github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/prometheus-community/kube-prometheus-stack/crds/crd-alertmanagers.yaml (about) 1 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml 2 --- 3 apiVersion: apiextensions.k8s.io/v1 4 kind: CustomResourceDefinition 5 metadata: 6 annotations: 7 controller-gen.kubebuilder.io/version: v0.11.1 8 creationTimestamp: null 9 name: alertmanagers.monitoring.coreos.com 10 spec: 11 group: monitoring.coreos.com 12 names: 13 categories: 14 - prometheus-operator 15 kind: Alertmanager 16 listKind: AlertmanagerList 17 plural: alertmanagers 18 shortNames: 19 - am 20 singular: alertmanager 21 scope: Namespaced 22 versions: 23 - additionalPrinterColumns: 24 - description: The version of Alertmanager 25 jsonPath: .spec.version 26 name: Version 27 type: string 28 - description: The number of desired replicas 29 jsonPath: .spec.replicas 30 name: Replicas 31 type: integer 32 - description: The number of ready replicas 33 jsonPath: .status.availableReplicas 34 name: Ready 35 type: integer 36 - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status 37 name: Reconciled 38 type: string 39 - jsonPath: .status.conditions[?(@.type == 'Available')].status 40 name: Available 41 type: string 42 - jsonPath: .metadata.creationTimestamp 43 name: Age 44 type: date 45 - description: Whether the resource reconciliation is paused or not 46 jsonPath: .status.paused 47 name: Paused 48 priority: 1 49 type: boolean 50 name: v1 51 schema: 52 openAPIV3Schema: 53 description: Alertmanager describes an Alertmanager cluster. 54 properties: 55 apiVersion: 56 description: 'APIVersion defines the versioned schema of this representation 57 of an object. Servers should convert recognized schemas to the latest 58 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 59 type: string 60 kind: 61 description: 'Kind is a string value representing the REST resource this 62 object represents. Servers may infer this from the endpoint the client 63 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 64 type: string 65 metadata: 66 type: object 67 spec: 68 description: 'Specification of the desired behavior of the Alertmanager 69 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 70 properties: 71 additionalPeers: 72 description: AdditionalPeers allows injecting a set of additional 73 Alertmanagers to peer with to form a highly available cluster. 74 items: 75 type: string 76 type: array 77 affinity: 78 description: If specified, the pod's scheduling constraints. 79 properties: 80 nodeAffinity: 81 description: Describes node affinity scheduling rules for the 82 pod. 83 properties: 84 preferredDuringSchedulingIgnoredDuringExecution: 85 description: The scheduler will prefer to schedule pods to 86 nodes that satisfy the affinity expressions specified by 87 this field, but it may choose a node that violates one or 88 more of the expressions. The node that is most preferred 89 is the one with the greatest sum of weights, i.e. for each 90 node that meets all of the scheduling requirements (resource 91 request, requiredDuringScheduling affinity expressions, 92 etc.), compute a sum by iterating through the elements of 93 this field and adding "weight" to the sum if the node matches 94 the corresponding matchExpressions; the node(s) with the 95 highest sum are the most preferred. 96 items: 97 description: An empty preferred scheduling term matches 98 all objects with implicit weight 0 (i.e. it's a no-op). 99 A null preferred scheduling term matches no objects (i.e. 100 is also a no-op). 101 properties: 102 preference: 103 description: A node selector term, associated with the 104 corresponding weight. 105 properties: 106 matchExpressions: 107 description: A list of node selector requirements 108 by node's labels. 109 items: 110 description: A node selector requirement is a 111 selector that contains values, a key, and an 112 operator that relates the key and values. 113 properties: 114 key: 115 description: The label key that the selector 116 applies to. 117 type: string 118 operator: 119 description: Represents a key's relationship 120 to a set of values. Valid operators are 121 In, NotIn, Exists, DoesNotExist. Gt, and 122 Lt. 123 type: string 124 values: 125 description: An array of string values. If 126 the operator is In or NotIn, the values 127 array must be non-empty. If the operator 128 is Exists or DoesNotExist, the values array 129 must be empty. If the operator is Gt or 130 Lt, the values array must have a single 131 element, which will be interpreted as an 132 integer. This array is replaced during a 133 strategic merge patch. 134 items: 135 type: string 136 type: array 137 required: 138 - key 139 - operator 140 type: object 141 type: array 142 matchFields: 143 description: A list of node selector requirements 144 by node's fields. 145 items: 146 description: A node selector requirement is a 147 selector that contains values, a key, and an 148 operator that relates the key and values. 149 properties: 150 key: 151 description: The label key that the selector 152 applies to. 153 type: string 154 operator: 155 description: Represents a key's relationship 156 to a set of values. Valid operators are 157 In, NotIn, Exists, DoesNotExist. Gt, and 158 Lt. 159 type: string 160 values: 161 description: An array of string values. If 162 the operator is In or NotIn, the values 163 array must be non-empty. If the operator 164 is Exists or DoesNotExist, the values array 165 must be empty. If the operator is Gt or 166 Lt, the values array must have a single 167 element, which will be interpreted as an 168 integer. This array is replaced during a 169 strategic merge patch. 170 items: 171 type: string 172 type: array 173 required: 174 - key 175 - operator 176 type: object 177 type: array 178 type: object 179 x-kubernetes-map-type: atomic 180 weight: 181 description: Weight associated with matching the corresponding 182 nodeSelectorTerm, in the range 1-100. 183 format: int32 184 type: integer 185 required: 186 - preference 187 - weight 188 type: object 189 type: array 190 requiredDuringSchedulingIgnoredDuringExecution: 191 description: If the affinity requirements specified by this 192 field are not met at scheduling time, the pod will not be 193 scheduled onto the node. If the affinity requirements specified 194 by this field cease to be met at some point during pod execution 195 (e.g. due to an update), the system may or may not try to 196 eventually evict the pod from its node. 197 properties: 198 nodeSelectorTerms: 199 description: Required. A list of node selector terms. 200 The terms are ORed. 201 items: 202 description: A null or empty node selector term matches 203 no objects. The requirements of them are ANDed. The 204 TopologySelectorTerm type implements a subset of the 205 NodeSelectorTerm. 206 properties: 207 matchExpressions: 208 description: A list of node selector requirements 209 by node's labels. 210 items: 211 description: A node selector requirement is a 212 selector that contains values, a key, and an 213 operator that relates the key and values. 214 properties: 215 key: 216 description: The label key that the selector 217 applies to. 218 type: string 219 operator: 220 description: Represents a key's relationship 221 to a set of values. Valid operators are 222 In, NotIn, Exists, DoesNotExist. Gt, and 223 Lt. 224 type: string 225 values: 226 description: An array of string values. If 227 the operator is In or NotIn, the values 228 array must be non-empty. If the operator 229 is Exists or DoesNotExist, the values array 230 must be empty. If the operator is Gt or 231 Lt, the values array must have a single 232 element, which will be interpreted as an 233 integer. This array is replaced during a 234 strategic merge patch. 235 items: 236 type: string 237 type: array 238 required: 239 - key 240 - operator 241 type: object 242 type: array 243 matchFields: 244 description: A list of node selector requirements 245 by node's fields. 246 items: 247 description: A node selector requirement is a 248 selector that contains values, a key, and an 249 operator that relates the key and values. 250 properties: 251 key: 252 description: The label key that the selector 253 applies to. 254 type: string 255 operator: 256 description: Represents a key's relationship 257 to a set of values. Valid operators are 258 In, NotIn, Exists, DoesNotExist. Gt, and 259 Lt. 260 type: string 261 values: 262 description: An array of string values. If 263 the operator is In or NotIn, the values 264 array must be non-empty. If the operator 265 is Exists or DoesNotExist, the values array 266 must be empty. If the operator is Gt or 267 Lt, the values array must have a single 268 element, which will be interpreted as an 269 integer. This array is replaced during a 270 strategic merge patch. 271 items: 272 type: string 273 type: array 274 required: 275 - key 276 - operator 277 type: object 278 type: array 279 type: object 280 x-kubernetes-map-type: atomic 281 type: array 282 required: 283 - nodeSelectorTerms 284 type: object 285 x-kubernetes-map-type: atomic 286 type: object 287 podAffinity: 288 description: Describes pod affinity scheduling rules (e.g. co-locate 289 this pod in the same node, zone, etc. as some other pod(s)). 290 properties: 291 preferredDuringSchedulingIgnoredDuringExecution: 292 description: The scheduler will prefer to schedule pods to 293 nodes that satisfy the affinity expressions specified by 294 this field, but it may choose a node that violates one or 295 more of the expressions. The node that is most preferred 296 is the one with the greatest sum of weights, i.e. for each 297 node that meets all of the scheduling requirements (resource 298 request, requiredDuringScheduling affinity expressions, 299 etc.), compute a sum by iterating through the elements of 300 this field and adding "weight" to the sum if the node has 301 pods which matches the corresponding podAffinityTerm; the 302 node(s) with the highest sum are the most preferred. 303 items: 304 description: The weights of all of the matched WeightedPodAffinityTerm 305 fields are added per-node to find the most preferred node(s) 306 properties: 307 podAffinityTerm: 308 description: Required. A pod affinity term, associated 309 with the corresponding weight. 310 properties: 311 labelSelector: 312 description: A label query over a set of resources, 313 in this case pods. 314 properties: 315 matchExpressions: 316 description: matchExpressions is a list of label 317 selector requirements. The requirements are 318 ANDed. 319 items: 320 description: A label selector requirement 321 is a selector that contains values, a key, 322 and an operator that relates the key and 323 values. 324 properties: 325 key: 326 description: key is the label key that 327 the selector applies to. 328 type: string 329 operator: 330 description: operator represents a key's 331 relationship to a set of values. Valid 332 operators are In, NotIn, Exists and 333 DoesNotExist. 334 type: string 335 values: 336 description: values is an array of string 337 values. If the operator is In or NotIn, 338 the values array must be non-empty. 339 If the operator is Exists or DoesNotExist, 340 the values array must be empty. This 341 array is replaced during a strategic 342 merge patch. 343 items: 344 type: string 345 type: array 346 required: 347 - key 348 - operator 349 type: object 350 type: array 351 matchLabels: 352 additionalProperties: 353 type: string 354 description: matchLabels is a map of {key,value} 355 pairs. A single {key,value} in the matchLabels 356 map is equivalent to an element of matchExpressions, 357 whose key field is "key", the operator is 358 "In", and the values array contains only "value". 359 The requirements are ANDed. 360 type: object 361 type: object 362 x-kubernetes-map-type: atomic 363 namespaceSelector: 364 description: A label query over the set of namespaces 365 that the term applies to. The term is applied 366 to the union of the namespaces selected by this 367 field and the ones listed in the namespaces field. 368 null selector and null or empty namespaces list 369 means "this pod's namespace". An empty selector 370 ({}) matches all namespaces. 371 properties: 372 matchExpressions: 373 description: matchExpressions is a list of label 374 selector requirements. The requirements are 375 ANDed. 376 items: 377 description: A label selector requirement 378 is a selector that contains values, a key, 379 and an operator that relates the key and 380 values. 381 properties: 382 key: 383 description: key is the label key that 384 the selector applies to. 385 type: string 386 operator: 387 description: operator represents a key's 388 relationship to a set of values. Valid 389 operators are In, NotIn, Exists and 390 DoesNotExist. 391 type: string 392 values: 393 description: values is an array of string 394 values. If the operator is In or NotIn, 395 the values array must be non-empty. 396 If the operator is Exists or DoesNotExist, 397 the values array must be empty. This 398 array is replaced during a strategic 399 merge patch. 400 items: 401 type: string 402 type: array 403 required: 404 - key 405 - operator 406 type: object 407 type: array 408 matchLabels: 409 additionalProperties: 410 type: string 411 description: matchLabels is a map of {key,value} 412 pairs. A single {key,value} in the matchLabels 413 map is equivalent to an element of matchExpressions, 414 whose key field is "key", the operator is 415 "In", and the values array contains only "value". 416 The requirements are ANDed. 417 type: object 418 type: object 419 x-kubernetes-map-type: atomic 420 namespaces: 421 description: namespaces specifies a static list 422 of namespace names that the term applies to. The 423 term is applied to the union of the namespaces 424 listed in this field and the ones selected by 425 namespaceSelector. null or empty namespaces list 426 and null namespaceSelector means "this pod's namespace". 427 items: 428 type: string 429 type: array 430 topologyKey: 431 description: This pod should be co-located (affinity) 432 or not co-located (anti-affinity) with the pods 433 matching the labelSelector in the specified namespaces, 434 where co-located is defined as running on a node 435 whose value of the label with key topologyKey 436 matches that of any node on which any of the selected 437 pods is running. Empty topologyKey is not allowed. 438 type: string 439 required: 440 - topologyKey 441 type: object 442 weight: 443 description: weight associated with matching the corresponding 444 podAffinityTerm, in the range 1-100. 445 format: int32 446 type: integer 447 required: 448 - podAffinityTerm 449 - weight 450 type: object 451 type: array 452 requiredDuringSchedulingIgnoredDuringExecution: 453 description: If the affinity requirements specified by this 454 field are not met at scheduling time, the pod will not be 455 scheduled onto the node. If the affinity requirements specified 456 by this field cease to be met at some point during pod execution 457 (e.g. due to a pod label update), the system may or may 458 not try to eventually evict the pod from its node. When 459 there are multiple elements, the lists of nodes corresponding 460 to each podAffinityTerm are intersected, i.e. all terms 461 must be satisfied. 462 items: 463 description: Defines a set of pods (namely those matching 464 the labelSelector relative to the given namespace(s)) 465 that this pod should be co-located (affinity) or not co-located 466 (anti-affinity) with, where co-located is defined as running 467 on a node whose value of the label with key <topologyKey> 468 matches that of any node on which a pod of the set of 469 pods is running 470 properties: 471 labelSelector: 472 description: A label query over a set of resources, 473 in this case pods. 474 properties: 475 matchExpressions: 476 description: matchExpressions is a list of label 477 selector requirements. The requirements are ANDed. 478 items: 479 description: A label selector requirement is a 480 selector that contains values, a key, and an 481 operator that relates the key and values. 482 properties: 483 key: 484 description: key is the label key that the 485 selector applies to. 486 type: string 487 operator: 488 description: operator represents a key's relationship 489 to a set of values. Valid operators are 490 In, NotIn, Exists and DoesNotExist. 491 type: string 492 values: 493 description: values is an array of string 494 values. If the operator is In or NotIn, 495 the values array must be non-empty. If the 496 operator is Exists or DoesNotExist, the 497 values array must be empty. This array is 498 replaced during a strategic merge patch. 499 items: 500 type: string 501 type: array 502 required: 503 - key 504 - operator 505 type: object 506 type: array 507 matchLabels: 508 additionalProperties: 509 type: string 510 description: matchLabels is a map of {key,value} 511 pairs. A single {key,value} in the matchLabels 512 map is equivalent to an element of matchExpressions, 513 whose key field is "key", the operator is "In", 514 and the values array contains only "value". The 515 requirements are ANDed. 516 type: object 517 type: object 518 x-kubernetes-map-type: atomic 519 namespaceSelector: 520 description: A label query over the set of namespaces 521 that the term applies to. The term is applied to the 522 union of the namespaces selected by this field and 523 the ones listed in the namespaces field. null selector 524 and null or empty namespaces list means "this pod's 525 namespace". An empty selector ({}) matches all namespaces. 526 properties: 527 matchExpressions: 528 description: matchExpressions is a list of label 529 selector requirements. The requirements are ANDed. 530 items: 531 description: A label selector requirement is a 532 selector that contains values, a key, and an 533 operator that relates the key and values. 534 properties: 535 key: 536 description: key is the label key that the 537 selector applies to. 538 type: string 539 operator: 540 description: operator represents a key's relationship 541 to a set of values. Valid operators are 542 In, NotIn, Exists and DoesNotExist. 543 type: string 544 values: 545 description: values is an array of string 546 values. If the operator is In or NotIn, 547 the values array must be non-empty. If the 548 operator is Exists or DoesNotExist, the 549 values array must be empty. This array is 550 replaced during a strategic merge patch. 551 items: 552 type: string 553 type: array 554 required: 555 - key 556 - operator 557 type: object 558 type: array 559 matchLabels: 560 additionalProperties: 561 type: string 562 description: matchLabels is a map of {key,value} 563 pairs. A single {key,value} in the matchLabels 564 map is equivalent to an element of matchExpressions, 565 whose key field is "key", the operator is "In", 566 and the values array contains only "value". The 567 requirements are ANDed. 568 type: object 569 type: object 570 x-kubernetes-map-type: atomic 571 namespaces: 572 description: namespaces specifies a static list of namespace 573 names that the term applies to. The term is applied 574 to the union of the namespaces listed in this field 575 and the ones selected by namespaceSelector. null or 576 empty namespaces list and null namespaceSelector means 577 "this pod's namespace". 578 items: 579 type: string 580 type: array 581 topologyKey: 582 description: This pod should be co-located (affinity) 583 or not co-located (anti-affinity) with the pods matching 584 the labelSelector in the specified namespaces, where 585 co-located is defined as running on a node whose value 586 of the label with key topologyKey matches that of 587 any node on which any of the selected pods is running. 588 Empty topologyKey is not allowed. 589 type: string 590 required: 591 - topologyKey 592 type: object 593 type: array 594 type: object 595 podAntiAffinity: 596 description: Describes pod anti-affinity scheduling rules (e.g. 597 avoid putting this pod in the same node, zone, etc. as some 598 other pod(s)). 599 properties: 600 preferredDuringSchedulingIgnoredDuringExecution: 601 description: The scheduler will prefer to schedule pods to 602 nodes that satisfy the anti-affinity expressions specified 603 by this field, but it may choose a node that violates one 604 or more of the expressions. The node that is most preferred 605 is the one with the greatest sum of weights, i.e. for each 606 node that meets all of the scheduling requirements (resource 607 request, requiredDuringScheduling anti-affinity expressions, 608 etc.), compute a sum by iterating through the elements of 609 this field and adding "weight" to the sum if the node has 610 pods which matches the corresponding podAffinityTerm; the 611 node(s) with the highest sum are the most preferred. 612 items: 613 description: The weights of all of the matched WeightedPodAffinityTerm 614 fields are added per-node to find the most preferred node(s) 615 properties: 616 podAffinityTerm: 617 description: Required. A pod affinity term, associated 618 with the corresponding weight. 619 properties: 620 labelSelector: 621 description: A label query over a set of resources, 622 in this case pods. 623 properties: 624 matchExpressions: 625 description: matchExpressions is a list of label 626 selector requirements. The requirements are 627 ANDed. 628 items: 629 description: A label selector requirement 630 is a selector that contains values, a key, 631 and an operator that relates the key and 632 values. 633 properties: 634 key: 635 description: key is the label key that 636 the selector applies to. 637 type: string 638 operator: 639 description: operator represents a key's 640 relationship to a set of values. Valid 641 operators are In, NotIn, Exists and 642 DoesNotExist. 643 type: string 644 values: 645 description: values is an array of string 646 values. If the operator is In or NotIn, 647 the values array must be non-empty. 648 If the operator is Exists or DoesNotExist, 649 the values array must be empty. This 650 array is replaced during a strategic 651 merge patch. 652 items: 653 type: string 654 type: array 655 required: 656 - key 657 - operator 658 type: object 659 type: array 660 matchLabels: 661 additionalProperties: 662 type: string 663 description: matchLabels is a map of {key,value} 664 pairs. A single {key,value} in the matchLabels 665 map is equivalent to an element of matchExpressions, 666 whose key field is "key", the operator is 667 "In", and the values array contains only "value". 668 The requirements are ANDed. 669 type: object 670 type: object 671 x-kubernetes-map-type: atomic 672 namespaceSelector: 673 description: A label query over the set of namespaces 674 that the term applies to. The term is applied 675 to the union of the namespaces selected by this 676 field and the ones listed in the namespaces field. 677 null selector and null or empty namespaces list 678 means "this pod's namespace". An empty selector 679 ({}) matches all namespaces. 680 properties: 681 matchExpressions: 682 description: matchExpressions is a list of label 683 selector requirements. The requirements are 684 ANDed. 685 items: 686 description: A label selector requirement 687 is a selector that contains values, a key, 688 and an operator that relates the key and 689 values. 690 properties: 691 key: 692 description: key is the label key that 693 the selector applies to. 694 type: string 695 operator: 696 description: operator represents a key's 697 relationship to a set of values. Valid 698 operators are In, NotIn, Exists and 699 DoesNotExist. 700 type: string 701 values: 702 description: values is an array of string 703 values. If the operator is In or NotIn, 704 the values array must be non-empty. 705 If the operator is Exists or DoesNotExist, 706 the values array must be empty. This 707 array is replaced during a strategic 708 merge patch. 709 items: 710 type: string 711 type: array 712 required: 713 - key 714 - operator 715 type: object 716 type: array 717 matchLabels: 718 additionalProperties: 719 type: string 720 description: matchLabels is a map of {key,value} 721 pairs. A single {key,value} in the matchLabels 722 map is equivalent to an element of matchExpressions, 723 whose key field is "key", the operator is 724 "In", and the values array contains only "value". 725 The requirements are ANDed. 726 type: object 727 type: object 728 x-kubernetes-map-type: atomic 729 namespaces: 730 description: namespaces specifies a static list 731 of namespace names that the term applies to. The 732 term is applied to the union of the namespaces 733 listed in this field and the ones selected by 734 namespaceSelector. null or empty namespaces list 735 and null namespaceSelector means "this pod's namespace". 736 items: 737 type: string 738 type: array 739 topologyKey: 740 description: This pod should be co-located (affinity) 741 or not co-located (anti-affinity) with the pods 742 matching the labelSelector in the specified namespaces, 743 where co-located is defined as running on a node 744 whose value of the label with key topologyKey 745 matches that of any node on which any of the selected 746 pods is running. Empty topologyKey is not allowed. 747 type: string 748 required: 749 - topologyKey 750 type: object 751 weight: 752 description: weight associated with matching the corresponding 753 podAffinityTerm, in the range 1-100. 754 format: int32 755 type: integer 756 required: 757 - podAffinityTerm 758 - weight 759 type: object 760 type: array 761 requiredDuringSchedulingIgnoredDuringExecution: 762 description: If the anti-affinity requirements specified by 763 this field are not met at scheduling time, the pod will 764 not be scheduled onto the node. If the anti-affinity requirements 765 specified by this field cease to be met at some point during 766 pod execution (e.g. due to a pod label update), the system 767 may or may not try to eventually evict the pod from its 768 node. When there are multiple elements, the lists of nodes 769 corresponding to each podAffinityTerm are intersected, i.e. 770 all terms must be satisfied. 771 items: 772 description: Defines a set of pods (namely those matching 773 the labelSelector relative to the given namespace(s)) 774 that this pod should be co-located (affinity) or not co-located 775 (anti-affinity) with, where co-located is defined as running 776 on a node whose value of the label with key <topologyKey> 777 matches that of any node on which a pod of the set of 778 pods is running 779 properties: 780 labelSelector: 781 description: A label query over a set of resources, 782 in this case pods. 783 properties: 784 matchExpressions: 785 description: matchExpressions is a list of label 786 selector requirements. The requirements are ANDed. 787 items: 788 description: A label selector requirement is a 789 selector that contains values, a key, and an 790 operator that relates the key and values. 791 properties: 792 key: 793 description: key is the label key that the 794 selector applies to. 795 type: string 796 operator: 797 description: operator represents a key's relationship 798 to a set of values. Valid operators are 799 In, NotIn, Exists and DoesNotExist. 800 type: string 801 values: 802 description: values is an array of string 803 values. If the operator is In or NotIn, 804 the values array must be non-empty. If the 805 operator is Exists or DoesNotExist, the 806 values array must be empty. This array is 807 replaced during a strategic merge patch. 808 items: 809 type: string 810 type: array 811 required: 812 - key 813 - operator 814 type: object 815 type: array 816 matchLabels: 817 additionalProperties: 818 type: string 819 description: matchLabels is a map of {key,value} 820 pairs. A single {key,value} in the matchLabels 821 map is equivalent to an element of matchExpressions, 822 whose key field is "key", the operator is "In", 823 and the values array contains only "value". The 824 requirements are ANDed. 825 type: object 826 type: object 827 x-kubernetes-map-type: atomic 828 namespaceSelector: 829 description: A label query over the set of namespaces 830 that the term applies to. The term is applied to the 831 union of the namespaces selected by this field and 832 the ones listed in the namespaces field. null selector 833 and null or empty namespaces list means "this pod's 834 namespace". An empty selector ({}) matches all namespaces. 835 properties: 836 matchExpressions: 837 description: matchExpressions is a list of label 838 selector requirements. The requirements are ANDed. 839 items: 840 description: A label selector requirement is a 841 selector that contains values, a key, and an 842 operator that relates the key and values. 843 properties: 844 key: 845 description: key is the label key that the 846 selector applies to. 847 type: string 848 operator: 849 description: operator represents a key's relationship 850 to a set of values. Valid operators are 851 In, NotIn, Exists and DoesNotExist. 852 type: string 853 values: 854 description: values is an array of string 855 values. If the operator is In or NotIn, 856 the values array must be non-empty. If the 857 operator is Exists or DoesNotExist, the 858 values array must be empty. This array is 859 replaced during a strategic merge patch. 860 items: 861 type: string 862 type: array 863 required: 864 - key 865 - operator 866 type: object 867 type: array 868 matchLabels: 869 additionalProperties: 870 type: string 871 description: matchLabels is a map of {key,value} 872 pairs. A single {key,value} in the matchLabels 873 map is equivalent to an element of matchExpressions, 874 whose key field is "key", the operator is "In", 875 and the values array contains only "value". The 876 requirements are ANDed. 877 type: object 878 type: object 879 x-kubernetes-map-type: atomic 880 namespaces: 881 description: namespaces specifies a static list of namespace 882 names that the term applies to. The term is applied 883 to the union of the namespaces listed in this field 884 and the ones selected by namespaceSelector. null or 885 empty namespaces list and null namespaceSelector means 886 "this pod's namespace". 887 items: 888 type: string 889 type: array 890 topologyKey: 891 description: This pod should be co-located (affinity) 892 or not co-located (anti-affinity) with the pods matching 893 the labelSelector in the specified namespaces, where 894 co-located is defined as running on a node whose value 895 of the label with key topologyKey matches that of 896 any node on which any of the selected pods is running. 897 Empty topologyKey is not allowed. 898 type: string 899 required: 900 - topologyKey 901 type: object 902 type: array 903 type: object 904 type: object 905 alertmanagerConfigMatcherStrategy: 906 description: The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig 907 objects match the alerts. In the future more options may be added. 908 properties: 909 type: 910 default: OnNamespace 911 description: If set to `OnNamespace`, the operator injects a label 912 matcher matching the namespace of the AlertmanagerConfig object 913 for all its routes and inhibition rules. `None` will not add 914 any additional matchers other than the ones specified in the 915 AlertmanagerConfig. Default is `OnNamespace`. 916 enum: 917 - OnNamespace 918 - None 919 type: string 920 type: object 921 alertmanagerConfigNamespaceSelector: 922 description: Namespaces to be selected for AlertmanagerConfig discovery. 923 If nil, only check own namespace. 924 properties: 925 matchExpressions: 926 description: matchExpressions is a list of label selector requirements. 927 The requirements are ANDed. 928 items: 929 description: A label selector requirement is a selector that 930 contains values, a key, and an operator that relates the key 931 and values. 932 properties: 933 key: 934 description: key is the label key that the selector applies 935 to. 936 type: string 937 operator: 938 description: operator represents a key's relationship to 939 a set of values. Valid operators are In, NotIn, Exists 940 and DoesNotExist. 941 type: string 942 values: 943 description: values is an array of string values. If the 944 operator is In or NotIn, the values array must be non-empty. 945 If the operator is Exists or DoesNotExist, the values 946 array must be empty. This array is replaced during a strategic 947 merge patch. 