github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/prometheus-community/kube-prometheus-stack/crds/crd-prometheuses.yaml (about) 1 # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml 2 --- 3 apiVersion: apiextensions.k8s.io/v1 4 kind: CustomResourceDefinition 5 metadata: 6 annotations: 7 controller-gen.kubebuilder.io/version: v0.11.1 8 creationTimestamp: null 9 name: prometheuses.monitoring.coreos.com 10 spec: 11 group: monitoring.coreos.com 12 names: 13 categories: 14 - prometheus-operator 15 kind: Prometheus 16 listKind: PrometheusList 17 plural: prometheuses 18 shortNames: 19 - prom 20 singular: prometheus 21 scope: Namespaced 22 versions: 23 - additionalPrinterColumns: 24 - description: The version of Prometheus 25 jsonPath: .spec.version 26 name: Version 27 type: string 28 - description: The number of desired replicas 29 jsonPath: .spec.replicas 30 name: Desired 31 type: integer 32 - description: The number of ready replicas 33 jsonPath: .status.availableReplicas 34 name: Ready 35 type: integer 36 - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status 37 name: Reconciled 38 type: string 39 - jsonPath: .status.conditions[?(@.type == 'Available')].status 40 name: Available 41 type: string 42 - jsonPath: .metadata.creationTimestamp 43 name: Age 44 type: date 45 - description: Whether the resource reconciliation is paused or not 46 jsonPath: .status.paused 47 name: Paused 48 priority: 1 49 type: boolean 50 name: v1 51 schema: 52 openAPIV3Schema: 53 description: Prometheus defines a Prometheus deployment. 54 properties: 55 apiVersion: 56 description: 'APIVersion defines the versioned schema of this representation 57 of an object. Servers should convert recognized schemas to the latest 58 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 59 type: string 60 kind: 61 description: 'Kind is a string value representing the REST resource this 62 object represents. Servers may infer this from the endpoint the client 63 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 64 type: string 65 metadata: 66 type: object 67 spec: 68 description: 'Specification of the desired behavior of the Prometheus 69 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 70 properties: 71 additionalAlertManagerConfigs: 72 description: 'AdditionalAlertManagerConfigs allows specifying a key 73 of a Secret containing additional Prometheus AlertManager configurations. 74 AlertManager configurations specified are appended to the configurations 75 generated by the Prometheus Operator. Job configurations specified 76 must have the form as specified in the official Prometheus documentation: 77 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. 78 As AlertManager configs are appended, the user is responsible to 79 make sure it is valid. Note that using this feature may expose the 80 possibility to break upgrades of Prometheus. It is advised to review 81 Prometheus release notes to ensure that no incompatible AlertManager 82 configs are going to break Prometheus after the upgrade.' 83 properties: 84 key: 85 description: The key of the secret to select from. Must be a 86 valid secret key. 87 type: string 88 name: 89 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 90 TODO: Add other useful fields. apiVersion, kind, uid?' 91 type: string 92 optional: 93 description: Specify whether the Secret or its key must be defined 94 type: boolean 95 required: 96 - key 97 type: object 98 x-kubernetes-map-type: atomic 99 additionalAlertRelabelConfigs: 100 description: 'AdditionalAlertRelabelConfigs allows specifying a key 101 of a Secret containing additional Prometheus alert relabel configurations. 102 Alert relabel configurations specified are appended to the configurations 103 generated by the Prometheus Operator. Alert relabel configurations 104 specified must have the form as specified in the official Prometheus 105 documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. 106 As alert relabel configs are appended, the user is responsible to 107 make sure it is valid. Note that using this feature may expose the 108 possibility to break upgrades of Prometheus. It is advised to review 109 Prometheus release notes to ensure that no incompatible alert relabel 110 configs are going to break Prometheus after the upgrade.' 111 properties: 112 key: 113 description: The key of the secret to select from. Must be a 114 valid secret key. 115 type: string 116 name: 117 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 118 TODO: Add other useful fields. apiVersion, kind, uid?' 119 type: string 120 optional: 121 description: Specify whether the Secret or its key must be defined 122 type: boolean 123 required: 124 - key 125 type: object 126 x-kubernetes-map-type: atomic 127 additionalArgs: 128 description: AdditionalArgs allows setting additional arguments for 129 the Prometheus container. It is intended for e.g. activating hidden 130 flags which are not supported by the dedicated configuration options 131 yet. The arguments are passed as-is to the Prometheus container 132 which may cause issues if they are invalid or not supported by the 133 given Prometheus version. In case of an argument conflict (e.g. 134 an argument which is already set by the operator itself) or when 135 providing an invalid argument the reconciliation will fail and an 136 error will be logged. 137 items: 138 description: Argument as part of the AdditionalArgs list. 139 properties: 140 name: 141 description: Name of the argument, e.g. "scrape.discovery-reload-interval". 142 minLength: 1 143 type: string 144 value: 145 description: Argument value, e.g. 30s. Can be empty for name-only 146 arguments (e.g. --storage.tsdb.no-lockfile) 147 type: string 148 required: 149 - name 150 type: object 151 type: array 152 additionalScrapeConfigs: 153 description: 'AdditionalScrapeConfigs allows specifying a key of a 154 Secret containing additional Prometheus scrape configurations. Scrape 155 configurations specified are appended to the configurations generated 156 by the Prometheus Operator. Job configurations specified must have 157 the form as specified in the official Prometheus documentation: 158 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. 159 As scrape configs are appended, the user is responsible to make 160 sure it is valid. Note that using this feature may expose the possibility 161 to break upgrades of Prometheus. It is advised to review Prometheus 162 release notes to ensure that no incompatible scrape configs are 163 going to break Prometheus after the upgrade.' 164 properties: 165 key: 166 description: The key of the secret to select from. Must be a 167 valid secret key. 168 type: string 169 name: 170 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 171 TODO: Add other useful fields. apiVersion, kind, uid?' 172 type: string 173 optional: 174 description: Specify whether the Secret or its key must be defined 175 type: boolean 176 required: 177 - key 178 type: object 179 x-kubernetes-map-type: atomic 180 affinity: 181 description: If specified, the pod's scheduling constraints. 182 properties: 183 nodeAffinity: 184 description: Describes node affinity scheduling rules for the 185 pod. 186 properties: 187 preferredDuringSchedulingIgnoredDuringExecution: 188 description: The scheduler will prefer to schedule pods to 189 nodes that satisfy the affinity expressions specified by 190 this field, but it may choose a node that violates one or 191 more of the expressions. The node that is most preferred 192 is the one with the greatest sum of weights, i.e. for each 193 node that meets all of the scheduling requirements (resource 194 request, requiredDuringScheduling affinity expressions, 195 etc.), compute a sum by iterating through the elements of 196 this field and adding "weight" to the sum if the node matches 197 the corresponding matchExpressions; the node(s) with the 198 highest sum are the most preferred. 199 items: 200 description: An empty preferred scheduling term matches 201 all objects with implicit weight 0 (i.e. it's a no-op). 202 A null preferred scheduling term matches no objects (i.e. 203 is also a no-op). 204 properties: 205 preference: 206 description: A node selector term, associated with the 207 corresponding weight. 208 properties: 209 matchExpressions: 210 description: A list of node selector requirements 211 by node's labels. 212 items: 213 description: A node selector requirement is a 214 selector that contains values, a key, and an 215 operator that relates the key and values. 216 properties: 217 key: 218 description: The label key that the selector 219 applies to. 220 type: string 221 operator: 222 description: Represents a key's relationship 223 to a set of values. Valid operators are 224 In, NotIn, Exists, DoesNotExist. Gt, and 225 Lt. 226 type: string 227 values: 228 description: An array of string values. If 229 the operator is In or NotIn, the values 230 array must be non-empty. If the operator 231 is Exists or DoesNotExist, the values array 232 must be empty. If the operator is Gt or 233 Lt, the values array must have a single 234 element, which will be interpreted as an 235 integer. This array is replaced during a 236 strategic merge patch. 237 items: 238 type: string 239 type: array 240 required: 241 - key 242 - operator 243 type: object 244 type: array 245 matchFields: 246 description: A list of node selector requirements 247 by node's fields. 248 items: 249 description: A node selector requirement is a 250 selector that contains values, a key, and an 251 operator that relates the key and values. 252 properties: 253 key: 254 description: The label key that the selector 255 applies to. 256 type: string 257 operator: 258 description: Represents a key's relationship 259 to a set of values. Valid operators are 260 In, NotIn, Exists, DoesNotExist. Gt, and 261 Lt. 262 type: string 263 values: 264 description: An array of string values. If 265 the operator is In or NotIn, the values 266 array must be non-empty. If the operator 267 is Exists or DoesNotExist, the values array 268 must be empty. If the operator is Gt or 269 Lt, the values array must have a single 270 element, which will be interpreted as an 271 integer. This array is replaced during a 272 strategic merge patch. 273 items: 274 type: string 275 type: array 276 required: 277 - key 278 - operator 279 type: object 280 type: array 281 type: object 282 x-kubernetes-map-type: atomic 283 weight: 284 description: Weight associated with matching the corresponding 285 nodeSelectorTerm, in the range 1-100. 286 format: int32 287 type: integer 288 required: 289 - preference 290 - weight 291 type: object 292 type: array 293 requiredDuringSchedulingIgnoredDuringExecution: 294 description: If the affinity requirements specified by this 295 field are not met at scheduling time, the pod will not be 296 scheduled onto the node. If the affinity requirements specified 297 by this field cease to be met at some point during pod execution 298 (e.g. due to an update), the system may or may not try to 299 eventually evict the pod from its node. 300 properties: 301 nodeSelectorTerms: 302 description: Required. A list of node selector terms. 303 The terms are ORed. 304 items: 305 description: A null or empty node selector term matches 306 no objects. The requirements of them are ANDed. The 307 TopologySelectorTerm type implements a subset of the 308 NodeSelectorTerm. 309 properties: 310 matchExpressions: 311 description: A list of node selector requirements 312 by node's labels. 313 items: 314 description: A node selector requirement is a 315 selector that contains values, a key, and an 316 operator that relates the key and values. 317 properties: 318 key: 319 description: The label key that the selector 320 applies to. 321 type: string 322 operator: 323 description: Represents a key's relationship 324 to a set of values. Valid operators are 325 In, NotIn, Exists, DoesNotExist. Gt, and 326 Lt. 327 type: string 328 values: 329 description: An array of string values. If 330 the operator is In or NotIn, the values 331 array must be non-empty. If the operator 332 is Exists or DoesNotExist, the values array 333 must be empty. If the operator is Gt or 334 Lt, the values array must have a single 335 element, which will be interpreted as an 336 integer. This array is replaced during a 337 strategic merge patch. 338 items: 339 type: string 340 type: array 341 required: 342 - key 343 - operator 344 type: object 345 type: array 346 matchFields: 347 description: A list of node selector requirements 348 by node's fields. 349 items: 350 description: A node selector requirement is a 351 selector that contains values, a key, and an 352 operator that relates the key and values. 353 properties: 354 key: 355 description: The label key that the selector 356 applies to. 357 type: string 358 operator: 359 description: Represents a key's relationship 360 to a set of values. Valid operators are 361 In, NotIn, Exists, DoesNotExist. Gt, and 362 Lt. 363 type: string 364 values: 365 description: An array of string values. If 366 the operator is In or NotIn, the values 367 array must be non-empty. If the operator 368 is Exists or DoesNotExist, the values array 369 must be empty. If the operator is Gt or 370 Lt, the values array must have a single 371 element, which will be interpreted as an 372 integer. This array is replaced during a 373 strategic merge patch. 374 items: 375 type: string 376 type: array 377 required: 378 - key 379 - operator 380 type: object 381 type: array 382 type: object 383 x-kubernetes-map-type: atomic 384 type: array 385 required: 386 - nodeSelectorTerms 387 type: object 388 x-kubernetes-map-type: atomic 389 type: object 390 podAffinity: 391 description: Describes pod affinity scheduling rules (e.g. co-locate 392 this pod in the same node, zone, etc. as some other pod(s)). 393 properties: 394 preferredDuringSchedulingIgnoredDuringExecution: 395 description: The scheduler will prefer to schedule pods to 396 nodes that satisfy the affinity expressions specified by 397 this field, but it may choose a node that violates one or 398 more of the expressions. The node that is most preferred 399 is the one with the greatest sum of weights, i.e. for each 400 node that meets all of the scheduling requirements (resource 401 request, requiredDuringScheduling affinity expressions, 402 etc.), compute a sum by iterating through the elements of 403 this field and adding "weight" to the sum if the node has 404 pods which matches the corresponding podAffinityTerm; the 405 node(s) with the highest sum are the most preferred. 406 items: 407 description: The weights of all of the matched WeightedPodAffinityTerm 408 fields are added per-node to find the most preferred node(s) 409 properties: 410 podAffinityTerm: 411 description: Required. A pod affinity term, associated 412 with the corresponding weight. 413 properties: 414 labelSelector: 415 description: A label query over a set of resources, 416 in this case pods. 417 properties: 418 matchExpressions: 419 description: matchExpressions is a list of label 420 selector requirements. The requirements are 421 ANDed. 422 items: 423 description: A label selector requirement 424 is a selector that contains values, a key, 425 and an operator that relates the key and 426 values. 427 properties: 428 key: 429 description: key is the label key that 430 the selector applies to. 431 type: string 432 operator: 433 description: operator represents a key's 434 relationship to a set of values. Valid 435 operators are In, NotIn, Exists and 436 DoesNotExist. 437 type: string 438 values: 439 description: values is an array of string 440 values. If the operator is In or NotIn, 441 the values array must be non-empty. 442 If the operator is Exists or DoesNotExist, 443 the values array must be empty. This 444 array is replaced during a strategic 445 merge patch. 446 items: 447 type: string 448 type: array 449 required: 450 - key 451 - operator 452 type: object 453 type: array 454 matchLabels: 455 additionalProperties: 456 type: string 457 description: matchLabels is a map of {key,value} 458 pairs. A single {key,value} in the matchLabels 459 map is equivalent to an element of matchExpressions, 460 whose key field is "key", the operator is 461 "In", and the values array contains only "value". 462 The requirements are ANDed. 463 type: object 464 type: object 465 x-kubernetes-map-type: atomic 466 namespaceSelector: 467 description: A label query over the set of namespaces 468 that the term applies to. The term is applied 469 to the union of the namespaces selected by this 470 field and the ones listed in the namespaces field. 471 null selector and null or empty namespaces list 472 means "this pod's namespace". An empty selector 473 ({}) matches all namespaces. 474 properties: 475 matchExpressions: 476 description: matchExpressions is a list of label 477 selector requirements. The requirements are 478 ANDed. 479 items: 480 description: A label selector requirement 481 is a selector that contains values, a key, 482 and an operator that relates the key and 483 values. 484 properties: 485 key: 486 description: key is the label key that 487 the selector applies to. 488 type: string 489 operator: 490 description: operator represents a key's 491 relationship to a set of values. Valid 492 operators are In, NotIn, Exists and 493 DoesNotExist. 494 type: string 495 values: 496 description: values is an array of string 497 values. If the operator is In or NotIn, 498 the values array must be non-empty. 499 If the operator is Exists or DoesNotExist, 500 the values array must be empty. This 501 array is replaced during a strategic 502 merge patch. 503 items: 504 type: string 505 type: array 506 required: 507 - key 508 - operator 509 type: object 510 type: array 511 matchLabels: 512 additionalProperties: 513 type: string 514 description: matchLabels is a map of {key,value} 515 pairs. A single {key,value} in the matchLabels 516 map is equivalent to an element of matchExpressions, 517 whose key field is "key", the operator is 518 "In", and the values array contains only "value". 519 The requirements are ANDed. 520 type: object 521 type: object 522 x-kubernetes-map-type: atomic 523 namespaces: 524 description: namespaces specifies a static list 525 of namespace names that the term applies to. The 526 term is applied to the union of the namespaces 527 listed in this field and the ones selected by 528 namespaceSelector. null or empty namespaces list 529 and null namespaceSelector means "this pod's namespace". 530 items: 531 type: string 532 type: array 533 topologyKey: 534 description: This pod should be co-located (affinity) 535 or not co-located (anti-affinity) with the pods 536 matching the labelSelector in the specified namespaces, 537 where co-located is defined as running on a node 538 whose value of the label with key topologyKey 539 matches that of any node on which any of the selected 540 pods is running. Empty topologyKey is not allowed. 541 type: string 542 required: 543 - topologyKey 544 type: object 545 weight: 546 description: weight associated with matching the corresponding 547 podAffinityTerm, in the range 1-100. 548 format: int32 549 type: integer 550 required: 551 - podAffinityTerm 552 - weight 553 type: object 554 type: array 555 requiredDuringSchedulingIgnoredDuringExecution: 556 description: If the affinity requirements specified by this 557 field are not met at scheduling time, the pod will not be 558 scheduled onto the node. If the affinity requirements specified 559 by this field cease to be met at some point during pod execution 560 (e.g. due to a pod label update), the system may or may 561 not try to eventually evict the pod from its node. When 562 there are multiple elements, the lists of nodes corresponding 563 to each podAffinityTerm are intersected, i.e. all terms 564 must be satisfied. 565 items: 566 description: Defines a set of pods (namely those matching 567 the labelSelector relative to the given namespace(s)) 568 that this pod should be co-located (affinity) or not co-located 569 (anti-affinity) with, where co-located is defined as running 570 on a node whose value of the label with key <topologyKey> 571 matches that of any node on which a pod of the set of 572 pods is running 573 properties: 574 labelSelector: 575 description: A label query over a set of resources, 576 in this case pods. 577 properties: 578 matchExpressions: 579 description: matchExpressions is a list of label 580 selector requirements. The requirements are ANDed. 581 items: 582 description: A label selector requirement is a 583 selector that contains values, a key, and an 584 operator that relates the key and values. 585 properties: 586 key: 587 description: key is the label key that the 588 selector applies to. 589 type: string 590 operator: 591 description: operator represents a key's relationship 592 to a set of values. Valid operators are 593 In, NotIn, Exists and DoesNotExist. 594 type: string 595 values: 596 description: values is an array of string 597 values. If the operator is In or NotIn, 598 the values array must be non-empty. If the 599 operator is Exists or DoesNotExist, the 600 values array must be empty. This array is 601 replaced during a strategic merge patch. 602 items: 603 type: string 604 type: array 605 required: 606 - key 607 - operator 608 type: object 609 type: array 610 matchLabels: 611 additionalProperties: 612 type: string 613 description: matchLabels is a map of {key,value} 614 pairs. A single {key,value} in the matchLabels 615 map is equivalent to an element of matchExpressions, 616 whose key field is "key", the operator is "In", 617 and the values array contains only "value". The 618 requirements are ANDed. 619 type: object 620 type: object 621 x-kubernetes-map-type: atomic 622 namespaceSelector: 623 description: A label query over the set of namespaces 624 that the term applies to. The term is applied to the 625 union of the namespaces selected by this field and 626 the ones listed in the namespaces field. null selector 627 and null or empty namespaces list means "this pod's 628 namespace". An empty selector ({}) matches all namespaces. 629 properties: 630 matchExpressions: 631 description: matchExpressions is a list of label 632 selector requirements. The requirements are ANDed. 633 items: 634 description: A label selector requirement is a 635 selector that contains values, a key, and an 636 operator that relates the key and values. 637 properties: 638 key: 639 description: key is the label key that the 640 selector applies to. 641 type: string 642 operator: 643 description: operator represents a key's relationship 644 to a set of values. Valid operators are 645 In, NotIn, Exists and DoesNotExist. 646 type: string 647 values: 648 description: values is an array of string 649 values. If the operator is In or NotIn, 650 the values array must be non-empty. If the 651 operator is Exists or DoesNotExist, the 652 values array must be empty. This array is 653 replaced during a strategic merge patch. 654 items: 655 type: string 656 type: array 657 required: 658 - key 659 - operator 660 type: object 661 type: array 662 matchLabels: 663 additionalProperties: 664 type: string 665 description: matchLabels is a map of {key,value} 666 pairs. A single {key,value} in the matchLabels 667 map is equivalent to an element of matchExpressions, 668 whose key field is "key", the operator is "In", 669 and the values array contains only "value". The 670 requirements are ANDed. 671 type: object 672 type: object 673 x-kubernetes-map-type: atomic 674 namespaces: 675 description: namespaces specifies a static list of namespace 676 names that the term applies to. The term is applied 677 to the union of the namespaces listed in this field 678 and the ones selected by namespaceSelector. null or 679 empty namespaces list and null namespaceSelector means 680 "this pod's namespace". 681 items: 682 type: string 683 type: array 684 topologyKey: 685 description: This pod should be co-located (affinity) 686 or not co-located (anti-affinity) with the pods matching 687 the labelSelector in the specified namespaces, where 688 co-located is defined as running on a node whose value 689 of the label with key topologyKey matches that of 690 any node on which any of the selected pods is running. 691 Empty topologyKey is not allowed. 692 type: string 693 required: 694 - topologyKey 695 type: object 696 type: array 697 type: object 698 podAntiAffinity: 699 description: Describes pod anti-affinity scheduling rules (e.g. 700 avoid putting this pod in the same node, zone, etc. as some 701 other pod(s)). 702 properties: 703 preferredDuringSchedulingIgnoredDuringExecution: 704 description: The scheduler will prefer to schedule pods to 705 nodes that satisfy the anti-affinity expressions specified 706 by this field, but it may choose a node that violates one 707 or more of the expressions. The node that is most preferred 708 is the one with the greatest sum of weights, i.e. for each 709 node that meets all of the scheduling requirements (resource 710 request, requiredDuringScheduling anti-affinity expressions, 711 etc.), compute a sum by iterating through the elements of 712 this field and adding "weight" to the sum if the node has 713 pods which matches the corresponding podAffinityTerm; the 714 node(s) with the highest sum are the most preferred. 715 items: 716 description: The weights of all of the matched WeightedPodAffinityTerm 717 fields are added per-node to find the most preferred node(s) 718 properties: 719 podAffinityTerm: 720 description: Required. A pod affinity term, associated 721 with the corresponding weight. 722 properties: 723 labelSelector: 724 description: A label query over a set of resources, 725 in this case pods. 726 properties: 727 matchExpressions: 728 description: matchExpressions is a list of label 729 selector requirements. The requirements are 730 ANDed. 731 items: 732 description: A label selector requirement 733 is a selector that contains values, a key, 734 and an operator that relates the key and 735 values. 736 properties: 737 key: 738 description: key is the label key that 739 the selector applies to. 740 type: string 741 operator: 742 description: operator represents a key's 743 relationship to a set of values. Valid 744 operators are In, NotIn, Exists and 745 DoesNotExist. 746 type: string 747 values: 748 description: values is an array of string 749 values. If the operator is In or NotIn, 750 the values array must be non-empty. 751 If the operator is Exists or DoesNotExist, 752 the values array must be empty. This 753 array is replaced during a strategic 754 merge patch. 755 items: 756 type: string 757 type: array 758 required: 759 - key 760 - operator 761 type: object 762 type: array 763 matchLabels: 764 additionalProperties: 765 type: string 766 description: matchLabels is a map of {key,value} 767 pairs. A single {key,value} in the matchLabels 768 map is equivalent to an element of matchExpressions, 769 whose key field is "key", the operator is 770 "In", and the values array contains only "value". 771 The requirements are ANDed. 772 type: object 773 type: object 774 x-kubernetes-map-type: atomic 775 namespaceSelector: 776 description: A label query over the set of namespaces 777 that the term applies to. The term is applied 778 to the union of the namespaces selected by this 779 field and the ones listed in the namespaces field. 780 null selector and null or empty namespaces list 781 means "this pod's namespace". An empty selector 782 ({}) matches all namespaces. 783 properties: 784 matchExpressions: 785 description: matchExpressions is a list of label 786 selector requirements. The requirements are 787 ANDed. 788 items: 789 description: A label selector requirement 790 is a selector that contains values, a key, 791 and an operator that relates the key and 792 values. 793 properties: 794 key: 795 description: key is the label key that 796 the selector applies to. 797 type: string 798 operator: 799 description: operator represents a key's 800 relationship to a set of values. Valid 801 operators are In, NotIn, Exists and 802 DoesNotExist. 803 type: string 804 values: 805 description: values is an array of string 806 values. If the operator is In or NotIn, 807 the values array must be non-empty. 808 If the operator is Exists or DoesNotExist, 809 the values array must be empty. This 810 array is replaced during a strategic 811 merge patch. 812 items: 813 type: string 814 type: array 815 required: 816 - key 817 - operator 818 type: object 819 type: array 820 matchLabels: 821 additionalProperties: 822 type: string 823 description: matchLabels is a map of {key,value} 824 pairs. A single {key,value} in the matchLabels 825 map is equivalent to an element of matchExpressions, 826 whose key field is "key", the operator is 827 "In", and the values array contains only "value". 828 The requirements are ANDed. 829 type: object 830 type: object 831 x-kubernetes-map-type: atomic 832 namespaces: 833 description: namespaces specifies a static list 834 of namespace names that the term applies to. The 835 term is applied to the union of the namespaces 836 listed in this field and the ones selected by 837 namespaceSelector. null or empty namespaces list 838 and null namespaceSelector means "this pod's namespace". 839 items: 840 type: string 841 type: array 842 topologyKey: 843 description: This pod should be co-located (affinity) 844 or not co-located (anti-affinity) with the pods 845 matching the labelSelector in the specified namespaces, 846 where co-located is defined as running on a node 847 whose value of the label with key topologyKey 848 matches that of any node on which any of the selected 849 pods is running. Empty topologyKey is not allowed. 850 type: string 851 required: 852 - topologyKey 853 type: object 854 weight: 855 description: weight associated with matching the corresponding 856 podAffinityTerm, in the range 1-100. 857 format: int32 858 type: integer 859 required: 860 - podAffinityTerm 861 - weight 862 type: object 863 type: array 864 requiredDuringSchedulingIgnoredDuringExecution: 865 description: If the anti-affinity requirements specified by 866 this field are not met at scheduling time, the pod will 867 not be scheduled onto the node. If the anti-affinity requirements 868 specified by this field cease to be met at some point during 869 pod execution (e.g. due to a pod label update), the system 870 may or may not try to eventually evict the pod from its 871 node. When there are multiple elements, the lists of nodes 872 corresponding to each podAffinityTerm are intersected, i.e. 873 all terms must be satisfied. 874 items: 875 description: Defines a set of pods (namely those matching 876 the labelSelector relative to the given namespace(s)) 877 that this pod should be co-located (affinity) or not co-located 878 (anti-affinity) with, where co-located is defined as running 879 on a node whose value of the label with key <topologyKey> 880 matches that of any node on which a pod of the set of 881 pods is running 882 properties: 883 labelSelector: 884 description: A label query over a set of resources, 885 in this case pods. 886 properties: 887 matchExpressions: 888 description: matchExpressions is a list of label 889 selector requirements. The requirements are ANDed. 890 items: 891 description: A label selector requirement is a 892 selector that contains values, a key, and an 893 operator that relates the key and values. 894 properties: 895 key: 896 description: key is the label key that the 897 selector applies to. 898 type: string 899 operator: 900 description: operator represents a key's relationship 901 to a set of values. Valid operators are 902 In, NotIn, Exists and DoesNotExist. 903 type: string 904 values: 905 description: values is an array of string 906 values. If the operator is In or NotIn, 907 the values array must be non-empty. If the 908 operator is Exists or DoesNotExist, the 909 values array must be empty. This array is 910 replaced during a strategic merge patch. 911 items: 912 type: string 913 type: array 914 required: 915 - key 916 - operator 917 type: object 918 type: array 919 matchLabels: 920 additionalProperties: 921 type: string 922 description: matchLabels is a map of {key,value} 923 pairs. A single {key,value} in the matchLabels 924 map is equivalent to an element of matchExpressions, 925 whose key field is "key", the operator is "In", 926 and the values array contains only "value". The 927 requirements are ANDed. 928 type: object 929 type: object 930 x-kubernetes-map-type: atomic 931 namespaceSelector: 932 description: A label query over the set of namespaces 933 that the term applies to. The term is applied to the 934 union of the namespaces selected by this field and 935 the ones listed in the namespaces field. null selector 936 and null or empty namespaces list means "this pod's 937 namespace". An empty selector ({}) matches all namespaces. 938 properties: 939 matchExpressions: 940 description: matchExpressions is a list of label 941 selector requirements. The requirements are ANDed. 942 items: 943 description: A label selector requirement is a 944 selector that contains values, a key, and an 945 operator that relates the key and values. 946 properties: 947 key: 948 description: key is the label key that the 949 selector applies to. 950 type: string 951 operator: 952 description: operator represents a key's relationship 953 to a set of values. Valid operators are 954 In, NotIn, Exists and DoesNotExist. 955 type: string 956 values: 957 description: values is an array of string 958 values. If the operator is In or NotIn, 959 the values array must be non-empty. If the 960 operator is Exists or DoesNotExist, the 961 values array must be empty. This array is 962 replaced during a strategic merge patch. 963 items: 964 type: string 965 type: array 966 required: 967 - key 968 - operator 969 type: object 970 type: array 971 matchLabels: 972 additionalProperties: 973 type: string 974 description: matchLabels is a map of {key,value} 975 pairs. A single {key,value} in the matchLabels 976 map is equivalent to an element of matchExpressions, 977 whose key field is "key", the operator is "In", 978 and the values array contains only "value". The 979 requirements are ANDed. 980 type: object 981 type: object 982 x-kubernetes-map-type: atomic 983 namespaces: 984 description: namespaces specifies a static list of namespace 985 names that the term applies to. The term is applied 986 to the union of the namespaces listed in this field 987 and the ones selected by namespaceSelector. null or 988 empty namespaces list and null namespaceSelector means 989 "this pod's namespace". 990 items: 991 type: string 992 type: array 993 topologyKey: 994 description: This pod should be co-located (affinity) 995 or not co-located (anti-affinity) with the pods matching 996 the labelSelector in the specified namespaces, where 997 co-located is defined as running on a node whose value 998 of the label with key topologyKey matches that of 999 any node on which any of the selected pods is running. 1000 Empty topologyKey is not allowed. 1001 type: string 1002 required: 1003 - topologyKey 1004 type: object 1005 type: array 1006 type: object 1007 type: object 1008 alerting: 1009 description: Define details regarding alerting. 1010 properties: 1011 alertmanagers: 1012 description: AlertmanagerEndpoints Prometheus should fire alerts 1013 against. 1014 items: 1015 description: AlertmanagerEndpoints defines a selection of a 1016 single Endpoints object containing alertmanager IPs to fire 1017 alerts against. 1018 properties: 1019 apiVersion: 1020 description: Version of the Alertmanager API that Prometheus 1021 uses to send alerts. It can be "v1" or "v2". 1022 type: string 1023 authorization: 1024 description: Authorization section for this alertmanager 1025 endpoint 1026 properties: 1027 credentials: 1028 description: The secret's key that contains the credentials 1029 of the request 1030 properties: 1031 key: 1032 description: The key of the secret to select from. Must 1033 be a valid secret key. 1034 type: string 1035 name: 1036 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1037 TODO: Add other useful fields. apiVersion, kind, 1038 uid?' 1039 type: string 1040 optional: 1041 description: Specify whether the Secret or its key 1042 must be defined 1043 type: boolean 1044 required: 1045 - key 1046 type: object 1047 x-kubernetes-map-type: atomic 1048 type: 1049 description: Set the authentication type. Defaults to 1050 Bearer, Basic will cause an error 1051 type: string 1052 type: object 1053 basicAuth: 1054 description: BasicAuth allow an endpoint to authenticate 1055 over basic authentication 1056 properties: 1057 password: 1058 description: The secret in the service monitor namespace 1059 that contains the password for authentication. 1060 properties: 1061 key: 1062 description: The key of the secret to select from. Must 1063 be a valid secret key. 1064 type: string 1065 name: 1066 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1067 TODO: Add other useful fields. apiVersion, kind, 1068 uid?' 1069 type: string 1070 optional: 1071 description: Specify whether the Secret or its key 1072 must be defined 1073 type: boolean 1074 required: 1075 - key 1076 type: object 1077 x-kubernetes-map-type: atomic 1078 username: 1079 description: The secret in the service monitor namespace 1080 that contains the username for authentication. 1081 properties: 1082 key: 1083 description: The key of the secret to select from. Must 1084 be a valid secret key. 1085 type: string 1086 name: 1087 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1088 TODO: Add other useful fields. apiVersion, kind, 1089 uid?' 1090 type: string 1091 optional: 1092 description: Specify whether the Secret or its key 1093 must be defined 1094 type: boolean 1095 required: 1096 - key 1097 type: object 1098 x-kubernetes-map-type: atomic 1099 type: object 1100 bearerTokenFile: 1101 description: BearerTokenFile to read from filesystem to 1102 use when authenticating to Alertmanager. 1103 type: string 1104 enableHttp2: 1105 description: Whether to enable HTTP2. 1106 type: boolean 1107 name: 1108 description: Name of Endpoints object in Namespace. 1109 type: string 1110 namespace: 1111 description: Namespace of Endpoints object. 1112 type: string 1113 pathPrefix: 1114 description: Prefix for the HTTP path alerts are pushed 1115 to. 1116 type: string 1117 port: 1118 anyOf: 1119 - type: integer 1120 - type: string 1121 description: Port the Alertmanager API is exposed on. 1122 x-kubernetes-int-or-string: true 1123 scheme: 1124 description: Scheme to use when firing alerts. 1125 type: string 1126 timeout: 1127 description: Timeout is a per-target Alertmanager timeout 1128 when pushing alerts. 1129 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 1130 type: string 1131 tlsConfig: 1132 description: TLS Config to use for alertmanager connection. 1133 properties: 1134 ca: 1135 description: Certificate authority used when verifying 1136 server certificates. 1137 properties: 1138 configMap: 1139 description: ConfigMap containing data to use for 1140 the targets. 1141 properties: 1142 key: 1143 description: The key to select. 1144 type: string 1145 name: 1146 description: 'Name of the referent. More info: 1147 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1148 TODO: Add other useful fields. apiVersion, 1149 kind, uid?' 1150 type: string 1151 optional: 1152 description: Specify whether the ConfigMap or 1153 its key must be defined 1154 type: boolean 1155 required: 1156 - key 1157 type: object 1158 x-kubernetes-map-type: atomic 1159 secret: 1160 description: Secret containing data to use for the 1161 targets. 1162 properties: 1163 key: 1164 description: The key of the secret to select 1165 from. Must be a valid secret key. 1166 type: string 1167 name: 1168 description: 'Name of the referent. More info: 1169 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1170 TODO: Add other useful fields. apiVersion, 1171 kind, uid?' 1172 type: string 1173 optional: 1174 description: Specify whether the Secret or its 1175 key must be defined 1176 type: boolean 1177 required: 1178 - key 1179 type: object 1180 x-kubernetes-map-type: atomic 1181 type: object 1182 caFile: 1183 description: Path to the CA cert in the Prometheus container 1184 to use for the targets. 1185 type: string 1186 cert: 1187 description: Client certificate to present when doing 1188 client-authentication. 1189 properties: 1190 configMap: 1191 description: ConfigMap containing data to use for 1192 the targets. 1193 properties: 1194 key: 1195 description: The key to select. 1196 type: string 1197 name: 1198 description: 'Name of the referent. More info: 1199 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1200 TODO: Add other useful fields. apiVersion, 1201 kind, uid?' 1202 type: string 1203 optional: 1204 description: Specify whether the ConfigMap or 1205 its key must be defined 1206 type: boolean 1207 required: 1208 - key 1209 type: object 1210 x-kubernetes-map-type: atomic 1211 secret: 1212 description: Secret containing data to use for the 1213 targets. 