host name to connect to, 2742 defaults to the pod IP. You probably 2743 want to set "Host" in httpHeaders 2744 instead. 2745 type: string 2746 httpHeaders: 2747 description: Custom headers to set in 2748 the request. HTTP allows repeated 2749 headers. 2750 items: 2751 description: HTTPHeader describes 2752 a custom header to be used in HTTP 2753 probes 2754 properties: 2755 name: 2756 description: The header field 2757 name 2758 type: string 2759 value: 2760 description: The header field 2761 value 2762 type: string 2763 required: 2764 - name 2765 - value 2766 type: object 2767 type: array 2768 path: 2769 description: Path to access on the HTTP 2770 server. 2771 type: string 2772 port: 2773 anyOf: 2774 - type: integer 2775 - type: string 2776 description: Name or number of the port 2777 to access on the container. Number 2778 must be in the range 1 to 65535. Name 2779 must be an IANA_SVC_NAME. 2780 x-kubernetes-int-or-string: true 2781 scheme: 2782 description: Scheme to use for connecting 2783 to the host. Defaults to HTTP. 2784 type: string 2785 required: 2786 - port 2787 type: object 2788 initialDelaySeconds: 2789 description: 'Number of seconds after the 2790 container has started before liveness 2791 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2792 format: int32 2793 type: integer 2794 periodSeconds: 2795 description: How often (in seconds) to perform 2796 the probe. Default to 10 seconds. Minimum 2797 value is 1. 2798 format: int32 2799 type: integer 2800 successThreshold: 2801 description: Minimum consecutive successes 2802 for the probe to be considered successful 2803 after having failed. Defaults to 1. Must 2804 be 1 for liveness and startup. Minimum 2805 value is 1. 2806 format: int32 2807 type: integer 2808 tcpSocket: 2809 description: 'TCPSocket specifies an action 2810 involving a TCP port. TCP hooks not yet 2811 supported TODO: implement a realistic 2812 TCP lifecycle hook' 2813 properties: 2814 host: 2815 description: 'Optional: Host name to 2816 connect to, defaults to the pod IP.' 2817 type: string 2818 port: 2819 anyOf: 2820 - type: integer 2821 - type: string 2822 description: Number or name of the port 2823 to access on the container. Number 2824 must be in the range 1 to 65535. Name 2825 must be an IANA_SVC_NAME. 2826 x-kubernetes-int-or-string: true 2827 required: 2828 - port 2829 type: object 2830 terminationGracePeriodSeconds: 2831 description: Optional duration in seconds 2832 the pod needs to terminate gracefully 2833 upon probe failure. The grace period is 2834 the duration in seconds after the processes 2835 running in the pod are sent a termination 2836 signal and the time when the processes 2837 are forcibly halted with a kill signal. 2838 Set this value longer than the expected 2839 cleanup time for your process. If this 2840 value is nil, the pod's terminationGracePeriodSeconds 2841 will be used. Otherwise, this value overrides 2842 the value provided by the pod spec. Value 2843 must be non-negative integer. The value 2844 zero indicates stop immediately via the 2845 kill signal (no opportunity to shut down). 2846 This is an alpha field and requires enabling 2847 ProbeTerminationGracePeriod feature gate. 2848 format: int64 2849 type: integer 2850 timeoutSeconds: 2851 description: 'Number of seconds after which 2852 the probe times out. Defaults to 1 second. 2853 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2854 format: int32 2855 type: integer 2856 type: object 2857 resources: 2858 description: 'Compute Resources required by 2859 this container. Cannot be updated. More info: 2860 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2861 properties: 2862 limits: 2863 additionalProperties: 2864 anyOf: 2865 - type: integer 2866 - type: string 2867 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2868 x-kubernetes-int-or-string: true 2869 description: 'Limits describes the maximum 2870 amount of compute resources allowed. More 2871 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2872 type: object 2873 requests: 2874 additionalProperties: 2875 anyOf: 2876 - type: integer 2877 - type: string 2878 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2879 x-kubernetes-int-or-string: true 2880 description: 'Requests describes the minimum 2881 amount of compute resources required. 2882 If Requests is omitted for a container, 2883 it defaults to Limits if that is explicitly 2884 specified, otherwise to an implementation-defined 2885 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2886 type: object 2887 type: object 2888 securityContext: 2889 description: 'Security options the pod should 2890 run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ 2891 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2892 properties: 2893 allowPrivilegeEscalation: 2894 description: 'AllowPrivilegeEscalation controls 2895 whether a process can gain more privileges 2896 than its parent process. This bool directly 2897 controls if the no_new_privs flag will 2898 be set on the container process. AllowPrivilegeEscalation 2899 is true always when the container is: 2900 1) run as Privileged 2) has CAP_SYS_ADMIN' 2901 type: boolean 2902 capabilities: 2903 description: The capabilities to add/drop 2904 when running containers. Defaults to the 2905 default set of capabilities granted by 2906 the container runtime. 2907 properties: 2908 add: 2909 description: Added capabilities 2910 items: 2911 description: Capability represent 2912 POSIX capabilities type 2913 type: string 2914 type: array 2915 drop: 2916 description: Removed capabilities 2917 items: 2918 description: Capability represent 2919 POSIX capabilities type 2920 type: string 2921 type: array 2922 type: object 2923 privileged: 2924 description: Run container in privileged 2925 mode. Processes in privileged containers 2926 are essentially equivalent to root on 2927 the host. Defaults to false. 2928 type: boolean 2929 procMount: 2930 description: procMount denotes the type 2931 of proc mount to use for the containers. 2932 The default is DefaultProcMount which 2933 uses the container runtime defaults for 2934 readonly paths and masked paths. This 2935 requires the ProcMountType feature flag 2936 to be enabled. 2937 type: string 2938 readOnlyRootFilesystem: 2939 description: Whether this container has 2940 a read-only root filesystem. Default is 2941 false. 2942 type: boolean 2943 runAsGroup: 2944 description: The GID to run the entrypoint 2945 of the container process. Uses runtime 2946 default if unset. May also be set in PodSecurityContext. If 2947 set in both SecurityContext and PodSecurityContext, 2948 the value specified in SecurityContext 2949 takes precedence. 2950 format: int64 2951 type: integer 2952 runAsNonRoot: 2953 description: Indicates that the container 2954 must run as a non-root user. If true, 2955 the Kubelet will validate the image at 2956 runtime to ensure that it does not run 2957 as UID 0 (root) and fail to start the 2958 container if it does. If unset or false, 2959 no such validation will be performed. 2960 May also be set in PodSecurityContext. If 2961 set in both SecurityContext and PodSecurityContext, 2962 the value specified in SecurityContext 2963 takes precedence. 2964 type: boolean 2965 runAsUser: 2966 description: The UID to run the entrypoint 2967 of the container process. Defaults to 2968 user specified in image metadata if unspecified. 2969 May also be set in PodSecurityContext. If 2970 set in both SecurityContext and PodSecurityContext, 2971 the value specified in SecurityContext 2972 takes precedence. 2973 format: int64 2974 type: integer 2975 seLinuxOptions: 2976 description: The SELinux context to be applied 2977 to the container. If unspecified, the 2978 container runtime will allocate a random 2979 SELinux context for each container. May 2980 also be set in PodSecurityContext. If 2981 set in both SecurityContext and PodSecurityContext, 2982 the value specified in SecurityContext 2983 takes precedence. 2984 properties: 2985 level: 2986 description: Level is SELinux level 2987 label that applies to the container. 2988 type: string 2989 role: 2990 description: Role is a SELinux role 2991 label that applies to the container. 2992 type: string 2993 type: 2994 description: Type is a SELinux type 2995 label that applies to the container. 2996 type: string 2997 user: 2998 description: User is a SELinux user 2999 label that applies to the container. 3000 type: string 3001 type: object 3002 seccompProfile: 3003 description: The seccomp options to use 3004 by this container. If seccomp options 3005 are provided at both the pod & container 3006 level, the container options override 3007 the pod options. 3008 properties: 3009 localhostProfile: 3010 description: localhostProfile indicates 3011 a profile defined in a file on the 3012 node should be used. The profile must 3013 be preconfigured on the node to work. 3014 Must be a descending path, relative 3015 to the kubelet's configured seccomp 3016 profile location. Must only be set 3017 if type is "Localhost". 3018 type: string 3019 type: 3020 description: "type indicates which kind 3021 of seccomp profile will be applied. 3022 Valid options are: \n Localhost - 3023 a profile defined in a file on the 3024 node should be used. RuntimeDefault 3025 - the container runtime default profile 3026 should be used. Unconfined - no profile 3027 should be applied." 3028 type: string 3029 required: 3030 - type 3031 type: object 3032 windowsOptions: 3033 description: The Windows specific settings 3034 applied to all containers. If unspecified, 3035 the options from the PodSecurityContext 3036 will be used. If set in both SecurityContext 3037 and PodSecurityContext, the value specified 3038 in SecurityContext takes precedence. 3039 properties: 3040 gmsaCredentialSpec: 3041 description: GMSACredentialSpec is where 3042 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3043 inlines the contents of the GMSA credential 3044 spec named by the GMSACredentialSpecName 3045 field. 3046 type: string 3047 gmsaCredentialSpecName: 3048 description: GMSACredentialSpecName 3049 is the name of the GMSA credential 3050 spec to use. 3051 type: string 3052 runAsUserName: 3053 description: The UserName in Windows 3054 to run the entrypoint of the container 3055 process. Defaults to the user specified 3056 in image metadata if unspecified. 3057 May also be set in PodSecurityContext. 3058 If set in both SecurityContext and 3059 PodSecurityContext, the value specified 3060 in SecurityContext takes precedence. 3061 type: string 3062 type: object 3063 type: object 3064 startupProbe: 3065 description: 'StartupProbe indicates that the 3066 Pod has successfully initialized. If specified, 3067 no other probes are executed until this completes 3068 successfully. If this probe fails, the Pod 3069 will be restarted, just as if the livenessProbe 3070 failed. This can be used to provide different 3071 probe parameters at the beginning of a Pod''s 3072 lifecycle, when it might take a long time 3073 to load data or warm a cache, than during 3074 steady-state operation. This cannot be updated. 3075 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3076 properties: 3077 exec: 3078 description: One and only one of the following 3079 should be specified. Exec specifies the 3080 action to take. 3081 properties: 3082 command: 3083 description: Command is the command 3084 line to execute inside the container, 3085 the working directory for the command is 3086 root ('/') in the container's filesystem. 3087 The command is simply exec'd, it is 3088 not run inside a shell, so traditional 3089 shell instructions ('|', etc) won't 3090 work. To use a shell, you need to 3091 explicitly call out to that shell. 3092 Exit status of 0 is treated as live/healthy 3093 and non-zero is unhealthy. 3094 items: 3095 type: string 3096 type: array 3097 type: object 3098 failureThreshold: 3099 description: Minimum consecutive failures 3100 for the probe to be considered failed 3101 after having succeeded. Defaults to 3. 3102 Minimum value is 1. 3103 format: int32 3104 type: integer 3105 httpGet: 3106 description: HTTPGet specifies the http 3107 request to perform. 3108 properties: 3109 host: 3110 description: Host name to connect to, 3111 defaults to the pod IP. You probably 3112 want to set "Host" in httpHeaders 3113 instead. 3114 type: string 3115 httpHeaders: 3116 description: Custom headers to set in 3117 the request. HTTP allows repeated 3118 headers. 3119 items: 3120 description: HTTPHeader describes 3121 a custom header to be used in HTTP 3122 probes 3123 properties: 3124 name: 3125 description: The header field 3126 name 3127 type: string 3128 value: 3129 description: The header field 3130 value 3131 type: string 3132 required: 3133 - name 3134 - value 3135 type: object 3136 type: array 3137 path: 3138 description: Path to access on the HTTP 3139 server. 3140 type: string 3141 port: 3142 anyOf: 3143 - type: integer 3144 - type: string 3145 description: Name or number of the port 3146 to access on the container. Number 3147 must be in the range 1 to 65535. Name 3148 must be an IANA_SVC_NAME. 3149 x-kubernetes-int-or-string: true 3150 scheme: 3151 description: Scheme to use for connecting 3152 to the host. Defaults to HTTP. 3153 type: string 3154 required: 3155 - port 3156 type: object 3157 initialDelaySeconds: 3158 description: 'Number of seconds after the 3159 container has started before liveness 3160 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3161 format: int32 3162 type: integer 3163 periodSeconds: 3164 description: How often (in seconds) to perform 3165 the probe. Default to 10 seconds. Minimum 3166 value is 1. 3167 format: int32 3168 type: integer 3169 successThreshold: 3170 description: Minimum consecutive successes 3171 for the probe to be considered successful 3172 after having failed. Defaults to 1. Must 3173 be 1 for liveness and startup. Minimum 3174 value is 1. 3175 format: int32 3176 type: integer 3177 tcpSocket: 3178 description: 'TCPSocket specifies an action 3179 involving a TCP port. TCP hooks not yet 3180 supported TODO: implement a realistic 3181 TCP lifecycle hook' 3182 properties: 3183 host: 3184 description: 'Optional: Host name to 3185 connect to, defaults to the pod IP.' 3186 type: string 3187 port: 3188 anyOf: 3189 - type: integer 3190 - type: string 3191 description: Number or name of the port 3192 to access on the container. Number 3193 must be in the range 1 to 65535. Name 3194 must be an IANA_SVC_NAME. 3195 x-kubernetes-int-or-string: true 3196 required: 3197 - port 3198 type: object 3199 terminationGracePeriodSeconds: 3200 description: Optional duration in seconds 3201 the pod needs to terminate gracefully 3202 upon probe failure. The grace period is 3203 the duration in seconds after the processes 3204 running in the pod are sent a termination 3205 signal and the time when the processes 3206 are forcibly halted with a kill signal. 3207 Set this value longer than the expected 3208 cleanup time for your process. If this 3209 value is nil, the pod's terminationGracePeriodSeconds 3210 will be used. Otherwise, this value overrides 3211 the value provided by the pod spec. Value 3212 must be non-negative integer. The value 3213 zero indicates stop immediately via the 3214 kill signal (no opportunity to shut down). 3215 This is an alpha field and requires enabling 3216 ProbeTerminationGracePeriod feature gate. 3217 format: int64 3218 type: integer 3219 timeoutSeconds: 3220 description: 'Number of seconds after which 3221 the probe times out. Defaults to 1 second. 3222 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3223 format: int32 3224 type: integer 3225 type: object 3226 stdin: 3227 description: Whether this container should allocate 3228 a buffer for stdin in the container runtime. 3229 If this is not set, reads from stdin in the 3230 container will always result in EOF. Default 3231 is false. 3232 type: boolean 3233 stdinOnce: 3234 description: Whether the container runtime should 3235 close the stdin channel after it has been 3236 opened by a single attach. When stdin is true 3237 the stdin stream will remain open across multiple 3238 attach sessions. If stdinOnce is set to true, 3239 stdin is opened on container start, is empty 3240 until the first client attaches to stdin, 3241 and then remains open and accepts data until 3242 the client disconnects, at which time stdin 3243 is closed and remains closed until the container 3244 is restarted. If this flag is false, a container 3245 processes that reads from stdin will never 3246 receive an EOF. Default is false 3247 type: boolean 3248 terminationMessagePath: 3249 description: 'Optional: Path at which the file 3250 to which the container''s termination message 3251 will be written is mounted into the container''s 3252 filesystem. Message written is intended to 3253 be brief final status, such as an assertion 3254 failure message. Will be truncated by the 3255 node if greater than 4096 bytes. The total 3256 message length across all containers will 3257 be limited to 12kb. Defaults to /dev/termination-log. 3258 Cannot be updated.' 3259 type: string 3260 terminationMessagePolicy: 3261 description: Indicate how the termination message 3262 should be populated. File will use the contents 3263 of terminationMessagePath to populate the 3264 container status message on both success and 3265 failure. FallbackToLogsOnError will use the 3266 last chunk of container log output if the 3267 termination message file is empty and the 3268 container exited with an error. The log output 3269 is limited to 2048 bytes or 80 lines, whichever 3270 is smaller. Defaults to File. Cannot be updated. 3271 type: string 3272 tty: 3273 description: Whether this container should allocate 3274 a TTY for itself, also requires 'stdin' to 3275 be true. Default is false. 3276 type: boolean 3277 volumeDevices: 3278 description: volumeDevices is the list of block 3279 devices to be used by the container. 3280 items: 3281 description: volumeDevice describes a mapping 3282 of a raw block device within a container. 3283 properties: 3284 devicePath: 3285 description: devicePath is the path inside 3286 of the container that the device will 3287 be mapped to. 3288 type: string 3289 name: 3290 description: name must match the name 3291 of a persistentVolumeClaim in the pod 3292 type: string 3293 required: 3294 - devicePath 3295 - name 3296 type: object 3297 type: array 3298 volumeMounts: 3299 description: Pod volumes to mount into the container's 3300 filesystem. Cannot be updated. 3301 items: 3302 description: VolumeMount describes a mounting 3303 of a Volume within a container. 3304 properties: 3305 mountPath: 3306 description: Path within the container 3307 at which the volume should be mounted. Must 3308 not contain ':'. 3309 type: string 3310 mountPropagation: 3311 description: mountPropagation determines 3312 how mounts are propagated from the host 3313 to container and the other way around. 3314 When not set, MountPropagationNone is 3315 used. This field is beta in 1.10. 3316 type: string 3317 name: 3318 description: This must match the Name 3319 of a Volume. 3320 type: string 3321 readOnly: 3322 description: Mounted read-only if true, 3323 read-write otherwise (false or unspecified). 3324 Defaults to false. 3325 type: boolean 3326 subPath: 3327 description: Path within the volume from 3328 which the container's volume should 3329 be mounted. Defaults to "" (volume's 3330 root). 3331 type: string 3332 subPathExpr: 3333 description: Expanded path within the 3334 volume from which the container's volume 3335 should be mounted. Behaves similarly 3336 to SubPath but environment variable 3337 references $(VAR_NAME) are expanded 3338 using the container's environment. Defaults 3339 to "" (volume's root). SubPathExpr and 3340 SubPath are mutually exclusive. 3341 type: string 3342 required: 3343 - mountPath 3344 - name 3345 type: object 3346 type: array 3347 workingDir: 3348 description: Container's working directory. 3349 If not specified, the container runtime's 3350 default will be used, which might be configured 3351 in the container image. Cannot be updated. 3352 type: string 3353 required: 3354 - name 3355 type: object 3356 type: array 3357 dnsConfig: 3358 description: Specifies the DNS parameters of a pod. 3359 Parameters specified here will be merged to the 3360 generated DNS configuration based on DNSPolicy. 3361 properties: 3362 nameservers: 3363 description: A list of DNS name server IP addresses. 3364 This will be appended to the base nameservers 3365 generated from DNSPolicy. Duplicated nameservers 3366 will be removed. 3367 items: 3368 type: string 3369 type: array 3370 options: 3371 description: A list of DNS resolver options. This 3372 will be merged with the base options generated 3373 from DNSPolicy. Duplicated entries will be removed. 3374 Resolution options given in Options will override 3375 those that appear in the base DNSPolicy. 3376 items: 3377 description: PodDNSConfigOption defines DNS 3378 resolver options of a pod. 3379 properties: 3380 name: 3381 description: Required. 3382 type: string 3383 value: 3384 type: string 3385 type: object 3386 type: array 3387 searches: 3388 description: A list of DNS search domains for 3389 host-name lookup. This will be appended to the 3390 base search paths generated from DNSPolicy. 3391 Duplicated search paths will be removed. 3392 items: 3393 type: string 3394 type: array 3395 type: object 3396 dnsPolicy: 3397 description: Set DNS policy for the pod. Defaults 3398 to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 3399 'ClusterFirst', 'Default' or 'None'. DNS parameters 3400 given in DNSConfig will be merged with the policy 3401 selected with DNSPolicy. To have DNS options set 3402 along with hostNetwork, you have to specify DNS 3403 policy explicitly to 'ClusterFirstWithHostNet'. 3404 type: string 3405 enableServiceLinks: 3406 description: 'EnableServiceLinks indicates whether 3407 information about services should be injected into 3408 pod''s environment variables, matching the syntax 3409 of Docker links. Optional: Defaults to true.' 3410 type: boolean 3411 ephemeralContainers: 3412 description: List of ephemeral containers run in this 3413 pod. Ephemeral containers may be run in an existing 3414 pod to perform user-initiated actions such as debugging. 3415 This list cannot be specified when creating a pod, 3416 and it cannot be modified by updating the pod spec. 3417 In order to add an ephemeral container to an existing 3418 pod, use the pod's ephemeralcontainers subresource. 3419 This field is alpha-level and is only honored by 3420 servers that enable the EphemeralContainers feature. 3421 items: 3422 description: An EphemeralContainer is a container 3423 that may be added temporarily to an existing pod 3424 for user-initiated activities such as debugging. 3425 Ephemeral containers have no resource or scheduling 3426 guarantees, and they will not be restarted when 3427 they exit or when a pod is removed or restarted. 3428 If an ephemeral container causes a pod to exceed 3429 its resource allocation, the pod may be evicted. 3430 Ephemeral containers may not be added by directly 3431 updating the pod spec. They must be added via 3432 the pod's ephemeralcontainers subresource, and 3433 they will appear in the pod spec once added. This 3434 is an alpha feature enabled by the EphemeralContainers 3435 feature flag. 3436 properties: 3437 args: 3438 description: 'Arguments to the entrypoint. The 3439 docker image''s CMD is used if this is not 3440 provided. Variable references $(VAR_NAME) 3441 are expanded using the container''s environment. 3442 If a variable cannot be resolved, the reference 3443 in the input string will be unchanged. The 3444 $(VAR_NAME) syntax can be escaped with a double 3445 $$, ie: $$(VAR_NAME). Escaped references will 3446 never be expanded, regardless of whether the 3447 variable exists or not. Cannot be updated. 3448 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3449 items: 3450 type: string 3451 type: array 3452 command: 3453 description: 'Entrypoint array. Not executed 3454 within a shell. The docker image''s ENTRYPOINT 3455 is used if this is not provided. Variable 3456 references $(VAR_NAME) are expanded using 3457 the container''s environment. If a variable 3458 cannot be resolved, the reference in the input 3459 string will be unchanged. The $(VAR_NAME) 3460 syntax can be escaped with a double $$, ie: 3461 $$(VAR_NAME). Escaped references will never 3462 be expanded, regardless of whether the variable 3463 exists or not. Cannot be updated. More info: 3464 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3465 items: 3466 type: string 3467 type: array 3468 env: 3469 description: List of environment variables to 3470 set in the container. Cannot be updated. 3471 items: 3472 description: EnvVar represents an environment 3473 variable present in a Container. 3474 properties: 3475 name: 3476 description: Name of the environment variable. 3477 Must be a C_IDENTIFIER. 3478 type: string 3479 value: 3480 description: 'Variable references $(VAR_NAME) 3481 are expanded using the previous defined 3482 environment variables in the container 3483 and any service environment variables. 3484 If a variable cannot be resolved, the 3485 reference in the input string will be 3486 unchanged. The $(VAR_NAME) syntax can 3487 be escaped with a double $$, ie: $$(VAR_NAME). 3488 Escaped references will never be expanded, 3489 regardless of whether the variable exists 3490 or not. Defaults to "".' 3491 type: string 3492 valueFrom: 3493 description: Source for the environment 3494 variable's value. Cannot be used if 3495 value is not empty. 3496 properties: 3497 configMapKeyRef: 3498 description: Selects a key of a ConfigMap. 3499 properties: 3500 key: 3501 description: The key to select. 3502 type: string 3503 name: 3504 description: 'Name of the referent. 3505 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3506 TODO: Add other useful fields. 3507 apiVersion, kind, uid?' 3508 type: string 3509 optional: 3510 description: Specify whether the 3511 ConfigMap or its key must be 3512 defined 3513 type: boolean 3514 required: 3515 - key 3516 type: object 3517 fieldRef: 3518 description: 'Selects a field of the 3519 pod: supports metadata.name, metadata.namespace, 3520 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 3521 spec.nodeName, spec.serviceAccountName, 3522 status.hostIP, status.podIP, status.podIPs.' 3523 properties: 3524 apiVersion: 3525 description: Version of the schema 3526 the FieldPath is written in 3527 terms of, defaults to "v1". 3528 type: string 3529 fieldPath: 3530 description: Path of the field 3531 to select in the specified API 3532 version. 3533 type: string 3534 required: 3535 - fieldPath 3536 type: object 3537 resourceFieldRef: 3538 description: 'Selects a resource of 3539 the container: only resources limits 3540 and requests (limits.cpu, limits.memory, 3541 limits.ephemeral-storage, requests.cpu, 3542 requests.memory and requests.ephemeral-storage) 3543 are currently supported.' 3544 properties: 3545 containerName: 3546 description: 'Container name: 3547 required for volumes, optional 3548 for env vars' 3549 type: string 3550 divisor: 3551 anyOf: 3552 - type: integer 3553 - type: string 3554 description: Specifies the output 3555 format of the exposed resources, 3556 defaults to "1" 3557 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3558 x-kubernetes-int-or-string: true 3559 resource: 3560 description: 'Required: resource 3561 to select' 3562 type: string 3563 required: 3564 - resource 3565 type: object 3566 secretKeyRef: 3567 description: Selects a key of a secret 3568 in the pod's namespace 3569 properties: 3570 key: 3571 description: The key of the secret 3572 to select from. Must be a valid 3573 secret key. 3574 type: string 3575 name: 3576 description: 'Name of the referent. 3577 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3578 TODO: Add other useful fields. 3579 apiVersion, kind, uid?' 3580 type: string 3581 optional: 3582 description: Specify whether the 3583 Secret or its key must be defined 3584 type: boolean 3585 required: 3586 - key 3587 type: object 3588 type: object 3589 required: 3590 - name 3591 type: object 3592 type: array 3593 envFrom: 3594 description: List of sources to populate environment 3595 variables in the container. The keys defined 3596 within a source must be a C_IDENTIFIER. All 3597 invalid keys will be reported as an event 3598 when the container is starting. When a key 3599 exists in multiple sources, the value associated 3600 with the last source will take precedence. 3601 Values defined by an Env with a duplicate 3602 key will take precedence. Cannot be updated. 3603 items: 3604 description: EnvFromSource represents the 3605 source of a set of ConfigMaps 3606 properties: 3607 configMapRef: 3608 description: The ConfigMap to select from 3609 properties: 3610 name: 3611 description: 'Name of the referent. 3612 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3613 TODO: Add other useful fields. apiVersion, 3614 kind, uid?' 3615 type: string 3616 optional: 3617 description: Specify whether the ConfigMap 3618 must be defined 3619 type: boolean 3620 type: object 3621 prefix: 3622 description: An optional identifier to 3623 prepend to each key in the ConfigMap. 3624 Must be a C_IDENTIFIER. 3625 type: string 3626 secretRef: 3627 description: The Secret to select from 3628 properties: 3629 name: 3630 description: 'Name of the referent. 3631 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3632 TODO: Add other useful fields. apiVersion, 3633 kind, uid?' 3634 type: string 3635 optional: 3636 description: Specify whether the Secret 3637 must be defined 3638 type: boolean 3639 type: object 3640 type: object 3641 type: array 3642 image: 3643 description: 'Docker image name. More info: 3644 https://kubernetes.io/docs/concepts/containers/images' 3645 type: string 3646 imagePullPolicy: 3647 description: 'Image pull policy. One of Always, 3648 Never, IfNotPresent. Defaults to Always if 3649 :latest tag is specified, or IfNotPresent 3650 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3651 type: string 3652 lifecycle: 3653 description: Lifecycle is not allowed for ephemeral 3654 containers. 3655 properties: 3656 postStart: 3657 description: 'PostStart is called immediately 3658 after a container is created. If the handler 3659 fails, the container is terminated and 3660 restarted according to its restart policy. 3661 Other management of the container blocks 3662 until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3663 properties: 3664 exec: 3665 description: One and only one of the 3666 following should be specified. Exec 3667 specifies the action to take. 3668 properties: 3669 command: 3670 description: Command is the command 3671 line to execute inside the container, 3672 the working directory for the 3673 command is root ('/') in the 3674 container's filesystem. The command 3675 is simply exec'd, it is not run 3676 inside a shell, so traditional 3677 shell instructions ('|', etc) 3678 won't work. To use a shell, you 3679 need to explicitly call out to 3680 that shell. Exit status of 0 is 3681 treated as live/healthy and non-zero 3682 is unhealthy. 