948 items: 949 type: string 950 type: array 951 required: 952 - key 953 - operator 954 type: object 955 type: array 956 matchLabels: 957 additionalProperties: 958 type: string 959 description: matchLabels is a map of {key,value} pairs. A single 960 {key,value} in the matchLabels map is equivalent to an element 961 of matchExpressions, whose key field is "key", the operator 962 is "In", and the values array contains only "value". The requirements 963 are ANDed. 964 type: object 965 type: object 966 x-kubernetes-map-type: atomic 967 alertmanagerConfigSelector: 968 description: AlertmanagerConfigs to be selected for to merge and configure 969 Alertmanager with. 970 properties: 971 matchExpressions: 972 description: matchExpressions is a list of label selector requirements. 973 The requirements are ANDed. 974 items: 975 description: A label selector requirement is a selector that 976 contains values, a key, and an operator that relates the key 977 and values. 978 properties: 979 key: 980 description: key is the label key that the selector applies 981 to. 982 type: string 983 operator: 984 description: operator represents a key's relationship to 985 a set of values. Valid operators are In, NotIn, Exists 986 and DoesNotExist. 987 type: string 988 values: 989 description: values is an array of string values. If the 990 operator is In or NotIn, the values array must be non-empty. 991 If the operator is Exists or DoesNotExist, the values 992 array must be empty. This array is replaced during a strategic 993 merge patch. 994 items: 995 type: string 996 type: array 997 required: 998 - key 999 - operator 1000 type: object 1001 type: array 1002 matchLabels: 1003 additionalProperties: 1004 type: string 1005 description: matchLabels is a map of {key,value} pairs. A single 1006 {key,value} in the matchLabels map is equivalent to an element 1007 of matchExpressions, whose key field is "key", the operator 1008 is "In", and the values array contains only "value". The requirements 1009 are ANDed. 1010 type: object 1011 type: object 1012 x-kubernetes-map-type: atomic 1013 alertmanagerConfiguration: 1014 description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the 1015 configuration of Alertmanager. If defined, it takes precedence over 1016 the `configSecret` field. This field may change in future releases.' 1017 properties: 1018 global: 1019 description: Defines the global parameters of the Alertmanager 1020 configuration. 1021 properties: 1022 httpConfig: 1023 description: HTTP client configuration. 1024 properties: 1025 authorization: 1026 description: Authorization header configuration for the 1027 client. This is mutually exclusive with BasicAuth and 1028 is only available starting from Alertmanager v0.22+. 1029 properties: 1030 credentials: 1031 description: The secret's key that contains the credentials 1032 of the request 1033 properties: 1034 key: 1035 description: The key of the secret to select from. Must 1036 be a valid secret key. 1037 type: string 1038 name: 1039 description: 'Name of the referent. More info: 1040 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1041 TODO: Add other useful fields. apiVersion, kind, 1042 uid?' 1043 type: string 1044 optional: 1045 description: Specify whether the Secret or its 1046 key must be defined 1047 type: boolean 1048 required: 1049 - key 1050 type: object 1051 x-kubernetes-map-type: atomic 1052 type: 1053 description: Set the authentication type. Defaults 1054 to Bearer, Basic will cause an error 1055 type: string 1056 type: object 1057 basicAuth: 1058 description: BasicAuth for the client. This is mutually 1059 exclusive with Authorization. If both are defined, BasicAuth 1060 takes precedence. 1061 properties: 1062 password: 1063 description: The secret in the service monitor namespace 1064 that contains the password for authentication. 1065 properties: 1066 key: 1067 description: The key of the secret to select from. Must 1068 be a valid secret key. 1069 type: string 1070 name: 1071 description: 'Name of the referent. More info: 1072 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1073 TODO: Add other useful fields. apiVersion, kind, 1074 uid?' 1075 type: string 1076 optional: 1077 description: Specify whether the Secret or its 1078 key must be defined 1079 type: boolean 1080 required: 1081 - key 1082 type: object 1083 x-kubernetes-map-type: atomic 1084 username: 1085 description: The secret in the service monitor namespace 1086 that contains the username for authentication. 1087 properties: 1088 key: 1089 description: The key of the secret to select from. Must 1090 be a valid secret key. 1091 type: string 1092 name: 1093 description: 'Name of the referent. More info: 1094 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1095 TODO: Add other useful fields. apiVersion, kind, 1096 uid?' 1097 type: string 1098 optional: 1099 description: Specify whether the Secret or its 1100 key must be defined 1101 type: boolean 1102 required: 1103 - key 1104 type: object 1105 x-kubernetes-map-type: atomic 1106 type: object 1107 bearerTokenSecret: 1108 description: The secret's key that contains the bearer 1109 token to be used by the client for authentication. The 1110 secret needs to be in the same namespace as the Alertmanager 1111 object and accessible by the Prometheus Operator. 1112 properties: 1113 key: 1114 description: The key of the secret to select from. Must 1115 be a valid secret key. 1116 type: string 1117 name: 1118 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1119 TODO: Add other useful fields. apiVersion, kind, 1120 uid?' 1121 type: string 1122 optional: 1123 description: Specify whether the Secret or its key 1124 must be defined 1125 type: boolean 1126 required: 1127 - key 1128 type: object 1129 x-kubernetes-map-type: atomic 1130 followRedirects: 1131 description: FollowRedirects specifies whether the client 1132 should follow HTTP 3xx redirects. 1133 type: boolean 1134 oauth2: 1135 description: OAuth2 client credentials used to fetch a 1136 token for the targets. 1137 properties: 1138 clientId: 1139 description: The secret or configmap containing the 1140 OAuth2 client id 1141 properties: 1142 configMap: 1143 description: ConfigMap containing data to use 1144 for the targets. 1145 properties: 1146 key: 1147 description: The key to select. 1148 type: string 1149 name: 1150 description: 'Name of the referent. More info: 1151 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1152 TODO: Add other useful fields. apiVersion, 1153 kind, uid?' 1154 type: string 1155 optional: 1156 description: Specify whether the ConfigMap 1157 or its key must be defined 1158 type: boolean 1159 required: 1160 - key 1161 type: object 1162 x-kubernetes-map-type: atomic 1163 secret: 1164 description: Secret containing data to use for 1165 the targets. 1166 properties: 1167 key: 1168 description: The key of the secret to select 1169 from. Must be a valid secret key. 1170 type: string 1171 name: 1172 description: 'Name of the referent. More info: 1173 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1174 TODO: Add other useful fields. apiVersion, 1175 kind, uid?' 1176 type: string 1177 optional: 1178 description: Specify whether the Secret or 1179 its key must be defined 1180 type: boolean 1181 required: 1182 - key 1183 type: object 1184 x-kubernetes-map-type: atomic 1185 type: object 1186 clientSecret: 1187 description: The secret containing the OAuth2 client 1188 secret 1189 properties: 1190 key: 1191 description: The key of the secret to select from. Must 1192 be a valid secret key. 1193 type: string 1194 name: 1195 description: 'Name of the referent. More info: 1196 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1197 TODO: Add other useful fields. apiVersion, kind, 1198 uid?' 1199 type: string 1200 optional: 1201 description: Specify whether the Secret or its 1202 key must be defined 1203 type: boolean 1204 required: 1205 - key 1206 type: object 1207 x-kubernetes-map-type: atomic 1208 endpointParams: 1209 additionalProperties: 1210 type: string 1211 description: Parameters to append to the token URL 1212 type: object 1213 scopes: 1214 description: OAuth2 scopes used for the token request 1215 items: 1216 type: string 1217 type: array 1218 tokenUrl: 1219 description: The URL to fetch the token from 1220 minLength: 1 1221 type: string 1222 required: 1223 - clientId 1224 - clientSecret 1225 - tokenUrl 1226 type: object 1227 proxyURL: 1228 description: Optional proxy URL. 1229 type: string 1230 tlsConfig: 1231 description: TLS configuration for the client. 1232 properties: 1233 ca: 1234 description: Certificate authority used when verifying 1235 server certificates. 1236 properties: 1237 configMap: 1238 description: ConfigMap containing data to use 1239 for the targets. 1240 properties: 1241 key: 1242 description: The key to select. 1243 type: string 1244 name: 1245 description: 'Name of the referent. More info: 1246 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1247 TODO: Add other useful fields. apiVersion, 1248 kind, uid?' 1249 type: string 1250 optional: 1251 description: Specify whether the ConfigMap 1252 or its key must be defined 1253 type: boolean 1254 required: 1255 - key 1256 type: object 1257 x-kubernetes-map-type: atomic 1258 secret: 1259 description: Secret containing data to use for 1260 the targets. 1261 properties: 1262 key: 1263 description: The key of the secret to select 1264 from. Must be a valid secret key. 1265 type: string 1266 name: 1267 description: 'Name of the referent. More info: 1268 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1269 TODO: Add other useful fields. apiVersion, 1270 kind, uid?' 1271 type: string 1272 optional: 1273 description: Specify whether the Secret or 1274 its key must be defined 1275 type: boolean 1276 required: 1277 - key 1278 type: object 1279 x-kubernetes-map-type: atomic 1280 type: object 1281 cert: 1282 description: Client certificate to present when doing 1283 client-authentication. 1284 properties: 1285 configMap: 1286 description: ConfigMap containing data to use 1287 for the targets. 1288 properties: 1289 key: 1290 description: The key to select. 1291 type: string 1292 name: 1293 description: 'Name of the referent. More info: 1294 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1295 TODO: Add other useful fields. apiVersion, 1296 kind, uid?' 1297 type: string 1298 optional: 1299 description: Specify whether the ConfigMap 1300 or its key must be defined 1301 type: boolean 1302 required: 1303 - key 1304 type: object 1305 x-kubernetes-map-type: atomic 1306 secret: 1307 description: Secret containing data to use for 1308 the targets. 1309 properties: 1310 key: 1311 description: The key of the secret to select 1312 from. Must be a valid secret key. 1313 type: string 1314 name: 1315 description: 'Name of the referent. More info: 1316 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1317 TODO: Add other useful fields. apiVersion, 1318 kind, uid?' 1319 type: string 1320 optional: 1321 description: Specify whether the Secret or 1322 its key must be defined 1323 type: boolean 1324 required: 1325 - key 1326 type: object 1327 x-kubernetes-map-type: atomic 1328 type: object 1329 insecureSkipVerify: 1330 description: Disable target certificate validation. 1331 type: boolean 1332 keySecret: 1333 description: Secret containing the client key file 1334 for the targets. 1335 properties: 1336 key: 1337 description: The key of the secret to select from. Must 1338 be a valid secret key. 1339 type: string 1340 name: 1341 description: 'Name of the referent. More info: 1342 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1343 TODO: Add other useful fields. apiVersion, kind, 1344 uid?' 1345 type: string 1346 optional: 1347 description: Specify whether the Secret or its 1348 key must be defined 1349 type: boolean 1350 required: 1351 - key 1352 type: object 1353 x-kubernetes-map-type: atomic 1354 serverName: 1355 description: Used to verify the hostname for the targets. 1356 type: string 1357 type: object 1358 type: object 1359 resolveTimeout: 1360 description: ResolveTimeout is the default value used by alertmanager 1361 if the alert does not include EndsAt, after this time passes 1362 it can declare the alert as resolved if it has not been 1363 updated. This has no impact on alerts from Prometheus, as 1364 they always include EndsAt. 1365 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 1366 type: string 1367 type: object 1368 name: 1369 description: The name of the AlertmanagerConfig resource which 1370 is used to generate the Alertmanager configuration. It must 1371 be defined in the same namespace as the Alertmanager object. 1372 The operator will not enforce a `namespace` label for routes 1373 and inhibition rules. 1374 minLength: 1 1375 type: string 1376 templates: 1377 description: Custom notification templates. 1378 items: 1379 description: SecretOrConfigMap allows to specify data as a Secret 1380 or ConfigMap. Fields are mutually exclusive. 1381 properties: 1382 configMap: 1383 description: ConfigMap containing data to use for the targets. 1384 properties: 1385 key: 1386 description: The key to select. 1387 type: string 1388 name: 1389 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1390 TODO: Add other useful fields. apiVersion, kind, uid?' 1391 type: string 1392 optional: 1393 description: Specify whether the ConfigMap or its key 1394 must be defined 1395 type: boolean 1396 required: 1397 - key 1398 type: object 1399 x-kubernetes-map-type: atomic 1400 secret: 1401 description: Secret containing data to use for the targets. 1402 properties: 1403 key: 1404 description: The key of the secret to select from. Must 1405 be a valid secret key. 1406 type: string 1407 name: 1408 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1409 TODO: Add other useful fields. apiVersion, kind, uid?' 1410 type: string 1411 optional: 1412 description: Specify whether the Secret or its key must 1413 be defined 1414 type: boolean 1415 required: 1416 - key 1417 type: object 1418 x-kubernetes-map-type: atomic 1419 type: object 1420 type: array 1421 type: object 1422 baseImage: 1423 description: 'Base image that is used to deploy pods, without tag. 1424 Deprecated: use ''image'' instead' 1425 type: string 1426 clusterAdvertiseAddress: 1427 description: 'ClusterAdvertiseAddress is the explicit address to advertise 1428 in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. 1429 [1] RFC1918: https://tools.ietf.org/html/rfc1918' 1430 type: string 1431 clusterGossipInterval: 1432 description: Interval between gossip attempts. 1433 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 1434 type: string 1435 clusterPeerTimeout: 1436 description: Timeout for cluster peering. 1437 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 1438 type: string 1439 clusterPushpullInterval: 1440 description: Interval between pushpull attempts. 1441 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 1442 type: string 1443 configMaps: 1444 description: ConfigMaps is a list of ConfigMaps in the same namespace 1445 as the Alertmanager object, which shall be mounted into the Alertmanager 1446 Pods. Each ConfigMap is added to the StatefulSet definition as a 1447 volume named `configmap-<configmap-name>`. The ConfigMaps are mounted 1448 into `/etc/alertmanager/configmaps/<configmap-name>` in the 'alertmanager' 1449 container. 1450 items: 1451 type: string 1452 type: array 1453 configSecret: 1454 description: "ConfigSecret is the name of a Kubernetes Secret in the 1455 same namespace as the Alertmanager object, which contains the configuration 1456 for this Alertmanager instance. If empty, it defaults to `alertmanager-<alertmanager-name>`. 1457 \n The Alertmanager configuration should be available under the 1458 `alertmanager.yaml` key. Additional keys from the original secret 1459 are copied to the generated secret and mounted into the `/etc/alertmanager/config` 1460 directory in the `alertmanager` container. \n If either the secret 1461 or the `alertmanager.yaml` key is missing, the operator provisions 1462 a minimal Alertmanager configuration with one empty receiver (effectively 1463 dropping alert notifications)." 1464 type: string 1465 containers: 1466 description: 'Containers allows injecting additional containers. This 1467 is meant to allow adding an authentication proxy to an Alertmanager 1468 pod. Containers described here modify an operator generated container 1469 if they share the same name and modifications are done via a strategic 1470 merge patch. The current container names are: `alertmanager` and 1471 `config-reloader`. Overriding containers is entirely outside the 1472 scope of what the maintainers will support and by doing so, you 1473 accept that this behaviour may break at any time without notice.' 1474 items: 1475 description: A single application container that you want to run 1476 within a pod. 1477 properties: 1478 args: 1479 description: 'Arguments to the entrypoint. The container image''s 1480 CMD is used if this is not provided. Variable references $(VAR_NAME) 1481 are expanded using the container''s environment. If a variable 1482 cannot be resolved, the reference in the input string will 1483 be unchanged. Double $$ are reduced to a single $, which allows 1484 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 1485 produce the string literal "$(VAR_NAME)". Escaped references 1486 will never be expanded, regardless of whether the variable 1487 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1488 items: 1489 type: string 1490 type: array 1491 command: 1492 description: 'Entrypoint array. Not executed within a shell. 1493 The container image''s ENTRYPOINT is used if this is not provided. 1494 Variable references $(VAR_NAME) are expanded using the container''s 1495 environment. If a variable cannot be resolved, the reference 1496 in the input string will be unchanged. Double $$ are reduced 1497 to a single $, which allows for escaping the $(VAR_NAME) syntax: 1498 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1499 Escaped references will never be expanded, regardless of whether 1500 the variable exists or not. Cannot be updated. More info: 1501 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1502 items: 1503 type: string 1504 type: array 1505 env: 1506 description: List of environment variables to set in the container. 1507 Cannot be updated. 1508 items: 1509 description: EnvVar represents an environment variable present 1510 in a Container. 1511 properties: 1512 name: 1513 description: Name of the environment variable. Must be 1514 a C_IDENTIFIER. 1515 type: string 1516 value: 1517 description: 'Variable references $(VAR_NAME) are expanded 1518 using the previously defined environment variables in 1519 the container and any service environment variables. 1520 If a variable cannot be resolved, the reference in the 1521 input string will be unchanged. Double $$ are reduced 1522 to a single $, which allows for escaping the $(VAR_NAME) 1523 syntax: i.e. "$$(VAR_NAME)" will produce the string 1524 literal "$(VAR_NAME)". Escaped references will never 1525 be expanded, regardless of whether the variable exists 1526 or not. Defaults to "".' 1527 type: string 1528 valueFrom: 1529 description: Source for the environment variable's value. 1530 Cannot be used if value is not empty. 1531 properties: 1532 configMapKeyRef: 1533 description: Selects a key of a ConfigMap. 1534 properties: 1535 key: 1536 description: The key to select. 1537 type: string 1538 name: 1539 description: 'Name of the referent. More info: 1540 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1541 TODO: Add other useful fields. apiVersion, kind, 1542 uid?' 1543 type: string 1544 optional: 1545 description: Specify whether the ConfigMap or 1546 its key must be defined 1547 type: boolean 1548 required: 1549 - key 1550 type: object 1551 x-kubernetes-map-type: atomic 1552 fieldRef: 1553 description: 'Selects a field of the pod: supports 1554 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1555 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1556 spec.serviceAccountName, status.hostIP, status.podIP, 1557 status.podIPs.' 1558 properties: 1559 apiVersion: 1560 description: Version of the schema the FieldPath 1561 is written in terms of, defaults to "v1". 1562 type: string 1563 fieldPath: 1564 description: Path of the field to select in the 1565 specified API version. 1566 type: string 1567 required: 1568 - fieldPath 1569 type: object 1570 x-kubernetes-map-type: atomic 1571 resourceFieldRef: 1572 description: 'Selects a resource of the container: 1573 only resources limits and requests (limits.cpu, 1574 limits.memory, limits.ephemeral-storage, requests.cpu, 1575 requests.memory and requests.ephemeral-storage) 1576 are currently supported.' 1577 properties: 1578 containerName: 1579 description: 'Container name: required for volumes, 1580 optional for env vars' 1581 type: string 1582 divisor: 1583 anyOf: 1584 - type: integer 1585 - type: string 1586 description: Specifies the output format of the 1587 exposed resources, defaults to "1" 1588 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1589 x-kubernetes-int-or-string: true 1590 resource: 1591 description: 'Required: resource to select' 1592 type: string 1593 required: 1594 - resource 1595 type: object 1596 x-kubernetes-map-type: atomic 1597 secretKeyRef: 1598 description: Selects a key of a secret in the pod's 1599 namespace 1600 properties: 1601 key: 1602 description: The key of the secret to select from. Must 1603 be a valid secret key. 1604 type: string 1605 name: 1606 description: 'Name of the referent. More info: 1607 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1608 TODO: Add other useful fields. apiVersion, kind, 1609 uid?' 1610 type: string 1611 optional: 1612 description: Specify whether the Secret or its 1613 key must be defined 1614 type: boolean 1615 required: 1616 - key 1617 type: object 1618 x-kubernetes-map-type: atomic 1619 type: object 1620 required: 1621 - name 1622 type: object 1623 type: array 1624 envFrom: 1625 description: List of sources to populate environment variables 1626 in the container. The keys defined within a source must be 1627 a C_IDENTIFIER. All invalid keys will be reported as an event 1628 when the container is starting. When a key exists in multiple 1629 sources, the value associated with the last source will take 1630 precedence. Values defined by an Env with a duplicate key 1631 will take precedence. Cannot be updated. 1632 items: 1633 description: EnvFromSource represents the source of a set 1634 of ConfigMaps 1635 properties: 1636 configMapRef: 1637 description: The ConfigMap to select from 1638 properties: 1639 name: 1640 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1641 TODO: Add other useful fields. apiVersion, kind, 1642 uid?' 1643 type: string 1644 optional: 1645 description: Specify whether the ConfigMap must be 1646 defined 1647 type: boolean 1648 type: object 1649 x-kubernetes-map-type: atomic 1650 prefix: 1651 description: An optional identifier to prepend to each 1652 key in the ConfigMap. Must be a C_IDENTIFIER. 1653 type: string 1654 secretRef: 1655 description: The Secret to select from 1656 properties: 1657 name: 1658 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1659 TODO: Add other useful fields. apiVersion, kind, 1660 uid?' 1661 type: string 1662 optional: 1663 description: Specify whether the Secret must be defined 1664 type: boolean 1665 type: object 1666 x-kubernetes-map-type: atomic 1667 type: object 1668 type: array 1669 image: 1670 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 1671 This field is optional to allow higher level config management 1672 to default or override container images in workload controllers 1673 like Deployments and StatefulSets.' 1674 type: string 1675 imagePullPolicy: 1676 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1677 Defaults to Always if :latest tag is specified, or IfNotPresent 1678 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1679 type: string 1680 lifecycle: 1681 description: Actions that the management system should take 1682 in response to container lifecycle events. Cannot be updated. 1683 properties: 1684 postStart: 1685 description: 'PostStart is called immediately after a container 1686 is created. If the handler fails, the container is terminated 1687 and restarted according to its restart policy. Other management 1688 of the container blocks until the hook completes. More 1689 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1690 properties: 1691 exec: 1692 description: Exec specifies the action to take. 1693 properties: 1694 command: 1695 description: Command is the command line to execute 1696 inside the container, the working directory for 1697 the command is root ('/') in the container's 1698 filesystem. The command is simply exec'd, it is 1699 not run inside a shell, so traditional shell instructions 1700 ('|', etc) won't work. To use a shell, you need 1701 to explicitly call out to that shell. Exit status 1702 of 0 is treated as live/healthy and non-zero is 1703 unhealthy. 1704 items: 1705 type: string 1706 type: array 1707 type: object 1708 httpGet: 1709 description: HTTPGet specifies the http request to perform. 1710 properties: 1711 host: 1712 description: Host name to connect to, defaults to 1713 the pod IP. You probably want to set "Host" in 1714 httpHeaders instead. 1715 type: string 1716 httpHeaders: 1717 description: Custom headers to set in the request. 1718 HTTP allows repeated headers. 1719 items: 1720 description: HTTPHeader describes a custom header 1721 to be used in HTTP probes 1722 properties: 1723 name: 1724 description: The header field name 1725 type: string 1726 value: 1727 description: The header field value 1728 type: string 1729 required: 1730 - name 1731 - value 1732 type: object 1733 type: array 1734 path: 1735 description: Path to access on the HTTP server. 1736 type: string 1737 port: 1738 anyOf: 1739 - type: integer 1740 - type: string 1741 description: Name or number of the port to access 1742 on the container. Number must be in the range 1743 1 to 65535. Name must be an IANA_SVC_NAME. 1744 x-kubernetes-int-or-string: true 1745 scheme: 1746 description: Scheme to use for connecting to the 1747 host. Defaults to HTTP. 1748 type: string 1749 required: 1750 - port 1751 type: object 1752 tcpSocket: 1753 description: Deprecated. TCPSocket is NOT supported 1754 as a LifecycleHandler and kept for the backward compatibility. 1755 There are no validation of this field and lifecycle 1756 hooks will fail in runtime when tcp handler is specified. 1757 properties: 1758 host: 1759 description: 'Optional: Host name to connect to, 1760 defaults to the pod IP.' 1761 type: string 1762 port: 1763 anyOf: 1764 - type: integer 1765 - type: string 1766 description: Number or name of the port to access 1767 on the container. Number must be in the range 1768 1 to 65535. Name must be an IANA_SVC_NAME. 1769 x-kubernetes-int-or-string: true 1770 required: 1771 - port 1772 type: object 1773 type: object 1774 preStop: 1775 description: 'PreStop is called immediately before a container 1776 is terminated due to an API request or management event 1777 such as liveness/startup probe failure, preemption, resource 1778 contention, etc. The handler is not called if the container 1779 crashes or exits. The Pod''s termination grace period 1780 countdown begins before the PreStop hook is executed. 1781 Regardless of the outcome of the handler, the container 1782 will eventually terminate within the Pod''s termination 1783 grace period (unless delayed by finalizers). Other management 1784 of the container blocks until the hook completes or until 1785 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1786 properties: 1787 exec: 1788 description: Exec specifies the action to take. 1789 properties: 1790 command: 1791 description: Command is the command line to execute 1792 inside the container, the working directory for 1793 the command is root ('/') in the container's 1794 filesystem. The command is simply exec'd, it is 1795 not run inside a shell, so traditional shell instructions 1796 ('|', etc) won't work. To use a shell, you need 1797 to explicitly call out to that shell. Exit status 1798 of 0 is treated as live/healthy and non-zero is 1799 unhealthy. 1800 items: 1801 type: string 1802 type: array 1803 type: object 1804 httpGet: 1805 description: HTTPGet specifies the http request to perform. 1806 properties: 1807 host: 1808 description: Host name to connect to, defaults to 1809 the pod IP. You probably want to set "Host" in 1810 httpHeaders instead. 1811 type: string 1812 httpHeaders: 1813 description: Custom headers to set in the request. 1814 HTTP allows repeated headers. 1815 items: 1816 description: HTTPHeader describes a custom header 1817 to be used in HTTP probes 1818 properties: 1819 name: 1820 description: The header field name 1821 type: string 1822 value: 1823 description: The header field value 1824 type: string 1825 required: 1826 - name 1827 - value 1828 type: object 1829 type: array 1830 path: 1831 description: Path to access on the HTTP server. 1832 type: string 1833 port: 1834 anyOf: 1835 - type: integer 1836 - type: string 1837 description: Name or number of the port to access 1838 on the container. Number must be in the range 1839 1 to 65535. Name must be an IANA_SVC_NAME. 1840 x-kubernetes-int-or-string: true 1841 scheme: 1842 description: Scheme to use for connecting to the 1843 host. Defaults to HTTP. 1844 type: string 1845 required: 1846 - port 1847 type: object 1848 tcpSocket: 1849 description: Deprecated. TCPSocket is NOT supported 1850 as a LifecycleHandler and kept for the backward compatibility. 1851 There are no validation of this field and lifecycle 1852 hooks will fail in runtime when tcp handler is specified. 1853 properties: 1854 host: 1855 description: 'Optional: Host name to connect to, 1856 defaults to the pod IP.' 1857 type: string 1858 port: 1859 anyOf: 1860 - type: integer 1861 - type: string 1862 description: Number or name of the port to access 1863 on the container. Number must be in the range 1864 1 to 65535. Name must be an IANA_SVC_NAME. 1865 x-kubernetes-int-or-string: true 1866 required: 1867 - port 1868 type: object 1869 type: object 1870 type: object 1871 livenessProbe: 1872 description: 'Periodic probe of container liveness. Container 1873 will be restarted if the probe fails. Cannot be updated. More 1874 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1875 properties: 1876 exec: 1877 description: Exec specifies the action to take. 1878 properties: 1879 command: 1880 description: Command is the command line to execute 1881 inside the container, the working directory for the 1882 command is root ('/') in the container's filesystem. 1883 The command is simply exec'd, it is not run inside 1884 a shell, so traditional shell instructions ('|', etc) 1885 won't work. To use a shell, you need to explicitly 1886 call out to that shell. Exit status of 0 is treated 1887 as live/healthy and non-zero is unhealthy. 1888 items: 1889 type: string 1890 type: array 1891 type: object 1892 failureThreshold: 1893 description: Minimum consecutive failures for the probe 1894 to be considered failed after having succeeded. Defaults 1895 to 3. Minimum value is 1. 1896 format: int32 1897 type: integer 1898 grpc: 1899 description: GRPC specifies an action involving a GRPC port. 1900 This is a beta field and requires enabling GRPCContainerProbe 1901 feature gate. 1902 properties: 1903 port: 1904 description: Port number of the gRPC service. Number 1905 must be in the range 1 to 65535. 1906 format: int32 1907 type: integer 1908 service: 1909 description: "Service is the name of the service to 1910 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1911 \n If this is not specified, the default behavior 1912 is defined by gRPC." 1913 type: string 1914 required: 1915 - port 1916 type: object 1917 httpGet: 1918 description: HTTPGet specifies the http request to perform. 1919 properties: 1920 host: 1921 description: Host name to connect to, defaults to the 1922 pod IP. You probably want to set "Host" in httpHeaders 1923 instead. 1924 type: string 1925 httpHeaders: 1926 description: Custom headers to set in the request. HTTP 1927 allows repeated headers. 1928 items: 1929 description: HTTPHeader describes a custom header 1930 to be used in HTTP probes 1931 properties: 1932 name: 1933 description: The header field name 1934 type: string 1935 value: 1936 description: The header field value 1937 type: string 1938 required: 1939 - name 1940 - value 1941 type: object 1942 type: array 1943 path: 1944 description: Path to access on the HTTP server. 