1214 properties: 1215 key: 1216 description: The key of the secret to select 1217 from. Must be a valid secret key. 1218 type: string 1219 name: 1220 description: 'Name of the referent. More info: 1221 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1222 TODO: Add other useful fields. apiVersion, 1223 kind, uid?' 1224 type: string 1225 optional: 1226 description: Specify whether the Secret or its 1227 key must be defined 1228 type: boolean 1229 required: 1230 - key 1231 type: object 1232 x-kubernetes-map-type: atomic 1233 type: object 1234 certFile: 1235 description: Path to the client cert file in the Prometheus 1236 container for the targets. 1237 type: string 1238 insecureSkipVerify: 1239 description: Disable target certificate validation. 1240 type: boolean 1241 keyFile: 1242 description: Path to the client key file in the Prometheus 1243 container for the targets. 1244 type: string 1245 keySecret: 1246 description: Secret containing the client key file for 1247 the targets. 1248 properties: 1249 key: 1250 description: The key of the secret to select from. Must 1251 be a valid secret key. 1252 type: string 1253 name: 1254 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1255 TODO: Add other useful fields. apiVersion, kind, 1256 uid?' 1257 type: string 1258 optional: 1259 description: Specify whether the Secret or its key 1260 must be defined 1261 type: boolean 1262 required: 1263 - key 1264 type: object 1265 x-kubernetes-map-type: atomic 1266 serverName: 1267 description: Used to verify the hostname for the targets. 1268 type: string 1269 type: object 1270 required: 1271 - name 1272 - namespace 1273 - port 1274 type: object 1275 type: array 1276 required: 1277 - alertmanagers 1278 type: object 1279 allowOverlappingBlocks: 1280 description: AllowOverlappingBlocks enables vertical compaction and 1281 vertical query merge in Prometheus. This is still experimental in 1282 Prometheus so it may change in any upcoming release. 1283 type: boolean 1284 apiserverConfig: 1285 description: APIServerConfig allows specifying a host and auth methods 1286 to access apiserver. If left empty, Prometheus is assumed to run 1287 inside of the cluster and will discover API servers automatically 1288 and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. 1289 properties: 1290 authorization: 1291 description: Authorization section for accessing apiserver 1292 properties: 1293 credentials: 1294 description: The secret's key that contains the credentials 1295 of the request 1296 properties: 1297 key: 1298 description: The key of the secret to select from. Must 1299 be a valid secret key. 1300 type: string 1301 name: 1302 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1303 TODO: Add other useful fields. apiVersion, kind, uid?' 1304 type: string 1305 optional: 1306 description: Specify whether the Secret or its key must 1307 be defined 1308 type: boolean 1309 required: 1310 - key 1311 type: object 1312 x-kubernetes-map-type: atomic 1313 credentialsFile: 1314 description: File to read a secret from, mutually exclusive 1315 with Credentials (from SafeAuthorization) 1316 type: string 1317 type: 1318 description: Set the authentication type. Defaults to Bearer, 1319 Basic will cause an error 1320 type: string 1321 type: object 1322 basicAuth: 1323 description: BasicAuth allow an endpoint to authenticate over 1324 basic authentication 1325 properties: 1326 password: 1327 description: The secret in the service monitor namespace that 1328 contains the password for authentication. 1329 properties: 1330 key: 1331 description: The key of the secret to select from. Must 1332 be a valid secret key. 1333 type: string 1334 name: 1335 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1336 TODO: Add other useful fields. apiVersion, kind, uid?' 1337 type: string 1338 optional: 1339 description: Specify whether the Secret or its key must 1340 be defined 1341 type: boolean 1342 required: 1343 - key 1344 type: object 1345 x-kubernetes-map-type: atomic 1346 username: 1347 description: The secret in the service monitor namespace that 1348 contains the username for authentication. 1349 properties: 1350 key: 1351 description: The key of the secret to select from. Must 1352 be a valid secret key. 1353 type: string 1354 name: 1355 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1356 TODO: Add other useful fields. apiVersion, kind, uid?' 1357 type: string 1358 optional: 1359 description: Specify whether the Secret or its key must 1360 be defined 1361 type: boolean 1362 required: 1363 - key 1364 type: object 1365 x-kubernetes-map-type: atomic 1366 type: object 1367 bearerToken: 1368 description: Bearer token for accessing apiserver. 1369 type: string 1370 bearerTokenFile: 1371 description: File to read bearer token for accessing apiserver. 1372 type: string 1373 host: 1374 description: Host of apiserver. A valid string consisting of a 1375 hostname or IP followed by an optional port number 1376 type: string 1377 tlsConfig: 1378 description: TLS Config to use for accessing apiserver. 1379 properties: 1380 ca: 1381 description: Certificate authority used when verifying server 1382 certificates. 1383 properties: 1384 configMap: 1385 description: ConfigMap containing data to use for the 1386 targets. 1387 properties: 1388 key: 1389 description: The key to select. 1390 type: string 1391 name: 1392 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1393 TODO: Add other useful fields. apiVersion, kind, 1394 uid?' 1395 type: string 1396 optional: 1397 description: Specify whether the ConfigMap or its 1398 key must be defined 1399 type: boolean 1400 required: 1401 - key 1402 type: object 1403 x-kubernetes-map-type: atomic 1404 secret: 1405 description: Secret containing data to use for the targets. 1406 properties: 1407 key: 1408 description: The key of the secret to select from. Must 1409 be a valid secret key. 1410 type: string 1411 name: 1412 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1413 TODO: Add other useful fields. apiVersion, kind, 1414 uid?' 1415 type: string 1416 optional: 1417 description: Specify whether the Secret or its key 1418 must be defined 1419 type: boolean 1420 required: 1421 - key 1422 type: object 1423 x-kubernetes-map-type: atomic 1424 type: object 1425 caFile: 1426 description: Path to the CA cert in the Prometheus container 1427 to use for the targets. 1428 type: string 1429 cert: 1430 description: Client certificate to present when doing client-authentication. 1431 properties: 1432 configMap: 1433 description: ConfigMap containing data to use for the 1434 targets. 1435 properties: 1436 key: 1437 description: The key to select. 1438 type: string 1439 name: 1440 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1441 TODO: Add other useful fields. apiVersion, kind, 1442 uid?' 1443 type: string 1444 optional: 1445 description: Specify whether the ConfigMap or its 1446 key must be defined 1447 type: boolean 1448 required: 1449 - key 1450 type: object 1451 x-kubernetes-map-type: atomic 1452 secret: 1453 description: Secret containing data to use for the targets. 1454 properties: 1455 key: 1456 description: The key of the secret to select from. Must 1457 be a valid secret key. 1458 type: string 1459 name: 1460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1461 TODO: Add other useful fields. apiVersion, kind, 1462 uid?' 1463 type: string 1464 optional: 1465 description: Specify whether the Secret or its key 1466 must be defined 1467 type: boolean 1468 required: 1469 - key 1470 type: object 1471 x-kubernetes-map-type: atomic 1472 type: object 1473 certFile: 1474 description: Path to the client cert file in the Prometheus 1475 container for the targets. 1476 type: string 1477 insecureSkipVerify: 1478 description: Disable target certificate validation. 1479 type: boolean 1480 keyFile: 1481 description: Path to the client key file in the Prometheus 1482 container for the targets. 1483 type: string 1484 keySecret: 1485 description: Secret containing the client key file for the 1486 targets. 1487 properties: 1488 key: 1489 description: The key of the secret to select from. Must 1490 be a valid secret key. 1491 type: string 1492 name: 1493 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1494 TODO: Add other useful fields. apiVersion, kind, uid?' 1495 type: string 1496 optional: 1497 description: Specify whether the Secret or its key must 1498 be defined 1499 type: boolean 1500 required: 1501 - key 1502 type: object 1503 x-kubernetes-map-type: atomic 1504 serverName: 1505 description: Used to verify the hostname for the targets. 1506 type: string 1507 type: object 1508 required: 1509 - host 1510 type: object 1511 arbitraryFSAccessThroughSMs: 1512 description: ArbitraryFSAccessThroughSMs configures whether configuration 1513 based on a service monitor can access arbitrary files on the file 1514 system of the Prometheus container e.g. bearer token files. 1515 properties: 1516 deny: 1517 type: boolean 1518 type: object 1519 baseImage: 1520 description: 'Base image to use for a Prometheus deployment. Deprecated: 1521 use ''image'' instead' 1522 type: string 1523 configMaps: 1524 description: ConfigMaps is a list of ConfigMaps in the same namespace 1525 as the Prometheus object, which shall be mounted into the Prometheus 1526 Pods. Each ConfigMap is added to the StatefulSet definition as a 1527 volume named `configmap-<configmap-name>`. The ConfigMaps are mounted 1528 into /etc/prometheus/configmaps/<configmap-name> in the 'prometheus' 1529 container. 1530 items: 1531 type: string 1532 type: array 1533 containers: 1534 description: 'Containers allows injecting additional containers or 1535 modifying operator generated containers. This can be used to allow 1536 adding an authentication proxy to a Prometheus pod or to change 1537 the behavior of an operator generated container. Containers described 1538 here modify an operator generated container if they share the same 1539 name and modifications are done via a strategic merge patch. The 1540 current container names are: `prometheus`, `config-reloader`, and 1541 `thanos-sidecar`. Overriding containers is entirely outside the 1542 scope of what the maintainers will support and by doing so, you 1543 accept that this behaviour may break at any time without notice.' 1544 items: 1545 description: A single application container that you want to run 1546 within a pod. 1547 properties: 1548 args: 1549 description: 'Arguments to the entrypoint. The container image''s 1550 CMD is used if this is not provided. Variable references $(VAR_NAME) 1551 are expanded using the container''s environment. If a variable 1552 cannot be resolved, the reference in the input string will 1553 be unchanged. Double $$ are reduced to a single $, which allows 1554 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 1555 produce the string literal "$(VAR_NAME)". Escaped references 1556 will never be expanded, regardless of whether the variable 1557 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1558 items: 1559 type: string 1560 type: array 1561 command: 1562 description: 'Entrypoint array. Not executed within a shell. 1563 The container image''s ENTRYPOINT is used if this is not provided. 1564 Variable references $(VAR_NAME) are expanded using the container''s 1565 environment. If a variable cannot be resolved, the reference 1566 in the input string will be unchanged. Double $$ are reduced 1567 to a single $, which allows for escaping the $(VAR_NAME) syntax: 1568 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 1569 Escaped references will never be expanded, regardless of whether 1570 the variable exists or not. Cannot be updated. More info: 1571 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1572 items: 1573 type: string 1574 type: array 1575 env: 1576 description: List of environment variables to set in the container. 1577 Cannot be updated. 1578 items: 1579 description: EnvVar represents an environment variable present 1580 in a Container. 1581 properties: 1582 name: 1583 description: Name of the environment variable. Must be 1584 a C_IDENTIFIER. 1585 type: string 1586 value: 1587 description: 'Variable references $(VAR_NAME) are expanded 1588 using the previously defined environment variables in 1589 the container and any service environment variables. 1590 If a variable cannot be resolved, the reference in the 1591 input string will be unchanged. Double $$ are reduced 1592 to a single $, which allows for escaping the $(VAR_NAME) 1593 syntax: i.e. "$$(VAR_NAME)" will produce the string 1594 literal "$(VAR_NAME)". Escaped references will never 1595 be expanded, regardless of whether the variable exists 1596 or not. Defaults to "".' 1597 type: string 1598 valueFrom: 1599 description: Source for the environment variable's value. 1600 Cannot be used if value is not empty. 1601 properties: 1602 configMapKeyRef: 1603 description: Selects a key of a ConfigMap. 1604 properties: 1605 key: 1606 description: The key to select. 1607 type: string 1608 name: 1609 description: 'Name of the referent. More info: 1610 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1611 TODO: Add other useful fields. apiVersion, kind, 1612 uid?' 1613 type: string 1614 optional: 1615 description: Specify whether the ConfigMap or 1616 its key must be defined 1617 type: boolean 1618 required: 1619 - key 1620 type: object 1621 x-kubernetes-map-type: atomic 1622 fieldRef: 1623 description: 'Selects a field of the pod: supports 1624 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 1625 `metadata.annotations[''<KEY>'']`, spec.nodeName, 1626 spec.serviceAccountName, status.hostIP, status.podIP, 1627 status.podIPs.' 1628 properties: 1629 apiVersion: 1630 description: Version of the schema the FieldPath 1631 is written in terms of, defaults to "v1". 1632 type: string 1633 fieldPath: 1634 description: Path of the field to select in the 1635 specified API version. 1636 type: string 1637 required: 1638 - fieldPath 1639 type: object 1640 x-kubernetes-map-type: atomic 1641 resourceFieldRef: 1642 description: 'Selects a resource of the container: 1643 only resources limits and requests (limits.cpu, 1644 limits.memory, limits.ephemeral-storage, requests.cpu, 1645 requests.memory and requests.ephemeral-storage) 1646 are currently supported.' 1647 properties: 1648 containerName: 1649 description: 'Container name: required for volumes, 1650 optional for env vars' 1651 type: string 1652 divisor: 1653 anyOf: 1654 - type: integer 1655 - type: string 1656 description: Specifies the output format of the 1657 exposed resources, defaults to "1" 1658 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1659 x-kubernetes-int-or-string: true 1660 resource: 1661 description: 'Required: resource to select' 1662 type: string 1663 required: 1664 - resource 1665 type: object 1666 x-kubernetes-map-type: atomic 1667 secretKeyRef: 1668 description: Selects a key of a secret in the pod's 1669 namespace 1670 properties: 1671 key: 1672 description: The key of the secret to select from. Must 1673 be a valid secret key. 1674 type: string 1675 name: 1676 description: 'Name of the referent. More info: 1677 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1678 TODO: Add other useful fields. apiVersion, kind, 1679 uid?' 1680 type: string 1681 optional: 1682 description: Specify whether the Secret or its 1683 key must be defined 1684 type: boolean 1685 required: 1686 - key 1687 type: object 1688 x-kubernetes-map-type: atomic 1689 type: object 1690 required: 1691 - name 1692 type: object 1693 type: array 1694 envFrom: 1695 description: List of sources to populate environment variables 1696 in the container. The keys defined within a source must be 1697 a C_IDENTIFIER. All invalid keys will be reported as an event 1698 when the container is starting. When a key exists in multiple 1699 sources, the value associated with the last source will take 1700 precedence. Values defined by an Env with a duplicate key 1701 will take precedence. Cannot be updated. 1702 items: 1703 description: EnvFromSource represents the source of a set 1704 of ConfigMaps 1705 properties: 1706 configMapRef: 1707 description: The ConfigMap to select from 1708 properties: 1709 name: 1710 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1711 TODO: Add other useful fields. apiVersion, kind, 1712 uid?' 1713 type: string 1714 optional: 1715 description: Specify whether the ConfigMap must be 1716 defined 1717 type: boolean 1718 type: object 1719 x-kubernetes-map-type: atomic 1720 prefix: 1721 description: An optional identifier to prepend to each 1722 key in the ConfigMap. Must be a C_IDENTIFIER. 1723 type: string 1724 secretRef: 1725 description: The Secret to select from 1726 properties: 1727 name: 1728 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1729 TODO: Add other useful fields. apiVersion, kind, 1730 uid?' 1731 type: string 1732 optional: 1733 description: Specify whether the Secret must be defined 1734 type: boolean 1735 type: object 1736 x-kubernetes-map-type: atomic 1737 type: object 1738 type: array 1739 image: 1740 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 1741 This field is optional to allow higher level config management 1742 to default or override container images in workload controllers 1743 like Deployments and StatefulSets.' 1744 type: string 1745 imagePullPolicy: 1746 description: 'Image pull policy. One of Always, Never, IfNotPresent. 1747 Defaults to Always if :latest tag is specified, or IfNotPresent 1748 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1749 type: string 1750 lifecycle: 1751 description: Actions that the management system should take 1752 in response to container lifecycle events. Cannot be updated. 1753 properties: 1754 postStart: 1755 description: 'PostStart is called immediately after a container 1756 is created. If the handler fails, the container is terminated 1757 and restarted according to its restart policy. Other management 1758 of the container blocks until the hook completes. More 1759 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1760 properties: 1761 exec: 1762 description: Exec specifies the action to take. 1763 properties: 1764 command: 1765 description: Command is the command line to execute 1766 inside the container, the working directory for 1767 the command is root ('/') in the container's 1768 filesystem. The command is simply exec'd, it is 1769 not run inside a shell, so traditional shell instructions 1770 ('|', etc) won't work. To use a shell, you need 1771 to explicitly call out to that shell. Exit status 1772 of 0 is treated as live/healthy and non-zero is 1773 unhealthy. 1774 items: 1775 type: string 1776 type: array 1777 type: object 1778 httpGet: 1779 description: HTTPGet specifies the http request to perform. 1780 properties: 1781 host: 1782 description: Host name to connect to, defaults to 1783 the pod IP. You probably want to set "Host" in 1784 httpHeaders instead. 1785 type: string 1786 httpHeaders: 1787 description: Custom headers to set in the request. 1788 HTTP allows repeated headers. 1789 items: 1790 description: HTTPHeader describes a custom header 1791 to be used in HTTP probes 1792 properties: 1793 name: 1794 description: The header field name 1795 type: string 1796 value: 1797 description: The header field value 1798 type: string 1799 required: 1800 - name 1801 - value 1802 type: object 1803 type: array 1804 path: 1805 description: Path to access on the HTTP server. 1806 type: string 1807 port: 1808 anyOf: 1809 - type: integer 1810 - type: string 1811 description: Name or number of the port to access 1812 on the container. Number must be in the range 1813 1 to 65535. Name must be an IANA_SVC_NAME. 1814 x-kubernetes-int-or-string: true 1815 scheme: 1816 description: Scheme to use for connecting to the 1817 host. Defaults to HTTP. 1818 type: string 1819 required: 1820 - port 1821 type: object 1822 tcpSocket: 1823 description: Deprecated. TCPSocket is NOT supported 1824 as a LifecycleHandler and kept for the backward compatibility. 1825 There are no validation of this field and lifecycle 1826 hooks will fail in runtime when tcp handler is specified. 1827 properties: 1828 host: 1829 description: 'Optional: Host name to connect to, 1830 defaults to the pod IP.' 1831 type: string 1832 port: 1833 anyOf: 1834 - type: integer 1835 - type: string 1836 description: Number or name of the port to access 1837 on the container. Number must be in the range 1838 1 to 65535. Name must be an IANA_SVC_NAME. 1839 x-kubernetes-int-or-string: true 1840 required: 1841 - port 1842 type: object 1843 type: object 1844 preStop: 1845 description: 'PreStop is called immediately before a container 1846 is terminated due to an API request or management event 1847 such as liveness/startup probe failure, preemption, resource 1848 contention, etc. The handler is not called if the container 1849 crashes or exits. The Pod''s termination grace period 1850 countdown begins before the PreStop hook is executed. 1851 Regardless of the outcome of the handler, the container 1852 will eventually terminate within the Pod''s termination 1853 grace period (unless delayed by finalizers). Other management 1854 of the container blocks until the hook completes or until 1855 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1856 properties: 1857 exec: 1858 description: Exec specifies the action to take. 1859 properties: 1860 command: 1861 description: Command is the command line to execute 1862 inside the container, the working directory for 1863 the command is root ('/') in the container's 1864 filesystem. The command is simply exec'd, it is 1865 not run inside a shell, so traditional shell instructions 1866 ('|', etc) won't work. To use a shell, you need 1867 to explicitly call out to that shell. Exit status 1868 of 0 is treated as live/healthy and non-zero is 1869 unhealthy. 1870 items: 1871 type: string 1872 type: array 1873 type: object 1874 httpGet: 1875 description: HTTPGet specifies the http request to perform. 1876 properties: 1877 host: 1878 description: Host name to connect to, defaults to 1879 the pod IP. You probably want to set "Host" in 1880 httpHeaders instead. 1881 type: string 1882 httpHeaders: 1883 description: Custom headers to set in the request. 1884 HTTP allows repeated headers. 1885 items: 1886 description: HTTPHeader describes a custom header 1887 to be used in HTTP probes 1888 properties: 1889 name: 1890 description: The header field name 1891 type: string 1892 value: 1893 description: The header field value 1894 type: string 1895 required: 1896 - name 1897 - value 1898 type: object 1899 type: array 1900 path: 1901 description: Path to access on the HTTP server. 1902 type: string 1903 port: 1904 anyOf: 1905 - type: integer 1906 - type: string 1907 description: Name or number of the port to access 1908 on the container. Number must be in the range 1909 1 to 65535. Name must be an IANA_SVC_NAME. 1910 x-kubernetes-int-or-string: true 1911 scheme: 1912 description: Scheme to use for connecting to the 1913 host. Defaults to HTTP. 1914 type: string 1915 required: 1916 - port 1917 type: object 1918 tcpSocket: 1919 description: Deprecated. TCPSocket is NOT supported 1920 as a LifecycleHandler and kept for the backward compatibility. 1921 There are no validation of this field and lifecycle 1922 hooks will fail in runtime when tcp handler is specified. 1923 properties: 1924 host: 1925 description: 'Optional: Host name to connect to, 1926 defaults to the pod IP.' 1927 type: string 1928 port: 1929 anyOf: 1930 - type: integer 1931 - type: string 1932 description: Number or name of the port to access 1933 on the container. Number must be in the range 1934 1 to 65535. Name must be an IANA_SVC_NAME. 1935 x-kubernetes-int-or-string: true 1936 required: 1937 - port 1938 type: object 1939 type: object 1940 type: object 1941 livenessProbe: 1942 description: 'Periodic probe of container liveness. Container 1943 will be restarted if the probe fails. Cannot be updated. More 1944 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1945 properties: 1946 exec: 1947 description: Exec specifies the action to take. 1948 properties: 1949 command: 1950 description: Command is the command line to execute 1951 inside the container, the working directory for the 1952 command is root ('/') in the container's filesystem. 1953 The command is simply exec'd, it is not run inside 1954 a shell, so traditional shell instructions ('|', etc) 1955 won't work. To use a shell, you need to explicitly 1956 call out to that shell. Exit status of 0 is treated 1957 as live/healthy and non-zero is unhealthy. 1958 items: 1959 type: string 1960 type: array 1961 type: object 1962 failureThreshold: 1963 description: Minimum consecutive failures for the probe 1964 to be considered failed after having succeeded. Defaults 1965 to 3. Minimum value is 1. 1966 format: int32 1967 type: integer 1968 grpc: 1969 description: GRPC specifies an action involving a GRPC port. 1970 This is a beta field and requires enabling GRPCContainerProbe 1971 feature gate. 1972 properties: 1973 port: 1974 description: Port number of the gRPC service. Number 1975 must be in the range 1 to 65535. 1976 format: int32 1977 type: integer 1978 service: 1979 description: "Service is the name of the service to 1980 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 1981 \n If this is not specified, the default behavior 1982 is defined by gRPC." 1983 type: string 1984 required: 1985 - port 1986 type: object 1987 httpGet: 1988 description: HTTPGet specifies the http request to perform. 1989 properties: 1990 host: 1991 description: Host name to connect to, defaults to the 1992 pod IP. You probably want to set "Host" in httpHeaders 1993 instead. 1994 type: string 1995 httpHeaders: 1996 description: Custom headers to set in the request. HTTP 1997 allows repeated headers. 1998 items: 1999 description: HTTPHeader describes a custom header 2000 to be used in HTTP probes 2001 properties: 2002 name: 2003 description: The header field name 2004 type: string 2005 value: 2006 description: The header field value 2007 type: string 2008 required: 2009 - name 2010 - value 2011 type: object 2012 type: array 2013 path: 2014 description: Path to access on the HTTP server. 2015 type: string 2016 port: 2017 anyOf: 2018 - type: integer 2019 - type: string 2020 description: Name or number of the port to access on 2021 the container. Number must be in the range 1 to 65535. 2022 Name must be an IANA_SVC_NAME. 2023 x-kubernetes-int-or-string: true 2024 scheme: 2025 description: Scheme to use for connecting to the host. 2026 Defaults to HTTP. 2027 type: string 2028 required: 2029 - port 2030 type: object 2031 initialDelaySeconds: 2032 description: 'Number of seconds after the container has 2033 started before liveness probes are initiated. More info: 2034 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2035 format: int32 2036 type: integer 2037 periodSeconds: 2038 description: How often (in seconds) to perform the probe. 2039 Default to 10 seconds. Minimum value is 1. 2040 format: int32 2041 type: integer 2042 successThreshold: 2043 description: Minimum consecutive successes for the probe 2044 to be considered successful after having failed. Defaults 2045 to 1. Must be 1 for liveness and startup. Minimum value 2046 is 1. 2047 format: int32 2048 type: integer 2049 tcpSocket: 2050 description: TCPSocket specifies an action involving a TCP 2051 port. 2052 properties: 2053 host: 2054 description: 'Optional: Host name to connect to, defaults 2055 to the pod IP.' 2056 type: string 2057 port: 2058 anyOf: 2059 - type: integer 2060 - type: string 2061 description: Number or name of the port to access on 2062 the container. Number must be in the range 1 to 65535. 2063 Name must be an IANA_SVC_NAME. 2064 x-kubernetes-int-or-string: true 2065 required: 2066 - port 2067 type: object 2068 terminationGracePeriodSeconds: 2069 description: Optional duration in seconds the pod needs 2070 to terminate gracefully upon probe failure. The grace 2071 period is the duration in seconds after the processes 2072 running in the pod are sent a termination signal and the 2073 time when the processes are forcibly halted with a kill 2074 signal. Set this value longer than the expected cleanup 2075 time for your process. If this value is nil, the pod's 2076 terminationGracePeriodSeconds will be used. Otherwise, 2077 this value overrides the value provided by the pod spec. 2078 Value must be non-negative integer. The value zero indicates 2079 stop immediately via the kill signal (no opportunity to 2080 shut down). This is a beta field and requires enabling 2081 ProbeTerminationGracePeriod feature gate. Minimum value 2082 is 1. spec.terminationGracePeriodSeconds is used if unset. 2083 format: int64 2084 type: integer 2085 timeoutSeconds: 2086 description: 'Number of seconds after which the probe times 2087 out. Defaults to 1 second. Minimum value is 1. More info: 2088 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2089 format: int32 2090 type: integer 2091 type: object 2092 name: 2093 description: Name of the container specified as a DNS_LABEL. 2094 Each container in a pod must have a unique name (DNS_LABEL). 2095 Cannot be updated. 2096 type: string 2097 ports: 2098 description: List of ports to expose from the container. Not 2099 specifying a port here DOES NOT prevent that port from being 2100 exposed. Any port which is listening on the default "0.0.0.0" 2101 address inside a container will be accessible from the network. 2102 Modifying this array with strategic merge patch may corrupt 2103 the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. 2104 Cannot be updated. 2105 items: 2106 description: ContainerPort represents a network port in a 2107 single container. 2108 properties: 2109 containerPort: 2110 description: Number of port to expose on the pod's IP 2111 address. This must be a valid port number, 0 < x < 65536. 2112 format: int32 2113 type: integer 2114 hostIP: 2115 description: What host IP to bind the external port to. 2116 type: string 2117 hostPort: 2118 description: Number of port to expose on the host. If 2119 specified, this must be a valid port number, 0 < x < 2120 65536. If HostNetwork is specified, this must match 2121 ContainerPort. Most containers do not need this. 2122 format: int32 2123 type: integer 2124 name: 2125 description: If specified, this must be an IANA_SVC_NAME 2126 and unique within the pod. Each named port in a pod 2127 must have a unique name. Name for the port that can 2128 be referred to by services. 2129 type: string 2130 protocol: 2131 default: TCP 2132 description: Protocol for port. Must be UDP, TCP, or SCTP. 2133 Defaults to "TCP". 2134 type: string 2135 required: 2136 - containerPort 2137 type: object 2138 type: array 2139 x-kubernetes-list-map-keys: 2140 - containerPort 2141 - protocol 2142 x-kubernetes-list-type: map 2143 readinessProbe: 2144 description: 'Periodic probe of container service readiness. 2145 Container will be removed from service endpoints if the probe 2146 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2147 properties: 2148 exec: 2149 description: Exec specifies the action to take. 2150 properties: 2151 command: 2152 description: Command is the command line to execute 2153 inside the container, the working directory for the 2154 command is root ('/') in the container's filesystem. 2155 The command is simply exec'd, it is not run inside 2156 a shell, so traditional shell instructions ('|', etc) 2157 won't work. To use a shell, you need to explicitly 2158 call out to that shell. Exit status of 0 is treated 2159 as live/healthy and non-zero is unhealthy. 2160 items: 2161 type: string 2162 type: array 2163 type: object 2164 failureThreshold: 2165 description: Minimum consecutive failures for the probe 2166 to be considered failed after having succeeded. Defaults 2167 to 3. Minimum value is 1. 2168 format: int32 2169 type: integer 2170 grpc: 2171 description: GRPC specifies an action involving a GRPC port. 2172 This is a beta field and requires enabling GRPCContainerProbe 2173 feature gate. 2174 properties: 2175 port: 2176 description: Port number of the gRPC service. Number 2177 must be in the range 1 to 65535. 2178 format: int32 2179 type: integer 2180 service: 2181 description: "Service is the name of the service to 2182 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2183 \n If this is not specified, the default behavior 2184 is defined by gRPC." 2185 type: string 2186 required: 2187 - port 2188 type: object 2189 httpGet: 2190 description: HTTPGet specifies the http request to perform. 2191 properties: 2192 host: 2193 description: Host name to connect to, defaults to the 2194 pod IP. You probably want to set "Host" in httpHeaders 2195 instead. 2196 type: string 2197 httpHeaders: 2198 description: Custom headers to set in the request. HTTP 2199 allows repeated headers. 2200 items: 2201 description: HTTPHeader describes a custom header 2202 to be used in HTTP probes 2203 properties: 2204 name: 2205 description: The header field name 2206 type: string 2207 value: 2208 description: The header field value 2209 type: string 2210 required: 2211 - name 2212 - value 2213 type: object 2214 type: array 2215 path: 2216 description: Path to access on the HTTP server. 2217 type: string 2218 port: 2219 anyOf: 2220 - type: integer 2221 - type: string 2222 description: Name or number of the port to access on 2223 the container. Number must be in the range 1 to 65535. 2224 Name must be an IANA_SVC_NAME. 2225 x-kubernetes-int-or-string: true 2226 scheme: 2227 description: Scheme to use for connecting to the host. 2228 Defaults to HTTP. 2229 type: string 2230 required: 2231 - port 2232 type: object 2233 initialDelaySeconds: 2234 description: 'Number of seconds after the container has 2235 started before liveness probes are initiated. More info: 2236 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2237 format: int32 2238 type: integer 2239 periodSeconds: 2240 description: How often (in seconds) to perform the probe. 2241 Default to 10 seconds. Minimum value is 1. 2242 format: int32 2243 type: integer 2244 successThreshold: 2245 description: Minimum consecutive successes for the probe 2246 to be considered successful after having failed. Defaults 2247 to 1. Must be 1 for liveness and startup. Minimum value 2248 is 1. 2249 format: int32 2250 type: integer 2251 tcpSocket: 2252 description: TCPSocket specifies an action involving a TCP 2253 port. 2254 properties: 2255 host: 2256 description: 'Optional: Host name to connect to, defaults 2257 to the pod IP.' 2258 type: string 2259 port: 2260 anyOf: 2261 - type: integer 2262 - type: string 2263 description: Number or name of the port to access on 2264 the container. Number must be in the range 1 to 65535. 2265 Name must be an IANA_SVC_NAME. 2266 x-kubernetes-int-or-string: true 2267 required: 2268 - port 2269 type: object 2270 terminationGracePeriodSeconds: 2271 description: Optional duration in seconds the pod needs 2272 to terminate gracefully upon probe failure. The grace 2273 period is the duration in seconds after the processes 2274 running in the pod are sent a termination signal and the 2275 time when the processes are forcibly halted with a kill 2276 signal. Set this value longer than the expected cleanup 2277 time for your process. If this value is nil, the pod's 2278 terminationGracePeriodSeconds will be used. Otherwise, 2279 this value overrides the value provided by the pod spec. 2280 Value must be non-negative integer. The value zero indicates 2281 stop immediately via the kill signal (no opportunity to 2282 shut down). This is a beta field and requires enabling 2283 ProbeTerminationGracePeriod feature gate. Minimum value 2284 is 1. spec.terminationGracePeriodSeconds is used if unset. 2285 format: int64 2286 type: integer 2287 timeoutSeconds: 2288 description: 'Number of seconds after which the probe times 2289 out. Defaults to 1 second. Minimum value is 1. More info: 2290 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2291 format: int32 2292 type: integer 2293 type: object 2294 resources: 2295 description: 'Compute Resources required by this container. 2296 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2297 properties: 2298 claims: 2299 description: "Claims lists the names of resources, defined 2300 in spec.resourceClaims, that are used by this container. 2301 \n This is an alpha field and requires enabling the DynamicResourceAllocation 2302 feature gate. \n This field is immutable." 2303 items: 2304 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 2305 properties: 2306 name: 2307 description: Name must match the name of one entry 2308 in pod.spec.resourceClaims of the Pod where this 2309 field is used. It makes that resource available 2310 inside a container. 2311 type: string 2312 required: 2313 - name 2314 type: object 2315 type: array 2316 x-kubernetes-list-map-keys: 2317 - name 2318 x-kubernetes-list-type: map 2319 limits: 2320 additionalProperties: 2321 anyOf: 2322 - type: integer 2323 - type: string 2324 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2325 x-kubernetes-int-or-string: true 2326 description: 'Limits describes the maximum amount of compute 2327 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2328 type: object 2329 requests: 2330 additionalProperties: 2331 anyOf: 2332 - type: integer 2333 - type: string 2334 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2335 x-kubernetes-int-or-string: true 2336 description: 'Requests describes the minimum amount of compute 2337 resources required. If Requests is omitted for a container, 2338 it defaults to Limits if that is explicitly specified, 2339 otherwise to an implementation-defined value. More info: 2340 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 2341 type: object 2342 type: object 2343 securityContext: 2344 description: 'SecurityContext defines the security options the 2345 container should be run with. If set, the fields of SecurityContext 2346 override the equivalent fields of PodSecurityContext. More 2347 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2348 properties: 2349 allowPrivilegeEscalation: 2350 description: 'AllowPrivilegeEscalation controls whether 2351 a process can gain more privileges than its parent process. 2352 This bool directly controls if the no_new_privs flag will 2353 be set on the container process. AllowPrivilegeEscalation 2354 is true always when the container is: 1) run as Privileged 2355 2) has CAP_SYS_ADMIN Note that this field cannot be set 2356 when spec.os.name is windows.' 2357 type: boolean 2358 capabilities: 2359 description: The capabilities to add/drop when running containers. 2360 Defaults to the default set of capabilities granted by 2361 the container runtime. Note that this field cannot be 2362 set when spec.os.name is windows. 2363 properties: 2364 add: 2365 description: Added capabilities 2366 items: 2367 description: Capability represent POSIX capabilities 2368 type 2369 type: string 2370 type: array 2371 drop: 2372 description: Removed capabilities 2373 items: 2374 description: Capability represent POSIX capabilities 2375 type 2376 type: string 2377 type: array 2378 type: object 2379 privileged: 2380 description: Run container in privileged mode. Processes 2381 in privileged containers are essentially equivalent to 2382 root on the host. Defaults to false. Note that this field 2383 cannot be set when spec.os.name is windows. 2384 type: boolean 2385 procMount: 2386 description: procMount denotes the type of proc mount to 2387 use for the containers. The default is DefaultProcMount 2388 which uses the container runtime defaults for readonly 2389 paths and masked paths. This requires the ProcMountType 2390 feature flag to be enabled. Note that this field cannot 2391 be set when spec.os.name is windows. 2392 type: string 2393 readOnlyRootFilesystem: 2394 description: Whether this container has a read-only root 2395 filesystem. Default is false. Note that this field cannot 2396 be set when spec.os.name is windows. 2397 type: boolean 2398 runAsGroup: 2399 description: The GID to run the entrypoint of the container 2400 process. Uses runtime default if unset. May also be set 2401 in PodSecurityContext. If set in both SecurityContext 2402 and PodSecurityContext, the value specified in SecurityContext 2403 takes precedence. Note that this field cannot be set when 2404 spec.os.name is windows. 2405 format: int64 2406 type: integer 2407 runAsNonRoot: 2408 description: Indicates that the container must run as a 2409 non-root user. If true, the Kubelet will validate the 2410 image at runtime to ensure that it does not run as UID 2411 0 (root) and fail to start the container if it does. If 2412 unset or false, no such validation will be performed. 2413 May also be set in PodSecurityContext. If set in both 2414 SecurityContext and PodSecurityContext, the value specified 2415 in SecurityContext takes precedence. 2416 type: boolean 2417 runAsUser: 2418 description: The UID to run the entrypoint of the container 2419 process. Defaults to user specified in image metadata 2420 if unspecified. May also be set in PodSecurityContext. If 2421 set in both SecurityContext and PodSecurityContext, the 2422 value specified in SecurityContext takes precedence. Note 2423 that this field cannot be set when spec.os.name is windows. 