3683 items: 3684 type: string 3685 type: array 3686 type: object 3687 httpGet: 3688 description: HTTPGet specifies the http 3689 request to perform. 3690 properties: 3691 host: 3692 description: Host name to connect 3693 to, defaults to the pod IP. You 3694 probably want to set "Host" in 3695 httpHeaders instead. 3696 type: string 3697 httpHeaders: 3698 description: Custom headers to set 3699 in the request. HTTP allows repeated 3700 headers. 3701 items: 3702 description: HTTPHeader describes 3703 a custom header to be used in 3704 HTTP probes 3705 properties: 3706 name: 3707 description: The header field 3708 name 3709 type: string 3710 value: 3711 description: The header field 3712 value 3713 type: string 3714 required: 3715 - name 3716 - value 3717 type: object 3718 type: array 3719 path: 3720 description: Path to access on the 3721 HTTP server. 3722 type: string 3723 port: 3724 anyOf: 3725 - type: integer 3726 - type: string 3727 description: Name or number of the 3728 port to access on the container. 3729 Number must be in the range 1 3730 to 65535. Name must be an IANA_SVC_NAME. 3731 x-kubernetes-int-or-string: true 3732 scheme: 3733 description: Scheme to use for connecting 3734 to the host. Defaults to HTTP. 3735 type: string 3736 required: 3737 - port 3738 type: object 3739 tcpSocket: 3740 description: 'TCPSocket specifies an 3741 action involving a TCP port. TCP hooks 3742 not yet supported TODO: implement 3743 a realistic TCP lifecycle hook' 3744 properties: 3745 host: 3746 description: 'Optional: Host name 3747 to connect to, defaults to the 3748 pod IP.' 3749 type: string 3750 port: 3751 anyOf: 3752 - type: integer 3753 - type: string 3754 description: Number or name of the 3755 port to access on the container. 3756 Number must be in the range 1 3757 to 65535. Name must be an IANA_SVC_NAME. 3758 x-kubernetes-int-or-string: true 3759 required: 3760 - port 3761 type: object 3762 type: object 3763 preStop: 3764 description: 'PreStop is called immediately 3765 before a container is terminated due to 3766 an API request or management event such 3767 as liveness/startup probe failure, preemption, 3768 resource contention, etc. The handler 3769 is not called if the container crashes 3770 or exits. The reason for termination is 3771 passed to the handler. The Pod''s termination 3772 grace period countdown begins before the 3773 PreStop hooked is executed. Regardless 3774 of the outcome of the handler, the container 3775 will eventually terminate within the Pod''s 3776 termination grace period. Other management 3777 of the container blocks until the hook 3778 completes or until the termination grace 3779 period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3780 properties: 3781 exec: 3782 description: One and only one of the 3783 following should be specified. Exec 3784 specifies the action to take. 3785 properties: 3786 command: 3787 description: Command is the command 3788 line to execute inside the container, 3789 the working directory for the 3790 command is root ('/') in the 3791 container's filesystem. The command 3792 is simply exec'd, it is not run 3793 inside a shell, so traditional 3794 shell instructions ('|', etc) 3795 won't work. To use a shell, you 3796 need to explicitly call out to 3797 that shell. Exit status of 0 is 3798 treated as live/healthy and non-zero 3799 is unhealthy. 3800 items: 3801 type: string 3802 type: array 3803 type: object 3804 httpGet: 3805 description: HTTPGet specifies the http 3806 request to perform. 3807 properties: 3808 host: 3809 description: Host name to connect 3810 to, defaults to the pod IP. You 3811 probably want to set "Host" in 3812 httpHeaders instead. 3813 type: string 3814 httpHeaders: 3815 description: Custom headers to set 3816 in the request. HTTP allows repeated 3817 headers. 3818 items: 3819 description: HTTPHeader describes 3820 a custom header to be used in 3821 HTTP probes 3822 properties: 3823 name: 3824 description: The header field 3825 name 3826 type: string 3827 value: 3828 description: The header field 3829 value 3830 type: string 3831 required: 3832 - name 3833 - value 3834 type: object 3835 type: array 3836 path: 3837 description: Path to access on the 3838 HTTP server. 3839 type: string 3840 port: 3841 anyOf: 3842 - type: integer 3843 - type: string 3844 description: Name or number of the 3845 port to access on the container. 3846 Number must be in the range 1 3847 to 65535. Name must be an IANA_SVC_NAME. 3848 x-kubernetes-int-or-string: true 3849 scheme: 3850 description: Scheme to use for connecting 3851 to the host. Defaults to HTTP. 3852 type: string 3853 required: 3854 - port 3855 type: object 3856 tcpSocket: 3857 description: 'TCPSocket specifies an 3858 action involving a TCP port. TCP hooks 3859 not yet supported TODO: implement 3860 a realistic TCP lifecycle hook' 3861 properties: 3862 host: 3863 description: 'Optional: Host name 3864 to connect to, defaults to the 3865 pod IP.' 3866 type: string 3867 port: 3868 anyOf: 3869 - type: integer 3870 - type: string 3871 description: Number or name of the 3872 port to access on the container. 3873 Number must be in the range 1 3874 to 65535. Name must be an IANA_SVC_NAME. 3875 x-kubernetes-int-or-string: true 3876 required: 3877 - port 3878 type: object 3879 type: object 3880 type: object 3881 livenessProbe: 3882 description: Probes are not allowed for ephemeral 3883 containers. 3884 properties: 3885 exec: 3886 description: One and only one of the following 3887 should be specified. Exec specifies the 3888 action to take. 3889 properties: 3890 command: 3891 description: Command is the command 3892 line to execute inside the container, 3893 the working directory for the command is 3894 root ('/') in the container's filesystem. 3895 The command is simply exec'd, it is 3896 not run inside a shell, so traditional 3897 shell instructions ('|', etc) won't 3898 work. To use a shell, you need to 3899 explicitly call out to that shell. 3900 Exit status of 0 is treated as live/healthy 3901 and non-zero is unhealthy. 3902 items: 3903 type: string 3904 type: array 3905 type: object 3906 failureThreshold: 3907 description: Minimum consecutive failures 3908 for the probe to be considered failed 3909 after having succeeded. Defaults to 3. 3910 Minimum value is 1. 3911 format: int32 3912 type: integer 3913 httpGet: 3914 description: HTTPGet specifies the http 3915 request to perform. 3916 properties: 3917 host: 3918 description: Host name to connect to, 3919 defaults to the pod IP. You probably 3920 want to set "Host" in httpHeaders 3921 instead. 3922 type: string 3923 httpHeaders: 3924 description: Custom headers to set in 3925 the request. HTTP allows repeated 3926 headers. 3927 items: 3928 description: HTTPHeader describes 3929 a custom header to be used in HTTP 3930 probes 3931 properties: 3932 name: 3933 description: The header field 3934 name 3935 type: string 3936 value: 3937 description: The header field 3938 value 3939 type: string 3940 required: 3941 - name 3942 - value 3943 type: object 3944 type: array 3945 path: 3946 description: Path to access on the HTTP 3947 server. 3948 type: string 3949 port: 3950 anyOf: 3951 - type: integer 3952 - type: string 3953 description: Name or number of the port 3954 to access on the container. Number 3955 must be in the range 1 to 65535. Name 3956 must be an IANA_SVC_NAME. 3957 x-kubernetes-int-or-string: true 3958 scheme: 3959 description: Scheme to use for connecting 3960 to the host. Defaults to HTTP. 3961 type: string 3962 required: 3963 - port 3964 type: object 3965 initialDelaySeconds: 3966 description: 'Number of seconds after the 3967 container has started before liveness 3968 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3969 format: int32 3970 type: integer 3971 periodSeconds: 3972 description: How often (in seconds) to perform 3973 the probe. Default to 10 seconds. Minimum 3974 value is 1. 3975 format: int32 3976 type: integer 3977 successThreshold: 3978 description: Minimum consecutive successes 3979 for the probe to be considered successful 3980 after having failed. Defaults to 1. Must 3981 be 1 for liveness and startup. Minimum 3982 value is 1. 3983 format: int32 3984 type: integer 3985 tcpSocket: 3986 description: 'TCPSocket specifies an action 3987 involving a TCP port. TCP hooks not yet 3988 supported TODO: implement a realistic 3989 TCP lifecycle hook' 3990 properties: 3991 host: 3992 description: 'Optional: Host name to 3993 connect to, defaults to the pod IP.' 3994 type: string 3995 port: 3996 anyOf: 3997 - type: integer 3998 - type: string 3999 description: Number or name of the port 4000 to access on the container. Number 4001 must be in the range 1 to 65535. Name 4002 must be an IANA_SVC_NAME. 4003 x-kubernetes-int-or-string: true 4004 required: 4005 - port 4006 type: object 4007 terminationGracePeriodSeconds: 4008 description: Optional duration in seconds 4009 the pod needs to terminate gracefully 4010 upon probe failure. The grace period is 4011 the duration in seconds after the processes 4012 running in the pod are sent a termination 4013 signal and the time when the processes 4014 are forcibly halted with a kill signal. 4015 Set this value longer than the expected 4016 cleanup time for your process. If this 4017 value is nil, the pod's terminationGracePeriodSeconds 4018 will be used. Otherwise, this value overrides 4019 the value provided by the pod spec. Value 4020 must be non-negative integer. The value 4021 zero indicates stop immediately via the 4022 kill signal (no opportunity to shut down). 4023 This is an alpha field and requires enabling 4024 ProbeTerminationGracePeriod feature gate. 4025 format: int64 4026 type: integer 4027 timeoutSeconds: 4028 description: 'Number of seconds after which 4029 the probe times out. Defaults to 1 second. 4030 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4031 format: int32 4032 type: integer 4033 type: object 4034 name: 4035 description: Name of the ephemeral container 4036 specified as a DNS_LABEL. This name must be 4037 unique among all containers, init containers 4038 and ephemeral containers. 4039 type: string 4040 ports: 4041 description: Ports are not allowed for ephemeral 4042 containers. 4043 items: 4044 description: ContainerPort represents a network 4045 port in a single container. 4046 properties: 4047 containerPort: 4048 description: Number of port to expose 4049 on the pod's IP address. This must be 4050 a valid port number, 0 < x < 65536. 4051 format: int32 4052 type: integer 4053 hostIP: 4054 description: What host IP to bind the 4055 external port to. 4056 type: string 4057 hostPort: 4058 description: Number of port to expose 4059 on the host. If specified, this must 4060 be a valid port number, 0 < x < 65536. 4061 If HostNetwork is specified, this must 4062 match ContainerPort. Most containers 4063 do not need this. 4064 format: int32 4065 type: integer 4066 name: 4067 description: If specified, this must be 4068 an IANA_SVC_NAME and unique within the 4069 pod. Each named port in a pod must have 4070 a unique name. Name for the port that 4071 can be referred to by services. 4072 type: string 4073 protocol: 4074 default: TCP 4075 description: Protocol for port. Must be 4076 UDP, TCP, or SCTP. Defaults to "TCP". 4077 type: string 4078 required: 4079 - containerPort 4080 type: object 4081 type: array 4082 readinessProbe: 4083 description: Probes are not allowed for ephemeral 4084 containers. 4085 properties: 4086 exec: 4087 description: One and only one of the following 4088 should be specified. Exec specifies the 4089 action to take. 4090 properties: 4091 command: 4092 description: Command is the command 4093 line to execute inside the container, 4094 the working directory for the command is 4095 root ('/') in the container's filesystem. 4096 The command is simply exec'd, it is 4097 not run inside a shell, so traditional 4098 shell instructions ('|', etc) won't 4099 work. To use a shell, you need to 4100 explicitly call out to that shell. 4101 Exit status of 0 is treated as live/healthy 4102 and non-zero is unhealthy. 4103 items: 4104 type: string 4105 type: array 4106 type: object 4107 failureThreshold: 4108 description: Minimum consecutive failures 4109 for the probe to be considered failed 4110 after having succeeded. Defaults to 3. 4111 Minimum value is 1. 4112 format: int32 4113 type: integer 4114 httpGet: 4115 description: HTTPGet specifies the http 4116 request to perform. 4117 properties: 4118 host: 4119 description: Host name to connect to, 4120 defaults to the pod IP. You probably 4121 want to set "Host" in httpHeaders 4122 instead. 4123 type: string 4124 httpHeaders: 4125 description: Custom headers to set in 4126 the request. HTTP allows repeated 4127 headers. 4128 items: 4129 description: HTTPHeader describes 4130 a custom header to be used in HTTP 4131 probes 4132 properties: 4133 name: 4134 description: The header field 4135 name 4136 type: string 4137 value: 4138 description: The header field 4139 value 4140 type: string 4141 required: 4142 - name 4143 - value 4144 type: object 4145 type: array 4146 path: 4147 description: Path to access on the HTTP 4148 server. 4149 type: string 4150 port: 4151 anyOf: 4152 - type: integer 4153 - type: string 4154 description: Name or number of the port 4155 to access on the container. Number 4156 must be in the range 1 to 65535. Name 4157 must be an IANA_SVC_NAME. 4158 x-kubernetes-int-or-string: true 4159 scheme: 4160 description: Scheme to use for connecting 4161 to the host. Defaults to HTTP. 4162 type: string 4163 required: 4164 - port 4165 type: object 4166 initialDelaySeconds: 4167 description: 'Number of seconds after the 4168 container has started before liveness 4169 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4170 format: int32 4171 type: integer 4172 periodSeconds: 4173 description: How often (in seconds) to perform 4174 the probe. Default to 10 seconds. Minimum 4175 value is 1. 4176 format: int32 4177 type: integer 4178 successThreshold: 4179 description: Minimum consecutive successes 4180 for the probe to be considered successful 4181 after having failed. Defaults to 1. Must 4182 be 1 for liveness and startup. Minimum 4183 value is 1. 4184 format: int32 4185 type: integer 4186 tcpSocket: 4187 description: 'TCPSocket specifies an action 4188 involving a TCP port. TCP hooks not yet 4189 supported TODO: implement a realistic 4190 TCP lifecycle hook' 4191 properties: 4192 host: 4193 description: 'Optional: Host name to 4194 connect to, defaults to the pod IP.' 4195 type: string 4196 port: 4197 anyOf: 4198 - type: integer 4199 - type: string 4200 description: Number or name of the port 4201 to access on the container. Number 4202 must be in the range 1 to 65535. Name 4203 must be an IANA_SVC_NAME. 4204 x-kubernetes-int-or-string: true 4205 required: 4206 - port 4207 type: object 4208 terminationGracePeriodSeconds: 4209 description: Optional duration in seconds 4210 the pod needs to terminate gracefully 4211 upon probe failure. The grace period is 4212 the duration in seconds after the processes 4213 running in the pod are sent a termination 4214 signal and the time when the processes 4215 are forcibly halted with a kill signal. 4216 Set this value longer than the expected 4217 cleanup time for your process. If this 4218 value is nil, the pod's terminationGracePeriodSeconds 4219 will be used. Otherwise, this value overrides 4220 the value provided by the pod spec. Value 4221 must be non-negative integer. The value 4222 zero indicates stop immediately via the 4223 kill signal (no opportunity to shut down). 4224 This is an alpha field and requires enabling 4225 ProbeTerminationGracePeriod feature gate. 4226 format: int64 4227 type: integer 4228 timeoutSeconds: 4229 description: 'Number of seconds after which 4230 the probe times out. Defaults to 1 second. 4231 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4232 format: int32 4233 type: integer 4234 type: object 4235 resources: 4236 description: Resources are not allowed for ephemeral 4237 containers. Ephemeral containers use spare 4238 resources already allocated to the pod. 4239 properties: 4240 limits: 4241 additionalProperties: 4242 anyOf: 4243 - type: integer 4244 - type: string 4245 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4246 x-kubernetes-int-or-string: true 4247 description: 'Limits describes the maximum 4248 amount of compute resources allowed. More 4249 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4250 type: object 4251 requests: 4252 additionalProperties: 4253 anyOf: 4254 - type: integer 4255 - type: string 4256 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4257 x-kubernetes-int-or-string: true 4258 description: 'Requests describes the minimum 4259 amount of compute resources required. 4260 If Requests is omitted for a container, 4261 it defaults to Limits if that is explicitly 4262 specified, otherwise to an implementation-defined 4263 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4264 type: object 4265 type: object 4266 securityContext: 4267 description: SecurityContext is not allowed 4268 for ephemeral containers. 4269 properties: 4270 allowPrivilegeEscalation: 4271 description: 'AllowPrivilegeEscalation controls 4272 whether a process can gain more privileges 4273 than its parent process. This bool directly 4274 controls if the no_new_privs flag will 4275 be set on the container process. AllowPrivilegeEscalation 4276 is true always when the container is: 4277 1) run as Privileged 2) has CAP_SYS_ADMIN' 4278 type: boolean 4279 capabilities: 4280 description: The capabilities to add/drop 4281 when running containers. Defaults to the 4282 default set of capabilities granted by 4283 the container runtime. 4284 properties: 4285 add: 4286 description: Added capabilities 4287 items: 4288 description: Capability represent 4289 POSIX capabilities type 4290 type: string 4291 type: array 4292 drop: 4293 description: Removed capabilities 4294 items: 4295 description: Capability represent 4296 POSIX capabilities type 4297 type: string 4298 type: array 4299 type: object 4300 privileged: 4301 description: Run container in privileged 4302 mode. Processes in privileged containers 4303 are essentially equivalent to root on 4304 the host. Defaults to false. 4305 type: boolean 4306 procMount: 4307 description: procMount denotes the type 4308 of proc mount to use for the containers. 4309 The default is DefaultProcMount which 4310 uses the container runtime defaults for 4311 readonly paths and masked paths. This 4312 requires the ProcMountType feature flag 4313 to be enabled. 4314 type: string 4315 readOnlyRootFilesystem: 4316 description: Whether this container has 4317 a read-only root filesystem. Default is 4318 false. 4319 type: boolean 4320 runAsGroup: 4321 description: The GID to run the entrypoint 4322 of the container process. Uses runtime 4323 default if unset. May also be set in PodSecurityContext. If 4324 set in both SecurityContext and PodSecurityContext, 4325 the value specified in SecurityContext 4326 takes precedence. 4327 format: int64 4328 type: integer 4329 runAsNonRoot: 4330 description: Indicates that the container 4331 must run as a non-root user. If true, 4332 the Kubelet will validate the image at 4333 runtime to ensure that it does not run 4334 as UID 0 (root) and fail to start the 4335 container if it does. If unset or false, 4336 no such validation will be performed. 4337 May also be set in PodSecurityContext. If 4338 set in both SecurityContext and PodSecurityContext, 4339 the value specified in SecurityContext 4340 takes precedence. 4341 type: boolean 4342 runAsUser: 4343 description: The UID to run the entrypoint 4344 of the container process. Defaults to 4345 user specified in image metadata if unspecified. 4346 May also be set in PodSecurityContext. If 4347 set in both SecurityContext and PodSecurityContext, 4348 the value specified in SecurityContext 4349 takes precedence. 4350 format: int64 4351 type: integer 4352 seLinuxOptions: 4353 description: The SELinux context to be applied 4354 to the container. If unspecified, the 4355 container runtime will allocate a random 4356 SELinux context for each container. May 4357 also be set in PodSecurityContext. If 4358 set in both SecurityContext and PodSecurityContext, 4359 the value specified in SecurityContext 4360 takes precedence. 4361 properties: 4362 level: 4363 description: Level is SELinux level 4364 label that applies to the container. 4365 type: string 4366 role: 4367 description: Role is a SELinux role 4368 label that applies to the container. 4369 type: string 4370 type: 4371 description: Type is a SELinux type 4372 label that applies to the container. 4373 type: string 4374 user: 4375 description: User is a SELinux user 4376 label that applies to the container. 4377 type: string 4378 type: object 4379 seccompProfile: 4380 description: The seccomp options to use 4381 by this container. If seccomp options 4382 are provided at both the pod & container 4383 level, the container options override 4384 the pod options. 4385 properties: 4386 localhostProfile: 4387 description: localhostProfile indicates 4388 a profile defined in a file on the 4389 node should be used. The profile must 4390 be preconfigured on the node to work. 4391 Must be a descending path, relative 4392 to the kubelet's configured seccomp 4393 profile location. Must only be set 4394 if type is "Localhost". 4395 type: string 4396 type: 4397 description: "type indicates which kind 4398 of seccomp profile will be applied. 4399 Valid options are: \n Localhost - 4400 a profile defined in a file on the 4401 node should be used. RuntimeDefault 4402 - the container runtime default profile 4403 should be used. Unconfined - no profile 4404 should be applied." 4405 type: string 4406 required: 4407 - type 4408 type: object 4409 windowsOptions: 4410 description: The Windows specific settings 4411 applied to all containers. If unspecified, 4412 the options from the PodSecurityContext 4413 will be used. If set in both SecurityContext 4414 and PodSecurityContext, the value specified 4415 in SecurityContext takes precedence. 4416 properties: 4417 gmsaCredentialSpec: 4418 description: GMSACredentialSpec is where 4419 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4420 inlines the contents of the GMSA credential 4421 spec named by the GMSACredentialSpecName 4422 field. 4423 type: string 4424 gmsaCredentialSpecName: 4425 description: GMSACredentialSpecName 4426 is the name of the GMSA credential 4427 spec to use. 4428 type: string 4429 runAsUserName: 4430 description: The UserName in Windows 4431 to run the entrypoint of the container 4432 process. Defaults to the user specified 4433 in image metadata if unspecified. 4434 May also be set in PodSecurityContext. 4435 If set in both SecurityContext and 4436 PodSecurityContext, the value specified 4437 in SecurityContext takes precedence. 4438 type: string 4439 type: object 4440 type: object 4441 startupProbe: 4442 description: Probes are not allowed for ephemeral 4443 containers. 4444 properties: 4445 exec: 4446 description: One and only one of the following 4447 should be specified. Exec specifies the 4448 action to take. 4449 properties: 4450 command: 4451 description: Command is the command 4452 line to execute inside the container, 4453 the working directory for the command is 4454 root ('/') in the container's filesystem. 4455 The command is simply exec'd, it is 4456 not run inside a shell, so traditional 4457 shell instructions ('|', etc) won't 4458 work. To use a shell, you need to 4459 explicitly call out to that shell. 4460 Exit status of 0 is treated as live/healthy 4461 and non-zero is unhealthy. 4462 items: 4463 type: string 4464 type: array 4465 type: object 4466 failureThreshold: 4467 description: Minimum consecutive failures 4468 for the probe to be considered failed 4469 after having succeeded. Defaults to 3. 4470 Minimum value is 1. 4471 format: int32 4472 type: integer 4473 httpGet: 4474 description: HTTPGet specifies the http 4475 request to perform. 4476 properties: 4477 host: 4478 description: Host name to connect to, 4479 defaults to the pod IP. You probably 4480 want to set "Host" in httpHeaders 4481 instead. 4482 type: string 4483 httpHeaders: 4484 description: Custom headers to set in 4485 the request. HTTP allows repeated 4486 headers. 4487 items: 4488 description: HTTPHeader describes 4489 a custom header to be used in HTTP 4490 probes 4491 properties: 4492 name: 4493 description: The header field 4494 name 4495 type: string 4496 value: 4497 description: The header field 4498 value 4499 type: string 4500 required: 4501 - name 4502 - value 4503 type: object 4504 type: array 4505 path: 4506 description: Path to access on the HTTP 4507 server. 4508 type: string 4509 port: 4510 anyOf: 4511 - type: integer 4512 - type: string 4513 description: Name or number of the port 4514 to access on the container. Number 4515 must be in the range 1 to 65535. Name 4516 must be an IANA_SVC_NAME. 4517 x-kubernetes-int-or-string: true 4518 scheme: 4519 description: Scheme to use for connecting 4520 to the host. Defaults to HTTP. 4521 type: string 4522 required: 4523 - port 4524 type: object 4525 initialDelaySeconds: 4526 description: 'Number of seconds after the 4527 container has started before liveness 4528 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4529 format: int32 4530 type: integer 4531 periodSeconds: 4532 description: How often (in seconds) to perform 4533 the probe. Default to 10 seconds. Minimum 4534 value is 1. 4535 format: int32 4536 type: integer 4537 successThreshold: 4538 description: Minimum consecutive successes 4539 for the probe to be considered successful 4540 after having failed. Defaults to 1. Must 4541 be 1 for liveness and startup. Minimum 4542 value is 1. 4543 format: int32 4544 type: integer 4545 tcpSocket: 4546 description: 'TCPSocket specifies an action 4547 involving a TCP port. TCP hooks not yet 4548 supported TODO: implement a realistic 4549 TCP lifecycle hook' 4550 properties: 4551 host: 4552 description: 'Optional: Host name to 4553 connect to, defaults to the pod IP.' 4554 type: string 4555 port: 4556 anyOf: 4557 - type: integer 4558 - type: string 4559 description: Number or name of the port 4560 to access on the container. Number 4561 must be in the range 1 to 65535. Name 4562 must be an IANA_SVC_NAME. 4563 x-kubernetes-int-or-string: true 4564 required: 4565 - port 4566 type: object 4567 terminationGracePeriodSeconds: 4568 description: Optional duration in seconds 4569 the pod needs to terminate gracefully 4570 upon probe failure. The grace period is 4571 the duration in seconds after the processes 4572 running in the pod are sent a termination 4573 signal and the time when the processes 4574 are forcibly halted with a kill signal. 4575 Set this value longer than the expected 4576 cleanup time for your process. If this 4577 value is nil, the pod's terminationGracePeriodSeconds 4578 will be used. Otherwise, this value overrides 4579 the value provided by the pod spec. Value 4580 must be non-negative integer. The value 4581 zero indicates stop immediately via the 4582 kill signal (no opportunity to shut down). 4583 This is an alpha field and requires enabling 4584 ProbeTerminationGracePeriod feature gate. 4585 format: int64 4586 type: integer 4587 timeoutSeconds: 4588 description: 'Number of seconds after which 4589 the probe times out. Defaults to 1 second. 4590 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4591 format: int32 4592 type: integer 4593 type: object 4594 stdin: 4595 description: Whether this container should allocate 4596 a buffer for stdin in the container runtime. 4597 If this is not set, reads from stdin in the 4598 container will always result in EOF. Default 4599 is false. 4600 type: boolean 4601 stdinOnce: 4602 description: Whether the container runtime should 4603 close the stdin channel after it has been 4604 opened by a single attach. When stdin is true 4605 the stdin stream will remain open across multiple 4606 attach sessions. If stdinOnce is set to true, 4607 stdin is opened on container start, is empty 4608 until the first client attaches to stdin, 4609 and then remains open and accepts data until 4610 the client disconnects, at which time stdin 4611 is closed and remains closed until the container 4612 is restarted. If this flag is false, a container 4613 processes that reads from stdin will never 4614 receive an EOF. Default is false 4615 type: boolean 4616 targetContainerName: 4617 description: If set, the name of the container 4618 from PodSpec that this ephemeral container 4619 targets. The ephemeral container will be run 4620 in the namespaces (IPC, PID, etc) of this 4621 container. If not set then the ephemeral container 4622 is run in whatever namespaces are shared for 4623 the pod. Note that the container runtime must 4624 support this feature. 4625 type: string 4626 terminationMessagePath: 4627 description: 'Optional: Path at which the file 4628 to which the container''s termination message 4629 will be written is mounted into the container''s 4630 filesystem. Message written is intended to 4631 be brief final status, such as an assertion 4632 failure message. Will be truncated by the 4633 node if greater than 4096 bytes. The total 4634 message length across all containers will 4635 be limited to 12kb. Defaults to /dev/termination-log. 4636 Cannot be updated.' 4637 type: string 4638 terminationMessagePolicy: 4639 description: Indicate how the termination message 4640 should be populated. File will use the contents 4641 of terminationMessagePath to populate the 4642 container status message on both success and 4643 failure. FallbackToLogsOnError will use the 4644 last chunk of container log output if the 4645 termination message file is empty and the 4646 container exited with an error. The log output 4647 is limited to 2048 bytes or 80 lines, whichever 4648 is smaller. Defaults to File. Cannot be updated. 4649 type: string 4650 tty: 4651 description: Whether this container should allocate 4652 a TTY for itself, also requires 'stdin' to 4653 be true. Default is false. 4654 type: boolean 4655 volumeDevices: 4656 description: volumeDevices is the list of block 4657 devices to be used by the container. 4658 items: 4659 description: volumeDevice describes a mapping 4660 of a raw block device within a container. 4661 properties: 4662 devicePath: 4663 description: devicePath is the path inside 4664 of the container that the device will 4665 be mapped to. 4666 type: string 4667 name: 4668 description: name must match the name 4669 of a persistentVolumeClaim in the pod 4670 type: string 4671 required: 4672 - devicePath 4673 - name 4674 type: object 4675 type: array 4676 volumeMounts: 4677 description: Pod volumes to mount into the container's 4678 filesystem. Cannot be updated. 