k8s.io/perf-tests/clusterloader2@v0.0.0-20240304094227-64bdb12da87e/pkg/prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml (about) 1 apiVersion: apiextensions.k8s.io/v1 2 kind: CustomResourceDefinition 3 metadata: 4 annotations: 5 controller-gen.kubebuilder.io/version: v0.4.1 6 creationTimestamp: null 7 name: prometheuses.monitoring.coreos.com 8 spec: 9 group: monitoring.coreos.com 10 names: 11 kind: Prometheus 12 listKind: PrometheusList 13 plural: prometheuses 14 singular: prometheus 15 scope: Namespaced 16 versions: 17 - additionalPrinterColumns: 18 - description: The version of Prometheus 19 jsonPath: .spec.version 20 name: Version 21 type: string 22 - description: The desired replicas number of Prometheuses 23 jsonPath: .spec.replicas 24 name: Replicas 25 type: integer 26 - jsonPath: .metadata.creationTimestamp 27 name: Age 28 type: date 29 name: v1 30 schema: 31 openAPIV3Schema: 32 description: Prometheus defines a Prometheus deployment. 33 properties: 34 apiVersion: 35 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 36 type: string 37 kind: 38 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 39 type: string 40 metadata: 41 type: object 42 spec: 43 description: 'Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 44 properties: 45 additionalAlertManagerConfigs: 46 description: 'AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.' 47 properties: 48 key: 49 description: The key of the secret to select from. Must be a valid secret key. 50 type: string 51 name: 52 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 53 type: string 54 optional: 55 description: Specify whether the Secret or its key must be defined 56 type: boolean 57 required: 58 - key 59 type: object 60 additionalAlertRelabelConfigs: 61 description: 'AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.' 62 properties: 63 key: 64 description: The key of the secret to select from. Must be a valid secret key. 65 type: string 66 name: 67 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 68 type: string 69 optional: 70 description: Specify whether the Secret or its key must be defined 71 type: boolean 72 required: 73 - key 74 type: object 75 additionalScrapeConfigs: 76 description: 'AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.' 77 properties: 78 key: 79 description: The key of the secret to select from. Must be a valid secret key. 80 type: string 81 name: 82 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 83 type: string 84 optional: 85 description: Specify whether the Secret or its key must be defined 86 type: boolean 87 required: 88 - key 89 type: object 90 affinity: 91 description: If specified, the pod's scheduling constraints. 92 properties: 93 nodeAffinity: 94 description: Describes node affinity scheduling rules for the pod. 95 properties: 96 preferredDuringSchedulingIgnoredDuringExecution: 97 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. 98 items: 99 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). 100 properties: 101 preference: 102 description: A node selector term, associated with the corresponding weight. 103 properties: 104 matchExpressions: 105 description: A list of node selector requirements by node's labels. 106 items: 107 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 108 properties: 109 key: 110 description: The label key that the selector applies to. 111 type: string 112 operator: 113 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 114 type: string 115 values: 116 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. 117 items: 118 type: string 119 type: array 120 required: 121 - key 122 - operator 123 type: object 124 type: array 125 matchFields: 126 description: A list of node selector requirements by node's fields. 127 items: 128 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 129 properties: 130 key: 131 description: The label key that the selector applies to. 132 type: string 133 operator: 134 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 135 type: string 136 values: 137 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. 138 items: 139 type: string 140 type: array 141 required: 142 - key 143 - operator 144 type: object 145 type: array 146 type: object 147 weight: 148 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. 149 format: int32 150 type: integer 151 required: 152 - preference 153 - weight 154 type: object 155 type: array 156 requiredDuringSchedulingIgnoredDuringExecution: 157 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. 158 properties: 159 nodeSelectorTerms: 160 description: Required. A list of node selector terms. The terms are ORed. 161 items: 162 description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. 163 properties: 164 matchExpressions: 165 description: A list of node selector requirements by node's labels. 166 items: 167 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 168 properties: 169 key: 170 description: The label key that the selector applies to. 171 type: string 172 operator: 173 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 174 type: string 175 values: 176 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. 177 items: 178 type: string 179 type: array 180 required: 181 - key 182 - operator 183 type: object 184 type: array 185 matchFields: 186 description: A list of node selector requirements by node's fields. 187 items: 188 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 189 properties: 190 key: 191 description: The label key that the selector applies to. 192 type: string 193 operator: 194 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. 195 type: string 196 values: 197 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. 198 items: 199 type: string 200 type: array 201 required: 202 - key 203 - operator 204 type: object 205 type: array 206 type: object 207 type: array 208 required: 209 - nodeSelectorTerms 210 type: object 211 type: object 212 podAffinity: 213 description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). 214 properties: 215 preferredDuringSchedulingIgnoredDuringExecution: 216 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. 217 items: 218 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) 219 properties: 220 podAffinityTerm: 221 description: Required. A pod affinity term, associated with the corresponding weight. 222 properties: 223 labelSelector: 224 description: A label query over a set of resources, in this case pods. 225 properties: 226 matchExpressions: 227 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 228 items: 229 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 230 properties: 231 key: 232 description: key is the label key that the selector applies to. 233 type: string 234 operator: 235 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 236 type: string 237 values: 238 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 239 items: 240 type: string 241 type: array 242 required: 243 - key 244 - operator 245 type: object 246 type: array 247 matchLabels: 248 additionalProperties: 249 type: string 250 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 251 type: object 252 type: object 253 namespaces: 254 description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" 255 items: 256 type: string 257 type: array 258 topologyKey: 259 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. 260 type: string 261 required: 262 - topologyKey 263 type: object 264 weight: 265 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. 