2424 format: int64 2425 type: integer 2426 seLinuxOptions: 2427 description: The SELinux context to be applied to the container. 2428 If unspecified, the container runtime will allocate a 2429 random SELinux context for each container. May also be 2430 set in PodSecurityContext. If set in both SecurityContext 2431 and PodSecurityContext, the value specified in SecurityContext 2432 takes precedence. Note that this field cannot be set when 2433 spec.os.name is windows. 2434 properties: 2435 level: 2436 description: Level is SELinux level label that applies 2437 to the container. 2438 type: string 2439 role: 2440 description: Role is a SELinux role label that applies 2441 to the container. 2442 type: string 2443 type: 2444 description: Type is a SELinux type label that applies 2445 to the container. 2446 type: string 2447 user: 2448 description: User is a SELinux user label that applies 2449 to the container. 2450 type: string 2451 type: object 2452 seccompProfile: 2453 description: The seccomp options to use by this container. 2454 If seccomp options are provided at both the pod & container 2455 level, the container options override the pod options. 2456 Note that this field cannot be set when spec.os.name is 2457 windows. 2458 properties: 2459 localhostProfile: 2460 description: localhostProfile indicates a profile defined 2461 in a file on the node should be used. The profile 2462 must be preconfigured on the node to work. Must be 2463 a descending path, relative to the kubelet's configured 2464 seccomp profile location. Must only be set if type 2465 is "Localhost". 2466 type: string 2467 type: 2468 description: "type indicates which kind of seccomp profile 2469 will be applied. Valid options are: \n Localhost - 2470 a profile defined in a file on the node should be 2471 used. RuntimeDefault - the container runtime default 2472 profile should be used. Unconfined - no profile should 2473 be applied." 2474 type: string 2475 required: 2476 - type 2477 type: object 2478 windowsOptions: 2479 description: The Windows specific settings applied to all 2480 containers. If unspecified, the options from the PodSecurityContext 2481 will be used. If set in both SecurityContext and PodSecurityContext, 2482 the value specified in SecurityContext takes precedence. 2483 Note that this field cannot be set when spec.os.name is 2484 linux. 2485 properties: 2486 gmsaCredentialSpec: 2487 description: GMSACredentialSpec is where the GMSA admission 2488 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2489 inlines the contents of the GMSA credential spec named 2490 by the GMSACredentialSpecName field. 2491 type: string 2492 gmsaCredentialSpecName: 2493 description: GMSACredentialSpecName is the name of the 2494 GMSA credential spec to use. 2495 type: string 2496 hostProcess: 2497 description: HostProcess determines if a container should 2498 be run as a 'Host Process' container. This field is 2499 alpha-level and will only be honored by components 2500 that enable the WindowsHostProcessContainers feature 2501 flag. Setting this field without the feature flag 2502 will result in errors when validating the Pod. All 2503 of a Pod's containers must have the same effective 2504 HostProcess value (it is not allowed to have a mix 2505 of HostProcess containers and non-HostProcess containers). In 2506 addition, if HostProcess is true then HostNetwork 2507 must also be set to true. 2508 type: boolean 2509 runAsUserName: 2510 description: The UserName in Windows to run the entrypoint 2511 of the container process. Defaults to the user specified 2512 in image metadata if unspecified. May also be set 2513 in PodSecurityContext. If set in both SecurityContext 2514 and PodSecurityContext, the value specified in SecurityContext 2515 takes precedence. 2516 type: string 2517 type: object 2518 type: object 2519 startupProbe: 2520 description: 'StartupProbe indicates that the Pod has successfully 2521 initialized. If specified, no other probes are executed until 2522 this completes successfully. If this probe fails, the Pod 2523 will be restarted, just as if the livenessProbe failed. This 2524 can be used to provide different probe parameters at the beginning 2525 of a Pod''s lifecycle, when it might take a long time to load 2526 data or warm a cache, than during steady-state operation. 2527 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2528 properties: 2529 exec: 2530 description: Exec specifies the action to take. 2531 properties: 2532 command: 2533 description: Command is the command line to execute 2534 inside the container, the working directory for the 2535 command is root ('/') in the container's filesystem. 2536 The command is simply exec'd, it is not run inside 2537 a shell, so traditional shell instructions ('|', etc) 2538 won't work. To use a shell, you need to explicitly 2539 call out to that shell. Exit status of 0 is treated 2540 as live/healthy and non-zero is unhealthy. 2541 items: 2542 type: string 2543 type: array 2544 type: object 2545 failureThreshold: 2546 description: Minimum consecutive failures for the probe 2547 to be considered failed after having succeeded. Defaults 2548 to 3. Minimum value is 1. 2549 format: int32 2550 type: integer 2551 grpc: 2552 description: GRPC specifies an action involving a GRPC port. 2553 This is a beta field and requires enabling GRPCContainerProbe 2554 feature gate. 2555 properties: 2556 port: 2557 description: Port number of the gRPC service. Number 2558 must be in the range 1 to 65535. 2559 format: int32 2560 type: integer 2561 service: 2562 description: "Service is the name of the service to 2563 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 2564 \n If this is not specified, the default behavior 2565 is defined by gRPC." 2566 type: string 2567 required: 2568 - port 2569 type: object 2570 httpGet: 2571 description: HTTPGet specifies the http request to perform. 2572 properties: 2573 host: 2574 description: Host name to connect to, defaults to the 2575 pod IP. You probably want to set "Host" in httpHeaders 2576 instead. 2577 type: string 2578 httpHeaders: 2579 description: Custom headers to set in the request. HTTP 2580 allows repeated headers. 2581 items: 2582 description: HTTPHeader describes a custom header 2583 to be used in HTTP probes 2584 properties: 2585 name: 2586 description: The header field name 2587 type: string 2588 value: 2589 description: The header field value 2590 type: string 2591 required: 2592 - name 2593 - value 2594 type: object 2595 type: array 2596 path: 2597 description: Path to access on the HTTP server. 2598 type: string 2599 port: 2600 anyOf: 2601 - type: integer 2602 - type: string 2603 description: Name or number of the port to access on 2604 the container. Number must be in the range 1 to 65535. 2605 Name must be an IANA_SVC_NAME. 2606 x-kubernetes-int-or-string: true 2607 scheme: 2608 description: Scheme to use for connecting to the host. 2609 Defaults to HTTP. 2610 type: string 2611 required: 2612 - port 2613 type: object 2614 initialDelaySeconds: 2615 description: 'Number of seconds after the container has 2616 started before liveness probes are initiated. More info: 2617 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2618 format: int32 2619 type: integer 2620 periodSeconds: 2621 description: How often (in seconds) to perform the probe. 2622 Default to 10 seconds. Minimum value is 1. 2623 format: int32 2624 type: integer 2625 successThreshold: 2626 description: Minimum consecutive successes for the probe 2627 to be considered successful after having failed. Defaults 2628 to 1. Must be 1 for liveness and startup. Minimum value 2629 is 1. 2630 format: int32 2631 type: integer 2632 tcpSocket: 2633 description: TCPSocket specifies an action involving a TCP 2634 port. 2635 properties: 2636 host: 2637 description: 'Optional: Host name to connect to, defaults 2638 to the pod IP.' 2639 type: string 2640 port: 2641 anyOf: 2642 - type: integer 2643 - type: string 2644 description: Number or name of the port to access on 2645 the container. Number must be in the range 1 to 65535. 2646 Name must be an IANA_SVC_NAME. 2647 x-kubernetes-int-or-string: true 2648 required: 2649 - port 2650 type: object 2651 terminationGracePeriodSeconds: 2652 description: Optional duration in seconds the pod needs 2653 to terminate gracefully upon probe failure. The grace 2654 period is the duration in seconds after the processes 2655 running in the pod are sent a termination signal and the 2656 time when the processes are forcibly halted with a kill 2657 signal. Set this value longer than the expected cleanup 2658 time for your process. If this value is nil, the pod's 2659 terminationGracePeriodSeconds will be used. Otherwise, 2660 this value overrides the value provided by the pod spec. 2661 Value must be non-negative integer. The value zero indicates 2662 stop immediately via the kill signal (no opportunity to 2663 shut down). This is a beta field and requires enabling 2664 ProbeTerminationGracePeriod feature gate. Minimum value 2665 is 1. spec.terminationGracePeriodSeconds is used if unset. 2666 format: int64 2667 type: integer 2668 timeoutSeconds: 2669 description: 'Number of seconds after which the probe times 2670 out. Defaults to 1 second. Minimum value is 1. More info: 2671 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2672 format: int32 2673 type: integer 2674 type: object 2675 stdin: 2676 description: Whether this container should allocate a buffer 2677 for stdin in the container runtime. If this is not set, reads 2678 from stdin in the container will always result in EOF. Default 2679 is false. 2680 type: boolean 2681 stdinOnce: 2682 description: Whether the container runtime should close the 2683 stdin channel after it has been opened by a single attach. 2684 When stdin is true the stdin stream will remain open across 2685 multiple attach sessions. If stdinOnce is set to true, stdin 2686 is opened on container start, is empty until the first client 2687 attaches to stdin, and then remains open and accepts data 2688 until the client disconnects, at which time stdin is closed 2689 and remains closed until the container is restarted. If this 2690 flag is false, a container processes that reads from stdin 2691 will never receive an EOF. Default is false 2692 type: boolean 2693 terminationMessagePath: 2694 description: 'Optional: Path at which the file to which the 2695 container''s termination message will be written is mounted 2696 into the container''s filesystem. Message written is intended 2697 to be brief final status, such as an assertion failure message. 2698 Will be truncated by the node if greater than 4096 bytes. 2699 The total message length across all containers will be limited 2700 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 2701 type: string 2702 terminationMessagePolicy: 2703 description: Indicate how the termination message should be 2704 populated. File will use the contents of terminationMessagePath 2705 to populate the container status message on both success and 2706 failure. FallbackToLogsOnError will use the last chunk of 2707 container log output if the termination message file is empty 2708 and the container exited with an error. The log output is 2709 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 2710 to File. Cannot be updated. 2711 type: string 2712 tty: 2713 description: Whether this container should allocate a TTY for 2714 itself, also requires 'stdin' to be true. Default is false. 2715 type: boolean 2716 volumeDevices: 2717 description: volumeDevices is the list of block devices to be 2718 used by the container. 2719 items: 2720 description: volumeDevice describes a mapping of a raw block 2721 device within a container. 2722 properties: 2723 devicePath: 2724 description: devicePath is the path inside of the container 2725 that the device will be mapped to. 2726 type: string 2727 name: 2728 description: name must match the name of a persistentVolumeClaim 2729 in the pod 2730 type: string 2731 required: 2732 - devicePath 2733 - name 2734 type: object 2735 type: array 2736 volumeMounts: 2737 description: Pod volumes to mount into the container's filesystem. 2738 Cannot be updated. 2739 items: 2740 description: VolumeMount describes a mounting of a Volume 2741 within a container. 2742 properties: 2743 mountPath: 2744 description: Path within the container at which the volume 2745 should be mounted. Must not contain ':'. 2746 type: string 2747 mountPropagation: 2748 description: mountPropagation determines how mounts are 2749 propagated from the host to container and the other 2750 way around. When not set, MountPropagationNone is used. 2751 This field is beta in 1.10. 2752 type: string 2753 name: 2754 description: This must match the Name of a Volume. 2755 type: string 2756 readOnly: 2757 description: Mounted read-only if true, read-write otherwise 2758 (false or unspecified). Defaults to false. 2759 type: boolean 2760 subPath: 2761 description: Path within the volume from which the container's 2762 volume should be mounted. Defaults to "" (volume's root). 2763 type: string 2764 subPathExpr: 2765 description: Expanded path within the volume from which 2766 the container's volume should be mounted. Behaves similarly 2767 to SubPath but environment variable references $(VAR_NAME) 2768 are expanded using the container's environment. Defaults 2769 to "" (volume's root). SubPathExpr and SubPath are mutually 2770 exclusive. 2771 type: string 2772 required: 2773 - mountPath 2774 - name 2775 type: object 2776 type: array 2777 workingDir: 2778 description: Container's working directory. If not specified, 2779 the container runtime's default will be used, which might 2780 be configured in the container image. Cannot be updated. 2781 type: string 2782 required: 2783 - name 2784 type: object 2785 type: array 2786 disableCompaction: 2787 description: Disable prometheus compaction. 2788 type: boolean 2789 enableAdminAPI: 2790 description: 'Enable access to prometheus web admin API. Defaults 2791 to the value of `false`. WARNING: Enabling the admin APIs enables 2792 mutating endpoints, to delete data, shutdown Prometheus, and more. 2793 Enabling this should be done with care and the user is advised to 2794 add additional authentication authorization via a proxy to ensure 2795 only clients authorized to perform these actions can do so. For 2796 more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' 2797 type: boolean 2798 enableFeatures: 2799 description: Enable access to Prometheus disabled features. By default, 2800 no features are enabled. Enabling disabled features is entirely 2801 outside the scope of what the maintainers will support and by doing 2802 so, you accept that this behaviour may break at any time without 2803 notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/ 2804 items: 2805 type: string 2806 type: array 2807 enableRemoteWriteReceiver: 2808 description: 'Enable Prometheus to be used as a receiver for the Prometheus 2809 remote write protocol. Defaults to the value of `false`. WARNING: 2810 This is not considered an efficient way of ingesting samples. Use 2811 it with caution for specific low-volume use cases. It is not suitable 2812 for replacing the ingestion via scraping and turning Prometheus 2813 into a push-based metrics collection system. For more information 2814 see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver 2815 Only valid in Prometheus versions 2.33.0 and newer.' 2816 type: boolean 2817 enforcedBodySizeLimit: 2818 description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed 2819 response body that will be accepted by Prometheus. Targets responding 2820 with a body larger than this many bytes will cause the scrape to 2821 fail. Example: 100MB. If defined, the limit will apply to all service/pod 2822 monitors and probes. This is an experimental feature, this behaviour 2823 could change or be removed in the future. Only valid in Prometheus 2824 versions 2.28.0 and newer.' 2825 pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ 2826 type: string 2827 enforcedLabelLimit: 2828 description: Per-scrape limit on number of labels that will be accepted 2829 for a sample. If more than this number of labels are present post 2830 metric-relabeling, the entire scrape will be treated as failed. 2831 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 2832 format: int64 2833 type: integer 2834 enforcedLabelNameLengthLimit: 2835 description: Per-scrape limit on length of labels name that will be 2836 accepted for a sample. If a label name is longer than this number 2837 post metric-relabeling, the entire scrape will be treated as failed. 2838 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 2839 format: int64 2840 type: integer 2841 enforcedLabelValueLengthLimit: 2842 description: Per-scrape limit on length of labels value that will 2843 be accepted for a sample. If a label value is longer than this number 2844 post metric-relabeling, the entire scrape will be treated as failed. 2845 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 2846 format: int64 2847 type: integer 2848 enforcedNamespaceLabel: 2849 description: "EnforcedNamespaceLabel If set, a label will be added 2850 to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` 2851 and `Probe` objects) and 2. in all `PrometheusRule` objects (except 2852 the ones excluded in `prometheusRulesExcludedFromEnforce`) to * 2853 alerting & recording rules and * the metrics used in their expressions 2854 (`expr`). \n Label name is this field's value. Label value is the 2855 namespace of the created object (mentioned above)." 2856 type: string 2857 enforcedSampleLimit: 2858 description: EnforcedSampleLimit defines global limit on number of 2859 scraped samples that will be accepted. This overrides any SampleLimit 2860 set per ServiceMonitor or/and PodMonitor. It is meant to be used 2861 by admins to enforce the SampleLimit to keep overall number of samples/series 2862 under the desired limit. Note that if SampleLimit is lower that 2863 value will be taken instead. 2864 format: int64 2865 type: integer 2866 enforcedTargetLimit: 2867 description: EnforcedTargetLimit defines a global limit on the number 2868 of scraped targets. This overrides any TargetLimit set per ServiceMonitor 2869 or/and PodMonitor. It is meant to be used by admins to enforce 2870 the TargetLimit to keep the overall number of targets under the 2871 desired limit. Note that if TargetLimit is lower, that value will 2872 be taken instead, except if either value is zero, in which case 2873 the non-zero value will be used. If both values are zero, no limit 2874 is enforced. 2875 format: int64 2876 type: integer 2877 evaluationInterval: 2878 default: 30s 2879 description: 'Interval between consecutive evaluations. Default: `30s`' 2880 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 2881 type: string 2882 excludedFromEnforcement: 2883 description: List of references to PodMonitor, ServiceMonitor, Probe 2884 and PrometheusRule objects to be excluded from enforcing a namespace 2885 label of origin. Applies only if enforcedNamespaceLabel set to true. 2886 items: 2887 description: ObjectReference references a PodMonitor, ServiceMonitor, 2888 Probe or PrometheusRule object. 2889 properties: 2890 group: 2891 default: monitoring.coreos.com 2892 description: Group of the referent. When not specified, it defaults 2893 to `monitoring.coreos.com` 2894 enum: 2895 - monitoring.coreos.com 2896 type: string 2897 name: 2898 description: Name of the referent. When not set, all resources 2899 are matched. 2900 type: string 2901 namespace: 2902 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 2903 minLength: 1 2904 type: string 2905 resource: 2906 description: Resource of the referent. 2907 enum: 2908 - prometheusrules 2909 - servicemonitors 2910 - podmonitors 2911 - probes 2912 type: string 2913 required: 2914 - namespace 2915 - resource 2916 type: object 2917 type: array 2918 exemplars: 2919 description: Exemplars related settings that are runtime reloadable. 2920 It requires to enable the exemplar storage feature to be effective. 2921 properties: 2922 maxSize: 2923 description: Maximum number of exemplars stored in memory for 2924 all series. If not set, Prometheus uses its default value. A 2925 value of zero or less than zero disables the storage. 2926 format: int64 2927 type: integer 2928 type: object 2929 externalLabels: 2930 additionalProperties: 2931 type: string 2932 description: The labels to add to any time series or alerts when communicating 2933 with external systems (federation, remote storage, Alertmanager). 2934 type: object 2935 externalUrl: 2936 description: The external URL the Prometheus instances will be available 2937 under. This is necessary to generate correct URLs. This is necessary 2938 if Prometheus is not served from root of a DNS name. 2939 type: string 2940 hostAliases: 2941 description: Pods' hostAliases configuration 2942 items: 2943 description: HostAlias holds the mapping between IP and hostnames 2944 that will be injected as an entry in the pod's hosts file. 2945 properties: 2946 hostnames: 2947 description: Hostnames for the above IP address. 2948 items: 2949 type: string 2950 type: array 2951 ip: 2952 description: IP address of the host file entry. 2953 type: string 2954 required: 2955 - hostnames 2956 - ip 2957 type: object 2958 type: array 2959 x-kubernetes-list-map-keys: 2960 - ip 2961 x-kubernetes-list-type: map 2962 hostNetwork: 2963 description: Use the host's network namespace if true. Make sure to 2964 understand the security implications if you want to enable it. When 2965 hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet 2966 automatically. 2967 type: boolean 2968 ignoreNamespaceSelectors: 2969 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector 2970 settings from all PodMonitor, ServiceMonitor and Probe objects. 2971 They will only discover endpoints within the namespace of the PodMonitor, 2972 ServiceMonitor and Probe objects. Defaults to false. 2973 type: boolean 2974 image: 2975 description: Image if specified has precedence over baseImage, tag 2976 and sha combinations. Specifying the version is still necessary 2977 to ensure the Prometheus Operator knows what version of Prometheus 2978 is being configured. 2979 type: string 2980 imagePullPolicy: 2981 description: Image pull policy for the 'prometheus', 'init-config-reloader' 2982 and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy 2983 for more details. 2984 enum: 2985 - "" 2986 - Always 2987 - Never 2988 - IfNotPresent 2989 type: string 2990 imagePullSecrets: 2991 description: An optional list of references to secrets in the same 2992 namespace to use for pulling prometheus and alertmanager images 2993 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 2994 items: 2995 description: LocalObjectReference contains enough information to 2996 let you locate the referenced object inside the same namespace. 2997 properties: 2998 name: 2999 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3000 TODO: Add other useful fields. apiVersion, kind, uid?' 3001 type: string 3002 type: object 3003 x-kubernetes-map-type: atomic 3004 type: array 3005 initContainers: 3006 description: 'InitContainers allows adding initContainers to the pod 3007 definition. Those can be used to e.g. fetch secrets for injection 3008 into the Prometheus configuration from external sources. Any errors 3009 during the execution of an initContainer will lead to a restart 3010 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 3011 InitContainers described here modify an operator generated init 3012 containers if they share the same name and modifications are done 3013 via a strategic merge patch. The current init container name is: 3014 `init-config-reloader`. Overriding init containers is entirely outside 3015 the scope of what the maintainers will support and by doing so, 3016 you accept that this behaviour may break at any time without notice.' 3017 items: 3018 description: A single application container that you want to run 3019 within a pod. 3020 properties: 3021 args: 3022 description: 'Arguments to the entrypoint. The container image''s 3023 CMD is used if this is not provided. Variable references $(VAR_NAME) 3024 are expanded using the container''s environment. If a variable 3025 cannot be resolved, the reference in the input string will 3026 be unchanged. Double $$ are reduced to a single $, which allows 3027 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 3028 produce the string literal "$(VAR_NAME)". Escaped references 3029 will never be expanded, regardless of whether the variable 3030 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3031 items: 3032 type: string 3033 type: array 3034 command: 3035 description: 'Entrypoint array. Not executed within a shell. 3036 The container image''s ENTRYPOINT is used if this is not provided. 3037 Variable references $(VAR_NAME) are expanded using the container''s 3038 environment. If a variable cannot be resolved, the reference 3039 in the input string will be unchanged. Double $$ are reduced 3040 to a single $, which allows for escaping the $(VAR_NAME) syntax: 3041 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 3042 Escaped references will never be expanded, regardless of whether 3043 the variable exists or not. Cannot be updated. More info: 3044 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3045 items: 3046 type: string 3047 type: array 3048 env: 3049 description: List of environment variables to set in the container. 3050 Cannot be updated. 3051 items: 3052 description: EnvVar represents an environment variable present 3053 in a Container. 3054 properties: 3055 name: 3056 description: Name of the environment variable. Must be 3057 a C_IDENTIFIER. 3058 type: string 3059 value: 3060 description: 'Variable references $(VAR_NAME) are expanded 3061 using the previously defined environment variables in 3062 the container and any service environment variables. 3063 If a variable cannot be resolved, the reference in the 3064 input string will be unchanged. Double $$ are reduced 3065 to a single $, which allows for escaping the $(VAR_NAME) 3066 syntax: i.e. "$$(VAR_NAME)" will produce the string 3067 literal "$(VAR_NAME)". Escaped references will never 3068 be expanded, regardless of whether the variable exists 3069 or not. Defaults to "".' 3070 type: string 3071 valueFrom: 3072 description: Source for the environment variable's value. 3073 Cannot be used if value is not empty. 3074 properties: 3075 configMapKeyRef: 3076 description: Selects a key of a ConfigMap. 3077 properties: 3078 key: 3079 description: The key to select. 3080 type: string 3081 name: 3082 description: 'Name of the referent. More info: 3083 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3084 TODO: Add other useful fields. apiVersion, kind, 3085 uid?' 3086 type: string 3087 optional: 3088 description: Specify whether the ConfigMap or 3089 its key must be defined 3090 type: boolean 3091 required: 3092 - key 3093 type: object 3094 x-kubernetes-map-type: atomic 3095 fieldRef: 3096 description: 'Selects a field of the pod: supports 3097 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 3098 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3099 spec.serviceAccountName, status.hostIP, status.podIP, 3100 status.podIPs.' 3101 properties: 3102 apiVersion: 3103 description: Version of the schema the FieldPath 3104 is written in terms of, defaults to "v1". 3105 type: string 3106 fieldPath: 3107 description: Path of the field to select in the 3108 specified API version. 3109 type: string 3110 required: 3111 - fieldPath 3112 type: object 3113 x-kubernetes-map-type: atomic 3114 resourceFieldRef: 3115 description: 'Selects a resource of the container: 3116 only resources limits and requests (limits.cpu, 3117 limits.memory, limits.ephemeral-storage, requests.cpu, 3118 requests.memory and requests.ephemeral-storage) 3119 are currently supported.' 3120 properties: 3121 containerName: 3122 description: 'Container name: required for volumes, 3123 optional for env vars' 3124 type: string 3125 divisor: 3126 anyOf: 3127 - type: integer 3128 - type: string 3129 description: Specifies the output format of the 3130 exposed resources, defaults to "1" 3131 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3132 x-kubernetes-int-or-string: true 3133 resource: 3134 description: 'Required: resource to select' 3135 type: string 3136 required: 3137 - resource 3138 type: object 3139 x-kubernetes-map-type: atomic 3140 secretKeyRef: 3141 description: Selects a key of a secret in the pod's 3142 namespace 3143 properties: 3144 key: 3145 description: The key of the secret to select from. Must 3146 be a valid secret key. 3147 type: string 3148 name: 3149 description: 'Name of the referent. More info: 3150 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3151 TODO: Add other useful fields. apiVersion, kind, 3152 uid?' 3153 type: string 3154 optional: 3155 description: Specify whether the Secret or its 3156 key must be defined 3157 type: boolean 3158 required: 3159 - key 3160 type: object 3161 x-kubernetes-map-type: atomic 3162 type: object 3163 required: 3164 - name 3165 type: object 3166 type: array 3167 envFrom: 3168 description: List of sources to populate environment variables 3169 in the container. The keys defined within a source must be 3170 a C_IDENTIFIER. All invalid keys will be reported as an event 3171 when the container is starting. When a key exists in multiple 3172 sources, the value associated with the last source will take 3173 precedence. Values defined by an Env with a duplicate key 3174 will take precedence. Cannot be updated. 3175 items: 3176 description: EnvFromSource represents the source of a set 3177 of ConfigMaps 3178 properties: 3179 configMapRef: 3180 description: The ConfigMap to select from 3181 properties: 3182 name: 3183 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3184 TODO: Add other useful fields. apiVersion, kind, 3185 uid?' 3186 type: string 3187 optional: 3188 description: Specify whether the ConfigMap must be 3189 defined 3190 type: boolean 3191 type: object 3192 x-kubernetes-map-type: atomic 3193 prefix: 3194 description: An optional identifier to prepend to each 3195 key in the ConfigMap. Must be a C_IDENTIFIER. 3196 type: string 3197 secretRef: 3198 description: The Secret to select from 3199 properties: 3200 name: 3201 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3202 TODO: Add other useful fields. apiVersion, kind, 3203 uid?' 3204 type: string 3205 optional: 3206 description: Specify whether the Secret must be defined 3207 type: boolean 3208 type: object 3209 x-kubernetes-map-type: atomic 3210 type: object 3211 type: array 3212 image: 3213 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images 3214 This field is optional to allow higher level config management 3215 to default or override container images in workload controllers 3216 like Deployments and StatefulSets.' 3217 type: string 3218 imagePullPolicy: 3219 description: 'Image pull policy. One of Always, Never, IfNotPresent. 3220 Defaults to Always if :latest tag is specified, or IfNotPresent 3221 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3222 type: string 3223 lifecycle: 3224 description: Actions that the management system should take 3225 in response to container lifecycle events. Cannot be updated. 3226 properties: 3227 postStart: 3228 description: 'PostStart is called immediately after a container 3229 is created. If the handler fails, the container is terminated 3230 and restarted according to its restart policy. Other management 3231 of the container blocks until the hook completes. More 3232 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3233 properties: 3234 exec: 3235 description: Exec specifies the action to take. 3236 properties: 3237 command: 3238 description: Command is the command line to execute 3239 inside the container, the working directory for 3240 the command is root ('/') in the container's 3241 filesystem. The command is simply exec'd, it is 3242 not run inside a shell, so traditional shell instructions 3243 ('|', etc) won't work. To use a shell, you need 3244 to explicitly call out to that shell. Exit status 3245 of 0 is treated as live/healthy and non-zero is 3246 unhealthy. 3247 items: 3248 type: string 3249 type: array 3250 type: object 3251 httpGet: 3252 description: HTTPGet specifies the http request to perform. 3253 properties: 3254 host: 3255 description: Host name to connect to, defaults to 3256 the pod IP. You probably want to set "Host" in 3257 httpHeaders instead. 3258 type: string 3259 httpHeaders: 3260 description: Custom headers to set in the request. 3261 HTTP allows repeated headers. 3262 items: 3263 description: HTTPHeader describes a custom header 3264 to be used in HTTP probes 3265 properties: 3266 name: 3267 description: The header field name 3268 type: string 3269 value: 3270 description: The header field value 3271 type: string 3272 required: 3273 - name 3274 - value 3275 type: object 3276 type: array 3277 path: 3278 description: Path to access on the HTTP server. 3279 type: string 3280 port: 3281 anyOf: 3282 - type: integer 3283 - type: string 3284 description: Name or number of the port to access 3285 on the container. Number must be in the range 3286 1 to 65535. Name must be an IANA_SVC_NAME. 3287 x-kubernetes-int-or-string: true 3288 scheme: 3289 description: Scheme to use for connecting to the 3290 host. Defaults to HTTP. 3291 type: string 3292 required: 3293 - port 3294 type: object 3295 tcpSocket: 3296 description: Deprecated. TCPSocket is NOT supported 3297 as a LifecycleHandler and kept for the backward compatibility. 3298 There are no validation of this field and lifecycle 3299 hooks will fail in runtime when tcp handler is specified. 3300 properties: 3301 host: 3302 description: 'Optional: Host name to connect to, 3303 defaults to the pod IP.' 3304 type: string 3305 port: 3306 anyOf: 3307 - type: integer 3308 - type: string 3309 description: Number or name of the port to access 3310 on the container. Number must be in the range 3311 1 to 65535. Name must be an IANA_SVC_NAME. 3312 x-kubernetes-int-or-string: true 3313 required: 3314 - port 3315 type: object 3316 type: object 3317 preStop: 3318 description: 'PreStop is called immediately before a container 3319 is terminated due to an API request or management event 3320 such as liveness/startup probe failure, preemption, resource 3321 contention, etc. The handler is not called if the container 3322 crashes or exits. The Pod''s termination grace period 3323 countdown begins before the PreStop hook is executed. 3324 Regardless of the outcome of the handler, the container 3325 will eventually terminate within the Pod''s termination 3326 grace period (unless delayed by finalizers). Other management 3327 of the container blocks until the hook completes or until 3328 the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3329 properties: 3330 exec: 3331 description: Exec specifies the action to take. 3332 properties: 3333 command: 3334 description: Command is the command line to execute 3335 inside the container, the working directory for 3336 the command is root ('/') in the container's 3337 filesystem. The command is simply exec'd, it is 3338 not run inside a shell, so traditional shell instructions 3339 ('|', etc) won't work. To use a shell, you need 3340 to explicitly call out to that shell. Exit status 3341 of 0 is treated as live/healthy and non-zero is 3342 unhealthy. 3343 items: 3344 type: string 3345 type: array 3346 type: object 3347 httpGet: 3348 description: HTTPGet specifies the http request to perform. 3349 properties: 3350 host: 3351 description: Host name to connect to, defaults to 3352 the pod IP. You probably want to set "Host" in 3353 httpHeaders instead. 3354 type: string 3355 httpHeaders: 3356 description: Custom headers to set in the request. 3357 HTTP allows repeated headers. 3358 items: 3359 description: HTTPHeader describes a custom header 3360 to be used in HTTP probes 3361 properties: 3362 name: 3363 description: The header field name 3364 type: string 3365 value: 3366 description: The header field value 3367 type: string 3368 required: 3369 - name 3370 - value 3371 type: object 3372 type: array 3373 path: 3374 description: Path to access on the HTTP server. 3375 type: string 3376 port: 3377 anyOf: 3378 - type: integer 3379 - type: string 3380 description: Name or number of the port to access 3381 on the container. Number must be in the range 3382 1 to 65535. Name must be an IANA_SVC_NAME. 3383 x-kubernetes-int-or-string: true 3384 scheme: 3385 description: Scheme to use for connecting to the 3386 host. Defaults to HTTP. 3387 type: string 3388 required: 3389 - port 3390 type: object 3391 tcpSocket: 3392 description: Deprecated. TCPSocket is NOT supported 3393 as a LifecycleHandler and kept for the backward compatibility. 3394 There are no validation of this field and lifecycle 3395 hooks will fail in runtime when tcp handler is specified. 3396 properties: 3397 host: 3398 description: 'Optional: Host name to connect to, 3399 defaults to the pod IP.' 3400 type: string 3401 port: 3402 anyOf: 3403 - type: integer 3404 - type: string 3405 description: Number or name of the port to access 3406 on the container. Number must be in the range 3407 1 to 65535. Name must be an IANA_SVC_NAME. 3408 x-kubernetes-int-or-string: true 3409 required: 3410 - port 3411 type: object 3412 type: object 3413 type: object 3414 livenessProbe: 3415 description: 'Periodic probe of container liveness. Container 3416 will be restarted if the probe fails. Cannot be updated. More 3417 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3418 properties: 3419 exec: 3420 description: Exec specifies the action to take. 3421 properties: 3422 command: 3423 description: Command is the command line to execute 3424 inside the container, the working directory for the 3425 command is root ('/') in the container's filesystem. 3426 The command is simply exec'd, it is not run inside 3427 a shell, so traditional shell instructions ('|', etc) 3428 won't work. To use a shell, you need to explicitly 3429 call out to that shell. Exit status of 0 is treated 3430 as live/healthy and non-zero is unhealthy. 3431 items: 3432 type: string 3433 type: array 3434 type: object 3435 failureThreshold: 3436 description: Minimum consecutive failures for the probe 3437 to be considered failed after having succeeded. Defaults 3438 to 3. Minimum value is 1. 3439 format: int32 3440 type: integer 3441 grpc: 3442 description: GRPC specifies an action involving a GRPC port. 3443 This is a beta field and requires enabling GRPCContainerProbe 3444 feature gate. 3445 properties: 3446 port: 3447 description: Port number of the gRPC service. Number 3448 must be in the range 1 to 65535. 3449 format: int32 3450 type: integer 3451 service: 3452 description: "Service is the name of the service to 3453 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3454 \n If this is not specified, the default behavior 3455 is defined by gRPC." 3456 type: string 3457 required: 3458 - port 3459 type: object 3460 httpGet: 3461 description: HTTPGet specifies the http request to perform. 3462 properties: 3463 host: 3464 description: Host name to connect to, defaults to the 3465 pod IP. You probably want to set "Host" in httpHeaders 3466 instead. 3467 type: string 3468 httpHeaders: 3469 description: Custom headers to set in the request. HTTP 3470 allows repeated headers. 3471 items: 3472 description: HTTPHeader describes a custom header 3473 to be used in HTTP probes 3474 properties: 3475 name: 3476 description: The header field name 3477 type: string 3478 value: 3479 description: The header field value 3480 type: string 3481 required: 3482 - name 3483 - value 3484 type: object 3485 type: array 3486 path: 3487 description: Path to access on the HTTP server. 3488 type: string 3489 port: 3490 anyOf: 3491 - type: integer 3492 - type: string 3493 description: Name or number of the port to access on 3494 the container. Number must be in the range 1 to 65535. 3495 Name must be an IANA_SVC_NAME. 3496 x-kubernetes-int-or-string: true 3497 scheme: 3498 description: Scheme to use for connecting to the host. 3499 Defaults to HTTP. 3500 type: string 3501 required: 3502 - port 3503 type: object 3504 initialDelaySeconds: 3505 description: 'Number of seconds after the container has 3506 started before liveness probes are initiated. More info: 3507 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3508 format: int32 3509 type: integer 3510 periodSeconds: 3511 description: How often (in seconds) to perform the probe. 3512 Default to 10 seconds. Minimum value is 1. 3513 format: int32 3514 type: integer 3515 successThreshold: 3516 description: Minimum consecutive successes for the probe 3517 to be considered successful after having failed. Defaults 3518 to 1. Must be 1 for liveness and startup. Minimum value 3519 is 1. 3520 format: int32 3521 type: integer 3522 tcpSocket: 3523 description: TCPSocket specifies an action involving a TCP 3524 port. 3525 properties: 3526 host: 3527 description: 'Optional: Host name to connect to, defaults 3528 to the pod IP.' 3529 type: string 3530 port: 3531 anyOf: 3532 - type: integer 3533 - type: string 3534 description: Number or name of the port to access on 3535 the container. Number must be in the range 1 to 65535. 