4679 items: 4680 description: VolumeMount describes a mounting 4681 of a Volume within a container. 4682 properties: 4683 mountPath: 4684 description: Path within the container 4685 at which the volume should be mounted. Must 4686 not contain ':'. 4687 type: string 4688 mountPropagation: 4689 description: mountPropagation determines 4690 how mounts are propagated from the host 4691 to container and the other way around. 4692 When not set, MountPropagationNone is 4693 used. This field is beta in 1.10. 4694 type: string 4695 name: 4696 description: This must match the Name 4697 of a Volume. 4698 type: string 4699 readOnly: 4700 description: Mounted read-only if true, 4701 read-write otherwise (false or unspecified). 4702 Defaults to false. 4703 type: boolean 4704 subPath: 4705 description: Path within the volume from 4706 which the container's volume should 4707 be mounted. Defaults to "" (volume's 4708 root). 4709 type: string 4710 subPathExpr: 4711 description: Expanded path within the 4712 volume from which the container's volume 4713 should be mounted. Behaves similarly 4714 to SubPath but environment variable 4715 references $(VAR_NAME) are expanded 4716 using the container's environment. Defaults 4717 to "" (volume's root). SubPathExpr and 4718 SubPath are mutually exclusive. 4719 type: string 4720 required: 4721 - mountPath 4722 - name 4723 type: object 4724 type: array 4725 workingDir: 4726 description: Container's working directory. 4727 If not specified, the container runtime's 4728 default will be used, which might be configured 4729 in the container image. Cannot be updated. 4730 type: string 4731 required: 4732 - name 4733 type: object 4734 type: array 4735 hostAliases: 4736 description: HostAliases is an optional list of hosts 4737 and IPs that will be injected into the pod's hosts 4738 file if specified. This is only valid for non-hostNetwork 4739 pods. 4740 items: 4741 description: HostAlias holds the mapping between 4742 IP and hostnames that will be injected as an entry 4743 in the pod's hosts file. 4744 properties: 4745 hostnames: 4746 description: Hostnames for the above IP address. 4747 items: 4748 type: string 4749 type: array 4750 ip: 4751 description: IP address of the host file entry. 4752 type: string 4753 type: object 4754 type: array 4755 hostIPC: 4756 description: 'Use the host''s ipc namespace. Optional: 4757 Default to false.' 4758 type: boolean 4759 hostNetwork: 4760 description: Host networking requested for this pod. 4761 Use the host's network namespace. If this option 4762 is set, the ports that will be used must be specified. 4763 Default to false. 4764 type: boolean 4765 hostPID: 4766 description: 'Use the host''s pid namespace. Optional: 4767 Default to false.' 4768 type: boolean 4769 hostname: 4770 description: Specifies the hostname of the Pod If 4771 not specified, the pod's hostname will be set to 4772 a system-defined value. 4773 type: string 4774 imagePullSecrets: 4775 description: 'ImagePullSecrets is an optional list 4776 of references to secrets in the same namespace to 4777 use for pulling any of the images used by this PodSpec. 4778 If specified, these secrets will be passed to individual 4779 puller implementations for them to use. For example, 4780 in the case of docker, only DockerConfig type secrets 4781 are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' 4782 items: 4783 description: LocalObjectReference contains enough 4784 information to let you locate the referenced object 4785 inside the same namespace. 4786 properties: 4787 name: 4788 description: 'Name of the referent. More info: 4789 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4790 TODO: Add other useful fields. apiVersion, 4791 kind, uid?' 4792 type: string 4793 type: object 4794 type: array 4795 initContainers: 4796 description: 'List of initialization containers belonging 4797 to the pod. Init containers are executed in order 4798 prior to containers being started. If any init container 4799 fails, the pod is considered to have failed and 4800 is handled according to its restartPolicy. The name 4801 for an init container or normal container must be 4802 unique among all containers. Init containers may 4803 not have Lifecycle actions, Readiness probes, Liveness 4804 probes, or Startup probes. The resourceRequirements 4805 of an init container are taken into account during 4806 scheduling by finding the highest request/limit 4807 for each resource type, and then using the max of 4808 of that value or the sum of the normal containers. 4809 Limits are applied to init containers in a similar 4810 fashion. Init containers cannot currently be added 4811 or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' 4812 items: 4813 description: A single application container that 4814 you want to run within a pod. 4815 properties: 4816 args: 4817 description: 'Arguments to the entrypoint. The 4818 docker image''s CMD is used if this is not 4819 provided. Variable references $(VAR_NAME) 4820 are expanded using the container''s environment. 4821 If a variable cannot be resolved, the reference 4822 in the input string will be unchanged. The 4823 $(VAR_NAME) syntax can be escaped with a double 4824 $$, ie: $$(VAR_NAME). Escaped references will 4825 never be expanded, regardless of whether the 4826 variable exists or not. Cannot be updated. 4827 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4828 items: 4829 type: string 4830 type: array 4831 command: 4832 description: 'Entrypoint array. Not executed 4833 within a shell. The docker image''s ENTRYPOINT 4834 is used if this is not provided. Variable 4835 references $(VAR_NAME) are expanded using 4836 the container''s environment. If a variable 4837 cannot be resolved, the reference in the input 4838 string will be unchanged. The $(VAR_NAME) 4839 syntax can be escaped with a double $$, ie: 4840 $$(VAR_NAME). Escaped references will never 4841 be expanded, regardless of whether the variable 4842 exists or not. Cannot be updated. More info: 4843 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4844 items: 4845 type: string 4846 type: array 4847 env: 4848 description: List of environment variables to 4849 set in the container. Cannot be updated. 4850 items: 4851 description: EnvVar represents an environment 4852 variable present in a Container. 4853 properties: 4854 name: 4855 description: Name of the environment variable. 4856 Must be a C_IDENTIFIER. 4857 type: string 4858 value: 4859 description: 'Variable references $(VAR_NAME) 4860 are expanded using the previous defined 4861 environment variables in the container 4862 and any service environment variables. 4863 If a variable cannot be resolved, the 4864 reference in the input string will be 4865 unchanged. The $(VAR_NAME) syntax can 4866 be escaped with a double $$, ie: $$(VAR_NAME). 4867 Escaped references will never be expanded, 4868 regardless of whether the variable exists 4869 or not. Defaults to "".' 4870 type: string 4871 valueFrom: 4872 description: Source for the environment 4873 variable's value. Cannot be used if 4874 value is not empty. 4875 properties: 4876 configMapKeyRef: 4877 description: Selects a key of a ConfigMap. 4878 properties: 4879 key: 4880 description: The key to select. 4881 type: string 4882 name: 4883 description: 'Name of the referent. 4884 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4885 TODO: Add other useful fields. 4886 apiVersion, kind, uid?' 4887 type: string 4888 optional: 4889 description: Specify whether the 4890 ConfigMap or its key must be 4891 defined 4892 type: boolean 4893 required: 4894 - key 4895 type: object 4896 fieldRef: 4897 description: 'Selects a field of the 4898 pod: supports metadata.name, metadata.namespace, 4899 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 4900 spec.nodeName, spec.serviceAccountName, 4901 status.hostIP, status.podIP, status.podIPs.' 4902 properties: 4903 apiVersion: 4904 description: Version of the schema 4905 the FieldPath is written in 4906 terms of, defaults to "v1". 4907 type: string 4908 fieldPath: 4909 description: Path of the field 4910 to select in the specified API 4911 version. 4912 type: string 4913 required: 4914 - fieldPath 4915 type: object 4916 resourceFieldRef: 4917 description: 'Selects a resource of 4918 the container: only resources limits 4919 and requests (limits.cpu, limits.memory, 4920 limits.ephemeral-storage, requests.cpu, 4921 requests.memory and requests.ephemeral-storage) 4922 are currently supported.' 4923 properties: 4924 containerName: 4925 description: 'Container name: 4926 required for volumes, optional 4927 for env vars' 4928 type: string 4929 divisor: 4930 anyOf: 4931 - type: integer 4932 - type: string 4933 description: Specifies the output 4934 format of the exposed resources, 4935 defaults to "1" 4936 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4937 x-kubernetes-int-or-string: true 4938 resource: 4939 description: 'Required: resource 4940 to select' 4941 type: string 4942 required: 4943 - resource 4944 type: object 4945 secretKeyRef: 4946 description: Selects a key of a secret 4947 in the pod's namespace 4948 properties: 4949 key: 4950 description: The key of the secret 4951 to select from. Must be a valid 4952 secret key. 4953 type: string 4954 name: 4955 description: 'Name of the referent. 4956 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4957 TODO: Add other useful fields. 4958 apiVersion, kind, uid?' 4959 type: string 4960 optional: 4961 description: Specify whether the 4962 Secret or its key must be defined 4963 type: boolean 4964 required: 4965 - key 4966 type: object 4967 type: object 4968 required: 4969 - name 4970 type: object 4971 type: array 4972 envFrom: 4973 description: List of sources to populate environment 4974 variables in the container. The keys defined 4975 within a source must be a C_IDENTIFIER. All 4976 invalid keys will be reported as an event 4977 when the container is starting. When a key 4978 exists in multiple sources, the value associated 4979 with the last source will take precedence. 4980 Values defined by an Env with a duplicate 4981 key will take precedence. Cannot be updated. 4982 items: 4983 description: EnvFromSource represents the 4984 source of a set of ConfigMaps 4985 properties: 4986 configMapRef: 4987 description: The ConfigMap to select from 4988 properties: 4989 name: 4990 description: 'Name of the referent. 4991 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4992 TODO: Add other useful fields. apiVersion, 4993 kind, uid?' 4994 type: string 4995 optional: 4996 description: Specify whether the ConfigMap 4997 must be defined 4998 type: boolean 4999 type: object 5000 prefix: 5001 description: An optional identifier to 5002 prepend to each key in the ConfigMap. 5003 Must be a C_IDENTIFIER. 5004 type: string 5005 secretRef: 5006 description: The Secret to select from 5007 properties: 5008 name: 5009 description: 'Name of the referent. 5010 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5011 TODO: Add other useful fields. apiVersion, 5012 kind, uid?' 5013 type: string 5014 optional: 5015 description: Specify whether the Secret 5016 must be defined 5017 type: boolean 5018 type: object 5019 type: object 5020 type: array 5021 image: 5022 description: 'Docker image name. More info: 5023 https://kubernetes.io/docs/concepts/containers/images 5024 This field is optional to allow higher level 5025 config management to default or override container 5026 images in workload controllers like Deployments 5027 and StatefulSets.' 5028 type: string 5029 imagePullPolicy: 5030 description: 'Image pull policy. One of Always, 5031 Never, IfNotPresent. Defaults to Always if 5032 :latest tag is specified, or IfNotPresent 5033 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 5034 type: string 5035 lifecycle: 5036 description: Actions that the management system 5037 should take in response to container lifecycle 5038 events. Cannot be updated. 5039 properties: 5040 postStart: 5041 description: 'PostStart is called immediately 5042 after a container is created. If the handler 5043 fails, the container is terminated and 5044 restarted according to its restart policy. 5045 Other management of the container blocks 5046 until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5047 properties: 5048 exec: 5049 description: One and only one of the 5050 following should be specified. Exec 5051 specifies the action to take. 5052 properties: 5053 command: 5054 description: Command is the command 5055 line to execute inside the container, 5056 the working directory for the 5057 command is root ('/') in the 5058 container's filesystem. The command 5059 is simply exec'd, it is not run 5060 inside a shell, so traditional 5061 shell instructions ('|', etc) 5062 won't work. To use a shell, you 5063 need to explicitly call out to 5064 that shell. Exit status of 0 is 5065 treated as live/healthy and non-zero 5066 is unhealthy. 5067 items: 5068 type: string 5069 type: array 5070 type: object 5071 httpGet: 5072 description: HTTPGet specifies the http 5073 request to perform. 5074 properties: 5075 host: 5076 description: Host name to connect 5077 to, defaults to the pod IP. You 5078 probably want to set "Host" in 5079 httpHeaders instead. 5080 type: string 5081 httpHeaders: 5082 description: Custom headers to set 5083 in the request. HTTP allows repeated 5084 headers. 5085 items: 5086 description: HTTPHeader describes 5087 a custom header to be used in 5088 HTTP probes 5089 properties: 5090 name: 5091 description: The header field 5092 name 5093 type: string 5094 value: 5095 description: The header field 5096 value 5097 type: string 5098 required: 5099 - name 5100 - value 5101 type: object 5102 type: array 5103 path: 5104 description: Path to access on the 5105 HTTP server. 5106 type: string 5107 port: 5108 anyOf: 5109 - type: integer 5110 - type: string 5111 description: Name or number of the 5112 port to access on the container. 5113 Number must be in the range 1 5114 to 65535. Name must be an IANA_SVC_NAME. 5115 x-kubernetes-int-or-string: true 5116 scheme: 5117 description: Scheme to use for connecting 5118 to the host. Defaults to HTTP. 5119 type: string 5120 required: 5121 - port 5122 type: object 5123 tcpSocket: 5124 description: 'TCPSocket specifies an 5125 action involving a TCP port. TCP hooks 5126 not yet supported TODO: implement 5127 a realistic TCP lifecycle hook' 5128 properties: 5129 host: 5130 description: 'Optional: Host name 5131 to connect to, defaults to the 5132 pod IP.' 5133 type: string 5134 port: 5135 anyOf: 5136 - type: integer 5137 - type: string 5138 description: Number or name of the 5139 port to access on the container. 5140 Number must be in the range 1 5141 to 65535. Name must be an IANA_SVC_NAME. 5142 x-kubernetes-int-or-string: true 5143 required: 5144 - port 5145 type: object 5146 type: object 5147 preStop: 5148 description: 'PreStop is called immediately 5149 before a container is terminated due to 5150 an API request or management event such 5151 as liveness/startup probe failure, preemption, 5152 resource contention, etc. The handler 5153 is not called if the container crashes 5154 or exits. The reason for termination is 5155 passed to the handler. The Pod''s termination 5156 grace period countdown begins before the 5157 PreStop hooked is executed. Regardless 5158 of the outcome of the handler, the container 5159 will eventually terminate within the Pod''s 5160 termination grace period. Other management 5161 of the container blocks until the hook 5162 completes or until the termination grace 5163 period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5164 properties: 5165 exec: 5166 description: One and only one of the 5167 following should be specified. Exec 5168 specifies the action to take. 5169 properties: 5170 command: 5171 description: Command is the command 5172 line to execute inside the container, 5173 the working directory for the 5174 command is root ('/') in the 5175 container's filesystem. The command 5176 is simply exec'd, it is not run 5177 inside a shell, so traditional 5178 shell instructions ('|', etc) 5179 won't work. To use a shell, you 5180 need to explicitly call out to 5181 that shell. Exit status of 0 is 5182 treated as live/healthy and non-zero 5183 is unhealthy. 5184 items: 5185 type: string 5186 type: array 5187 type: object 5188 httpGet: 5189 description: HTTPGet specifies the http 5190 request to perform. 5191 properties: 5192 host: 5193 description: Host name to connect 5194 to, defaults to the pod IP. You 5195 probably want to set "Host" in 5196 httpHeaders instead. 5197 type: string 5198 httpHeaders: 5199 description: Custom headers to set 5200 in the request. HTTP allows repeated 5201 headers. 5202 items: 5203 description: HTTPHeader describes 5204 a custom header to be used in 5205 HTTP probes 5206 properties: 5207 name: 5208 description: The header field 5209 name 5210 type: string 5211 value: 5212 description: The header field 5213 value 5214 type: string 5215 required: 5216 - name 5217 - value 5218 type: object 5219 type: array 5220 path: 5221 description: Path to access on the 5222 HTTP server. 5223 type: string 5224 port: 5225 anyOf: 5226 - type: integer 5227 - type: string 5228 description: Name or number of the 5229 port to access on the container. 5230 Number must be in the range 1 5231 to 65535. Name must be an IANA_SVC_NAME. 5232 x-kubernetes-int-or-string: true 5233 scheme: 5234 description: Scheme to use for connecting 5235 to the host. Defaults to HTTP. 5236 type: string 5237 required: 5238 - port 5239 type: object 5240 tcpSocket: 5241 description: 'TCPSocket specifies an 5242 action involving a TCP port. TCP hooks 5243 not yet supported TODO: implement 5244 a realistic TCP lifecycle hook' 5245 properties: 5246 host: 5247 description: 'Optional: Host name 5248 to connect to, defaults to the 5249 pod IP.' 5250 type: string 5251 port: 5252 anyOf: 5253 - type: integer 5254 - type: string 5255 description: Number or name of the 5256 port to access on the container. 5257 Number must be in the range 1 5258 to 65535. Name must be an IANA_SVC_NAME. 5259 x-kubernetes-int-or-string: true 5260 required: 5261 - port 5262 type: object 5263 type: object 5264 type: object 5265 livenessProbe: 5266 description: 'Periodic probe of container liveness. 5267 Container will be restarted if the probe fails. 5268 Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5269 properties: 5270 exec: 5271 description: One and only one of the following 5272 should be specified. Exec specifies the 5273 action to take. 5274 properties: 5275 command: 5276 description: Command is the command 5277 line to execute inside the container, 5278 the working directory for the command is 5279 root ('/') in the container's filesystem. 5280 The command is simply exec'd, it is 5281 not run inside a shell, so traditional 5282 shell instructions ('|', etc) won't 5283 work. To use a shell, you need to 5284 explicitly call out to that shell. 5285 Exit status of 0 is treated as live/healthy 5286 and non-zero is unhealthy. 5287 items: 5288 type: string 5289 type: array 5290 type: object 5291 failureThreshold: 5292 description: Minimum consecutive failures 5293 for the probe to be considered failed 5294 after having succeeded. Defaults to 3. 5295 Minimum value is 1. 5296 format: int32 5297 type: integer 5298 httpGet: 5299 description: HTTPGet specifies the http 5300 request to perform. 5301 properties: 5302 host: 5303 description: Host name to connect to, 5304 defaults to the pod IP. You probably 5305 want to set "Host" in httpHeaders 5306 instead. 5307 type: string 5308 httpHeaders: 5309 description: Custom headers to set in 5310 the request. HTTP allows repeated 5311 headers. 5312 items: 5313 description: HTTPHeader describes 5314 a custom header to be used in HTTP 5315 probes 5316 properties: 5317 name: 5318 description: The header field 5319 name 5320 type: string 5321 value: 5322 description: The header field 5323 value 5324 type: string 5325 required: 5326 - name 5327 - value 5328 type: object 5329 type: array 5330 path: 5331 description: Path to access on the HTTP 5332 server. 5333 type: string 5334 port: 5335 anyOf: 5336 - type: integer 5337 - type: string 5338 description: Name or number of the port 5339 to access on the container. Number 5340 must be in the range 1 to 65535. Name 5341 must be an IANA_SVC_NAME. 5342 x-kubernetes-int-or-string: true 5343 scheme: 5344 description: Scheme to use for connecting 5345 to the host. Defaults to HTTP. 5346 type: string 5347 required: 5348 - port 5349 type: object 5350 initialDelaySeconds: 5351 description: 'Number of seconds after the 5352 container has started before liveness 5353 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5354 format: int32 5355 type: integer 5356 periodSeconds: 5357 description: How often (in seconds) to perform 5358 the probe. Default to 10 seconds. Minimum 5359 value is 1. 5360 format: int32 5361 type: integer 5362 successThreshold: 5363 description: Minimum consecutive successes 5364 for the probe to be considered successful 5365 after having failed. Defaults to 1. Must 5366 be 1 for liveness and startup. Minimum 5367 value is 1. 5368 format: int32 5369 type: integer 5370 tcpSocket: 5371 description: 'TCPSocket specifies an action 5372 involving a TCP port. TCP hooks not yet 5373 supported TODO: implement a realistic 5374 TCP lifecycle hook' 5375 properties: 5376 host: 5377 description: 'Optional: Host name to 5378 connect to, defaults to the pod IP.' 5379 type: string 5380 port: 5381 anyOf: 5382 - type: integer 5383 - type: string 5384 description: Number or name of the port 5385 to access on the container. Number 5386 must be in the range 1 to 65535. Name 5387 must be an IANA_SVC_NAME. 5388 x-kubernetes-int-or-string: true 5389 required: 5390 - port 5391 type: object 5392 terminationGracePeriodSeconds: 5393 description: Optional duration in seconds 5394 the pod needs to terminate gracefully 5395 upon probe failure. The grace period is 5396 the duration in seconds after the processes 5397 running in the pod are sent a termination 5398 signal and the time when the processes 5399 are forcibly halted with a kill signal. 5400 Set this value longer than the expected 5401 cleanup time for your process. If this 5402 value is nil, the pod's terminationGracePeriodSeconds 5403 will be used. Otherwise, this value overrides 5404 the value provided by the pod spec. Value 5405 must be non-negative integer. The value 5406 zero indicates stop immediately via the 5407 kill signal (no opportunity to shut down). 5408 This is an alpha field and requires enabling 5409 ProbeTerminationGracePeriod feature gate. 5410 format: int64 5411 type: integer 5412 timeoutSeconds: 5413 description: 'Number of seconds after which 5414 the probe times out. Defaults to 1 second. 5415 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5416 format: int32 5417 type: integer 5418 type: object 5419 name: 5420 description: Name of the container specified 5421 as a DNS_LABEL. Each container in a pod must 5422 have a unique name (DNS_LABEL). Cannot be 5423 updated. 5424 type: string 5425 ports: 5426 description: List of ports to expose from the 5427 container. Exposing a port here gives the 5428 system additional information about the network 5429 connections a container uses, but is primarily 5430 informational. Not specifying a port here 5431 DOES NOT prevent that port from being exposed. 5432 Any port which is listening on the default 5433 "0.0.0.0" address inside a container will 5434 be accessible from the network. Cannot be 5435 updated. 5436 items: 5437 description: ContainerPort represents a network 5438 port in a single container. 5439 properties: 5440 containerPort: 5441 description: Number of port to expose 5442 on the pod's IP address. This must be 5443 a valid port number, 0 < x < 65536. 5444 format: int32 5445 type: integer 5446 hostIP: 5447 description: What host IP to bind the 5448 external port to. 5449 type: string 5450 hostPort: 5451 description: Number of port to expose 5452 on the host. If specified, this must 5453 be a valid port number, 0 < x < 65536. 5454 If HostNetwork is specified, this must 5455 match ContainerPort. Most containers 5456 do not need this. 5457 format: int32 5458 type: integer 5459 name: 5460 description: If specified, this must be 5461 an IANA_SVC_NAME and unique within the 5462 pod. Each named port in a pod must have 5463 a unique name. Name for the port that 5464 can be referred to by services. 5465 type: string 5466 protocol: 5467 default: TCP 5468 description: Protocol for port. Must be 5469 UDP, TCP, or SCTP. Defaults to "TCP". 5470 type: string 5471 required: 5472 - containerPort 5473 type: object 5474 type: array 5475 x-kubernetes-list-map-keys: 5476 - containerPort 5477 - protocol 5478 x-kubernetes-list-type: map 5479 readinessProbe: 5480 description: 'Periodic probe of container service 5481 readiness. Container will be removed from 5482 service endpoints if the probe fails. Cannot 5483 be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5484 properties: 5485 exec: 5486 description: One and only one of the following 5487 should be specified. Exec specifies the 5488 action to take. 5489 properties: 5490 command: 5491 description: Command is the command 5492 line to execute inside the container, 5493 the working directory for the command is 5494 root ('/') in the container's filesystem. 5495 The command is simply exec'd, it is 5496 not run inside a shell, so traditional 5497 shell instructions ('|', etc) won't 5498 work. To use a shell, you need to 5499 explicitly call out to that shell. 5500 Exit status of 0 is treated as live/healthy 5501 and non-zero is unhealthy. 5502 items: 5503 type: string 5504 type: array 5505 type: object 5506 failureThreshold: 5507 description: Minimum consecutive failures 5508 for the probe to be considered failed 5509 after having succeeded. Defaults to 3. 5510 Minimum value is 1. 5511 format: int32 5512 type: integer 5513 httpGet: 5514 description: HTTPGet specifies the http 5515 request to perform. 5516 properties: 5517 host: 5518 description: Host name to connect to, 5519 defaults to the pod IP. You probably 5520 want to set "Host" in httpHeaders 5521 instead. 5522 type: string 5523 httpHeaders: 5524 description: Custom headers to set in 5525 the request. HTTP allows repeated 5526 headers. 5527 items: 5528 description: HTTPHeader describes 5529 a custom header to be used in HTTP 5530 probes 5531 properties: 5532 name: 5533 description: The header field 5534 name 5535 type: string 5536 value: 5537 description: The header field 5538 value 5539 type: string 5540 required: 5541 - name 5542 - value 5543 type: object 5544 type: array 5545 path: 5546 description: Path to access on the HTTP 5547 server. 5548 type: string 5549 port: 5550 anyOf: 5551 - type: integer 5552 - type: string 5553 description: Name or number of the port 5554 to access on the container. Number 5555 must be in the range 1 to 65535. Name 5556 must be an IANA_SVC_NAME. 5557 x-kubernetes-int-or-string: true 5558 scheme: 5559 description: Scheme to use for connecting 5560 to the host. Defaults to HTTP. 5561 type: string 5562 required: 5563 - port 5564 type: object 5565 initialDelaySeconds: 5566 description: 'Number of seconds after the 5567 container has started before liveness 5568 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5569 format: int32 5570 type: integer 5571 periodSeconds: 5572 description: How often (in seconds) to perform 5573 the probe. Default to 10 seconds. Minimum 5574 value is 1. 5575 format: int32 5576 type: integer 5577 successThreshold: 5578 description: Minimum consecutive successes 5579 for the probe to be considered successful 5580 after having failed. Defaults to 1. Must 5581 be 1 for liveness and startup. Minimum 5582 value is 1. 5583 format: int32 5584 type: integer 5585 tcpSocket: 5586 description: 'TCPSocket specifies an action 5587 involving a TCP port. TCP hooks not yet 5588 supported TODO: implement a realistic 5589 TCP lifecycle hook' 5590 properties: 5591 host: 5592 description: 'Optional: Host name to 5593 connect to, defaults to the pod IP.' 5594 type: string 5595 port: 5596 anyOf: 5597 - type: integer 5598 - type: string 5599 description: Number or name of the port 5600 to access on the container. Number 5601 must be in the range 1 to 65535. Name 5602 must be an IANA_SVC_NAME. 5603 x-kubernetes-int-or-string: true 5604 required: 5605 - port 5606 type: object 5607 terminationGracePeriodSeconds: 5608 description: Optional duration in seconds 5609 the pod needs to terminate gracefully 5610 upon probe failure. The grace period is 5611 the duration in seconds after the processes 5612 running in the pod are sent a termination 5613 signal and the time when the processes 5614 are forcibly halted with a kill signal. 5615 Set this value longer than the expected 5616 cleanup time for your process. If this 5617 value is nil, the pod's terminationGracePeriodSeconds 5618 will be used. Otherwise, this value overrides 5619 the value provided by the pod spec. Value 5620 must be non-negative integer. The value 5621 zero indicates stop immediately via the 5622 kill signal (no opportunity to shut down). 5623 This is an alpha field and requires enabling 5624 ProbeTerminationGracePeriod feature gate. 5625 format: int64 5626 type: integer 5627 timeoutSeconds: 5628 description: 'Number of seconds after which 5629 the probe times out. Defaults to 1 second. 5630 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5631 format: int32 5632 type: integer 5633 type: object 5634 resources: 5635 description: 'Compute Resources required by 5636 this container. Cannot be updated. More info: 5637 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5638 properties: 5639 limits: 5640 additionalProperties: 5641 anyOf: 5642 - type: integer 5643 - type: string 5644 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5645 x-kubernetes-int-or-string: true 5646 description: 'Limits describes the maximum 5647 amount of compute resources allowed. More 5648 info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5649 type: object 5650 requests: 5651 additionalProperties: 5652 anyOf: 5653 - type: integer 5654 - type: string 5655 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5656 x-kubernetes-int-or-string: true 5657 description: 'Requests describes the minimum 5658 amount of compute resources required. 5659 If Requests is omitted for a container, 5660 it defaults to Limits if that is explicitly 5661 specified, otherwise to an implementation-defined 5662 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5663 type: object 5664 type: object 5665 securityContext: 5666 description: 'Security options the pod should 5667 run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ 5668 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 5669 properties: 5670 allowPrivilegeEscalation: 5671 description: 'AllowPrivilegeEscalation controls 5672 whether a process can gain more privileges 5673 than its parent process. This bool directly 5674 controls if the no_new_privs flag will 5675 be set on the container process. AllowPrivilegeEscalation 5676 is true always when the container is: 5677 1) run as Privileged 2) has CAP_SYS_ADMIN' 5678 type: boolean 5679 capabilities: 5680 description: The capabilities to add/drop 5681 when running containers. Defaults to the 5682 default set of capabilities granted by 5683 the container runtime. 