1945 type: string 1946 port: 1947 anyOf: 1948 - type: integer 1949 - type: string 1950 description: Name or number of the port to access on 1951 the container. Number must be in the range 1 to 65535. 1952 Name must be an IANA_SVC_NAME. 1953 x-kubernetes-int-or-string: true 1954 scheme: 1955 description: Scheme to use for connecting to the host. 1956 Defaults to HTTP. 1957 type: string 1958 required: 1959 - port 1960 type: object 1961 initialDelaySeconds: 1962 description: 'Number of seconds after the container has 1963 started before liveness probes are initiated. More info: 1964 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1965 format: int32 1966 type: integer 1967 periodSeconds: 1968 description: How often (in seconds) to perform the probe. 1969 Default to 10 seconds. Minimum value is 1. 1970 format: int32 1971 type: integer 1972 successThreshold: 1973 description: Minimum consecutive successes for the probe 1974 to be considered successful after having failed. Defaults 1975 to 1. Must be 1 for liveness and startup. Minimum value 1976 is 1. 1977 format: int32 1978 type: integer 1979 tcpSocket: 1980 description: TCPSocket specifies an action involving a TCP 1981 port. 1982 properties: 1983 host: 1984 description: 'Optional: Host name to connect to, defaults 1985 to the pod IP.' 1986 type: string 1987 port: 1988 anyOf: 1989 - type: integer 1990 - type: string 1991 description: Number or name of the port to access on 1992 the container. Number must be in the range 1 to 65535. 1993 Name must be an IANA_SVC_NAME. 1994 x-kubernetes-int-or-string: true 1995 required: 1996 - port 1997 type: object 1998 terminationGracePeriodSeconds: 1999 description: Optional duration in seconds the pod needs 2000 to terminate gracefully upon probe failure. The grace 2001 period is the duration in seconds after the processes 2002 running in the pod are sent a termination signal and the 2003 time when the processes are forcibly halted with a kill 2004 signal. Set this value longer than the expected cleanup 2005 time for your process. If this value is nil, the pod's 2006 terminationGracePeriodSeconds will be used. Otherwise, 2007 this value overrides the value provided by the pod spec. 2008 Value must be non-negative integer. The value zero indicates 2009 stop immediately via the kill signal (no opportunity to 2010 shut down). This is a beta field and requires enabling 2011 ProbeTerminationGracePeriod feature gate. Minimum value 2012 is 1. spec.terminationGracePeriodSeconds is used if unset. 2013 format: int64 2014 type: integer 2015 timeoutSeconds: 2016 description: 'Number of seconds after which the probe times 2017 out. Defaults to 1 second. Minimum value is 1. More info: 2018 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2019 format: int32 2020 type: integer 2021 type: object 2022 name: 2023 description: Name of the container specified as a DNS_LABEL. 2024 Each container in a pod must have a unique name (DNS_LABEL). 2025 Cannot be updated. 2026 type: string 2027 ports: 2028 description: List of ports to expose from the container. Not 2029 specifying a port here DOES NOT prevent that port from being 2030 exposed. Any port which is listening on the default "0.0.0.0" 2031 address inside a container will be accessible from the network. 2032 Modifying this array with strategic merge patch may corrupt 2033 the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. 2034 Cannot be updated. 2035 items: 2036 description: ContainerPort represents a network port in a 2037 single container. 2038 properties: 2039 containerPort: 2040 description: Number of port to expose on the pod's IP 2041 address. This must be a valid port number, 0 < x < 65536. 2042 format: int32 2043 type: integer 2044 hostIP: 2045 description: What host IP to bind the external port to. 2046 type: string 2047 hostPort: 2048 description: Number of port to expose on the host. If 2049 specified, this must be a valid port number, 0 < x < 2050 65536. If HostNetwork is specified, this must match 2051 ContainerPort. Most containers do not need this. 2052 format: int32 2053 type: integer 2054 name: 2055 description: If specified, this must be an IANA_SVC_NAME 2056 and unique within the pod. Each named port in a pod 2057 must have a unique name. Name for the port that can 2058 be referred to by services. 2059 type: string 2060 protocol: 2061 default: TCP 2062 description: Protocol for port. Must be UDP, TCP, or SCTP. 2063 Defaults to "TCP". 2064 type: string 2065 required: 2066 - containerPort 2067 type: object 2068 type: array 2069 x-kubernetes-list-map-keys: 2070 - containerPort 2071 - protocol 2072 x-kubernetes-list-type: map 2073 readinessProbe: 2074 description: 'Periodic probe of container service readiness. 2075 Container will be removed from service endpoints if the probe 2076 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2077 properties: 2078 exec: 2079 description: Exec specifies the action to take. 2080 properties: 2081 command: 2082 description: Command is the command line to execute 2083 inside the container, the working directory for the 2084 command is root ('/') in the container's filesystem. 2085 The command is simply exec'd, it is not run inside 2086 a shell, so traditional shell instructions ('|', etc) 2087 won't work. To use a shell, you need to explicitly 2088 call out to that shell. Exit status of 0 is treated 2089 as live/healthy and non-zero is unhealthy. 2090 items: 2091 type: string 2092 type: array 2093 type: object 2094 failureThreshold: 2095 description: Minimum consecutive failures for the probe 2096 to be considered failed after having succeeded. Defaults 2097 to 3. Minimum value is 1. 2098 format: int32 2099 type: integer 2100 grpc: 2101 description: GRPC specifies an action involving a GRPC port. 2102 This is a beta field and requires enabling GRPCContainerProbe 2103 feature gate. 2104 properties: 2105 port: 2106 description: Port number of the gRPC service. Number 2107 must be in the range 1 to 65535. 2108 format: int32 2109 type: integer 2110 service: 2111 description: "Service is the name of the service to 2112 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2113 \n If this is not specified, the default behavior 2114 is defined by gRPC." 2115 type: string 2116 required: 2117 - port 2118 type: object 2119 httpGet: 2120 description: HTTPGet specifies the http request to perform. 2121 properties: 2122 host: 2123 description: Host name to connect to, defaults to the 2124 pod IP. You probably want to set "Host" in httpHeaders 2125 instead. 2126 type: string 2127 httpHeaders: 2128 description: Custom headers to set in the request. HTTP 2129 allows repeated headers. 2130 items: 2131 description: HTTPHeader describes a custom header 2132 to be used in HTTP probes 2133 properties: 2134 name: 2135 description: The header field name 2136 type: string 2137 value: 2138 description: The header field value 2139 type: string 2140 required: 2141 - name 2142 - value 2143 type: object 2144 type: array 2145 path: 2146 description: Path to access on the HTTP server. 2147 type: string 2148 port: 2149 anyOf: 2150 - type: integer 2151 - type: string 2152 description: Name or number of the port to access on 2153 the container. Number must be in the range 1 to 65535. 2154 Name must be an IANA_SVC_NAME. 2155 x-kubernetes-int-or-string: true 2156 scheme: 2157 description: Scheme to use for connecting to the host. 2158 Defaults to HTTP. 2159 type: string 2160 required: 2161 - port 2162 type: object 2163 initialDelaySeconds: 2164 description: 'Number of seconds after the container has 2165 started before liveness probes are initiated. More info: 2166 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2167 format: int32 2168 type: integer 2169 periodSeconds: 2170 description: How often (in seconds) to perform the probe. 2171 Default to 10 seconds. Minimum value is 1. 2172 format: int32 2173 type: integer 2174 successThreshold: 2175 description: Minimum consecutive successes for the probe 2176 to be considered successful after having failed. Defaults 2177 to 1. Must be 1 for liveness and startup. Minimum value 2178 is 1. 2179 format: int32 2180 type: integer 2181 tcpSocket: 2182 description: TCPSocket specifies an action involving a TCP 2183 port. 2184 properties: 2185 host: 2186 description: 'Optional: Host name to connect to, defaults 2187 to the pod IP.' 2188 type: string 2189 port: 2190 anyOf: 2191 - type: integer 2192 - type: string 2193 description: Number or name of the port to access on 2194 the container. Number must be in the range 1 to 65535. 2195 Name must be an IANA_SVC_NAME. 2196 x-kubernetes-int-or-string: true 2197 required: 2198 - port 2199 type: object 2200 terminationGracePeriodSeconds: 2201 description: Optional duration in seconds the pod needs 2202 to terminate gracefully upon probe failure. The grace 2203 period is the duration in seconds after the processes 2204 running in the pod are sent a termination signal and the 2205 time when the processes are forcibly halted with a kill 2206 signal. Set this value longer than the expected cleanup 2207 time for your process. If this value is nil, the pod's 2208 terminationGracePeriodSeconds will be used. Otherwise, 2209 this value overrides the value provided by the pod spec. 2210 Value must be non-negative integer. The value zero indicates 2211 stop immediately via the kill signal (no opportunity to 2212 shut down). This is a beta field and requires enabling 2213 ProbeTerminationGracePeriod feature gate. Minimum value 2214 is 1. spec.terminationGracePeriodSeconds is used if unset. 2215 format: int64 2216 type: integer 2217 timeoutSeconds: 2218 description: 'Number of seconds after which the probe times 2219 out. Defaults to 1 second. Minimum value is 1. More info: 2220 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2221 format: int32 2222 type: integer 2223 type: object 2224 resources: 2225 description: 'Compute Resources required by this container. 2226 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2227 properties: 2228 claims: 2229 description: "Claims lists the names of resources, defined 2230 in spec.resourceClaims, that are used by this container. 2231 \n This is an alpha field and requires enabling the DynamicResourceAllocation 2232 feature gate. \n This field is immutable." 2233 items: 2234 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 2235 properties: 2236 name: 2237 description: Name must match the name of one entry 2238 in pod.spec.resourceClaims of the Pod where this 2239 field is used. It makes that resource available 2240 inside a container. 2241 type: string 2242 required: 2243 - name 2244 type: object 2245 type: array 2246 x-kubernetes-list-map-keys: 2247 - name 2248 x-kubernetes-list-type: map 2249 limits: 2250 additionalProperties: 2251 anyOf: 2252 - type: integer 2253 - type: string 2254 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2255 x-kubernetes-int-or-string: true 2256 description: 'Limits describes the maximum amount of compute 2257 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2258 type: object 2259 requests: 2260 additionalProperties: 2261 anyOf: 2262 - type: integer 2263 - type: string 2264 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2265 x-kubernetes-int-or-string: true 2266 description: 'Requests describes the minimum amount of compute 2267 resources required. If Requests is omitted for a container, 2268 it defaults to Limits if that is explicitly specified, 2269 otherwise to an implementation-defined value. More info: 2270 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2271 type: object 2272 type: object 2273 securityContext: 2274 description: 'SecurityContext defines the security options the 2275 container should be run with. If set, the fields of SecurityContext 2276 override the equivalent fields of PodSecurityContext. More 2277 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2278 properties: 2279 allowPrivilegeEscalation: 2280 description: 'AllowPrivilegeEscalation controls whether 2281 a process can gain more privileges than its parent process. 2282 This bool directly controls if the no_new_privs flag will 2283 be set on the container process. AllowPrivilegeEscalation 2284 is true always when the container is: 1) run as Privileged 2285 2) has CAP_SYS_ADMIN Note that this field cannot be set 2286 when spec.os.name is windows.' 2287 type: boolean 2288 capabilities: 2289 description: The capabilities to add/drop when running containers. 2290 Defaults to the default set of capabilities granted by 2291 the container runtime. Note that this field cannot be 2292 set when spec.os.name is windows. 2293 properties: 2294 add: 2295 description: Added capabilities 2296 items: 2297 description: Capability represent POSIX capabilities 2298 type 2299 type: string 2300 type: array 2301 drop: 2302 description: Removed capabilities 2303 items: 2304 description: Capability represent POSIX capabilities 2305 type 2306 type: string 2307 type: array 2308 type: object 2309 privileged: 2310 description: Run container in privileged mode. Processes 2311 in privileged containers are essentially equivalent to 2312 root on the host. Defaults to false. Note that this field 2313 cannot be set when spec.os.name is windows. 2314 type: boolean 2315 procMount: 2316 description: procMount denotes the type of proc mount to 2317 use for the containers. The default is DefaultProcMount 2318 which uses the container runtime defaults for readonly 2319 paths and masked paths. This requires the ProcMountType 2320 feature flag to be enabled. Note that this field cannot 2321 be set when spec.os.name is windows. 2322 type: string 2323 readOnlyRootFilesystem: 2324 description: Whether this container has a read-only root 2325 filesystem. Default is false. Note that this field cannot 2326 be set when spec.os.name is windows. 2327 type: boolean 2328 runAsGroup: 2329 description: The GID to run the entrypoint of the container 2330 process. Uses runtime default if unset. May also be set 2331 in PodSecurityContext. If set in both SecurityContext 2332 and PodSecurityContext, the value specified in SecurityContext 2333 takes precedence. Note that this field cannot be set when 2334 spec.os.name is windows. 2335 format: int64 2336 type: integer 2337 runAsNonRoot: 2338 description: Indicates that the container must run as a 2339 non-root user. If true, the Kubelet will validate the 2340 image at runtime to ensure that it does not run as UID 2341 0 (root) and fail to start the container if it does. If 2342 unset or false, no such validation will be performed. 2343 May also be set in PodSecurityContext. If set in both 2344 SecurityContext and PodSecurityContext, the value specified 2345 in SecurityContext takes precedence. 2346 type: boolean 2347 runAsUser: 2348 description: The UID to run the entrypoint of the container 2349 process. Defaults to user specified in image metadata 2350 if unspecified. May also be set in PodSecurityContext. If 2351 set in both SecurityContext and PodSecurityContext, the 2352 value specified in SecurityContext takes precedence. Note 2353 that this field cannot be set when spec.os.name is windows. 2354 format: int64 2355 type: integer 2356 seLinuxOptions: 2357 description: The SELinux context to be applied to the container. 2358 If unspecified, the container runtime will allocate a 2359 random SELinux context for each container. May also be 2360 set in PodSecurityContext. If set in both SecurityContext 2361 and PodSecurityContext, the value specified in SecurityContext 2362 takes precedence. Note that this field cannot be set when 2363 spec.os.name is windows. 2364 properties: 2365 level: 2366 description: Level is SELinux level label that applies 2367 to the container. 2368 type: string 2369 role: 2370 description: Role is a SELinux role label that applies 2371 to the container. 2372 type: string 2373 type: 2374 description: Type is a SELinux type label that applies 2375 to the container. 2376 type: string 2377 user: 2378 description: User is a SELinux user label that applies 2379 to the container. 2380 type: string 2381 type: object 2382 seccompProfile: 2383 description: The seccomp options to use by this container. 2384 If seccomp options are provided at both the pod & container 2385 level, the container options override the pod options. 2386 Note that this field cannot be set when spec.os.name is 2387 windows. 2388 properties: 2389 localhostProfile: 2390 description: localhostProfile indicates a profile defined 2391 in a file on the node should be used. The profile 2392 must be preconfigured on the node to work. Must be 2393 a descending path, relative to the kubelet's configured 2394 seccomp profile location. Must only be set if type 2395 is "Localhost". 2396 type: string 2397 type: 2398 description: "type indicates which kind of seccomp profile 2399 will be applied. Valid options are: \n Localhost - 2400 a profile defined in a file on the node should be 2401 used. RuntimeDefault - the container runtime default 2402 profile should be used. Unconfined - no profile should 2403 be applied." 2404 type: string 2405 required: 2406 - type 2407 type: object 2408 windowsOptions: 2409 description: The Windows specific settings applied to all 2410 containers. If unspecified, the options from the PodSecurityContext 2411 will be used. If set in both SecurityContext and PodSecurityContext, 2412 the value specified in SecurityContext takes precedence. 2413 Note that this field cannot be set when spec.os.name is 2414 linux. 2415 properties: 2416 gmsaCredentialSpec: 2417 description: GMSACredentialSpec is where the GMSA admission 2418 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2419 inlines the contents of the GMSA credential spec named 2420 by the GMSACredentialSpecName field. 2421 type: string 2422 gmsaCredentialSpecName: 2423 description: GMSACredentialSpecName is the name of the 2424 GMSA credential spec to use. 2425 type: string 2426 hostProcess: 2427 description: HostProcess determines if a container should 2428 be run as a 'Host Process' container. This field is 2429 alpha-level and will only be honored by components 2430 that enable the WindowsHostProcessContainers feature 2431 flag. Setting this field without the feature flag 2432 will result in errors when validating the Pod. All 2433 of a Pod's containers must have the same effective 2434 HostProcess value (it is not allowed to have a mix 2435 of HostProcess containers and non-HostProcess containers). In 2436 addition, if HostProcess is true then HostNetwork 2437 must also be set to true. 2438 type: boolean 2439 runAsUserName: 2440 description: The UserName in Windows to run the entrypoint 2441 of the container process. Defaults to the user specified 2442 in image metadata if unspecified. May also be set 2443 in PodSecurityContext. If set in both SecurityContext 2444 and PodSecurityContext, the value specified in SecurityContext 2445 takes precedence. 2446 type: string 2447 type: object 2448 type: object 2449 startupProbe: 2450 description: 'StartupProbe indicates that the Pod has successfully 2451 initialized. If specified, no other probes are executed until 2452 this completes successfully. If this probe fails, the Pod 2453 will be restarted, just as if the livenessProbe failed. This 2454 can be used to provide different probe parameters at the beginning 2455 of a Pod''s lifecycle, when it might take a long time to load 2456 data or warm a cache, than during steady-state operation. 2457 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2458 properties: 2459 exec: 2460 description: Exec specifies the action to take. 2461 properties: 2462 command: 2463 description: Command is the command line to execute 2464 inside the container, the working directory for the 2465 command is root ('/') in the container's filesystem. 2466 The command is simply exec'd, it is not run inside 2467 a shell, so traditional shell instructions ('|', etc) 2468 won't work. To use a shell, you need to explicitly 2469 call out to that shell. Exit status of 0 is treated 2470 as live/healthy and non-zero is unhealthy. 2471 items: 2472 type: string 2473 type: array 2474 type: object 2475 failureThreshold: 2476 description: Minimum consecutive failures for the probe 2477 to be considered failed after having succeeded. Defaults 2478 to 3. Minimum value is 1. 2479 format: int32 2480 type: integer 2481 grpc: 2482 description: GRPC specifies an action involving a GRPC port. 2483 This is a beta field and requires enabling GRPCContainerProbe 2484 feature gate. 2485 properties: 2486 port: 2487 description: Port number of the gRPC service. Number 2488 must be in the range 1 to 65535. 2489 format: int32 2490 type: integer 2491 service: 2492 description: "Service is the name of the service to 2493 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2494 \n If this is not specified, the default behavior 2495 is defined by gRPC." 2496 type: string 2497 required: 2498 - port 2499 type: object 2500 httpGet: 2501 description: HTTPGet specifies the http request to perform. 2502 properties: 2503 host: 2504 description: Host name to connect to, defaults to the 2505 pod IP. You probably want to set "Host" in httpHeaders 2506 instead. 2507 type: string 2508 httpHeaders: 2509 description: Custom headers to set in the request. HTTP 2510 allows repeated headers. 2511 items: 2512 description: HTTPHeader describes a custom header 2513 to be used in HTTP probes 2514 properties: 2515 name: 2516 description: The header field name 2517 type: string 2518 value: 2519 description: The header field value 2520 type: string 2521 required: 2522 - name 2523 - value 2524 type: object 2525 type: array 2526 path: 2527 description: Path to access on the HTTP server. 2528 type: string 2529 port: 2530 anyOf: 2531 - type: integer 2532 - type: string 2533 description: Name or number of the port to access on 2534 the container. Number must be in the range 1 to 65535. 2535 Name must be an IANA_SVC_NAME. 2536 x-kubernetes-int-or-string: true 2537 scheme: 2538 description: Scheme to use for connecting to the host. 2539 Defaults to HTTP. 2540 type: string 2541 required: 2542 - port 2543 type: object 2544 initialDelaySeconds: 2545 description: 'Number of seconds after the container has 2546 started before liveness probes are initiated. More info: 2547 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2548 format: int32 2549 type: integer 2550 periodSeconds: 2551 description: How often (in seconds) to perform the probe. 2552 Default to 10 seconds. Minimum value is 1. 2553 format: int32 2554 type: integer 2555 successThreshold: 2556 description: Minimum consecutive successes for the probe 2557 to be considered successful after having failed. Defaults 2558 to 1. Must be 1 for liveness and startup. Minimum value 2559 is 1. 2560 format: int32 2561 type: integer 2562 tcpSocket: 2563 description: TCPSocket specifies an action involving a TCP 2564 port. 2565 properties: 2566 host: 2567 description: 'Optional: Host name to connect to, defaults 2568 to the pod IP.' 2569 type: string 2570 port: 2571 anyOf: 2572 - type: integer 2573 - type: string 2574 description: Number or name of the port to access on 2575 the container. Number must be in the range 1 to 65535. 2576 Name must be an IANA_SVC_NAME. 2577 x-kubernetes-int-or-string: true 2578 required: 2579 - port 2580 type: object 2581 terminationGracePeriodSeconds: 2582 description: Optional duration in seconds the pod needs 2583 to terminate gracefully upon probe failure. The grace 2584 period is the duration in seconds after the processes 2585 running in the pod are sent a termination signal and the 2586 time when the processes are forcibly halted with a kill 2587 signal. Set this value longer than the expected cleanup 2588 time for your process. If this value is nil, the pod's 2589 terminationGracePeriodSeconds will be used. Otherwise, 2590 this value overrides the value provided by the pod spec. 2591 Value must be non-negative integer. The value zero indicates 2592 stop immediately via the kill signal (no opportunity to 2593 shut down). This is a beta field and requires enabling 2594 ProbeTerminationGracePeriod feature gate. Minimum value 2595 is 1. spec.terminationGracePeriodSeconds is used if unset. 2596 format: int64 2597 type: integer 2598 timeoutSeconds: 2599 description: 'Number of seconds after which the probe times 2600 out. Defaults to 1 second. Minimum value is 1. More info: 2601 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2602 format: int32 2603 type: integer 2604 type: object 2605 stdin: 2606 description: Whether this container should allocate a buffer 2607 for stdin in the container runtime. If this is not set, reads 2608 from stdin in the container will always result in EOF. Default 2609 is false. 2610 type: boolean 2611 stdinOnce: 2612 description: Whether the container runtime should close the 2613 stdin channel after it has been opened by a single attach. 2614 When stdin is true the stdin stream will remain open across 2615 multiple attach sessions. If stdinOnce is set to true, stdin 2616 is opened on container start, is empty until the first client 2617 attaches to stdin, and then remains open and accepts data 2618 until the client disconnects, at which time stdin is closed 2619 and remains closed until the container is restarted. If this 2620 flag is false, a container processes that reads from stdin 2621 will never receive an EOF. Default is false 2622 type: boolean 2623 terminationMessagePath: 2624 description: 'Optional: Path at which the file to which the 2625 container''s termination message will be written is mounted 2626 into the container''s filesystem. Message written is intended 2627 to be brief final status, such as an assertion failure message. 2628 Will be truncated by the node if greater than 4096 bytes. 2629 The total message length across all containers will be limited 2630 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 2631 type: string 2632 terminationMessagePolicy: 2633 description: Indicate how the termination message should be 2634 populated. File will use the contents of terminationMessagePath 2635 to populate the container status message on both success and 2636 failure. FallbackToLogsOnError will use the last chunk of 2637 container log output if the termination message file is empty 2638 and the container exited with an error. The log output is 2639 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 2640 to File. Cannot be updated. 2641 type: string 2642 tty: 2643 description: Whether this container should allocate a TTY for 2644 itself, also requires 'stdin' to be true. Default is false. 2645 type: boolean 2646 volumeDevices: 2647 description: volumeDevices is the list of block devices to be 2648 used by the container. 2649 items: 2650 description: volumeDevice describes a mapping of a raw block 2651 device within a container. 2652 properties: 2653 devicePath: 2654 description: devicePath is the path inside of the container 2655 that the device will be mapped to. 2656 type: string 2657 name: 2658 description: name must match the name of a persistentVolumeClaim 2659 in the pod 2660 type: string 2661 required: 2662 - devicePath 2663 - name 2664 type: object 2665 type: array 2666 volumeMounts: 2667 description: Pod volumes to mount into the container's filesystem. 2668 Cannot be updated. 2669 items: 2670 description: VolumeMount describes a mounting of a Volume 2671 within a container. 2672 properties: 2673 mountPath: 2674 description: Path within the container at which the volume 2675 should be mounted. Must not contain ':'. 2676 type: string 2677 mountPropagation: 2678 description: mountPropagation determines how mounts are 2679 propagated from the host to container and the other 2680 way around. When not set, MountPropagationNone is used. 2681 This field is beta in 1.10. 2682 type: string 2683 name: 2684 description: This must match the Name of a Volume. 2685 type: string 2686 readOnly: 2687 description: Mounted read-only if true, read-write otherwise 2688 (false or unspecified). Defaults to false. 2689 type: boolean 2690 subPath: 2691 description: Path within the volume from which the container's 2692 volume should be mounted. Defaults to "" (volume's root). 2693 type: string 2694 subPathExpr: 2695 description: Expanded path within the volume from which 2696 the container's volume should be mounted. Behaves similarly 2697 to SubPath but environment variable references $(VAR_NAME) 2698 are expanded using the container's environment. Defaults 2699 to "" (volume's root). SubPathExpr and SubPath are mutually 2700 exclusive. 2701 type: string 2702 required: 2703 - mountPath 2704 - name 2705 type: object 2706 type: array 2707 workingDir: 2708 description: Container's working directory. If not specified, 2709 the container runtime's default will be used, which might 2710 be configured in the container image. Cannot be updated. 2711 type: string 2712 required: 2713 - name 2714 type: object 2715 type: array 2716 externalUrl: 2717 description: The external URL the Alertmanager instances will be available 2718 under. This is necessary to generate correct URLs. This is necessary 2719 if Alertmanager is not served from root of a DNS name. 2720 type: string 2721 forceEnableClusterMode: 2722 description: ForceEnableClusterMode ensures Alertmanager does not 2723 deactivate the cluster mode when running with a single replica. 2724 Use case is e.g. spanning an Alertmanager cluster across Kubernetes 2725 clusters with a single replica in each. 2726 type: boolean 2727 hostAliases: 2728 description: Pods' hostAliases configuration 2729 items: 2730 description: HostAlias holds the mapping between IP and hostnames 2731 that will be injected as an entry in the pod's hosts file. 2732 properties: 2733 hostnames: 2734 description: Hostnames for the above IP address. 2735 items: 2736 type: string 2737 type: array 2738 ip: 2739 description: IP address of the host file entry. 2740 type: string 2741 required: 2742 - hostnames 2743 - ip 2744 type: object 2745 type: array 2746 x-kubernetes-list-map-keys: 2747 - ip 2748 x-kubernetes-list-type: map 2749 image: 2750 description: Image if specified has precedence over baseImage, tag 2751 and sha combinations. Specifying the version is still necessary 2752 to ensure the Prometheus Operator knows what version of Alertmanager 2753 is being configured. 2754 type: string 2755 imagePullPolicy: 2756 description: Image pull policy for the 'alertmanager', 'init-config-reloader' 2757 and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy 2758 for more details. 2759 enum: 2760 - "" 2761 - Always 2762 - Never 2763 - IfNotPresent 2764 type: string 2765 imagePullSecrets: 2766 description: An optional list of references to secrets in the same 2767 namespace to use for pulling prometheus and alertmanager images 2768 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 2769 items: 2770 description: LocalObjectReference contains enough information to 2771 let you locate the referenced object inside the same namespace. 2772 properties: 2773 name: 2774 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2775 TODO: Add other useful fields. apiVersion, kind, uid?' 2776 type: string 2777 type: object 2778 x-kubernetes-map-type: atomic 2779 type: array 2780 initContainers: 2781 description: 'InitContainers allows adding initContainers to the pod 2782 definition. Those can be used to e.g. fetch secrets for injection 2783 into the Alertmanager configuration from external sources. Any errors 2784 during the execution of an initContainer will lead to a restart 2785 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 2786 Using initContainers for any use case other then secret fetching 2787 is entirely outside the scope of what the maintainers will support 2788 and by doing so, you accept that this behaviour may break at any 2789 time without notice.' 2790 items: 2791 description: A single application container that you want to run 2792 within a pod. 2793 properties: 2794 args: 2795 description: 'Arguments to the entrypoint. The container image''s 2796 CMD is used if this is not provided. Variable references $(VAR_NAME) 2797 are expanded using the container''s environment. If a variable 2798 cannot be resolved, the reference in the input string will 2799 be unchanged. Double $$ are reduced to a single $, which allows 2800 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 2801 produce the string literal "$(VAR_NAME)". Escaped references 2802 will never be expanded, regardless of whether the variable 2803 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2804 items: 2805 type: string 2806 type: array 2807 command: 2808 description: 'Entrypoint array. Not executed within a shell. 