3536 Name must be an IANA_SVC_NAME. 3537 x-kubernetes-int-or-string: true 3538 required: 3539 - port 3540 type: object 3541 terminationGracePeriodSeconds: 3542 description: Optional duration in seconds the pod needs 3543 to terminate gracefully upon probe failure. The grace 3544 period is the duration in seconds after the processes 3545 running in the pod are sent a termination signal and the 3546 time when the processes are forcibly halted with a kill 3547 signal. Set this value longer than the expected cleanup 3548 time for your process. If this value is nil, the pod's 3549 terminationGracePeriodSeconds will be used. Otherwise, 3550 this value overrides the value provided by the pod spec. 3551 Value must be non-negative integer. The value zero indicates 3552 stop immediately via the kill signal (no opportunity to 3553 shut down). This is a beta field and requires enabling 3554 ProbeTerminationGracePeriod feature gate. Minimum value 3555 is 1. spec.terminationGracePeriodSeconds is used if unset. 3556 format: int64 3557 type: integer 3558 timeoutSeconds: 3559 description: 'Number of seconds after which the probe times 3560 out. Defaults to 1 second. Minimum value is 1. More info: 3561 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3562 format: int32 3563 type: integer 3564 type: object 3565 name: 3566 description: Name of the container specified as a DNS_LABEL. 3567 Each container in a pod must have a unique name (DNS_LABEL). 3568 Cannot be updated. 3569 type: string 3570 ports: 3571 description: List of ports to expose from the container. Not 3572 specifying a port here DOES NOT prevent that port from being 3573 exposed. Any port which is listening on the default "0.0.0.0" 3574 address inside a container will be accessible from the network. 3575 Modifying this array with strategic merge patch may corrupt 3576 the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. 3577 Cannot be updated. 3578 items: 3579 description: ContainerPort represents a network port in a 3580 single container. 3581 properties: 3582 containerPort: 3583 description: Number of port to expose on the pod's IP 3584 address. This must be a valid port number, 0 < x < 65536. 3585 format: int32 3586 type: integer 3587 hostIP: 3588 description: What host IP to bind the external port to. 3589 type: string 3590 hostPort: 3591 description: Number of port to expose on the host. If 3592 specified, this must be a valid port number, 0 < x < 3593 65536. If HostNetwork is specified, this must match 3594 ContainerPort. Most containers do not need this. 3595 format: int32 3596 type: integer 3597 name: 3598 description: If specified, this must be an IANA_SVC_NAME 3599 and unique within the pod. Each named port in a pod 3600 must have a unique name. Name for the port that can 3601 be referred to by services. 3602 type: string 3603 protocol: 3604 default: TCP 3605 description: Protocol for port. Must be UDP, TCP, or SCTP. 3606 Defaults to "TCP". 3607 type: string 3608 required: 3609 - containerPort 3610 type: object 3611 type: array 3612 x-kubernetes-list-map-keys: 3613 - containerPort 3614 - protocol 3615 x-kubernetes-list-type: map 3616 readinessProbe: 3617 description: 'Periodic probe of container service readiness. 3618 Container will be removed from service endpoints if the probe 3619 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3620 properties: 3621 exec: 3622 description: Exec specifies the action to take. 3623 properties: 3624 command: 3625 description: Command is the command line to execute 3626 inside the container, the working directory for the 3627 command is root ('/') in the container's filesystem. 3628 The command is simply exec'd, it is not run inside 3629 a shell, so traditional shell instructions ('|', etc) 3630 won't work. To use a shell, you need to explicitly 3631 call out to that shell. Exit status of 0 is treated 3632 as live/healthy and non-zero is unhealthy. 3633 items: 3634 type: string 3635 type: array 3636 type: object 3637 failureThreshold: 3638 description: Minimum consecutive failures for the probe 3639 to be considered failed after having succeeded. Defaults 3640 to 3. Minimum value is 1. 3641 format: int32 3642 type: integer 3643 grpc: 3644 description: GRPC specifies an action involving a GRPC port. 3645 This is a beta field and requires enabling GRPCContainerProbe 3646 feature gate. 3647 properties: 3648 port: 3649 description: Port number of the gRPC service. Number 3650 must be in the range 1 to 65535. 3651 format: int32 3652 type: integer 3653 service: 3654 description: "Service is the name of the service to 3655 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 3656 \n If this is not specified, the default behavior 3657 is defined by gRPC." 3658 type: string 3659 required: 3660 - port 3661 type: object 3662 httpGet: 3663 description: HTTPGet specifies the http request to perform. 3664 properties: 3665 host: 3666 description: Host name to connect to, defaults to the 3667 pod IP. You probably want to set "Host" in httpHeaders 3668 instead. 3669 type: string 3670 httpHeaders: 3671 description: Custom headers to set in the request. HTTP 3672 allows repeated headers. 3673 items: 3674 description: HTTPHeader describes a custom header 3675 to be used in HTTP probes 3676 properties: 3677 name: 3678 description: The header field name 3679 type: string 3680 value: 3681 description: The header field value 3682 type: string 3683 required: 3684 - name 3685 - value 3686 type: object 3687 type: array 3688 path: 3689 description: Path to access on the HTTP server. 3690 type: string 3691 port: 3692 anyOf: 3693 - type: integer 3694 - type: string 3695 description: Name or number of the port to access on 3696 the container. Number must be in the range 1 to 65535. 3697 Name must be an IANA_SVC_NAME. 3698 x-kubernetes-int-or-string: true 3699 scheme: 3700 description: Scheme to use for connecting to the host. 3701 Defaults to HTTP. 3702 type: string 3703 required: 3704 - port 3705 type: object 3706 initialDelaySeconds: 3707 description: 'Number of seconds after the container has 3708 started before liveness probes are initiated. More info: 3709 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3710 format: int32 3711 type: integer 3712 periodSeconds: 3713 description: How often (in seconds) to perform the probe. 3714 Default to 10 seconds. Minimum value is 1. 3715 format: int32 3716 type: integer 3717 successThreshold: 3718 description: Minimum consecutive successes for the probe 3719 to be considered successful after having failed. Defaults 3720 to 1. Must be 1 for liveness and startup. Minimum value 3721 is 1. 3722 format: int32 3723 type: integer 3724 tcpSocket: 3725 description: TCPSocket specifies an action involving a TCP 3726 port. 3727 properties: 3728 host: 3729 description: 'Optional: Host name to connect to, defaults 3730 to the pod IP.' 3731 type: string 3732 port: 3733 anyOf: 3734 - type: integer 3735 - type: string 3736 description: Number or name of the port to access on 3737 the container. Number must be in the range 1 to 65535. 3738 Name must be an IANA_SVC_NAME. 3739 x-kubernetes-int-or-string: true 3740 required: 3741 - port 3742 type: object 3743 terminationGracePeriodSeconds: 3744 description: Optional duration in seconds the pod needs 3745 to terminate gracefully upon probe failure. The grace 3746 period is the duration in seconds after the processes 3747 running in the pod are sent a termination signal and the 3748 time when the processes are forcibly halted with a kill 3749 signal. Set this value longer than the expected cleanup 3750 time for your process. If this value is nil, the pod's 3751 terminationGracePeriodSeconds will be used. Otherwise, 3752 this value overrides the value provided by the pod spec. 3753 Value must be non-negative integer. The value zero indicates 3754 stop immediately via the kill signal (no opportunity to 3755 shut down). This is a beta field and requires enabling 3756 ProbeTerminationGracePeriod feature gate. Minimum value 3757 is 1. spec.terminationGracePeriodSeconds is used if unset. 3758 format: int64 3759 type: integer 3760 timeoutSeconds: 3761 description: 'Number of seconds after which the probe times 3762 out. Defaults to 1 second. Minimum value is 1. More info: 3763 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3764 format: int32 3765 type: integer 3766 type: object 3767 resources: 3768 description: 'Compute Resources required by this container. 3769 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3770 properties: 3771 claims: 3772 description: "Claims lists the names of resources, defined 3773 in spec.resourceClaims, that are used by this container. 3774 \n This is an alpha field and requires enabling the DynamicResourceAllocation 3775 feature gate. \n This field is immutable." 3776 items: 3777 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 3778 properties: 3779 name: 3780 description: Name must match the name of one entry 3781 in pod.spec.resourceClaims of the Pod where this 3782 field is used. It makes that resource available 3783 inside a container. 3784 type: string 3785 required: 3786 - name 3787 type: object 3788 type: array 3789 x-kubernetes-list-map-keys: 3790 - name 3791 x-kubernetes-list-type: map 3792 limits: 3793 additionalProperties: 3794 anyOf: 3795 - type: integer 3796 - type: string 3797 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3798 x-kubernetes-int-or-string: true 3799 description: 'Limits describes the maximum amount of compute 3800 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3801 type: object 3802 requests: 3803 additionalProperties: 3804 anyOf: 3805 - type: integer 3806 - type: string 3807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3808 x-kubernetes-int-or-string: true 3809 description: 'Requests describes the minimum amount of compute 3810 resources required. If Requests is omitted for a container, 3811 it defaults to Limits if that is explicitly specified, 3812 otherwise to an implementation-defined value. More info: 3813 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 3814 type: object 3815 type: object 3816 securityContext: 3817 description: 'SecurityContext defines the security options the 3818 container should be run with. If set, the fields of SecurityContext 3819 override the equivalent fields of PodSecurityContext. More 3820 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3821 properties: 3822 allowPrivilegeEscalation: 3823 description: 'AllowPrivilegeEscalation controls whether 3824 a process can gain more privileges than its parent process. 3825 This bool directly controls if the no_new_privs flag will 3826 be set on the container process. AllowPrivilegeEscalation 3827 is true always when the container is: 1) run as Privileged 3828 2) has CAP_SYS_ADMIN Note that this field cannot be set 3829 when spec.os.name is windows.' 3830 type: boolean 3831 capabilities: 3832 description: The capabilities to add/drop when running containers. 3833 Defaults to the default set of capabilities granted by 3834 the container runtime. Note that this field cannot be 3835 set when spec.os.name is windows. 3836 properties: 3837 add: 3838 description: Added capabilities 3839 items: 3840 description: Capability represent POSIX capabilities 3841 type 3842 type: string 3843 type: array 3844 drop: 3845 description: Removed capabilities 3846 items: 3847 description: Capability represent POSIX capabilities 3848 type 3849 type: string 3850 type: array 3851 type: object 3852 privileged: 3853 description: Run container in privileged mode. Processes 3854 in privileged containers are essentially equivalent to 3855 root on the host. Defaults to false. Note that this field 3856 cannot be set when spec.os.name is windows. 3857 type: boolean 3858 procMount: 3859 description: procMount denotes the type of proc mount to 3860 use for the containers. The default is DefaultProcMount 3861 which uses the container runtime defaults for readonly 3862 paths and masked paths. This requires the ProcMountType 3863 feature flag to be enabled. Note that this field cannot 3864 be set when spec.os.name is windows. 3865 type: string 3866 readOnlyRootFilesystem: 3867 description: Whether this container has a read-only root 3868 filesystem. Default is false. Note that this field cannot 3869 be set when spec.os.name is windows. 3870 type: boolean 3871 runAsGroup: 3872 description: The GID to run the entrypoint of the container 3873 process. Uses runtime default if unset. May also be set 3874 in PodSecurityContext. If set in both SecurityContext 3875 and PodSecurityContext, the value specified in SecurityContext 3876 takes precedence. Note that this field cannot be set when 3877 spec.os.name is windows. 3878 format: int64 3879 type: integer 3880 runAsNonRoot: 3881 description: Indicates that the container must run as a 3882 non-root user. If true, the Kubelet will validate the 3883 image at runtime to ensure that it does not run as UID 3884 0 (root) and fail to start the container if it does. If 3885 unset or false, no such validation will be performed. 3886 May also be set in PodSecurityContext. If set in both 3887 SecurityContext and PodSecurityContext, the value specified 3888 in SecurityContext takes precedence. 3889 type: boolean 3890 runAsUser: 3891 description: The UID to run the entrypoint of the container 3892 process. Defaults to user specified in image metadata 3893 if unspecified. May also be set in PodSecurityContext. If 3894 set in both SecurityContext and PodSecurityContext, the 3895 value specified in SecurityContext takes precedence. Note 3896 that this field cannot be set when spec.os.name is windows. 3897 format: int64 3898 type: integer 3899 seLinuxOptions: 3900 description: The SELinux context to be applied to the container. 3901 If unspecified, the container runtime will allocate a 3902 random SELinux context for each container. May also be 3903 set in PodSecurityContext. If set in both SecurityContext 3904 and PodSecurityContext, the value specified in SecurityContext 3905 takes precedence. Note that this field cannot be set when 3906 spec.os.name is windows. 3907 properties: 3908 level: 3909 description: Level is SELinux level label that applies 3910 to the container. 3911 type: string 3912 role: 3913 description: Role is a SELinux role label that applies 3914 to the container. 3915 type: string 3916 type: 3917 description: Type is a SELinux type label that applies 3918 to the container. 3919 type: string 3920 user: 3921 description: User is a SELinux user label that applies 3922 to the container. 3923 type: string 3924 type: object 3925 seccompProfile: 3926 description: The seccomp options to use by this container. 3927 If seccomp options are provided at both the pod & container 3928 level, the container options override the pod options. 3929 Note that this field cannot be set when spec.os.name is 3930 windows. 3931 properties: 3932 localhostProfile: 3933 description: localhostProfile indicates a profile defined 3934 in a file on the node should be used. The profile 3935 must be preconfigured on the node to work. Must be 3936 a descending path, relative to the kubelet's configured 3937 seccomp profile location. Must only be set if type 3938 is "Localhost". 3939 type: string 3940 type: 3941 description: "type indicates which kind of seccomp profile 3942 will be applied. Valid options are: \n Localhost - 3943 a profile defined in a file on the node should be 3944 used. RuntimeDefault - the container runtime default 3945 profile should be used. Unconfined - no profile should 3946 be applied." 3947 type: string 3948 required: 3949 - type 3950 type: object 3951 windowsOptions: 3952 description: The Windows specific settings applied to all 3953 containers. If unspecified, the options from the PodSecurityContext 3954 will be used. If set in both SecurityContext and PodSecurityContext, 3955 the value specified in SecurityContext takes precedence. 3956 Note that this field cannot be set when spec.os.name is 3957 linux. 3958 properties: 3959 gmsaCredentialSpec: 3960 description: GMSACredentialSpec is where the GMSA admission 3961 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3962 inlines the contents of the GMSA credential spec named 3963 by the GMSACredentialSpecName field. 3964 type: string 3965 gmsaCredentialSpecName: 3966 description: GMSACredentialSpecName is the name of the 3967 GMSA credential spec to use. 3968 type: string 3969 hostProcess: 3970 description: HostProcess determines if a container should 3971 be run as a 'Host Process' container. This field is 3972 alpha-level and will only be honored by components 3973 that enable the WindowsHostProcessContainers feature 3974 flag. Setting this field without the feature flag 3975 will result in errors when validating the Pod. All 3976 of a Pod's containers must have the same effective 3977 HostProcess value (it is not allowed to have a mix 3978 of HostProcess containers and non-HostProcess containers). In 3979 addition, if HostProcess is true then HostNetwork 3980 must also be set to true. 3981 type: boolean 3982 runAsUserName: 3983 description: The UserName in Windows to run the entrypoint 3984 of the container process. Defaults to the user specified 3985 in image metadata if unspecified. May also be set 3986 in PodSecurityContext. If set in both SecurityContext 3987 and PodSecurityContext, the value specified in SecurityContext 3988 takes precedence. 3989 type: string 3990 type: object 3991 type: object 3992 startupProbe: 3993 description: 'StartupProbe indicates that the Pod has successfully 3994 initialized. If specified, no other probes are executed until 3995 this completes successfully. If this probe fails, the Pod 3996 will be restarted, just as if the livenessProbe failed. This 3997 can be used to provide different probe parameters at the beginning 3998 of a Pod''s lifecycle, when it might take a long time to load 3999 data or warm a cache, than during steady-state operation. 4000 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4001 properties: 4002 exec: 4003 description: Exec specifies the action to take. 4004 properties: 4005 command: 4006 description: Command is the command line to execute 4007 inside the container, the working directory for the 4008 command is root ('/') in the container's filesystem. 4009 The command is simply exec'd, it is not run inside 4010 a shell, so traditional shell instructions ('|', etc) 4011 won't work. To use a shell, you need to explicitly 4012 call out to that shell. Exit status of 0 is treated 4013 as live/healthy and non-zero is unhealthy. 4014 items: 4015 type: string 4016 type: array 4017 type: object 4018 failureThreshold: 4019 description: Minimum consecutive failures for the probe 4020 to be considered failed after having succeeded. Defaults 4021 to 3. Minimum value is 1. 4022 format: int32 4023 type: integer 4024 grpc: 4025 description: GRPC specifies an action involving a GRPC port. 4026 This is a beta field and requires enabling GRPCContainerProbe 4027 feature gate. 4028 properties: 4029 port: 4030 description: Port number of the gRPC service. Number 4031 must be in the range 1 to 65535. 4032 format: int32 4033 type: integer 4034 service: 4035 description: "Service is the name of the service to 4036 place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). 4037 \n If this is not specified, the default behavior 4038 is defined by gRPC." 4039 type: string 4040 required: 4041 - port 4042 type: object 4043 httpGet: 4044 description: HTTPGet specifies the http request to perform. 4045 properties: 4046 host: 4047 description: Host name to connect to, defaults to the 4048 pod IP. You probably want to set "Host" in httpHeaders 4049 instead. 4050 type: string 4051 httpHeaders: 4052 description: Custom headers to set in the request. HTTP 4053 allows repeated headers. 4054 items: 4055 description: HTTPHeader describes a custom header 4056 to be used in HTTP probes 4057 properties: 4058 name: 4059 description: The header field name 4060 type: string 4061 value: 4062 description: The header field value 4063 type: string 4064 required: 4065 - name 4066 - value 4067 type: object 4068 type: array 4069 path: 4070 description: Path to access on the HTTP server. 4071 type: string 4072 port: 4073 anyOf: 4074 - type: integer 4075 - type: string 4076 description: Name or number of the port to access on 4077 the container. Number must be in the range 1 to 65535. 4078 Name must be an IANA_SVC_NAME. 4079 x-kubernetes-int-or-string: true 4080 scheme: 4081 description: Scheme to use for connecting to the host. 4082 Defaults to HTTP. 4083 type: string 4084 required: 4085 - port 4086 type: object 4087 initialDelaySeconds: 4088 description: 'Number of seconds after the container has 4089 started before liveness probes are initiated. More info: 4090 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4091 format: int32 4092 type: integer 4093 periodSeconds: 4094 description: How often (in seconds) to perform the probe. 4095 Default to 10 seconds. Minimum value is 1. 4096 format: int32 4097 type: integer 4098 successThreshold: 4099 description: Minimum consecutive successes for the probe 4100 to be considered successful after having failed. Defaults 4101 to 1. Must be 1 for liveness and startup. Minimum value 4102 is 1. 4103 format: int32 4104 type: integer 4105 tcpSocket: 4106 description: TCPSocket specifies an action involving a TCP 4107 port. 4108 properties: 4109 host: 4110 description: 'Optional: Host name to connect to, defaults 4111 to the pod IP.' 4112 type: string 4113 port: 4114 anyOf: 4115 - type: integer 4116 - type: string 4117 description: Number or name of the port to access on 4118 the container. Number must be in the range 1 to 65535. 4119 Name must be an IANA_SVC_NAME. 4120 x-kubernetes-int-or-string: true 4121 required: 4122 - port 4123 type: object 4124 terminationGracePeriodSeconds: 4125 description: Optional duration in seconds the pod needs 4126 to terminate gracefully upon probe failure. The grace 4127 period is the duration in seconds after the processes 4128 running in the pod are sent a termination signal and the 4129 time when the processes are forcibly halted with a kill 4130 signal. Set this value longer than the expected cleanup 4131 time for your process. If this value is nil, the pod's 4132 terminationGracePeriodSeconds will be used. Otherwise, 4133 this value overrides the value provided by the pod spec. 4134 Value must be non-negative integer. The value zero indicates 4135 stop immediately via the kill signal (no opportunity to 4136 shut down). This is a beta field and requires enabling 4137 ProbeTerminationGracePeriod feature gate. Minimum value 4138 is 1. spec.terminationGracePeriodSeconds is used if unset. 4139 format: int64 4140 type: integer 4141 timeoutSeconds: 4142 description: 'Number of seconds after which the probe times 4143 out. Defaults to 1 second. Minimum value is 1. More info: 4144 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4145 format: int32 4146 type: integer 4147 type: object 4148 stdin: 4149 description: Whether this container should allocate a buffer 4150 for stdin in the container runtime. If this is not set, reads 4151 from stdin in the container will always result in EOF. Default 4152 is false. 4153 type: boolean 4154 stdinOnce: 4155 description: Whether the container runtime should close the 4156 stdin channel after it has been opened by a single attach. 4157 When stdin is true the stdin stream will remain open across 4158 multiple attach sessions. If stdinOnce is set to true, stdin 4159 is opened on container start, is empty until the first client 4160 attaches to stdin, and then remains open and accepts data 4161 until the client disconnects, at which time stdin is closed 4162 and remains closed until the container is restarted. If this 4163 flag is false, a container processes that reads from stdin 4164 will never receive an EOF. Default is false 4165 type: boolean 4166 terminationMessagePath: 4167 description: 'Optional: Path at which the file to which the 4168 container''s termination message will be written is mounted 4169 into the container''s filesystem. Message written is intended 4170 to be brief final status, such as an assertion failure message. 4171 Will be truncated by the node if greater than 4096 bytes. 4172 The total message length across all containers will be limited 4173 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 4174 type: string 4175 terminationMessagePolicy: 4176 description: Indicate how the termination message should be 4177 populated. File will use the contents of terminationMessagePath 4178 to populate the container status message on both success and 4179 failure. FallbackToLogsOnError will use the last chunk of 4180 container log output if the termination message file is empty 4181 and the container exited with an error. The log output is 4182 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 4183 to File. Cannot be updated. 4184 type: string 4185 tty: 4186 description: Whether this container should allocate a TTY for 4187 itself, also requires 'stdin' to be true. Default is false. 4188 type: boolean 4189 volumeDevices: 4190 description: volumeDevices is the list of block devices to be 4191 used by the container. 4192 items: 4193 description: volumeDevice describes a mapping of a raw block 4194 device within a container. 4195 properties: 4196 devicePath: 4197 description: devicePath is the path inside of the container 4198 that the device will be mapped to. 4199 type: string 4200 name: 4201 description: name must match the name of a persistentVolumeClaim 4202 in the pod 4203 type: string 4204 required: 4205 - devicePath 4206 - name 4207 type: object 4208 type: array 4209 volumeMounts: 4210 description: Pod volumes to mount into the container's filesystem. 4211 Cannot be updated. 4212 items: 4213 description: VolumeMount describes a mounting of a Volume 4214 within a container. 4215 properties: 4216 mountPath: 4217 description: Path within the container at which the volume 4218 should be mounted. Must not contain ':'. 4219 type: string 4220 mountPropagation: 4221 description: mountPropagation determines how mounts are 4222 propagated from the host to container and the other 4223 way around. When not set, MountPropagationNone is used. 4224 This field is beta in 1.10. 4225 type: string 4226 name: 4227 description: This must match the Name of a Volume. 4228 type: string 4229 readOnly: 4230 description: Mounted read-only if true, read-write otherwise 4231 (false or unspecified). Defaults to false. 4232 type: boolean 4233 subPath: 4234 description: Path within the volume from which the container's 4235 volume should be mounted. Defaults to "" (volume's root). 4236 type: string 4237 subPathExpr: 4238 description: Expanded path within the volume from which 4239 the container's volume should be mounted. Behaves similarly 4240 to SubPath but environment variable references $(VAR_NAME) 4241 are expanded using the container's environment. Defaults 4242 to "" (volume's root). SubPathExpr and SubPath are mutually 4243 exclusive. 4244 type: string 4245 required: 4246 - mountPath 4247 - name 4248 type: object 4249 type: array 4250 workingDir: 4251 description: Container's working directory. If not specified, 4252 the container runtime's default will be used, which might 4253 be configured in the container image. Cannot be updated. 4254 type: string 4255 required: 4256 - name 4257 type: object 4258 type: array 4259 listenLocal: 4260 description: ListenLocal makes the Prometheus server listen on loopback, 4261 so that it does not bind against the Pod IP. 4262 type: boolean 4263 logFormat: 4264 description: Log format for Prometheus to be configured with. 4265 enum: 4266 - "" 4267 - logfmt 4268 - json 4269 type: string 4270 logLevel: 4271 description: Log level for Prometheus to be configured with. 4272 enum: 4273 - "" 4274 - debug 4275 - info 4276 - warn 4277 - error 4278 type: string 4279 minReadySeconds: 4280 description: Minimum number of seconds for which a newly created pod 4281 should be ready without any of its container crashing for it to 4282 be considered available. Defaults to 0 (pod will be considered available 4283 as soon as it is ready) This is an alpha field from kubernetes 1.22 4284 until 1.24 which requires enabling the StatefulSetMinReadySeconds 4285 feature gate. 4286 format: int32 4287 type: integer 4288 nodeSelector: 4289 additionalProperties: 4290 type: string 4291 description: Define which Nodes the Pods are scheduled on. 4292 type: object 4293 overrideHonorLabels: 4294 description: When true, Prometheus resolves label conflicts by renaming 4295 the labels in the scraped data to "exported_<label value>" for all 4296 targets created from service and pod monitors. Otherwise the HonorLabels 4297 field of the service or pod monitor applies. 4298 type: boolean 4299 overrideHonorTimestamps: 4300 description: When true, Prometheus ignores the timestamps for all 4301 the targets created from service and pod monitors. Otherwise the 4302 HonorTimestamps field of the service or pod monitor applies. 4303 type: boolean 4304 paused: 4305 description: When a Prometheus deployment is paused, no actions except 4306 for deletion will be performed on the underlying objects. 4307 type: boolean 4308 podMetadata: 4309 description: PodMetadata configures Labels and Annotations which are 4310 propagated to the prometheus pods. 4311 properties: 4312 annotations: 4313 additionalProperties: 4314 type: string 4315 description: 'Annotations is an unstructured key value map stored 4316 with a resource that may be set by external tools to store and 4317 retrieve arbitrary metadata. They are not queryable and should 4318 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 4319 type: object 4320 labels: 4321 additionalProperties: 4322 type: string 4323 description: 'Map of string keys and values that can be used to 4324 organize and categorize (scope and select) objects. May match 4325 selectors of replication controllers and services. More info: 4326 http://kubernetes.io/docs/user-guide/labels' 4327 type: object 4328 name: 4329 description: 'Name must be unique within a namespace. Is required 4330 when creating resources, although some resources may allow a 4331 client to request the generation of an appropriate name automatically. 4332 Name is primarily intended for creation idempotence and configuration 4333 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 4334 type: string 4335 type: object 4336 podMonitorNamespaceSelector: 4337 description: Namespace's labels to match for PodMonitor discovery. 4338 If nil, only check own namespace. 4339 properties: 4340 matchExpressions: 4341 description: matchExpressions is a list of label selector requirements. 4342 The requirements are ANDed. 4343 items: 4344 description: A label selector requirement is a selector that 4345 contains values, a key, and an operator that relates the key 4346 and values. 4347 properties: 4348 key: 4349 description: key is the label key that the selector applies 4350 to. 4351 type: string 4352 operator: 4353 description: operator represents a key's relationship to 4354 a set of values. Valid operators are In, NotIn, Exists 4355 and DoesNotExist. 4356 type: string 4357 values: 4358 description: values is an array of string values. If the 4359 operator is In or NotIn, the values array must be non-empty. 4360 If the operator is Exists or DoesNotExist, the values 4361 array must be empty. This array is replaced during a strategic 4362 merge patch. 4363 items: 4364 type: string 4365 type: array 4366 required: 4367 - key 4368 - operator 4369 type: object 4370 type: array 4371 matchLabels: 4372 additionalProperties: 4373 type: string 4374 description: matchLabels is a map of {key,value} pairs. A single 4375 {key,value} in the matchLabels map is equivalent to an element 4376 of matchExpressions, whose key field is "key", the operator 4377 is "In", and the values array contains only "value". The requirements 4378 are ANDed. 4379 type: object 4380 type: object 4381 x-kubernetes-map-type: atomic 4382 podMonitorSelector: 4383 description: "*Experimental* PodMonitors to be selected for target 4384 discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` 4385 and `spec.probeSelector` are null, the Prometheus configuration 4386 is unmanaged. The Prometheus operator will ensure that the Prometheus 4387 configuration's Secret exists, but it is the responsibility of the 4388 user to provide the raw gzipped Prometheus configuration under the 4389 `prometheus.yaml.gz` key. This behavior is deprecated and will be 4390 removed in the next major version of the custom resource definition. 4391 It is recommended to use `spec.additionalScrapeConfigs` instead." 4392 properties: 4393 matchExpressions: 4394 description: matchExpressions is a list of label selector requirements. 4395 The requirements are ANDed. 4396 items: 4397 description: A label selector requirement is a selector that 4398 contains values, a key, and an operator that relates the key 4399 and values. 4400 properties: 4401 key: 4402 description: key is the label key that the selector applies 4403 to. 4404 type: string 4405 operator: 4406 description: operator represents a key's relationship to 4407 a set of values. Valid operators are In, NotIn, Exists 4408 and DoesNotExist. 4409 type: string 4410 values: 4411 description: values is an array of string values. If the 4412 operator is In or NotIn, the values array must be non-empty. 4413 If the operator is Exists or DoesNotExist, the values 4414 array must be empty. This array is replaced during a strategic 4415 merge patch. 4416 items: 4417 type: string 4418 type: array 4419 required: 4420 - key 4421 - operator 4422 type: object 4423 type: array 4424 matchLabels: 4425 additionalProperties: 4426 type: string 4427 description: matchLabels is a map of {key,value} pairs. A single 4428 {key,value} in the matchLabels map is equivalent to an element 4429 of matchExpressions, whose key field is "key", the operator 4430 is "In", and the values array contains only "value". The requirements 4431 are ANDed. 4432 type: object 4433 type: object 4434 x-kubernetes-map-type: atomic 4435 podTargetLabels: 4436 description: PodTargetLabels are added to all Pod/ServiceMonitors' 4437 podTargetLabels 4438 items: 4439 type: string 4440 type: array 4441 portName: 4442 description: Port name used for the pods and governing service. This 4443 defaults to web 4444 type: string 4445 priorityClassName: 4446 description: Priority class assigned to the Pods 4447 type: string 4448 probeNamespaceSelector: 4449 description: '*Experimental* Namespaces to be selected for Probe discovery. 4450 If nil, only check own namespace.' 4451 properties: 4452 matchExpressions: 4453 description: matchExpressions is a list of label selector requirements. 4454 The requirements are ANDed. 4455 items: 4456 description: A label selector requirement is a selector that 4457 contains values, a key, and an operator that relates the key 4458 and values. 4459 properties: 4460 key: 4461 description: key is the label key that the selector applies 4462 to. 4463 type: string 4464 operator: 4465 description: operator represents a key's relationship to 4466 a set of values. Valid operators are In, NotIn, Exists 4467 and DoesNotExist. 4468 type: string 4469 values: 4470 description: values is an array of string values. If the 4471 operator is In or NotIn, the values array must be non-empty. 4472 If the operator is Exists or DoesNotExist, the values 4473 array must be empty. This array is replaced during a strategic 4474 merge patch. 4475 items: 4476 type: string 4477 type: array 4478 required: 4479 - key 4480 - operator 4481 type: object 4482 type: array 4483 matchLabels: 4484 additionalProperties: 4485 type: string 4486 description: matchLabels is a map of {key,value} pairs. A single 4487 {key,value} in the matchLabels map is equivalent to an element 4488 of matchExpressions, whose key field is "key", the operator 4489 is "In", and the values array contains only "value". The requirements 4490 are ANDed. 4491 type: object 4492 type: object 4493 x-kubernetes-map-type: atomic 4494 probeSelector: 4495 description: "*Experimental* Probes to be selected for target discovery. 4496 \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and 4497 `spec.probeSelector` are null, the Prometheus configuration is unmanaged. 4498 The Prometheus operator will ensure that the Prometheus configuration's 4499 Secret exists, but it is the responsibility of the user to provide 4500 the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` 4501 key. This behavior is deprecated and will be removed in the next 4502 major version of the custom resource definition. It is recommended 4503 to use `spec.additionalScrapeConfigs` instead." 4504 properties: 4505 matchExpressions: 4506 description: matchExpressions is a list of label selector requirements. 4507 The requirements are ANDed. 4508 items: 4509 description: A label selector requirement is a selector that 4510 contains values, a key, and an operator that relates the key 4511 and values. 4512 properties: 4513 key: 4514 description: key is the label key that the selector applies 4515 to. 4516 type: string 4517 operator: 4518 description: operator represents a key's relationship to 4519 a set of values. Valid operators are In, NotIn, Exists 4520 and DoesNotExist. 4521 type: string 4522 values: 4523 description: values is an array of string values. If the 4524 operator is In or NotIn, the values array must be non-empty. 4525 If the operator is Exists or DoesNotExist, the values 4526 array must be empty. This array is replaced during a strategic 4527 merge patch. 4528 items: 4529 type: string 4530 type: array 4531 required: 4532 - key 4533 - operator 4534 type: object 4535 type: array 4536 matchLabels: 4537 additionalProperties: 4538 type: string 4539 description: matchLabels is a map of {key,value} pairs. A single 4540 {key,value} in the matchLabels map is equivalent to an element 4541 of matchExpressions, whose key field is "key", the operator 4542 is "In", and the values array contains only "value". The requirements 4543 are ANDed. 4544 type: object 4545 type: object 4546 x-kubernetes-map-type: atomic 4547 prometheusExternalLabelName: 4548 description: Name of Prometheus external label used to denote Prometheus 4549 instance name. Defaults to the value of `prometheus`. External label 4550 will _not_ be added when value is set to empty string (`""`). 4551 type: string 4552 prometheusRulesExcludedFromEnforce: 4553 description: 'PrometheusRulesExcludedFromEnforce - list of prometheus 4554 rules to be excluded from enforcing of adding namespace labels. 4555 Works only if enforcedNamespaceLabel set to true. Make sure both 4556 ruleNamespace and ruleName are set for each pair. Deprecated: use 4557 excludedFromEnforcement instead.' 4558 items: 4559 description: PrometheusRuleExcludeConfig enables users to configure 4560 excluded PrometheusRule names and their namespaces to be ignored 4561 while enforcing namespace label for alerts and metrics. 4562 properties: 4563 ruleName: 4564 description: RuleNamespace - name of excluded rule 4565 type: string 4566 ruleNamespace: 4567 description: RuleNamespace - namespace of excluded rule 4568 type: string 4569 required: 4570 - ruleName 4571 - ruleNamespace 4572 type: object 4573 type: array 4574 query: 4575 description: QuerySpec defines the query command line flags when starting 4576 Prometheus. 4577 properties: 4578 lookbackDelta: 4579 description: The delta difference allowed for retrieving metrics 4580 during expression evaluations. 4581 type: string 4582 maxConcurrency: 4583 description: Number of concurrent queries that can be run at once. 4584 format: int32 4585 minimum: 1 4586 type: integer 4587 maxSamples: 4588 description: Maximum number of samples a single query can load 4589 into memory. Note that queries will fail if they would load 4590 more samples than this into memory, so this also limits the 4591 number of samples a query can return. 4592 format: int32 4593 type: integer 4594 timeout: 4595 description: Maximum time a query may take before being aborted. 4596 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 4597 type: string 4598 type: object 4599 queryLogFile: 4600 description: QueryLogFile specifies the file to which PromQL queries 4601 are logged. If the filename has an empty path, e.g. 'query.log', 4602 prometheus-operator will mount the file into an emptyDir volume 4603 at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log, 4604 you must mount a volume in the specified directory and it must be 4605 writable. This is because the prometheus container runs with a read-only 4606 root filesystem for security reasons. Alternatively, the location 4607 can be set to a stdout location such as `/dev/stdout` to log query 4608 information to the default Prometheus log stream. This is only available 4609 in versions of Prometheus >= 2.16.0. For more details, see the Prometheus 4610 docs (https://prometheus.io/docs/guides/query-log/) 4611 type: string 4612 remoteRead: 4613 description: remoteRead is the list of remote read configurations. 