5684 properties: 5685 add: 5686 description: Added capabilities 5687 items: 5688 description: Capability represent 5689 POSIX capabilities type 5690 type: string 5691 type: array 5692 drop: 5693 description: Removed capabilities 5694 items: 5695 description: Capability represent 5696 POSIX capabilities type 5697 type: string 5698 type: array 5699 type: object 5700 privileged: 5701 description: Run container in privileged 5702 mode. Processes in privileged containers 5703 are essentially equivalent to root on 5704 the host. Defaults to false. 5705 type: boolean 5706 procMount: 5707 description: procMount denotes the type 5708 of proc mount to use for the containers. 5709 The default is DefaultProcMount which 5710 uses the container runtime defaults for 5711 readonly paths and masked paths. This 5712 requires the ProcMountType feature flag 5713 to be enabled. 5714 type: string 5715 readOnlyRootFilesystem: 5716 description: Whether this container has 5717 a read-only root filesystem. Default is 5718 false. 5719 type: boolean 5720 runAsGroup: 5721 description: The GID to run the entrypoint 5722 of the container process. Uses runtime 5723 default if unset. May also be set in PodSecurityContext. If 5724 set in both SecurityContext and PodSecurityContext, 5725 the value specified in SecurityContext 5726 takes precedence. 5727 format: int64 5728 type: integer 5729 runAsNonRoot: 5730 description: Indicates that the container 5731 must run as a non-root user. If true, 5732 the Kubelet will validate the image at 5733 runtime to ensure that it does not run 5734 as UID 0 (root) and fail to start the 5735 container if it does. If unset or false, 5736 no such validation will be performed. 5737 May also be set in PodSecurityContext. If 5738 set in both SecurityContext and PodSecurityContext, 5739 the value specified in SecurityContext 5740 takes precedence. 5741 type: boolean 5742 runAsUser: 5743 description: The UID to run the entrypoint 5744 of the container process. Defaults to 5745 user specified in image metadata if unspecified. 5746 May also be set in PodSecurityContext. If 5747 set in both SecurityContext and PodSecurityContext, 5748 the value specified in SecurityContext 5749 takes precedence. 5750 format: int64 5751 type: integer 5752 seLinuxOptions: 5753 description: The SELinux context to be applied 5754 to the container. If unspecified, the 5755 container runtime will allocate a random 5756 SELinux context for each container. May 5757 also be set in PodSecurityContext. If 5758 set in both SecurityContext and PodSecurityContext, 5759 the value specified in SecurityContext 5760 takes precedence. 5761 properties: 5762 level: 5763 description: Level is SELinux level 5764 label that applies to the container. 5765 type: string 5766 role: 5767 description: Role is a SELinux role 5768 label that applies to the container. 5769 type: string 5770 type: 5771 description: Type is a SELinux type 5772 label that applies to the container. 5773 type: string 5774 user: 5775 description: User is a SELinux user 5776 label that applies to the container. 5777 type: string 5778 type: object 5779 seccompProfile: 5780 description: The seccomp options to use 5781 by this container. If seccomp options 5782 are provided at both the pod & container 5783 level, the container options override 5784 the pod options. 5785 properties: 5786 localhostProfile: 5787 description: localhostProfile indicates 5788 a profile defined in a file on the 5789 node should be used. The profile must 5790 be preconfigured on the node to work. 5791 Must be a descending path, relative 5792 to the kubelet's configured seccomp 5793 profile location. Must only be set 5794 if type is "Localhost". 5795 type: string 5796 type: 5797 description: "type indicates which kind 5798 of seccomp profile will be applied. 5799 Valid options are: \n Localhost - 5800 a profile defined in a file on the 5801 node should be used. RuntimeDefault 5802 - the container runtime default profile 5803 should be used. Unconfined - no profile 5804 should be applied." 5805 type: string 5806 required: 5807 - type 5808 type: object 5809 windowsOptions: 5810 description: The Windows specific settings 5811 applied to all containers. If unspecified, 5812 the options from the PodSecurityContext 5813 will be used. If set in both SecurityContext 5814 and PodSecurityContext, the value specified 5815 in SecurityContext takes precedence. 5816 properties: 5817 gmsaCredentialSpec: 5818 description: GMSACredentialSpec is where 5819 the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5820 inlines the contents of the GMSA credential 5821 spec named by the GMSACredentialSpecName 5822 field. 5823 type: string 5824 gmsaCredentialSpecName: 5825 description: GMSACredentialSpecName 5826 is the name of the GMSA credential 5827 spec to use. 5828 type: string 5829 runAsUserName: 5830 description: The UserName in Windows 5831 to run the entrypoint of the container 5832 process. Defaults to the user specified 5833 in image metadata if unspecified. 5834 May also be set in PodSecurityContext. 5835 If set in both SecurityContext and 5836 PodSecurityContext, the value specified 5837 in SecurityContext takes precedence. 5838 type: string 5839 type: object 5840 type: object 5841 startupProbe: 5842 description: 'StartupProbe indicates that the 5843 Pod has successfully initialized. If specified, 5844 no other probes are executed until this completes 5845 successfully. If this probe fails, the Pod 5846 will be restarted, just as if the livenessProbe 5847 failed. This can be used to provide different 5848 probe parameters at the beginning of a Pod''s 5849 lifecycle, when it might take a long time 5850 to load data or warm a cache, than during 5851 steady-state operation. This cannot be updated. 5852 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5853 properties: 5854 exec: 5855 description: One and only one of the following 5856 should be specified. Exec specifies the 5857 action to take. 5858 properties: 5859 command: 5860 description: Command is the command 5861 line to execute inside the container, 5862 the working directory for the command is 5863 root ('/') in the container's filesystem. 5864 The command is simply exec'd, it is 5865 not run inside a shell, so traditional 5866 shell instructions ('|', etc) won't 5867 work. To use a shell, you need to 5868 explicitly call out to that shell. 5869 Exit status of 0 is treated as live/healthy 5870 and non-zero is unhealthy. 5871 items: 5872 type: string 5873 type: array 5874 type: object 5875 failureThreshold: 5876 description: Minimum consecutive failures 5877 for the probe to be considered failed 5878 after having succeeded. Defaults to 3. 5879 Minimum value is 1. 5880 format: int32 5881 type: integer 5882 httpGet: 5883 description: HTTPGet specifies the http 5884 request to perform. 5885 properties: 5886 host: 5887 description: Host name to connect to, 5888 defaults to the pod IP. You probably 5889 want to set "Host" in httpHeaders 5890 instead. 5891 type: string 5892 httpHeaders: 5893 description: Custom headers to set in 5894 the request. HTTP allows repeated 5895 headers. 5896 items: 5897 description: HTTPHeader describes 5898 a custom header to be used in HTTP 5899 probes 5900 properties: 5901 name: 5902 description: The header field 5903 name 5904 type: string 5905 value: 5906 description: The header field 5907 value 5908 type: string 5909 required: 5910 - name 5911 - value 5912 type: object 5913 type: array 5914 path: 5915 description: Path to access on the HTTP 5916 server. 5917 type: string 5918 port: 5919 anyOf: 5920 - type: integer 5921 - type: string 5922 description: Name or number of the port 5923 to access on the container. Number 5924 must be in the range 1 to 65535. Name 5925 must be an IANA_SVC_NAME. 5926 x-kubernetes-int-or-string: true 5927 scheme: 5928 description: Scheme to use for connecting 5929 to the host. Defaults to HTTP. 5930 type: string 5931 required: 5932 - port 5933 type: object 5934 initialDelaySeconds: 5935 description: 'Number of seconds after the 5936 container has started before liveness 5937 probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5938 format: int32 5939 type: integer 5940 periodSeconds: 5941 description: How often (in seconds) to perform 5942 the probe. Default to 10 seconds. Minimum 5943 value is 1. 5944 format: int32 5945 type: integer 5946 successThreshold: 5947 description: Minimum consecutive successes 5948 for the probe to be considered successful 5949 after having failed. Defaults to 1. Must 5950 be 1 for liveness and startup. Minimum 5951 value is 1. 5952 format: int32 5953 type: integer 5954 tcpSocket: 5955 description: 'TCPSocket specifies an action 5956 involving a TCP port. TCP hooks not yet 5957 supported TODO: implement a realistic 5958 TCP lifecycle hook' 5959 properties: 5960 host: 5961 description: 'Optional: Host name to 5962 connect to, defaults to the pod IP.' 5963 type: string 5964 port: 5965 anyOf: 5966 - type: integer 5967 - type: string 5968 description: Number or name of the port 5969 to access on the container. Number 5970 must be in the range 1 to 65535. Name 5971 must be an IANA_SVC_NAME. 5972 x-kubernetes-int-or-string: true 5973 required: 5974 - port 5975 type: object 5976 terminationGracePeriodSeconds: 5977 description: Optional duration in seconds 5978 the pod needs to terminate gracefully 5979 upon probe failure. The grace period is 5980 the duration in seconds after the processes 5981 running in the pod are sent a termination 5982 signal and the time when the processes 5983 are forcibly halted with a kill signal. 5984 Set this value longer than the expected 5985 cleanup time for your process. If this 5986 value is nil, the pod's terminationGracePeriodSeconds 5987 will be used. Otherwise, this value overrides 5988 the value provided by the pod spec. Value 5989 must be non-negative integer. The value 5990 zero indicates stop immediately via the 5991 kill signal (no opportunity to shut down). 5992 This is an alpha field and requires enabling 5993 ProbeTerminationGracePeriod feature gate. 5994 format: int64 5995 type: integer 5996 timeoutSeconds: 5997 description: 'Number of seconds after which 5998 the probe times out. Defaults to 1 second. 5999 Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 6000 format: int32 6001 type: integer 6002 type: object 6003 stdin: 6004 description: Whether this container should allocate 6005 a buffer for stdin in the container runtime. 6006 If this is not set, reads from stdin in the 6007 container will always result in EOF. Default 6008 is false. 6009 type: boolean 6010 stdinOnce: 6011 description: Whether the container runtime should 6012 close the stdin channel after it has been 6013 opened by a single attach. When stdin is true 6014 the stdin stream will remain open across multiple 6015 attach sessions. If stdinOnce is set to true, 6016 stdin is opened on container start, is empty 6017 until the first client attaches to stdin, 6018 and then remains open and accepts data until 6019 the client disconnects, at which time stdin 6020 is closed and remains closed until the container 6021 is restarted. If this flag is false, a container 6022 processes that reads from stdin will never 6023 receive an EOF. Default is false 6024 type: boolean 6025 terminationMessagePath: 6026 description: 'Optional: Path at which the file 6027 to which the container''s termination message 6028 will be written is mounted into the container''s 6029 filesystem. Message written is intended to 6030 be brief final status, such as an assertion 6031 failure message. Will be truncated by the 6032 node if greater than 4096 bytes. The total 6033 message length across all containers will 6034 be limited to 12kb. Defaults to /dev/termination-log. 6035 Cannot be updated.' 6036 type: string 6037 terminationMessagePolicy: 6038 description: Indicate how the termination message 6039 should be populated. File will use the contents 6040 of terminationMessagePath to populate the 6041 container status message on both success and 6042 failure. FallbackToLogsOnError will use the 6043 last chunk of container log output if the 6044 termination message file is empty and the 6045 container exited with an error. The log output 6046 is limited to 2048 bytes or 80 lines, whichever 6047 is smaller. Defaults to File. Cannot be updated. 6048 type: string 6049 tty: 6050 description: Whether this container should allocate 6051 a TTY for itself, also requires 'stdin' to 6052 be true. Default is false. 6053 type: boolean 6054 volumeDevices: 6055 description: volumeDevices is the list of block 6056 devices to be used by the container. 6057 items: 6058 description: volumeDevice describes a mapping 6059 of a raw block device within a container. 6060 properties: 6061 devicePath: 6062 description: devicePath is the path inside 6063 of the container that the device will 6064 be mapped to. 6065 type: string 6066 name: 6067 description: name must match the name 6068 of a persistentVolumeClaim in the pod 6069 type: string 6070 required: 6071 - devicePath 6072 - name 6073 type: object 6074 type: array 6075 volumeMounts: 6076 description: Pod volumes to mount into the container's 6077 filesystem. Cannot be updated. 6078 items: 6079 description: VolumeMount describes a mounting 6080 of a Volume within a container. 6081 properties: 6082 mountPath: 6083 description: Path within the container 6084 at which the volume should be mounted. Must 6085 not contain ':'. 6086 type: string 6087 mountPropagation: 6088 description: mountPropagation determines 6089 how mounts are propagated from the host 6090 to container and the other way around. 6091 When not set, MountPropagationNone is 6092 used. This field is beta in 1.10. 6093 type: string 6094 name: 6095 description: This must match the Name 6096 of a Volume. 6097 type: string 6098 readOnly: 6099 description: Mounted read-only if true, 6100 read-write otherwise (false or unspecified). 6101 Defaults to false. 6102 type: boolean 6103 subPath: 6104 description: Path within the volume from 6105 which the container's volume should 6106 be mounted. Defaults to "" (volume's 6107 root). 6108 type: string 6109 subPathExpr: 6110 description: Expanded path within the 6111 volume from which the container's volume 6112 should be mounted. Behaves similarly 6113 to SubPath but environment variable 6114 references $(VAR_NAME) are expanded 6115 using the container's environment. Defaults 6116 to "" (volume's root). SubPathExpr and 6117 SubPath are mutually exclusive. 6118 type: string 6119 required: 6120 - mountPath 6121 - name 6122 type: object 6123 type: array 6124 workingDir: 6125 description: Container's working directory. 6126 If not specified, the container runtime's 6127 default will be used, which might be configured 6128 in the container image. Cannot be updated. 6129 type: string 6130 required: 6131 - name 6132 type: object 6133 type: array 6134 nodeName: 6135 description: NodeName is a request to schedule this 6136 pod onto a specific node. If it is non-empty, the 6137 scheduler simply schedules this pod onto that node, 6138 assuming that it fits resource requirements. 6139 type: string 6140 nodeSelector: 6141 additionalProperties: 6142 type: string 6143 description: 'NodeSelector is a selector which must 6144 be true for the pod to fit on a node. Selector which 6145 must match a node''s labels for the pod to be scheduled 6146 on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' 6147 type: object 6148 overhead: 6149 additionalProperties: 6150 anyOf: 6151 - type: integer 6152 - type: string 6153 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6154 x-kubernetes-int-or-string: true 6155 description: 'Overhead represents the resource overhead 6156 associated with running a pod for a given RuntimeClass. 6157 This field will be autopopulated at admission time 6158 by the RuntimeClass admission controller. If the 6159 RuntimeClass admission controller is enabled, overhead 6160 must not be set in Pod create requests. The RuntimeClass 6161 admission controller will reject Pod create requests 6162 which have the overhead already set. If RuntimeClass 6163 is configured and selected in the PodSpec, Overhead 6164 will be set to the value defined in the corresponding 6165 RuntimeClass, otherwise it will remain unset and 6166 treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md 6167 This field is alpha-level as of Kubernetes v1.16, 6168 and is only honored by servers that enable the PodOverhead 6169 feature.' 6170 type: object 6171 preemptionPolicy: 6172 description: PreemptionPolicy is the Policy for preempting 6173 pods with lower priority. One of Never, PreemptLowerPriority. 6174 Defaults to PreemptLowerPriority if unset. This 6175 field is beta-level, gated by the NonPreemptingPriority 6176 feature-gate. 6177 type: string 6178 priority: 6179 description: The priority value. Various system components 6180 use this field to find the priority of the pod. 6181 When Priority Admission Controller is enabled, it 6182 prevents users from setting this field. The admission 6183 controller populates this field from PriorityClassName. 6184 The higher the value, the higher the priority. 6185 format: int32 6186 type: integer 6187 priorityClassName: 6188 description: If specified, indicates the pod's priority. 6189 "system-node-critical" and "system-cluster-critical" 6190 are two special keywords which indicate the highest 6191 priorities with the former being the highest priority. 6192 Any other name must be defined by creating a PriorityClass 6193 object with that name. If not specified, the pod 6194 priority will be default or zero if there is no 6195 default. 6196 type: string 6197 readinessGates: 6198 description: 'If specified, all readiness gates will 6199 be evaluated for pod readiness. A pod is ready when 6200 all its containers are ready AND all conditions 6201 specified in the readiness gates have status equal 6202 to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md' 6203 items: 6204 description: PodReadinessGate contains the reference 6205 to a pod condition 6206 properties: 6207 conditionType: 6208 description: ConditionType refers to a condition 6209 in the pod's condition list with matching 6210 type. 6211 type: string 6212 required: 6213 - conditionType 6214 type: object 6215 type: array 6216 restartPolicy: 6217 description: 'Restart policy for all containers within 6218 the pod. One of Always, OnFailure, Never. Default 6219 to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' 6220 type: string 6221 runtimeClassName: 6222 description: 'RuntimeClassName refers to a RuntimeClass 6223 object in the node.k8s.io group, which should be 6224 used to run this pod. If no RuntimeClass resource 6225 matches the named class, the pod will not be run. 6226 If unset or empty, the "legacy" RuntimeClass will 6227 be used, which is an implicit class with an empty 6228 definition that uses the default runtime handler. 6229 More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md 6230 This is a beta feature as of Kubernetes v1.14.' 6231 type: string 6232 schedulerName: 6233 description: If specified, the pod will be dispatched 6234 by specified scheduler. If not specified, the pod 6235 will be dispatched by default scheduler. 6236 type: string 6237 securityContext: 6238 description: 'SecurityContext holds pod-level security 6239 attributes and common container settings. Optional: 6240 Defaults to empty. See type description for default 6241 values of each field.' 6242 properties: 6243 fsGroup: 6244 description: "A special supplemental group that 6245 applies to all containers in a pod. Some volume 6246 types allow the Kubelet to change the ownership 6247 of that volume to be owned by the pod: \n 1. 6248 The owning GID will be the FSGroup 2. The setgid 6249 bit is set (new files created in the volume 6250 will be owned by FSGroup) 3. The permission 6251 bits are OR'd with rw-rw---- \n If unset, the 6252 Kubelet will not modify the ownership and permissions 6253 of any volume." 6254 format: int64 6255 type: integer 6256 fsGroupChangePolicy: 6257 description: 'fsGroupChangePolicy defines behavior 6258 of changing ownership and permission of the 6259 volume before being exposed inside Pod. This 6260 field will only apply to volume types which 6261 support fsGroup based ownership(and permissions). 6262 It will have no effect on ephemeral volume types 6263 such as: secret, configmaps and emptydir. Valid 6264 values are "OnRootMismatch" and "Always". If 6265 not specified, "Always" is used.' 6266 type: string 6267 runAsGroup: 6268 description: The GID to run the entrypoint of 6269 the container process. Uses runtime default 6270 if unset. May also be set in SecurityContext. If 6271 set in both SecurityContext and PodSecurityContext, 6272 the value specified in SecurityContext takes 6273 precedence for that container. 6274 format: int64 6275 type: integer 6276 runAsNonRoot: 6277 description: Indicates that the container must 6278 run as a non-root user. If true, the Kubelet 6279 will validate the image at runtime to ensure 6280 that it does not run as UID 0 (root) and fail 6281 to start the container if it does. If unset 6282 or false, no such validation will be performed. 6283 May also be set in SecurityContext. If set 6284 in both SecurityContext and PodSecurityContext, 6285 the value specified in SecurityContext takes 6286 precedence. 6287 type: boolean 6288 runAsUser: 6289 description: The UID to run the entrypoint of 6290 the container process. Defaults to user specified 6291 in image metadata if unspecified. May also be 6292 set in SecurityContext. If set in both SecurityContext 6293 and PodSecurityContext, the value specified 6294 in SecurityContext takes precedence for that 6295 container. 6296 format: int64 6297 type: integer 6298 seLinuxOptions: 6299 description: The SELinux context to be applied 6300 to all containers. If unspecified, the container 6301 runtime will allocate a random SELinux context 6302 for each container. May also be set in SecurityContext. If 6303 set in both SecurityContext and PodSecurityContext, 6304 the value specified in SecurityContext takes 6305 precedence for that container. 6306 properties: 6307 level: 6308 description: Level is SELinux level label 6309 that applies to the container. 6310 type: string 6311 role: 6312 description: Role is a SELinux role label 6313 that applies to the container. 6314 type: string 6315 type: 6316 description: Type is a SELinux type label 6317 that applies to the container. 6318 type: string 6319 user: 6320 description: User is a SELinux user label 6321 that applies to the container. 6322 type: string 6323 type: object 6324 seccompProfile: 6325 description: The seccomp options to use by the 6326 containers in this pod. 6327 properties: 6328 localhostProfile: 6329 description: localhostProfile indicates a 6330 profile defined in a file on the node should 6331 be used. The profile must be preconfigured 6332 on the node to work. Must be a descending 6333 path, relative to the kubelet's configured 6334 seccomp profile location. Must only be set 6335 if type is "Localhost". 6336 type: string 6337 type: 6338 description: "type indicates which kind of 6339 seccomp profile will be applied. Valid options 6340 are: \n Localhost - a profile defined in 6341 a file on the node should be used. RuntimeDefault 6342 - the container runtime default profile 6343 should be used. Unconfined - no profile 6344 should be applied." 6345 type: string 6346 required: 6347 - type 6348 type: object 6349 supplementalGroups: 6350 description: A list of groups applied to the first 6351 process run in each container, in addition to 6352 the container's primary GID. If unspecified, 6353 no groups will be added to any container. 6354 items: 6355 format: int64 6356 type: integer 6357 type: array 6358 sysctls: 6359 description: Sysctls hold a list of namespaced 6360 sysctls used for the pod. Pods with unsupported 6361 sysctls (by the container runtime) might fail 6362 to launch. 6363 items: 6364 description: Sysctl defines a kernel parameter 6365 to be set 6366 properties: 6367 name: 6368 description: Name of a property to set 6369 type: string 6370 value: 6371 description: Value of a property to set 6372 type: string 6373 required: 6374 - name 6375 - value 6376 type: object 6377 type: array 6378 windowsOptions: 6379 description: The Windows specific settings applied 6380 to all containers. If unspecified, the options 6381 within a container's SecurityContext will be 6382 used. If set in both SecurityContext and PodSecurityContext, 6383 the value specified in SecurityContext takes 6384 precedence. 6385 properties: 6386 gmsaCredentialSpec: 6387 description: GMSACredentialSpec is where the 6388 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6389 inlines the contents of the GMSA credential 6390 spec named by the GMSACredentialSpecName 6391 field. 6392 type: string 6393 gmsaCredentialSpecName: 6394 description: GMSACredentialSpecName is the 6395 name of the GMSA credential spec to use. 6396 type: string 6397 runAsUserName: 6398 description: The UserName in Windows to run 6399 the entrypoint of the container process. 6400 Defaults to the user specified in image 6401 metadata if unspecified. May also be set 6402 in PodSecurityContext. If set in both SecurityContext 6403 and PodSecurityContext, the value specified 6404 in SecurityContext takes precedence. 6405 type: string 6406 type: object 6407 type: object 6408 serviceAccount: 6409 description: 'DeprecatedServiceAccount is a depreciated 6410 alias for ServiceAccountName. Deprecated: Use serviceAccountName 6411 instead.' 6412 type: string 6413 serviceAccountName: 6414 description: 'ServiceAccountName is the name of the 6415 ServiceAccount to use to run this pod. More info: 6416 https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' 6417 type: string 6418 setHostnameAsFQDN: 6419 description: If true the pod's hostname will be configured 6420 as the pod's FQDN, rather than the leaf name (the 6421 default). In Linux containers, this means setting 6422 the FQDN in the hostname field of the kernel (the 6423 nodename field of struct utsname). In Windows containers, 6424 this means setting the registry value of hostname 6425 for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters 6426 to FQDN. If a pod does not have FQDN, this has no 6427 effect. Default to false. 6428 type: boolean 6429 shareProcessNamespace: 6430 description: 'Share a single process namespace between 6431 all of the containers in a pod. When this is set 6432 containers will be able to view and signal processes 6433 from other containers in the same pod, and the first 6434 process in each container will not be assigned PID 6435 1. HostPID and ShareProcessNamespace cannot both 6436 be set. Optional: Default to false.' 6437 type: boolean 6438 subdomain: 6439 description: If specified, the fully qualified Pod 6440 hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster 6441 domain>". If not specified, the pod will not have 6442 a domainname at all. 6443 type: string 6444 terminationGracePeriodSeconds: 6445 description: Optional duration in seconds the pod 6446 needs to terminate gracefully. May be decreased 6447 in delete request. Value must be non-negative integer. 6448 The value zero indicates stop immediately via the 6449 kill signal (no opportunity to shut down). If this 6450 value is nil, the default grace period will be used 6451 instead. The grace period is the duration in seconds 6452 after the processes running in the pod are sent 6453 a termination signal and the time when the processes 6454 are forcibly halted with a kill signal. Set this 6455 value longer than the expected cleanup time for 6456 your process. Defaults to 30 seconds. 6457 format: int64 6458 type: integer 6459 tolerations: 6460 description: If specified, the pod's tolerations. 6461 items: 6462 description: The pod this Toleration is attached 6463 to tolerates any taint that matches the triple 6464 <key,value,effect> using the matching operator 6465 <operator>. 6466 properties: 6467 effect: 6468 description: Effect indicates the taint effect 6469 to match. Empty means match all taint effects. 6470 When specified, allowed values are NoSchedule, 6471 PreferNoSchedule and NoExecute. 6472 type: string 6473 key: 6474 description: Key is the taint key that the toleration 6475 applies to. Empty means match all taint keys. 6476 If the key is empty, operator must be Exists; 6477 this combination means to match all values 6478 and all keys. 6479 type: string 6480 operator: 6481 description: Operator represents a key's relationship 6482 to the value. Valid operators are Exists and 6483 Equal. Defaults to Equal. Exists is equivalent 6484 to wildcard for value, so that a pod can tolerate 6485 all taints of a particular category. 6486 type: string 6487 tolerationSeconds: 6488 description: TolerationSeconds represents the 6489 period of time the toleration (which must 6490 be of effect NoExecute, otherwise this field 6491 is ignored) tolerates the taint. By default, 6492 it is not set, which means tolerate the taint 6493 forever (do not evict). Zero and negative 6494 values will be treated as 0 (evict immediately) 6495 by the system. 6496 format: int64 6497 type: integer 6498 value: 6499 description: Value is the taint value the toleration 6500 matches to. If the operator is Exists, the 6501 value should be empty, otherwise just a regular 6502 string. 6503 type: string 6504 type: object 6505 type: array 6506 topologySpreadConstraints: 6507 description: TopologySpreadConstraints describes how 6508 a group of pods ought to spread across topology 6509 domains. Scheduler will schedule pods in a way which 6510 abides by the constraints. All topologySpreadConstraints 6511 are ANDed. 6512 items: 6513 description: TopologySpreadConstraint specifies 6514 how to spread matching pods among the given topology. 6515 properties: 6516 labelSelector: 6517 description: LabelSelector is used to find matching 6518 pods. Pods that match this label selector 6519 are counted to determine the number of pods 6520 in their corresponding topology domain. 6521 properties: 6522 matchExpressions: 6523 description: matchExpressions is a list 6524 of label selector requirements. The requirements 6525 are ANDed. 6526 items: 6527 description: A label selector requirement 6528 is a selector that contains values, 6529 a key, and an operator that relates 6530 the key and values. 