2809 The container image''s ENTRYPOINT is used if this is not provided. 2810 Variable references $(VAR_NAME) are expanded using the container''s 2811 environment. If a variable cannot be resolved, the reference 2812 in the input string will be unchanged. Double $$ are reduced 2813 to a single $, which allows for escaping the $(VAR_NAME) syntax: 2814 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 2815 Escaped references will never be expanded, regardless of whether 2816 the variable exists or not. Cannot be updated. More info: 2817 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 2818 items: 2819 type: string 2820 type: array 2821 env: 2822 description: List of environment variables to set in the container. 2823 Cannot be updated. 2824 items: 2825 description: EnvVar represents an environment variable present 2826 in a Container. 2827 properties: 2828 name: 2829 description: Name of the environment variable. Must be 2830 a C_IDENTIFIER. 2831 type: string 2832 value: 2833 description: 'Variable references $(VAR_NAME) are expanded 2834 using the previously defined environment variables in 2835 the container and any service environment variables. 2836 If a variable cannot be resolved, the reference in the 2837 input string will be unchanged. Double $$ are reduced 2838 to a single $, which allows for escaping the $(VAR_NAME) 2839 syntax: i.e. "$$(VAR_NAME)" will produce the string 2840 literal "$(VAR_NAME)". Escaped references will never 2841 be expanded, regardless of whether the variable exists 2842 or not. Defaults to "".' 2843 type: string 2844 valueFrom: 2845 description: Source for the environment variable's value. 2846 Cannot be used if value is not empty. 2847 properties: 2848 configMapKeyRef: 2849 description: Selects a key of a ConfigMap. 2850 properties: 2851 key: 2852 description: The key to select. 2853 type: string 2854 name: 2855 description: 'Name of the referent. More info: 2856 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2857 TODO: Add other useful fields. apiVersion, kind, 2858 uid?' 2859 type: string 2860 optional: 2861 description: Specify whether the ConfigMap or 2862 its key must be defined 2863 type: boolean 2864 required: 2865 - key 2866 type: object 2867 x-kubernetes-map-type: atomic 2868 fieldRef: 2869 description: 'Selects a field of the pod: supports 2870 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 2871 `metadata.annotations[''<KEY>'']`, spec.nodeName, 2872 spec.serviceAccountName, status.hostIP, status.podIP, 2873 status.podIPs.' 2874 properties: 2875 apiVersion: 2876 description: Version of the schema the FieldPath 2877 is written in terms of, defaults to "v1". 2878 type: string 2879 fieldPath: 2880 description: Path of the field to select in the 2881 specified API version. 2882 type: string 2883 required: 2884 - fieldPath 2885 type: object 2886 x-kubernetes-map-type: atomic 2887 resourceFieldRef: 2888 description: 'Selects a resource of the container: 2889 only resources limits and requests (limits.cpu, 2890 limits.memory, limits.ephemeral-storage, requests.cpu, 2891 requests.memory and requests.ephemeral-storage) 2892 are currently supported.' 2893 properties: 2894 containerName: 2895 description: 'Container name: required for volumes, 2896 optional for env vars' 2897 type: string 2898 divisor: 2899 anyOf: 2900 - type: integer 2901 - type: string 2902 description: Specifies the output format of the 2903 exposed resources, defaults to "1" 2904 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2905 x-kubernetes-int-or-string: true 2906 resource: 2907 description: 'Required: resource to select' 2908 type: string 2909 required: 2910 - resource 2911 type: object 2912 x-kubernetes-map-type: atomic 2913 secretKeyRef: 2914 description: Selects a key of a secret in the pod's 2915 namespace 2916 properties: 2917 key: 2918 description: The key of the secret to select from. Must 2919 be a valid secret key. 2920 type: string 2921 name: 2922 description: 'Name of the referent. More info: 2923 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2924 TODO: Add other useful fields. apiVersion, kind, 2925 uid?' 2926 type: string 2927 optional: 2928 description: Specify whether the Secret or its 2929 key must be defined 2930 type: boolean 2931 required: 2932 - key 2933 type: object 2934 x-kubernetes-map-type: atomic 2935 type: object 2936 required: 2937 - name 2938 type: object 2939 type: array 2940 envFrom: 2941 description: List of sources to populate environment variables 2942 in the container. The keys defined within a source must be 2943 a C_IDENTIFIER. All invalid keys will be reported as an event 2944 when the container is starting. When a key exists in multiple 2945 sources, the value associated with the last source will take 2946 precedence. Values defined by an Env with a duplicate key 2947 will take precedence. Cannot be updated. 2948 items: 2949 description: EnvFromSource represents the source of a set 2950 of ConfigMaps 2951 properties: 2952 configMapRef: 2953 description: The ConfigMap to select from 2954 properties: 2955 name: 2956 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2957 TODO: Add other useful fields. apiVersion, kind, 2958 uid?' 2959 type: string 2960 optional: 2961 description: Specify whether the ConfigMap must be 2962 defined 2963 type: boolean 2964 type: object 2965 x-kubernetes-map-type: atomic 2966 prefix: 2967 description: An optional identifier to prepend to each 2968 key in the ConfigMap. Must be a C_IDENTIFIER. 2969 type: string 2970 secretRef: 2971 description: The Secret to select from 2972 properties: 2973 name: 2974 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2975 TODO: Add other useful fields. apiVersion, kind, 2976 uid?' 2977 type: string 2978 optional: 2979 description: Specify whether the Secret must be defined 2980 type: boolean 2981 type: object 2982 x-kubernetes-map-type: atomic 2983 type: object 2984 type: array 2985 image: 2986 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 2987 This field is optional to allow higher level config management 2988 to default or override container images in workload controllers 2989 like Deployments and StatefulSets.' 2990 type: string 2991 imagePullPolicy: 2992 description: 'Image pull policy. One of Always, Never, IfNotPresent. 2993 Defaults to Always if :latest tag is specified, or IfNotPresent 2994 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2995 type: string 2996 lifecycle: 2997 description: Actions that the management system should take 2998 in response to container lifecycle events. Cannot be updated. 2999 properties: 3000 postStart: 3001 description: 'PostStart is called immediately after a container 3002 is created. If the handler fails, the container is terminated 3003 and restarted according to its restart policy. Other management 3004 of the container blocks until the hook completes. More 3005 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3006 properties: 3007 exec: 3008 description: Exec specifies the action to take. 3009 properties: 3010 command: 3011 description: Command is the command line to execute 3012 inside the container, the working directory for 3013 the command is root ('/') in the container's 3014 filesystem. The command is simply exec'd, it is 3015 not run inside a shell, so traditional shell instructions 3016 ('|', etc) won't work. To use a shell, you need 3017 to explicitly call out to that shell. Exit status 3018 of 0 is treated as live/healthy and non-zero is 3019 unhealthy. 3020 items: 3021 type: string 3022 type: array 3023 type: object 3024 httpGet: 3025 description: HTTPGet specifies the http request to perform. 3026 properties: 3027 host: 3028 description: Host name to connect to, defaults to 3029 the pod IP. You probably want to set "Host" in 3030 httpHeaders instead. 3031 type: string 3032 httpHeaders: 3033 description: Custom headers to set in the request. 3034 HTTP allows repeated headers. 3035 items: 3036 description: HTTPHeader describes a custom header 3037 to be used in HTTP probes 3038 properties: 3039 name: 3040 description: The header field name 3041 type: string 3042 value: 3043 description: The header field value 3044 type: string 3045 required: 3046 - name 3047 - value 3048 type: object 3049 type: array 3050 path: 3051 description: Path to access on the HTTP server. 3052 type: string 3053 port: 3054 anyOf: 3055 - type: integer 3056 - type: string 3057 description: Name or number of the port to access 3058 on the container. Number must be in the range 3059 1 to 65535. Name must be an IANA_SVC_NAME. 3060 x-kubernetes-int-or-string: true 3061 scheme: 3062 description: Scheme to use for connecting to the 3063 host. Defaults to HTTP. 3064 type: string 3065 required: 3066 - port 3067 type: object 3068 tcpSocket: 3069 description: Deprecated. TCPSocket is NOT supported 3070 as a LifecycleHandler and kept for the backward compatibility. 3071 There are no validation of this field and lifecycle 3072 hooks will fail in runtime when tcp handler is specified. 3073 properties: 3074 host: 3075 description: 'Optional: Host name to connect to, 3076 defaults to the pod IP.' 3077 type: string 3078 port: 3079 anyOf: 3080 - type: integer 3081 - type: string 3082 description: Number or name of the port to access 3083 on the container. Number must be in the range 3084 1 to 65535. Name must be an IANA_SVC_NAME. 3085 x-kubernetes-int-or-string: true 3086 required: 3087 - port 3088 type: object 3089 type: object 3090 preStop: 3091 description: 'PreStop is called immediately before a container 3092 is terminated due to an API request or management event 3093 such as liveness/startup probe failure, preemption, resource 3094 contention, etc. The handler is not called if the container 3095 crashes or exits. The Pod''s termination grace period 3096 countdown begins before the PreStop hook is executed. 3097 Regardless of the outcome of the handler, the container 3098 will eventually terminate within the Pod''s termination 3099 grace period (unless delayed by finalizers). Other management 3100 of the container blocks until the hook completes or until 3101 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3102 properties: 3103 exec: 3104 description: Exec specifies the action to take. 3105 properties: 3106 command: 3107 description: Command is the command line to execute 3108 inside the container, the working directory for 3109 the command is root ('/') in the container's 3110 filesystem. The command is simply exec'd, it is 3111 not run inside a shell, so traditional shell instructions 3112 ('|', etc) won't work. To use a shell, you need 3113 to explicitly call out to that shell. Exit status 3114 of 0 is treated as live/healthy and non-zero is 3115 unhealthy. 3116 items: 3117 type: string 3118 type: array 3119 type: object 3120 httpGet: 3121 description: HTTPGet specifies the http request to perform. 3122 properties: 3123 host: 3124 description: Host name to connect to, defaults to 3125 the pod IP. You probably want to set "Host" in 3126 httpHeaders instead. 3127 type: string 3128 httpHeaders: 3129 description: Custom headers to set in the request. 3130 HTTP allows repeated headers. 3131 items: 3132 description: HTTPHeader describes a custom header 3133 to be used in HTTP probes 3134 properties: 3135 name: 3136 description: The header field name 3137 type: string 3138 value: 3139 description: The header field value 3140 type: string 3141 required: 3142 - name 3143 - value 3144 type: object 3145 type: array 3146 path: 3147 description: Path to access on the HTTP server. 3148 type: string 3149 port: 3150 anyOf: 3151 - type: integer 3152 - type: string 3153 description: Name or number of the port to access 3154 on the container. Number must be in the range 3155 1 to 65535. Name must be an IANA_SVC_NAME. 3156 x-kubernetes-int-or-string: true 3157 scheme: 3158 description: Scheme to use for connecting to the 3159 host. Defaults to HTTP. 3160 type: string 3161 required: 3162 - port 3163 type: object 3164 tcpSocket: 3165 description: Deprecated. TCPSocket is NOT supported 3166 as a LifecycleHandler and kept for the backward compatibility. 3167 There are no validation of this field and lifecycle 3168 hooks will fail in runtime when tcp handler is specified. 3169 properties: 3170 host: 3171 description: 'Optional: Host name to connect to, 3172 defaults to the pod IP.' 3173 type: string 3174 port: 3175 anyOf: 3176 - type: integer 3177 - type: string 3178 description: Number or name of the port to access 3179 on the container. Number must be in the range 3180 1 to 65535. Name must be an IANA_SVC_NAME. 3181 x-kubernetes-int-or-string: true 3182 required: 3183 - port 3184 type: object 3185 type: object 3186 type: object 3187 livenessProbe: 3188 description: 'Periodic probe of container liveness. Container 3189 will be restarted if the probe fails. Cannot be updated. More 3190 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3191 properties: 3192 exec: 3193 description: Exec specifies the action to take. 3194 properties: 3195 command: 3196 description: Command is the command line to execute 3197 inside the container, the working directory for the 3198 command is root ('/') in the container's filesystem. 3199 The command is simply exec'd, it is not run inside 3200 a shell, so traditional shell instructions ('|', etc) 3201 won't work. To use a shell, you need to explicitly 3202 call out to that shell. Exit status of 0 is treated 3203 as live/healthy and non-zero is unhealthy. 3204 items: 3205 type: string 3206 type: array 3207 type: object 3208 failureThreshold: 3209 description: Minimum consecutive failures for the probe 3210 to be considered failed after having succeeded. Defaults 3211 to 3. Minimum value is 1. 3212 format: int32 3213 type: integer 3214 grpc: 3215 description: GRPC specifies an action involving a GRPC port. 3216 This is a beta field and requires enabling GRPCContainerProbe 3217 feature gate. 3218 properties: 3219 port: 3220 description: Port number of the gRPC service. Number 3221 must be in the range 1 to 65535. 3222 format: int32 3223 type: integer 3224 service: 3225 description: "Service is the name of the service to 3226 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3227 \n If this is not specified, the default behavior 3228 is defined by gRPC." 3229 type: string 3230 required: 3231 - port 3232 type: object 3233 httpGet: 3234 description: HTTPGet specifies the http request to perform. 3235 properties: 3236 host: 3237 description: Host name to connect to, defaults to the 3238 pod IP. You probably want to set "Host" in httpHeaders 3239 instead. 3240 type: string 3241 httpHeaders: 3242 description: Custom headers to set in the request. HTTP 3243 allows repeated headers. 3244 items: 3245 description: HTTPHeader describes a custom header 3246 to be used in HTTP probes 3247 properties: 3248 name: 3249 description: The header field name 3250 type: string 3251 value: 3252 description: The header field value 3253 type: string 3254 required: 3255 - name 3256 - value 3257 type: object 3258 type: array 3259 path: 3260 description: Path to access on the HTTP server. 3261 type: string 3262 port: 3263 anyOf: 3264 - type: integer 3265 - type: string 3266 description: Name or number of the port to access on 3267 the container. Number must be in the range 1 to 65535. 3268 Name must be an IANA_SVC_NAME. 3269 x-kubernetes-int-or-string: true 3270 scheme: 3271 description: Scheme to use for connecting to the host. 3272 Defaults to HTTP. 3273 type: string 3274 required: 3275 - port 3276 type: object 3277 initialDelaySeconds: 3278 description: 'Number of seconds after the container has 3279 started before liveness probes are initiated. More info: 3280 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3281 format: int32 3282 type: integer 3283 periodSeconds: 3284 description: How often (in seconds) to perform the probe. 3285 Default to 10 seconds. Minimum value is 1. 3286 format: int32 3287 type: integer 3288 successThreshold: 3289 description: Minimum consecutive successes for the probe 3290 to be considered successful after having failed. Defaults 3291 to 1. Must be 1 for liveness and startup. Minimum value 3292 is 1. 3293 format: int32 3294 type: integer 3295 tcpSocket: 3296 description: TCPSocket specifies an action involving a TCP 3297 port. 3298 properties: 3299 host: 3300 description: 'Optional: Host name to connect to, defaults 3301 to the pod IP.' 3302 type: string 3303 port: 3304 anyOf: 3305 - type: integer 3306 - type: string 3307 description: Number or name of the port to access on 3308 the container. Number must be in the range 1 to 65535. 3309 Name must be an IANA_SVC_NAME. 3310 x-kubernetes-int-or-string: true 3311 required: 3312 - port 3313 type: object 3314 terminationGracePeriodSeconds: 3315 description: Optional duration in seconds the pod needs 3316 to terminate gracefully upon probe failure. The grace 3317 period is the duration in seconds after the processes 3318 running in the pod are sent a termination signal and the 3319 time when the processes are forcibly halted with a kill 3320 signal. Set this value longer than the expected cleanup 3321 time for your process. If this value is nil, the pod's 3322 terminationGracePeriodSeconds will be used. Otherwise, 3323 this value overrides the value provided by the pod spec. 3324 Value must be non-negative integer. The value zero indicates 3325 stop immediately via the kill signal (no opportunity to 3326 shut down). This is a beta field and requires enabling 3327 ProbeTerminationGracePeriod feature gate. Minimum value 3328 is 1. spec.terminationGracePeriodSeconds is used if unset. 3329 format: int64 3330 type: integer 3331 timeoutSeconds: 3332 description: 'Number of seconds after which the probe times 3333 out. Defaults to 1 second. Minimum value is 1. More info: 3334 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3335 format: int32 3336 type: integer 3337 type: object 3338 name: 3339 description: Name of the container specified as a DNS_LABEL. 3340 Each container in a pod must have a unique name (DNS_LABEL). 3341 Cannot be updated. 3342 type: string 3343 ports: 3344 description: List of ports to expose from the container. Not 3345 specifying a port here DOES NOT prevent that port from being 3346 exposed. Any port which is listening on the default "0.0.0.0" 3347 address inside a container will be accessible from the network. 3348 Modifying this array with strategic merge patch may corrupt 3349 the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. 3350 Cannot be updated. 3351 items: 3352 description: ContainerPort represents a network port in a 3353 single container. 3354 properties: 3355 containerPort: 3356 description: Number of port to expose on the pod's IP 3357 address. This must be a valid port number, 0 < x < 65536. 3358 format: int32 3359 type: integer 3360 hostIP: 3361 description: What host IP to bind the external port to. 3362 type: string 3363 hostPort: 3364 description: Number of port to expose on the host. If 3365 specified, this must be a valid port number, 0 < x < 3366 65536. If HostNetwork is specified, this must match 3367 ContainerPort. Most containers do not need this. 3368 format: int32 3369 type: integer 3370 name: 3371 description: If specified, this must be an IANA_SVC_NAME 3372 and unique within the pod. Each named port in a pod 3373 must have a unique name. Name for the port that can 3374 be referred to by services. 3375 type: string 3376 protocol: 3377 default: TCP 3378 description: Protocol for port. Must be UDP, TCP, or SCTP. 3379 Defaults to "TCP". 3380 type: string 3381 required: 3382 - containerPort 3383 type: object 3384 type: array 3385 x-kubernetes-list-map-keys: 3386 - containerPort 3387 - protocol 3388 x-kubernetes-list-type: map 3389 readinessProbe: 3390 description: 'Periodic probe of container service readiness. 3391 Container will be removed from service endpoints if the probe 3392 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3393 properties: 3394 exec: 3395 description: Exec specifies the action to take. 3396 properties: 3397 command: 3398 description: Command is the command line to execute 3399 inside the container, the working directory for the 3400 command is root ('/') in the container's filesystem. 3401 The command is simply exec'd, it is not run inside 3402 a shell, so traditional shell instructions ('|', etc) 3403 won't work. To use a shell, you need to explicitly 3404 call out to that shell. Exit status of 0 is treated 3405 as live/healthy and non-zero is unhealthy. 3406 items: 3407 type: string 3408 type: array 3409 type: object 3410 failureThreshold: 3411 description: Minimum consecutive failures for the probe 3412 to be considered failed after having succeeded. Defaults 3413 to 3. Minimum value is 1. 3414 format: int32 3415 type: integer 3416 grpc: 3417 description: GRPC specifies an action involving a GRPC port. 3418 This is a beta field and requires enabling GRPCContainerProbe 3419 feature gate. 3420 properties: 3421 port: 3422 description: Port number of the gRPC service. Number 3423 must be in the range 1 to 65535. 3424 format: int32 3425 type: integer 3426 service: 3427 description: "Service is the name of the service to 3428 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3429 \n If this is not specified, the default behavior 3430 is defined by gRPC." 3431 type: string 3432 required: 3433 - port 3434 type: object 3435 httpGet: 3436 description: HTTPGet specifies the http request to perform. 3437 properties: 3438 host: 3439 description: Host name to connect to, defaults to the 3440 pod IP. You probably want to set "Host" in httpHeaders 3441 instead. 3442 type: string 3443 httpHeaders: 3444 description: Custom headers to set in the request. HTTP 3445 allows repeated headers. 3446 items: 3447 description: HTTPHeader describes a custom header 3448 to be used in HTTP probes 3449 properties: 3450 name: 3451 description: The header field name 3452 type: string 3453 value: 3454 description: The header field value 3455 type: string 3456 required: 3457 - name 3458 - value 3459 type: object 3460 type: array 3461 path: 3462 description: Path to access on the HTTP server. 3463 type: string 3464 port: 3465 anyOf: 3466 - type: integer 3467 - type: string 3468 description: Name or number of the port to access on 3469 the container. Number must be in the range 1 to 65535. 3470 Name must be an IANA_SVC_NAME. 3471 x-kubernetes-int-or-string: true 3472 scheme: 3473 description: Scheme to use for connecting to the host. 3474 Defaults to HTTP. 3475 type: string 3476 required: 3477 - port 3478 type: object 3479 initialDelaySeconds: 3480 description: 'Number of seconds after the container has 3481 started before liveness probes are initiated. More info: 3482 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3483 format: int32 3484 type: integer 3485 periodSeconds: 3486 description: How often (in seconds) to perform the probe. 3487 Default to 10 seconds. Minimum value is 1. 3488 format: int32 3489 type: integer 3490 successThreshold: 3491 description: Minimum consecutive successes for the probe 3492 to be considered successful after having failed. Defaults 3493 to 1. Must be 1 for liveness and startup. Minimum value 3494 is 1. 3495 format: int32 3496 type: integer 3497 tcpSocket: 3498 description: TCPSocket specifies an action involving a TCP 3499 port. 3500 properties: 3501 host: 3502 description: 'Optional: Host name to connect to, defaults 3503 to the pod IP.' 3504 type: string 3505 port: 3506 anyOf: 3507 - type: integer 3508 - type: string 3509 description: Number or name of the port to access on 3510 the container. Number must be in the range 1 to 65535. 3511 Name must be an IANA_SVC_NAME. 3512 x-kubernetes-int-or-string: true 3513 required: 3514 - port 3515 type: object 3516 terminationGracePeriodSeconds: 3517 description: Optional duration in seconds the pod needs 3518 to terminate gracefully upon probe failure. The grace 3519 period is the duration in seconds after the processes 3520 running in the pod are sent a termination signal and the 3521 time when the processes are forcibly halted with a kill 3522 signal. Set this value longer than the expected cleanup 3523 time for your process. If this value is nil, the pod's 3524 terminationGracePeriodSeconds will be used. Otherwise, 3525 this value overrides the value provided by the pod spec. 3526 Value must be non-negative integer. The value zero indicates 3527 stop immediately via the kill signal (no opportunity to 3528 shut down). This is a beta field and requires enabling 3529 ProbeTerminationGracePeriod feature gate. Minimum value 3530 is 1. spec.terminationGracePeriodSeconds is used if unset. 3531 format: int64 3532 type: integer 3533 timeoutSeconds: 3534 description: 'Number of seconds after which the probe times 3535 out. Defaults to 1 second. Minimum value is 1. More info: 3536 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3537 format: int32 3538 type: integer 3539 type: object 3540 resources: 3541 description: 'Compute Resources required by this container. 3542 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3543 properties: 3544 claims: 3545 description: "Claims lists the names of resources, defined 3546 in spec.resourceClaims, that are used by this container. 3547 \n This is an alpha field and requires enabling the DynamicResourceAllocation 3548 feature gate. \n This field is immutable." 3549 items: 3550 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 3551 properties: 3552 name: 3553 description: Name must match the name of one entry 3554 in pod.spec.resourceClaims of the Pod where this 3555 field is used. It makes that resource available 3556 inside a container. 3557 type: string 3558 required: 3559 - name 3560 type: object 3561 type: array 3562 x-kubernetes-list-map-keys: 3563 - name 3564 x-kubernetes-list-type: map 3565 limits: 3566 additionalProperties: 3567 anyOf: 3568 - type: integer 3569 - type: string 3570 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3571 x-kubernetes-int-or-string: true 3572 description: 'Limits describes the maximum amount of compute 3573 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3574 type: object 3575 requests: 3576 additionalProperties: 3577 anyOf: 3578 - type: integer 3579 - type: string 3580 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3581 x-kubernetes-int-or-string: true 3582 description: 'Requests describes the minimum amount of compute 3583 resources required. If Requests is omitted for a container, 3584 it defaults to Limits if that is explicitly specified, 3585 otherwise to an implementation-defined value. More info: 3586 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3587 type: object 3588 type: object 3589 securityContext: 3590 description: 'SecurityContext defines the security options the 3591 container should be run with. If set, the fields of SecurityContext 3592 override the equivalent fields of PodSecurityContext. More 3593 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3594 properties: 3595 allowPrivilegeEscalation: 3596 description: 'AllowPrivilegeEscalation controls whether 3597 a process can gain more privileges than its parent process. 3598 This bool directly controls if the no_new_privs flag will 3599 be set on the container process. AllowPrivilegeEscalation 3600 is true always when the container is: 1) run as Privileged 3601 2) has CAP_SYS_ADMIN Note that this field cannot be set 3602 when spec.os.name is windows.' 3603 type: boolean 3604 capabilities: 3605 description: The capabilities to add/drop when running containers. 3606 Defaults to the default set of capabilities granted by 3607 the container runtime. Note that this field cannot be 3608 set when spec.os.name is windows. 3609 properties: 3610 add: 3611 description: Added capabilities 3612 items: 3613 description: Capability represent POSIX capabilities 3614 type 3615 type: string 3616 type: array 3617 drop: 3618 description: Removed capabilities 3619 items: 3620 description: Capability represent POSIX capabilities 3621 type 3622 type: string 3623 type: array 3624 type: object 3625 privileged: 3626 description: Run container in privileged mode. Processes 3627 in privileged containers are essentially equivalent to 3628 root on the host. Defaults to false. Note that this field 3629 cannot be set when spec.os.name is windows. 3630 type: boolean 3631 procMount: 3632 description: procMount denotes the type of proc mount to 3633 use for the containers. The default is DefaultProcMount 3634 which uses the container runtime defaults for readonly 3635 paths and masked paths. This requires the ProcMountType 3636 feature flag to be enabled. Note that this field cannot 3637 be set when spec.os.name is windows. 3638 type: string 3639 readOnlyRootFilesystem: 3640 description: Whether this container has a read-only root 3641 filesystem. Default is false. Note that this field cannot 3642 be set when spec.os.name is windows. 3643 type: boolean 3644 runAsGroup: 3645 description: The GID to run the entrypoint of the container 3646 process. Uses runtime default if unset. May also be set 3647 in PodSecurityContext. If set in both SecurityContext 3648 and PodSecurityContext, the value specified in SecurityContext 3649 takes precedence. Note that this field cannot be set when 3650 spec.os.name is windows. 3651 format: int64 3652 type: integer 3653 runAsNonRoot: 3654 description: Indicates that the container must run as a 3655 non-root user. If true, the Kubelet will validate the 3656 image at runtime to ensure that it does not run as UID 3657 0 (root) and fail to start the container if it does. If 3658 unset or false, no such validation will be performed. 3659 May also be set in PodSecurityContext. If set in both 3660 SecurityContext and PodSecurityContext, the value specified 3661 in SecurityContext takes precedence. 3662 type: boolean 3663 runAsUser: 3664 description: The UID to run the entrypoint of the container 3665 process. Defaults to user specified in image metadata 3666 if unspecified. May also be set in PodSecurityContext. If 3667 set in both SecurityContext and PodSecurityContext, the 3668 value specified in SecurityContext takes precedence. Note 3669 that this field cannot be set when spec.os.name is windows. 3670 format: int64 3671 type: integer 3672 seLinuxOptions: 3673 description: The SELinux context to be applied to the container. 3674 If unspecified, the container runtime will allocate a 3675 random SELinux context for each container. May also be 3676 set in PodSecurityContext. If set in both SecurityContext 3677 and PodSecurityContext, the value specified in SecurityContext 3678 takes precedence. Note that this field cannot be set when 3679 spec.os.name is windows. 3680 properties: 3681 level: 3682 description: Level is SELinux level label that applies 3683 to the container. 3684 type: string 3685 role: 3686 description: Role is a SELinux role label that applies 3687 to the container. 3688 type: string 3689 type: 3690 description: Type is a SELinux type label that applies 3691 to the container. 3692 type: string 3693 user: 3694 description: User is a SELinux user label that applies 3695 to the container. 3696 type: string 3697 type: object 3698 seccompProfile: 3699 description: The seccomp options to use by this container. 3700 If seccomp options are provided at both the pod & container 3701 level, the container options override the pod options. 3702 Note that this field cannot be set when spec.os.name is 3703 windows. 3704 properties: 3705 localhostProfile: 3706 description: localhostProfile indicates a profile defined 3707 in a file on the node should be used. The profile 3708 must be preconfigured on the node to work. Must be 3709 a descending path, relative to the kubelet's configured 3710 seccomp profile location. Must only be set if type 3711 is "Localhost". 3712 type: string 3713 type: 3714 description: "type indicates which kind of seccomp profile 3715 will be applied. Valid options are: \n Localhost - 3716 a profile defined in a file on the node should be 3717 used. RuntimeDefault - the container runtime default 3718 profile should be used. Unconfined - no profile should 3719 be applied." 