4614 items: 4615 description: RemoteReadSpec defines the configuration for Prometheus 4616 to read back samples from a remote endpoint. 4617 properties: 4618 authorization: 4619 description: Authorization section for remote read 4620 properties: 4621 credentials: 4622 description: The secret's key that contains the credentials 4623 of the request 4624 properties: 4625 key: 4626 description: The key of the secret to select from. Must 4627 be a valid secret key. 4628 type: string 4629 name: 4630 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4631 TODO: Add other useful fields. apiVersion, kind, uid?' 4632 type: string 4633 optional: 4634 description: Specify whether the Secret or its key must 4635 be defined 4636 type: boolean 4637 required: 4638 - key 4639 type: object 4640 x-kubernetes-map-type: atomic 4641 credentialsFile: 4642 description: File to read a secret from, mutually exclusive 4643 with Credentials (from SafeAuthorization) 4644 type: string 4645 type: 4646 description: Set the authentication type. Defaults to Bearer, 4647 Basic will cause an error 4648 type: string 4649 type: object 4650 basicAuth: 4651 description: BasicAuth for the URL. 4652 properties: 4653 password: 4654 description: The secret in the service monitor namespace 4655 that contains the password for authentication. 4656 properties: 4657 key: 4658 description: The key of the secret to select from. Must 4659 be a valid secret key. 4660 type: string 4661 name: 4662 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4663 TODO: Add other useful fields. apiVersion, kind, uid?' 4664 type: string 4665 optional: 4666 description: Specify whether the Secret or its key must 4667 be defined 4668 type: boolean 4669 required: 4670 - key 4671 type: object 4672 x-kubernetes-map-type: atomic 4673 username: 4674 description: The secret in the service monitor namespace 4675 that contains the username for authentication. 4676 properties: 4677 key: 4678 description: The key of the secret to select from. Must 4679 be a valid secret key. 4680 type: string 4681 name: 4682 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4683 TODO: Add other useful fields. apiVersion, kind, uid?' 4684 type: string 4685 optional: 4686 description: Specify whether the Secret or its key must 4687 be defined 4688 type: boolean 4689 required: 4690 - key 4691 type: object 4692 x-kubernetes-map-type: atomic 4693 type: object 4694 bearerToken: 4695 description: Bearer token for remote read. 4696 type: string 4697 bearerTokenFile: 4698 description: File to read bearer token for remote read. 4699 type: string 4700 filterExternalLabels: 4701 description: Whether to use the external labels as selectors 4702 for the remote read endpoint. Requires Prometheus v2.34.0 4703 and above. 4704 type: boolean 4705 headers: 4706 additionalProperties: 4707 type: string 4708 description: Custom HTTP headers to be sent along with each 4709 remote read request. Be aware that headers that are set by 4710 Prometheus itself can't be overwritten. Only valid in Prometheus 4711 versions 2.26.0 and newer. 4712 type: object 4713 name: 4714 description: The name of the remote read queue, it must be unique 4715 if specified. The name is used in metrics and logging in order 4716 to differentiate read configurations. Only valid in Prometheus 4717 versions 2.15.0 and newer. 4718 type: string 4719 oauth2: 4720 description: OAuth2 for the URL. Only valid in Prometheus versions 4721 2.27.0 and newer. 4722 properties: 4723 clientId: 4724 description: The secret or configmap containing the OAuth2 4725 client id 4726 properties: 4727 configMap: 4728 description: ConfigMap containing data to use for the 4729 targets. 4730 properties: 4731 key: 4732 description: The key to select. 4733 type: string 4734 name: 4735 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4736 TODO: Add other useful fields. apiVersion, kind, 4737 uid?' 4738 type: string 4739 optional: 4740 description: Specify whether the ConfigMap or its 4741 key must be defined 4742 type: boolean 4743 required: 4744 - key 4745 type: object 4746 x-kubernetes-map-type: atomic 4747 secret: 4748 description: Secret containing data to use for the targets. 4749 properties: 4750 key: 4751 description: The key of the secret to select from. Must 4752 be a valid secret key. 4753 type: string 4754 name: 4755 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4756 TODO: Add other useful fields. apiVersion, kind, 4757 uid?' 4758 type: string 4759 optional: 4760 description: Specify whether the Secret or its key 4761 must be defined 4762 type: boolean 4763 required: 4764 - key 4765 type: object 4766 x-kubernetes-map-type: atomic 4767 type: object 4768 clientSecret: 4769 description: The secret containing the OAuth2 client secret 4770 properties: 4771 key: 4772 description: The key of the secret to select from. Must 4773 be a valid secret key. 4774 type: string 4775 name: 4776 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4777 TODO: Add other useful fields. apiVersion, kind, uid?' 4778 type: string 4779 optional: 4780 description: Specify whether the Secret or its key must 4781 be defined 4782 type: boolean 4783 required: 4784 - key 4785 type: object 4786 x-kubernetes-map-type: atomic 4787 endpointParams: 4788 additionalProperties: 4789 type: string 4790 description: Parameters to append to the token URL 4791 type: object 4792 scopes: 4793 description: OAuth2 scopes used for the token request 4794 items: 4795 type: string 4796 type: array 4797 tokenUrl: 4798 description: The URL to fetch the token from 4799 minLength: 1 4800 type: string 4801 required: 4802 - clientId 4803 - clientSecret 4804 - tokenUrl 4805 type: object 4806 proxyUrl: 4807 description: Optional ProxyURL. 4808 type: string 4809 readRecent: 4810 description: Whether reads should be made for queries for time 4811 ranges that the local storage should have complete data for. 4812 type: boolean 4813 remoteTimeout: 4814 description: Timeout for requests to the remote read endpoint. 4815 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 4816 type: string 4817 requiredMatchers: 4818 additionalProperties: 4819 type: string 4820 description: An optional list of equality matchers which have 4821 to be present in a selector to query the remote read endpoint. 4822 type: object 4823 tlsConfig: 4824 description: TLS Config to use for remote read. 4825 properties: 4826 ca: 4827 description: Certificate authority used when verifying server 4828 certificates. 4829 properties: 4830 configMap: 4831 description: ConfigMap containing data to use for the 4832 targets. 4833 properties: 4834 key: 4835 description: The key to select. 4836 type: string 4837 name: 4838 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4839 TODO: Add other useful fields. apiVersion, kind, 4840 uid?' 4841 type: string 4842 optional: 4843 description: Specify whether the ConfigMap or its 4844 key must be defined 4845 type: boolean 4846 required: 4847 - key 4848 type: object 4849 x-kubernetes-map-type: atomic 4850 secret: 4851 description: Secret containing data to use for the targets. 4852 properties: 4853 key: 4854 description: The key of the secret to select from. Must 4855 be a valid secret key. 4856 type: string 4857 name: 4858 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4859 TODO: Add other useful fields. apiVersion, kind, 4860 uid?' 4861 type: string 4862 optional: 4863 description: Specify whether the Secret or its key 4864 must be defined 4865 type: boolean 4866 required: 4867 - key 4868 type: object 4869 x-kubernetes-map-type: atomic 4870 type: object 4871 caFile: 4872 description: Path to the CA cert in the Prometheus container 4873 to use for the targets. 4874 type: string 4875 cert: 4876 description: Client certificate to present when doing client-authentication. 4877 properties: 4878 configMap: 4879 description: ConfigMap containing data to use for the 4880 targets. 4881 properties: 4882 key: 4883 description: The key to select. 4884 type: string 4885 name: 4886 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4887 TODO: Add other useful fields. apiVersion, kind, 4888 uid?' 4889 type: string 4890 optional: 4891 description: Specify whether the ConfigMap or its 4892 key must be defined 4893 type: boolean 4894 required: 4895 - key 4896 type: object 4897 x-kubernetes-map-type: atomic 4898 secret: 4899 description: Secret containing data to use for the targets. 4900 properties: 4901 key: 4902 description: The key of the secret to select from. Must 4903 be a valid secret key. 4904 type: string 4905 name: 4906 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4907 TODO: Add other useful fields. apiVersion, kind, 4908 uid?' 4909 type: string 4910 optional: 4911 description: Specify whether the Secret or its key 4912 must be defined 4913 type: boolean 4914 required: 4915 - key 4916 type: object 4917 x-kubernetes-map-type: atomic 4918 type: object 4919 certFile: 4920 description: Path to the client cert file in the Prometheus 4921 container for the targets. 4922 type: string 4923 insecureSkipVerify: 4924 description: Disable target certificate validation. 4925 type: boolean 4926 keyFile: 4927 description: Path to the client key file in the Prometheus 4928 container for the targets. 4929 type: string 4930 keySecret: 4931 description: Secret containing the client key file for the 4932 targets. 4933 properties: 4934 key: 4935 description: The key of the secret to select from. Must 4936 be a valid secret key. 4937 type: string 4938 name: 4939 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4940 TODO: Add other useful fields. apiVersion, kind, uid?' 4941 type: string 4942 optional: 4943 description: Specify whether the Secret or its key must 4944 be defined 4945 type: boolean 4946 required: 4947 - key 4948 type: object 4949 x-kubernetes-map-type: atomic 4950 serverName: 4951 description: Used to verify the hostname for the targets. 4952 type: string 4953 type: object 4954 url: 4955 description: The URL of the endpoint to query from. 4956 type: string 4957 required: 4958 - url 4959 type: object 4960 type: array 4961 remoteWrite: 4962 description: remoteWrite is the list of remote write configurations. 4963 items: 4964 description: RemoteWriteSpec defines the configuration to write 4965 samples from Prometheus to a remote endpoint. 4966 properties: 4967 authorization: 4968 description: Authorization section for remote write 4969 properties: 4970 credentials: 4971 description: The secret's key that contains the credentials 4972 of the request 4973 properties: 4974 key: 4975 description: The key of the secret to select from. Must 4976 be a valid secret key. 4977 type: string 4978 name: 4979 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4980 TODO: Add other useful fields. apiVersion, kind, uid?' 4981 type: string 4982 optional: 4983 description: Specify whether the Secret or its key must 4984 be defined 4985 type: boolean 4986 required: 4987 - key 4988 type: object 4989 x-kubernetes-map-type: atomic 4990 credentialsFile: 4991 description: File to read a secret from, mutually exclusive 4992 with Credentials (from SafeAuthorization) 4993 type: string 4994 type: 4995 description: Set the authentication type. Defaults to Bearer, 4996 Basic will cause an error 4997 type: string 4998 type: object 4999 basicAuth: 5000 description: BasicAuth for the URL. 5001 properties: 5002 password: 5003 description: The secret in the service monitor namespace 5004 that contains the password for authentication. 5005 properties: 5006 key: 5007 description: The key of the secret to select from. Must 5008 be a valid secret key. 5009 type: string 5010 name: 5011 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5012 TODO: Add other useful fields. apiVersion, kind, uid?' 5013 type: string 5014 optional: 5015 description: Specify whether the Secret or its key must 5016 be defined 5017 type: boolean 5018 required: 5019 - key 5020 type: object 5021 x-kubernetes-map-type: atomic 5022 username: 5023 description: The secret in the service monitor namespace 5024 that contains the username for authentication. 5025 properties: 5026 key: 5027 description: The key of the secret to select from. Must 5028 be a valid secret key. 5029 type: string 5030 name: 5031 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5032 TODO: Add other useful fields. apiVersion, kind, uid?' 5033 type: string 5034 optional: 5035 description: Specify whether the Secret or its key must 5036 be defined 5037 type: boolean 5038 required: 5039 - key 5040 type: object 5041 x-kubernetes-map-type: atomic 5042 type: object 5043 bearerToken: 5044 description: Bearer token for remote write. 5045 type: string 5046 bearerTokenFile: 5047 description: File to read bearer token for remote write. 5048 type: string 5049 headers: 5050 additionalProperties: 5051 type: string 5052 description: Custom HTTP headers to be sent along with each 5053 remote write request. Be aware that headers that are set by 5054 Prometheus itself can't be overwritten. Only valid in Prometheus 5055 versions 2.25.0 and newer. 5056 type: object 5057 metadataConfig: 5058 description: MetadataConfig configures the sending of series 5059 metadata to the remote storage. 5060 properties: 5061 send: 5062 description: Whether metric metadata is sent to the remote 5063 storage or not. 5064 type: boolean 5065 sendInterval: 5066 description: How frequently metric metadata is sent to the 5067 remote storage. 5068 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 5069 type: string 5070 type: object 5071 name: 5072 description: The name of the remote write queue, it must be 5073 unique if specified. The name is used in metrics and logging 5074 in order to differentiate queues. Only valid in Prometheus 5075 versions 2.15.0 and newer. 5076 type: string 5077 oauth2: 5078 description: OAuth2 for the URL. Only valid in Prometheus versions 5079 2.27.0 and newer. 5080 properties: 5081 clientId: 5082 description: The secret or configmap containing the OAuth2 5083 client id 5084 properties: 5085 configMap: 5086 description: ConfigMap containing data to use for the 5087 targets. 5088 properties: 5089 key: 5090 description: The key to select. 5091 type: string 5092 name: 5093 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5094 TODO: Add other useful fields. apiVersion, kind, 5095 uid?' 5096 type: string 5097 optional: 5098 description: Specify whether the ConfigMap or its 5099 key must be defined 5100 type: boolean 5101 required: 5102 - key 5103 type: object 5104 x-kubernetes-map-type: atomic 5105 secret: 5106 description: Secret containing data to use for the targets. 5107 properties: 5108 key: 5109 description: The key of the secret to select from. Must 5110 be a valid secret key. 5111 type: string 5112 name: 5113 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5114 TODO: Add other useful fields. apiVersion, kind, 5115 uid?' 5116 type: string 5117 optional: 5118 description: Specify whether the Secret or its key 5119 must be defined 5120 type: boolean 5121 required: 5122 - key 5123 type: object 5124 x-kubernetes-map-type: atomic 5125 type: object 5126 clientSecret: 5127 description: The secret containing the OAuth2 client secret 5128 properties: 5129 key: 5130 description: The key of the secret to select from. Must 5131 be a valid secret key. 5132 type: string 5133 name: 5134 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5135 TODO: Add other useful fields. apiVersion, kind, uid?' 5136 type: string 5137 optional: 5138 description: Specify whether the Secret or its key must 5139 be defined 5140 type: boolean 5141 required: 5142 - key 5143 type: object 5144 x-kubernetes-map-type: atomic 5145 endpointParams: 5146 additionalProperties: 5147 type: string 5148 description: Parameters to append to the token URL 5149 type: object 5150 scopes: 5151 description: OAuth2 scopes used for the token request 5152 items: 5153 type: string 5154 type: array 5155 tokenUrl: 5156 description: The URL to fetch the token from 5157 minLength: 1 5158 type: string 5159 required: 5160 - clientId 5161 - clientSecret 5162 - tokenUrl 5163 type: object 5164 proxyUrl: 5165 description: Optional ProxyURL. 5166 type: string 5167 queueConfig: 5168 description: QueueConfig allows tuning of the remote write queue 5169 parameters. 5170 properties: 5171 batchSendDeadline: 5172 description: BatchSendDeadline is the maximum time a sample 5173 will wait in buffer. 5174 type: string 5175 capacity: 5176 description: Capacity is the number of samples to buffer 5177 per shard before we start dropping them. 5178 type: integer 5179 maxBackoff: 5180 description: MaxBackoff is the maximum retry delay. 5181 type: string 5182 maxRetries: 5183 description: MaxRetries is the maximum number of times to 5184 retry a batch on recoverable errors. 5185 type: integer 5186 maxSamplesPerSend: 5187 description: MaxSamplesPerSend is the maximum number of 5188 samples per send. 5189 type: integer 5190 maxShards: 5191 description: MaxShards is the maximum number of shards, 5192 i.e. amount of concurrency. 5193 type: integer 5194 minBackoff: 5195 description: MinBackoff is the initial retry delay. Gets 5196 doubled for every retry. 5197 type: string 5198 minShards: 5199 description: MinShards is the minimum number of shards, 5200 i.e. amount of concurrency. 5201 type: integer 5202 retryOnRateLimit: 5203 description: Retry upon receiving a 429 status code from 5204 the remote-write storage. This is experimental feature 5205 and might change in the future. 5206 type: boolean 5207 type: object 5208 remoteTimeout: 5209 description: Timeout for requests to the remote write endpoint. 5210 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 5211 type: string 5212 sendExemplars: 5213 description: Enables sending of exemplars over remote write. 5214 Note that exemplar-storage itself must be enabled using the 5215 enableFeature option for exemplars to be scraped in the first 5216 place. Only valid in Prometheus versions 2.27.0 and newer. 5217 type: boolean 5218 sigv4: 5219 description: Sigv4 allows to configures AWS's Signature Verification 5220 4 5221 properties: 5222 accessKey: 5223 description: AccessKey is the AWS API key. If blank, the 5224 environment variable `AWS_ACCESS_KEY_ID` is used. 5225 properties: 5226 key: 5227 description: The key of the secret to select from. Must 5228 be a valid secret key. 5229 type: string 5230 name: 5231 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5232 TODO: Add other useful fields. apiVersion, kind, uid?' 5233 type: string 5234 optional: 5235 description: Specify whether the Secret or its key must 5236 be defined 5237 type: boolean 5238 required: 5239 - key 5240 type: object 5241 x-kubernetes-map-type: atomic 5242 profile: 5243 description: Profile is the named AWS profile used to authenticate. 5244 type: string 5245 region: 5246 description: Region is the AWS region. If blank, the region 5247 from the default credentials chain used. 5248 type: string 5249 roleArn: 5250 description: RoleArn is the named AWS profile used to authenticate. 5251 type: string 5252 secretKey: 5253 description: SecretKey is the AWS API secret. If blank, 5254 the environment variable `AWS_SECRET_ACCESS_KEY` is used. 5255 properties: 5256 key: 5257 description: The key of the secret to select from. Must 5258 be a valid secret key. 5259 type: string 5260 name: 5261 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5262 TODO: Add other useful fields. apiVersion, kind, uid?' 5263 type: string 5264 optional: 5265 description: Specify whether the Secret or its key must 5266 be defined 5267 type: boolean 5268 required: 5269 - key 5270 type: object 5271 x-kubernetes-map-type: atomic 5272 type: object 5273 tlsConfig: 5274 description: TLS Config to use for remote write. 5275 properties: 5276 ca: 5277 description: Certificate authority used when verifying server 5278 certificates. 5279 properties: 5280 configMap: 5281 description: ConfigMap containing data to use for the 5282 targets. 5283 properties: 5284 key: 5285 description: The key to select. 5286 type: string 5287 name: 5288 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5289 TODO: Add other useful fields. apiVersion, kind, 5290 uid?' 5291 type: string 5292 optional: 5293 description: Specify whether the ConfigMap or its 5294 key must be defined 5295 type: boolean 5296 required: 5297 - key 5298 type: object 5299 x-kubernetes-map-type: atomic 5300 secret: 5301 description: Secret containing data to use for the targets. 5302 properties: 5303 key: 5304 description: The key of the secret to select from. Must 5305 be a valid secret key. 5306 type: string 5307 name: 5308 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5309 TODO: Add other useful fields. apiVersion, kind, 5310 uid?' 5311 type: string 5312 optional: 5313 description: Specify whether the Secret or its key 5314 must be defined 5315 type: boolean 5316 required: 5317 - key 5318 type: object 5319 x-kubernetes-map-type: atomic 5320 type: object 5321 caFile: 5322 description: Path to the CA cert in the Prometheus container 5323 to use for the targets. 5324 type: string 5325 cert: 5326 description: Client certificate to present when doing client-authentication. 5327 properties: 5328 configMap: 5329 description: ConfigMap containing data to use for the 5330 targets. 5331 properties: 5332 key: 5333 description: The key to select. 5334 type: string 5335 name: 5336 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5337 TODO: Add other useful fields. apiVersion, kind, 5338 uid?' 5339 type: string 5340 optional: 5341 description: Specify whether the ConfigMap or its 5342 key must be defined 5343 type: boolean 5344 required: 5345 - key 5346 type: object 5347 x-kubernetes-map-type: atomic 5348 secret: 5349 description: Secret containing data to use for the targets. 5350 properties: 5351 key: 5352 description: The key of the secret to select from. Must 5353 be a valid secret key. 5354 type: string 5355 name: 5356 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5357 TODO: Add other useful fields. apiVersion, kind, 5358 uid?' 5359 type: string 5360 optional: 5361 description: Specify whether the Secret or its key 5362 must be defined 5363 type: boolean 5364 required: 5365 - key 5366 type: object 5367 x-kubernetes-map-type: atomic 5368 type: object 5369 certFile: 5370 description: Path to the client cert file in the Prometheus 5371 container for the targets. 5372 type: string 5373 insecureSkipVerify: 5374 description: Disable target certificate validation. 5375 type: boolean 5376 keyFile: 5377 description: Path to the client key file in the Prometheus 5378 container for the targets. 5379 type: string 5380 keySecret: 5381 description: Secret containing the client key file for the 5382 targets. 5383 properties: 5384 key: 5385 description: The key of the secret to select from. Must 5386 be a valid secret key. 5387 type: string 5388 name: 5389 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5390 TODO: Add other useful fields. apiVersion, kind, uid?' 5391 type: string 5392 optional: 5393 description: Specify whether the Secret or its key must 5394 be defined 5395 type: boolean 5396 required: 5397 - key 5398 type: object 5399 x-kubernetes-map-type: atomic 5400 serverName: 5401 description: Used to verify the hostname for the targets. 5402 type: string 5403 type: object 5404 url: 5405 description: The URL of the endpoint to send samples to. 5406 type: string 5407 writeRelabelConfigs: 5408 description: The list of remote write relabel configurations. 5409 items: 5410 description: 'RelabelConfig allows dynamic rewriting of the 5411 label set, being applied to samples before ingestion. It 5412 defines `<metric_relabel_configs>`-section of Prometheus 5413 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 5414 properties: 5415 action: 5416 default: replace 5417 description: Action to perform based on regex matching. 5418 Default is 'replace'. uppercase and lowercase actions 5419 require Prometheus >= 2.36. 5420 enum: 5421 - replace 5422 - Replace 5423 - keep 5424 - Keep 5425 - drop 5426 - Drop 5427 - hashmod 5428 - HashMod 5429 - labelmap 5430 - LabelMap 5431 - labeldrop 5432 - LabelDrop 5433 - labelkeep 5434 - LabelKeep 5435 - lowercase 5436 - Lowercase 5437 - uppercase 5438 - Uppercase 5439 type: string 5440 modulus: 5441 description: Modulus to take of the hash of the source 5442 label values. 5443 format: int64 5444 type: integer 5445 regex: 5446 description: Regular expression against which the extracted 5447 value is matched. Default is '(.*)' 5448 type: string 5449 replacement: 5450 description: Replacement value against which a regex replace 5451 is performed if the regular expression matches. Regex 5452 capture groups are available. Default is '$1' 5453 type: string 5454 separator: 5455 description: Separator placed between concatenated source 5456 label values. default is ';'. 5457 type: string 5458 sourceLabels: 5459 description: The source labels select values from existing 5460 labels. Their content is concatenated using the configured 5461 separator and matched against the configured regular 5462 expression for the replace, keep, and drop actions. 5463 items: 5464 description: LabelName is a valid Prometheus label name 5465 which may only contain ASCII letters, numbers, as 5466 well as underscores. 5467 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ 5468 type: string 5469 type: array 5470 targetLabel: 5471 description: Label to which the resulting value is written 5472 in a replace action. It is mandatory for replace actions. 5473 Regex capture groups are available. 5474 type: string 5475 type: object 5476 type: array 5477 required: 5478 - url 5479 type: object 5480 type: array 5481 replicaExternalLabelName: 5482 description: Name of Prometheus external label used to denote replica 5483 name. Defaults to the value of `prometheus_replica`. External label 5484 will _not_ be added when value is set to empty string (`""`). 5485 type: string 5486 replicas: 5487 description: Number of replicas of each shard to deploy for a Prometheus 5488 deployment. Number of replicas multiplied by shards is the total 5489 number of Pods created. 5490 format: int32 5491 type: integer 5492 resources: 5493 description: Define resources requests and limits for single Pods. 5494 properties: 5495 claims: 5496 description: "Claims lists the names of resources, defined in 5497 spec.resourceClaims, that are used by this container. \n This 5498 is an alpha field and requires enabling the DynamicResourceAllocation 5499 feature gate. \n This field is immutable." 5500 items: 5501 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 5502 properties: 5503 name: 5504 description: Name must match the name of one entry in pod.spec.resourceClaims 5505 of the Pod where this field is used. It makes that resource 5506 available inside a container. 5507 type: string 5508 required: 5509 - name 5510 type: object 5511 type: array 5512 x-kubernetes-list-map-keys: 5513 - name 5514 x-kubernetes-list-type: map 5515 limits: 5516 additionalProperties: 5517 anyOf: 5518 - type: integer 5519 - type: string 5520 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5521 x-kubernetes-int-or-string: true 5522 description: 'Limits describes the maximum amount of compute resources 5523 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5524 type: object 5525 requests: 5526 additionalProperties: 5527 anyOf: 5528 - type: integer 5529 - type: string 5530 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5531 x-kubernetes-int-or-string: true 5532 description: 'Requests describes the minimum amount of compute 5533 resources required. If Requests is omitted for a container, 5534 it defaults to Limits if that is explicitly specified, otherwise 5535 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5536 type: object 5537 type: object 5538 retention: 5539 description: Time duration Prometheus shall retain data for. Default 5540 is '24h' if retentionSize is not set, and must match the regular 5541 expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes 5542 hours days weeks years). 5543 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 5544 type: string 5545 retentionSize: 5546 description: Maximum amount of disk space used by blocks. 5547 pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ 5548 type: string 5549 routePrefix: 5550 description: The route prefix Prometheus registers HTTP handlers for. 5551 This is useful, if using ExternalURL and a proxy is rewriting HTTP 5552 routes of a request, and the actual ExternalURL is still true, but 5553 the server serves requests under a different route prefix. For example 5554 for use with `kubectl proxy`. 5555 type: string 5556 ruleNamespaceSelector: 5557 description: Namespaces to be selected for PrometheusRules discovery. 5558 If unspecified, only the same namespace as the Prometheus object 5559 is in is used. 5560 properties: 5561 matchExpressions: 5562 description: matchExpressions is a list of label selector requirements. 5563 The requirements are ANDed. 5564 items: 5565 description: A label selector requirement is a selector that 5566 contains values, a key, and an operator that relates the key 5567 and values. 5568 properties: 5569 key: 5570 description: key is the label key that the selector applies 5571 to. 5572 type: string 5573 operator: 5574 description: operator represents a key's relationship to 5575 a set of values. Valid operators are In, NotIn, Exists 5576 and DoesNotExist. 5577 type: string 5578 values: 5579 description: values is an array of string values. If the 5580 operator is In or NotIn, the values array must be non-empty. 5581 If the operator is Exists or DoesNotExist, the values 5582 array must be empty. This array is replaced during a strategic 5583 merge patch. 5584 items: 5585 type: string 5586 type: array 5587 required: 5588 - key 5589 - operator 5590 type: object 5591 type: array 5592 matchLabels: 5593 additionalProperties: 5594 type: string 5595 description: matchLabels is a map of {key,value} pairs. A single 5596 {key,value} in the matchLabels map is equivalent to an element 5597 of matchExpressions, whose key field is "key", the operator 5598 is "In", and the values array contains only "value". The requirements 5599 are ANDed. 5600 type: object 5601 type: object 5602 x-kubernetes-map-type: atomic 5603 ruleSelector: 5604 description: A selector to select which PrometheusRules to mount for 5605 loading alerting/recording rules from. Until (excluding) Prometheus 5606 Operator v0.24.0 Prometheus Operator will migrate any legacy rule 5607 ConfigMaps to PrometheusRule custom resources selected by RuleSelector. 5608 Make sure it does not match any config maps that you do not want 5609 to be migrated. 5610 properties: 5611 matchExpressions: 5612 description: matchExpressions is a list of label selector requirements. 5613 The requirements are ANDed. 5614 items: 5615 description: A label selector requirement is a selector that 5616 contains values, a key, and an operator that relates the key 5617 and values. 5618 properties: 5619 key: 5620 description: key is the label key that the selector applies 5621 to. 5622 type: string 5623 operator: 5624 description: operator represents a key's relationship to 5625 a set of values. Valid operators are In, NotIn, Exists 5626 and DoesNotExist. 5627 type: string 5628 values: 5629 description: values is an array of string values. If the 5630 operator is In or NotIn, the values array must be non-empty. 5631 If the operator is Exists or DoesNotExist, the values 5632 array must be empty. This array is replaced during a strategic 5633 merge patch. 5634 items: 5635 type: string 5636 type: array 5637 required: 5638 - key 5639 - operator 5640 type: object 5641 type: array 5642 matchLabels: 5643 additionalProperties: 5644 type: string 5645 description: matchLabels is a map of {key,value} pairs. A single 5646 {key,value} in the matchLabels map is equivalent to an element 5647 of matchExpressions, whose key field is "key", the operator 5648 is "In", and the values array contains only "value". The requirements 5649 are ANDed. 5650 type: object 5651 type: object 5652 x-kubernetes-map-type: atomic 5653 rules: 5654 description: /--rules.*/ command-line arguments. 5655 properties: 5656 alert: 5657 description: /--rules.alert.*/ command-line arguments 5658 properties: 5659 forGracePeriod: 5660 description: Minimum duration between alert and restored 'for' 5661 state. This is maintained only for alerts with configured 5662 'for' time greater than grace period. 5663 type: string 5664 forOutageTolerance: 5665 description: Max time to tolerate prometheus outage for restoring 5666 'for' state of alert. 5667 type: string 5668 resendDelay: 5669 description: Minimum amount of time to wait before resending 5670 an alert to Alertmanager. 5671 type: string 5672 type: object 5673 type: object 5674 scrapeInterval: 5675 default: 30s 5676 description: 'Interval between consecutive scrapes. Default: `30s`' 5677 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 5678 type: string 5679 scrapeTimeout: 5680 description: Number of seconds to wait for target to respond before 5681 erroring. 5682 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 5683 type: string 5684 secrets: 5685 description: Secrets is a list of Secrets in the same namespace as 5686 the Prometheus object, which shall be mounted into the Prometheus 5687 Pods. Each Secret is added to the StatefulSet definition as a volume 5688 named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/<secret-name> 5689 in the 'prometheus' container. 5690 items: 5691 type: string 5692 type: array 5693 securityContext: 5694 description: SecurityContext holds pod-level security attributes and 5695 common container settings. This defaults to the default PodSecurityContext. 5696 properties: 5697 fsGroup: 5698 description: "A special supplemental group that applies to all 5699 containers in a pod. Some volume types allow the Kubelet to 5700 change the ownership of that volume to be owned by the pod: 5701 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 5702 set (new files created in the volume will be owned by FSGroup) 5703 3. The permission bits are OR'd with rw-rw---- \n If unset, 5704 the Kubelet will not modify the ownership and permissions of 5705 any volume. Note that this field cannot be set when spec.os.name 5706 is windows." 5707 format: int64 5708 type: integer 5709 fsGroupChangePolicy: 5710 description: 'fsGroupChangePolicy defines behavior of changing 5711 ownership and permission of the volume before being exposed 5712 inside Pod. This field will only apply to volume types which 5713 support fsGroup based ownership(and permissions). It will have 5714 no effect on ephemeral volume types such as: secret, configmaps 5715 and emptydir. Valid values are "OnRootMismatch" and "Always". 5716 If not specified, "Always" is used. Note that this field cannot 5717 be set when spec.os.name is windows.' 5718 type: string 5719 runAsGroup: 5720 description: The GID to run the entrypoint of the container process. 5721 Uses runtime default if unset. May also be set in SecurityContext. If 5722 set in both SecurityContext and PodSecurityContext, the value 5723 specified in SecurityContext takes precedence for that container. 5724 Note that this field cannot be set when spec.os.name is windows. 5725 format: int64 5726 type: integer 5727 runAsNonRoot: 5728 description: Indicates that the container must run as a non-root 5729 user. If true, the Kubelet will validate the image at runtime 5730 to ensure that it does not run as UID 0 (root) and fail to start 5731 the container if it does. If unset or false, no such validation 5732 will be performed. May also be set in SecurityContext. If set 5733 in both SecurityContext and PodSecurityContext, the value specified 5734 in SecurityContext takes precedence. 5735 type: boolean 5736 runAsUser: 5737 description: The UID to run the entrypoint of the container process. 5738 Defaults to user specified in image metadata if unspecified. 5739 May also be set in SecurityContext. If set in both SecurityContext 5740 and PodSecurityContext, the value specified in SecurityContext 5741 takes precedence for that container. Note that this field cannot 5742 be set when spec.os.name is windows. 5743 format: int64 5744 type: integer 5745 seLinuxOptions: 5746 description: The SELinux context to be applied to all containers. 5747 If unspecified, the container runtime will allocate a random 5748 SELinux context for each container. May also be set in SecurityContext. If 5749 set in both SecurityContext and PodSecurityContext, the value 5750 specified in SecurityContext takes precedence for that container. 5751 Note that this field cannot be set when spec.os.name is windows. 5752 properties: 5753 level: 5754 description: Level is SELinux level label that applies to 5755 the container. 5756 type: string 5757 role: 5758 description: Role is a SELinux role label that applies to 5759 the container. 5760 type: string 5761 type: 5762 description: Type is a SELinux type label that applies to 5763 the container. 5764 type: string 5765 user: 5766 description: User is a SELinux user label that applies to 5767 the container. 5768 type: string 5769 type: object 5770 seccompProfile: 5771 description: The seccomp options to use by the containers in this 5772 pod. Note that this field cannot be set when spec.os.name is 5773 windows. 5774 properties: 5775 localhostProfile: 5776 description: localhostProfile indicates a profile defined 5777 in a file on the node should be used. The profile must be 5778 preconfigured on the node to work. Must be a descending 5779 path, relative to the kubelet's configured seccomp profile 5780 location. Must only be set if type is "Localhost". 5781 type: string 5782 type: 5783 description: "type indicates which kind of seccomp profile 5784 will be applied. Valid options are: \n Localhost - a profile 5785 defined in a file on the node should be used. RuntimeDefault 5786 - the container runtime default profile should be used. 5787 Unconfined - no profile should be applied." 5788 type: string 5789 required: 5790 - type 5791 type: object 5792 supplementalGroups: 5793 description: A list of groups applied to the first process run 5794 in each container, in addition to the container's primary GID, 5795 the fsGroup (if specified), and group memberships defined in 5796 the container image for the uid of the container process. If 5797 unspecified, no additional groups are added to any container. 5798 Note that group memberships defined in the container image for 5799 the uid of the container process are still effective, even if 5800 they are not included in this list. Note that this field cannot 5801 be set when spec.os.name is windows. 5802 items: 5803 format: int64 5804 type: integer 5805 type: array 5806 sysctls: 5807 description: Sysctls hold a list of namespaced sysctls used for 5808 the pod. Pods with unsupported sysctls (by the container runtime) 5809 might fail to launch. Note that this field cannot be set when 5810 spec.os.name is windows. 5811 items: 5812 description: Sysctl defines a kernel parameter to be set 5813 properties: 5814 name: 5815 description: Name of a property to set 5816 type: string 5817 value: 5818 description: Value of a property to set 5819 type: string 5820 required: 5821 - name 5822 - value 5823 type: object 5824 type: array 5825 windowsOptions: 5826 description: The Windows specific settings applied to all containers. 5827 If unspecified, the options within a container's SecurityContext 5828 will be used. If set in both SecurityContext and PodSecurityContext, 5829 the value specified in SecurityContext takes precedence. Note 5830 that this field cannot be set when spec.os.name is linux. 5831 properties: 5832 gmsaCredentialSpec: 5833 description: GMSACredentialSpec is where the GMSA admission 5834 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5835 inlines the contents of the GMSA credential spec named by 5836 the GMSACredentialSpecName field. 5837 type: string 5838 gmsaCredentialSpecName: 5839 description: GMSACredentialSpecName is the name of the GMSA 5840 credential spec to use. 5841 type: string 5842 hostProcess: 5843 description: HostProcess determines if a container should 5844 be run as a 'Host Process' container. This field is alpha-level 5845 and will only be honored by components that enable the WindowsHostProcessContainers 5846 feature flag. Setting this field without the feature flag 5847 will result in errors when validating the Pod. All of a 5848 Pod's containers must have the same effective HostProcess 5849 value (it is not allowed to have a mix of HostProcess containers 5850 and non-HostProcess containers). In addition, if HostProcess 5851 is true then HostNetwork must also be set to true. 5852 type: boolean 5853 runAsUserName: 5854 description: The UserName in Windows to run the entrypoint 5855 of the container process. Defaults to the user specified 5856 in image metadata if unspecified. May also be set in PodSecurityContext. 5857 If set in both SecurityContext and PodSecurityContext, the 5858 value specified in SecurityContext takes precedence. 