6531 properties: 6532 key: 6533 description: key is the label key 6534 that the selector applies to. 6535 type: string 6536 operator: 6537 description: operator represents a 6538 key's relationship to a set of values. 6539 Valid operators are In, NotIn, Exists 6540 and DoesNotExist. 6541 type: string 6542 values: 6543 description: values is an array of 6544 string values. If the operator is 6545 In or NotIn, the values array must 6546 be non-empty. If the operator is 6547 Exists or DoesNotExist, the values 6548 array must be empty. This array 6549 is replaced during a strategic merge 6550 patch. 6551 items: 6552 type: string 6553 type: array 6554 required: 6555 - key 6556 - operator 6557 type: object 6558 type: array 6559 matchLabels: 6560 additionalProperties: 6561 type: string 6562 description: matchLabels is a map of {key,value} 6563 pairs. A single {key,value} in the matchLabels 6564 map is equivalent to an element of matchExpressions, 6565 whose key field is "key", the operator 6566 is "In", and the values array contains 6567 only "value". The requirements are ANDed. 6568 type: object 6569 type: object 6570 maxSkew: 6571 description: 'MaxSkew describes the degree to 6572 which pods may be unevenly distributed. When 6573 `whenUnsatisfiable=DoNotSchedule`, it is the 6574 maximum permitted difference between the number 6575 of matching pods in the target topology and 6576 the global minimum. For example, in a 3-zone 6577 cluster, MaxSkew is set to 1, and pods with 6578 the same labelSelector spread as 1/1/0: | 6579 zone1 | zone2 | zone3 | | P | P | | 6580 - if MaxSkew is 1, incoming pod can only be 6581 scheduled to zone3 to become 1/1/1; scheduling 6582 it onto zone1(zone2) would make the ActualSkew(2-0) 6583 on zone1(zone2) violate MaxSkew(1). - if MaxSkew 6584 is 2, incoming pod can be scheduled onto any 6585 zone. When `whenUnsatisfiable=ScheduleAnyway`, 6586 it is used to give higher precedence to topologies 6587 that satisfy it. It''s a required field. Default 6588 value is 1 and 0 is not allowed.' 6589 format: int32 6590 type: integer 6591 topologyKey: 6592 description: TopologyKey is the key of node 6593 labels. Nodes that have a label with this 6594 key and identical values are considered to 6595 be in the same topology. We consider each 6596 <key, value> as a "bucket", and try to put 6597 balanced number of pods into each bucket. 6598 It's a required field. 6599 type: string 6600 whenUnsatisfiable: 6601 description: 'WhenUnsatisfiable indicates how 6602 to deal with a pod if it doesn''t satisfy 6603 the spread constraint. - DoNotSchedule (default) 6604 tells the scheduler not to schedule it. - 6605 ScheduleAnyway tells the scheduler to schedule 6606 the pod in any location, but giving higher 6607 precedence to topologies that would help reduce 6608 the skew. A constraint is considered "Unsatisfiable" 6609 for an incoming pod if and only if every possible 6610 node assigment for that pod would violate 6611 "MaxSkew" on some topology. For example, in 6612 a 3-zone cluster, MaxSkew is set to 1, and 6613 pods with the same labelSelector spread as 6614 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | 6615 If WhenUnsatisfiable is set to DoNotSchedule, 6616 incoming pod can only be scheduled to zone2(zone3) 6617 to become 3/2/1(3/1/2) as ActualSkew(2-1) 6618 on zone2(zone3) satisfies MaxSkew(1). In other 6619 words, the cluster can still be imbalanced, 6620 but scheduler won''t make it *more* imbalanced. 6621 It''s a required field.' 6622 type: string 6623 required: 6624 - maxSkew 6625 - topologyKey 6626 - whenUnsatisfiable 6627 type: object 6628 type: array 6629 x-kubernetes-list-map-keys: 6630 - topologyKey 6631 - whenUnsatisfiable 6632 x-kubernetes-list-type: map 6633 volumes: 6634 description: 'List of volumes that can be mounted 6635 by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' 6636 items: 6637 description: Volume represents a named volume in 6638 a pod that may be accessed by any container in 6639 the pod. 6640 properties: 6641 awsElasticBlockStore: 6642 description: 'AWSElasticBlockStore represents 6643 an AWS Disk resource that is attached to a 6644 kubelet''s host machine and then exposed to 6645 the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6646 properties: 6647 fsType: 6648 description: 'Filesystem type of the volume 6649 that you want to mount. Tip: Ensure that 6650 the filesystem type is supported by the 6651 host operating system. Examples: "ext4", 6652 "xfs", "ntfs". Implicitly inferred to 6653 be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 6654 TODO: how do we prevent errors in the 6655 filesystem from compromising the machine' 6656 type: string 6657 partition: 6658 description: 'The partition in the volume 6659 that you want to mount. If omitted, the 6660 default is to mount by volume name. Examples: 6661 For volume /dev/sda1, you specify the 6662 partition as "1". Similarly, the volume 6663 partition for /dev/sda is "0" (or you 6664 can leave the property empty).' 6665 format: int32 6666 type: integer 6667 readOnly: 6668 description: 'Specify "true" to force and 6669 set the ReadOnly property in VolumeMounts 6670 to "true". If omitted, the default is 6671 "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6672 type: boolean 6673 volumeID: 6674 description: 'Unique ID of the persistent 6675 disk resource in AWS (Amazon EBS volume). 6676 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 6677 type: string 6678 required: 6679 - volumeID 6680 type: object 6681 azureDisk: 6682 description: AzureDisk represents an Azure Data 6683 Disk mount on the host and bind mount to the 6684 pod. 6685 properties: 6686 cachingMode: 6687 description: 'Host Caching mode: None, Read 6688 Only, Read Write.' 6689 type: string 6690 diskName: 6691 description: The Name of the data disk in 6692 the blob storage 6693 type: string 6694 diskURI: 6695 description: The URI the data disk in the 6696 blob storage 6697 type: string 6698 fsType: 6699 description: Filesystem type to mount. Must 6700 be a filesystem type supported by the 6701 host operating system. Ex. "ext4", "xfs", 6702 "ntfs". Implicitly inferred to be "ext4" 6703 if unspecified. 6704 type: string 6705 kind: 6706 description: 'Expected values Shared: multiple 6707 blob disks per storage account Dedicated: 6708 single blob disk per storage account Managed: 6709 azure managed data disk (only in managed 6710 availability set). defaults to shared' 6711 type: string 6712 readOnly: 6713 description: Defaults to false (read/write). 6714 ReadOnly here will force the ReadOnly 6715 setting in VolumeMounts. 6716 type: boolean 6717 required: 6718 - diskName 6719 - diskURI 6720 type: object 6721 azureFile: 6722 description: AzureFile represents an Azure File 6723 Service mount on the host and bind mount to 6724 the pod. 6725 properties: 6726 readOnly: 6727 description: Defaults to false (read/write). 6728 ReadOnly here will force the ReadOnly 6729 setting in VolumeMounts. 6730 type: boolean 6731 secretName: 6732 description: the name of secret that contains 6733 Azure Storage Account Name and Key 6734 type: string 6735 shareName: 6736 description: Share Name 6737 type: string 6738 required: 6739 - secretName 6740 - shareName 6741 type: object 6742 cephfs: 6743 description: CephFS represents a Ceph FS mount 6744 on the host that shares a pod's lifetime 6745 properties: 6746 monitors: 6747 description: 'Required: Monitors is a collection 6748 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6749 items: 6750 type: string 6751 type: array 6752 path: 6753 description: 'Optional: Used as the mounted 6754 root, rather than the full Ceph tree, 6755 default is /' 6756 type: string 6757 readOnly: 6758 description: 'Optional: Defaults to false 6759 (read/write). ReadOnly here will force 6760 the ReadOnly setting in VolumeMounts. 6761 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6762 type: boolean 6763 secretFile: 6764 description: 'Optional: SecretFile is the 6765 path to key ring for User, default is 6766 /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6767 type: string 6768 secretRef: 6769 description: 'Optional: SecretRef is reference 6770 to the authentication secret for User, 6771 default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6772 properties: 6773 name: 6774 description: 'Name of the referent. 6775 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6776 TODO: Add other useful fields. apiVersion, 6777 kind, uid?' 6778 type: string 6779 type: object 6780 user: 6781 description: 'Optional: User is the rados 6782 user name, default is admin More info: 6783 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 6784 type: string 6785 required: 6786 - monitors 6787 type: object 6788 cinder: 6789 description: 'Cinder represents a cinder volume 6790 attached and mounted on kubelets host machine. 6791 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6792 properties: 6793 fsType: 6794 description: 'Filesystem type to mount. 6795 Must be a filesystem type supported by 6796 the host operating system. Examples: "ext4", 6797 "xfs", "ntfs". Implicitly inferred to 6798 be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6799 type: string 6800 readOnly: 6801 description: 'Optional: Defaults to false 6802 (read/write). ReadOnly here will force 6803 the ReadOnly setting in VolumeMounts. 6804 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6805 type: boolean 6806 secretRef: 6807 description: 'Optional: points to a secret 6808 object containing parameters used to connect 6809 to OpenStack.' 6810 properties: 6811 name: 6812 description: 'Name of the referent. 6813 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6814 TODO: Add other useful fields. apiVersion, 6815 kind, uid?' 6816 type: string 6817 type: object 6818 volumeID: 6819 description: 'volume id used to identify 6820 the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 6821 type: string 6822 required: 6823 - volumeID 6824 type: object 6825 configMap: 6826 description: ConfigMap represents a configMap 6827 that should populate this volume 6828 properties: 6829 defaultMode: 6830 description: 'Optional: mode bits used to 6831 set permissions on created files by default. 6832 Must be an octal value between 0000 and 6833 0777 or a decimal value between 0 and 6834 511. YAML accepts both octal and decimal 6835 values, JSON requires decimal values for 6836 mode bits. Defaults to 0644. Directories 6837 within the path are not affected by this 6838 setting. This might be in conflict with 6839 other options that affect the file mode, 6840 like fsGroup, and the result can be other 6841 mode bits set.' 6842 format: int32 6843 type: integer 6844 items: 6845 description: If unspecified, each key-value 6846 pair in the Data field of the referenced 6847 ConfigMap will be projected into the volume 6848 as a file whose name is the key and content 6849 is the value. If specified, the listed 6850 keys will be projected into the specified 6851 paths, and unlisted keys will not be present. 6852 If a key is specified which is not present 6853 in the ConfigMap, the volume setup will 6854 error unless it is marked optional. Paths 6855 must be relative and may not contain the 6856 '..' path or start with '..'. 6857 items: 6858 description: Maps a string key to a path 6859 within a volume. 6860 properties: 6861 key: 6862 description: The key to project. 6863 type: string 6864 mode: 6865 description: 'Optional: mode bits 6866 used to set permissions on this 6867 file. Must be an octal value between 6868 0000 and 0777 or a decimal value 6869 between 0 and 511. YAML accepts 6870 both octal and decimal values, JSON 6871 requires decimal values for mode 6872 bits. If not specified, the volume 6873 defaultMode will be used. This might 6874 be in conflict with other options 6875 that affect the file mode, like 6876 fsGroup, and the result can be other 6877 mode bits set.' 6878 format: int32 6879 type: integer 6880 path: 6881 description: The relative path of 6882 the file to map the key to. May 6883 not be an absolute path. May not 6884 contain the path element '..'. May 6885 not start with the string '..'. 6886 type: string 6887 required: 6888 - key 6889 - path 6890 type: object 6891 type: array 6892 name: 6893 description: 'Name of the referent. More 6894 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6895 TODO: Add other useful fields. apiVersion, 6896 kind, uid?' 6897 type: string 6898 optional: 6899 description: Specify whether the ConfigMap 6900 or its keys must be defined 6901 type: boolean 6902 type: object 6903 csi: 6904 description: CSI (Container Storage Interface) 6905 represents ephemeral storage that is handled 6906 by certain external CSI drivers (Beta feature). 6907 properties: 6908 driver: 6909 description: Driver is the name of the CSI 6910 driver that handles this volume. Consult 6911 with your admin for the correct name as 6912 registered in the cluster. 6913 type: string 6914 fsType: 6915 description: Filesystem type to mount. Ex. 6916 "ext4", "xfs", "ntfs". If not provided, 6917 the empty value is passed to the associated 6918 CSI driver which will determine the default 6919 filesystem to apply. 6920 type: string 6921 nodePublishSecretRef: 6922 description: NodePublishSecretRef is a reference 6923 to the secret object containing sensitive 6924 information to pass to the CSI driver 6925 to complete the CSI NodePublishVolume 6926 and NodeUnpublishVolume calls. This field 6927 is optional, and may be empty if no secret 6928 is required. If the secret object contains 6929 more than one secret, all secret references 6930 are passed. 6931 properties: 6932 name: 6933 description: 'Name of the referent. 6934 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6935 TODO: Add other useful fields. apiVersion, 6936 kind, uid?' 6937 type: string 6938 type: object 6939 readOnly: 6940 description: Specifies a read-only configuration 6941 for the volume. Defaults to false (read/write). 6942 type: boolean 6943 volumeAttributes: 6944 additionalProperties: 6945 type: string 6946 description: VolumeAttributes stores driver-specific 6947 properties that are passed to the CSI 6948 driver. Consult your driver's documentation 6949 for supported values. 6950 type: object 6951 required: 6952 - driver 6953 type: object 6954 downwardAPI: 6955 description: DownwardAPI represents downward 6956 API about the pod that should populate this 6957 volume 6958 properties: 6959 defaultMode: 6960 description: 'Optional: mode bits to use 6961 on created files by default. Must be a 6962 Optional: mode bits used to set permissions 6963 on created files by default. Must be an 6964 octal value between 0000 and 0777 or a 6965 decimal value between 0 and 511. YAML 6966 accepts both octal and decimal values, 6967 JSON requires decimal values for mode 6968 bits. Defaults to 0644. Directories within 6969 the path are not affected by this setting. 6970 This might be in conflict with other options 6971 that affect the file mode, like fsGroup, 6972 and the result can be other mode bits 6973 set.' 6974 format: int32 6975 type: integer 6976 items: 6977 description: Items is a list of downward 6978 API volume file 6979 items: 6980 description: DownwardAPIVolumeFile represents 6981 information to create the file containing 6982 the pod field 6983 properties: 6984 fieldRef: 6985 description: 'Required: Selects a 6986 field of the pod: only annotations, 6987 labels, name and namespace are supported.' 6988 properties: 6989 apiVersion: 6990 description: Version of the schema 6991 the FieldPath is written in 6992 terms of, defaults to "v1". 6993 type: string 6994 fieldPath: 6995 description: Path of the field 6996 to select in the specified API 6997 version. 6998 type: string 6999 required: 7000 - fieldPath 7001 type: object 7002 mode: 7003 description: 'Optional: mode bits 7004 used to set permissions on this 7005 file, must be an octal value between 7006 0000 and 0777 or a decimal value 7007 between 0 and 511. YAML accepts 7008 both octal and decimal values, JSON 7009 requires decimal values for mode 7010 bits. If not specified, the volume 7011 defaultMode will be used. This might 7012 be in conflict with other options 7013 that affect the file mode, like 7014 fsGroup, and the result can be other 7015 mode bits set.' 7016 format: int32 7017 type: integer 7018 path: 7019 description: 'Required: Path is the 7020 relative path name of the file to 7021 be created. Must not be absolute 7022 or contain the ''..'' path. Must 7023 be utf-8 encoded. The first item 7024 of the relative path must not start 7025 with ''..''' 7026 type: string 7027 resourceFieldRef: 7028 description: 'Selects a resource of 7029 the container: only resources limits 7030 and requests (limits.cpu, limits.memory, 7031 requests.cpu and requests.memory) 7032 are currently supported.' 7033 properties: 7034 containerName: 7035 description: 'Container name: 7036 required for volumes, optional 7037 for env vars' 7038 type: string 7039 divisor: 7040 anyOf: 7041 - type: integer 7042 - type: string 7043 description: Specifies the output 7044 format of the exposed resources, 7045 defaults to "1" 7046 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7047 x-kubernetes-int-or-string: true 7048 resource: 7049 description: 'Required: resource 7050 to select' 7051 type: string 7052 required: 7053 - resource 7054 type: object 7055 required: 7056 - path 7057 type: object 7058 type: array 7059 type: object 7060 emptyDir: 7061 description: 'EmptyDir represents a temporary 7062 directory that shares a pod''s lifetime. More 7063 info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7064 properties: 7065 medium: 7066 description: 'What type of storage medium 7067 should back this directory. The default 7068 is "" which means to use the node''s default 7069 medium. Must be an empty string (default) 7070 or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7071 type: string 7072 sizeLimit: 7073 anyOf: 7074 - type: integer 7075 - type: string 7076 description: 'Total amount of local storage 7077 required for this EmptyDir volume. The 7078 size limit is also applicable for memory 7079 medium. The maximum usage on memory medium 7080 EmptyDir would be the minimum value between 7081 the SizeLimit specified here and the sum 7082 of memory limits of all containers in 7083 a pod. The default is nil which means 7084 that the limit is undefined. More info: 7085 http://kubernetes.io/docs/user-guide/volumes#emptydir' 7086 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7087 x-kubernetes-int-or-string: true 7088 type: object 7089 ephemeral: 7090 description: "Ephemeral represents a volume 7091 that is handled by a cluster storage driver. 7092 The volume's lifecycle is tied to the pod 7093 that defines it - it will be created before 7094 the pod starts, and deleted when the pod is 7095 removed. \n Use this if: a) the volume is 7096 only needed while the pod runs, b) features 7097 of normal volumes like restoring from snapshot 7098 or capacity tracking are needed, c) the 7099 storage driver is specified through a storage 7100 class, and d) the storage driver supports 7101 dynamic volume provisioning through a PersistentVolumeClaim 7102 (see EphemeralVolumeSource for more information 7103 on the connection between this volume type 7104 \ and PersistentVolumeClaim). \n Use PersistentVolumeClaim 7105 or one of the vendor-specific APIs for volumes 7106 that persist for longer than the lifecycle 7107 of an individual pod. \n Use CSI for light-weight 7108 local ephemeral volumes if the CSI driver 7109 is meant to be used that way - see the documentation 7110 of the driver for more information. \n A pod 7111 can use both types of ephemeral volumes and 7112 persistent volumes at the same time. \n This 7113 is a beta feature and only available when 7114 the GenericEphemeralVolume feature gate is 7115 enabled." 7116 properties: 7117 volumeClaimTemplate: 7118 description: "Will be used to create a stand-alone 7119 PVC to provision the volume. The pod in 7120 which this EphemeralVolumeSource is embedded 7121 will be the owner of the PVC, i.e. the 7122 PVC will be deleted together with the 7123 pod. The name of the PVC will be `<pod 7124 name>-<volume name>` where `<volume name>` 7125 is the name from the `PodSpec.Volumes` 7126 array entry. Pod validation will reject 7127 the pod if the concatenated name is not 7128 valid for a PVC (for example, too long). 7129 \n An existing PVC with that name that 7130 is not owned by the pod will *not* be 7131 used for the pod to avoid using an unrelated 7132 volume by mistake. Starting the pod is 7133 then blocked until the unrelated PVC is 7134 removed. If such a pre-created PVC is 7135 meant to be used by the pod, the PVC has 7136 to updated with an owner reference to 7137 the pod once the pod exists. Normally 7138 this should not be necessary, but it may 7139 be useful when manually reconstructing 7140 a broken cluster. \n This field is read-only 7141 and no changes will be made by Kubernetes 7142 to the PVC after it has been created. 7143 \n Required, must not be nil." 7144 properties: 7145 metadata: 7146 description: May contain labels and 7147 annotations that will be copied into 7148 the PVC when creating it. No other 7149 fields are allowed and will be rejected 7150 during validation. 7151 type: object 7152 spec: 7153 description: The specification for the 7154 PersistentVolumeClaim. The entire 7155 content is copied unchanged into the 7156 PVC that gets created from this template. 7157 The same fields as in a PersistentVolumeClaim 7158 are also valid here. 7159 properties: 7160 accessModes: 7161 description: 'AccessModes contains 7162 the desired access modes the volume 7163 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 7164 items: 7165 type: string 7166 type: array 7167 dataSource: 7168 description: 'This field can be 7169 used to specify either: * An existing 7170 VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 7171 * An existing PVC (PersistentVolumeClaim) 7172 * An existing custom resource 7173 that implements data population 7174 (Alpha) In order to use custom 7175 resource types that implement 7176 data population, the AnyVolumeDataSource 7177 feature gate must be enabled. 7178 If the provisioner or an external 7179 controller can support the specified 7180 data source, it will create a 7181 new volume based on the contents 7182 of the specified data source.' 7183 properties: 7184 apiGroup: 7185 description: APIGroup is the 7186 group for the resource being 7187 referenced. If APIGroup is 7188 not specified, the specified 7189 Kind must be in the core API 7190 group. For any other third-party 7191 types, APIGroup is required. 7192 type: string 7193 kind: 7194 description: Kind is the type 7195 of resource being referenced 7196 type: string 7197 name: 7198 description: Name is the name 7199 of resource being referenced 7200 type: string 7201 required: 7202 - kind 7203 - name 7204 type: object 7205 resources: 7206 description: 'Resources represents 7207 the minimum resources the volume 7208 should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7209 properties: 7210 limits: 7211 additionalProperties: 7212 anyOf: 7213 - type: integer 7214 - type: string 7215 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7216 x-kubernetes-int-or-string: true 7217 description: 'Limits describes 7218 the maximum amount of compute 7219 resources allowed. More info: 7220 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7221 type: object 7222 requests: 7223 additionalProperties: 7224 anyOf: 7225 - type: integer 7226 - type: string 7227 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7228 x-kubernetes-int-or-string: true 7229 description: 'Requests describes 7230 the minimum amount of compute 7231 resources required. If Requests 7232 is omitted for a container, 7233 it defaults to Limits if that 7234 is explicitly specified, otherwise 7235 to an implementation-defined 7236 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7237 type: object 7238 type: object 7239 selector: 7240 description: A label query over 7241 volumes to consider for binding. 7242 properties: 7243 matchExpressions: 7244 description: matchExpressions 7245 is a list of label selector 7246 requirements. The requirements 7247 are ANDed. 7248 items: 7249 description: A label selector 7250 requirement is a selector 7251 that contains values, a 7252 key, and an operator that 7253 relates the key and values. 7254 properties: 7255 key: 7256 description: key is the 7257 label key that the selector 7258 applies to. 7259 type: string 7260 operator: 7261 description: operator 7262 represents a key's relationship 7263 to a set of values. 7264 Valid operators are 7265 In, NotIn, Exists and 7266 DoesNotExist. 7267 type: string 7268 values: 7269 description: values is 7270 an array of string values. 7271 If the operator is In 7272 or NotIn, the values 7273 array must be non-empty. 7274 If the operator is Exists 7275 or DoesNotExist, the 7276 values array must be 7277 empty. This array is 7278 replaced during a strategic 7279 merge patch. 7280 items: 7281 type: string 7282 type: array 7283 required: 7284 - key 7285 - operator 7286 type: object 7287 type: array 7288 matchLabels: 7289 additionalProperties: 7290 type: string 7291 description: matchLabels is 7292 a map of {key,value} pairs. 7293 A single {key,value} in the 7294 matchLabels map is equivalent 7295 to an element of matchExpressions, 7296 whose key field is "key", 7297 the operator is "In", and 7298 the values array contains 7299 only "value". The requirements 7300 are ANDed. 7301 type: object 7302 type: object 7303 storageClassName: 7304 description: 'Name of the StorageClass 7305 required by the claim. More info: 7306 https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7307 type: string 7308 volumeMode: 7309 description: volumeMode defines 7310 what type of volume is required 7311 by the claim. Value of Filesystem 7312 is implied when not included in 7313 claim spec. 7314 type: string 7315 volumeName: 7316 description: VolumeName is the binding 7317 reference to the PersistentVolume 7318 backing this claim. 7319 type: string 7320 type: object 7321 required: 7322 - spec 7323 type: object 7324 type: object 7325 fc: 7326 description: FC represents a Fibre Channel resource 7327 that is attached to a kubelet's host machine 7328 and then exposed to the pod. 7329 properties: 7330 fsType: 7331 description: 'Filesystem type to mount. 7332 Must be a filesystem type supported by 7333 the host operating system. Ex. "ext4", 7334 "xfs", "ntfs". Implicitly inferred to 7335 be "ext4" if unspecified. TODO: how do 7336 we prevent errors in the filesystem from 7337 compromising the machine' 7338 type: string 7339 lun: 7340 description: 'Optional: FC target lun number' 7341 format: int32 7342 type: integer 7343 readOnly: 7344 description: 'Optional: Defaults to false 7345 (read/write). ReadOnly here will force 7346 the ReadOnly setting in VolumeMounts.' 7347 type: boolean 7348 targetWWNs: 7349 description: 'Optional: FC target worldwide 7350 names (WWNs)' 7351 items: 7352 type: string 7353 type: array 7354 wwids: 7355 description: 'Optional: FC volume world 7356 wide identifiers (wwids) Either wwids 7357 or combination of targetWWNs and lun must 7358 be set, but not both simultaneously.' 7359 items: 7360 type: string 7361 type: array 7362 type: object 7363 flexVolume: 7364 description: FlexVolume represents a generic 7365 volume resource that is provisioned/attached 7366 using an exec based plugin. 7367 properties: 7368 driver: 7369 description: Driver is the name of the driver 7370 to use for this volume. 7371 type: string 7372 fsType: 7373 description: Filesystem type to mount. Must 7374 be a filesystem type supported by the 7375 host operating system. Ex. "ext4", "xfs", 7376 "ntfs". The default filesystem depends 7377 on FlexVolume script. 7378 type: string 7379 options: 7380 additionalProperties: 7381 type: string 7382 description: 'Optional: Extra command options 7383 if any.' 7384 type: object 7385 readOnly: 7386 description: 'Optional: Defaults to false 7387 (read/write). ReadOnly here will force 7388 the ReadOnly setting in VolumeMounts.' 7389 type: boolean 7390 secretRef: 7391 description: 'Optional: SecretRef is reference 7392 to the secret object containing sensitive 7393 information to pass to the plugin scripts. 7394 This may be empty if no secret object 7395 is specified. If the secret object contains 7396 more than one secret, all secrets are 7397 passed to the plugin scripts.' 7398 properties: 7399 name: 7400 description: 'Name of the referent. 7401 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7402 TODO: Add other useful fields. apiVersion, 7403 kind, uid?' 7404 type: string 7405 type: object 7406 required: 7407 - driver 7408 type: object 7409 flocker: 7410 description: Flocker represents a Flocker volume 7411 attached to a kubelet's host machine. This 7412 depends on the Flocker control service being 7413 running 7414 properties: 7415 datasetName: 7416 description: Name of the dataset stored 7417 as metadata -> name on the dataset for 7418 Flocker should be considered as deprecated 7419 type: string 7420 datasetUUID: 7421 description: UUID of the dataset. This is 7422 unique identifier of a Flocker dataset 7423 type: string 7424 type: object 7425 gcePersistentDisk: 7426 description: 'GCEPersistentDisk represents a 7427 GCE Disk resource that is attached to a kubelet''s 7428 host machine and then exposed to the pod. 7429 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7430 properties: 7431 fsType: 7432 description: 'Filesystem type of the volume 7433 that you want to mount. Tip: Ensure that 7434 the filesystem type is supported by the 7435 host operating system. Examples: "ext4", 7436 "xfs", "ntfs". Implicitly inferred to 7437 be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 7438 TODO: how do we prevent errors in the 7439 filesystem from compromising the machine' 7440 type: string 7441 partition: 7442 description: 'The partition in the volume 7443 that you want to mount. If omitted, the 7444 default is to mount by volume name. Examples: 7445 For volume /dev/sda1, you specify the 7446 partition as "1". Similarly, the volume 7447 partition for /dev/sda is "0" (or you 7448 can leave the property empty). More info: 7449 https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7450 format: int32 7451 type: integer 7452 pdName: 7453 description: 'Unique name of the PD resource 7454 in GCE. Used to identify the disk in GCE. 7455 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7456 type: string 7457 readOnly: 7458 description: 'ReadOnly here will force the 7459 ReadOnly setting in VolumeMounts. Defaults 7460 to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7461 type: boolean 7462 required: 7463 - pdName 7464 type: object 7465 gitRepo: 7466 description: 'GitRepo represents a git repository 7467 at a particular revision. DEPRECATED: GitRepo 7468 is deprecated. To provision a container with 7469 a git repo, mount an EmptyDir into an InitContainer 7470 that clones the repo using git, then mount 7471 the EmptyDir into the Pod''s container.' 