3720 type: string 3721 required: 3722 - type 3723 type: object 3724 windowsOptions: 3725 description: The Windows specific settings applied to all 3726 containers. If unspecified, the options from the PodSecurityContext 3727 will be used. If set in both SecurityContext and PodSecurityContext, 3728 the value specified in SecurityContext takes precedence. 3729 Note that this field cannot be set when spec.os.name is 3730 linux. 3731 properties: 3732 gmsaCredentialSpec: 3733 description: GMSACredentialSpec is where the GMSA admission 3734 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3735 inlines the contents of the GMSA credential spec named 3736 by the GMSACredentialSpecName field. 3737 type: string 3738 gmsaCredentialSpecName: 3739 description: GMSACredentialSpecName is the name of the 3740 GMSA credential spec to use. 3741 type: string 3742 hostProcess: 3743 description: HostProcess determines if a container should 3744 be run as a 'Host Process' container. This field is 3745 alpha-level and will only be honored by components 3746 that enable the WindowsHostProcessContainers feature 3747 flag. Setting this field without the feature flag 3748 will result in errors when validating the Pod. All 3749 of a Pod's containers must have the same effective 3750 HostProcess value (it is not allowed to have a mix 3751 of HostProcess containers and non-HostProcess containers). In 3752 addition, if HostProcess is true then HostNetwork 3753 must also be set to true. 3754 type: boolean 3755 runAsUserName: 3756 description: The UserName in Windows to run the entrypoint 3757 of the container process. Defaults to the user specified 3758 in image metadata if unspecified. May also be set 3759 in PodSecurityContext. If set in both SecurityContext 3760 and PodSecurityContext, the value specified in SecurityContext 3761 takes precedence. 3762 type: string 3763 type: object 3764 type: object 3765 startupProbe: 3766 description: 'StartupProbe indicates that the Pod has successfully 3767 initialized. If specified, no other probes are executed until 3768 this completes successfully. If this probe fails, the Pod 3769 will be restarted, just as if the livenessProbe failed. This 3770 can be used to provide different probe parameters at the beginning 3771 of a Pod''s lifecycle, when it might take a long time to load 3772 data or warm a cache, than during steady-state operation. 3773 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3774 properties: 3775 exec: 3776 description: Exec specifies the action to take. 3777 properties: 3778 command: 3779 description: Command is the command line to execute 3780 inside the container, the working directory for the 3781 command is root ('/') in the container's filesystem. 3782 The command is simply exec'd, it is not run inside 3783 a shell, so traditional shell instructions ('|', etc) 3784 won't work. To use a shell, you need to explicitly 3785 call out to that shell. Exit status of 0 is treated 3786 as live/healthy and non-zero is unhealthy. 3787 items: 3788 type: string 3789 type: array 3790 type: object 3791 failureThreshold: 3792 description: Minimum consecutive failures for the probe 3793 to be considered failed after having succeeded. Defaults 3794 to 3. Minimum value is 1. 3795 format: int32 3796 type: integer 3797 grpc: 3798 description: GRPC specifies an action involving a GRPC port. 3799 This is a beta field and requires enabling GRPCContainerProbe 3800 feature gate. 3801 properties: 3802 port: 3803 description: Port number of the gRPC service. Number 3804 must be in the range 1 to 65535. 3805 format: int32 3806 type: integer 3807 service: 3808 description: "Service is the name of the service to 3809 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3810 \n If this is not specified, the default behavior 3811 is defined by gRPC." 3812 type: string 3813 required: 3814 - port 3815 type: object 3816 httpGet: 3817 description: HTTPGet specifies the http request to perform. 3818 properties: 3819 host: 3820 description: Host name to connect to, defaults to the 3821 pod IP. You probably want to set "Host" in httpHeaders 3822 instead. 3823 type: string 3824 httpHeaders: 3825 description: Custom headers to set in the request. HTTP 3826 allows repeated headers. 3827 items: 3828 description: HTTPHeader describes a custom header 3829 to be used in HTTP probes 3830 properties: 3831 name: 3832 description: The header field name 3833 type: string 3834 value: 3835 description: The header field value 3836 type: string 3837 required: 3838 - name 3839 - value 3840 type: object 3841 type: array 3842 path: 3843 description: Path to access on the HTTP server. 3844 type: string 3845 port: 3846 anyOf: 3847 - type: integer 3848 - type: string 3849 description: Name or number of the port to access on 3850 the container. Number must be in the range 1 to 65535. 3851 Name must be an IANA_SVC_NAME. 3852 x-kubernetes-int-or-string: true 3853 scheme: 3854 description: Scheme to use for connecting to the host. 3855 Defaults to HTTP. 3856 type: string 3857 required: 3858 - port 3859 type: object 3860 initialDelaySeconds: 3861 description: 'Number of seconds after the container has 3862 started before liveness probes are initiated. More info: 3863 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3864 format: int32 3865 type: integer 3866 periodSeconds: 3867 description: How often (in seconds) to perform the probe. 3868 Default to 10 seconds. Minimum value is 1. 3869 format: int32 3870 type: integer 3871 successThreshold: 3872 description: Minimum consecutive successes for the probe 3873 to be considered successful after having failed. Defaults 3874 to 1. Must be 1 for liveness and startup. Minimum value 3875 is 1. 3876 format: int32 3877 type: integer 3878 tcpSocket: 3879 description: TCPSocket specifies an action involving a TCP 3880 port. 3881 properties: 3882 host: 3883 description: 'Optional: Host name to connect to, defaults 3884 to the pod IP.' 3885 type: string 3886 port: 3887 anyOf: 3888 - type: integer 3889 - type: string 3890 description: Number or name of the port to access on 3891 the container. Number must be in the range 1 to 65535. 3892 Name must be an IANA_SVC_NAME. 3893 x-kubernetes-int-or-string: true 3894 required: 3895 - port 3896 type: object 3897 terminationGracePeriodSeconds: 3898 description: Optional duration in seconds the pod needs 3899 to terminate gracefully upon probe failure. The grace 3900 period is the duration in seconds after the processes 3901 running in the pod are sent a termination signal and the 3902 time when the processes are forcibly halted with a kill 3903 signal. Set this value longer than the expected cleanup 3904 time for your process. If this value is nil, the pod's 3905 terminationGracePeriodSeconds will be used. Otherwise, 3906 this value overrides the value provided by the pod spec. 3907 Value must be non-negative integer. The value zero indicates 3908 stop immediately via the kill signal (no opportunity to 3909 shut down). This is a beta field and requires enabling 3910 ProbeTerminationGracePeriod feature gate. Minimum value 3911 is 1. spec.terminationGracePeriodSeconds is used if unset. 3912 format: int64 3913 type: integer 3914 timeoutSeconds: 3915 description: 'Number of seconds after which the probe times 3916 out. Defaults to 1 second. Minimum value is 1. More info: 3917 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3918 format: int32 3919 type: integer 3920 type: object 3921 stdin: 3922 description: Whether this container should allocate a buffer 3923 for stdin in the container runtime. If this is not set, reads 3924 from stdin in the container will always result in EOF. Default 3925 is false. 3926 type: boolean 3927 stdinOnce: 3928 description: Whether the container runtime should close the 3929 stdin channel after it has been opened by a single attach. 3930 When stdin is true the stdin stream will remain open across 3931 multiple attach sessions. If stdinOnce is set to true, stdin 3932 is opened on container start, is empty until the first client 3933 attaches to stdin, and then remains open and accepts data 3934 until the client disconnects, at which time stdin is closed 3935 and remains closed until the container is restarted. If this 3936 flag is false, a container processes that reads from stdin 3937 will never receive an EOF. Default is false 3938 type: boolean 3939 terminationMessagePath: 3940 description: 'Optional: Path at which the file to which the 3941 container''s termination message will be written is mounted 3942 into the container''s filesystem. Message written is intended 3943 to be brief final status, such as an assertion failure message. 3944 Will be truncated by the node if greater than 4096 bytes. 3945 The total message length across all containers will be limited 3946 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 3947 type: string 3948 terminationMessagePolicy: 3949 description: Indicate how the termination message should be 3950 populated. File will use the contents of terminationMessagePath 3951 to populate the container status message on both success and 3952 failure. FallbackToLogsOnError will use the last chunk of 3953 container log output if the termination message file is empty 3954 and the container exited with an error. The log output is 3955 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 3956 to File. Cannot be updated. 3957 type: string 3958 tty: 3959 description: Whether this container should allocate a TTY for 3960 itself, also requires 'stdin' to be true. Default is false. 3961 type: boolean 3962 volumeDevices: 3963 description: volumeDevices is the list of block devices to be 3964 used by the container. 3965 items: 3966 description: volumeDevice describes a mapping of a raw block 3967 device within a container. 3968 properties: 3969 devicePath: 3970 description: devicePath is the path inside of the container 3971 that the device will be mapped to. 3972 type: string 3973 name: 3974 description: name must match the name of a persistentVolumeClaim 3975 in the pod 3976 type: string 3977 required: 3978 - devicePath 3979 - name 3980 type: object 3981 type: array 3982 volumeMounts: 3983 description: Pod volumes to mount into the container's filesystem. 3984 Cannot be updated. 3985 items: 3986 description: VolumeMount describes a mounting of a Volume 3987 within a container. 3988 properties: 3989 mountPath: 3990 description: Path within the container at which the volume 3991 should be mounted. Must not contain ':'. 3992 type: string 3993 mountPropagation: 3994 description: mountPropagation determines how mounts are 3995 propagated from the host to container and the other 3996 way around. When not set, MountPropagationNone is used. 3997 This field is beta in 1.10. 3998 type: string 3999 name: 4000 description: This must match the Name of a Volume. 4001 type: string 4002 readOnly: 4003 description: Mounted read-only if true, read-write otherwise 4004 (false or unspecified). Defaults to false. 4005 type: boolean 4006 subPath: 4007 description: Path within the volume from which the container's 4008 volume should be mounted. Defaults to "" (volume's root). 4009 type: string 4010 subPathExpr: 4011 description: Expanded path within the volume from which 4012 the container's volume should be mounted. Behaves similarly 4013 to SubPath but environment variable references $(VAR_NAME) 4014 are expanded using the container's environment. Defaults 4015 to "" (volume's root). SubPathExpr and SubPath are mutually 4016 exclusive. 4017 type: string 4018 required: 4019 - mountPath 4020 - name 4021 type: object 4022 type: array 4023 workingDir: 4024 description: Container's working directory. If not specified, 4025 the container runtime's default will be used, which might 4026 be configured in the container image. Cannot be updated. 4027 type: string 4028 required: 4029 - name 4030 type: object 4031 type: array 4032 listenLocal: 4033 description: ListenLocal makes the Alertmanager server listen on loopback, 4034 so that it does not bind against the Pod IP. Note this is only for 4035 the Alertmanager UI, not the gossip communication. 4036 type: boolean 4037 logFormat: 4038 description: Log format for Alertmanager to be configured with. 4039 enum: 4040 - "" 4041 - logfmt 4042 - json 4043 type: string 4044 logLevel: 4045 description: Log level for Alertmanager to be configured with. 4046 enum: 4047 - "" 4048 - debug 4049 - info 4050 - warn 4051 - error 4052 type: string 4053 minReadySeconds: 4054 description: Minimum number of seconds for which a newly created pod 4055 should be ready without any of its container crashing for it to 4056 be considered available. Defaults to 0 (pod will be considered available 4057 as soon as it is ready) This is an alpha field from kubernetes 1.22 4058 until 1.24 which requires enabling the StatefulSetMinReadySeconds 4059 feature gate. 4060 format: int32 4061 type: integer 4062 nodeSelector: 4063 additionalProperties: 4064 type: string 4065 description: Define which Nodes the Pods are scheduled on. 4066 type: object 4067 paused: 4068 description: If set to true all actions on the underlying managed 4069 objects are not goint to be performed, except for delete actions. 4070 type: boolean 4071 podMetadata: 4072 description: PodMetadata configures Labels and Annotations which are 4073 propagated to the alertmanager pods. 4074 properties: 4075 annotations: 4076 additionalProperties: 4077 type: string 4078 description: 'Annotations is an unstructured key value map stored 4079 with a resource that may be set by external tools to store and 4080 retrieve arbitrary metadata. They are not queryable and should 4081 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 4082 type: object 4083 labels: 4084 additionalProperties: 4085 type: string 4086 description: 'Map of string keys and values that can be used to 4087 organize and categorize (scope and select) objects. May match 4088 selectors of replication controllers and services. More info: 4089 http://kubernetes.io/docs/user-guide/labels' 4090 type: object 4091 name: 4092 description: 'Name must be unique within a namespace. Is required 4093 when creating resources, although some resources may allow a 4094 client to request the generation of an appropriate name automatically. 4095 Name is primarily intended for creation idempotence and configuration 4096 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 4097 type: string 4098 type: object 4099 portName: 4100 description: Port name used for the pods and governing service. This 4101 defaults to web 4102 type: string 4103 priorityClassName: 4104 description: Priority class assigned to the Pods 4105 type: string 4106 replicas: 4107 description: Size is the expected size of the alertmanager cluster. 4108 The controller will eventually make the size of the running cluster 4109 equal to the expected size. 4110 format: int32 4111 type: integer 4112 resources: 4113 description: Define resources requests and limits for single Pods. 4114 properties: 4115 claims: 4116 description: "Claims lists the names of resources, defined in 4117 spec.resourceClaims, that are used by this container. \n This 4118 is an alpha field and requires enabling the DynamicResourceAllocation 4119 feature gate. \n This field is immutable." 4120 items: 4121 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 4122 properties: 4123 name: 4124 description: Name must match the name of one entry in pod.spec.resourceClaims 4125 of the Pod where this field is used. It makes that resource 4126 available inside a container. 4127 type: string 4128 required: 4129 - name 4130 type: object 4131 type: array 4132 x-kubernetes-list-map-keys: 4133 - name 4134 x-kubernetes-list-type: map 4135 limits: 4136 additionalProperties: 4137 anyOf: 4138 - type: integer 4139 - type: string 4140 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4141 x-kubernetes-int-or-string: true 4142 description: 'Limits describes the maximum amount of compute resources 4143 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4144 type: object 4145 requests: 4146 additionalProperties: 4147 anyOf: 4148 - type: integer 4149 - type: string 4150 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4151 x-kubernetes-int-or-string: true 4152 description: 'Requests describes the minimum amount of compute 4153 resources required. If Requests is omitted for a container, 4154 it defaults to Limits if that is explicitly specified, otherwise 4155 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4156 type: object 4157 type: object 4158 retention: 4159 default: 120h 4160 description: Time duration Alertmanager shall retain data for. Default 4161 is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` 4162 (milliseconds seconds minutes hours). 4163 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 4164 type: string 4165 routePrefix: 4166 description: The route prefix Alertmanager registers HTTP handlers 4167 for. This is useful, if using ExternalURL and a proxy is rewriting 4168 HTTP routes of a request, and the actual ExternalURL is still true, 4169 but the server serves requests under a different route prefix. For 4170 example for use with `kubectl proxy`. 4171 type: string 4172 secrets: 4173 description: Secrets is a list of Secrets in the same namespace as 4174 the Alertmanager object, which shall be mounted into the Alertmanager 4175 Pods. Each Secret is added to the StatefulSet definition as a volume 4176 named `secret-<secret-name>`. The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>` 4177 in the 'alertmanager' container. 4178 items: 4179 type: string 4180 type: array 4181 securityContext: 4182 description: SecurityContext holds pod-level security attributes and 4183 common container settings. This defaults to the default PodSecurityContext. 4184 properties: 4185 fsGroup: 4186 description: "A special supplemental group that applies to all 4187 containers in a pod. Some volume types allow the Kubelet to 4188 change the ownership of that volume to be owned by the pod: 4189 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 4190 set (new files created in the volume will be owned by FSGroup) 4191 3. The permission bits are OR'd with rw-rw---- \n If unset, 4192 the Kubelet will not modify the ownership and permissions of 4193 any volume. Note that this field cannot be set when spec.os.name 4194 is windows." 4195 format: int64 4196 type: integer 4197 fsGroupChangePolicy: 4198 description: 'fsGroupChangePolicy defines behavior of changing 4199 ownership and permission of the volume before being exposed 4200 inside Pod. This field will only apply to volume types which 4201 support fsGroup based ownership(and permissions). It will have 4202 no effect on ephemeral volume types such as: secret, configmaps 4203 and emptydir. Valid values are "OnRootMismatch" and "Always". 4204 If not specified, "Always" is used. Note that this field cannot 4205 be set when spec.os.name is windows.' 4206 type: string 4207 runAsGroup: 4208 description: The GID to run the entrypoint of the container process. 4209 Uses runtime default if unset. May also be set in SecurityContext. If 4210 set in both SecurityContext and PodSecurityContext, the value 4211 specified in SecurityContext takes precedence for that container. 4212 Note that this field cannot be set when spec.os.name is windows. 4213 format: int64 4214 type: integer 4215 runAsNonRoot: 4216 description: Indicates that the container must run as a non-root 4217 user. If true, the Kubelet will validate the image at runtime 4218 to ensure that it does not run as UID 0 (root) and fail to start 4219 the container if it does. If unset or false, no such validation 4220 will be performed. May also be set in SecurityContext. If set 4221 in both SecurityContext and PodSecurityContext, the value specified 4222 in SecurityContext takes precedence. 4223 type: boolean 4224 runAsUser: 4225 description: The UID to run the entrypoint of the container process. 4226 Defaults to user specified in image metadata if unspecified. 4227 May also be set in SecurityContext. If set in both SecurityContext 4228 and PodSecurityContext, the value specified in SecurityContext 4229 takes precedence for that container. Note that this field cannot 4230 be set when spec.os.name is windows. 4231 format: int64 4232 type: integer 4233 seLinuxOptions: 4234 description: The SELinux context to be applied to all containers. 4235 If unspecified, the container runtime will allocate a random 4236 SELinux context for each container. May also be set in SecurityContext. If 4237 set in both SecurityContext and PodSecurityContext, the value 4238 specified in SecurityContext takes precedence for that container. 4239 Note that this field cannot be set when spec.os.name is windows. 4240 properties: 4241 level: 4242 description: Level is SELinux level label that applies to 4243 the container. 4244 type: string 4245 role: 4246 description: Role is a SELinux role label that applies to 4247 the container. 4248 type: string 4249 type: 4250 description: Type is a SELinux type label that applies to 4251 the container. 4252 type: string 4253 user: 4254 description: User is a SELinux user label that applies to 4255 the container. 4256 type: string 4257 type: object 4258 seccompProfile: 4259 description: The seccomp options to use by the containers in this 4260 pod. Note that this field cannot be set when spec.os.name is 4261 windows. 4262 properties: 4263 localhostProfile: 4264 description: localhostProfile indicates a profile defined 4265 in a file on the node should be used. The profile must be 4266 preconfigured on the node to work. Must be a descending 4267 path, relative to the kubelet's configured seccomp profile 4268 location. Must only be set if type is "Localhost". 4269 type: string 4270 type: 4271 description: "type indicates which kind of seccomp profile 4272 will be applied. Valid options are: \n Localhost - a profile 4273 defined in a file on the node should be used. RuntimeDefault 4274 - the container runtime default profile should be used. 4275 Unconfined - no profile should be applied." 4276 type: string 4277 required: 4278 - type 4279 type: object 4280 supplementalGroups: 4281 description: A list of groups applied to the first process run 4282 in each container, in addition to the container's primary GID, 4283 the fsGroup (if specified), and group memberships defined in 4284 the container image for the uid of the container process. If 4285 unspecified, no additional groups are added to any container. 4286 Note that group memberships defined in the container image for 4287 the uid of the container process are still effective, even if 4288 they are not included in this list. Note that this field cannot 4289 be set when spec.os.name is windows. 4290 items: 4291 format: int64 4292 type: integer 4293 type: array 4294 sysctls: 4295 description: Sysctls hold a list of namespaced sysctls used for 4296 the pod. Pods with unsupported sysctls (by the container runtime) 4297 might fail to launch. Note that this field cannot be set when 4298 spec.os.name is windows. 4299 items: 4300 description: Sysctl defines a kernel parameter to be set 4301 properties: 4302 name: 4303 description: Name of a property to set 4304 type: string 4305 value: 4306 description: Value of a property to set 4307 type: string 4308 required: 4309 - name 4310 - value 4311 type: object 4312 type: array 4313 windowsOptions: 4314 description: The Windows specific settings applied to all containers. 4315 If unspecified, the options within a container's SecurityContext 4316 will be used. If set in both SecurityContext and PodSecurityContext, 4317 the value specified in SecurityContext takes precedence. Note 4318 that this field cannot be set when spec.os.name is linux. 4319 properties: 4320 gmsaCredentialSpec: 4321 description: GMSACredentialSpec is where the GMSA admission 4322 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4323 inlines the contents of the GMSA credential spec named by 4324 the GMSACredentialSpecName field. 4325 type: string 4326 gmsaCredentialSpecName: 4327 description: GMSACredentialSpecName is the name of the GMSA 4328 credential spec to use. 4329 type: string 4330 hostProcess: 4331 description: HostProcess determines if a container should 4332 be run as a 'Host Process' container. This field is alpha-level 4333 and will only be honored by components that enable the WindowsHostProcessContainers 4334 feature flag. Setting this field without the feature flag 4335 will result in errors when validating the Pod. All of a 4336 Pod's containers must have the same effective HostProcess 4337 value (it is not allowed to have a mix of HostProcess containers 4338 and non-HostProcess containers). In addition, if HostProcess 4339 is true then HostNetwork must also be set to true. 4340 type: boolean 4341 runAsUserName: 4342 description: The UserName in Windows to run the entrypoint 4343 of the container process. Defaults to the user specified 4344 in image metadata if unspecified. May also be set in PodSecurityContext. 4345 If set in both SecurityContext and PodSecurityContext, the 4346 value specified in SecurityContext takes precedence. 4347 type: string 4348 type: object 4349 type: object 4350 serviceAccountName: 4351 description: ServiceAccountName is the name of the ServiceAccount 4352 to use to run the Prometheus Pods. 4353 type: string 4354 sha: 4355 description: 'SHA of Alertmanager container image to be deployed. 4356 Defaults to the value of `version`. Similar to a tag, but the SHA 4357 explicitly deploys an immutable container image. Version and Tag 4358 are ignored if SHA is set. Deprecated: use ''image'' instead. The 4359 image digest can be specified as part of the image URL.' 4360 type: string 4361 storage: 4362 description: Storage is the definition of how storage will be used 4363 by the Alertmanager instances. 4364 properties: 4365 disableMountSubPath: 4366 description: 'Deprecated: subPath usage will be disabled by default 4367 in a future release, this option will become unnecessary. DisableMountSubPath 4368 allows to remove any subPath usage in volume mounts.' 4369 type: boolean 4370 emptyDir: 4371 description: 'EmptyDirVolumeSource to be used by the StatefulSet. 4372 If specified, used in place of any volumeClaimTemplate. More 4373 info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 4374 properties: 4375 medium: 4376 description: 'medium represents what type of storage medium 4377 should back this directory. The default is "" which means 4378 to use the node''s default medium. Must be an empty string 4379 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4380 type: string 4381 sizeLimit: 4382 anyOf: 4383 - type: integer 4384 - type: string 4385 description: 'sizeLimit is the total amount of local storage 4386 required for this EmptyDir volume. The size limit is also 4387 applicable for memory medium. The maximum usage on memory 4388 medium EmptyDir would be the minimum value between the SizeLimit 4389 specified here and the sum of memory limits of all containers 4390 in a pod. The default is nil which means that the limit 4391 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 4392 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4393 x-kubernetes-int-or-string: true 4394 type: object 4395 ephemeral: 4396 description: 'EphemeralVolumeSource to be used by the StatefulSet. 4397 This is a beta field in k8s 1.21, for lower versions, starting 4398 with k8s 1.19, it requires enabling the GenericEphemeralVolume 4399 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 4400 properties: 4401 volumeClaimTemplate: 4402 description: "Will be used to create a stand-alone PVC to 4403 provision the volume. The pod in which this EphemeralVolumeSource 4404 is embedded will be the owner of the PVC, i.e. the PVC will 4405 be deleted together with the pod. The name of the PVC will 4406 be `<pod name>-<volume name>` where `<volume name>` is the 4407 name from the `PodSpec.Volumes` array entry. Pod validation 4408 will reject the pod if the concatenated name is not valid 4409 for a PVC (for example, too long). \n An existing PVC with 4410 that name that is not owned by the pod will *not* be used 4411 for the pod to avoid using an unrelated volume by mistake. 4412 Starting the pod is then blocked until the unrelated PVC 4413 is removed. If such a pre-created PVC is meant to be used 4414 by the pod, the PVC has to updated with an owner reference 4415 to the pod once the pod exists. Normally this should not 4416 be necessary, but it may be useful when manually reconstructing 4417 a broken cluster. \n This field is read-only and no changes 4418 will be made by Kubernetes to the PVC after it has been 4419 created. \n Required, must not be nil." 4420 properties: 4421 metadata: 4422 description: May contain labels and annotations that will 4423 be copied into the PVC when creating it. No other fields 4424 are allowed and will be rejected during validation. 4425 type: object 4426 spec: 4427 description: The specification for the PersistentVolumeClaim. 4428 The entire content is copied unchanged into the PVC 4429 that gets created from this template. The same fields 4430 as in a PersistentVolumeClaim are also valid here. 4431 properties: 4432 accessModes: 4433 description: 'accessModes contains the desired access 4434 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4435 items: 4436 type: string 4437 type: array 4438 dataSource: 4439 description: 'dataSource field can be used to specify 4440 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 4441 * An existing PVC (PersistentVolumeClaim) If the 4442 provisioner or an external controller can support 4443 the specified data source, it will create a new 4444 volume based on the contents of the specified data 4445 source. When the AnyVolumeDataSource feature gate 4446 is enabled, dataSource contents will be copied to 4447 dataSourceRef, and dataSourceRef contents will be 4448 copied to dataSource when dataSourceRef.namespace 4449 is not specified. If the namespace is specified, 4450 then dataSourceRef will not be copied to dataSource.' 4451 properties: 4452 apiGroup: 4453 description: APIGroup is the group for the resource 4454 being referenced. If APIGroup is not specified, 4455 the specified Kind must be in the core API group. 4456 For any other third-party types, APIGroup is 4457 required. 4458 type: string 4459 kind: 4460 description: Kind is the type of resource being 4461 referenced 4462 type: string 4463 name: 4464 description: Name is the name of resource being 4465 referenced 4466 type: string 4467 required: 4468 - kind 4469 - name 4470 type: object 4471 x-kubernetes-map-type: atomic 4472 dataSourceRef: 4473 description: 'dataSourceRef specifies the object from 4474 which to populate the volume with data, if a non-empty 4475 volume is desired. This may be any object from a 4476 non-empty API group (non core object) or a PersistentVolumeClaim 4477 object. When this field is specified, volume binding 4478 will only succeed if the type of the specified object 4479 matches some installed volume populator or dynamic 4480 provisioner. This field will replace the functionality 4481 of the dataSource field and as such if both fields 4482 are non-empty, they must have the same value. For 4483 backwards compatibility, when namespace isn''t specified 4484 in dataSourceRef, both fields (dataSource and dataSourceRef) 4485 will be set to the same value automatically if one 4486 of them is empty and the other is non-empty. When 4487 namespace is specified in dataSourceRef, dataSource 4488 isn''t set to the same value and must be empty. 4489 There are three important differences between dataSource 4490 and dataSourceRef: * While dataSource only allows 4491 two specific types of objects, dataSourceRef allows 4492 any non-core object, as well as PersistentVolumeClaim 4493 objects. * While dataSource ignores disallowed values 4494 (dropping them), dataSourceRef preserves all values, 4495 and generates an error if a disallowed value is 4496 specified. * While dataSource only allows local 4497 objects, dataSourceRef allows objects in any namespaces. 4498 (Beta) Using this field requires the AnyVolumeDataSource 4499 feature gate to be enabled. (Alpha) Using the namespace 4500 field of dataSourceRef requires the CrossNamespaceVolumeDataSource 4501 feature gate to be enabled.' 