5859 type: string 5860 type: object 5861 type: object 5862 serviceAccountName: 5863 description: ServiceAccountName is the name of the ServiceAccount 5864 to use to run the Prometheus Pods. 5865 type: string 5866 serviceMonitorNamespaceSelector: 5867 description: Namespace's labels to match for ServiceMonitor discovery. 5868 If nil, only check own namespace. 5869 properties: 5870 matchExpressions: 5871 description: matchExpressions is a list of label selector requirements. 5872 The requirements are ANDed. 5873 items: 5874 description: A label selector requirement is a selector that 5875 contains values, a key, and an operator that relates the key 5876 and values. 5877 properties: 5878 key: 5879 description: key is the label key that the selector applies 5880 to. 5881 type: string 5882 operator: 5883 description: operator represents a key's relationship to 5884 a set of values. Valid operators are In, NotIn, Exists 5885 and DoesNotExist. 5886 type: string 5887 values: 5888 description: values is an array of string values. If the 5889 operator is In or NotIn, the values array must be non-empty. 5890 If the operator is Exists or DoesNotExist, the values 5891 array must be empty. This array is replaced during a strategic 5892 merge patch. 5893 items: 5894 type: string 5895 type: array 5896 required: 5897 - key 5898 - operator 5899 type: object 5900 type: array 5901 matchLabels: 5902 additionalProperties: 5903 type: string 5904 description: matchLabels is a map of {key,value} pairs. A single 5905 {key,value} in the matchLabels map is equivalent to an element 5906 of matchExpressions, whose key field is "key", the operator 5907 is "In", and the values array contains only "value". The requirements 5908 are ANDed. 5909 type: object 5910 type: object 5911 x-kubernetes-map-type: atomic 5912 serviceMonitorSelector: 5913 description: "ServiceMonitors to be selected for target discovery. 5914 \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and 5915 `spec.probeSelector` are null, the Prometheus configuration is unmanaged. 5916 The Prometheus operator will ensure that the Prometheus configuration's 5917 Secret exists, but it is the responsibility of the user to provide 5918 the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` 5919 key. This behavior is deprecated and will be removed in the next 5920 major version of the custom resource definition. It is recommended 5921 to use `spec.additionalScrapeConfigs` instead." 5922 properties: 5923 matchExpressions: 5924 description: matchExpressions is a list of label selector requirements. 5925 The requirements are ANDed. 5926 items: 5927 description: A label selector requirement is a selector that 5928 contains values, a key, and an operator that relates the key 5929 and values. 5930 properties: 5931 key: 5932 description: key is the label key that the selector applies 5933 to. 5934 type: string 5935 operator: 5936 description: operator represents a key's relationship to 5937 a set of values. Valid operators are In, NotIn, Exists 5938 and DoesNotExist. 5939 type: string 5940 values: 5941 description: values is an array of string values. If the 5942 operator is In or NotIn, the values array must be non-empty. 5943 If the operator is Exists or DoesNotExist, the values 5944 array must be empty. This array is replaced during a strategic 5945 merge patch. 5946 items: 5947 type: string 5948 type: array 5949 required: 5950 - key 5951 - operator 5952 type: object 5953 type: array 5954 matchLabels: 5955 additionalProperties: 5956 type: string 5957 description: matchLabels is a map of {key,value} pairs. A single 5958 {key,value} in the matchLabels map is equivalent to an element 5959 of matchExpressions, whose key field is "key", the operator 5960 is "In", and the values array contains only "value". The requirements 5961 are ANDed. 5962 type: object 5963 type: object 5964 x-kubernetes-map-type: atomic 5965 sha: 5966 description: 'SHA of Prometheus container image to be deployed. Defaults 5967 to the value of `version`. Similar to a tag, but the SHA explicitly 5968 deploys an immutable container image. Version and Tag are ignored 5969 if SHA is set. Deprecated: use ''image'' instead. The image digest 5970 can be specified as part of the image URL.' 5971 type: string 5972 shards: 5973 description: 'EXPERIMENTAL: Number of shards to distribute targets 5974 onto. Number of replicas multiplied by shards is the total number 5975 of Pods created. Note that scaling down shards will not reshard 5976 data onto remaining instances, it must be manually moved. Increasing 5977 shards will not reshard data either but it will continue to be available 5978 from the same instances. To query globally use Thanos sidecar and 5979 Thanos querier or remote write data to a central location. Sharding 5980 is done on the content of the `__address__` target meta-label.' 5981 format: int32 5982 type: integer 5983 storage: 5984 description: Storage spec to specify how storage shall be used. 5985 properties: 5986 disableMountSubPath: 5987 description: 'Deprecated: subPath usage will be disabled by default 5988 in a future release, this option will become unnecessary. DisableMountSubPath 5989 allows to remove any subPath usage in volume mounts.' 5990 type: boolean 5991 emptyDir: 5992 description: 'EmptyDirVolumeSource to be used by the StatefulSet. 5993 If specified, used in place of any volumeClaimTemplate. More 5994 info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 5995 properties: 5996 medium: 5997 description: 'medium represents what type of storage medium 5998 should back this directory. The default is "" which means 5999 to use the node''s default medium. Must be an empty string 6000 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6001 type: string 6002 sizeLimit: 6003 anyOf: 6004 - type: integer 6005 - type: string 6006 description: 'sizeLimit is the total amount of local storage 6007 required for this EmptyDir volume. The size limit is also 6008 applicable for memory medium. The maximum usage on memory 6009 medium EmptyDir would be the minimum value between the SizeLimit 6010 specified here and the sum of memory limits of all containers 6011 in a pod. The default is nil which means that the limit 6012 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 6013 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6014 x-kubernetes-int-or-string: true 6015 type: object 6016 ephemeral: 6017 description: 'EphemeralVolumeSource to be used by the StatefulSet. 6018 This is a beta field in k8s 1.21, for lower versions, starting 6019 with k8s 1.19, it requires enabling the GenericEphemeralVolume 6020 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 6021 properties: 6022 volumeClaimTemplate: 6023 description: "Will be used to create a stand-alone PVC to 6024 provision the volume. The pod in which this EphemeralVolumeSource 6025 is embedded will be the owner of the PVC, i.e. the PVC will 6026 be deleted together with the pod. The name of the PVC will 6027 be `<pod name>-<volume name>` where `<volume name>` is the 6028 name from the `PodSpec.Volumes` array entry. Pod validation 6029 will reject the pod if the concatenated name is not valid 6030 for a PVC (for example, too long). \n An existing PVC with 6031 that name that is not owned by the pod will *not* be used 6032 for the pod to avoid using an unrelated volume by mistake. 6033 Starting the pod is then blocked until the unrelated PVC 6034 is removed. If such a pre-created PVC is meant to be used 6035 by the pod, the PVC has to updated with an owner reference 6036 to the pod once the pod exists. Normally this should not 6037 be necessary, but it may be useful when manually reconstructing 6038 a broken cluster. \n This field is read-only and no changes 6039 will be made by Kubernetes to the PVC after it has been 6040 created. \n Required, must not be nil." 6041 properties: 6042 metadata: 6043 description: May contain labels and annotations that will 6044 be copied into the PVC when creating it. No other fields 6045 are allowed and will be rejected during validation. 6046 type: object 6047 spec: 6048 description: The specification for the PersistentVolumeClaim. 6049 The entire content is copied unchanged into the PVC 6050 that gets created from this template. The same fields 6051 as in a PersistentVolumeClaim are also valid here. 6052 properties: 6053 accessModes: 6054 description: 'accessModes contains the desired access 6055 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6056 items: 6057 type: string 6058 type: array 6059 dataSource: 6060 description: 'dataSource field can be used to specify 6061 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6062 * An existing PVC (PersistentVolumeClaim) If the 6063 provisioner or an external controller can support 6064 the specified data source, it will create a new 6065 volume based on the contents of the specified data 6066 source. When the AnyVolumeDataSource feature gate 6067 is enabled, dataSource contents will be copied to 6068 dataSourceRef, and dataSourceRef contents will be 6069 copied to dataSource when dataSourceRef.namespace 6070 is not specified. If the namespace is specified, 6071 then dataSourceRef will not be copied to dataSource.' 6072 properties: 6073 apiGroup: 6074 description: APIGroup is the group for the resource 6075 being referenced. If APIGroup is not specified, 6076 the specified Kind must be in the core API group. 6077 For any other third-party types, APIGroup is 6078 required. 6079 type: string 6080 kind: 6081 description: Kind is the type of resource being 6082 referenced 6083 type: string 6084 name: 6085 description: Name is the name of resource being 6086 referenced 6087 type: string 6088 required: 6089 - kind 6090 - name 6091 type: object 6092 x-kubernetes-map-type: atomic 6093 dataSourceRef: 6094 description: 'dataSourceRef specifies the object from 6095 which to populate the volume with data, if a non-empty 6096 volume is desired. This may be any object from a 6097 non-empty API group (non core object) or a PersistentVolumeClaim 6098 object. When this field is specified, volume binding 6099 will only succeed if the type of the specified object 6100 matches some installed volume populator or dynamic 6101 provisioner. This field will replace the functionality 6102 of the dataSource field and as such if both fields 6103 are non-empty, they must have the same value. For 6104 backwards compatibility, when namespace isn''t specified 6105 in dataSourceRef, both fields (dataSource and dataSourceRef) 6106 will be set to the same value automatically if one 6107 of them is empty and the other is non-empty. When 6108 namespace is specified in dataSourceRef, dataSource 6109 isn''t set to the same value and must be empty. 6110 There are three important differences between dataSource 6111 and dataSourceRef: * While dataSource only allows 6112 two specific types of objects, dataSourceRef allows 6113 any non-core object, as well as PersistentVolumeClaim 6114 objects. * While dataSource ignores disallowed values 6115 (dropping them), dataSourceRef preserves all values, 6116 and generates an error if a disallowed value is 6117 specified. * While dataSource only allows local 6118 objects, dataSourceRef allows objects in any namespaces. 6119 (Beta) Using this field requires the AnyVolumeDataSource 6120 feature gate to be enabled. (Alpha) Using the namespace 6121 field of dataSourceRef requires the CrossNamespaceVolumeDataSource 6122 feature gate to be enabled.' 6123 properties: 6124 apiGroup: 6125 description: APIGroup is the group for the resource 6126 being referenced. If APIGroup is not specified, 6127 the specified Kind must be in the core API group. 6128 For any other third-party types, APIGroup is 6129 required. 6130 type: string 6131 kind: 6132 description: Kind is the type of resource being 6133 referenced 6134 type: string 6135 name: 6136 description: Name is the name of resource being 6137 referenced 6138 type: string 6139 namespace: 6140 description: Namespace is the namespace of resource 6141 being referenced Note that when a namespace 6142 is specified, a gateway.networking.k8s.io/ReferenceGrant 6143 object is required in the referent namespace 6144 to allow that namespace's owner to accept the 6145 reference. See the ReferenceGrant documentation 6146 for details. (Alpha) This field requires the 6147 CrossNamespaceVolumeDataSource feature gate 6148 to be enabled. 6149 type: string 6150 required: 6151 - kind 6152 - name 6153 type: object 6154 resources: 6155 description: 'resources represents the minimum resources 6156 the volume should have. If RecoverVolumeExpansionFailure 6157 feature is enabled users are allowed to specify 6158 resource requirements that are lower than previous 6159 value but must still be higher than capacity recorded 6160 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6161 properties: 6162 claims: 6163 description: "Claims lists the names of resources, 6164 defined in spec.resourceClaims, that are used 6165 by this container. \n This is an alpha field 6166 and requires enabling the DynamicResourceAllocation 6167 feature gate. \n This field is immutable." 6168 items: 6169 description: ResourceClaim references one entry 6170 in PodSpec.ResourceClaims. 6171 properties: 6172 name: 6173 description: Name must match the name of 6174 one entry in pod.spec.resourceClaims of 6175 the Pod where this field is used. It makes 6176 that resource available inside a container. 6177 type: string 6178 required: 6179 - name 6180 type: object 6181 type: array 6182 x-kubernetes-list-map-keys: 6183 - name 6184 x-kubernetes-list-type: map 6185 limits: 6186 additionalProperties: 6187 anyOf: 6188 - type: integer 6189 - type: string 6190 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6191 x-kubernetes-int-or-string: true 6192 description: 'Limits describes the maximum amount 6193 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6194 type: object 6195 requests: 6196 additionalProperties: 6197 anyOf: 6198 - type: integer 6199 - type: string 6200 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6201 x-kubernetes-int-or-string: true 6202 description: 'Requests describes the minimum amount 6203 of compute resources required. If Requests is 6204 omitted for a container, it defaults to Limits 6205 if that is explicitly specified, otherwise to 6206 an implementation-defined value. More info: 6207 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6208 type: object 6209 type: object 6210 selector: 6211 description: selector is a label query over volumes 6212 to consider for binding. 6213 properties: 6214 matchExpressions: 6215 description: matchExpressions is a list of label 6216 selector requirements. The requirements are 6217 ANDed. 6218 items: 6219 description: A label selector requirement is 6220 a selector that contains values, a key, and 6221 an operator that relates the key and values. 6222 properties: 6223 key: 6224 description: key is the label key that the 6225 selector applies to. 6226 type: string 6227 operator: 6228 description: operator represents a key's 6229 relationship to a set of values. Valid 6230 operators are In, NotIn, Exists and DoesNotExist. 6231 type: string 6232 values: 6233 description: values is an array of string 6234 values. If the operator is In or NotIn, 6235 the values array must be non-empty. If 6236 the operator is Exists or DoesNotExist, 6237 the values array must be empty. This array 6238 is replaced during a strategic merge patch. 6239 items: 6240 type: string 6241 type: array 6242 required: 6243 - key 6244 - operator 6245 type: object 6246 type: array 6247 matchLabels: 6248 additionalProperties: 6249 type: string 6250 description: matchLabels is a map of {key,value} 6251 pairs. A single {key,value} in the matchLabels 6252 map is equivalent to an element of matchExpressions, 6253 whose key field is "key", the operator is "In", 6254 and the values array contains only "value". 6255 The requirements are ANDed. 6256 type: object 6257 type: object 6258 x-kubernetes-map-type: atomic 6259 storageClassName: 6260 description: 'storageClassName is the name of the 6261 StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6262 type: string 6263 volumeMode: 6264 description: volumeMode defines what type of volume 6265 is required by the claim. Value of Filesystem is 6266 implied when not included in claim spec. 6267 type: string 6268 volumeName: 6269 description: volumeName is the binding reference to 6270 the PersistentVolume backing this claim. 6271 type: string 6272 type: object 6273 required: 6274 - spec 6275 type: object 6276 type: object 6277 volumeClaimTemplate: 6278 description: A PVC spec to be used by the StatefulSet. The easiest 6279 way to use a volume that cannot be automatically provisioned 6280 (for whatever reason) is to use a label selector alongside manually 6281 created PersistentVolumes. 6282 properties: 6283 apiVersion: 6284 description: 'APIVersion defines the versioned schema of this 6285 representation of an object. Servers should convert recognized 6286 schemas to the latest internal value, and may reject unrecognized 6287 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6288 type: string 6289 kind: 6290 description: 'Kind is a string value representing the REST 6291 resource this object represents. Servers may infer this 6292 from the endpoint the client submits requests to. Cannot 6293 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6294 type: string 6295 metadata: 6296 description: EmbeddedMetadata contains metadata relevant to 6297 an EmbeddedResource. 6298 properties: 6299 annotations: 6300 additionalProperties: 6301 type: string 6302 description: 'Annotations is an unstructured key value 6303 map stored with a resource that may be set by external 6304 tools to store and retrieve arbitrary metadata. They 6305 are not queryable and should be preserved when modifying 6306 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 6307 type: object 6308 labels: 6309 additionalProperties: 6310 type: string 6311 description: 'Map of string keys and values that can be 6312 used to organize and categorize (scope and select) objects. 6313 May match selectors of replication controllers and services. 6314 More info: http://kubernetes.io/docs/user-guide/labels' 6315 type: object 6316 name: 6317 description: 'Name must be unique within a namespace. 6318 Is required when creating resources, although some resources 6319 may allow a client to request the generation of an appropriate 6320 name automatically. Name is primarily intended for creation 6321 idempotence and configuration definition. Cannot be 6322 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 6323 type: string 6324 type: object 6325 spec: 6326 description: 'Spec defines the desired characteristics of 6327 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6328 properties: 6329 accessModes: 6330 description: 'accessModes contains the desired access 6331 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6332 items: 6333 type: string 6334 type: array 6335 dataSource: 6336 description: 'dataSource field can be used to specify 6337 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6338 * An existing PVC (PersistentVolumeClaim) If the provisioner 6339 or an external controller can support the specified 6340 data source, it will create a new volume based on the 6341 contents of the specified data source. When the AnyVolumeDataSource 6342 feature gate is enabled, dataSource contents will be 6343 copied to dataSourceRef, and dataSourceRef contents 6344 will be copied to dataSource when dataSourceRef.namespace 6345 is not specified. If the namespace is specified, then 6346 dataSourceRef will not be copied to dataSource.' 6347 properties: 6348 apiGroup: 6349 description: APIGroup is the group for the resource 6350 being referenced. If APIGroup is not specified, 6351 the specified Kind must be in the core API group. 6352 For any other third-party types, APIGroup is required. 6353 type: string 6354 kind: 6355 description: Kind is the type of resource being referenced 6356 type: string 6357 name: 6358 description: Name is the name of resource being referenced 6359 type: string 6360 required: 6361 - kind 6362 - name 6363 type: object 6364 x-kubernetes-map-type: atomic 6365 dataSourceRef: 6366 description: 'dataSourceRef specifies the object from 6367 which to populate the volume with data, if a non-empty 6368 volume is desired. This may be any object from a non-empty 6369 API group (non core object) or a PersistentVolumeClaim 6370 object. When this field is specified, volume binding 6371 will only succeed if the type of the specified object 6372 matches some installed volume populator or dynamic provisioner. 6373 This field will replace the functionality of the dataSource 6374 field and as such if both fields are non-empty, they 6375 must have the same value. For backwards compatibility, 6376 when namespace isn''t specified in dataSourceRef, both 6377 fields (dataSource and dataSourceRef) will be set to 6378 the same value automatically if one of them is empty 6379 and the other is non-empty. When namespace is specified 6380 in dataSourceRef, dataSource isn''t set to the same 6381 value and must be empty. There are three important differences 6382 between dataSource and dataSourceRef: * While dataSource 6383 only allows two specific types of objects, dataSourceRef 6384 allows any non-core object, as well as PersistentVolumeClaim 6385 objects. * While dataSource ignores disallowed values 6386 (dropping them), dataSourceRef preserves all values, 6387 and generates an error if a disallowed value is specified. 6388 * While dataSource only allows local objects, dataSourceRef 6389 allows objects in any namespaces. (Beta) Using this 6390 field requires the AnyVolumeDataSource feature gate 6391 to be enabled. (Alpha) Using the namespace field of 6392 dataSourceRef requires the CrossNamespaceVolumeDataSource 6393 feature gate to be enabled.' 6394 properties: 6395 apiGroup: 6396 description: APIGroup is the group for the resource 6397 being referenced. If APIGroup is not specified, 6398 the specified Kind must be in the core API group. 6399 For any other third-party types, APIGroup is required. 6400 type: string 6401 kind: 6402 description: Kind is the type of resource being referenced 6403 type: string 6404 name: 6405 description: Name is the name of resource being referenced 6406 type: string 6407 namespace: 6408 description: Namespace is the namespace of resource 6409 being referenced Note that when a namespace is specified, 6410 a gateway.networking.k8s.io/ReferenceGrant object 6411 is required in the referent namespace to allow that 6412 namespace's owner to accept the reference. See the 6413 ReferenceGrant documentation for details. (Alpha) 6414 This field requires the CrossNamespaceVolumeDataSource 6415 feature gate to be enabled. 6416 type: string 6417 required: 6418 - kind 6419 - name 6420 type: object 6421 resources: 6422 description: 'resources represents the minimum resources 6423 the volume should have. If RecoverVolumeExpansionFailure 6424 feature is enabled users are allowed to specify resource 6425 requirements that are lower than previous value but 6426 must still be higher than capacity recorded in the status 6427 field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6428 properties: 6429 claims: 6430 description: "Claims lists the names of resources, 6431 defined in spec.resourceClaims, that are used by 6432 this container. \n This is an alpha field and requires 6433 enabling the DynamicResourceAllocation feature gate. 6434 \n This field is immutable." 6435 items: 6436 description: ResourceClaim references one entry 6437 in PodSpec.ResourceClaims. 6438 properties: 6439 name: 6440 description: Name must match the name of one 6441 entry in pod.spec.resourceClaims of the Pod 6442 where this field is used. It makes that resource 6443 available inside a container. 6444 type: string 6445 required: 6446 - name 6447 type: object 6448 type: array 6449 x-kubernetes-list-map-keys: 6450 - name 6451 x-kubernetes-list-type: map 6452 limits: 6453 additionalProperties: 6454 anyOf: 6455 - type: integer 6456 - type: string 6457 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6458 x-kubernetes-int-or-string: true 6459 description: 'Limits describes the maximum amount 6460 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6461 type: object 6462 requests: 6463 additionalProperties: 6464 anyOf: 6465 - type: integer 6466 - type: string 6467 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6468 x-kubernetes-int-or-string: true 6469 description: 'Requests describes the minimum amount 6470 of compute resources required. If Requests is omitted 6471 for a container, it defaults to Limits if that is 6472 explicitly specified, otherwise to an implementation-defined 6473 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6474 type: object 6475 type: object 6476 selector: 6477 description: selector is a label query over volumes to 6478 consider for binding. 6479 properties: 6480 matchExpressions: 6481 description: matchExpressions is a list of label selector 6482 requirements. The requirements are ANDed. 6483 items: 6484 description: A label selector requirement is a selector 6485 that contains values, a key, and an operator that 6486 relates the key and values. 6487 properties: 6488 key: 6489 description: key is the label key that the selector 6490 applies to. 6491 type: string 6492 operator: 6493 description: operator represents a key's relationship 6494 to a set of values. Valid operators are In, 6495 NotIn, Exists and DoesNotExist. 6496 type: string 6497 values: 6498 description: values is an array of string values. 6499 If the operator is In or NotIn, the values 6500 array must be non-empty. If the operator is 6501 Exists or DoesNotExist, the values array must 6502 be empty. This array is replaced during a 6503 strategic merge patch. 6504 items: 6505 type: string 6506 type: array 6507 required: 6508 - key 6509 - operator 6510 type: object 6511 type: array 6512 matchLabels: 6513 additionalProperties: 6514 type: string 6515 description: matchLabels is a map of {key,value} pairs. 6516 A single {key,value} in the matchLabels map is equivalent 6517 to an element of matchExpressions, whose key field 6518 is "key", the operator is "In", and the values array 6519 contains only "value". The requirements are ANDed. 6520 type: object 6521 type: object 6522 x-kubernetes-map-type: atomic 6523 storageClassName: 6524 description: 'storageClassName is the name of the StorageClass 6525 required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6526 type: string 6527 volumeMode: 6528 description: volumeMode defines what type of volume is 6529 required by the claim. Value of Filesystem is implied 6530 when not included in claim spec. 6531 type: string 6532 volumeName: 6533 description: volumeName is the binding reference to the 6534 PersistentVolume backing this claim. 6535 type: string 6536 type: object 6537 status: 6538 description: 'Status represents the current information/status 6539 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6540 properties: 6541 accessModes: 6542 description: 'accessModes contains the actual access modes 6543 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6544 items: 6545 type: string 6546 type: array 6547 allocatedResources: 6548 additionalProperties: 6549 anyOf: 6550 - type: integer 6551 - type: string 6552 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6553 x-kubernetes-int-or-string: true 6554 description: allocatedResources is the storage resource 6555 within AllocatedResources tracks the capacity allocated 6556 to a PVC. It may be larger than the actual capacity 6557 when a volume expansion operation is requested. For 6558 storage quota, the larger value from allocatedResources 6559 and PVC.spec.resources is used. If allocatedResources 6560 is not set, PVC.spec.resources alone is used for quota 6561 calculation. If a volume expansion capacity request 6562 is lowered, allocatedResources is only lowered if there 6563 are no expansion operations in progress and if the actual 6564 volume capacity is equal or lower than the requested 6565 capacity. This is an alpha field and requires enabling 6566 RecoverVolumeExpansionFailure feature. 6567 type: object 6568 capacity: 6569 additionalProperties: 6570 anyOf: 6571 - type: integer 6572 - type: string 6573 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6574 x-kubernetes-int-or-string: true 6575 description: capacity represents the actual resources 6576 of the underlying volume. 6577 type: object 6578 conditions: 6579 description: conditions is the current Condition of persistent 6580 volume claim. If underlying persistent volume is being 6581 resized then the Condition will be set to 'ResizeStarted'. 6582 items: 6583 description: PersistentVolumeClaimCondition contails 6584 details about state of pvc 6585 properties: 6586 lastProbeTime: 6587 description: lastProbeTime is the time we probed 6588 the condition. 6589 format: date-time 6590 type: string 6591 lastTransitionTime: 6592 description: lastTransitionTime is the time the 6593 condition transitioned from one status to another. 6594 format: date-time 6595 type: string 6596 message: 6597 description: message is the human-readable message 6598 indicating details about last transition. 6599 type: string 6600 reason: 6601 description: reason is a unique, this should be 6602 a short, machine understandable string that gives 6603 the reason for condition's last transition. If 6604 it reports "ResizeStarted" that means the underlying 6605 persistent volume is being resized. 6606 type: string 6607 status: 6608 type: string 6609 type: 6610 description: PersistentVolumeClaimConditionType 6611 is a valid value of PersistentVolumeClaimCondition.Type 6612 type: string 6613 required: 6614 - status 6615 - type 6616 type: object 6617 type: array 6618 phase: 6619 description: phase represents the current phase of PersistentVolumeClaim. 6620 type: string 6621 resizeStatus: 6622 description: resizeStatus stores status of resize operation. 6623 ResizeStatus is not set by default but when expansion 6624 is complete resizeStatus is set to empty string by resize 6625 controller or kubelet. This is an alpha field and requires 6626 enabling RecoverVolumeExpansionFailure feature. 6627 type: string 6628 type: object 6629 type: object 6630 type: object 6631 tag: 6632 description: 'Tag of Prometheus container image to be deployed. Defaults 6633 to the value of `version`. Version is ignored if Tag is set. Deprecated: 6634 use ''image'' instead. The image tag can be specified as part of 6635 the image URL.' 6636 type: string 6637 thanos: 6638 description: "Thanos configuration allows configuring various aspects 6639 of a Prometheus server in a Thanos environment. \n This section 6640 is experimental, it may change significantly without deprecation 6641 notice in any release. \n This is experimental and may change significantly 6642 without backward compatibility in any release." 6643 properties: 6644 additionalArgs: 6645 description: AdditionalArgs allows setting additional arguments 6646 for the Thanos container. The arguments are passed as-is to 6647 the Thanos container which may cause issues if they are invalid 6648 or not supported the given Thanos version. In case of an argument 6649 conflict (e.g. an argument which is already set by the operator 6650 itself) or when providing an invalid argument the reconciliation 6651 will fail and an error will be logged. 6652 items: 6653 description: Argument as part of the AdditionalArgs list. 6654 properties: 6655 name: 6656 description: Name of the argument, e.g. "scrape.discovery-reload-interval". 6657 minLength: 1 6658 type: string 6659 value: 6660 description: Argument value, e.g. 30s. Can be empty for 6661 name-only arguments (e.g. --storage.tsdb.no-lockfile) 6662 type: string 6663 required: 6664 - name 6665 type: object 6666 type: array 6667 baseImage: 6668 description: 'Thanos base image if other than default. Deprecated: 6669 use ''image'' instead' 6670 type: string 6671 grpcListenLocal: 6672 description: If true, the Thanos sidecar listens on the loopback 6673 interface for the gRPC endpoints. It has no effect if `listenLocal` 6674 is true. 6675 type: boolean 6676 grpcServerTlsConfig: 6677 description: 'GRPCServerTLSConfig configures the TLS parameters 6678 for the gRPC server providing the StoreAPI. Note: Currently 6679 only the CAFile, CertFile, and KeyFile fields are supported. 6680 Maps to the ''--grpc-server-tls-*'' CLI args.' 6681 properties: 6682 ca: 6683 description: Certificate authority used when verifying server 6684 certificates. 6685 properties: 6686 configMap: 6687 description: ConfigMap containing data to use for the 6688 targets. 6689 properties: 6690 key: 6691 description: The key to select. 6692 type: string 6693 name: 6694 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6695 TODO: Add other useful fields. apiVersion, kind, 6696 uid?' 6697 type: string 6698 optional: 6699 description: Specify whether the ConfigMap or its 6700 key must be defined 6701 type: boolean 6702 required: 6703 - key 6704 type: object 6705 x-kubernetes-map-type: atomic 6706 secret: 6707 description: Secret containing data to use for the targets. 6708 properties: 6709 key: 6710 description: The key of the secret to select from. Must 6711 be a valid secret key. 6712 type: string 6713 name: 6714 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6715 TODO: Add other useful fields. apiVersion, kind, 6716 uid?' 6717 type: string 6718 optional: 6719 description: Specify whether the Secret or its key 6720 must be defined 6721 type: boolean 6722 required: 6723 - key 6724 type: object 6725 x-kubernetes-map-type: atomic 6726 type: object 6727 caFile: 6728 description: Path to the CA cert in the Prometheus container 6729 to use for the targets. 6730 type: string 6731 cert: 6732 description: Client certificate to present when doing client-authentication. 6733 properties: 6734 configMap: 6735 description: ConfigMap containing data to use for the 6736 targets. 6737 properties: 6738 key: 6739 description: The key to select. 6740 type: string 6741 name: 6742 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6743 TODO: Add other useful fields. apiVersion, kind, 6744 uid?' 6745 type: string 6746 optional: 6747 description: Specify whether the ConfigMap or its 6748 key must be defined 6749 type: boolean 6750 required: 6751 - key 6752 type: object 6753 x-kubernetes-map-type: atomic 6754 secret: 6755 description: Secret containing data to use for the targets. 6756 properties: 6757 key: 6758 description: The key of the secret to select from. Must 6759 be a valid secret key. 6760 type: string 6761 name: 6762 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6763 TODO: Add other useful fields. apiVersion, kind, 6764 uid?' 6765 type: string 6766 optional: 6767 description: Specify whether the Secret or its key 6768 must be defined 6769 type: boolean 6770 required: 6771 - key 6772 type: object 6773 x-kubernetes-map-type: atomic 6774 type: object 6775 certFile: 6776 description: Path to the client cert file in the Prometheus 6777 container for the targets. 6778 type: string 6779 insecureSkipVerify: 6780 description: Disable target certificate validation. 6781 type: boolean 6782 keyFile: 6783 description: Path to the client key file in the Prometheus 6784 container for the targets. 6785 type: string 6786 keySecret: 6787 description: Secret containing the client key file for the 6788 targets. 6789 properties: 6790 key: 6791 description: The key of the secret to select from. Must 6792 be a valid secret key. 6793 type: string 6794 name: 6795 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6796 TODO: Add other useful fields. apiVersion, kind, uid?' 6797 type: string 6798 optional: 6799 description: Specify whether the Secret or its key must 6800 be defined 6801 type: boolean 6802 required: 6803 - key 6804 type: object 6805 x-kubernetes-map-type: atomic 6806 serverName: 6807 description: Used to verify the hostname for the targets. 6808 type: string 6809 type: object 6810 httpListenLocal: 6811 description: If true, the Thanos sidecar listens on the loopback 6812 interface for the HTTP endpoints. It has no effect if `listenLocal` 6813 is true. 6814 type: boolean 6815 image: 6816 description: Image if specified has precedence over baseImage, 6817 tag and sha combinations. Specifying the version is still necessary 6818 to ensure the Prometheus Operator knows what version of Thanos 6819 is being configured. 6820 type: string 6821 listenLocal: 6822 description: 'If true, the Thanos sidecar listens on the loopback 6823 interface for the HTTP and gRPC endpoints. It takes precedence 6824 over `grpcListenLocal` and `httpListenLocal`. Deprecated: use 6825 `grpcListenLocal` and `httpListenLocal` instead.' 6826 type: boolean 6827 logFormat: 6828 description: LogFormat for Thanos sidecar to be configured with. 6829 enum: 6830 - "" 6831 - logfmt 6832 - json 6833 type: string 6834 logLevel: 6835 description: LogLevel for Thanos sidecar to be configured with. 6836 enum: 6837 - "" 6838 - debug 6839 - info 6840 - warn 6841 - error 6842 type: string 6843 minTime: 6844 description: MinTime for Thanos sidecar to be configured with. 6845 Option can be a constant time in RFC3339 format or time duration 6846 relative to current time, such as -1d or 2h45m. Valid duration 6847 units are ms, s, m, h, d, w, y. 6848 type: string 6849 objectStorageConfig: 6850 description: ObjectStorageConfig configures object storage in 6851 Thanos. Alternative to ObjectStorageConfigFile, and lower order 6852 priority. 6853 properties: 6854 key: 6855 description: The key of the secret to select from. Must be 6856 a valid secret key. 6857 type: string 6858 name: 6859 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6860 TODO: Add other useful fields. apiVersion, kind, uid?' 6861 type: string 6862 optional: 6863 description: Specify whether the Secret or its key must be 6864 defined 6865 type: boolean 6866 required: 6867 - key 6868 type: object 6869 x-kubernetes-map-type: atomic 6870 objectStorageConfigFile: 6871 description: ObjectStorageConfigFile specifies the path of the 6872 object storage configuration file. When used alongside with 6873 ObjectStorageConfig, ObjectStorageConfigFile takes precedence. 6874 type: string 6875 readyTimeout: 6876 description: ReadyTimeout is the maximum time Thanos sidecar will 6877 wait for Prometheus to start. Eg 10m 6878 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 6879 type: string 6880 resources: 6881 description: Resources defines the resource requirements for the 6882 Thanos sidecar. If not provided, no requests/limits will be 6883 set 6884 properties: 6885 claims: 6886 description: "Claims lists the names of resources, defined 6887 in spec.resourceClaims, that are used by this container. 6888 \n This is an alpha field and requires enabling the DynamicResourceAllocation 6889 feature gate. \n This field is immutable." 6890 items: 6891 description: ResourceClaim references one entry in PodSpec.ResourceClaims. 6892 properties: 6893 name: 6894 description: Name must match the name of one entry in 6895 pod.spec.resourceClaims of the Pod where this field 6896 is used. It makes that resource available inside a 6897 container. 6898 type: string 6899 required: 6900 - name 6901 type: object 6902 type: array 6903 x-kubernetes-list-map-keys: 6904 - name 6905 x-kubernetes-list-type: map 6906 limits: 6907 additionalProperties: 6908 anyOf: 6909 - type: integer 6910 - type: string 6911 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6912 x-kubernetes-int-or-string: true 6913 description: 'Limits describes the maximum amount of compute 6914 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6915 type: object 6916 requests: 6917 additionalProperties: 6918 anyOf: 6919 - type: integer 6920 - type: string 6921 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6922 x-kubernetes-int-or-string: true 6923 description: 'Requests describes the minimum amount of compute 6924 resources required. If Requests is omitted for a container, 6925 it defaults to Limits if that is explicitly specified, otherwise 6926 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6927 type: object 6928 type: object 6929 sha: 6930 description: 'SHA of Thanos container image to be deployed. Defaults 6931 to the value of `version`. Similar to a tag, but the SHA explicitly 6932 deploys an immutable container image. Version and Tag are ignored 6933 if SHA is set. Deprecated: use ''image'' instead. The image 6934 digest can be specified as part of the image URL.' 6935 type: string 6936 tag: 6937 description: 'Tag of Thanos sidecar container image to be deployed. 