7472 properties: 7473 directory: 7474 description: Target directory name. Must 7475 not contain or start with '..'. If '.' 7476 is supplied, the volume directory will 7477 be the git repository. Otherwise, if 7478 specified, the volume will contain the 7479 git repository in the subdirectory with 7480 the given name. 7481 type: string 7482 repository: 7483 description: Repository URL 7484 type: string 7485 revision: 7486 description: Commit hash for the specified 7487 revision. 7488 type: string 7489 required: 7490 - repository 7491 type: object 7492 glusterfs: 7493 description: 'Glusterfs represents a Glusterfs 7494 mount on the host that shares a pod''s lifetime. 7495 More info: https://examples.k8s.io/volumes/glusterfs/README.md' 7496 properties: 7497 endpoints: 7498 description: 'EndpointsName is the endpoint 7499 name that details Glusterfs topology. 7500 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7501 type: string 7502 path: 7503 description: 'Path is the Glusterfs volume 7504 path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7505 type: string 7506 readOnly: 7507 description: 'ReadOnly here will force the 7508 Glusterfs volume to be mounted with read-only 7509 permissions. Defaults to false. More info: 7510 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7511 type: boolean 7512 required: 7513 - endpoints 7514 - path 7515 type: object 7516 hostPath: 7517 description: 'HostPath represents a pre-existing 7518 file or directory on the host machine that 7519 is directly exposed to the container. This 7520 is generally used for system agents or other 7521 privileged things that are allowed to see 7522 the host machine. Most containers will NOT 7523 need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 7524 --- TODO(jonesdl) We need to restrict who 7525 can use host directory mounts and who can/can 7526 not mount host directories as read/write.' 7527 properties: 7528 path: 7529 description: 'Path of the directory on the 7530 host. If the path is a symlink, it will 7531 follow the link to the real path. More 7532 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7533 type: string 7534 type: 7535 description: 'Type for HostPath Volume Defaults 7536 to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7537 type: string 7538 required: 7539 - path 7540 type: object 7541 iscsi: 7542 description: 'ISCSI represents an ISCSI Disk 7543 resource that is attached to a kubelet''s 7544 host machine and then exposed to the pod. 7545 More info: https://examples.k8s.io/volumes/iscsi/README.md' 7546 properties: 7547 chapAuthDiscovery: 7548 description: whether support iSCSI Discovery 7549 CHAP authentication 7550 type: boolean 7551 chapAuthSession: 7552 description: whether support iSCSI Session 7553 CHAP authentication 7554 type: boolean 7555 fsType: 7556 description: 'Filesystem type of the volume 7557 that you want to mount. Tip: Ensure that 7558 the filesystem type is supported by the 7559 host operating system. Examples: "ext4", 7560 "xfs", "ntfs". Implicitly inferred to 7561 be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 7562 TODO: how do we prevent errors in the 7563 filesystem from compromising the machine' 7564 type: string 7565 initiatorName: 7566 description: Custom iSCSI Initiator Name. 7567 If initiatorName is specified with iscsiInterface 7568 simultaneously, new iSCSI interface <target 7569 portal>:<volume name> will be created 7570 for the connection. 7571 type: string 7572 iqn: 7573 description: Target iSCSI Qualified Name. 7574 type: string 7575 iscsiInterface: 7576 description: iSCSI Interface Name that uses 7577 an iSCSI transport. Defaults to 'default' 7578 (tcp). 7579 type: string 7580 lun: 7581 description: iSCSI Target Lun number. 7582 format: int32 7583 type: integer 7584 portals: 7585 description: iSCSI Target Portal List. The 7586 portal is either an IP or ip_addr:port 7587 if the port is other than default (typically 7588 TCP ports 860 and 3260). 7589 items: 7590 type: string 7591 type: array 7592 readOnly: 7593 description: ReadOnly here will force the 7594 ReadOnly setting in VolumeMounts. Defaults 7595 to false. 7596 type: boolean 7597 secretRef: 7598 description: CHAP Secret for iSCSI target 7599 and initiator authentication 7600 properties: 7601 name: 7602 description: 'Name of the referent. 7603 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7604 TODO: Add other useful fields. apiVersion, 7605 kind, uid?' 7606 type: string 7607 type: object 7608 targetPortal: 7609 description: iSCSI Target Portal. The Portal 7610 is either an IP or ip_addr:port if the 7611 port is other than default (typically 7612 TCP ports 860 and 3260). 7613 type: string 7614 required: 7615 - iqn 7616 - lun 7617 - targetPortal 7618 type: object 7619 name: 7620 description: 'Volume''s name. Must be a DNS_LABEL 7621 and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 7622 type: string 7623 nfs: 7624 description: 'NFS represents an NFS mount on 7625 the host that shares a pod''s lifetime More 7626 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7627 properties: 7628 path: 7629 description: 'Path that is exported by the 7630 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7631 type: string 7632 readOnly: 7633 description: 'ReadOnly here will force the 7634 NFS export to be mounted with read-only 7635 permissions. Defaults to false. More info: 7636 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7637 type: boolean 7638 server: 7639 description: 'Server is the hostname or 7640 IP address of the NFS server. More info: 7641 https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7642 type: string 7643 required: 7644 - path 7645 - server 7646 type: object 7647 persistentVolumeClaim: 7648 description: 'PersistentVolumeClaimVolumeSource 7649 represents a reference to a PersistentVolumeClaim 7650 in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7651 properties: 7652 claimName: 7653 description: 'ClaimName is the name of a 7654 PersistentVolumeClaim in the same namespace 7655 as the pod using this volume. More info: 7656 https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7657 type: string 7658 readOnly: 7659 description: Will force the ReadOnly setting 7660 in VolumeMounts. Default false. 7661 type: boolean 7662 required: 7663 - claimName 7664 type: object 7665 photonPersistentDisk: 7666 description: PhotonPersistentDisk represents 7667 a PhotonController persistent disk attached 7668 and mounted on kubelets host machine 7669 properties: 7670 fsType: 7671 description: Filesystem type to mount. Must 7672 be a filesystem type supported by the 7673 host operating system. Ex. "ext4", "xfs", 7674 "ntfs". Implicitly inferred to be "ext4" 7675 if unspecified. 7676 type: string 7677 pdID: 7678 description: ID that identifies Photon Controller 7679 persistent disk 7680 type: string 7681 required: 7682 - pdID 7683 type: object 7684 portworxVolume: 7685 description: PortworxVolume represents a portworx 7686 volume attached and mounted on kubelets host 7687 machine 7688 properties: 7689 fsType: 7690 description: FSType represents the filesystem 7691 type to mount Must be a filesystem type 7692 supported by the host operating system. 7693 Ex. "ext4", "xfs". Implicitly inferred 7694 to be "ext4" if unspecified. 7695 type: string 7696 readOnly: 7697 description: Defaults to false (read/write). 7698 ReadOnly here will force the ReadOnly 7699 setting in VolumeMounts. 7700 type: boolean 7701 volumeID: 7702 description: VolumeID uniquely identifies 7703 a Portworx volume 7704 type: string 7705 required: 7706 - volumeID 7707 type: object 7708 projected: 7709 description: Items for all in one resources 7710 secrets, configmaps, and downward API 7711 properties: 7712 defaultMode: 7713 description: Mode bits used to set permissions 7714 on created files by default. Must be an 7715 octal value between 0000 and 0777 or a 7716 decimal value between 0 and 511. YAML 7717 accepts both octal and decimal values, 7718 JSON requires decimal values for mode 7719 bits. Directories within the path are 7720 not affected by this setting. This might 7721 be in conflict with other options that 7722 affect the file mode, like fsGroup, and 7723 the result can be other mode bits set. 7724 format: int32 7725 type: integer 7726 sources: 7727 description: list of volume projections 7728 items: 7729 description: Projection that may be projected 7730 along with other supported volume types 7731 properties: 7732 configMap: 7733 description: information about the 7734 configMap data to project 7735 properties: 7736 items: 7737 description: If unspecified, each 7738 key-value pair in the Data field 7739 of the referenced ConfigMap 7740 will be projected into the volume 7741 as a file whose name is the 7742 key and content is the value. 7743 If specified, the listed keys 7744 will be projected into the specified 7745 paths, and unlisted keys will 7746 not be present. If a key is 7747 specified which is not present 7748 in the ConfigMap, the volume 7749 setup will error unless it is 7750 marked optional. Paths must 7751 be relative and may not contain 7752 the '..' path or start with 7753 '..'. 7754 items: 7755 description: Maps a string key 7756 to a path within a volume. 7757 properties: 7758 key: 7759 description: The key to 7760 project. 7761 type: string 7762 mode: 7763 description: 'Optional: 7764 mode bits used to set 7765 permissions on this file. 7766 Must be an octal value 7767 between 0000 and 0777 7768 or a decimal value between 7769 0 and 511. YAML accepts 7770 both octal and decimal 7771 values, JSON requires 7772 decimal values for mode 7773 bits. If not specified, 7774 the volume defaultMode 7775 will be used. This might 7776 be in conflict with other 7777 options that affect the 7778 file mode, like fsGroup, 7779 and the result can be 7780 other mode bits set.' 7781 format: int32 7782 type: integer 7783 path: 7784 description: The relative 7785 path of the file to map 7786 the key to. May not be 7787 an absolute path. May 7788 not contain the path element 7789 '..'. May not start with 7790 the string '..'. 7791 type: string 7792 required: 7793 - key 7794 - path 7795 type: object 7796 type: array 7797 name: 7798 description: 'Name of the referent. 7799 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7800 TODO: Add other useful fields. 7801 apiVersion, kind, uid?' 7802 type: string 7803 optional: 7804 description: Specify whether the 7805 ConfigMap or its keys must be 7806 defined 7807 type: boolean 7808 type: object 7809 downwardAPI: 7810 description: information about the 7811 downwardAPI data to project 7812 properties: 7813 items: 7814 description: Items is a list of 7815 DownwardAPIVolume file 7816 items: 7817 description: DownwardAPIVolumeFile 7818 represents information to 7819 create the file containing 7820 the pod field 7821 properties: 7822 fieldRef: 7823 description: 'Required: 7824 Selects a field of the 7825 pod: only annotations, 7826 labels, name and namespace 7827 are supported.' 7828 properties: 7829 apiVersion: 7830 description: Version 7831 of the schema the 7832 FieldPath is written 7833 in terms of, defaults 7834 to "v1". 7835 type: string 7836 fieldPath: 7837 description: Path of 7838 the field to select 7839 in the specified API 7840 version. 7841 type: string 7842 required: 7843 - fieldPath 7844 type: object 7845 mode: 7846 description: 'Optional: 7847 mode bits used to set 7848 permissions on this file, 7849 must be an octal value 7850 between 0000 and 0777 7851 or a decimal value between 7852 0 and 511. YAML accepts 7853 both octal and decimal 7854 values, JSON requires 7855 decimal values for mode 7856 bits. If not specified, 7857 the volume defaultMode 7858 will be used. This might 7859 be in conflict with other 7860 options that affect the 7861 file mode, like fsGroup, 7862 and the result can be 7863 other mode bits set.' 7864 format: int32 7865 type: integer 7866 path: 7867 description: 'Required: 7868 Path is the relative 7869 path name of the file 7870 to be created. Must not 7871 be absolute or contain 7872 the ''..'' path. Must 7873 be utf-8 encoded. The 7874 first item of the relative 7875 path must not start with 7876 ''..''' 7877 type: string 7878 resourceFieldRef: 7879 description: 'Selects a 7880 resource of the container: 7881 only resources limits 7882 and requests (limits.cpu, 7883 limits.memory, requests.cpu 7884 and requests.memory) are 7885 currently supported.' 7886 properties: 7887 containerName: 7888 description: 'Container 7889 name: required for 7890 volumes, optional 7891 for env vars' 7892 type: string 7893 divisor: 7894 anyOf: 7895 - type: integer 7896 - type: string 7897 description: Specifies 7898 the output format 7899 of the exposed resources, 7900 defaults to "1" 7901 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7902 x-kubernetes-int-or-string: true 7903 resource: 7904 description: 'Required: 7905 resource to select' 7906 type: string 7907 required: 7908 - resource 7909 type: object 7910 required: 7911 - path 7912 type: object 7913 type: array 7914 type: object 7915 secret: 7916 description: information about the 7917 secret data to project 7918 properties: 7919 items: 7920 description: If unspecified, each 7921 key-value pair in the Data field 7922 of the referenced Secret will 7923 be projected into the volume 7924 as a file whose name is the 7925 key and content is the value. 7926 If specified, the listed keys 7927 will be projected into the specified 7928 paths, and unlisted keys will 7929 not be present. If a key is 7930 specified which is not present 7931 in the Secret, the volume setup 7932 will error unless it is marked 7933 optional. Paths must be relative 7934 and may not contain the '..' 7935 path or start with '..'. 7936 items: 7937 description: Maps a string key 7938 to a path within a volume. 7939 properties: 7940 key: 7941 description: The key to 7942 project. 7943 type: string 7944 mode: 7945 description: 'Optional: 7946 mode bits used to set 7947 permissions on this file. 7948 Must be an octal value 7949 between 0000 and 0777 7950 or a decimal value between 7951 0 and 511. YAML accepts 7952 both octal and decimal 7953 values, JSON requires 7954 decimal values for mode 7955 bits. If not specified, 7956 the volume defaultMode 7957 will be used. This might 7958 be in conflict with other 7959 options that affect the 7960 file mode, like fsGroup, 7961 and the result can be 7962 other mode bits set.' 7963 format: int32 7964 type: integer 7965 path: 7966 description: The relative 7967 path of the file to map 7968 the key to. May not be 7969 an absolute path. May 7970 not contain the path element 7971 '..'. May not start with 7972 the string '..'. 7973 type: string 7974 required: 7975 - key 7976 - path 7977 type: object 7978 type: array 7979 name: 7980 description: 'Name of the referent. 7981 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7982 TODO: Add other useful fields. 7983 apiVersion, kind, uid?' 7984 type: string 7985 optional: 7986 description: Specify whether the 7987 Secret or its key must be defined 7988 type: boolean 7989 type: object 7990 serviceAccountToken: 7991 description: information about the 7992 serviceAccountToken data to project 7993 properties: 7994 audience: 7995 description: Audience is the intended 7996 audience of the token. A recipient 7997 of a token must identify itself 7998 with an identifier specified 7999 in the audience of the token, 8000 and otherwise should reject 8001 the token. The audience defaults 8002 to the identifier of the apiserver. 8003 type: string 8004 expirationSeconds: 8005 description: ExpirationSeconds 8006 is the requested duration of 8007 validity of the service account 8008 token. As the token approaches 8009 expiration, the kubelet volume 8010 plugin will proactively rotate 8011 the service account token. The 8012 kubelet will start trying to 8013 rotate the token if the token 8014 is older than 80 percent of 8015 its time to live or if the token 8016 is older than 24 hours.Defaults 8017 to 1 hour and must be at least 8018 10 minutes. 8019 format: int64 8020 type: integer 8021 path: 8022 description: Path is the path 8023 relative to the mount point 8024 of the file to project the token 8025 into. 8026 type: string 8027 required: 8028 - path 8029 type: object 8030 type: object 8031 type: array 8032 type: object 8033 quobyte: 8034 description: Quobyte represents a Quobyte mount 8035 on the host that shares a pod's lifetime 8036 properties: 8037 group: 8038 description: Group to map volume access 8039 to Default is no group 8040 type: string 8041 readOnly: 8042 description: ReadOnly here will force the 8043 Quobyte volume to be mounted with read-only 8044 permissions. Defaults to false. 8045 type: boolean 8046 registry: 8047 description: Registry represents a single 8048 or multiple Quobyte Registry services 8049 specified as a string as host:port pair 8050 (multiple entries are separated with commas) 8051 which acts as the central registry for 8052 volumes 8053 type: string 8054 tenant: 8055 description: Tenant owning the given Quobyte 8056 volume in the Backend Used with dynamically 8057 provisioned Quobyte volumes, value is 8058 set by the plugin 8059 type: string 8060 user: 8061 description: User to map volume access to 8062 Defaults to serivceaccount user 8063 type: string 8064 volume: 8065 description: Volume is a string that references 8066 an already created Quobyte volume by name. 8067 type: string 8068 required: 8069 - registry 8070 - volume 8071 type: object 8072 rbd: 8073 description: 'RBD represents a Rados Block Device 8074 mount on the host that shares a pod''s lifetime. 8075 More info: https://examples.k8s.io/volumes/rbd/README.md' 8076 properties: 8077 fsType: 8078 description: 'Filesystem type of the volume 8079 that you want to mount. Tip: Ensure that 8080 the filesystem type is supported by the 8081 host operating system. Examples: "ext4", 8082 "xfs", "ntfs". Implicitly inferred to 8083 be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 8084 TODO: how do we prevent errors in the 8085 filesystem from compromising the machine' 8086 type: string 8087 image: 8088 description: 'The rados image name. More 8089 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8090 type: string 8091 keyring: 8092 description: 'Keyring is the path to key 8093 ring for RBDUser. Default is /etc/ceph/keyring. 8094 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8095 type: string 8096 monitors: 8097 description: 'A collection of Ceph monitors. 8098 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8099 items: 8100 type: string 8101 type: array 8102 pool: 8103 description: 'The rados pool name. Default 8104 is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8105 type: string 8106 readOnly: 8107 description: 'ReadOnly here will force the 8108 ReadOnly setting in VolumeMounts. Defaults 8109 to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8110 type: boolean 8111 secretRef: 8112 description: 'SecretRef is name of the authentication 8113 secret for RBDUser. If provided overrides 8114 keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8115 properties: 8116 name: 8117 description: 'Name of the referent. 8118 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8119 TODO: Add other useful fields. apiVersion, 8120 kind, uid?' 8121 type: string 8122 type: object 8123 user: 8124 description: 'The rados user name. Default 8125 is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8126 type: string 8127 required: 8128 - image 8129 - monitors 8130 type: object 8131 scaleIO: 8132 description: ScaleIO represents a ScaleIO persistent 8133 volume attached and mounted on Kubernetes 8134 nodes. 8135 properties: 8136 fsType: 8137 description: Filesystem type to mount. Must 8138 be a filesystem type supported by the 8139 host operating system. Ex. "ext4", "xfs", 8140 "ntfs". Default is "xfs". 8141 type: string 8142 gateway: 8143 description: The host address of the ScaleIO 8144 API Gateway. 8145 type: string 8146 protectionDomain: 8147 description: The name of the ScaleIO Protection 8148 Domain for the configured storage. 8149 type: string 8150 readOnly: 8151 description: Defaults to false (read/write). 8152 ReadOnly here will force the ReadOnly 8153 setting in VolumeMounts. 8154 type: boolean 8155 secretRef: 8156 description: SecretRef references to the 8157 secret for ScaleIO user and other sensitive 8158 information. If this is not provided, 8159 Login operation will fail. 8160 properties: 8161 name: 8162 description: 'Name of the referent. 8163 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8164 TODO: Add other useful fields. apiVersion, 8165 kind, uid?' 8166 type: string 8167 type: object 8168 sslEnabled: 8169 description: Flag to enable/disable SSL 8170 communication with Gateway, default false 8171 type: boolean 8172 storageMode: 8173 description: Indicates whether the storage 8174 for a volume should be ThickProvisioned 8175 or ThinProvisioned. Default is ThinProvisioned. 8176 type: string 8177 storagePool: 8178 description: The ScaleIO Storage Pool associated 8179 with the protection domain. 8180 type: string 8181 system: 8182 description: The name of the storage system 8183 as configured in ScaleIO. 8184 type: string 8185 volumeName: 8186 description: The name of a volume already 8187 created in the ScaleIO system that is 8188 associated with this volume source. 8189 type: string 8190 required: 8191 - gateway 8192 - secretRef 8193 - system 8194 type: object 8195 secret: 8196 description: 'Secret represents a secret that 8197 should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8198 properties: 8199 defaultMode: 8200 description: 'Optional: mode bits used to 8201 set permissions on created files by default. 8202 Must be an octal value between 0000 and 8203 0777 or a decimal value between 0 and 8204 511. YAML accepts both octal and decimal 8205 values, JSON requires decimal values for 8206 mode bits. Defaults to 0644. Directories 8207 within the path are not affected by this 8208 setting. This might be in conflict with 8209 other options that affect the file mode, 8210 like fsGroup, and the result can be other 8211 mode bits set.' 8212 format: int32 8213 type: integer 8214 items: 8215 description: If unspecified, each key-value 8216 pair in the Data field of the referenced 8217 Secret will be projected into the volume 8218 as a file whose name is the key and content 8219 is the value. If specified, the listed 8220 keys will be projected into the specified 8221 paths, and unlisted keys will not be present. 8222 If a key is specified which is not present 8223 in the Secret, the volume setup will error 8224 unless it is marked optional. Paths must 8225 be relative and may not contain the '..' 8226 path or start with '..'. 8227 items: 8228 description: Maps a string key to a path 8229 within a volume. 8230 properties: 8231 key: 8232 description: The key to project. 8233 type: string 8234 mode: 8235 description: 'Optional: mode bits 8236 used to set permissions on this 8237 file. Must be an octal value between 8238 0000 and 0777 or a decimal value 8239 between 0 and 511. YAML accepts 8240 both octal and decimal values, JSON 8241 requires decimal values for mode 8242 bits. If not specified, the volume 8243 defaultMode will be used. This might 8244 be in conflict with other options 8245 that affect the file mode, like 8246 fsGroup, and the result can be other 8247 mode bits set.' 8248 format: int32 8249 type: integer 8250 path: 8251 description: The relative path of 8252 the file to map the key to. May 8253 not be an absolute path. May not 8254 contain the path element '..'. May 8255 not start with the string '..'. 8256 type: string 8257 required: 8258 - key 8259 - path 8260 type: object 8261 type: array 8262 optional: 8263 description: Specify whether the Secret 8264 or its keys must be defined 8265 type: boolean 8266 secretName: 8267 description: 'Name of the secret in the 8268 pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8269 type: string 8270 type: object 8271 storageos: 8272 description: StorageOS represents a StorageOS 8273 volume attached and mounted on Kubernetes 8274 nodes. 8275 properties: 8276 fsType: 8277 description: Filesystem type to mount. Must 8278 be a filesystem type supported by the 8279 host operating system. Ex. "ext4", "xfs", 8280 "ntfs". Implicitly inferred to be "ext4" 8281 if unspecified. 8282 type: string 8283 readOnly: 8284 description: Defaults to false (read/write). 8285 ReadOnly here will force the ReadOnly 8286 setting in VolumeMounts. 8287 type: boolean 8288 secretRef: 8289 description: SecretRef specifies the secret 8290 to use for obtaining the StorageOS API 8291 credentials. If not specified, default 8292 values will be attempted. 8293 properties: 8294 name: 8295 description: 'Name of the referent. 8296 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8297 TODO: Add other useful fields. apiVersion, 8298 kind, uid?' 8299 type: string 8300 type: object 8301 volumeName: 8302 description: VolumeName is the human-readable 8303 name of the StorageOS volume. Volume 8304 names are only unique within a namespace. 8305 type: string 8306 volumeNamespace: 8307 description: VolumeNamespace specifies the 8308 scope of the volume within StorageOS. If 8309 no namespace is specified then the Pod's 8310 namespace will be used. This allows the 8311 Kubernetes name scoping to be mirrored 8312 within StorageOS for tighter integration. 8313 Set VolumeName to any name to override 8314 the default behaviour. Set to "default" 8315 if you are not using namespaces within 8316 StorageOS. Namespaces that do not pre-exist 8317 within StorageOS will be created. 8318 type: string 8319 type: object 8320 vsphereVolume: 8321 description: VsphereVolume represents a vSphere 8322 volume attached and mounted on kubelets host 8323 machine 8324 properties: 8325 fsType: 8326 description: Filesystem type to mount. Must 8327 be a filesystem type supported by the 8328 host operating system. Ex. "ext4", "xfs", 8329 "ntfs". Implicitly inferred to be "ext4" 8330 if unspecified. 8331 type: string 8332 storagePolicyID: 8333 description: Storage Policy Based Management 8334 (SPBM) profile ID associated with the 8335 StoragePolicyName. 8336 type: string 8337 storagePolicyName: 8338 description: Storage Policy Based Management 8339 (SPBM) profile name. 8340 type: string 8341 volumePath: 8342 description: Path that identifies vSphere 8343 volume vmdk 8344 type: string 8345 required: 8346 - volumePath 8347 type: object 8348 required: 8349 - name 8350 type: object 8351 type: array 8352 required: 8353 - containers 8354 type: object 8355 type: object 8356 type: array 8357 engineResources: 8358 description: ResourceRequirements describes the compute resource 8359 requirements. 8360 properties: 8361 limits: 8362 additionalProperties: 8363 anyOf: 8364 - type: integer 8365 - type: string 8366 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8367 x-kubernetes-int-or-string: true 8368 description: 'Limits describes the maximum amount of compute 8369 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8370 type: object 8371 requests: 8372 additionalProperties: 8373 anyOf: 8374 - type: integer 8375 - type: string 8376 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8377 x-kubernetes-int-or-string: true 8378 description: 'Requests describes the minimum amount of compute 8379 resources required. If Requests is omitted for a container, 8380 it defaults to Limits if that is explicitly specified, 8381 otherwise to an implementation-defined value. More info: 8382 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 8383 type: object 8384 type: object 8385 explainer: 8386 properties: 8387 config: 8388 additionalProperties: 8389 type: string 8390 type: object 8391 containerSpec: 8392 description: A single application container that you want 8393 to run within a pod. 8394 properties: 8395 args: 8396 description: 'Arguments to the entrypoint. The docker 8397 image''s CMD is used if this is not provided. Variable 8398 references $(VAR_NAME) are expanded using the container''s 8399 environment. If a variable cannot be resolved, the 8400 reference in the input string will be unchanged. The 8401 $(VAR_NAME) syntax can be escaped with a double $$, 8402 ie: $$(VAR_NAME). Escaped references will never be 8403 expanded, regardless of whether the variable exists 8404 or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8405 items: 8406 type: string 8407 type: array 8408 command: 8409 description: 'Entrypoint array. Not executed within 8410 a shell. The docker image''s ENTRYPOINT is used if 8411 this is not provided. Variable references $(VAR_NAME) 8412 are expanded using the container''s environment. If 8413 a variable cannot be resolved, the reference in the 8414 input string will be unchanged. The $(VAR_NAME) syntax 8415 can be escaped with a double $$, ie: $$(VAR_NAME). 8416 Escaped references will never be expanded, regardless 8417 of whether the variable exists or not. Cannot be updated. 8418 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8419 items: 8420 type: string 8421 type: array 8422 env: 8423 description: List of environment variables to set in 8424 the container. Cannot be updated. 8425 items: 8426 description: EnvVar represents an environment variable 8427 present in a Container. 8428 properties: 8429 name: 8430 description: Name of the environment variable. 8431 Must be a C_IDENTIFIER. 8432 type: string 8433 value: 8434 description: 'Variable references $(VAR_NAME) 8435 are expanded using the previous defined environment 8436 variables in the container and any service environment 8437 variables. If a variable cannot be resolved, 8438 the reference in the input string will be unchanged. 8439 The $(VAR_NAME) syntax can be escaped with a 8440 double $$, ie: $$(VAR_NAME). Escaped references 8441 will never be expanded, regardless of whether 8442 the variable exists or not. Defaults to "".' 8443 type: string 8444 valueFrom: 8445 description: Source for the environment variable's 8446 value. Cannot be used if value is not empty. 8447 properties: 8448 configMapKeyRef: 8449 description: Selects a key of a ConfigMap. 8450 properties: 8451 key: 8452 description: The key to select. 8453 type: string 8454 name: 8455 description: 'Name of the referent. More 8456 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8457 TODO: Add other useful fields. apiVersion, 8458 kind, uid?' 8459 type: string 8460 optional: 8461 description: Specify whether the ConfigMap 8462 or its key must be defined 8463 type: boolean 8464 required: 8465 - key 8466 type: object 8467 fieldRef: 8468 description: 'Selects a field of the pod: 8469 supports metadata.name, metadata.namespace, 8470 `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, 8471 spec.nodeName, spec.serviceAccountName, 8472 status.hostIP, status.podIP, status.podIPs.' 