4502 properties: 4503 apiGroup: 4504 description: APIGroup is the group for the resource 4505 being referenced. If APIGroup is not specified, 4506 the specified Kind must be in the core API group. 4507 For any other third-party types, APIGroup is 4508 required. 4509 type: string 4510 kind: 4511 description: Kind is the type of resource being 4512 referenced 4513 type: string 4514 name: 4515 description: Name is the name of resource being 4516 referenced 4517 type: string 4518 namespace: 4519 description: Namespace is the namespace of resource 4520 being referenced Note that when a namespace 4521 is specified, a gateway.networking.k8s.io/ReferenceGrant 4522 object is required in the referent namespace 4523 to allow that namespace's owner to accept the 4524 reference. See the ReferenceGrant documentation 4525 for details. (Alpha) This field requires the 4526 CrossNamespaceVolumeDataSource feature gate 4527 to be enabled. 4528 type: string 4529 required: 4530 - kind 4531 - name 4532 type: object 4533 resources: 4534 description: 'resources represents the minimum resources 4535 the volume should have. If RecoverVolumeExpansionFailure 4536 feature is enabled users are allowed to specify 4537 resource requirements that are lower than previous 4538 value but must still be higher than capacity recorded 4539 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 4540 properties: 4541 claims: 4542 description: "Claims lists the names of resources, 4543 defined in spec.resourceClaims, that are used 4544 by this container. \n This is an alpha field 4545 and requires enabling the DynamicResourceAllocation 4546 feature gate. \n This field is immutable." 4547 items: 4548 description: ResourceClaim references one entry 4549 in PodSpec.ResourceClaims. 4550 properties: 4551 name: 4552 description: Name must match the name of 4553 one entry in pod.spec.resourceClaims of 4554 the Pod where this field is used. It makes 4555 that resource available inside a container. 4556 type: string 4557 required: 4558 - name 4559 type: object 4560 type: array 4561 x-kubernetes-list-map-keys: 4562 - name 4563 x-kubernetes-list-type: map 4564 limits: 4565 additionalProperties: 4566 anyOf: 4567 - type: integer 4568 - type: string 4569 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4570 x-kubernetes-int-or-string: true 4571 description: 'Limits describes the maximum amount 4572 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4573 type: object 4574 requests: 4575 additionalProperties: 4576 anyOf: 4577 - type: integer 4578 - type: string 4579 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4580 x-kubernetes-int-or-string: true 4581 description: 'Requests describes the minimum amount 4582 of compute resources required. If Requests is 4583 omitted for a container, it defaults to Limits 4584 if that is explicitly specified, otherwise to 4585 an implementation-defined value. More info: 4586 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4587 type: object 4588 type: object 4589 selector: 4590 description: selector is a label query over volumes 4591 to consider for binding. 4592 properties: 4593 matchExpressions: 4594 description: matchExpressions is a list of label 4595 selector requirements. The requirements are 4596 ANDed. 4597 items: 4598 description: A label selector requirement is 4599 a selector that contains values, a key, and 4600 an operator that relates the key and values. 4601 properties: 4602 key: 4603 description: key is the label key that the 4604 selector applies to. 4605 type: string 4606 operator: 4607 description: operator represents a key's 4608 relationship to a set of values. Valid 4609 operators are In, NotIn, Exists and DoesNotExist. 4610 type: string 4611 values: 4612 description: values is an array of string 4613 values. If the operator is In or NotIn, 4614 the values array must be non-empty. If 4615 the operator is Exists or DoesNotExist, 4616 the values array must be empty. This array 4617 is replaced during a strategic merge patch. 4618 items: 4619 type: string 4620 type: array 4621 required: 4622 - key 4623 - operator 4624 type: object 4625 type: array 4626 matchLabels: 4627 additionalProperties: 4628 type: string 4629 description: matchLabels is a map of {key,value} 4630 pairs. A single {key,value} in the matchLabels 4631 map is equivalent to an element of matchExpressions, 4632 whose key field is "key", the operator is "In", 4633 and the values array contains only "value". 4634 The requirements are ANDed. 4635 type: object 4636 type: object 4637 x-kubernetes-map-type: atomic 4638 storageClassName: 4639 description: 'storageClassName is the name of the 4640 StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 4641 type: string 4642 volumeMode: 4643 description: volumeMode defines what type of volume 4644 is required by the claim. Value of Filesystem is 4645 implied when not included in claim spec. 4646 type: string 4647 volumeName: 4648 description: volumeName is the binding reference to 4649 the PersistentVolume backing this claim. 4650 type: string 4651 type: object 4652 required: 4653 - spec 4654 type: object 4655 type: object 4656 volumeClaimTemplate: 4657 description: A PVC spec to be used by the StatefulSet. The easiest 4658 way to use a volume that cannot be automatically provisioned 4659 (for whatever reason) is to use a label selector alongside manually 4660 created PersistentVolumes. 4661 properties: 4662 apiVersion: 4663 description: 'APIVersion defines the versioned schema of this 4664 representation of an object. Servers should convert recognized 4665 schemas to the latest internal value, and may reject unrecognized 4666 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 4667 type: string 4668 kind: 4669 description: 'Kind is a string value representing the REST 4670 resource this object represents. Servers may infer this 4671 from the endpoint the client submits requests to. Cannot 4672 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 4673 type: string 4674 metadata: 4675 description: EmbeddedMetadata contains metadata relevant to 4676 an EmbeddedResource. 4677 properties: 4678 annotations: 4679 additionalProperties: 4680 type: string 4681 description: 'Annotations is an unstructured key value 4682 map stored with a resource that may be set by external 4683 tools to store and retrieve arbitrary metadata. They 4684 are not queryable and should be preserved when modifying 4685 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 4686 type: object 4687 labels: 4688 additionalProperties: 4689 type: string 4690 description: 'Map of string keys and values that can be 4691 used to organize and categorize (scope and select) objects. 4692 May match selectors of replication controllers and services. 4693 More info: http://kubernetes.io/docs/user-guide/labels' 4694 type: object 4695 name: 4696 description: 'Name must be unique within a namespace. 4697 Is required when creating resources, although some resources 4698 may allow a client to request the generation of an appropriate 4699 name automatically. Name is primarily intended for creation 4700 idempotence and configuration definition. Cannot be 4701 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 4702 type: string 4703 type: object 4704 spec: 4705 description: 'Spec defines the desired characteristics of 4706 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4707 properties: 4708 accessModes: 4709 description: 'accessModes contains the desired access 4710 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4711 items: 4712 type: string 4713 type: array 4714 dataSource: 4715 description: 'dataSource field can be used to specify 4716 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 4717 * An existing PVC (PersistentVolumeClaim) If the provisioner 4718 or an external controller can support the specified 4719 data source, it will create a new volume based on the 4720 contents of the specified data source. When the AnyVolumeDataSource 4721 feature gate is enabled, dataSource contents will be 4722 copied to dataSourceRef, and dataSourceRef contents 4723 will be copied to dataSource when dataSourceRef.namespace 4724 is not specified. If the namespace is specified, then 4725 dataSourceRef will not be copied to dataSource.' 4726 properties: 4727 apiGroup: 4728 description: APIGroup is the group for the resource 4729 being referenced. If APIGroup is not specified, 4730 the specified Kind must be in the core API group. 4731 For any other third-party types, APIGroup is required. 4732 type: string 4733 kind: 4734 description: Kind is the type of resource being referenced 4735 type: string 4736 name: 4737 description: Name is the name of resource being referenced 4738 type: string 4739 required: 4740 - kind 4741 - name 4742 type: object 4743 x-kubernetes-map-type: atomic 4744 dataSourceRef: 4745 description: 'dataSourceRef specifies the object from 4746 which to populate the volume with data, if a non-empty 4747 volume is desired. This may be any object from a non-empty 4748 API group (non core object) or a PersistentVolumeClaim 4749 object. When this field is specified, volume binding 4750 will only succeed if the type of the specified object 4751 matches some installed volume populator or dynamic provisioner. 4752 This field will replace the functionality of the dataSource 4753 field and as such if both fields are non-empty, they 4754 must have the same value. For backwards compatibility, 4755 when namespace isn''t specified in dataSourceRef, both 4756 fields (dataSource and dataSourceRef) will be set to 4757 the same value automatically if one of them is empty 4758 and the other is non-empty. When namespace is specified 4759 in dataSourceRef, dataSource isn''t set to the same 4760 value and must be empty. There are three important differences 4761 between dataSource and dataSourceRef: * While dataSource 4762 only allows two specific types of objects, dataSourceRef 4763 allows any non-core object, as well as PersistentVolumeClaim 4764 objects. * While dataSource ignores disallowed values 4765 (dropping them), dataSourceRef preserves all values, 4766 and generates an error if a disallowed value is specified. 4767 * While dataSource only allows local objects, dataSourceRef 4768 allows objects in any namespaces. (Beta) Using this 4769 field requires the AnyVolumeDataSource feature gate 4770 to be enabled. (Alpha) Using the namespace field of 4771 dataSourceRef requires the CrossNamespaceVolumeDataSource 4772 feature gate to be enabled.' 4773 properties: 4774 apiGroup: 4775 description: APIGroup is the group for the resource 4776 being referenced. If APIGroup is not specified, 4777 the specified Kind must be in the core API group. 4778 For any other third-party types, APIGroup is required. 4779 type: string 4780 kind: 4781 description: Kind is the type of resource being referenced 4782 type: string 4783 name: 4784 description: Name is the name of resource being referenced 4785 type: string 4786 namespace: 4787 description: Namespace is the namespace of resource 4788 being referenced Note that when a namespace is specified, 4789 a gateway.networking.k8s.io/ReferenceGrant object 4790 is required in the referent namespace to allow that 4791 namespace's owner to accept the reference. See the 4792 ReferenceGrant documentation for details. (Alpha) 4793 This field requires the CrossNamespaceVolumeDataSource 4794 feature gate to be enabled. 4795 type: string 4796 required: 4797 - kind 4798 - name 4799 type: object 4800 resources: 4801 description: 'resources represents the minimum resources 4802 the volume should have. If RecoverVolumeExpansionFailure 4803 feature is enabled users are allowed to specify resource 4804 requirements that are lower than previous value but 4805 must still be higher than capacity recorded in the status 4806 field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 4807 properties: 4808 claims: 4809 description: "Claims lists the names of resources, 4810 defined in spec.resourceClaims, that are used by 4811 this container. \n This is an alpha field and requires 4812 enabling the DynamicResourceAllocation feature gate. 4813 \n This field is immutable." 4814 items: 4815 description: ResourceClaim references one entry 4816 in PodSpec.ResourceClaims. 4817 properties: 4818 name: 4819 description: Name must match the name of one 4820 entry in pod.spec.resourceClaims of the Pod 4821 where this field is used. It makes that resource 4822 available inside a container. 4823 type: string 4824 required: 4825 - name 4826 type: object 4827 type: array 4828 x-kubernetes-list-map-keys: 4829 - name 4830 x-kubernetes-list-type: map 4831 limits: 4832 additionalProperties: 4833 anyOf: 4834 - type: integer 4835 - type: string 4836 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4837 x-kubernetes-int-or-string: true 4838 description: 'Limits describes the maximum amount 4839 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4840 type: object 4841 requests: 4842 additionalProperties: 4843 anyOf: 4844 - type: integer 4845 - type: string 4846 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4847 x-kubernetes-int-or-string: true 4848 description: 'Requests describes the minimum amount 4849 of compute resources required. If Requests is omitted 4850 for a container, it defaults to Limits if that is 4851 explicitly specified, otherwise to an implementation-defined 4852 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4853 type: object 4854 type: object 4855 selector: 4856 description: selector is a label query over volumes to 4857 consider for binding. 4858 properties: 4859 matchExpressions: 4860 description: matchExpressions is a list of label selector 4861 requirements. The requirements are ANDed. 4862 items: 4863 description: A label selector requirement is a selector 4864 that contains values, a key, and an operator that 4865 relates the key and values. 4866 properties: 4867 key: 4868 description: key is the label key that the selector 4869 applies to. 4870 type: string 4871 operator: 4872 description: operator represents a key's relationship 4873 to a set of values. Valid operators are In, 4874 NotIn, Exists and DoesNotExist. 4875 type: string 4876 values: 4877 description: values is an array of string values. 4878 If the operator is In or NotIn, the values 4879 array must be non-empty. If the operator is 4880 Exists or DoesNotExist, the values array must 4881 be empty. This array is replaced during a 4882 strategic merge patch. 4883 items: 4884 type: string 4885 type: array 4886 required: 4887 - key 4888 - operator 4889 type: object 4890 type: array 4891 matchLabels: 4892 additionalProperties: 4893 type: string 4894 description: matchLabels is a map of {key,value} pairs. 4895 A single {key,value} in the matchLabels map is equivalent 4896 to an element of matchExpressions, whose key field 4897 is "key", the operator is "In", and the values array 4898 contains only "value". The requirements are ANDed. 4899 type: object 4900 type: object 4901 x-kubernetes-map-type: atomic 4902 storageClassName: 4903 description: 'storageClassName is the name of the StorageClass 4904 required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 4905 type: string 4906 volumeMode: 4907 description: volumeMode defines what type of volume is 4908 required by the claim. Value of Filesystem is implied 4909 when not included in claim spec. 4910 type: string 4911 volumeName: 4912 description: volumeName is the binding reference to the 4913 PersistentVolume backing this claim. 4914 type: string 4915 type: object 4916 status: 4917 description: 'Status represents the current information/status 4918 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4919 properties: 4920 accessModes: 4921 description: 'accessModes contains the actual access modes 4922 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4923 items: 4924 type: string 4925 type: array 4926 allocatedResources: 4927 additionalProperties: 4928 anyOf: 4929 - type: integer 4930 - type: string 4931 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4932 x-kubernetes-int-or-string: true 4933 description: allocatedResources is the storage resource 4934 within AllocatedResources tracks the capacity allocated 4935 to a PVC. It may be larger than the actual capacity 4936 when a volume expansion operation is requested. For 4937 storage quota, the larger value from allocatedResources 4938 and PVC.spec.resources is used. If allocatedResources 4939 is not set, PVC.spec.resources alone is used for quota 4940 calculation. If a volume expansion capacity request 4941 is lowered, allocatedResources is only lowered if there 4942 are no expansion operations in progress and if the actual 4943 volume capacity is equal or lower than the requested 4944 capacity. This is an alpha field and requires enabling 4945 RecoverVolumeExpansionFailure feature. 4946 type: object 4947 capacity: 4948 additionalProperties: 4949 anyOf: 4950 - type: integer 4951 - type: string 4952 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4953 x-kubernetes-int-or-string: true 4954 description: capacity represents the actual resources 4955 of the underlying volume. 4956 type: object 4957 conditions: 4958 description: conditions is the current Condition of persistent 4959 volume claim. If underlying persistent volume is being 4960 resized then the Condition will be set to 'ResizeStarted'. 4961 items: 4962 description: PersistentVolumeClaimCondition contails 4963 details about state of pvc 4964 properties: 4965 lastProbeTime: 4966 description: lastProbeTime is the time we probed 4967 the condition. 4968 format: date-time 4969 type: string 4970 lastTransitionTime: 4971 description: lastTransitionTime is the time the 4972 condition transitioned from one status to another. 4973 format: date-time 4974 type: string 4975 message: 4976 description: message is the human-readable message 4977 indicating details about last transition. 4978 type: string 4979 reason: 4980 description: reason is a unique, this should be 4981 a short, machine understandable string that gives 4982 the reason for condition's last transition. If 4983 it reports "ResizeStarted" that means the underlying 4984 persistent volume is being resized. 4985 type: string 4986 status: 4987 type: string 4988 type: 4989 description: PersistentVolumeClaimConditionType 4990 is a valid value of PersistentVolumeClaimCondition.Type 4991 type: string 4992 required: 4993 - status 4994 - type 4995 type: object 4996 type: array 4997 phase: 4998 description: phase represents the current phase of PersistentVolumeClaim. 4999 type: string 5000 resizeStatus: 5001 description: resizeStatus stores status of resize operation. 5002 ResizeStatus is not set by default but when expansion 5003 is complete resizeStatus is set to empty string by resize 5004 controller or kubelet. This is an alpha field and requires 5005 enabling RecoverVolumeExpansionFailure feature. 5006 type: string 5007 type: object 5008 type: object 5009 type: object 5010 tag: 5011 description: 'Tag of Alertmanager container image to be deployed. 5012 Defaults to the value of `version`. Version is ignored if Tag is 5013 set. Deprecated: use ''image'' instead. The image tag can be specified 5014 as part of the image URL.' 5015 type: string 5016 tolerations: 5017 description: If specified, the pod's tolerations. 5018 items: 5019 description: The pod this Toleration is attached to tolerates any 5020 taint that matches the triple <key,value,effect> using the matching 5021 operator <operator>. 5022 properties: 5023 effect: 5024 description: Effect indicates the taint effect to match. Empty 5025 means match all taint effects. When specified, allowed values 5026 are NoSchedule, PreferNoSchedule and NoExecute. 5027 type: string 5028 key: 5029 description: Key is the taint key that the toleration applies 5030 to. Empty means match all taint keys. If the key is empty, 5031 operator must be Exists; this combination means to match all 5032 values and all keys. 5033 type: string 5034 operator: 5035 description: Operator represents a key's relationship to the 5036 value. Valid operators are Exists and Equal. Defaults to Equal. 5037 Exists is equivalent to wildcard for value, so that a pod 5038 can tolerate all taints of a particular category. 5039 type: string 5040 tolerationSeconds: 5041 description: TolerationSeconds represents the period of time 5042 the toleration (which must be of effect NoExecute, otherwise 5043 this field is ignored) tolerates the taint. By default, it 5044 is not set, which means tolerate the taint forever (do not 5045 evict). Zero and negative values will be treated as 0 (evict 5046 immediately) by the system. 5047 format: int64 5048 type: integer 5049 value: 5050 description: Value is the taint value the toleration matches 5051 to. If the operator is Exists, the value should be empty, 5052 otherwise just a regular string. 5053 type: string 5054 type: object 5055 type: array 5056 topologySpreadConstraints: 5057 description: If specified, the pod's topology spread constraints. 5058 items: 5059 description: TopologySpreadConstraint specifies how to spread matching 5060 pods among the given topology. 5061 properties: 5062 labelSelector: 5063 description: LabelSelector is used to find matching pods. Pods 5064 that match this label selector are counted to determine the 5065 number of pods in their corresponding topology domain. 5066 properties: 5067 matchExpressions: 5068 description: matchExpressions is a list of label selector 5069 requirements. The requirements are ANDed. 5070 items: 5071 description: A label selector requirement is a selector 5072 that contains values, a key, and an operator that relates 5073 the key and values. 5074 properties: 5075 key: 5076 description: key is the label key that the selector 5077 applies to. 5078 type: string 5079 operator: 5080 description: operator represents a key's relationship 5081 to a set of values. Valid operators are In, NotIn, 5082 Exists and DoesNotExist. 5083 type: string 5084 values: 5085 description: values is an array of string values. 5086 If the operator is In or NotIn, the values array 5087 must be non-empty. If the operator is Exists or 5088 DoesNotExist, the values array must be empty. This 5089 array is replaced during a strategic merge patch. 5090 items: 5091 type: string 5092 type: array 5093 required: 5094 - key 5095 - operator 5096 type: object 5097 type: array 5098 matchLabels: 5099 additionalProperties: 5100 type: string 5101 description: matchLabels is a map of {key,value} pairs. 5102 A single {key,value} in the matchLabels map is equivalent 5103 to an element of matchExpressions, whose key field is 5104 "key", the operator is "In", and the values array contains 5105 only "value". The requirements are ANDed. 5106 type: object 5107 type: object 5108 x-kubernetes-map-type: atomic 5109 matchLabelKeys: 5110 description: MatchLabelKeys is a set of pod label keys to select 5111 the pods over which spreading will be calculated. The keys 5112 are used to lookup values from the incoming pod labels, those 5113 key-value labels are ANDed with labelSelector to select the 5114 group of existing pods over which spreading will be calculated 5115 for the incoming pod. Keys that don't exist in the incoming 5116 pod labels will be ignored. A null or empty list means only 5117 match against labelSelector. 5118 items: 5119 type: string 5120 type: array 5121 x-kubernetes-list-type: atomic 5122 maxSkew: 5123 description: 'MaxSkew describes the degree to which pods may 5124 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 5125 it is the maximum permitted difference between the number 5126 of matching pods in the target topology and the global minimum. 5127 The global minimum is the minimum number of matching pods 5128 in an eligible domain or zero if the number of eligible domains 5129 is less than MinDomains. For example, in a 3-zone cluster, 5130 MaxSkew is set to 1, and pods with the same labelSelector 5131 spread as 2/2/1: In this case, the global minimum is 1. | 5132 zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew 5133 is 1, incoming pod can only be scheduled to zone3 to become 5134 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) 5135 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 5136 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 5137 it is used to give higher precedence to topologies that satisfy 5138 it. It''s a required field. Default value is 1 and 0 is not 5139 allowed.' 5140 format: int32 5141 type: integer 5142 minDomains: 5143 description: "MinDomains indicates a minimum number of eligible 5144 domains. When the number of eligible domains with matching 5145 topology keys is less than minDomains, Pod Topology Spread 5146 treats \"global minimum\" as 0, and then the calculation of 5147 Skew is performed. And when the number of eligible domains 5148 with matching topology keys equals or greater than minDomains, 5149 this value has no effect on scheduling. As a result, when 5150 the number of eligible domains is less than minDomains, scheduler 5151 won't schedule more than maxSkew Pods to those domains. If 5152 value is nil, the constraint behaves as if MinDomains is equal 5153 to 1. Valid values are integers greater than 0. When value 5154 is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For 5155 example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains 5156 is set to 5 and pods with the same labelSelector spread as 5157 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | 5158 The number of domains is less than 5(MinDomains), so \"global 5159 minimum\" is treated as 0. In this situation, new pod with 5160 the same labelSelector cannot be scheduled, because computed 5161 skew will be 3(3 - 0) if new Pod is scheduled to any of the 5162 three zones, it will violate MaxSkew. \n This is a beta field 5163 and requires the MinDomainsInPodTopologySpread feature gate 5164 to be enabled (enabled by default)." 5165 format: int32 5166 type: integer 5167 nodeAffinityPolicy: 5168 description: "NodeAffinityPolicy indicates how we will treat 5169 Pod's nodeAffinity/nodeSelector when calculating pod topology 5170 spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector 5171 are included in the calculations. - Ignore: nodeAffinity/nodeSelector 5172 are ignored. All nodes are included in the calculations. \n 5173 If this value is nil, the behavior is equivalent to the Honor 5174 policy. This is a beta-level feature default enabled by the 5175 NodeInclusionPolicyInPodTopologySpread feature flag." 5176 type: string 5177 nodeTaintsPolicy: 5178 description: "NodeTaintsPolicy indicates how we will treat node 5179 taints when calculating pod topology spread skew. Options 5180 are: - Honor: nodes without taints, along with tainted nodes 5181 for which the incoming pod has a toleration, are included. 5182 - Ignore: node taints are ignored. All nodes are included. 5183 \n If this value is nil, the behavior is equivalent to the 5184 Ignore policy. This is a beta-level feature default enabled 5185 by the NodeInclusionPolicyInPodTopologySpread feature flag." 5186 type: string 5187 topologyKey: 5188 description: TopologyKey is the key of node labels. Nodes that 5189 have a label with this key and identical values are considered 5190 to be in the same topology. We consider each <key, value> 5191 as a "bucket", and try to put balanced number of pods into 5192 each bucket. We define a domain as a particular instance of 5193 a topology. Also, we define an eligible domain as a domain 5194 whose nodes meet the requirements of nodeAffinityPolicy and 5195 nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", 5196 each Node is a domain of that topology. And, if TopologyKey 5197 is "topology.kubernetes.io/zone", each zone is a domain of 5198 that topology. It's a required field. 5199 type: string 5200 whenUnsatisfiable: 5201 description: 'WhenUnsatisfiable indicates how to deal with a 5202 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 5203 (default) tells the scheduler not to schedule it. - ScheduleAnyway 5204 tells the scheduler to schedule the pod in any location, but 5205 giving higher precedence to topologies that would help reduce 5206 the skew. A constraint is considered "Unsatisfiable" for an 5207 incoming pod if and only if every possible node assignment 5208 for that pod would violate "MaxSkew" on some topology. For 5209 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 5210 with the same labelSelector spread as 3/1/1: | zone1 | zone2 5211 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 5212 set to DoNotSchedule, incoming pod can only be scheduled to 5213 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 5214 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 5215 can still be imbalanced, but scheduler won''t make it *more* 5216 imbalanced. It''s a required field.' 5217 type: string 5218 required: 5219 - maxSkew 5220 - topologyKey 5221 - whenUnsatisfiable 5222 type: object 5223 type: array 5224 version: 5225 description: Version the cluster should be on. 5226 type: string 5227 volumeMounts: 5228 description: VolumeMounts allows configuration of additional VolumeMounts 5229 on the output StatefulSet definition. VolumeMounts specified will 5230 be appended to other VolumeMounts in the alertmanager container, 5231 that are generated as a result of StorageSpec objects. 5232 items: 5233 description: VolumeMount describes a mounting of a Volume within 5234 a container. 5235 properties: 5236 mountPath: 5237 description: Path within the container at which the volume should 5238 be mounted. Must not contain ':'. 5239 type: string 5240 mountPropagation: 5241 description: mountPropagation determines how mounts are propagated 5242 from the host to container and the other way around. When 5243 not set, MountPropagationNone is used. This field is beta 5244 in 1.10. 5245 type: string 5246 name: 5247 description: This must match the Name of a Volume. 5248 type: string 5249 readOnly: 5250 description: Mounted read-only if true, read-write otherwise 5251 (false or unspecified). Defaults to false. 5252 type: boolean 5253 subPath: 5254 description: Path within the volume from which the container's 5255 volume should be mounted. Defaults to "" (volume's root). 5256 type: string 5257 subPathExpr: 5258 description: Expanded path within the volume from which the 5259 container's volume should be mounted. Behaves similarly to 5260 SubPath but environment variable references $(VAR_NAME) are 5261 expanded using the container's environment. Defaults to "" 5262 (volume's root). SubPathExpr and SubPath are mutually exclusive. 5263 type: string 5264 required: 5265 - mountPath 5266 - name 5267 type: object 5268 type: array 5269 volumes: 5270 description: Volumes allows configuration of additional volumes on 5271 the output StatefulSet definition. Volumes specified will be appended 5272 to other volumes that are generated as a result of StorageSpec objects. 5273 items: 5274 description: Volume represents a named volume in a pod that may 5275 be accessed by any container in the pod. 5276 properties: 5277 awsElasticBlockStore: 5278 description: 'awsElasticBlockStore represents an AWS Disk resource 5279 that is attached to a kubelet''s host machine and then exposed 5280 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5281 properties: 5282 fsType: 5283 description: 'fsType is the filesystem type of the volume 5284 that you want to mount. Tip: Ensure that the filesystem 5285 type is supported by the host operating system. Examples: 5286 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5287 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 5288 TODO: how do we prevent errors in the filesystem from 5289 compromising the machine' 5290 type: string 5291 partition: 5292 description: 'partition is the partition in the volume that 5293 you want to mount. If omitted, the default is to mount 5294 by volume name. Examples: For volume /dev/sda1, you specify 5295 the partition as "1". Similarly, the volume partition 5296 for /dev/sda is "0" (or you can leave the property empty).' 5297 format: int32 5298 type: integer 5299 readOnly: 5300 description: 'readOnly value true will force the readOnly 5301 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5302 type: boolean 5303 volumeID: 5304 description: 'volumeID is unique ID of the persistent disk 5305 resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 5306 type: string 5307 required: 5308 - volumeID 5309 type: object 5310 azureDisk: 5311 description: azureDisk represents an Azure Data Disk mount on 5312 the host and bind mount to the pod. 5313 properties: 5314 cachingMode: 5315 description: 'cachingMode is the Host Caching mode: None, 5316 Read Only, Read Write.' 