6938 Defaults to the value of `version`. Version is ignored if Tag 6939 is set. Deprecated: use ''image'' instead. The image tag can 6940 be specified as part of the image URL.' 6941 type: string 6942 tracingConfig: 6943 description: TracingConfig configures tracing in Thanos. This 6944 is an experimental feature, it may change in any upcoming release 6945 in a breaking way. 6946 properties: 6947 key: 6948 description: The key of the secret to select from. Must be 6949 a valid secret key. 6950 type: string 6951 name: 6952 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6953 TODO: Add other useful fields. apiVersion, kind, uid?' 6954 type: string 6955 optional: 6956 description: Specify whether the Secret or its key must be 6957 defined 6958 type: boolean 6959 required: 6960 - key 6961 type: object 6962 x-kubernetes-map-type: atomic 6963 tracingConfigFile: 6964 description: TracingConfig specifies the path of the tracing configuration 6965 file. When used alongside with TracingConfig, TracingConfigFile 6966 takes precedence. 6967 type: string 6968 version: 6969 description: Version describes the version of Thanos to use. 6970 type: string 6971 volumeMounts: 6972 description: VolumeMounts allows configuration of additional VolumeMounts 6973 on the output StatefulSet definition. VolumeMounts specified 6974 will be appended to other VolumeMounts in the thanos-sidecar 6975 container. 6976 items: 6977 description: VolumeMount describes a mounting of a Volume within 6978 a container. 6979 properties: 6980 mountPath: 6981 description: Path within the container at which the volume 6982 should be mounted. Must not contain ':'. 6983 type: string 6984 mountPropagation: 6985 description: mountPropagation determines how mounts are 6986 propagated from the host to container and the other way 6987 around. When not set, MountPropagationNone is used. This 6988 field is beta in 1.10. 6989 type: string 6990 name: 6991 description: This must match the Name of a Volume. 6992 type: string 6993 readOnly: 6994 description: Mounted read-only if true, read-write otherwise 6995 (false or unspecified). Defaults to false. 6996 type: boolean 6997 subPath: 6998 description: Path within the volume from which the container's 6999 volume should be mounted. Defaults to "" (volume's root). 7000 type: string 7001 subPathExpr: 7002 description: Expanded path within the volume from which 7003 the container's volume should be mounted. Behaves similarly 7004 to SubPath but environment variable references $(VAR_NAME) 7005 are expanded using the container's environment. Defaults 7006 to "" (volume's root). SubPathExpr and SubPath are mutually 7007 exclusive. 7008 type: string 7009 required: 7010 - mountPath 7011 - name 7012 type: object 7013 type: array 7014 type: object 7015 tolerations: 7016 description: If specified, the pod's tolerations. 7017 items: 7018 description: The pod this Toleration is attached to tolerates any 7019 taint that matches the triple <key,value,effect> using the matching 7020 operator <operator>. 7021 properties: 7022 effect: 7023 description: Effect indicates the taint effect to match. Empty 7024 means match all taint effects. When specified, allowed values 7025 are NoSchedule, PreferNoSchedule and NoExecute. 7026 type: string 7027 key: 7028 description: Key is the taint key that the toleration applies 7029 to. Empty means match all taint keys. If the key is empty, 7030 operator must be Exists; this combination means to match all 7031 values and all keys. 7032 type: string 7033 operator: 7034 description: Operator represents a key's relationship to the 7035 value. Valid operators are Exists and Equal. Defaults to Equal. 7036 Exists is equivalent to wildcard for value, so that a pod 7037 can tolerate all taints of a particular category. 7038 type: string 7039 tolerationSeconds: 7040 description: TolerationSeconds represents the period of time 7041 the toleration (which must be of effect NoExecute, otherwise 7042 this field is ignored) tolerates the taint. By default, it 7043 is not set, which means tolerate the taint forever (do not 7044 evict). Zero and negative values will be treated as 0 (evict 7045 immediately) by the system. 7046 format: int64 7047 type: integer 7048 value: 7049 description: Value is the taint value the toleration matches 7050 to. If the operator is Exists, the value should be empty, 7051 otherwise just a regular string. 7052 type: string 7053 type: object 7054 type: array 7055 topologySpreadConstraints: 7056 description: If specified, the pod's topology spread constraints. 7057 items: 7058 description: TopologySpreadConstraint specifies how to spread matching 7059 pods among the given topology. 7060 properties: 7061 labelSelector: 7062 description: LabelSelector is used to find matching pods. Pods 7063 that match this label selector are counted to determine the 7064 number of pods in their corresponding topology domain. 7065 properties: 7066 matchExpressions: 7067 description: matchExpressions is a list of label selector 7068 requirements. The requirements are ANDed. 7069 items: 7070 description: A label selector requirement is a selector 7071 that contains values, a key, and an operator that relates 7072 the key and values. 7073 properties: 7074 key: 7075 description: key is the label key that the selector 7076 applies to. 7077 type: string 7078 operator: 7079 description: operator represents a key's relationship 7080 to a set of values. Valid operators are In, NotIn, 7081 Exists and DoesNotExist. 7082 type: string 7083 values: 7084 description: values is an array of string values. 7085 If the operator is In or NotIn, the values array 7086 must be non-empty. If the operator is Exists or 7087 DoesNotExist, the values array must be empty. This 7088 array is replaced during a strategic merge patch. 7089 items: 7090 type: string 7091 type: array 7092 required: 7093 - key 7094 - operator 7095 type: object 7096 type: array 7097 matchLabels: 7098 additionalProperties: 7099 type: string 7100 description: matchLabels is a map of {key,value} pairs. 7101 A single {key,value} in the matchLabels map is equivalent 7102 to an element of matchExpressions, whose key field is 7103 "key", the operator is "In", and the values array contains 7104 only "value". The requirements are ANDed. 7105 type: object 7106 type: object 7107 x-kubernetes-map-type: atomic 7108 matchLabelKeys: 7109 description: MatchLabelKeys is a set of pod label keys to select 7110 the pods over which spreading will be calculated. The keys 7111 are used to lookup values from the incoming pod labels, those 7112 key-value labels are ANDed with labelSelector to select the 7113 group of existing pods over which spreading will be calculated 7114 for the incoming pod. Keys that don't exist in the incoming 7115 pod labels will be ignored. A null or empty list means only 7116 match against labelSelector. 7117 items: 7118 type: string 7119 type: array 7120 x-kubernetes-list-type: atomic 7121 maxSkew: 7122 description: 'MaxSkew describes the degree to which pods may 7123 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 7124 it is the maximum permitted difference between the number 7125 of matching pods in the target topology and the global minimum. 7126 The global minimum is the minimum number of matching pods 7127 in an eligible domain or zero if the number of eligible domains 7128 is less than MinDomains. For example, in a 3-zone cluster, 7129 MaxSkew is set to 1, and pods with the same labelSelector 7130 spread as 2/2/1: In this case, the global minimum is 1. | 7131 zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew 7132 is 1, incoming pod can only be scheduled to zone3 to become 7133 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) 7134 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 7135 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 7136 it is used to give higher precedence to topologies that satisfy 7137 it. It''s a required field. Default value is 1 and 0 is not 7138 allowed.' 7139 format: int32 7140 type: integer 7141 minDomains: 7142 description: "MinDomains indicates a minimum number of eligible 7143 domains. When the number of eligible domains with matching 7144 topology keys is less than minDomains, Pod Topology Spread 7145 treats \"global minimum\" as 0, and then the calculation of 7146 Skew is performed. And when the number of eligible domains 7147 with matching topology keys equals or greater than minDomains, 7148 this value has no effect on scheduling. As a result, when 7149 the number of eligible domains is less than minDomains, scheduler 7150 won't schedule more than maxSkew Pods to those domains. If 7151 value is nil, the constraint behaves as if MinDomains is equal 7152 to 1. Valid values are integers greater than 0. When value 7153 is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For 7154 example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains 7155 is set to 5 and pods with the same labelSelector spread as 7156 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | 7157 The number of domains is less than 5(MinDomains), so \"global 7158 minimum\" is treated as 0. In this situation, new pod with 7159 the same labelSelector cannot be scheduled, because computed 7160 skew will be 3(3 - 0) if new Pod is scheduled to any of the 7161 three zones, it will violate MaxSkew. \n This is a beta field 7162 and requires the MinDomainsInPodTopologySpread feature gate 7163 to be enabled (enabled by default)." 7164 format: int32 7165 type: integer 7166 nodeAffinityPolicy: 7167 description: "NodeAffinityPolicy indicates how we will treat 7168 Pod's nodeAffinity/nodeSelector when calculating pod topology 7169 spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector 7170 are included in the calculations. - Ignore: nodeAffinity/nodeSelector 7171 are ignored. All nodes are included in the calculations. \n 7172 If this value is nil, the behavior is equivalent to the Honor 7173 policy. This is a beta-level feature default enabled by the 7174 NodeInclusionPolicyInPodTopologySpread feature flag." 7175 type: string 7176 nodeTaintsPolicy: 7177 description: "NodeTaintsPolicy indicates how we will treat node 7178 taints when calculating pod topology spread skew. Options 7179 are: - Honor: nodes without taints, along with tainted nodes 7180 for which the incoming pod has a toleration, are included. 7181 - Ignore: node taints are ignored. All nodes are included. 7182 \n If this value is nil, the behavior is equivalent to the 7183 Ignore policy. This is a beta-level feature default enabled 7184 by the NodeInclusionPolicyInPodTopologySpread feature flag." 7185 type: string 7186 topologyKey: 7187 description: TopologyKey is the key of node labels. Nodes that 7188 have a label with this key and identical values are considered 7189 to be in the same topology. We consider each <key, value> 7190 as a "bucket", and try to put balanced number of pods into 7191 each bucket. We define a domain as a particular instance of 7192 a topology. Also, we define an eligible domain as a domain 7193 whose nodes meet the requirements of nodeAffinityPolicy and 7194 nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", 7195 each Node is a domain of that topology. And, if TopologyKey 7196 is "topology.kubernetes.io/zone", each zone is a domain of 7197 that topology. It's a required field. 7198 type: string 7199 whenUnsatisfiable: 7200 description: 'WhenUnsatisfiable indicates how to deal with a 7201 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 7202 (default) tells the scheduler not to schedule it. - ScheduleAnyway 7203 tells the scheduler to schedule the pod in any location, but 7204 giving higher precedence to topologies that would help reduce 7205 the skew. A constraint is considered "Unsatisfiable" for an 7206 incoming pod if and only if every possible node assignment 7207 for that pod would violate "MaxSkew" on some topology. For 7208 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 7209 with the same labelSelector spread as 3/1/1: | zone1 | zone2 7210 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 7211 set to DoNotSchedule, incoming pod can only be scheduled to 7212 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 7213 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 7214 can still be imbalanced, but scheduler won''t make it *more* 7215 imbalanced. It''s a required field.' 7216 type: string 7217 required: 7218 - maxSkew 7219 - topologyKey 7220 - whenUnsatisfiable 7221 type: object 7222 type: array 7223 tsdb: 7224 description: Defines the runtime reloadable configuration of the timeseries 7225 database (TSDB). 7226 properties: 7227 outOfOrderTimeWindow: 7228 description: Configures how old an out-of-order/out-of-bounds 7229 sample can be w.r.t. the TSDB max time. An out-of-order/out-of-bounds 7230 sample is ingested into the TSDB as long as the timestamp of 7231 the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). Out 7232 of order ingestion is an experimental feature and requires Prometheus 7233 >= v2.39.0. 7234 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ 7235 type: string 7236 type: object 7237 version: 7238 description: Version of Prometheus to be deployed. 7239 type: string 7240 volumeMounts: 7241 description: VolumeMounts allows configuration of additional VolumeMounts 7242 on the output StatefulSet definition. VolumeMounts specified will 7243 be appended to other VolumeMounts in the prometheus container, that 7244 are generated as a result of StorageSpec objects. 7245 items: 7246 description: VolumeMount describes a mounting of a Volume within 7247 a container. 7248 properties: 7249 mountPath: 7250 description: Path within the container at which the volume should 7251 be mounted. Must not contain ':'. 7252 type: string 7253 mountPropagation: 7254 description: mountPropagation determines how mounts are propagated 7255 from the host to container and the other way around. When 7256 not set, MountPropagationNone is used. This field is beta 7257 in 1.10. 7258 type: string 7259 name: 7260 description: This must match the Name of a Volume. 7261 type: string 7262 readOnly: 7263 description: Mounted read-only if true, read-write otherwise 7264 (false or unspecified). Defaults to false. 7265 type: boolean 7266 subPath: 7267 description: Path within the volume from which the container's 7268 volume should be mounted. Defaults to "" (volume's root). 7269 type: string 7270 subPathExpr: 7271 description: Expanded path within the volume from which the 7272 container's volume should be mounted. Behaves similarly to 7273 SubPath but environment variable references $(VAR_NAME) are 7274 expanded using the container's environment. Defaults to "" 7275 (volume's root). SubPathExpr and SubPath are mutually exclusive. 7276 type: string 7277 required: 7278 - mountPath 7279 - name 7280 type: object 7281 type: array 7282 volumes: 7283 description: Volumes allows configuration of additional volumes on 7284 the output StatefulSet definition. Volumes specified will be appended 7285 to other volumes that are generated as a result of StorageSpec objects. 7286 items: 7287 description: Volume represents a named volume in a pod that may 7288 be accessed by any container in the pod. 7289 properties: 7290 awsElasticBlockStore: 7291 description: 'awsElasticBlockStore represents an AWS Disk resource 7292 that is attached to a kubelet''s host machine and then exposed 7293 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7294 properties: 7295 fsType: 7296 description: 'fsType is the filesystem type of the volume 7297 that you want to mount. Tip: Ensure that the filesystem 7298 type is supported by the host operating system. Examples: 7299 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 7300 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 7301 TODO: how do we prevent errors in the filesystem from 7302 compromising the machine' 7303 type: string 7304 partition: 7305 description: 'partition is the partition in the volume that 7306 you want to mount. If omitted, the default is to mount 7307 by volume name. Examples: For volume /dev/sda1, you specify 7308 the partition as "1". Similarly, the volume partition 7309 for /dev/sda is "0" (or you can leave the property empty).' 7310 format: int32 7311 type: integer 7312 readOnly: 7313 description: 'readOnly value true will force the readOnly 7314 setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7315 type: boolean 7316 volumeID: 7317 description: 'volumeID is unique ID of the persistent disk 7318 resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7319 type: string 7320 required: 7321 - volumeID 7322 type: object 7323 azureDisk: 7324 description: azureDisk represents an Azure Data Disk mount on 7325 the host and bind mount to the pod. 7326 properties: 7327 cachingMode: 7328 description: 'cachingMode is the Host Caching mode: None, 7329 Read Only, Read Write.' 7330 type: string 7331 diskName: 7332 description: diskName is the Name of the data disk in the 7333 blob storage 7334 type: string 7335 diskURI: 7336 description: diskURI is the URI of data disk in the blob 7337 storage 7338 type: string 7339 fsType: 7340 description: fsType is Filesystem type to mount. Must be 7341 a filesystem type supported by the host operating system. 7342 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 7343 if unspecified. 7344 type: string 7345 kind: 7346 description: 'kind expected values are Shared: multiple 7347 blob disks per storage account Dedicated: single blob 7348 disk per storage account Managed: azure managed data 7349 disk (only in managed availability set). defaults to shared' 7350 type: string 7351 readOnly: 7352 description: readOnly Defaults to false (read/write). ReadOnly 7353 here will force the ReadOnly setting in VolumeMounts. 7354 type: boolean 7355 required: 7356 - diskName 7357 - diskURI 7358 type: object 7359 azureFile: 7360 description: azureFile represents an Azure File Service mount 7361 on the host and bind mount to the pod. 7362 properties: 7363 readOnly: 7364 description: readOnly defaults to false (read/write). ReadOnly 7365 here will force the ReadOnly setting in VolumeMounts. 7366 type: boolean 7367 secretName: 7368 description: secretName is the name of secret that contains 7369 Azure Storage Account Name and Key 7370 type: string 7371 shareName: 7372 description: shareName is the azure share Name 7373 type: string 7374 required: 7375 - secretName 7376 - shareName 7377 type: object 7378 cephfs: 7379 description: cephFS represents a Ceph FS mount on the host that 7380 shares a pod's lifetime 7381 properties: 7382 monitors: 7383 description: 'monitors is Required: Monitors is a collection 7384 of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7385 items: 7386 type: string 7387 type: array 7388 path: 7389 description: 'path is Optional: Used as the mounted root, 7390 rather than the full Ceph tree, default is /' 7391 type: string 7392 readOnly: 7393 description: 'readOnly is Optional: Defaults to false (read/write). 7394 ReadOnly here will force the ReadOnly setting in VolumeMounts. 7395 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7396 type: boolean 7397 secretFile: 7398 description: 'secretFile is Optional: SecretFile is the 7399 path to key ring for User, default is /etc/ceph/user.secret 7400 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7401 type: string 7402 secretRef: 7403 description: 'secretRef is Optional: SecretRef is reference 7404 to the authentication secret for User, default is empty. 7405 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7406 properties: 7407 name: 7408 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7409 TODO: Add other useful fields. apiVersion, kind, uid?' 7410 type: string 7411 type: object 7412 x-kubernetes-map-type: atomic 7413 user: 7414 description: 'user is optional: User is the rados user name, 7415 default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7416 type: string 7417 required: 7418 - monitors 7419 type: object 7420 cinder: 7421 description: 'cinder represents a cinder volume attached and 7422 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7423 properties: 7424 fsType: 7425 description: 'fsType is the filesystem type to mount. Must 7426 be a filesystem type supported by the host operating system. 7427 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to 7428 be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7429 type: string 7430 readOnly: 7431 description: 'readOnly defaults to false (read/write). ReadOnly 7432 here will force the ReadOnly setting in VolumeMounts. 7433 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7434 type: boolean 7435 secretRef: 7436 description: 'secretRef is optional: points to a secret 7437 object containing parameters used to connect to OpenStack.' 7438 properties: 7439 name: 7440 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7441 TODO: Add other useful fields. apiVersion, kind, uid?' 7442 type: string 7443 type: object 7444 x-kubernetes-map-type: atomic 7445 volumeID: 7446 description: 'volumeID used to identify the volume in cinder. 7447 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7448 type: string 7449 required: 7450 - volumeID 7451 type: object 7452 configMap: 7453 description: configMap represents a configMap that should populate 7454 this volume 7455 properties: 7456 defaultMode: 7457 description: 'defaultMode is optional: mode bits used to 7458 set permissions on created files by default. Must be an 7459 octal value between 0000 and 0777 or a decimal value between 7460 0 and 511. YAML accepts both octal and decimal values, 7461 JSON requires decimal values for mode bits. Defaults to 7462 0644. Directories within the path are not affected by 7463 this setting. This might be in conflict with other options 7464 that affect the file mode, like fsGroup, and the result 7465 can be other mode bits set.' 7466 format: int32 7467 type: integer 7468 items: 7469 description: items if unspecified, each key-value pair in 7470 the Data field of the referenced ConfigMap will be projected 7471 into the volume as a file whose name is the key and content 7472 is the value. If specified, the listed keys will be projected 7473 into the specified paths, and unlisted keys will not be 7474 present. If a key is specified which is not present in 7475 the ConfigMap, the volume setup will error unless it is 7476 marked optional. Paths must be relative and may not contain 7477 the '..' path or start with '..'. 7478 items: 7479 description: Maps a string key to a path within a volume. 7480 properties: 7481 key: 7482 description: key is the key to project. 7483 type: string 7484 mode: 7485 description: 'mode is Optional: mode bits used to 7486 set permissions on this file. Must be an octal value 7487 between 0000 and 0777 or a decimal value between 7488 0 and 511. YAML accepts both octal and decimal values, 7489 JSON requires decimal values for mode bits. If not 7490 specified, the volume defaultMode will be used. 7491 This might be in conflict with other options that 7492 affect the file mode, like fsGroup, and the result 7493 can be other mode bits set.' 7494 format: int32 7495 type: integer 7496 path: 7497 description: path is the relative path of the file 7498 to map the key to. May not be an absolute path. 7499 May not contain the path element '..'. May not start 7500 with the string '..'. 7501 type: string 7502 required: 7503 - key 7504 - path 7505 type: object 7506 type: array 7507 name: 7508 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7509 TODO: Add other useful fields. apiVersion, kind, uid?' 7510 type: string 7511 optional: 7512 description: optional specify whether the ConfigMap or its 7513 keys must be defined 7514 type: boolean 7515 type: object 7516 x-kubernetes-map-type: atomic 7517 csi: 7518 description: csi (Container Storage Interface) represents ephemeral 7519 storage that is handled by certain external CSI drivers (Beta 7520 feature). 7521 properties: 7522 driver: 7523 description: driver is the name of the CSI driver that handles 7524 this volume. Consult with your admin for the correct name 7525 as registered in the cluster. 7526 type: string 7527 fsType: 7528 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". 7529 If not provided, the empty value is passed to the associated 7530 CSI driver which will determine the default filesystem 7531 to apply. 7532 type: string 7533 nodePublishSecretRef: 7534 description: nodePublishSecretRef is a reference to the 7535 secret object containing sensitive information to pass 7536 to the CSI driver to complete the CSI NodePublishVolume 7537 and NodeUnpublishVolume calls. This field is optional, 7538 and may be empty if no secret is required. If the secret 7539 object contains more than one secret, all secret references 7540 are passed. 7541 properties: 7542 name: 7543 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7544 TODO: Add other useful fields. apiVersion, kind, uid?' 7545 type: string 7546 type: object 7547 x-kubernetes-map-type: atomic 7548 readOnly: 7549 description: readOnly specifies a read-only configuration 7550 for the volume. Defaults to false (read/write). 7551 type: boolean 7552 volumeAttributes: 7553 additionalProperties: 7554 type: string 7555 description: volumeAttributes stores driver-specific properties 7556 that are passed to the CSI driver. Consult your driver's 7557 documentation for supported values. 7558 type: object 7559 required: 7560 - driver 7561 type: object 7562 downwardAPI: 7563 description: downwardAPI represents downward API about the pod 7564 that should populate this volume 7565 properties: 7566 defaultMode: 7567 description: 'Optional: mode bits to use on created files 7568 by default. Must be a Optional: mode bits used to set 7569 permissions on created files by default. Must be an octal 7570 value between 0000 and 0777 or a decimal value between 7571 0 and 511. YAML accepts both octal and decimal values, 7572 JSON requires decimal values for mode bits. Defaults to 7573 0644. Directories within the path are not affected by 7574 this setting. This might be in conflict with other options 7575 that affect the file mode, like fsGroup, and the result 7576 can be other mode bits set.' 7577 format: int32 7578 type: integer 7579 items: 7580 description: Items is a list of downward API volume file 7581 items: 7582 description: DownwardAPIVolumeFile represents information 7583 to create the file containing the pod field 7584 properties: 7585 fieldRef: 7586 description: 'Required: Selects a field of the pod: 7587 only annotations, labels, name and namespace are 7588 supported.' 7589 properties: 7590 apiVersion: 7591 description: Version of the schema the FieldPath 7592 is written in terms of, defaults to "v1". 7593 type: string 7594 fieldPath: 7595 description: Path of the field to select in the 7596 specified API version. 7597 type: string 7598 required: 7599 - fieldPath 7600 type: object 7601 x-kubernetes-map-type: atomic 7602 mode: 7603 description: 'Optional: mode bits used to set permissions 7604 on this file, must be an octal value between 0000 7605 and 0777 or a decimal value between 0 and 511. YAML 7606 accepts both octal and decimal values, JSON requires 7607 decimal values for mode bits. If not specified, 7608 the volume defaultMode will be used. This might 7609 be in conflict with other options that affect the 7610 file mode, like fsGroup, and the result can be other 7611 mode bits set.' 7612 format: int32 7613 type: integer 7614 path: 7615 description: 'Required: Path is the relative path 7616 name of the file to be created. Must not be absolute 7617 or contain the ''..'' path. Must be utf-8 encoded. 7618 The first item of the relative path must not start 7619 with ''..''' 7620 type: string 7621 resourceFieldRef: 7622 description: 'Selects a resource of the container: 7623 only resources limits and requests (limits.cpu, 7624 limits.memory, requests.cpu and requests.memory) 7625 are currently supported.' 7626 properties: 7627 containerName: 7628 description: 'Container name: required for volumes, 7629 optional for env vars' 7630 type: string 7631 divisor: 7632 anyOf: 7633 - type: integer 7634 - type: string 7635 description: Specifies the output format of the 7636 exposed resources, defaults to "1" 7637 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7638 x-kubernetes-int-or-string: true 7639 resource: 7640 description: 'Required: resource to select' 7641 type: string 7642 required: 7643 - resource 7644 type: object 7645 x-kubernetes-map-type: atomic 7646 required: 7647 - path 7648 type: object 7649 type: array 7650 type: object 7651 emptyDir: 7652 description: 'emptyDir represents a temporary directory that 7653 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7654 properties: 7655 medium: 7656 description: 'medium represents what type of storage medium 7657 should back this directory. The default is "" which means 7658 to use the node''s default medium. Must be an empty string 7659 (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7660 type: string 7661 sizeLimit: 7662 anyOf: 7663 - type: integer 7664 - type: string 7665 description: 'sizeLimit is the total amount of local storage 7666 required for this EmptyDir volume. The size limit is also 7667 applicable for memory medium. The maximum usage on memory 7668 medium EmptyDir would be the minimum value between the 7669 SizeLimit specified here and the sum of memory limits 7670 of all containers in a pod. The default is nil which means 7671 that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 7672 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7673 x-kubernetes-int-or-string: true 7674 type: object 7675 ephemeral: 7676 description: "ephemeral represents a volume that is handled 7677 by a cluster storage driver. The volume's lifecycle is tied 7678 to the pod that defines it - it will be created before the 7679 pod starts, and deleted when the pod is removed. \n Use this 7680 if: a) the volume is only needed while the pod runs, b) features 7681 of normal volumes like restoring from snapshot or capacity 7682 tracking are needed, c) the storage driver is specified through 7683 a storage class, and d) the storage driver supports dynamic 7684 volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource 7685 for more information on the connection between this volume 7686 type and PersistentVolumeClaim). \n Use PersistentVolumeClaim 7687 or one of the vendor-specific APIs for volumes that persist 7688 for longer than the lifecycle of an individual pod. \n Use 7689 CSI for light-weight local ephemeral volumes if the CSI driver 7690 is meant to be used that way - see the documentation of the 7691 driver for more information. \n A pod can use both types of 7692 ephemeral volumes and persistent volumes at the same time." 7693 properties: 7694 volumeClaimTemplate: 7695 description: "Will be used to create a stand-alone PVC to 7696 provision the volume. The pod in which this EphemeralVolumeSource 7697 is embedded will be the owner of the PVC, i.e. the PVC 7698 will be deleted together with the pod. The name of the 7699 PVC will be `<pod name>-<volume name>` where `<volume 7700 name>` is the name from the `PodSpec.Volumes` array entry. 7701 Pod validation will reject the pod if the concatenated 7702 name is not valid for a PVC (for example, too long). \n 7703 An existing PVC with that name that is not owned by the 7704 pod will *not* be used for the pod to avoid using an unrelated 7705 volume by mistake. Starting the pod is then blocked until 7706 the unrelated PVC is removed. If such a pre-created PVC 7707 is meant to be used by the pod, the PVC has to updated 7708 with an owner reference to the pod once the pod exists. 7709 Normally this should not be necessary, but it may be useful 7710 when manually reconstructing a broken cluster. \n This 7711 field is read-only and no changes will be made by Kubernetes 7712 to the PVC after it has been created. \n Required, must 7713 not be nil." 7714 properties: 7715 metadata: 7716 description: May contain labels and annotations that 7717 will be copied into the PVC when creating it. No other 7718 fields are allowed and will be rejected during validation. 7719 type: object 7720 spec: 7721 description: The specification for the PersistentVolumeClaim. 7722 The entire content is copied unchanged into the PVC 7723 that gets created from this template. The same fields 7724 as in a PersistentVolumeClaim are also valid here. 7725 properties: 7726 accessModes: 7727 description: 'accessModes contains the desired access 7728 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 7729 items: 7730 type: string 7731 type: array 7732 dataSource: 7733 description: 'dataSource field can be used to specify 7734 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 7735 * An existing PVC (PersistentVolumeClaim) If the 7736 provisioner or an external controller can support 7737 the specified data source, it will create a new 7738 volume based on the contents of the specified 7739 data source. When the AnyVolumeDataSource feature 7740 gate is enabled, dataSource contents will be copied 7741 to dataSourceRef, and dataSourceRef contents will 7742 be copied to dataSource when dataSourceRef.namespace 7743 is not specified. If the namespace is specified, 7744 then dataSourceRef will not be copied to dataSource.' 7745 properties: 7746 apiGroup: 7747 description: APIGroup is the group for the resource 7748 being referenced. If APIGroup is not specified, 7749 the specified Kind must be in the core API 7750 group. For any other third-party types, APIGroup 7751 is required. 7752 type: string 7753 kind: 7754 description: Kind is the type of resource being 7755 referenced 7756 type: string 7757 name: 7758 description: Name is the name of resource being 7759 referenced 7760 type: string 7761 required: 7762 - kind 7763 - name 7764 type: object 7765 x-kubernetes-map-type: atomic 7766 dataSourceRef: 7767 description: 'dataSourceRef specifies the object 7768 from which to populate the volume with data, if 7769 a non-empty volume is desired. This may be any 7770 object from a non-empty API group (non core object) 7771 or a PersistentVolumeClaim object. When this field 7772 is specified, volume binding will only succeed 7773 if the type of the specified object matches some 7774 installed volume populator or dynamic provisioner. 7775 This field will replace the functionality of the 7776 dataSource field and as such if both fields are 7777 non-empty, they must have the same value. For 7778 backwards compatibility, when namespace isn''t 7779 specified in dataSourceRef, both fields (dataSource 7780 and dataSourceRef) will be set to the same value 7781 automatically if one of them is empty and the 7782 other is non-empty. When namespace is specified 7783 in dataSourceRef, dataSource isn''t set to the 7784 same value and must be empty. There are three 7785 important differences between dataSource and dataSourceRef: 7786 * While dataSource only allows two specific types 7787 of objects, dataSourceRef allows any non-core 7788 object, as well as PersistentVolumeClaim objects. 7789 * While dataSource ignores disallowed values (dropping 7790 them), dataSourceRef preserves all values, and 7791 generates an error if a disallowed value is specified. 7792 * While dataSource only allows local objects, 7793 dataSourceRef allows objects in any namespaces. 7794 (Beta) Using this field requires the AnyVolumeDataSource 7795 feature gate to be enabled. (Alpha) Using the 7796 namespace field of dataSourceRef requires the 7797 CrossNamespaceVolumeDataSource feature gate to 7798 be enabled.' 7799 properties: 7800 apiGroup: 7801 description: APIGroup is the group for the resource 7802 being referenced. If APIGroup is not specified, 7803 the specified Kind must be in the core API 7804 group. For any other third-party types, APIGroup 7805 is required. 7806 type: string 7807 kind: 7808 description: Kind is the type of resource being 7809 referenced 7810 type: string 7811 name: 7812 description: Name is the name of resource being 7813 referenced 7814 type: string 7815 namespace: 7816 description: Namespace is the namespace of resource 7817 being referenced Note that when a namespace 7818 is specified, a gateway.networking.k8s.io/ReferenceGrant 7819 object is required in the referent namespace 7820 to allow that namespace's owner to accept 7821 the reference. See the ReferenceGrant documentation 7822 for details. (Alpha) This field requires the 7823 CrossNamespaceVolumeDataSource feature gate 7824 to be enabled. 7825 type: string 7826 required: 7827 - kind 7828 - name 7829 type: object 7830 resources: 7831 description: 'resources represents the minimum resources 7832 the volume should have. If RecoverVolumeExpansionFailure 7833 feature is enabled users are allowed to specify 7834 resource requirements that are lower than previous 7835 value but must still be higher than capacity recorded 7836 in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7837 properties: 7838 claims: 7839 description: "Claims lists the names of resources, 7840 defined in spec.resourceClaims, that are used 7841 by this container. \n This is an alpha field 7842 and requires enabling the DynamicResourceAllocation 7843 feature gate. \n This field is immutable." 7844 items: 7845 description: ResourceClaim references one 7846 entry in PodSpec.ResourceClaims. 7847 properties: 7848 name: 7849 description: Name must match the name 7850 of one entry in pod.spec.resourceClaims 7851 of the Pod where this field is used. 7852 It makes that resource available inside 7853 a container. 7854 type: string 7855 required: 7856 - name 7857 type: object 7858 type: array 7859 x-kubernetes-list-map-keys: 7860 - name 7861 x-kubernetes-list-type: map 7862 limits: 7863 additionalProperties: 7864 anyOf: 7865 - type: integer 7866 - type: string 7867 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7868 x-kubernetes-int-or-string: true 7869 description: 'Limits describes the maximum amount 7870 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7871 type: object 7872 requests: 7873 additionalProperties: 7874 anyOf: 7875 - type: integer 7876 - type: string 7877 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7878 x-kubernetes-int-or-string: true 7879 description: 'Requests describes the minimum 7880 amount of compute resources required. If Requests 7881 is omitted for a container, it defaults to 7882 Limits if that is explicitly specified, otherwise 7883 to an implementation-defined value. More info: 7884 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7885 type: object 7886 type: object 7887 selector: 7888 description: selector is a label query over volumes 7889 to consider for binding. 7890 properties: 7891 matchExpressions: 7892 description: matchExpressions is a list of label 7893 selector requirements. The requirements are 7894 ANDed. 7895 items: 7896 description: A label selector requirement 7897 is a selector that contains values, a key, 7898 and an operator that relates the key and 7899 values. 7900 properties: 7901 key: 7902 description: key is the label key that 7903 the selector applies to. 7904 type: string 7905 operator: 7906 description: operator represents a key's 7907 relationship to a set of values. Valid 7908 operators are In, NotIn, Exists and 7909 DoesNotExist. 7910 type: string 7911 values: 7912 description: values is an array of string 7913 values. If the operator is In or NotIn, 7914 the values array must be non-empty. 7915 If the operator is Exists or DoesNotExist, 7916 the values array must be empty. This 7917 array is replaced during a strategic 7918 merge patch. 7919 items: 7920 type: string 7921 type: array 7922 required: 7923 - key 7924 - operator 7925 type: object 7926 type: array 7927 matchLabels: 7928 additionalProperties: 7929 type: string 7930 description: matchLabels is a map of {key,value} 7931 pairs. A single {key,value} in the matchLabels 7932 map is equivalent to an element of matchExpressions, 7933 whose key field is "key", the operator is 7934 "In", and the values array contains only "value". 7935 The requirements are ANDed. 7936 type: object 7937 type: object 7938 x-kubernetes-map-type: atomic 7939 storageClassName: 7940 description: 'storageClassName is the name of the 7941 StorageClass required by the claim. More info: 7942 https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7943 type: string 7944 volumeMode: 7945 description: volumeMode defines what type of volume 7946 is required by the claim. Value of Filesystem 7947 is implied when not included in claim spec. 7948 type: string 7949 volumeName: 7950 description: volumeName is the binding reference 7951 to the PersistentVolume backing this claim. 7952 type: string 7953 type: object 7954 required: 7955 - spec 7956 type: object 7957 type: object 7958 fc: 7959 description: fc represents a Fibre Channel resource that is 7960 attached to a kubelet's host machine and then exposed to the 7961 pod. 7962 properties: 7963 fsType: 7964 description: 'fsType is the filesystem type to mount. Must 7965 be a filesystem type supported by the host operating system. 7966 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 7967 if unspecified. TODO: how do we prevent errors in the 7968 filesystem from compromising the machine' 7969 type: string 7970 lun: 7971 description: 'lun is Optional: FC target lun number' 7972 format: int32 7973 type: integer 7974 readOnly: 7975 description: 'readOnly is Optional: Defaults to false (read/write). 7976 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 7977 type: boolean 7978 targetWWNs: 7979 description: 'targetWWNs is Optional: FC target worldwide 7980 names (WWNs)' 7981 items: 7982 type: string 7983 type: array 7984 wwids: 7985 description: 'wwids Optional: FC volume world wide identifiers 7986 (wwids) Either wwids or combination of targetWWNs and 7987 lun must be set, but not both simultaneously.' 