8473 properties: 8474 apiVersion: 8475 description: Version of the schema the 8476 FieldPath is written in terms of, defaults 8477 to "v1". 8478 type: string 8479 fieldPath: 8480 description: Path of the field to select 8481 in the specified API version. 8482 type: string 8483 required: 8484 - fieldPath 8485 type: object 8486 resourceFieldRef: 8487 description: 'Selects a resource of the container: 8488 only resources limits and requests (limits.cpu, 8489 limits.memory, limits.ephemeral-storage, 8490 requests.cpu, requests.memory and requests.ephemeral-storage) 8491 are currently supported.' 8492 properties: 8493 containerName: 8494 description: 'Container name: required 8495 for volumes, optional for env vars' 8496 type: string 8497 divisor: 8498 anyOf: 8499 - type: integer 8500 - type: string 8501 description: Specifies the output format 8502 of the exposed resources, defaults to 8503 "1" 8504 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8505 x-kubernetes-int-or-string: true 8506 resource: 8507 description: 'Required: resource to select' 8508 type: string 8509 required: 8510 - resource 8511 type: object 8512 secretKeyRef: 8513 description: Selects a key of a secret in 8514 the pod's namespace 8515 properties: 8516 key: 8517 description: The key of the secret to 8518 select from. Must be a valid secret 8519 key. 8520 type: string 8521 name: 8522 description: 'Name of the referent. More 8523 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8524 TODO: Add other useful fields. apiVersion, 8525 kind, uid?' 8526 type: string 8527 optional: 8528 description: Specify whether the Secret 8529 or its key must be defined 8530 type: boolean 8531 required: 8532 - key 8533 type: object 8534 type: object 8535 required: 8536 - name 8537 type: object 8538 type: array 8539 envFrom: 8540 description: List of sources to populate environment 8541 variables in the container. The keys defined within 8542 a source must be a C_IDENTIFIER. All invalid keys 8543 will be reported as an event when the container is 8544 starting. When a key exists in multiple sources, the 8545 value associated with the last source will take precedence. 8546 Values defined by an Env with a duplicate key will 8547 take precedence. Cannot be updated. 8548 items: 8549 description: EnvFromSource represents the source of 8550 a set of ConfigMaps 8551 properties: 8552 configMapRef: 8553 description: The ConfigMap to select from 8554 properties: 8555 name: 8556 description: 'Name of the referent. More info: 8557 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8558 TODO: Add other useful fields. apiVersion, 8559 kind, uid?' 8560 type: string 8561 optional: 8562 description: Specify whether the ConfigMap 8563 must be defined 8564 type: boolean 8565 type: object 8566 prefix: 8567 description: An optional identifier to prepend 8568 to each key in the ConfigMap. Must be a C_IDENTIFIER. 8569 type: string 8570 secretRef: 8571 description: The Secret to select from 8572 properties: 8573 name: 8574 description: 'Name of the referent. More info: 8575 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8576 TODO: Add other useful fields. apiVersion, 8577 kind, uid?' 8578 type: string 8579 optional: 8580 description: Specify whether the Secret must 8581 be defined 8582 type: boolean 8583 type: object 8584 type: object 8585 type: array 8586 image: 8587 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8588 This field is optional to allow higher level config 8589 management to default or override container images 8590 in workload controllers like Deployments and StatefulSets.' 8591 type: string 8592 imagePullPolicy: 8593 description: 'Image pull policy. One of Always, Never, 8594 IfNotPresent. Defaults to Always if :latest tag is 8595 specified, or IfNotPresent otherwise. Cannot be updated. 8596 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 8597 type: string 8598 lifecycle: 8599 description: Actions that the management system should 8600 take in response to container lifecycle events. Cannot 8601 be updated. 8602 properties: 8603 postStart: 8604 description: 'PostStart is called immediately after 8605 a container is created. If the handler fails, 8606 the container is terminated and restarted according 8607 to its restart policy. Other management of the 8608 container blocks until the hook completes. More 8609 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8610 properties: 8611 exec: 8612 description: One and only one of the following 8613 should be specified. Exec specifies the action 8614 to take. 8615 properties: 8616 command: 8617 description: Command is the command line 8618 to execute inside the container, the working 8619 directory for the command is root ('/') 8620 in the container's filesystem. The command 8621 is simply exec'd, it is not run inside 8622 a shell, so traditional shell instructions 8623 ('|', etc) won't work. To use a shell, 8624 you need to explicitly call out to that 8625 shell. Exit status of 0 is treated as 8626 live/healthy and non-zero is unhealthy. 8627 items: 8628 type: string 8629 type: array 8630 type: object 8631 httpGet: 8632 description: HTTPGet specifies the http request 8633 to perform. 8634 properties: 8635 host: 8636 description: Host name to connect to, defaults 8637 to the pod IP. You probably want to set 8638 "Host" in httpHeaders instead. 8639 type: string 8640 httpHeaders: 8641 description: Custom headers to set in the 8642 request. HTTP allows repeated headers. 8643 items: 8644 description: HTTPHeader describes a custom 8645 header to be used in HTTP probes 8646 properties: 8647 name: 8648 description: The header field name 8649 type: string 8650 value: 8651 description: The header field value 8652 type: string 8653 required: 8654 - name 8655 - value 8656 type: object 8657 type: array 8658 path: 8659 description: Path to access on the HTTP 8660 server. 8661 type: string 8662 port: 8663 anyOf: 8664 - type: integer 8665 - type: string 8666 description: Name or number of the port 8667 to access on the container. Number must 8668 be in the range 1 to 65535. Name must 8669 be an IANA_SVC_NAME. 8670 x-kubernetes-int-or-string: true 8671 scheme: 8672 description: Scheme to use for connecting 8673 to the host. Defaults to HTTP. 8674 type: string 8675 required: 8676 - port 8677 type: object 8678 tcpSocket: 8679 description: 'TCPSocket specifies an action 8680 involving a TCP port. TCP hooks not yet supported 8681 TODO: implement a realistic TCP lifecycle 8682 hook' 8683 properties: 8684 host: 8685 description: 'Optional: Host name to connect 8686 to, defaults to the pod IP.' 8687 type: string 8688 port: 8689 anyOf: 8690 - type: integer 8691 - type: string 8692 description: Number or name of the port 8693 to access on the container. Number must 8694 be in the range 1 to 65535. Name must 8695 be an IANA_SVC_NAME. 8696 x-kubernetes-int-or-string: true 8697 required: 8698 - port 8699 type: object 8700 type: object 8701 preStop: 8702 description: 'PreStop is called immediately before 8703 a container is terminated due to an API request 8704 or management event such as liveness/startup probe 8705 failure, preemption, resource contention, etc. 8706 The handler is not called if the container crashes 8707 or exits. The reason for termination is passed 8708 to the handler. The Pod''s termination grace period 8709 countdown begins before the PreStop hooked is 8710 executed. Regardless of the outcome of the handler, 8711 the container will eventually terminate within 8712 the Pod''s termination grace period. Other management 8713 of the container blocks until the hook completes 8714 or until the termination grace period is reached. 8715 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8716 properties: 8717 exec: 8718 description: One and only one of the following 8719 should be specified. Exec specifies the action 8720 to take. 8721 properties: 8722 command: 8723 description: Command is the command line 8724 to execute inside the container, the working 8725 directory for the command is root ('/') 8726 in the container's filesystem. The command 8727 is simply exec'd, it is not run inside 8728 a shell, so traditional shell instructions 8729 ('|', etc) won't work. To use a shell, 8730 you need to explicitly call out to that 8731 shell. Exit status of 0 is treated as 8732 live/healthy and non-zero is unhealthy. 8733 items: 8734 type: string 8735 type: array 8736 type: object 8737 httpGet: 8738 description: HTTPGet specifies the http request 8739 to perform. 8740 properties: 8741 host: 8742 description: Host name to connect to, defaults 8743 to the pod IP. You probably want to set 8744 "Host" in httpHeaders instead. 8745 type: string 8746 httpHeaders: 8747 description: Custom headers to set in the 8748 request. HTTP allows repeated headers. 8749 items: 8750 description: HTTPHeader describes a custom 8751 header to be used in HTTP probes 8752 properties: 8753 name: 8754 description: The header field name 8755 type: string 8756 value: 8757 description: The header field value 8758 type: string 8759 required: 8760 - name 8761 - value 8762 type: object 8763 type: array 8764 path: 8765 description: Path to access on the HTTP 8766 server. 8767 type: string 8768 port: 8769 anyOf: 8770 - type: integer 8771 - type: string 8772 description: Name or number of the port 8773 to access on the container. Number must 8774 be in the range 1 to 65535. Name must 8775 be an IANA_SVC_NAME. 8776 x-kubernetes-int-or-string: true 8777 scheme: 8778 description: Scheme to use for connecting 8779 to the host. Defaults to HTTP. 8780 type: string 8781 required: 8782 - port 8783 type: object 8784 tcpSocket: 8785 description: 'TCPSocket specifies an action 8786 involving a TCP port. TCP hooks not yet supported 8787 TODO: implement a realistic TCP lifecycle 8788 hook' 8789 properties: 8790 host: 8791 description: 'Optional: Host name to connect 8792 to, defaults to the pod IP.' 8793 type: string 8794 port: 8795 anyOf: 8796 - type: integer 8797 - type: string 8798 description: Number or name of the port 8799 to access on the container. Number must 8800 be in the range 1 to 65535. Name must 8801 be an IANA_SVC_NAME. 8802 x-kubernetes-int-or-string: true 8803 required: 8804 - port 8805 type: object 8806 type: object 8807 type: object 8808 livenessProbe: 8809 description: 'Periodic probe of container liveness. 8810 Container will be restarted if the probe fails. Cannot 8811 be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8812 properties: 8813 exec: 8814 description: One and only one of the following should 8815 be specified. Exec specifies the action to take. 8816 properties: 8817 command: 8818 description: Command is the command line to 8819 execute inside the container, the working 8820 directory for the command is root ('/') in 8821 the container's filesystem. The command is 8822 simply exec'd, it is not run inside a shell, 8823 so traditional shell instructions ('|', etc) 8824 won't work. To use a shell, you need to explicitly 8825 call out to that shell. Exit status of 0 is 8826 treated as live/healthy and non-zero is unhealthy. 8827 items: 8828 type: string 8829 type: array 8830 type: object 8831 failureThreshold: 8832 description: Minimum consecutive failures for the 8833 probe to be considered failed after having succeeded. 8834 Defaults to 3. Minimum value is 1. 8835 format: int32 8836 type: integer 8837 httpGet: 8838 description: HTTPGet specifies the http request 8839 to perform. 8840 properties: 8841 host: 8842 description: Host name to connect to, defaults 8843 to the pod IP. You probably want to set "Host" 8844 in httpHeaders instead. 8845 type: string 8846 httpHeaders: 8847 description: Custom headers to set in the request. 8848 HTTP allows repeated headers. 8849 items: 8850 description: HTTPHeader describes a custom 8851 header to be used in HTTP probes 8852 properties: 8853 name: 8854 description: The header field name 8855 type: string 8856 value: 8857 description: The header field value 8858 type: string 8859 required: 8860 - name 8861 - value 8862 type: object 8863 type: array 8864 path: 8865 description: Path to access on the HTTP server. 8866 type: string 8867 port: 8868 anyOf: 8869 - type: integer 8870 - type: string 8871 description: Name or number of the port to access 8872 on the container. Number must be in the range 8873 1 to 65535. Name must be an IANA_SVC_NAME. 8874 x-kubernetes-int-or-string: true 8875 scheme: 8876 description: Scheme to use for connecting to 8877 the host. Defaults to HTTP. 8878 type: string 8879 required: 8880 - port 8881 type: object 8882 initialDelaySeconds: 8883 description: 'Number of seconds after the container 8884 has started before liveness probes are initiated. 8885 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8886 format: int32 8887 type: integer 8888 periodSeconds: 8889 description: How often (in seconds) to perform the 8890 probe. Default to 10 seconds. Minimum value is 8891 1. 8892 format: int32 8893 type: integer 8894 successThreshold: 8895 description: Minimum consecutive successes for the 8896 probe to be considered successful after having 8897 failed. Defaults to 1. Must be 1 for liveness 8898 and startup. Minimum value is 1. 8899 format: int32 8900 type: integer 8901 tcpSocket: 8902 description: 'TCPSocket specifies an action involving 8903 a TCP port. TCP hooks not yet supported TODO: 8904 implement a realistic TCP lifecycle hook' 8905 properties: 8906 host: 8907 description: 'Optional: Host name to connect 8908 to, defaults to the pod IP.' 8909 type: string 8910 port: 8911 anyOf: 8912 - type: integer 8913 - type: string 8914 description: Number or name of the port to access 8915 on the container. Number must be in the range 8916 1 to 65535. Name must be an IANA_SVC_NAME. 8917 x-kubernetes-int-or-string: true 8918 required: 8919 - port 8920 type: object 8921 terminationGracePeriodSeconds: 8922 description: Optional duration in seconds the pod 8923 needs to terminate gracefully upon probe failure. 8924 The grace period is the duration in seconds after 8925 the processes running in the pod are sent a termination 8926 signal and the time when the processes are forcibly 8927 halted with a kill signal. Set this value longer 8928 than the expected cleanup time for your process. 8929 If this value is nil, the pod's terminationGracePeriodSeconds 8930 will be used. Otherwise, this value overrides 8931 the value provided by the pod spec. Value must 8932 be non-negative integer. The value zero indicates 8933 stop immediately via the kill signal (no opportunity 8934 to shut down). This is an alpha field and requires 8935 enabling ProbeTerminationGracePeriod feature gate. 8936 format: int64 8937 type: integer 8938 timeoutSeconds: 8939 description: 'Number of seconds after which the 8940 probe times out. Defaults to 1 second. Minimum 8941 value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8942 format: int32 8943 type: integer 8944 type: object 8945 name: 8946 description: Name of the container specified as a DNS_LABEL. 8947 Each container in a pod must have a unique name (DNS_LABEL). 8948 Cannot be updated. 8949 type: string 8950 ports: 8951 description: List of ports to expose from the container. 8952 Exposing a port here gives the system additional information 8953 about the network connections a container uses, but 8954 is primarily informational. Not specifying a port 8955 here DOES NOT prevent that port from being exposed. 8956 Any port which is listening on the default "0.0.0.0" 8957 address inside a container will be accessible from 8958 the network. Cannot be updated. 8959 items: 8960 description: ContainerPort represents a network port 8961 in a single container. 8962 properties: 8963 containerPort: 8964 description: Number of port to expose on the pod's 8965 IP address. This must be a valid port number, 8966 0 < x < 65536. 8967 format: int32 8968 type: integer 8969 hostIP: 8970 description: What host IP to bind the external 8971 port to. 8972 type: string 8973 hostPort: 8974 description: Number of port to expose on the host. 8975 If specified, this must be a valid port number, 8976 0 < x < 65536. If HostNetwork is specified, 8977 this must match ContainerPort. Most containers 8978 do not need this. 8979 format: int32 8980 type: integer 8981 name: 8982 description: If specified, this must be an IANA_SVC_NAME 8983 and unique within the pod. Each named port in 8984 a pod must have a unique name. Name for the 8985 port that can be referred to by services. 8986 type: string 8987 protocol: 8988 default: TCP 8989 description: Protocol for port. Must be UDP, TCP, 8990 or SCTP. Defaults to "TCP". 8991 type: string 8992 required: 8993 - containerPort 8994 type: object 8995 type: array 8996 x-kubernetes-list-map-keys: 8997 - containerPort 8998 - protocol 8999 x-kubernetes-list-type: map 9000 readinessProbe: 9001 description: 'Periodic probe of container service readiness. 9002 Container will be removed from service endpoints if 9003 the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9004 properties: 9005 exec: 9006 description: One and only one of the following should 9007 be specified. Exec specifies the action to take. 9008 properties: 9009 command: 9010 description: Command is the command line to 9011 execute inside the container, the working 9012 directory for the command is root ('/') in 9013 the container's filesystem. The command is 9014 simply exec'd, it is not run inside a shell, 9015 so traditional shell instructions ('|', etc) 9016 won't work. To use a shell, you need to explicitly 9017 call out to that shell. Exit status of 0 is 9018 treated as live/healthy and non-zero is unhealthy. 9019 items: 9020 type: string 9021 type: array 9022 type: object 9023 failureThreshold: 9024 description: Minimum consecutive failures for the 9025 probe to be considered failed after having succeeded. 9026 Defaults to 3. Minimum value is 1. 9027 format: int32 9028 type: integer 9029 httpGet: 9030 description: HTTPGet specifies the http request 9031 to perform. 9032 properties: 9033 host: 9034 description: Host name to connect to, defaults 9035 to the pod IP. You probably want to set "Host" 9036 in httpHeaders instead. 9037 type: string 9038 httpHeaders: 9039 description: Custom headers to set in the request. 9040 HTTP allows repeated headers. 9041 items: 9042 description: HTTPHeader describes a custom 9043 header to be used in HTTP probes 9044 properties: 9045 name: 9046 description: The header field name 9047 type: string 9048 value: 9049 description: The header field value 9050 type: string 9051 required: 9052 - name 9053 - value 9054 type: object 9055 type: array 9056 path: 9057 description: Path to access on the HTTP server. 9058 type: string 9059 port: 9060 anyOf: 9061 - type: integer 9062 - type: string 9063 description: Name or number of the port to access 9064 on the container. Number must be in the range 9065 1 to 65535. Name must be an IANA_SVC_NAME. 9066 x-kubernetes-int-or-string: true 9067 scheme: 9068 description: Scheme to use for connecting to 9069 the host. Defaults to HTTP. 9070 type: string 9071 required: 9072 - port 9073 type: object 9074 initialDelaySeconds: 9075 description: 'Number of seconds after the container 9076 has started before liveness probes are initiated. 9077 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9078 format: int32 9079 type: integer 9080 periodSeconds: 9081 description: How often (in seconds) to perform the 9082 probe. Default to 10 seconds. Minimum value is 9083 1. 9084 format: int32 9085 type: integer 9086 successThreshold: 9087 description: Minimum consecutive successes for the 9088 probe to be considered successful after having 9089 failed. Defaults to 1. Must be 1 for liveness 9090 and startup. Minimum value is 1. 9091 format: int32 9092 type: integer 9093 tcpSocket: 9094 description: 'TCPSocket specifies an action involving 9095 a TCP port. TCP hooks not yet supported TODO: 9096 implement a realistic TCP lifecycle hook' 9097 properties: 9098 host: 9099 description: 'Optional: Host name to connect 9100 to, defaults to the pod IP.' 9101 type: string 9102 port: 9103 anyOf: 9104 - type: integer 9105 - type: string 9106 description: Number or name of the port to access 9107 on the container. Number must be in the range 9108 1 to 65535. Name must be an IANA_SVC_NAME. 9109 x-kubernetes-int-or-string: true 9110 required: 9111 - port 9112 type: object 9113 terminationGracePeriodSeconds: 9114 description: Optional duration in seconds the pod 9115 needs to terminate gracefully upon probe failure. 9116 The grace period is the duration in seconds after 9117 the processes running in the pod are sent a termination 9118 signal and the time when the processes are forcibly 9119 halted with a kill signal. Set this value longer 9120 than the expected cleanup time for your process. 9121 If this value is nil, the pod's terminationGracePeriodSeconds 9122 will be used. Otherwise, this value overrides 9123 the value provided by the pod spec. Value must 9124 be non-negative integer. The value zero indicates 9125 stop immediately via the kill signal (no opportunity 9126 to shut down). This is an alpha field and requires 9127 enabling ProbeTerminationGracePeriod feature gate. 9128 format: int64 9129 type: integer 9130 timeoutSeconds: 9131 description: 'Number of seconds after which the 9132 probe times out. Defaults to 1 second. Minimum 9133 value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9134 format: int32 9135 type: integer 9136 type: object 9137 resources: 9138 description: 'Compute Resources required by this container. 9139 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9140 properties: 9141 limits: 9142 additionalProperties: 9143 anyOf: 9144 - type: integer 9145 - type: string 9146 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9147 x-kubernetes-int-or-string: true 9148 description: 'Limits describes the maximum amount 9149 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9150 type: object 9151 requests: 9152 additionalProperties: 9153 anyOf: 9154 - type: integer 9155 - type: string 9156 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 9157 x-kubernetes-int-or-string: true 9158 description: 'Requests describes the minimum amount 9159 of compute resources required. If Requests is 9160 omitted for a container, it defaults to Limits 9161 if that is explicitly specified, otherwise to 9162 an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 9163 type: object 9164 type: object 9165 securityContext: 9166 description: 'Security options the pod should run with. 9167 More info: https://kubernetes.io/docs/concepts/policy/security-context/ 9168 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 9169 properties: 9170 allowPrivilegeEscalation: 9171 description: 'AllowPrivilegeEscalation controls 9172 whether a process can gain more privileges than 9173 its parent process. This bool directly controls 9174 if the no_new_privs flag will be set on the container 9175 process. AllowPrivilegeEscalation is true always 9176 when the container is: 1) run as Privileged 2) 9177 has CAP_SYS_ADMIN' 9178 type: boolean 9179 capabilities: 9180 description: The capabilities to add/drop when running 9181 containers. Defaults to the default set of capabilities 9182 granted by the container runtime. 9183 properties: 9184 add: 9185 description: Added capabilities 9186 items: 9187 description: Capability represent POSIX capabilities 9188 type 9189 type: string 9190 type: array 9191 drop: 9192 description: Removed capabilities 9193 items: 9194 description: Capability represent POSIX capabilities 9195 type 9196 type: string 9197 type: array 9198 type: object 9199 privileged: 9200 description: Run container in privileged mode. Processes 9201 in privileged containers are essentially equivalent 9202 to root on the host. Defaults to false. 9203 type: boolean 9204 procMount: 9205 description: procMount denotes the type of proc 9206 mount to use for the containers. The default is 9207 DefaultProcMount which uses the container runtime 9208 defaults for readonly paths and masked paths. 9209 This requires the ProcMountType feature flag to 9210 be enabled. 9211 type: string 9212 readOnlyRootFilesystem: 9213 description: Whether this container has a read-only 9214 root filesystem. Default is false. 9215 type: boolean 9216 runAsGroup: 9217 description: The GID to run the entrypoint of the 9218 container process. Uses runtime default if unset. 9219 May also be set in PodSecurityContext. If set 9220 in both SecurityContext and PodSecurityContext, 9221 the value specified in SecurityContext takes precedence. 9222 format: int64 9223 type: integer 9224 runAsNonRoot: 9225 description: Indicates that the container must run 9226 as a non-root user. If true, the Kubelet will 9227 validate the image at runtime to ensure that it 9228 does not run as UID 0 (root) and fail to start 9229 the container if it does. If unset or false, no 9230 such validation will be performed. May also be 9231 set in PodSecurityContext. If set in both SecurityContext 9232 and PodSecurityContext, the value specified in 9233 SecurityContext takes precedence. 9234 type: boolean 9235 runAsUser: 9236 description: The UID to run the entrypoint of the 9237 container process. Defaults to user specified 9238 in image metadata if unspecified. May also be 9239 set in PodSecurityContext. If set in both SecurityContext 9240 and PodSecurityContext, the value specified in 9241 SecurityContext takes precedence. 9242 format: int64 9243 type: integer 9244 seLinuxOptions: 9245 description: The SELinux context to be applied to 9246 the container. If unspecified, the container runtime 9247 will allocate a random SELinux context for each 9248 container. May also be set in PodSecurityContext. If 9249 set in both SecurityContext and PodSecurityContext, 9250 the value specified in SecurityContext takes precedence. 9251 properties: 9252 level: 9253 description: Level is SELinux level label that 9254 applies to the container. 9255 type: string 9256 role: 9257 description: Role is a SELinux role label that 9258 applies to the container. 9259 type: string 9260 type: 9261 description: Type is a SELinux type label that 9262 applies to the container. 9263 type: string 9264 user: 9265 description: User is a SELinux user label that 9266 applies to the container. 9267 type: string 9268 type: object 9269 seccompProfile: 9270 description: The seccomp options to use by this 9271 container. If seccomp options are provided at 9272 both the pod & container level, the container 9273 options override the pod options. 9274 properties: 9275 localhostProfile: 9276 description: localhostProfile indicates a profile 9277 defined in a file on the node should be used. 9278 The profile must be preconfigured on the node 9279 to work. Must be a descending path, relative 9280 to the kubelet's configured seccomp profile 9281 location. Must only be set if type is "Localhost". 9282 type: string 9283 type: 9284 description: "type indicates which kind of seccomp 9285 profile will be applied. Valid options are: 9286 \n Localhost - a profile defined in a file 9287 on the node should be used. RuntimeDefault 9288 - the container runtime default profile should 9289 be used. Unconfined - no profile should be 9290 applied." 9291 type: string 9292 required: 9293 - type 9294 type: object 9295 windowsOptions: 9296 description: The Windows specific settings applied 9297 to all containers. If unspecified, the options 9298 from the PodSecurityContext will be used. If set 9299 in both SecurityContext and PodSecurityContext, 9300 the value specified in SecurityContext takes precedence. 9301 properties: 9302 gmsaCredentialSpec: 9303 description: GMSACredentialSpec is where the 9304 GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) 9305 inlines the contents of the GMSA credential 9306 spec named by the GMSACredentialSpecName field. 9307 type: string 9308 gmsaCredentialSpecName: 9309 description: GMSACredentialSpecName is the name 9310 of the GMSA credential spec to use. 9311 type: string 9312 runAsUserName: 9313 description: The UserName in Windows to run 9314 the entrypoint of the container process. Defaults 9315 to the user specified in image metadata if 9316 unspecified. May also be set in PodSecurityContext. 9317 If set in both SecurityContext and PodSecurityContext, 9318 the value specified in SecurityContext takes 9319 precedence. 9320 type: string 9321 type: object 9322 type: object 9323 startupProbe: 9324 description: 'StartupProbe indicates that the Pod has 9325 successfully initialized. If specified, no other probes 9326 are executed until this completes successfully. If 9327 this probe fails, the Pod will be restarted, just 9328 as if the livenessProbe failed. This can be used to 9329 provide different probe parameters at the beginning 9330 of a Pod''s lifecycle, when it might take a long time 9331 to load data or warm a cache, than during steady-state 9332 operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9333 properties: 9334 exec: 9335 description: One and only one of the following should 9336 be specified. Exec specifies the action to take. 9337 properties: 9338 command: 9339 description: Command is the command line to 9340 execute inside the container, the working 9341 directory for the command is root ('/') in 9342 the container's filesystem. The command is 9343 simply exec'd, it is not run inside a shell, 9344 so traditional shell instructions ('|', etc) 9345 won't work. To use a shell, you need to explicitly 9346 call out to that shell. Exit status of 0 is 9347 treated as live/healthy and non-zero is unhealthy. 9348 items: 9349 type: string 9350 type: array 9351 type: object 9352 failureThreshold: 9353 description: Minimum consecutive failures for the 9354 probe to be considered failed after having succeeded. 9355 Defaults to 3. Minimum value is 1. 9356 format: int32 9357 type: integer 9358 httpGet: 9359 description: HTTPGet specifies the http request 9360 to perform. 9361 properties: 9362 host: 9363 description: Host name to connect to, defaults 9364 to the pod IP. You probably want to set "Host" 9365 in httpHeaders instead. 9366 type: string 9367 httpHeaders: 9368 description: Custom headers to set in the request. 9369 HTTP allows repeated headers. 9370 items: 9371 description: HTTPHeader describes a custom 9372 header to be used in HTTP probes 9373 properties: 9374 name: 9375 description: The header field name 9376 type: string 9377 value: 9378 description: The header field value 9379 type: string 9380 required: 9381 - name 9382 - value 9383 type: object 9384 type: array 9385 path: 9386 description: Path to access on the HTTP server. 9387 type: string 9388 port: 9389 anyOf: 9390 - type: integer 9391 - type: string 9392 description: Name or number of the port to access 9393 on the container. Number must be in the range 9394 1 to 65535. Name must be an IANA_SVC_NAME. 9395 x-kubernetes-int-or-string: true 9396 scheme: 9397 description: Scheme to use for connecting to 9398 the host. Defaults to HTTP. 9399 type: string 9400 required: 9401 - port 9402 type: object 9403 initialDelaySeconds: 9404 description: 'Number of seconds after the container 9405 has started before liveness probes are initiated. 