5317 type: string 5318 diskName: 5319 description: diskName is the Name of the data disk in the 5320 blob storage 5321 type: string 5322 diskURI: 5323 description: diskURI is the URI of data disk in the blob 5324 storage 5325 type: string 5326 fsType: 5327 description: fsType is Filesystem type to mount. Must be 5328 a filesystem type supported by the host operating system. 5329 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5330 if unspecified. 5331 type: string 5332 kind: 5333 description: 'kind expected values are Shared: multiple 5334 blob disks per storage account Dedicated: single blob 5335 disk per storage account Managed: azure managed data 5336 disk (only in managed availability set). defaults to shared' 5337 type: string 5338 readOnly: 5339 description: readOnly Defaults to false (read/write). ReadOnly 5340 here will force the ReadOnly setting in VolumeMounts. 5341 type: boolean 5342 required: 5343 - diskName 5344 - diskURI 5345 type: object 5346 azureFile: 5347 description: azureFile represents an Azure File Service mount 5348 on the host and bind mount to the pod. 5349 properties: 5350 readOnly: 5351 description: readOnly defaults to false (read/write). ReadOnly 5352 here will force the ReadOnly setting in VolumeMounts. 5353 type: boolean 5354 secretName: 5355 description: secretName is the name of secret that contains 5356 Azure Storage Account Name and Key 5357 type: string 5358 shareName: 5359 description: shareName is the azure share Name 5360 type: string 5361 required: 5362 - secretName 5363 - shareName 5364 type: object 5365 cephfs: 5366 description: cephFS represents a Ceph FS mount on the host that 5367 shares a pod's lifetime 5368 properties: 5369 monitors: 5370 description: 'monitors is Required: Monitors is a collection 5371 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 5372 items: 5373 type: string 5374 type: array 5375 path: 5376 description: 'path is Optional: Used as the mounted root, 5377 rather than the full Ceph tree, default is /' 5378 type: string 5379 readOnly: 5380 description: 'readOnly is Optional: Defaults to false (read/write). 5381 ReadOnly here will force the ReadOnly setting in VolumeMounts. 5382 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 5383 type: boolean 5384 secretFile: 5385 description: 'secretFile is Optional: SecretFile is the 5386 path to key ring for User, default is /etc/ceph/user.secret 5387 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 5388 type: string 5389 secretRef: 5390 description: 'secretRef is Optional: SecretRef is reference 5391 to the authentication secret for User, default is empty. 5392 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 5393 properties: 5394 name: 5395 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5396 TODO: Add other useful fields. apiVersion, kind, uid?' 5397 type: string 5398 type: object 5399 x-kubernetes-map-type: atomic 5400 user: 5401 description: 'user is optional: User is the rados user name, 5402 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 5403 type: string 5404 required: 5405 - monitors 5406 type: object 5407 cinder: 5408 description: 'cinder represents a cinder volume attached and 5409 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 5410 properties: 5411 fsType: 5412 description: 'fsType is the filesystem type to mount. Must 5413 be a filesystem type supported by the host operating system. 5414 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to 5415 be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 5416 type: string 5417 readOnly: 5418 description: 'readOnly defaults to false (read/write). ReadOnly 5419 here will force the ReadOnly setting in VolumeMounts. 5420 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 5421 type: boolean 5422 secretRef: 5423 description: 'secretRef is optional: points to a secret 5424 object containing parameters used to connect to OpenStack.' 5425 properties: 5426 name: 5427 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5428 TODO: Add other useful fields. apiVersion, kind, uid?' 5429 type: string 5430 type: object 5431 x-kubernetes-map-type: atomic 5432 volumeID: 5433 description: 'volumeID used to identify the volume in cinder. 5434 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 5435 type: string 5436 required: 5437 - volumeID 5438 type: object 5439 configMap: 5440 description: configMap represents a configMap that should populate 5441 this volume 5442 properties: 5443 defaultMode: 5444 description: 'defaultMode is optional: mode bits used to 5445 set permissions on created files by default. Must be an 5446 octal value between 0000 and 0777 or a decimal value between 5447 0 and 511. YAML accepts both octal and decimal values, 5448 JSON requires decimal values for mode bits. Defaults to 5449 0644. Directories within the path are not affected by 5450 this setting. This might be in conflict with other options 5451 that affect the file mode, like fsGroup, and the result 5452 can be other mode bits set.' 5453 format: int32 5454 type: integer 5455 items: 5456 description: items if unspecified, each key-value pair in 5457 the Data field of the referenced ConfigMap will be projected 5458 into the volume as a file whose name is the key and content 5459 is the value. If specified, the listed keys will be projected 5460 into the specified paths, and unlisted keys will not be 5461 present. If a key is specified which is not present in 5462 the ConfigMap, the volume setup will error unless it is 5463 marked optional. Paths must be relative and may not contain 5464 the '..' path or start with '..'. 5465 items: 5466 description: Maps a string key to a path within a volume. 5467 properties: 5468 key: 5469 description: key is the key to project. 5470 type: string 5471 mode: 5472 description: 'mode is Optional: mode bits used to 5473 set permissions on this file. Must be an octal value 5474 between 0000 and 0777 or a decimal value between 5475 0 and 511. YAML accepts both octal and decimal values, 5476 JSON requires decimal values for mode bits. If not 5477 specified, the volume defaultMode will be used. 5478 This might be in conflict with other options that 5479 affect the file mode, like fsGroup, and the result 5480 can be other mode bits set.' 5481 format: int32 5482 type: integer 5483 path: 5484 description: path is the relative path of the file 5485 to map the key to. May not be an absolute path. 5486 May not contain the path element '..'. May not start 5487 with the string '..'. 5488 type: string 5489 required: 5490 - key 5491 - path 5492 type: object 5493 type: array 5494 name: 5495 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5496 TODO: Add other useful fields. apiVersion, kind, uid?' 5497 type: string 5498 optional: 5499 description: optional specify whether the ConfigMap or its 5500 keys must be defined 5501 type: boolean 5502 type: object 5503 x-kubernetes-map-type: atomic 5504 csi: 5505 description: csi (Container Storage Interface) represents ephemeral 5506 storage that is handled by certain external CSI drivers (Beta 5507 feature). 5508 properties: 5509 driver: 5510 description: driver is the name of the CSI driver that handles 5511 this volume. Consult with your admin for the correct name 5512 as registered in the cluster. 5513 type: string 5514 fsType: 5515 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 5516 If not provided, the empty value is passed to the associated 5517 CSI driver which will determine the default filesystem 5518 to apply. 5519 type: string 5520 nodePublishSecretRef: 5521 description: nodePublishSecretRef is a reference to the 5522 secret object containing sensitive information to pass 5523 to the CSI driver to complete the CSI NodePublishVolume 5524 and NodeUnpublishVolume calls. This field is optional, 5525 and may be empty if no secret is required. If the secret 5526 object contains more than one secret, all secret references 5527 are passed. 5528 properties: 5529 name: 5530 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5531 TODO: Add other useful fields. apiVersion, kind, uid?' 5532 type: string 5533 type: object 5534 x-kubernetes-map-type: atomic 5535 readOnly: 5536 description: readOnly specifies a read-only configuration 5537 for the volume. Defaults to false (read/write). 5538 type: boolean 5539 volumeAttributes: 5540 additionalProperties: 5541 type: string 5542 description: volumeAttributes stores driver-specific properties 5543 that are passed to the CSI driver. Consult your driver's 5544 documentation for supported values. 5545 type: object 5546 required: 5547 - driver 5548 type: object 5549 downwardAPI: 5550 description: downwardAPI represents downward API about the pod 5551 that should populate this volume 5552 properties: 5553 defaultMode: 5554 description: 'Optional: mode bits to use on created files 5555 by default. Must be a Optional: mode bits used to set 5556 permissions on created files by default. Must be an octal 5557 value between 0000 and 0777 or a decimal value between 5558 0 and 511. YAML accepts both octal and decimal values, 5559 JSON requires decimal values for mode bits. Defaults to 5560 0644. Directories within the path are not affected by 5561 this setting. This might be in conflict with other options 5562 that affect the file mode, like fsGroup, and the result 5563 can be other mode bits set.' 5564 format: int32 5565 type: integer 5566 items: 5567 description: Items is a list of downward API volume file 5568 items: 5569 description: DownwardAPIVolumeFile represents information 5570 to create the file containing the pod field 5571 properties: 5572 fieldRef: 5573 description: 'Required: Selects a field of the pod: 5574 only annotations, labels, name and namespace are 5575 supported.' 5576 properties: 5577 apiVersion: 5578 description: Version of the schema the FieldPath 5579 is written in terms of, defaults to "v1". 5580 type: string 5581 fieldPath: 5582 description: Path of the field to select in the 5583 specified API version. 5584 type: string 5585 required: 5586 - fieldPath 5587 type: object 5588 x-kubernetes-map-type: atomic 5589 mode: 5590 description: 'Optional: mode bits used to set permissions 5591 on this file, must be an octal value between 0000 5592 and 0777 or a decimal value between 0 and 511. YAML 5593 accepts both octal and decimal values, JSON requires 5594 decimal values for mode bits. If not specified, 5595 the volume defaultMode will be used. This might 5596 be in conflict with other options that affect the 5597 file mode, like fsGroup, and the result can be other 5598 mode bits set.' 5599 format: int32 5600 type: integer 5601 path: 5602 description: 'Required: Path is the relative path 5603 name of the file to be created. Must not be absolute 5604 or contain the ''..'' path. Must be utf-8 encoded. 5605 The first item of the relative path must not start 5606 with ''..''' 5607 type: string 5608 resourceFieldRef: 5609 description: 'Selects a resource of the container: 5610 only resources limits and requests (limits.cpu, 5611 limits.memory, requests.cpu and requests.memory) 5612 are currently supported.' 5613 properties: 5614 containerName: 5615 description: 'Container name: required for volumes, 5616 optional for env vars' 5617 type: string 5618 divisor: 5619 anyOf: 5620 - type: integer 5621 - type: string 5622 description: Specifies the output format of the 5623 exposed resources, defaults to "1" 5624 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5625 x-kubernetes-int-or-string: true 5626 resource: 5627 description: 'Required: resource to select' 5628 type: string 5629 required: 5630 - resource 5631 type: object 5632 x-kubernetes-map-type: atomic 5633 required: 5634 - path 5635 type: object 5636 type: array 5637 type: object 5638 emptyDir: 5639 description: 'emptyDir represents a temporary directory that 5640 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 5641 properties: 5642 medium: 5643 description: 'medium represents what type of storage medium 5644 should back this directory. The default is "" which means 5645 to use the node''s default medium. Must be an empty string 5646 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 5647 type: string 5648 sizeLimit: 5649 anyOf: 5650 - type: integer 5651 - type: string 5652 description: 'sizeLimit is the total amount of local storage 5653 required for this EmptyDir volume. The size limit is also 5654 applicable for memory medium. The maximum usage on memory 5655 medium EmptyDir would be the minimum value between the 5656 SizeLimit specified here and the sum of memory limits 5657 of all containers in a pod. The default is nil which means 5658 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 5659 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5660 x-kubernetes-int-or-string: true 5661 type: object 5662 ephemeral: 5663 description: "ephemeral represents a volume that is handled 5664 by a cluster storage driver. The volume's lifecycle is tied 5665 to the pod that defines it - it will be created before the 5666 pod starts, and deleted when the pod is removed. \n Use this 5667 if: a) the volume is only needed while the pod runs, b) features 5668 of normal volumes like restoring from snapshot or capacity 5669 tracking are needed, c) the storage driver is specified through 5670 a storage class, and d) the storage driver supports dynamic 5671 volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource 5672 for more information on the connection between this volume 5673 type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 5674 or one of the vendor-specific APIs for volumes that persist 5675 for longer than the lifecycle of an individual pod. \n Use 5676 CSI for light-weight local ephemeral volumes if the CSI driver 5677 is meant to be used that way - see the documentation of the 5678 driver for more information. \n A pod can use both types of 5679 ephemeral volumes and persistent volumes at the same time." 5680 properties: 5681 volumeClaimTemplate: 5682 description: "Will be used to create a stand-alone PVC to 5683 provision the volume. The pod in which this EphemeralVolumeSource 5684 is embedded will be the owner of the PVC, i.e. the PVC 5685 will be deleted together with the pod. The name of the 5686 PVC will be `<pod name>-<volume name>` where `<volume 5687 name>` is the name from the `PodSpec.Volumes` array entry. 5688 Pod validation will reject the pod if the concatenated 5689 name is not valid for a PVC (for example, too long). \n 5690 An existing PVC with that name that is not owned by the 5691 pod will *not* be used for the pod to avoid using an unrelated 5692 volume by mistake. Starting the pod is then blocked until 5693 the unrelated PVC is removed. If such a pre-created PVC 5694 is meant to be used by the pod, the PVC has to updated 5695 with an owner reference to the pod once the pod exists. 5696 Normally this should not be necessary, but it may be useful 5697 when manually reconstructing a broken cluster. \n This 5698 field is read-only and no changes will be made by Kubernetes 5699 to the PVC after it has been created. \n Required, must 5700 not be nil." 5701 properties: 5702 metadata: 5703 description: May contain labels and annotations that 5704 will be copied into the PVC when creating it. No other 5705 fields are allowed and will be rejected during validation. 5706 type: object 5707 spec: 5708 description: The specification for the PersistentVolumeClaim. 5709 The entire content is copied unchanged into the PVC 5710 that gets created from this template. The same fields 5711 as in a PersistentVolumeClaim are also valid here. 5712 properties: 5713 accessModes: 5714 description: 'accessModes contains the desired access 5715 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 5716 items: 5717 type: string 5718 type: array 5719 dataSource: 5720 description: 'dataSource field can be used to specify 5721 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 5722 * An existing PVC (PersistentVolumeClaim) If the 5723 provisioner or an external controller can support 5724 the specified data source, it will create a new 5725 volume based on the contents of the specified 5726 data source. When the AnyVolumeDataSource feature 5727 gate is enabled, dataSource contents will be copied 5728 to dataSourceRef, and dataSourceRef contents will 5729 be copied to dataSource when dataSourceRef.namespace 5730 is not specified. If the namespace is specified, 5731 then dataSourceRef will not be copied to dataSource.' 5732 properties: 5733 apiGroup: 5734 description: APIGroup is the group for the resource 5735 being referenced. If APIGroup is not specified, 5736 the specified Kind must be in the core API 5737 group. For any other third-party types, APIGroup 5738 is required. 5739 type: string 5740 kind: 5741 description: Kind is the type of resource being 5742 referenced 5743 type: string 5744 name: 5745 description: Name is the name of resource being 5746 referenced 5747 type: string 5748 required: 5749 - kind 5750 - name 5751 type: object 5752 x-kubernetes-map-type: atomic 5753 dataSourceRef: 5754 description: 'dataSourceRef specifies the object 5755 from which to populate the volume with data, if 5756 a non-empty volume is desired. This may be any 5757 object from a non-empty API group (non core object) 5758 or a PersistentVolumeClaim object. When this field 5759 is specified, volume binding will only succeed 5760 if the type of the specified object matches some 5761 installed volume populator or dynamic provisioner. 5762 This field will replace the functionality of the 5763 dataSource field and as such if both fields are 5764 non-empty, they must have the same value. For 5765 backwards compatibility, when namespace isn''t 5766 specified in dataSourceRef, both fields (dataSource 5767 and dataSourceRef) will be set to the same value 5768 automatically if one of them is empty and the 5769 other is non-empty. When namespace is specified 5770 in dataSourceRef, dataSource isn''t set to the 5771 same value and must be empty. There are three 5772 important differences between dataSource and dataSourceRef: 5773 * While dataSource only allows two specific types 5774 of objects, dataSourceRef allows any non-core 5775 object, as well as PersistentVolumeClaim objects. 5776 * While dataSource ignores disallowed values (dropping 5777 them), dataSourceRef preserves all values, and 5778 generates an error if a disallowed value is specified. 5779 * While dataSource only allows local objects, 5780 dataSourceRef allows objects in any namespaces. 5781 (Beta) Using this field requires the AnyVolumeDataSource 5782 feature gate to be enabled. (Alpha) Using the 5783 namespace field of dataSourceRef requires the 5784 CrossNamespaceVolumeDataSource feature gate to 5785 be enabled.' 5786 properties: 5787 apiGroup: 5788 description: APIGroup is the group for the resource 5789 being referenced. If APIGroup is not specified, 5790 the specified Kind must be in the core API 5791 group. For any other third-party types, APIGroup 5792 is required. 5793 type: string 5794 kind: 5795 description: Kind is the type of resource being 5796 referenced 5797 type: string 5798 name: 5799 description: Name is the name of resource being 5800 referenced 5801 type: string 5802 namespace: 5803 description: Namespace is the namespace of resource 5804 being referenced Note that when a namespace 5805 is specified, a gateway.networking.k8s.io/ReferenceGrant 5806 object is required in the referent namespace 5807 to allow that namespace's owner to accept 5808 the reference. See the ReferenceGrant documentation 5809 for details. (Alpha) This field requires the 5810 CrossNamespaceVolumeDataSource feature gate 5811 to be enabled. 5812 type: string 5813 required: 5814 - kind 5815 - name 5816 type: object 5817 resources: 5818 description: 'resources represents the minimum resources 5819 the volume should have. If RecoverVolumeExpansionFailure 5820 feature is enabled users are allowed to specify 5821 resource requirements that are lower than previous 5822 value but must still be higher than capacity recorded 5823 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 5824 properties: 5825 claims: 5826 description: "Claims lists the names of resources, 5827 defined in spec.resourceClaims, that are used 5828 by this container. \n This is an alpha field 5829 and requires enabling the DynamicResourceAllocation 5830 feature gate. \n This field is immutable." 5831 items: 5832 description: ResourceClaim references one 5833 entry in PodSpec.ResourceClaims. 5834 properties: 5835 name: 5836 description: Name must match the name 5837 of one entry in pod.spec.resourceClaims 5838 of the Pod where this field is used. 5839 It makes that resource available inside 5840 a container. 5841 type: string 5842 required: 5843 - name 5844 type: object 5845 type: array 5846 x-kubernetes-list-map-keys: 5847 - name 5848 x-kubernetes-list-type: map 5849 limits: 5850 additionalProperties: 5851 anyOf: 5852 - type: integer 5853 - type: string 5854 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5855 x-kubernetes-int-or-string: true 5856 description: 'Limits describes the maximum amount 5857 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5858 type: object 5859 requests: 5860 additionalProperties: 5861 anyOf: 5862 - type: integer 5863 - type: string 5864 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5865 x-kubernetes-int-or-string: true 5866 description: 'Requests describes the minimum 5867 amount of compute resources required. If Requests 5868 is omitted for a container, it defaults to 5869 Limits if that is explicitly specified, otherwise 5870 to an implementation-defined value. More info: 5871 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5872 type: object 5873 type: object 5874 selector: 5875 description: selector is a label query over volumes 5876 to consider for binding. 5877 properties: 5878 matchExpressions: 5879 description: matchExpressions is a list of label 5880 selector requirements. The requirements are 5881 ANDed. 5882 items: 5883 description: A label selector requirement 5884 is a selector that contains values, a key, 5885 and an operator that relates the key and 5886 values. 5887 properties: 5888 key: 5889 description: key is the label key that 5890 the selector applies to. 5891 type: string 5892 operator: 5893 description: operator represents a key's 5894 relationship to a set of values. Valid 5895 operators are In, NotIn, Exists and 5896 DoesNotExist. 5897 type: string 5898 values: 5899 description: values is an array of string 5900 values. If the operator is In or NotIn, 5901 the values array must be non-empty. 5902 If the operator is Exists or DoesNotExist, 5903 the values array must be empty. This 5904 array is replaced during a strategic 5905 merge patch. 5906 items: 5907 type: string 5908 type: array 5909 required: 5910 - key 5911 - operator 5912 type: object 5913 type: array 5914 matchLabels: 5915 additionalProperties: 5916 type: string 5917 description: matchLabels is a map of {key,value} 5918 pairs. A single {key,value} in the matchLabels 5919 map is equivalent to an element of matchExpressions, 5920 whose key field is "key", the operator is 5921 "In", and the values array contains only "value". 5922 The requirements are ANDed. 5923 type: object 5924 type: object 5925 x-kubernetes-map-type: atomic 5926 storageClassName: 5927 description: 'storageClassName is the name of the 5928 StorageClass required by the claim. More info: 5929 https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 5930 type: string 5931 volumeMode: 5932 description: volumeMode defines what type of volume 5933 is required by the claim. Value of Filesystem 5934 is implied when not included in claim spec. 5935 type: string 5936 volumeName: 5937 description: volumeName is the binding reference 5938 to the PersistentVolume backing this claim. 5939 type: string 5940 type: object 5941 required: 5942 - spec 5943 type: object 5944 type: object 5945 fc: 5946 description: fc represents a Fibre Channel resource that is 5947 attached to a kubelet's host machine and then exposed to the 5948 pod. 5949 properties: 5950 fsType: 5951 description: 'fsType is the filesystem type to mount. Must 5952 be a filesystem type supported by the host operating system. 5953 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 5954 if unspecified. TODO: how do we prevent errors in the 5955 filesystem from compromising the machine' 5956 type: string 5957 lun: 5958 description: 'lun is Optional: FC target lun number' 5959 format: int32 5960 type: integer 5961 readOnly: 5962 description: 'readOnly is Optional: Defaults to false (read/write). 5963 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 5964 type: boolean 5965 targetWWNs: 5966 description: 'targetWWNs is Optional: FC target worldwide 5967 names (WWNs)' 5968 items: 5969 type: string 5970 type: array 5971 wwids: 5972 description: 'wwids Optional: FC volume world wide identifiers 5973 (wwids) Either wwids or combination of targetWWNs and 5974 lun must be set, but not both simultaneously.' 5975 items: 5976 type: string 5977 type: array 5978 type: object 5979 flexVolume: 5980 description: flexVolume represents a generic volume resource 5981 that is provisioned/attached using an exec based plugin. 5982 properties: 5983 driver: 5984 description: driver is the name of the driver to use for 5985 this volume. 5986 type: string 5987 fsType: 5988 description: fsType is the filesystem type to mount. Must 5989 be a filesystem type supported by the host operating system. 5990 Ex. "ext4", "xfs", "ntfs". The default filesystem depends 5991 on FlexVolume script. 5992 type: string 5993 options: 5994 additionalProperties: 5995 type: string 5996 description: 'options is Optional: this field holds extra 5997 command options if any.' 5998 type: object 5999 readOnly: 6000 description: 'readOnly is Optional: defaults to false (read/write). 6001 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 6002 type: boolean 6003 secretRef: 6004 description: 'secretRef is Optional: secretRef is reference 6005 to the secret object containing sensitive information 6006 to pass to the plugin scripts. This may be empty if no 6007 secret object is specified. If the secret object contains 6008 more than one secret, all secrets are passed to the plugin 6009 scripts.' 6010 properties: 6011 name: 6012 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6013 TODO: Add other useful fields. apiVersion, kind, uid?' 6014 type: string 6015 type: object 6016 x-kubernetes-map-type: atomic 6017 required: 6018 - driver 6019 type: object 6020 flocker: 6021 description: flocker represents a Flocker volume attached to 6022 a kubelet's host machine. This depends on the Flocker control 6023 service being running 6024 properties: 6025 datasetName: 6026 description: datasetName is Name of the dataset stored as 6027 metadata -> name on the dataset for Flocker should be 6028 considered as deprecated 6029 type: string 6030 datasetUUID: 6031 description: datasetUUID is the UUID of the dataset. This 6032 is unique identifier of a Flocker dataset 6033 type: string 6034 type: object 6035 gcePersistentDisk: 6036 description: 'gcePersistentDisk represents a GCE Disk resource 6037 that is attached to a kubelet''s host machine and then exposed 6038 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6039 properties: 6040 fsType: 6041 description: 'fsType is filesystem type of the volume that 6042 you want to mount. Tip: Ensure that the filesystem type 6043 is supported by the host operating system. Examples: "ext4", 6044 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 6045 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 6046 TODO: how do we prevent errors in the filesystem from 6047 compromising the machine' 6048 type: string 6049 partition: 6050 description: 'partition is the partition in the volume that 6051 you want to mount. If omitted, the default is to mount 6052 by volume name. Examples: For volume /dev/sda1, you specify 6053 the partition as "1". Similarly, the volume partition 6054 for /dev/sda is "0" (or you can leave the property empty). 6055 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6056 format: int32 6057 type: integer 6058 pdName: 6059 description: 'pdName is unique name of the PD resource in 6060 GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6061 type: string 6062 readOnly: 6063 description: 'readOnly here will force the ReadOnly setting 6064 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 6065 type: boolean 6066 required: 6067 - pdName 6068 type: object 6069 gitRepo: 6070 description: 'gitRepo represents a git repository at a particular 6071 revision. DEPRECATED: GitRepo is deprecated. To provision 6072 a container with a git repo, mount an EmptyDir into an InitContainer 6073 that clones the repo using git, then mount the EmptyDir into 6074 the Pod''s container.' 6075 properties: 6076 directory: 6077 description: directory is the target directory name. Must 6078 not contain or start with '..'. If '.' is supplied, the 6079 volume directory will be the git repository. Otherwise, 6080 if specified, the volume will contain the git repository 6081 in the subdirectory with the given name. 6082 type: string 6083 repository: 6084 description: repository is the URL 6085 type: string 6086 revision: 6087 description: revision is the commit hash for the specified 6088 revision. 6089 type: string 6090 required: 6091 - repository 6092 type: object 6093 glusterfs: 6094 description: 'glusterfs represents a Glusterfs mount on the 6095 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 6096 properties: 6097 endpoints: 6098 description: 'endpoints is the endpoint name that details 6099 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6100 type: string 6101 path: 6102 description: 'path is the Glusterfs volume path. More info: 6103 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6104 type: string 6105 readOnly: 6106 description: 'readOnly here will force the Glusterfs volume 6107 to be mounted with read-only permissions. Defaults to 6108 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 6109 type: boolean 6110 required: 6111 - endpoints 6112 - path 6113 type: object 6114 hostPath: 6115 description: 'hostPath represents a pre-existing file or directory 6116 on the host machine that is directly exposed to the container. 6117 This is generally used for system agents or other privileged 6118 things that are allowed to see the host machine. Most containers 6119 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 6120 --- TODO(jonesdl) We need to restrict who can use host directory 6121 mounts and who can/can not mount host directories as read/write.' 6122 properties: 6123 path: 6124 description: 'path of the directory on the host. If the 6125 path is a symlink, it will follow the link to the real 6126 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6127 type: string 6128 type: 6129 description: 'type for HostPath Volume Defaults to "" More 6130 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 6131 type: string 6132 required: 6133 - path 6134 type: object 6135 iscsi: 6136 description: 'iscsi represents an ISCSI Disk resource that is 6137 attached to a kubelet''s host machine and then exposed to 6138 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 6139 properties: 6140 chapAuthDiscovery: 6141 description: chapAuthDiscovery defines whether support iSCSI 6142 Discovery CHAP authentication 6143 type: boolean 6144 chapAuthSession: 6145 description: chapAuthSession defines whether support iSCSI 6146 Session CHAP authentication 6147 type: boolean 6148 fsType: 6149 description: 'fsType is the filesystem type of the volume 6150 that you want to mount. Tip: Ensure that the filesystem 6151 type is supported by the host operating system. Examples: 6152 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 6153 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 6154 TODO: how do we prevent errors in the filesystem from 6155 compromising the machine' 6156 type: string 6157 initiatorName: 6158 description: initiatorName is the custom iSCSI Initiator 6159 Name. If initiatorName is specified with iscsiInterface 6160 simultaneously, new iSCSI interface <target portal>:<volume 6161 name> will be created for the connection. 