7988 items: 7989 type: string 7990 type: array 7991 type: object 7992 flexVolume: 7993 description: flexVolume represents a generic volume resource 7994 that is provisioned/attached using an exec based plugin. 7995 properties: 7996 driver: 7997 description: driver is the name of the driver to use for 7998 this volume. 7999 type: string 8000 fsType: 8001 description: fsType is the filesystem type to mount. Must 8002 be a filesystem type supported by the host operating system. 8003 Ex. "ext4", "xfs", "ntfs". The default filesystem depends 8004 on FlexVolume script. 8005 type: string 8006 options: 8007 additionalProperties: 8008 type: string 8009 description: 'options is Optional: this field holds extra 8010 command options if any.' 8011 type: object 8012 readOnly: 8013 description: 'readOnly is Optional: defaults to false (read/write). 8014 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 8015 type: boolean 8016 secretRef: 8017 description: 'secretRef is Optional: secretRef is reference 8018 to the secret object containing sensitive information 8019 to pass to the plugin scripts. This may be empty if no 8020 secret object is specified. If the secret object contains 8021 more than one secret, all secrets are passed to the plugin 8022 scripts.' 8023 properties: 8024 name: 8025 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8026 TODO: Add other useful fields. apiVersion, kind, uid?' 8027 type: string 8028 type: object 8029 x-kubernetes-map-type: atomic 8030 required: 8031 - driver 8032 type: object 8033 flocker: 8034 description: flocker represents a Flocker volume attached to 8035 a kubelet's host machine. This depends on the Flocker control 8036 service being running 8037 properties: 8038 datasetName: 8039 description: datasetName is Name of the dataset stored as 8040 metadata -> name on the dataset for Flocker should be 8041 considered as deprecated 8042 type: string 8043 datasetUUID: 8044 description: datasetUUID is the UUID of the dataset. This 8045 is unique identifier of a Flocker dataset 8046 type: string 8047 type: object 8048 gcePersistentDisk: 8049 description: 'gcePersistentDisk represents a GCE Disk resource 8050 that is attached to a kubelet''s host machine and then exposed 8051 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8052 properties: 8053 fsType: 8054 description: 'fsType is filesystem type of the volume that 8055 you want to mount. Tip: Ensure that the filesystem type 8056 is supported by the host operating system. Examples: "ext4", 8057 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8058 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 8059 TODO: how do we prevent errors in the filesystem from 8060 compromising the machine' 8061 type: string 8062 partition: 8063 description: 'partition is the partition in the volume that 8064 you want to mount. If omitted, the default is to mount 8065 by volume name. Examples: For volume /dev/sda1, you specify 8066 the partition as "1". Similarly, the volume partition 8067 for /dev/sda is "0" (or you can leave the property empty). 8068 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8069 format: int32 8070 type: integer 8071 pdName: 8072 description: 'pdName is unique name of the PD resource in 8073 GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8074 type: string 8075 readOnly: 8076 description: 'readOnly here will force the ReadOnly setting 8077 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 8078 type: boolean 8079 required: 8080 - pdName 8081 type: object 8082 gitRepo: 8083 description: 'gitRepo represents a git repository at a particular 8084 revision. DEPRECATED: GitRepo is deprecated. To provision 8085 a container with a git repo, mount an EmptyDir into an InitContainer 8086 that clones the repo using git, then mount the EmptyDir into 8087 the Pod''s container.' 8088 properties: 8089 directory: 8090 description: directory is the target directory name. Must 8091 not contain or start with '..'. If '.' is supplied, the 8092 volume directory will be the git repository. Otherwise, 8093 if specified, the volume will contain the git repository 8094 in the subdirectory with the given name. 8095 type: string 8096 repository: 8097 description: repository is the URL 8098 type: string 8099 revision: 8100 description: revision is the commit hash for the specified 8101 revision. 8102 type: string 8103 required: 8104 - repository 8105 type: object 8106 glusterfs: 8107 description: 'glusterfs represents a Glusterfs mount on the 8108 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 8109 properties: 8110 endpoints: 8111 description: 'endpoints is the endpoint name that details 8112 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8113 type: string 8114 path: 8115 description: 'path is the Glusterfs volume path. More info: 8116 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8117 type: string 8118 readOnly: 8119 description: 'readOnly here will force the Glusterfs volume 8120 to be mounted with read-only permissions. Defaults to 8121 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 8122 type: boolean 8123 required: 8124 - endpoints 8125 - path 8126 type: object 8127 hostPath: 8128 description: 'hostPath represents a pre-existing file or directory 8129 on the host machine that is directly exposed to the container. 8130 This is generally used for system agents or other privileged 8131 things that are allowed to see the host machine. Most containers 8132 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 8133 --- TODO(jonesdl) We need to restrict who can use host directory 8134 mounts and who can/can not mount host directories as read/write.' 8135 properties: 8136 path: 8137 description: 'path of the directory on the host. If the 8138 path is a symlink, it will follow the link to the real 8139 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 8140 type: string 8141 type: 8142 description: 'type for HostPath Volume Defaults to "" More 8143 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 8144 type: string 8145 required: 8146 - path 8147 type: object 8148 iscsi: 8149 description: 'iscsi represents an ISCSI Disk resource that is 8150 attached to a kubelet''s host machine and then exposed to 8151 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 8152 properties: 8153 chapAuthDiscovery: 8154 description: chapAuthDiscovery defines whether support iSCSI 8155 Discovery CHAP authentication 8156 type: boolean 8157 chapAuthSession: 8158 description: chapAuthSession defines whether support iSCSI 8159 Session CHAP authentication 8160 type: boolean 8161 fsType: 8162 description: 'fsType is the filesystem type of the volume 8163 that you want to mount. Tip: Ensure that the filesystem 8164 type is supported by the host operating system. Examples: 8165 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 8166 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 8167 TODO: how do we prevent errors in the filesystem from 8168 compromising the machine' 8169 type: string 8170 initiatorName: 8171 description: initiatorName is the custom iSCSI Initiator 8172 Name. If initiatorName is specified with iscsiInterface 8173 simultaneously, new iSCSI interface <target portal>:<volume 8174 name> will be created for the connection. 8175 type: string 8176 iqn: 8177 description: iqn is the target iSCSI Qualified Name. 8178 type: string 8179 iscsiInterface: 8180 description: iscsiInterface is the interface Name that uses 8181 an iSCSI transport. Defaults to 'default' (tcp). 8182 type: string 8183 lun: 8184 description: lun represents iSCSI Target Lun number. 8185 format: int32 8186 type: integer 8187 portals: 8188 description: portals is the iSCSI Target Portal List. The 8189 portal is either an IP or ip_addr:port if the port is 8190 other than default (typically TCP ports 860 and 3260). 8191 items: 8192 type: string 8193 type: array 8194 readOnly: 8195 description: readOnly here will force the ReadOnly setting 8196 in VolumeMounts. Defaults to false. 8197 type: boolean 8198 secretRef: 8199 description: secretRef is the CHAP Secret for iSCSI target 8200 and initiator authentication 8201 properties: 8202 name: 8203 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8204 TODO: Add other useful fields. apiVersion, kind, uid?' 8205 type: string 8206 type: object 8207 x-kubernetes-map-type: atomic 8208 targetPortal: 8209 description: targetPortal is iSCSI Target Portal. The Portal 8210 is either an IP or ip_addr:port if the port is other than 8211 default (typically TCP ports 860 and 3260). 8212 type: string 8213 required: 8214 - iqn 8215 - lun 8216 - targetPortal 8217 type: object 8218 name: 8219 description: 'name of the volume. Must be a DNS_LABEL and unique 8220 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 8221 type: string 8222 nfs: 8223 description: 'nfs represents an NFS mount on the host that shares 8224 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8225 properties: 8226 path: 8227 description: 'path that is exported by the NFS server. More 8228 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8229 type: string 8230 readOnly: 8231 description: 'readOnly here will force the NFS export to 8232 be mounted with read-only permissions. Defaults to false. 8233 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8234 type: boolean 8235 server: 8236 description: 'server is the hostname or IP address of the 8237 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 8238 type: string 8239 required: 8240 - path 8241 - server 8242 type: object 8243 persistentVolumeClaim: 8244 description: 'persistentVolumeClaimVolumeSource represents a 8245 reference to a PersistentVolumeClaim in the same namespace. 8246 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 8247 properties: 8248 claimName: 8249 description: 'claimName is the name of a PersistentVolumeClaim 8250 in the same namespace as the pod using this volume. More 8251 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 8252 type: string 8253 readOnly: 8254 description: readOnly Will force the ReadOnly setting in 8255 VolumeMounts. Default false. 8256 type: boolean 8257 required: 8258 - claimName 8259 type: object 8260 photonPersistentDisk: 8261 description: photonPersistentDisk represents a PhotonController 8262 persistent disk attached and mounted on kubelets host machine 8263 properties: 8264 fsType: 8265 description: fsType is the filesystem type to mount. Must 8266 be a filesystem type supported by the host operating system. 8267 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 8268 if unspecified. 8269 type: string 8270 pdID: 8271 description: pdID is the ID that identifies Photon Controller 8272 persistent disk 8273 type: string 8274 required: 8275 - pdID 8276 type: object 8277 portworxVolume: 8278 description: portworxVolume represents a portworx volume attached 8279 and mounted on kubelets host machine 8280 properties: 8281 fsType: 8282 description: fSType represents the filesystem type to mount 8283 Must be a filesystem type supported by the host operating 8284 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 8285 if unspecified. 8286 type: string 8287 readOnly: 8288 description: readOnly defaults to false (read/write). ReadOnly 8289 here will force the ReadOnly setting in VolumeMounts. 8290 type: boolean 8291 volumeID: 8292 description: volumeID uniquely identifies a Portworx volume 8293 type: string 8294 required: 8295 - volumeID 8296 type: object 8297 projected: 8298 description: projected items for all in one resources secrets, 8299 configmaps, and downward API 8300 properties: 8301 defaultMode: 8302 description: defaultMode are the mode bits used to set permissions 8303 on created files by default. Must be an octal value between 8304 0000 and 0777 or a decimal value between 0 and 511. YAML 8305 accepts both octal and decimal values, JSON requires decimal 8306 values for mode bits. Directories within the path are 8307 not affected by this setting. This might be in conflict 8308 with other options that affect the file mode, like fsGroup, 8309 and the result can be other mode bits set. 8310 format: int32 8311 type: integer 8312 sources: 8313 description: sources is the list of volume projections 8314 items: 8315 description: Projection that may be projected along with 8316 other supported volume types 8317 properties: 8318 configMap: 8319 description: configMap information about the configMap 8320 data to project 8321 properties: 8322 items: 8323 description: items if unspecified, each key-value 8324 pair in the Data field of the referenced ConfigMap 8325 will be projected into the volume as a file 8326 whose name is the key and content is the value. 8327 If specified, the listed keys will be projected 8328 into the specified paths, and unlisted keys 8329 will not be present. If a key is specified which 8330 is not present in the ConfigMap, the volume 8331 setup will error unless it is marked optional. 8332 Paths must be relative and may not contain the 8333 '..' path or start with '..'. 8334 items: 8335 description: Maps a string key to a path within 8336 a volume. 8337 properties: 8338 key: 8339 description: key is the key to project. 8340 type: string 8341 mode: 8342 description: 'mode is Optional: mode bits 8343 used to set permissions on this file. 8344 Must be an octal value between 0000 and 8345 0777 or a decimal value between 0 and 8346 511. YAML accepts both octal and decimal 8347 values, JSON requires decimal values for 8348 mode bits. If not specified, the volume 8349 defaultMode will be used. This might be 8350 in conflict with other options that affect 8351 the file mode, like fsGroup, and the result 8352 can be other mode bits set.' 8353 format: int32 8354 type: integer 8355 path: 8356 description: path is the relative path of 8357 the file to map the key to. May not be 8358 an absolute path. May not contain the 8359 path element '..'. May not start with 8360 the string '..'. 8361 type: string 8362 required: 8363 - key 8364 - path 8365 type: object 8366 type: array 8367 name: 8368 description: 'Name of the referent. More info: 8369 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8370 TODO: Add other useful fields. apiVersion, kind, 8371 uid?' 8372 type: string 8373 optional: 8374 description: optional specify whether the ConfigMap 8375 or its keys must be defined 8376 type: boolean 8377 type: object 8378 x-kubernetes-map-type: atomic 8379 downwardAPI: 8380 description: downwardAPI information about the downwardAPI 8381 data to project 8382 properties: 8383 items: 8384 description: Items is a list of DownwardAPIVolume 8385 file 8386 items: 8387 description: DownwardAPIVolumeFile represents 8388 information to create the file containing 8389 the pod field 8390 properties: 8391 fieldRef: 8392 description: 'Required: Selects a field 8393 of the pod: only annotations, labels, 8394 name and namespace are supported.' 8395 properties: 8396 apiVersion: 8397 description: Version of the schema the 8398 FieldPath is written in terms of, 8399 defaults to "v1". 8400 type: string 8401 fieldPath: 8402 description: Path of the field to select 8403 in the specified API version. 8404 type: string 8405 required: 8406 - fieldPath 8407 type: object 8408 x-kubernetes-map-type: atomic 8409 mode: 8410 description: 'Optional: mode bits used to 8411 set permissions on this file, must be 8412 an octal value between 0000 and 0777 or 8413 a decimal value between 0 and 511. YAML 8414 accepts both octal and decimal values, 8415 JSON requires decimal values for mode 8416 bits. If not specified, the volume defaultMode 8417 will be used. This might be in conflict 8418 with other options that affect the file 8419 mode, like fsGroup, and the result can 8420 be other mode bits set.' 8421 format: int32 8422 type: integer 8423 path: 8424 description: 'Required: Path is the relative 8425 path name of the file to be created. Must 8426 not be absolute or contain the ''..'' 8427 path. Must be utf-8 encoded. The first 8428 item of the relative path must not start 8429 with ''..''' 8430 type: string 8431 resourceFieldRef: 8432 description: 'Selects a resource of the 8433 container: only resources limits and requests 8434 (limits.cpu, limits.memory, requests.cpu 8435 and requests.memory) are currently supported.' 8436 properties: 8437 containerName: 8438 description: 'Container name: required 8439 for volumes, optional for env vars' 8440 type: string 8441 divisor: 8442 anyOf: 8443 - type: integer 8444 - type: string 8445 description: Specifies the output format 8446 of the exposed resources, defaults 8447 to "1" 8448 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8449 x-kubernetes-int-or-string: true 8450 resource: 8451 description: 'Required: resource to 8452 select' 8453 type: string 8454 required: 8455 - resource 8456 type: object 8457 x-kubernetes-map-type: atomic 8458 required: 8459 - path 8460 type: object 8461 type: array 8462 type: object 8463 secret: 8464 description: secret information about the secret data 8465 to project 8466 properties: 8467 items: 8468 description: items if unspecified, each key-value 8469 pair in the Data field of the referenced Secret 8470 will be projected into the volume as a file 8471 whose name is the key and content is the value. 8472 If specified, the listed keys will be projected 8473 into the specified paths, and unlisted keys 8474 will not be present. If a key is specified which 8475 is not present in the Secret, the volume setup 8476 will error unless it is marked optional. Paths 8477 must be relative and may not contain the '..' 8478 path or start with '..'. 8479 items: 8480 description: Maps a string key to a path within 8481 a volume. 8482 properties: 8483 key: 8484 description: key is the key to project. 8485 type: string 8486 mode: 8487 description: 'mode is Optional: mode bits 8488 used to set permissions on this file. 8489 Must be an octal value between 0000 and 8490 0777 or a decimal value between 0 and 8491 511. YAML accepts both octal and decimal 8492 values, JSON requires decimal values for 8493 mode bits. If not specified, the volume 8494 defaultMode will be used. This might be 8495 in conflict with other options that affect 8496 the file mode, like fsGroup, and the result 8497 can be other mode bits set.' 8498 format: int32 8499 type: integer 8500 path: 8501 description: path is the relative path of 8502 the file to map the key to. May not be 8503 an absolute path. May not contain the 8504 path element '..'. May not start with 8505 the string '..'. 8506 type: string 8507 required: 8508 - key 8509 - path 8510 type: object 8511 type: array 8512 name: 8513 description: 'Name of the referent. More info: 8514 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8515 TODO: Add other useful fields. apiVersion, kind, 8516 uid?' 8517 type: string 8518 optional: 8519 description: optional field specify whether the 8520 Secret or its key must be defined 8521 type: boolean 8522 type: object 8523 x-kubernetes-map-type: atomic 8524 serviceAccountToken: 8525 description: serviceAccountToken is information about 8526 the serviceAccountToken data to project 8527 properties: 8528 audience: 8529 description: audience is the intended audience 8530 of the token. A recipient of a token must identify 8531 itself with an identifier specified in the audience 8532 of the token, and otherwise should reject the 8533 token. The audience defaults to the identifier 8534 of the apiserver. 8535 type: string 8536 expirationSeconds: 8537 description: expirationSeconds is the requested 8538 duration of validity of the service account 8539 token. As the token approaches expiration, the 8540 kubelet volume plugin will proactively rotate 8541 the service account token. The kubelet will 8542 start trying to rotate the token if the token 8543 is older than 80 percent of its time to live 8544 or if the token is older than 24 hours.Defaults 8545 to 1 hour and must be at least 10 minutes. 8546 format: int64 8547 type: integer 8548 path: 8549 description: path is the path relative to the 8550 mount point of the file to project the token 8551 into. 8552 type: string 8553 required: 8554 - path 8555 type: object 8556 type: object 8557 type: array 8558 type: object 8559 quobyte: 8560 description: quobyte represents a Quobyte mount on the host 8561 that shares a pod's lifetime 8562 properties: 8563 group: 8564 description: group to map volume access to Default is no 8565 group 8566 type: string 8567 readOnly: 8568 description: readOnly here will force the Quobyte volume 8569 to be mounted with read-only permissions. Defaults to 8570 false. 8571 type: boolean 8572 registry: 8573 description: registry represents a single or multiple Quobyte 8574 Registry services specified as a string as host:port pair 8575 (multiple entries are separated with commas) which acts 8576 as the central registry for volumes 8577 type: string 8578 tenant: 8579 description: tenant owning the given Quobyte volume in the 8580 Backend Used with dynamically provisioned Quobyte volumes, 8581 value is set by the plugin 8582 type: string 8583 user: 8584 description: user to map volume access to Defaults to serivceaccount 8585 user 8586 type: string 8587 volume: 8588 description: volume is a string that references an already 8589 created Quobyte volume by name. 8590 type: string 8591 required: 8592 - registry 8593 - volume 8594 type: object 8595 rbd: 8596 description: 'rbd represents a Rados Block Device mount on the 8597 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 8598 properties: 8599 fsType: 8600 description: 'fsType is the filesystem type of the volume 8601 that you want to mount. Tip: Ensure that the filesystem 8602 type is supported by the host operating system. Examples: 8603 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 8604 if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 8605 TODO: how do we prevent errors in the filesystem from 8606 compromising the machine' 8607 type: string 8608 image: 8609 description: 'image is the rados image name. More info: 8610 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8611 type: string 8612 keyring: 8613 description: 'keyring is the path to key ring for RBDUser. 8614 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8615 type: string 8616 monitors: 8617 description: 'monitors is a collection of Ceph monitors. 8618 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8619 items: 8620 type: string 8621 type: array 8622 pool: 8623 description: 'pool is the rados pool name. Default is rbd. 8624 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8625 type: string 8626 readOnly: 8627 description: 'readOnly here will force the ReadOnly setting 8628 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8629 type: boolean 8630 secretRef: 8631 description: 'secretRef is name of the authentication secret 8632 for RBDUser. If provided overrides keyring. Default is 8633 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8634 properties: 8635 name: 8636 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8637 TODO: Add other useful fields. apiVersion, kind, uid?' 8638 type: string 8639 type: object 8640 x-kubernetes-map-type: atomic 8641 user: 8642 description: 'user is the rados user name. Default is admin. 8643 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8644 type: string 8645 required: 8646 - image 8647 - monitors 8648 type: object 8649 scaleIO: 8650 description: scaleIO represents a ScaleIO persistent volume 8651 attached and mounted on Kubernetes nodes. 8652 properties: 8653 fsType: 8654 description: fsType is the filesystem type to mount. Must 8655 be a filesystem type supported by the host operating system. 8656 Ex. "ext4", "xfs", "ntfs". Default is "xfs". 8657 type: string 8658 gateway: 8659 description: gateway is the host address of the ScaleIO 8660 API Gateway. 8661 type: string 8662 protectionDomain: 8663 description: protectionDomain is the name of the ScaleIO 8664 Protection Domain for the configured storage. 8665 type: string 8666 readOnly: 8667 description: readOnly Defaults to false (read/write). ReadOnly 8668 here will force the ReadOnly setting in VolumeMounts. 8669 type: boolean 8670 secretRef: 8671 description: secretRef references to the secret for ScaleIO 8672 user and other sensitive information. If this is not provided, 8673 Login operation will fail. 8674 properties: 8675 name: 8676 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8677 TODO: Add other useful fields. apiVersion, kind, uid?' 8678 type: string 8679 type: object 8680 x-kubernetes-map-type: atomic 8681 sslEnabled: 8682 description: sslEnabled Flag enable/disable SSL communication 8683 with Gateway, default false 8684 type: boolean 8685 storageMode: 8686 description: storageMode indicates whether the storage for 8687 a volume should be ThickProvisioned or ThinProvisioned. 8688 Default is ThinProvisioned. 8689 type: string 8690 storagePool: 8691 description: storagePool is the ScaleIO Storage Pool associated 8692 with the protection domain. 8693 type: string 8694 system: 8695 description: system is the name of the storage system as 8696 configured in ScaleIO. 8697 type: string 8698 volumeName: 8699 description: volumeName is the name of a volume already 8700 created in the ScaleIO system that is associated with 8701 this volume source. 8702 type: string 8703 required: 8704 - gateway 8705 - secretRef 8706 - system 8707 type: object 8708 secret: 8709 description: 'secret represents a secret that should populate 8710 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8711 properties: 8712 defaultMode: 8713 description: 'defaultMode is Optional: mode bits used to 8714 set permissions on created files by default. Must be an 8715 octal value between 0000 and 0777 or a decimal value between 8716 0 and 511. YAML accepts both octal and decimal values, 8717 JSON requires decimal values for mode bits. Defaults to 8718 0644. Directories within the path are not affected by 8719 this setting. This might be in conflict with other options 8720 that affect the file mode, like fsGroup, and the result 8721 can be other mode bits set.' 8722 format: int32 8723 type: integer 8724 items: 8725 description: items If unspecified, each key-value pair in 8726 the Data field of the referenced Secret will be projected 8727 into the volume as a file whose name is the key and content 8728 is the value. If specified, the listed keys will be projected 8729 into the specified paths, and unlisted keys will not be 8730 present. If a key is specified which is not present in 8731 the Secret, the volume setup will error unless it is marked 8732 optional. Paths must be relative and may not contain the 8733 '..' path or start with '..'. 8734 items: 8735 description: Maps a string key to a path within a volume. 8736 properties: 8737 key: 8738 description: key is the key to project. 8739 type: string 8740 mode: 8741 description: 'mode is Optional: mode bits used to 8742 set permissions on this file. Must be an octal value 8743 between 0000 and 0777 or a decimal value between 8744 0 and 511. YAML accepts both octal and decimal values, 8745 JSON requires decimal values for mode bits. If not 8746 specified, the volume defaultMode will be used. 8747 This might be in conflict with other options that 8748 affect the file mode, like fsGroup, and the result 8749 can be other mode bits set.' 8750 format: int32 8751 type: integer 8752 path: 8753 description: path is the relative path of the file 8754 to map the key to. May not be an absolute path. 8755 May not contain the path element '..'. May not start 8756 with the string '..'. 8757 type: string 8758 required: 8759 - key 8760 - path 8761 type: object 8762 type: array 8763 optional: 8764 description: optional field specify whether the Secret or 8765 its keys must be defined 8766 type: boolean 8767 secretName: 8768 description: 'secretName is the name of the secret in the 8769 pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8770 type: string 8771 type: object 8772 storageos: 8773 description: storageOS represents a StorageOS volume attached 8774 and mounted on Kubernetes nodes. 8775 properties: 8776 fsType: 8777 description: fsType is the filesystem type to mount. Must 8778 be a filesystem type supported by the host operating system. 8779 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 8780 if unspecified. 8781 type: string 8782 readOnly: 8783 description: readOnly defaults to false (read/write). ReadOnly 8784 here will force the ReadOnly setting in VolumeMounts. 8785 type: boolean 8786 secretRef: 8787 description: secretRef specifies the secret to use for obtaining 8788 the StorageOS API credentials. If not specified, default 8789 values will be attempted. 8790 properties: 8791 name: 8792 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8793 TODO: Add other useful fields. apiVersion, kind, uid?' 8794 type: string 8795 type: object 8796 x-kubernetes-map-type: atomic 8797 volumeName: 8798 description: volumeName is the human-readable name of the 8799 StorageOS volume. Volume names are only unique within 8800 a namespace. 8801 type: string 8802 volumeNamespace: 8803 description: volumeNamespace specifies the scope of the 8804 volume within StorageOS. If no namespace is specified 8805 then the Pod's namespace will be used. This allows the 8806 Kubernetes name scoping to be mirrored within StorageOS 8807 for tighter integration. Set VolumeName to any name to 8808 override the default behaviour. Set to "default" if you 8809 are not using namespaces within StorageOS. Namespaces 8810 that do not pre-exist within StorageOS will be created. 8811 type: string 8812 type: object 8813 vsphereVolume: 8814 description: vsphereVolume represents a vSphere volume attached 8815 and mounted on kubelets host machine 8816 properties: 8817 fsType: 8818 description: fsType is filesystem type to mount. Must be 8819 a filesystem type supported by the host operating system. 8820 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 8821 if unspecified. 8822 type: string 8823 storagePolicyID: 8824 description: storagePolicyID is the storage Policy Based 8825 Management (SPBM) profile ID associated with the StoragePolicyName. 8826 type: string 8827 storagePolicyName: 8828 description: storagePolicyName is the storage Policy Based 8829 Management (SPBM) profile name. 8830 type: string 8831 volumePath: 8832 description: volumePath is the path that identifies vSphere 8833 volume vmdk 8834 type: string 8835 required: 8836 - volumePath 8837 type: object 8838 required: 8839 - name 8840 type: object 8841 type: array 8842 walCompression: 8843 description: Enable compression of the write-ahead log using Snappy. 8844 This flag is only available in versions of Prometheus >= 2.11.0. 8845 type: boolean 8846 web: 8847 description: Defines the web command line flags when starting Prometheus. 8848 properties: 8849 httpConfig: 8850 description: Defines HTTP parameters for web server. 8851 properties: 8852 headers: 8853 description: List of headers that can be added to HTTP responses. 8854 properties: 8855 contentSecurityPolicy: 8856 description: Set the Content-Security-Policy header to 8857 HTTP responses. Unset if blank. 8858 type: string 8859 strictTransportSecurity: 8860 description: Set the Strict-Transport-Security header 8861 to HTTP responses. Unset if blank. Please make sure 8862 that you use this with care as this header might force 8863 browsers to load Prometheus and the other applications 8864 hosted on the same domain and subdomains over HTTPS. 8865 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security 8866 type: string 8867 xContentTypeOptions: 8868 description: Set the X-Content-Type-Options header to 8869 HTTP responses. Unset if blank. Accepted value is nosniff. 8870 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options 8871 enum: 8872 - "" 8873 - NoSniff 8874 type: string 8875 xFrameOptions: 8876 description: Set the X-Frame-Options header to HTTP responses. 8877 Unset if blank. Accepted values are deny and sameorigin. 8878 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options 8879 enum: 8880 - "" 8881 - Deny 8882 - SameOrigin 8883 type: string 8884 xXSSProtection: 8885 description: Set the X-XSS-Protection header to all responses. 8886 Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection 8887 type: string 8888 type: object 8889 http2: 8890 description: Enable HTTP/2 support. Note that HTTP/2 is only 8891 supported with TLS. When TLSConfig is not configured, HTTP/2 8892 will be disabled. Whenever the value of the field changes, 8893 a rolling update will be triggered. 8894 type: boolean 8895 type: object 8896 maxConnections: 8897 description: Defines the maximum number of simultaneous connections 8898 A zero value means that Prometheus doesn't accept any incoming 8899 connection. 8900 format: int32 8901 minimum: 0 8902 type: integer 8903 pageTitle: 8904 description: The prometheus web page title 8905 type: string 8906 tlsConfig: 8907 description: Defines the TLS parameters for HTTPS. 8908 properties: 8909 cert: 8910 description: Contains the TLS certificate for the server. 8911 properties: 8912 configMap: 8913 description: ConfigMap containing data to use for the 8914 targets. 8915 properties: 8916 key: 8917 description: The key to select. 8918 type: string 8919 name: 8920 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8921 TODO: Add other useful fields. apiVersion, kind, 8922 uid?' 8923 type: string 8924 optional: 8925 description: Specify whether the ConfigMap or its 8926 key must be defined 8927 type: boolean 8928 required: 8929 - key 8930 type: object 8931 x-kubernetes-map-type: atomic 8932 secret: 8933 description: Secret containing data to use for the targets. 8934 properties: 8935 key: 8936 description: The key of the secret to select from. Must 8937 be a valid secret key. 8938 type: string 8939 name: 8940 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8941 TODO: Add other useful fields. apiVersion, kind, 8942 uid?' 8943 type: string 8944 optional: 8945 description: Specify whether the Secret or its key 8946 must be defined 8947 type: boolean 8948 required: 8949 - key 8950 type: object 8951 x-kubernetes-map-type: atomic 8952 type: object 8953 cipherSuites: 8954 description: 'List of supported cipher suites for TLS versions 8955 up to TLS 1.2. If empty, Go default cipher suites are used. 8956 Available cipher suites are documented in the go documentation: 8957 https://golang.org/pkg/crypto/tls/#pkg-constants' 8958 items: 8959 type: string 8960 type: array 8961 client_ca: 8962 description: Contains the CA certificate for client certificate 8963 authentication to the server. 8964 properties: 8965 configMap: 8966 description: ConfigMap containing data to use for the 8967 targets. 8968 properties: 8969 key: 8970 description: The key to select. 8971 type: string 8972 name: 8973 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8974 TODO: Add other useful fields. apiVersion, kind, 8975 uid?' 8976 type: string 8977 optional: 8978 description: Specify whether the ConfigMap or its 8979 key must be defined 8980 type: boolean 8981 required: 8982 - key 8983 type: object 8984 x-kubernetes-map-type: atomic 8985 secret: 8986 description: Secret containing data to use for the targets. 8987 properties: 8988 key: 8989 description: The key of the secret to select from. Must 8990 be a valid secret key. 8991 type: string 8992 name: 8993 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8994 TODO: Add other useful fields. apiVersion, kind, 8995 uid?' 8996 type: string 8997 optional: 8998 description: Specify whether the Secret or its key 8999 must be defined 9000 type: boolean 9001 required: 9002 - key 9003 type: object 9004 x-kubernetes-map-type: atomic 9005 type: object 9006 clientAuthType: 9007 description: 'Server policy for client authentication. Maps 9008 to ClientAuth Policies. For more detail on clientAuth options: 9009 https://golang.org/pkg/crypto/tls/#ClientAuthType' 9010 type: string 9011 curvePreferences: 9012 description: 'Elliptic curves that will be used in an ECDHE 9013 handshake, in preference order. Available curves are documented 9014 in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' 9015 items: 9016 type: string 9017 type: array 9018 keySecret: 9019 description: Secret containing the TLS key for the server. 9020 properties: 9021 key: 9022 description: The key of the secret to select from. Must 9023 be a valid secret key. 9024 type: string 9025 name: 9026 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9027 TODO: Add other useful fields. apiVersion, kind, uid?' 9028 type: string 9029 optional: 9030 description: Specify whether the Secret or its key must 9031 be defined 9032 type: boolean 9033 required: 9034 - key 9035 type: object 9036 x-kubernetes-map-type: atomic 9037 maxVersion: 9038 description: Maximum TLS version that is acceptable. Defaults 9039 to TLS13. 9040 type: string 9041 minVersion: 9042 description: Minimum TLS version that is acceptable. Defaults 9043 to TLS12. 9044 type: string 9045 preferServerCipherSuites: 9046 description: Controls whether the server selects the client's 9047 most preferred cipher suite, or the server's most preferred 9048 cipher suite. If true then the server's preference, as expressed 9049 in the order of elements in cipherSuites, is used. 9050 type: boolean 9051 required: 9052 - cert 9053 - keySecret 9054 type: object 9055 type: object 9056 type: object 9057 status: 9058 description: 'Most recent observed status of the Prometheus cluster. Read-only. 9059 More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 9060 properties: 9061 availableReplicas: 9062 description: Total number of available pods (ready for at least minReadySeconds) 9063 targeted by this Prometheus deployment. 9064 format: int32 9065 type: integer 9066 conditions: 9067 description: The current state of the Prometheus deployment. 9068 items: 9069 description: Condition represents the state of the resources associated 9070 with the Prometheus or Alertmanager resource. 9071 properties: 9072 lastTransitionTime: 9073 description: lastTransitionTime is the time of the last update 9074 to the current status property. 9075 format: date-time 9076 type: string 9077 message: 9078 description: Human-readable message indicating details for the 9079 condition's last transition. 9080 type: string 9081 observedGeneration: 9082 description: ObservedGeneration represents the .metadata.generation 9083 that the condition was set based upon. For instance, if `.metadata.generation` 9084 is currently 12, but the `.status.conditions[].observedGeneration` 9085 is 9, the condition is out of date with respect to the current 9086 state of the instance. 9087 format: int64 9088 type: integer 9089 reason: 9090 description: Reason for the condition's last transition. 9091 type: string 9092 status: 9093 description: Status of the condition. 9094 type: string 9095 type: 9096 description: Type of the condition being reported. 9097 type: string 9098 required: 9099 - lastTransitionTime 9100 - status 9101 - type 9102 type: object 9103 type: array 9104 x-kubernetes-list-map-keys: 9105 - type 9106 x-kubernetes-list-type: map 9107 paused: 9108 description: Represents whether any actions on the underlying managed 9109 objects are being performed. Only delete actions will be performed. 9110 type: boolean 9111 replicas: 9112 description: Total number of non-terminated pods targeted by this 9113 Prometheus deployment (their labels match the selector). 9114 format: int32 9115 type: integer 9116 shardStatuses: 9117 description: The list has one entry per shard. Each entry provides 9118 a summary of the shard status. 9119 items: 9120 properties: 9121 availableReplicas: 9122 description: Total number of available pods (ready for at least 9123 minReadySeconds) targeted by this shard. 9124 format: int32 9125 type: integer 9126 replicas: 9127 description: Total number of pods targeted by this shard. 9128 format: int32 9129 type: integer 9130 shardID: 9131 description: Identifier of the shard. 9132 type: string 9133 unavailableReplicas: 9134 description: Total number of unavailable pods targeted by this 9135 shard. 9136 format: int32 9137 type: integer 9138 updatedReplicas: 9139 description: Total number of non-terminated pods targeted by 9140 this shard that have the desired spec. 9141 format: int32 9142 type: integer 9143 required: 9144 - availableReplicas 9145 - replicas 9146 - shardID 9147 - unavailableReplicas 9148 - updatedReplicas 9149 type: object 9150 type: array 9151 x-kubernetes-list-map-keys: 9152 - shardID 9153 x-kubernetes-list-type: map 9154 unavailableReplicas: 9155 description: Total number of unavailable pods targeted by this Prometheus 9156 deployment. 9157 format: int32 9158 type: integer 9159 updatedReplicas: 9160 description: Total number of non-terminated pods targeted by this 9161 Prometheus deployment that have the desired version spec. 9162 format: int32 9163 type: integer 9164 required: 9165 - availableReplicas 9166 - paused 9167 - replicas 9168 - unavailableReplicas 9169 - updatedReplicas 9170 type: object 9171 required: 9172 - spec 9173 type: object 9174 served: true 9175 storage: true 9176 subresources: 9177 status: {}