9406 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9407 format: int32 9408 type: integer 9409 periodSeconds: 9410 description: How often (in seconds) to perform the 9411 probe. Default to 10 seconds. Minimum value is 9412 1. 9413 format: int32 9414 type: integer 9415 successThreshold: 9416 description: Minimum consecutive successes for the 9417 probe to be considered successful after having 9418 failed. Defaults to 1. Must be 1 for liveness 9419 and startup. Minimum value is 1. 9420 format: int32 9421 type: integer 9422 tcpSocket: 9423 description: 'TCPSocket specifies an action involving 9424 a TCP port. TCP hooks not yet supported TODO: 9425 implement a realistic TCP lifecycle hook' 9426 properties: 9427 host: 9428 description: 'Optional: Host name to connect 9429 to, defaults to the pod IP.' 9430 type: string 9431 port: 9432 anyOf: 9433 - type: integer 9434 - type: string 9435 description: Number or name of the port to access 9436 on the container. Number must be in the range 9437 1 to 65535. Name must be an IANA_SVC_NAME. 9438 x-kubernetes-int-or-string: true 9439 required: 9440 - port 9441 type: object 9442 terminationGracePeriodSeconds: 9443 description: Optional duration in seconds the pod 9444 needs to terminate gracefully upon probe failure. 9445 The grace period is the duration in seconds after 9446 the processes running in the pod are sent a termination 9447 signal and the time when the processes are forcibly 9448 halted with a kill signal. Set this value longer 9449 than the expected cleanup time for your process. 9450 If this value is nil, the pod's terminationGracePeriodSeconds 9451 will be used. Otherwise, this value overrides 9452 the value provided by the pod spec. Value must 9453 be non-negative integer. The value zero indicates 9454 stop immediately via the kill signal (no opportunity 9455 to shut down). This is an alpha field and requires 9456 enabling ProbeTerminationGracePeriod feature gate. 9457 format: int64 9458 type: integer 9459 timeoutSeconds: 9460 description: 'Number of seconds after which the 9461 probe times out. Defaults to 1 second. Minimum 9462 value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9463 format: int32 9464 type: integer 9465 type: object 9466 stdin: 9467 description: Whether this container should allocate 9468 a buffer for stdin in the container runtime. If this 9469 is not set, reads from stdin in the container will 9470 always result in EOF. Default is false. 9471 type: boolean 9472 stdinOnce: 9473 description: Whether the container runtime should close 9474 the stdin channel after it has been opened by a single 9475 attach. When stdin is true the stdin stream will remain 9476 open across multiple attach sessions. If stdinOnce 9477 is set to true, stdin is opened on container start, 9478 is empty until the first client attaches to stdin, 9479 and then remains open and accepts data until the client 9480 disconnects, at which time stdin is closed and remains 9481 closed until the container is restarted. If this flag 9482 is false, a container processes that reads from stdin 9483 will never receive an EOF. Default is false 9484 type: boolean 9485 terminationMessagePath: 9486 description: 'Optional: Path at which the file to which 9487 the container''s termination message will be written 9488 is mounted into the container''s filesystem. Message 9489 written is intended to be brief final status, such 9490 as an assertion failure message. Will be truncated 9491 by the node if greater than 4096 bytes. The total 9492 message length across all containers will be limited 9493 to 12kb. Defaults to /dev/termination-log. Cannot 9494 be updated.' 9495 type: string 9496 terminationMessagePolicy: 9497 description: Indicate how the termination message should 9498 be populated. File will use the contents of terminationMessagePath 9499 to populate the container status message on both success 9500 and failure. FallbackToLogsOnError will use the last 9501 chunk of container log output if the termination message 9502 file is empty and the container exited with an error. 9503 The log output is limited to 2048 bytes or 80 lines, 9504 whichever is smaller. Defaults to File. Cannot be 9505 updated. 9506 type: string 9507 tty: 9508 description: Whether this container should allocate 9509 a TTY for itself, also requires 'stdin' to be true. 9510 Default is false. 9511 type: boolean 9512 volumeDevices: 9513 description: volumeDevices is the list of block devices 9514 to be used by the container. 9515 items: 9516 description: volumeDevice describes a mapping of a 9517 raw block device within a container. 9518 properties: 9519 devicePath: 9520 description: devicePath is the path inside of 9521 the container that the device will be mapped 9522 to. 9523 type: string 9524 name: 9525 description: name must match the name of a persistentVolumeClaim 9526 in the pod 9527 type: string 9528 required: 9529 - devicePath 9530 - name 9531 type: object 9532 type: array 9533 volumeMounts: 9534 description: Pod volumes to mount into the container's 9535 filesystem. Cannot be updated. 9536 items: 9537 description: VolumeMount describes a mounting of a 9538 Volume within a container. 9539 properties: 9540 mountPath: 9541 description: Path within the container at which 9542 the volume should be mounted. Must not contain 9543 ':'. 9544 type: string 9545 mountPropagation: 9546 description: mountPropagation determines how mounts 9547 are propagated from the host to container and 9548 the other way around. When not set, MountPropagationNone 9549 is used. This field is beta in 1.10. 9550 type: string 9551 name: 9552 description: This must match the Name of a Volume. 9553 type: string 9554 readOnly: 9555 description: Mounted read-only if true, read-write 9556 otherwise (false or unspecified). Defaults to 9557 false. 9558 type: boolean 9559 subPath: 9560 description: Path within the volume from which 9561 the container's volume should be mounted. Defaults 9562 to "" (volume's root). 9563 type: string 9564 subPathExpr: 9565 description: Expanded path within the volume from 9566 which the container's volume should be mounted. 9567 Behaves similarly to SubPath but environment 9568 variable references $(VAR_NAME) are expanded 9569 using the container's environment. Defaults 9570 to "" (volume's root). SubPathExpr and SubPath 9571 are mutually exclusive. 9572 type: string 9573 required: 9574 - mountPath 9575 - name 9576 type: object 9577 type: array 9578 workingDir: 9579 description: Container's working directory. If not specified, 9580 the container runtime's default will be used, which 9581 might be configured in the container image. Cannot 9582 be updated. 9583 type: string 9584 required: 9585 - name 9586 type: object 9587 endpoint: 9588 properties: 9589 grpcPort: 9590 format: int32 9591 type: integer 9592 httpPort: 9593 format: int32 9594 type: integer 9595 service_host: 9596 type: string 9597 service_port: 9598 format: int32 9599 type: integer 9600 type: 9601 type: string 9602 type: object 9603 envSecretRefName: 9604 type: string 9605 initParameters: 9606 type: string 9607 modelUri: 9608 type: string 9609 replicas: 9610 format: int32 9611 type: integer 9612 serviceAccountName: 9613 type: string 9614 storageInitializerImage: 9615 type: string 9616 type: 9617 type: string 9618 type: object 9619 graph: 9620 properties: 9621 children: 9622 items: 9623 properties: 9624 children: 9625 items: 9626 properties: 9627 children: 9628 items: 9629 properties: 9630 children: 9631 items: 9632 properties: 9633 children: 9634 items: 9635 properties: 9636 children: 9637 items: 9638 properties: 9639 children: 9640 items: 9641 properties: 9642 children: 9643 items: 9644 properties: 9645 children: 9646 items: 9647 properties: 9648 children: 9649 items: 9650 properties: 9651 endpoint: 9652 properties: 9653 grpcPort: 9654 format: int32 9655 type: integer 9656 httpPort: 9657 format: int32 9658 type: integer 9659 service_host: 9660 type: string 9661 service_port: 9662 format: int32 9663 type: integer 9664 type: 9665 type: string 9666 type: object 9667 envSecretRefName: 9668 type: string 9669 implementation: 9670 type: string 9671 logger: 9672 description: Request/response payload 9673 logging. 9674 v2alpha1 9675 feature 9676 that 9677 is 9678 added 9679 to 9680 v1 9681 for 9682 backwards 9683 compatibility 9684 while 9685 v1 9686 is 9687 the 9688 storage 9689 version. 9690 properties: 9691 mode: 9692 description: What 9693 payloads 9694 to 9695 log 9696 type: string 9697 url: 9698 description: URL 9699 to 9700 send 9701 request 9702 logging 9703 CloudEvents 9704 type: string 9705 type: object 9706 methods: 9707 items: 9708 type: string 9709 type: array 9710 modelUri: 9711 type: string 9712 name: 9713 type: string 9714 parameters: 9715 items: 9716 properties: 9717 name: 9718 type: string 9719 type: 9720 type: string 9721 value: 9722 type: string 9723 required: 9724 - name 9725 - type 9726 - value 9727 type: object 9728 type: array 9729 serviceAccountName: 9730 type: string 9731 storageInitializerImage: 9732 type: string 9733 type: 9734 type: string 9735 required: 9736 - name 9737 type: object 9738 type: array 9739 endpoint: 9740 properties: 9741 grpcPort: 9742 format: int32 9743 type: integer 9744 httpPort: 9745 format: int32 9746 type: integer 9747 service_host: 9748 type: string 9749 service_port: 9750 format: int32 9751 type: integer 9752 type: 9753 type: string 9754 type: object 9755 envSecretRefName: 9756 type: string 9757 implementation: 9758 type: string 9759 logger: 9760 description: Request/response payload 9761 logging. 9762 v2alpha1 9763 feature 9764 that 9765 is 9766 added 9767 to 9768 v1 9769 for 9770 backwards 9771 compatibility 9772 while 9773 v1 9774 is 9775 the 9776 storage 9777 version. 9778 properties: 9779 mode: 9780 description: What 9781 payloads 9782 to 9783 log 9784 type: string 9785 url: 9786 description: URL 9787 to 9788 send 9789 request 9790 logging 9791 CloudEvents 9792 type: string 9793 type: object 9794 methods: 9795 items: 9796 type: string 9797 type: array 9798 modelUri: 9799 type: string 9800 name: 9801 type: string 9802 parameters: 9803 items: 9804 properties: 9805 name: 9806 type: string 9807 type: 9808 type: string 9809 value: 9810 type: string 9811 required: 9812 - name 9813 - type 9814 - value 9815 type: object 9816 type: array 9817 serviceAccountName: 9818 type: string 9819 storageInitializerImage: 9820 type: string 9821 type: 9822 type: string 9823 required: 9824 - name 9825 type: object 9826 type: array 9827 endpoint: 9828 properties: 9829 grpcPort: 9830 format: int32 9831 type: integer 9832 httpPort: 9833 format: int32 9834 type: integer 9835 service_host: 9836 type: string 9837 service_port: 9838 format: int32 9839 type: integer 9840 type: 9841 type: string 9842 type: object 9843 envSecretRefName: 9844 type: string 9845 implementation: 9846 type: string 9847 logger: 9848 description: Request/response payload 9849 logging. 9850 v2alpha1 9851 feature 9852 that is 9853 added 9854 to v1 9855 for backwards 9856 compatibility 9857 while 9858 v1 is 9859 the storage 9860 version. 9861 properties: 9862 mode: 9863 description: What 9864 payloads 9865 to 9866 log 9867 type: string 9868 url: 9869 description: URL 9870 to 9871 send 9872 request 9873 logging 9874 CloudEvents 9875 type: string 9876 type: object 9877 methods: 9878 items: 9879 type: string 9880 type: array 9881 modelUri: 9882 type: string 9883 name: 9884 type: string 9885 parameters: 9886 items: 9887 properties: 9888 name: 9889 type: string 9890 type: 9891 type: string 9892 value: 9893 type: string 9894 required: 9895 - name 9896 - type 9897 - value 9898 type: object 9899 type: array 9900 serviceAccountName: 9901 type: string 9902 storageInitializerImage: 9903 type: string 9904 type: 9905 type: string 9906 required: 9907 - name 9908 type: object 9909 type: array 9910 endpoint: 9911 properties: 9912 grpcPort: 9913 format: int32 9914 type: integer 9915 httpPort: 9916 format: int32 9917 type: integer 9918 service_host: 9919 type: string 9920 service_port: 9921 format: int32 9922 type: integer 9923 type: 9924 type: string 9925 type: object 9926 envSecretRefName: 9927 type: string 9928 implementation: 9929 type: string 9930 logger: 9931 description: Request/response payload 9932 logging. v2alpha1 9933 feature that 9934 is added to 9935 v1 for backwards 9936 compatibility 9937 while v1 is 9938 the storage 9939 version. 9940 properties: 9941 mode: 9942 description: What 9943 payloads 9944 to log 9945 type: string 9946 url: 9947 description: URL 9948 to send 9949 request 9950 logging 9951 CloudEvents 9952 type: string 9953 type: object 9954 methods: 9955 items: 9956 type: string 9957 type: array 9958 modelUri: 9959 type: string 9960 name: 9961 type: string 9962 parameters: 9963 items: 9964 properties: 9965 name: 9966 type: string 9967 type: 9968 type: string 9969 value: 9970 type: string 9971 required: 9972 - name 9973 - type 9974 - value 9975 type: object 9976 type: array 9977 serviceAccountName: 9978 type: string 9979 storageInitializerImage: 9980 type: string 9981 type: 9982 type: string 9983 required: 9984 - name 9985 type: object 9986 type: array 9987 endpoint: 9988 properties: 9989 grpcPort: 9990 format: int32 9991 type: integer 9992 httpPort: 9993 format: int32 9994 type: integer 9995 service_host: 9996 type: string 9997 service_port: 9998 format: int32 9999 type: integer 10000 type: 10001 type: string 10002 type: object 10003 envSecretRefName: 10004 type: string 10005 implementation: 10006 type: string 10007 logger: 10008 description: Request/response payload 10009 logging. v2alpha1 10010 feature that is added 10011 to v1 for backwards 10012 compatibility while 10013 v1 is the storage 10014 version. 10015 properties: 10016 mode: 10017 description: What 10018 payloads to log 10019 type: string 10020 url: 10021 description: URL 10022 to send request 10023 logging CloudEvents 10024 type: string 10025 type: object 10026 methods: 10027 items: 10028 type: string 10029 type: array 10030 modelUri: 10031 type: string 10032 name: 10033 type: string 10034 parameters: 10035 items: 10036 properties: 10037 name: 10038 type: string 10039 type: 10040 type: string 10041 value: 10042 type: string 10043 required: 10044 - name 10045 - type 10046 - value 10047 type: object 10048 type: array 10049 serviceAccountName: 10050 type: string 10051 storageInitializerImage: 10052 type: string 10053 type: 10054 type: string 10055 required: 10056 - name 10057 type: object 10058 type: array 10059 endpoint: 10060 properties: 10061 grpcPort: 10062 format: int32 10063 type: integer 10064 httpPort: 10065 format: int32 10066 type: integer 10067 service_host: 10068 type: string 10069 service_port: 10070 format: int32 10071 type: integer 10072 type: 10073 type: string 10074 type: object 10075 envSecretRefName: 10076 type: string 10077 implementation: 10078 type: string 10079 logger: 10080 description: Request/response payload 10081 logging. v2alpha1 feature 10082 that is added to v1 for 10083 backwards compatibility 10084 while v1 is the storage 10085 version. 10086 properties: 10087 mode: 10088 description: What payloads 10089 to log 10090 type: string 10091 url: 10092 description: URL to send 10093 request logging CloudEvents 10094 type: string 10095 type: object 10096 methods: 10097 items: 10098 type: string 10099 type: array 10100 modelUri: 10101 type: string 10102 name: 10103 type: string 10104 parameters: 10105 items: 10106 properties: 10107 name: 10108 type: string 10109 type: 10110 type: string 10111 value: 10112 type: string 10113 required: 10114 - name 10115 - type 10116 - value 10117 type: object 10118 type: array 10119 serviceAccountName: 10120 type: string 10121 storageInitializerImage: 10122 type: string 10123 type: 10124 type: string 10125 required: 10126 - name 10127 type: object 10128 type: array 10129 endpoint: 10130 properties: 10131 grpcPort: 10132 format: int32 10133 type: integer 10134 httpPort: 10135 format: int32 10136 type: integer 10137 service_host: 10138 type: string 10139 service_port: 10140 format: int32 10141 type: integer 10142 type: 10143 type: string 10144 type: object 10145 envSecretRefName: 10146 type: string 10147 implementation: 10148 type: string 10149 logger: 10150 description: Request/response payload 10151 logging. v2alpha1 feature that 10152 is added to v1 for backwards compatibility 10153 while v1 is the storage version. 10154 properties: 10155 mode: 10156 description: What payloads to 10157 log 10158 type: string 10159 url: 10160 description: URL to send request 10161 logging CloudEvents 10162 type: string 10163 type: object 10164 methods: 10165 items: 10166 type: string 10167 type: array 10168 modelUri: 10169 type: string 10170 name: 10171 type: string 10172 parameters: 10173 items: 10174 properties: 10175 name: 10176 type: string 10177 type: 10178 type: string 10179 value: 10180 type: string 10181 required: 10182 - name 10183 - type 10184 - value 10185 type: object 10186 type: array 10187 serviceAccountName: 10188 type: string 10189 storageInitializerImage: 10190 type: string 10191 type: 10192 type: string 10193 required: 10194 - name 10195 type: object 10196 type: array 10197 endpoint: 10198 properties: 10199 grpcPort: 10200 format: int32 10201 type: integer 10202 httpPort: 10203 format: int32 10204 type: integer 10205 service_host: 10206 type: string 10207 service_port: 10208 format: int32 10209 type: integer 10210 type: 10211 type: string 10212 type: object 10213 envSecretRefName: 10214 type: string 10215 implementation: 10216 type: string 10217 logger: 10218 description: Request/response payload 10219 logging. v2alpha1 feature that is added 10220 to v1 for backwards compatibility while 10221 v1 is the storage version. 10222 properties: 10223 mode: 10224 description: What payloads to log 10225 type: string 10226 url: 10227 description: URL to send request logging 10228 CloudEvents 10229 type: string 10230 type: object 10231 methods: 10232 items: 10233 type: string 10234 type: array 10235 modelUri: 10236 type: string 10237 name: 10238 type: string 10239 parameters: 10240 items: 10241 properties: 10242 name: 10243 type: string 10244 type: 10245 type: string 10246 value: 10247 type: string 10248 required: 10249 - name 10250 - type 10251 - value 10252 type: object 10253 type: array 10254 serviceAccountName: 10255 type: string 10256 storageInitializerImage: 10257 type: string 10258 type: 10259 type: string 10260 required: 10261 - name 10262 type: object 10263 type: array 10264 endpoint: 10265 properties: 10266 grpcPort: 10267 format: int32 10268 type: integer 10269 httpPort: 10270 format: int32 10271 type: integer 10272 service_host: 10273 type: string 10274 service_port: 10275 format: int32 10276 type: integer 10277 type: 10278 type: string 10279 type: object 10280 envSecretRefName: 10281 type: string 10282 implementation: 10283 type: string 10284 logger: 10285 description: Request/response payload logging. 10286 v2alpha1 feature that is added to v1 for backwards 10287 compatibility while v1 is the storage version. 10288 properties: 10289 mode: 10290 description: What payloads to log 10291 type: string 10292 url: 10293 description: URL to send request logging 10294 CloudEvents 10295 type: string 10296 type: object 10297 methods: 10298 items: 10299 type: string 10300 type: array 10301 modelUri: 10302 type: string 10303 name: 10304 type: string 10305 parameters: 10306 items: 10307 properties: 10308 name: 10309 type: string 10310 type: 10311 type: string 10312 value: 10313 type: string 10314 required: 10315 - name 10316 - type 10317 - value 10318 type: object 10319 type: array 10320 serviceAccountName: 10321 type: string 10322 storageInitializerImage: 10323 type: string 10324 type: 10325 type: string 10326 required: 10327 - name 10328 type: object 10329 type: array 10330 endpoint: 10331 properties: 10332 grpcPort: 10333 format: int32 10334 type: integer 10335 httpPort: 10336 format: int32 10337 type: integer 10338 service_host: 10339 type: string 10340 service_port: 10341 format: int32 10342 type: integer 10343 type: 10344 type: string 10345 type: object 10346 envSecretRefName: 10347 type: string 10348 implementation: 10349 type: string 10350 logger: 10351 description: Request/response payload logging. v2alpha1 10352 feature that is added to v1 for backwards compatibility 10353 while v1 is the storage version. 10354 properties: 10355 mode: 10356 description: What payloads to log 10357 type: string 10358 url: 10359 description: URL to send request logging CloudEvents 10360 type: string 10361 type: object 10362 methods: 10363 items: 10364 type: string 10365 type: array 10366 modelUri: 10367 type: string 10368 name: 10369 type: string 10370 parameters: 10371 items: 10372 properties: 10373 name: 10374 type: string 10375 type: 10376 type: string 10377 value: 10378 type: string 10379 required: 10380 - name 10381 - type 10382 - value 10383 type: object 10384 type: array 10385 serviceAccountName: 10386 type: string 10387 storageInitializerImage: 10388 type: string 10389 type: 10390 type: string 10391 required: 10392 - name 10393 type: object 10394 type: array 10395 endpoint: 10396 properties: 10397 grpcPort: 10398 format: int32 10399 type: integer 10400 httpPort: 10401 format: int32 10402 type: integer 10403 service_host: 10404 type: string 10405 service_port: 10406 format: int32 10407 type: integer 10408 type: 10409 type: string 10410 type: object 10411 envSecretRefName: 10412 type: string 10413 implementation: 10414 type: string 10415 logger: 10416 description: Request/response payload logging. v2alpha1 10417 feature that is added to v1 for backwards compatibility 10418 while v1 is the storage version. 10419 properties: 10420 mode: 10421 description: What payloads to log 10422 type: string 10423 url: 10424 description: URL to send request logging CloudEvents 10425 type: string 10426 type: object 10427 methods: 10428 items: 10429 type: string 10430 type: array 10431 modelUri: 10432 type: string 10433 name: 10434 type: string 10435 parameters: 10436 items: 10437 properties: 10438 name: 10439 type: string 10440 type: 10441 type: string 10442 value: 10443 type: string 10444 required: 10445 - name 10446 - type 10447 - value 10448 type: object 10449 type: array 10450 serviceAccountName: 10451 type: string 10452 storageInitializerImage: 10453 type: string 10454 type: 10455 type: string 10456 required: 10457 - name 10458 type: object 10459 labels: 10460 additionalProperties: 10461 type: string 10462 type: object 10463 name: 10464 type: string 10465 replicas: 10466 format: int32 10467 type: integer 10468 shadow: 10469 type: boolean 10470 ssl: 10471 properties: 10472 certSecretName: 10473 type: string 10474 type: object 10475 svcOrchSpec: 10476 properties: 10477 env: 10478 items: 10479 description: EnvVar represents an environment variable 10480 present in a Container. 10481 properties: 10482 name: 10483 description: Name of the environment variable. Must 10484 be a C_IDENTIFIER. 10485 type: string 10486 value: 10487 description: 'Variable references $(VAR_NAME) are 10488 expanded using the previous defined environment 10489 variables in the container and any service environment 10490 variables. If a variable cannot be resolved, the 10491 reference in the input string will be unchanged. 10492 The $(VAR_NAME) syntax can be escaped with a double 10493 $$, ie: $$(VAR_NAME). Escaped references will never 10494 be expanded, regardless of whether the variable 10495 exists or not. Defaults to "".' 10496 type: string 10497 valueFrom: 10498 description: Source for the environment variable's 10499 value. Cannot be used if value is not empty. 10500 properties: 10501 configMapKeyRef: 10502 description: Selects a key of a ConfigMap. 10503 properties: 10504 key: 10505 description: The key to select. 10506 type: string 10507 name: 10508 description: 'Name of the referent. More info: 10509 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10510 TODO: Add other useful fields. apiVersion, 10511 kind, uid?' 10512 type: string 10513 optional: 10514 description: Specify whether the ConfigMap 10515 or its key must be defined 10516 type: boolean 10517 required: 10518 - key 10519 type: object 10520 fieldRef: 10521 description: 'Selects a field of the pod: supports 10522 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 10523 `metadata.annotations[''<KEY>'']`, spec.nodeName, 10524 spec.serviceAccountName, status.hostIP, status.podIP, 10525 status.podIPs.' 10526 properties: 10527 apiVersion: 10528 description: Version of the schema the FieldPath 10529 is written in terms of, defaults to "v1". 10530 type: string 10531 fieldPath: 10532 description: Path of the field to select in 10533 the specified API version. 10534 type: string 10535 required: 10536 - fieldPath 10537 type: object 10538 resourceFieldRef: 10539 description: 'Selects a resource of the container: 10540 only resources limits and requests (limits.cpu, 10541 limits.memory, limits.ephemeral-storage, requests.cpu, 10542 requests.memory and requests.ephemeral-storage) 10543 are currently supported.' 10544 properties: 10545 containerName: 10546 description: 'Container name: required for 10547 volumes, optional for env vars' 10548 type: string 10549 divisor: 10550 anyOf: 10551 - type: integer 10552 - type: string 10553 description: Specifies the output format of 10554 the exposed resources, defaults to "1" 10555 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10556 x-kubernetes-int-or-string: true 10557 resource: 10558 description: 'Required: resource to select' 10559 type: string 10560 required: 10561 - resource 10562 type: object 10563 secretKeyRef: 10564 description: Selects a key of a secret in the 10565 pod's namespace 10566 properties: 10567 key: 10568 description: The key of the secret to select 10569 from. Must be a valid secret key. 10570 type: string 10571 name: 10572 description: 'Name of the referent. More info: 10573 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10574 TODO: Add other useful fields. apiVersion, 10575 kind, uid?' 10576 type: string 10577 optional: 10578 description: Specify whether the Secret or 10579 its key must be defined 10580 type: boolean 10581 required: 10582 - key 10583 type: object 10584 type: object 10585 required: 10586 - name 10587 type: object 10588 type: array 10589 replicas: 10590 format: int32 10591 type: integer 10592 resources: 10593 description: ResourceRequirements describes the compute 10594 resource requirements. 10595 properties: 10596 limits: 10597 additionalProperties: 10598 anyOf: 10599 - type: integer 10600 - type: string 10601 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10602 x-kubernetes-int-or-string: true 10603 description: 'Limits describes the maximum amount of 10604 compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10605 type: object 10606 requests: 10607 additionalProperties: 10608 anyOf: 10609 - type: integer 10610 - type: string 10611 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 10612 x-kubernetes-int-or-string: true 10613 description: 'Requests describes the minimum amount 10614 of compute resources required. If Requests is omitted 10615 for a container, it defaults to Limits if that is 10616 explicitly specified, otherwise to an implementation-defined 10617 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 10618 type: object 10619 type: object 10620 type: object 10621 traffic: 10622 format: int32 10623 type: integer 10624 required: 10625 - graph 10626 - name 10627 type: object 10628 type: array 10629 protocol: 10630 type: string 10631 replicas: 10632 format: int32 10633 type: integer 10634 serverType: 10635 type: string 10636 transport: 10637 type: string 10638 required: 10639 - predictors 10640 type: object 10641 status: 10642 description: SeldonDeploymentStatus defines the observed state of SeldonDeployment 10643 properties: 10644 address: 10645 description: 'Addressable placeholder until duckv1 issue is fixed: https://github.com/kubernetes-sigs/controller-tools/issues/391' 10646 properties: 10647 url: 10648 type: string 10649 type: object 10650 annotations: 10651 additionalProperties: 10652 type: string 10653 description: Annotations is additional Status fields for the Resource 10654 to save some additional State as well as convey more information 10655 to the user. This is roughly akin to Annotations on any k8s resource, 10656 just the reconciler conveying richer information outwards. 10657 type: object 10658 conditions: 10659 description: Conditions the latest available observations of a resource's 10660 current state. 10661 items: 10662 description: 'Conditions defines a readiness condition for a Knative 10663 resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' 10664 properties: 10665 lastTransitionTime: 10666 description: LastTransitionTime is the last time the condition 10667 transitioned from one status to another. We use VolatileTime 10668 in place of metav1.Time to exclude this from creating equality.Semantic 10669 differences (all other things held constant). 10670 format: date-time 10671 type: string 10672 message: 10673 description: A human readable message indicating details about 10674 the transition. 10675 type: string 10676 reason: 10677 description: The reason for the condition's last transition. 10678 type: string 10679 severity: 10680 description: Severity with which to treat failures of this type 10681 of condition. When this is not specified, it defaults to Error. 10682 type: string 10683 status: 10684 description: Status of the condition, one of True, False, Unknown. 10685 type: string 10686 type: 10687 description: Type of condition. 10688 type: string 10689 required: 10690 - status 10691 - type 10692 type: object 10693 type: array 10694 deploymentStatus: 10695 additionalProperties: 10696 properties: 10697 availableReplicas: 10698 format: int32 10699 type: integer 10700 description: 10701 type: string 10702 explainerFor: 10703 type: string 10704 name: 10705 type: string 10706 replicas: 10707 format: int32 10708 type: integer 10709 status: 10710 type: string 10711 type: object 10712 type: object 10713 description: 10714 type: string 10715 observedGeneration: 10716 description: ObservedGeneration is the 'Generation' of the Service 10717 that was last processed by the controller. 10718 format: int64 10719 type: integer 10720 replicas: 10721 format: int32 10722 type: integer 10723 serviceStatus: 10724 additionalProperties: 10725 properties: 10726 explainerFor: 10727 type: string 10728 grpcEndpoint: 10729 type: string 10730 httpEndpoint: 10731 type: string 10732 svcName: 10733 type: string 10734 type: object 10735 type: object 10736 state: 10737 type: string 10738 type: object 10739 type: object 10740 served: true 10741 storage: true 10742 subresources: 10743 scale: 10744 specReplicasPath: .spec.replicas 10745 statusReplicasPath: .status.replicas 10746 status: {} 10747 status: 10748 acceptedNames: 10749 kind: "" 10750 plural: "" 10751 conditions: null 10752 storedVersions: null