6162 type: string 6163 iqn: 6164 description: iqn is the target iSCSI Qualified Name. 6165 type: string 6166 iscsiInterface: 6167 description: iscsiInterface is the interface Name that uses 6168 an iSCSI transport. Defaults to 'default' (tcp). 6169 type: string 6170 lun: 6171 description: lun represents iSCSI Target Lun number. 6172 format: int32 6173 type: integer 6174 portals: 6175 description: portals is the iSCSI Target Portal List. The 6176 portal is either an IP or ip_addr:port if the port is 6177 other than default (typically TCP ports 860 and 3260). 6178 items: 6179 type: string 6180 type: array 6181 readOnly: 6182 description: readOnly here will force the ReadOnly setting 6183 in VolumeMounts. Defaults to false. 6184 type: boolean 6185 secretRef: 6186 description: secretRef is the CHAP Secret for iSCSI target 6187 and initiator authentication 6188 properties: 6189 name: 6190 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6191 TODO: Add other useful fields. apiVersion, kind, uid?' 6192 type: string 6193 type: object 6194 x-kubernetes-map-type: atomic 6195 targetPortal: 6196 description: targetPortal is iSCSI Target Portal. The Portal 6197 is either an IP or ip_addr:port if the port is other than 6198 default (typically TCP ports 860 and 3260). 6199 type: string 6200 required: 6201 - iqn 6202 - lun 6203 - targetPortal 6204 type: object 6205 name: 6206 description: 'name of the volume. Must be a DNS_LABEL and unique 6207 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 6208 type: string 6209 nfs: 6210 description: 'nfs represents an NFS mount on the host that shares 6211 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6212 properties: 6213 path: 6214 description: 'path that is exported by the NFS server. More 6215 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6216 type: string 6217 readOnly: 6218 description: 'readOnly here will force the NFS export to 6219 be mounted with read-only permissions. Defaults to false. 6220 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6221 type: boolean 6222 server: 6223 description: 'server is the hostname or IP address of the 6224 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 6225 type: string 6226 required: 6227 - path 6228 - server 6229 type: object 6230 persistentVolumeClaim: 6231 description: 'persistentVolumeClaimVolumeSource represents a 6232 reference to a PersistentVolumeClaim in the same namespace. 6233 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6234 properties: 6235 claimName: 6236 description: 'claimName is the name of a PersistentVolumeClaim 6237 in the same namespace as the pod using this volume. More 6238 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6239 type: string 6240 readOnly: 6241 description: readOnly Will force the ReadOnly setting in 6242 VolumeMounts. Default false. 6243 type: boolean 6244 required: 6245 - claimName 6246 type: object 6247 photonPersistentDisk: 6248 description: photonPersistentDisk represents a PhotonController 6249 persistent disk attached and mounted on kubelets host machine 6250 properties: 6251 fsType: 6252 description: fsType is the filesystem type to mount. Must 6253 be a filesystem type supported by the host operating system. 6254 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 6255 if unspecified. 6256 type: string 6257 pdID: 6258 description: pdID is the ID that identifies Photon Controller 6259 persistent disk 6260 type: string 6261 required: 6262 - pdID 6263 type: object 6264 portworxVolume: 6265 description: portworxVolume represents a portworx volume attached 6266 and mounted on kubelets host machine 6267 properties: 6268 fsType: 6269 description: fSType represents the filesystem type to mount 6270 Must be a filesystem type supported by the host operating 6271 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 6272 if unspecified. 6273 type: string 6274 readOnly: 6275 description: readOnly defaults to false (read/write). ReadOnly 6276 here will force the ReadOnly setting in VolumeMounts. 6277 type: boolean 6278 volumeID: 6279 description: volumeID uniquely identifies a Portworx volume 6280 type: string 6281 required: 6282 - volumeID 6283 type: object 6284 projected: 6285 description: projected items for all in one resources secrets, 6286 configmaps, and downward API 6287 properties: 6288 defaultMode: 6289 description: defaultMode are the mode bits used to set permissions 6290 on created files by default. Must be an octal value between 6291 0000 and 0777 or a decimal value between 0 and 511. YAML 6292 accepts both octal and decimal values, JSON requires decimal 6293 values for mode bits. Directories within the path are 6294 not affected by this setting. This might be in conflict 6295 with other options that affect the file mode, like fsGroup, 6296 and the result can be other mode bits set. 6297 format: int32 6298 type: integer 6299 sources: 6300 description: sources is the list of volume projections 6301 items: 6302 description: Projection that may be projected along with 6303 other supported volume types 6304 properties: 6305 configMap: 6306 description: configMap information about the configMap 6307 data to project 6308 properties: 6309 items: 6310 description: items if unspecified, each key-value 6311 pair in the Data field of the referenced ConfigMap 6312 will be projected into the volume as a file 6313 whose name is the key and content is the value. 6314 If specified, the listed keys will be projected 6315 into the specified paths, and unlisted keys 6316 will not be present. If a key is specified which 6317 is not present in the ConfigMap, the volume 6318 setup will error unless it is marked optional. 6319 Paths must be relative and may not contain the 6320 '..' path or start with '..'. 6321 items: 6322 description: Maps a string key to a path within 6323 a volume. 6324 properties: 6325 key: 6326 description: key is the key to project. 6327 type: string 6328 mode: 6329 description: 'mode is Optional: mode bits 6330 used to set permissions on this file. 6331 Must be an octal value between 0000 and 6332 0777 or a decimal value between 0 and 6333 511. YAML accepts both octal and decimal 6334 values, JSON requires decimal values for 6335 mode bits. If not specified, the volume 6336 defaultMode will be used. This might be 6337 in conflict with other options that affect 6338 the file mode, like fsGroup, and the result 6339 can be other mode bits set.' 6340 format: int32 6341 type: integer 6342 path: 6343 description: path is the relative path of 6344 the file to map the key to. May not be 6345 an absolute path. May not contain the 6346 path element '..'. May not start with 6347 the string '..'. 6348 type: string 6349 required: 6350 - key 6351 - path 6352 type: object 6353 type: array 6354 name: 6355 description: 'Name of the referent. More info: 6356 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6357 TODO: Add other useful fields. apiVersion, kind, 6358 uid?' 6359 type: string 6360 optional: 6361 description: optional specify whether the ConfigMap 6362 or its keys must be defined 6363 type: boolean 6364 type: object 6365 x-kubernetes-map-type: atomic 6366 downwardAPI: 6367 description: downwardAPI information about the downwardAPI 6368 data to project 6369 properties: 6370 items: 6371 description: Items is a list of DownwardAPIVolume 6372 file 6373 items: 6374 description: DownwardAPIVolumeFile represents 6375 information to create the file containing 6376 the pod field 6377 properties: 6378 fieldRef: 6379 description: 'Required: Selects a field 6380 of the pod: only annotations, labels, 6381 name and namespace are supported.' 6382 properties: 6383 apiVersion: 6384 description: Version of the schema the 6385 FieldPath is written in terms of, 6386 defaults to "v1". 6387 type: string 6388 fieldPath: 6389 description: Path of the field to select 6390 in the specified API version. 6391 type: string 6392 required: 6393 - fieldPath 6394 type: object 6395 x-kubernetes-map-type: atomic 6396 mode: 6397 description: 'Optional: mode bits used to 6398 set permissions on this file, must be 6399 an octal value between 0000 and 0777 or 6400 a decimal value between 0 and 511. YAML 6401 accepts both octal and decimal values, 6402 JSON requires decimal values for mode 6403 bits. If not specified, the volume defaultMode 6404 will be used. This might be in conflict 6405 with other options that affect the file 6406 mode, like fsGroup, and the result can 6407 be other mode bits set.' 6408 format: int32 6409 type: integer 6410 path: 6411 description: 'Required: Path is the relative 6412 path name of the file to be created. Must 6413 not be absolute or contain the ''..'' 6414 path. Must be utf-8 encoded. The first 6415 item of the relative path must not start 6416 with ''..''' 6417 type: string 6418 resourceFieldRef: 6419 description: 'Selects a resource of the 6420 container: only resources limits and requests 6421 (limits.cpu, limits.memory, requests.cpu 6422 and requests.memory) are currently supported.' 6423 properties: 6424 containerName: 6425 description: 'Container name: required 6426 for volumes, optional for env vars' 6427 type: string 6428 divisor: 6429 anyOf: 6430 - type: integer 6431 - type: string 6432 description: Specifies the output format 6433 of the exposed resources, defaults 6434 to "1" 6435 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6436 x-kubernetes-int-or-string: true 6437 resource: 6438 description: 'Required: resource to 6439 select' 6440 type: string 6441 required: 6442 - resource 6443 type: object 6444 x-kubernetes-map-type: atomic 6445 required: 6446 - path 6447 type: object 6448 type: array 6449 type: object 6450 secret: 6451 description: secret information about the secret data 6452 to project 6453 properties: 6454 items: 6455 description: items if unspecified, each key-value 6456 pair in the Data field of the referenced Secret 6457 will be projected into the volume as a file 6458 whose name is the key and content is the value. 6459 If specified, the listed keys will be projected 6460 into the specified paths, and unlisted keys 6461 will not be present. If a key is specified which 6462 is not present in the Secret, the volume setup 6463 will error unless it is marked optional. Paths 6464 must be relative and may not contain the '..' 6465 path or start with '..'. 6466 items: 6467 description: Maps a string key to a path within 6468 a volume. 6469 properties: 6470 key: 6471 description: key is the key to project. 6472 type: string 6473 mode: 6474 description: 'mode is Optional: mode bits 6475 used to set permissions on this file. 6476 Must be an octal value between 0000 and 6477 0777 or a decimal value between 0 and 6478 511. YAML accepts both octal and decimal 6479 values, JSON requires decimal values for 6480 mode bits. If not specified, the volume 6481 defaultMode will be used. This might be 6482 in conflict with other options that affect 6483 the file mode, like fsGroup, and the result 6484 can be other mode bits set.' 6485 format: int32 6486 type: integer 6487 path: 6488 description: path is the relative path of 6489 the file to map the key to. May not be 6490 an absolute path. May not contain the 6491 path element '..'. May not start with 6492 the string '..'. 6493 type: string 6494 required: 6495 - key 6496 - path 6497 type: object 6498 type: array 6499 name: 6500 description: 'Name of the referent. More info: 6501 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6502 TODO: Add other useful fields. apiVersion, kind, 6503 uid?' 6504 type: string 6505 optional: 6506 description: optional field specify whether the 6507 Secret or its key must be defined 6508 type: boolean 6509 type: object 6510 x-kubernetes-map-type: atomic 6511 serviceAccountToken: 6512 description: serviceAccountToken is information about 6513 the serviceAccountToken data to project 6514 properties: 6515 audience: 6516 description: audience is the intended audience 6517 of the token. A recipient of a token must identify 6518 itself with an identifier specified in the audience 6519 of the token, and otherwise should reject the 6520 token. The audience defaults to the identifier 6521 of the apiserver. 6522 type: string 6523 expirationSeconds: 6524 description: expirationSeconds is the requested 6525 duration of validity of the service account 6526 token. As the token approaches expiration, the 6527 kubelet volume plugin will proactively rotate 6528 the service account token. The kubelet will 6529 start trying to rotate the token if the token 6530 is older than 80 percent of its time to live 6531 or if the token is older than 24 hours.Defaults 6532 to 1 hour and must be at least 10 minutes. 6533 format: int64 6534 type: integer 6535 path: 6536 description: path is the path relative to the 6537 mount point of the file to project the token 6538 into. 6539 type: string 6540 required: 6541 - path 6542 type: object 6543 type: object 6544 type: array 6545 type: object 6546 quobyte: 6547 description: quobyte represents a Quobyte mount on the host 6548 that shares a pod's lifetime 6549 properties: 6550 group: 6551 description: group to map volume access to Default is no 6552 group 6553 type: string 6554 readOnly: 6555 description: readOnly here will force the Quobyte volume 6556 to be mounted with read-only permissions. Defaults to 6557 false. 6558 type: boolean 6559 registry: 6560 description: registry represents a single or multiple Quobyte 6561 Registry services specified as a string as host:port pair 6562 (multiple entries are separated with commas) which acts 6563 as the central registry for volumes 6564 type: string 6565 tenant: 6566 description: tenant owning the given Quobyte volume in the 6567 Backend Used with dynamically provisioned Quobyte volumes, 6568 value is set by the plugin 6569 type: string 6570 user: 6571 description: user to map volume access to Defaults to serivceaccount 6572 user 6573 type: string 6574 volume: 6575 description: volume is a string that references an already 6576 created Quobyte volume by name. 6577 type: string 6578 required: 6579 - registry 6580 - volume 6581 type: object 6582 rbd: 6583 description: 'rbd represents a Rados Block Device mount on the 6584 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 6585 properties: 6586 fsType: 6587 description: 'fsType is the filesystem type of the volume 6588 that you want to mount. Tip: Ensure that the filesystem 6589 type is supported by the host operating system. Examples: 6590 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 6591 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 6592 TODO: how do we prevent errors in the filesystem from 6593 compromising the machine' 6594 type: string 6595 image: 6596 description: 'image is the rados image name. More info: 6597 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6598 type: string 6599 keyring: 6600 description: 'keyring is the path to key ring for RBDUser. 6601 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6602 type: string 6603 monitors: 6604 description: 'monitors is a collection of Ceph monitors. 6605 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6606 items: 6607 type: string 6608 type: array 6609 pool: 6610 description: 'pool is the rados pool name. Default is rbd. 6611 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6612 type: string 6613 readOnly: 6614 description: 'readOnly here will force the ReadOnly setting 6615 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6616 type: boolean 6617 secretRef: 6618 description: 'secretRef is name of the authentication secret 6619 for RBDUser. If provided overrides keyring. Default is 6620 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6621 properties: 6622 name: 6623 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6624 TODO: Add other useful fields. apiVersion, kind, uid?' 6625 type: string 6626 type: object 6627 x-kubernetes-map-type: atomic 6628 user: 6629 description: 'user is the rados user name. Default is admin. 6630 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 6631 type: string 6632 required: 6633 - image 6634 - monitors 6635 type: object 6636 scaleIO: 6637 description: scaleIO represents a ScaleIO persistent volume 6638 attached and mounted on Kubernetes nodes. 6639 properties: 6640 fsType: 6641 description: fsType is the filesystem type to mount. Must 6642 be a filesystem type supported by the host operating system. 6643 Ex. "ext4", "xfs", "ntfs". Default is "xfs". 6644 type: string 6645 gateway: 6646 description: gateway is the host address of the ScaleIO 6647 API Gateway. 6648 type: string 6649 protectionDomain: 6650 description: protectionDomain is the name of the ScaleIO 6651 Protection Domain for the configured storage. 6652 type: string 6653 readOnly: 6654 description: readOnly Defaults to false (read/write). ReadOnly 6655 here will force the ReadOnly setting in VolumeMounts. 6656 type: boolean 6657 secretRef: 6658 description: secretRef references to the secret for ScaleIO 6659 user and other sensitive information. If this is not provided, 6660 Login operation will fail. 6661 properties: 6662 name: 6663 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6664 TODO: Add other useful fields. apiVersion, kind, uid?' 6665 type: string 6666 type: object 6667 x-kubernetes-map-type: atomic 6668 sslEnabled: 6669 description: sslEnabled Flag enable/disable SSL communication 6670 with Gateway, default false 6671 type: boolean 6672 storageMode: 6673 description: storageMode indicates whether the storage for 6674 a volume should be ThickProvisioned or ThinProvisioned. 6675 Default is ThinProvisioned. 6676 type: string 6677 storagePool: 6678 description: storagePool is the ScaleIO Storage Pool associated 6679 with the protection domain. 6680 type: string 6681 system: 6682 description: system is the name of the storage system as 6683 configured in ScaleIO. 6684 type: string 6685 volumeName: 6686 description: volumeName is the name of a volume already 6687 created in the ScaleIO system that is associated with 6688 this volume source. 6689 type: string 6690 required: 6691 - gateway 6692 - secretRef 6693 - system 6694 type: object 6695 secret: 6696 description: 'secret represents a secret that should populate 6697 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 6698 properties: 6699 defaultMode: 6700 description: 'defaultMode is Optional: mode bits used to 6701 set permissions on created files by default. Must be an 6702 octal value between 0000 and 0777 or a decimal value between 6703 0 and 511. YAML accepts both octal and decimal values, 6704 JSON requires decimal values for mode bits. Defaults to 6705 0644. Directories within the path are not affected by 6706 this setting. This might be in conflict with other options 6707 that affect the file mode, like fsGroup, and the result 6708 can be other mode bits set.' 6709 format: int32 6710 type: integer 6711 items: 6712 description: items If unspecified, each key-value pair in 6713 the Data field of the referenced Secret will be projected 6714 into the volume as a file whose name is the key and content 6715 is the value. If specified, the listed keys will be projected 6716 into the specified paths, and unlisted keys will not be 6717 present. If a key is specified which is not present in 6718 the Secret, the volume setup will error unless it is marked 6719 optional. Paths must be relative and may not contain the 6720 '..' path or start with '..'. 6721 items: 6722 description: Maps a string key to a path within a volume. 6723 properties: 6724 key: 6725 description: key is the key to project. 6726 type: string 6727 mode: 6728 description: 'mode is Optional: mode bits used to 6729 set permissions on this file. Must be an octal value 6730 between 0000 and 0777 or a decimal value between 6731 0 and 511. YAML accepts both octal and decimal values, 6732 JSON requires decimal values for mode bits. If not 6733 specified, the volume defaultMode will be used. 6734 This might be in conflict with other options that 6735 affect the file mode, like fsGroup, and the result 6736 can be other mode bits set.' 6737 format: int32 6738 type: integer 6739 path: 6740 description: path is the relative path of the file 6741 to map the key to. May not be an absolute path. 6742 May not contain the path element '..'. May not start 6743 with the string '..'. 6744 type: string 6745 required: 6746 - key 6747 - path 6748 type: object 6749 type: array 6750 optional: 6751 description: optional field specify whether the Secret or 6752 its keys must be defined 6753 type: boolean 6754 secretName: 6755 description: 'secretName is the name of the secret in the 6756 pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 6757 type: string 6758 type: object 6759 storageos: 6760 description: storageOS represents a StorageOS volume attached 6761 and mounted on Kubernetes nodes. 6762 properties: 6763 fsType: 6764 description: fsType is the filesystem type to mount. Must 6765 be a filesystem type supported by the host operating system. 6766 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 6767 if unspecified. 6768 type: string 6769 readOnly: 6770 description: readOnly defaults to false (read/write). ReadOnly 6771 here will force the ReadOnly setting in VolumeMounts. 6772 type: boolean 6773 secretRef: 6774 description: secretRef specifies the secret to use for obtaining 6775 the StorageOS API credentials. If not specified, default 6776 values will be attempted. 6777 properties: 6778 name: 6779 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6780 TODO: Add other useful fields. apiVersion, kind, uid?' 6781 type: string 6782 type: object 6783 x-kubernetes-map-type: atomic 6784 volumeName: 6785 description: volumeName is the human-readable name of the 6786 StorageOS volume. Volume names are only unique within 6787 a namespace. 6788 type: string 6789 volumeNamespace: 6790 description: volumeNamespace specifies the scope of the 6791 volume within StorageOS. If no namespace is specified 6792 then the Pod's namespace will be used. This allows the 6793 Kubernetes name scoping to be mirrored within StorageOS 6794 for tighter integration. Set VolumeName to any name to 6795 override the default behaviour. Set to "default" if you 6796 are not using namespaces within StorageOS. Namespaces 6797 that do not pre-exist within StorageOS will be created. 6798 type: string 6799 type: object 6800 vsphereVolume: 6801 description: vsphereVolume represents a vSphere volume attached 6802 and mounted on kubelets host machine 6803 properties: 6804 fsType: 6805 description: fsType is filesystem type to mount. Must be 6806 a filesystem type supported by the host operating system. 6807 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 6808 if unspecified. 6809 type: string 6810 storagePolicyID: 6811 description: storagePolicyID is the storage Policy Based 6812 Management (SPBM) profile ID associated with the StoragePolicyName. 6813 type: string 6814 storagePolicyName: 6815 description: storagePolicyName is the storage Policy Based 6816 Management (SPBM) profile name. 6817 type: string 6818 volumePath: 6819 description: volumePath is the path that identifies vSphere 6820 volume vmdk 6821 type: string 6822 required: 6823 - volumePath 6824 type: object 6825 required: 6826 - name 6827 type: object 6828 type: array 6829 web: 6830 description: Defines the web command line flags when starting Alertmanager. 6831 properties: 6832 httpConfig: 6833 description: Defines HTTP parameters for web server. 6834 properties: 6835 headers: 6836 description: List of headers that can be added to HTTP responses. 6837 properties: 6838 contentSecurityPolicy: 6839 description: Set the Content-Security-Policy header to 6840 HTTP responses. Unset if blank. 6841 type: string 6842 strictTransportSecurity: 6843 description: Set the Strict-Transport-Security header 6844 to HTTP responses. Unset if blank. Please make sure 6845 that you use this with care as this header might force 6846 browsers to load Prometheus and the other applications 6847 hosted on the same domain and subdomains over HTTPS. 6848 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security 6849 type: string 6850 xContentTypeOptions: 6851 description: Set the X-Content-Type-Options header to 6852 HTTP responses. Unset if blank. Accepted value is nosniff. 6853 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options 6854 enum: 6855 - "" 6856 - NoSniff 6857 type: string 6858 xFrameOptions: 6859 description: Set the X-Frame-Options header to HTTP responses. 6860 Unset if blank. Accepted values are deny and sameorigin. 6861 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options 6862 enum: 6863 - "" 6864 - Deny 6865 - SameOrigin 6866 type: string 6867 xXSSProtection: 6868 description: Set the X-XSS-Protection header to all responses. 6869 Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection 6870 type: string 6871 type: object 6872 http2: 6873 description: Enable HTTP/2 support. Note that HTTP/2 is only 6874 supported with TLS. When TLSConfig is not configured, HTTP/2 6875 will be disabled. Whenever the value of the field changes, 6876 a rolling update will be triggered. 6877 type: boolean 6878 type: object 6879 tlsConfig: 6880 description: Defines the TLS parameters for HTTPS. 6881 properties: 6882 cert: 6883 description: Contains the TLS certificate for the server. 6884 properties: 6885 configMap: 6886 description: ConfigMap containing data to use for the 6887 targets. 6888 properties: 6889 key: 6890 description: The key to select. 6891 type: string 6892 name: 6893 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6894 TODO: Add other useful fields. apiVersion, kind, 6895 uid?' 6896 type: string 6897 optional: 6898 description: Specify whether the ConfigMap or its 6899 key must be defined 6900 type: boolean 6901 required: 6902 - key 6903 type: object 6904 x-kubernetes-map-type: atomic 6905 secret: 6906 description: Secret containing data to use for the targets. 6907 properties: 6908 key: 6909 description: The key of the secret to select from. Must 6910 be a valid secret key. 6911 type: string 6912 name: 6913 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6914 TODO: Add other useful fields. apiVersion, kind, 6915 uid?' 6916 type: string 6917 optional: 6918 description: Specify whether the Secret or its key 6919 must be defined 6920 type: boolean 6921 required: 6922 - key 6923 type: object 6924 x-kubernetes-map-type: atomic 6925 type: object 6926 cipherSuites: 6927 description: 'List of supported cipher suites for TLS versions 6928 up to TLS 1.2. If empty, Go default cipher suites are used. 6929 Available cipher suites are documented in the go documentation: 6930 https://golang.org/pkg/crypto/tls/#pkg-constants' 6931 items: 6932 type: string 6933 type: array 6934 client_ca: 6935 description: Contains the CA certificate for client certificate 6936 authentication to the server. 6937 properties: 6938 configMap: 6939 description: ConfigMap containing data to use for the 6940 targets. 6941 properties: 6942 key: 6943 description: The key to select. 6944 type: string 6945 name: 6946 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6947 TODO: Add other useful fields. apiVersion, kind, 6948 uid?' 6949 type: string 6950 optional: 6951 description: Specify whether the ConfigMap or its 6952 key must be defined 6953 type: boolean 6954 required: 6955 - key 6956 type: object 6957 x-kubernetes-map-type: atomic 6958 secret: 6959 description: Secret containing data to use for the targets. 6960 properties: 6961 key: 6962 description: The key of the secret to select from. Must 6963 be a valid secret key. 6964 type: string 6965 name: 6966 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6967 TODO: Add other useful fields. apiVersion, kind, 6968 uid?' 6969 type: string 6970 optional: 6971 description: Specify whether the Secret or its key 6972 must be defined 6973 type: boolean 6974 required: 6975 - key 6976 type: object 6977 x-kubernetes-map-type: atomic 6978 type: object 6979 clientAuthType: 6980 description: 'Server policy for client authentication. Maps 6981 to ClientAuth Policies. For more detail on clientAuth options: 6982 https://golang.org/pkg/crypto/tls/#ClientAuthType' 6983 type: string 6984 curvePreferences: 6985 description: 'Elliptic curves that will be used in an ECDHE 6986 handshake, in preference order. Available curves are documented 6987 in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' 6988 items: 6989 type: string 6990 type: array 6991 keySecret: 6992 description: Secret containing the TLS key for the server. 6993 properties: 6994 key: 6995 description: The key of the secret to select from. Must 6996 be a valid secret key. 6997 type: string 6998 name: 6999 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7000 TODO: Add other useful fields. apiVersion, kind, uid?' 7001 type: string 7002 optional: 7003 description: Specify whether the Secret or its key must 7004 be defined 7005 type: boolean 7006 required: 7007 - key 7008 type: object 7009 x-kubernetes-map-type: atomic 7010 maxVersion: 7011 description: Maximum TLS version that is acceptable. Defaults 7012 to TLS13. 7013 type: string 7014 minVersion: 7015 description: Minimum TLS version that is acceptable. Defaults 7016 to TLS12. 7017 type: string 7018 preferServerCipherSuites: 7019 description: Controls whether the server selects the client's 7020 most preferred cipher suite, or the server's most preferred 7021 cipher suite. If true then the server's preference, as expressed 7022 in the order of elements in cipherSuites, is used. 7023 type: boolean 7024 required: 7025 - cert 7026 - keySecret 7027 type: object 7028 type: object 7029 type: object 7030 status: 7031 description: 'Most recent observed status of the Alertmanager cluster. 7032 Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 7033 properties: 7034 availableReplicas: 7035 description: Total number of available pods (ready for at least minReadySeconds) 7036 targeted by this Alertmanager cluster. 7037 format: int32 7038 type: integer 7039 conditions: 7040 description: The current state of the Alertmanager object. 7041 items: 7042 description: Condition represents the state of the resources associated 7043 with the Prometheus or Alertmanager resource. 7044 properties: 7045 lastTransitionTime: 7046 description: lastTransitionTime is the time of the last update 7047 to the current status property. 7048 format: date-time 7049 type: string 7050 message: 7051 description: Human-readable message indicating details for the 7052 condition's last transition. 7053 type: string 7054 observedGeneration: 7055 description: ObservedGeneration represents the .metadata.generation 7056 that the condition was set based upon. For instance, if `.metadata.generation` 7057 is currently 12, but the `.status.conditions[].observedGeneration` 7058 is 9, the condition is out of date with respect to the current 7059 state of the instance. 7060 format: int64 7061 type: integer 7062 reason: 7063 description: Reason for the condition's last transition. 7064 type: string 7065 status: 7066 description: Status of the condition. 7067 type: string 7068 type: 7069 description: Type of the condition being reported. 7070 type: string 7071 required: 7072 - lastTransitionTime 7073 - status 7074 - type 7075 type: object 7076 type: array 7077 x-kubernetes-list-map-keys: 7078 - type 7079 x-kubernetes-list-type: map 7080 paused: 7081 description: Represents whether any actions on the underlying managed 7082 objects are being performed. Only delete actions will be performed. 7083 type: boolean 7084 replicas: 7085 description: Total number of non-terminated pods targeted by this 7086 Alertmanager object (their labels match the selector). 7087 format: int32 7088 type: integer 7089 unavailableReplicas: 7090 description: Total number of unavailable pods targeted by this Alertmanager 7091 object. 7092 format: int32 7093 type: integer 7094 updatedReplicas: 7095 description: Total number of non-terminated pods targeted by this 7096 Alertmanager object that have the desired version spec. 7097 format: int32 7098 type: integer 7099 required: 7100 - availableReplicas 7101 - paused 7102 - replicas 7103 - unavailableReplicas 7104 - updatedReplicas 7105 type: object 7106 required: 7107 - spec 7108 type: object 7109 served: true 7110 storage: true 7111 subresources: 7112 status: {}