266 format: int32 267 type: integer 268 required: 269 - podAffinityTerm 270 - weight 271 type: object 272 type: array 273 requiredDuringSchedulingIgnoredDuringExecution: 274 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. 275 items: 276 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running 277 properties: 278 labelSelector: 279 description: A label query over a set of resources, in this case pods. 280 properties: 281 matchExpressions: 282 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 283 items: 284 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 285 properties: 286 key: 287 description: key is the label key that the selector applies to. 288 type: string 289 operator: 290 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 291 type: string 292 values: 293 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 294 items: 295 type: string 296 type: array 297 required: 298 - key 299 - operator 300 type: object 301 type: array 302 matchLabels: 303 additionalProperties: 304 type: string 305 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 306 type: object 307 type: object 308 namespaces: 309 description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" 310 items: 311 type: string 312 type: array 313 topologyKey: 314 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. 315 type: string 316 required: 317 - topologyKey 318 type: object 319 type: array 320 type: object 321 podAntiAffinity: 322 description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). 323 properties: 324 preferredDuringSchedulingIgnoredDuringExecution: 325 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. 326 items: 327 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) 328 properties: 329 podAffinityTerm: 330 description: Required. A pod affinity term, associated with the corresponding weight. 331 properties: 332 labelSelector: 333 description: A label query over a set of resources, in this case pods. 334 properties: 335 matchExpressions: 336 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 337 items: 338 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 339 properties: 340 key: 341 description: key is the label key that the selector applies to. 342 type: string 343 operator: 344 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 345 type: string 346 values: 347 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 348 items: 349 type: string 350 type: array 351 required: 352 - key 353 - operator 354 type: object 355 type: array 356 matchLabels: 357 additionalProperties: 358 type: string 359 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 360 type: object 361 type: object 362 namespaces: 363 description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" 364 items: 365 type: string 366 type: array 367 topologyKey: 368 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. 369 type: string 370 required: 371 - topologyKey 372 type: object 373 weight: 374 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. 375 format: int32 376 type: integer 377 required: 378 - podAffinityTerm 379 - weight 380 type: object 381 type: array 382 requiredDuringSchedulingIgnoredDuringExecution: 383 description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. 384 items: 385 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running 386 properties: 387 labelSelector: 388 description: A label query over a set of resources, in this case pods. 389 properties: 390 matchExpressions: 391 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 392 items: 393 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 394 properties: 395 key: 396 description: key is the label key that the selector applies to. 397 type: string 398 operator: 399 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 400 type: string 401 values: 402 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 403 items: 404 type: string 405 type: array 406 required: 407 - key 408 - operator 409 type: object 410 type: array 411 matchLabels: 412 additionalProperties: 413 type: string 414 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 415 type: object 416 type: object 417 namespaces: 418 description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" 419 items: 420 type: string 421 type: array 422 topologyKey: 423 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. 424 type: string 425 required: 426 - topologyKey 427 type: object 428 type: array 429 type: object 430 type: object 431 alerting: 432 description: Define details regarding alerting. 433 properties: 434 alertmanagers: 435 description: AlertmanagerEndpoints Prometheus should fire alerts against. 436 items: 437 description: AlertmanagerEndpoints defines a selection of a single Endpoints object containing alertmanager IPs to fire alerts against. 438 properties: 439 apiVersion: 440 description: Version of the Alertmanager API that Prometheus uses to send alerts. It can be "v1" or "v2". 441 type: string 442 bearerTokenFile: 443 description: BearerTokenFile to read from filesystem to use when authenticating to Alertmanager. 444 type: string 445 name: 446 description: Name of Endpoints object in Namespace. 447 type: string 448 namespace: 449 description: Namespace of Endpoints object. 450 type: string 451 pathPrefix: 452 description: Prefix for the HTTP path alerts are pushed to. 453 type: string 454 port: 455 anyOf: 456 - type: integer 457 - type: string 458 description: Port the Alertmanager API is exposed on. 459 x-kubernetes-int-or-string: true 460 scheme: 461 description: Scheme to use when firing alerts. 462 type: string 463 timeout: 464 description: Timeout is a per-target Alertmanager timeout when pushing alerts. 465 type: string 466 tlsConfig: 467 description: TLS Config to use for alertmanager connection. 468 properties: 469 ca: 470 description: Struct containing the CA cert to use for the targets. 471 properties: 472 configMap: 473 description: ConfigMap containing data to use for the targets. 474 properties: 475 key: 476 description: The key to select. 477 type: string 478 name: 479 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 480 type: string 481 optional: 482 description: Specify whether the ConfigMap or its key must be defined 483 type: boolean 484 required: 485 - key 486 type: object 487 secret: 488 description: Secret containing data to use for the targets. 489 properties: 490 key: 491 description: The key of the secret to select from. Must be a valid secret key. 492 type: string 493 name: 494 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 495 type: string 496 optional: 497 description: Specify whether the Secret or its key must be defined 498 type: boolean 499 required: 500 - key 501 type: object 502 type: object 503 caFile: 504 description: Path to the CA cert in the Prometheus container to use for the targets. 505 type: string 506 cert: 507 description: Struct containing the client cert file for the targets. 508 properties: 509 configMap: 510 description: ConfigMap containing data to use for the targets. 511 properties: 512 key: 513 description: The key to select. 514 type: string 515 name: 516 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 517 type: string 518 optional: 519 description: Specify whether the ConfigMap or its key must be defined 520 type: boolean 521 required: 522 - key 523 type: object 524 secret: 525 description: Secret containing data to use for the targets. 526 properties: 527 key: 528 description: The key of the secret to select from. Must be a valid secret key. 529 type: string 530 name: 531 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 532 type: string 533 optional: 534 description: Specify whether the Secret or its key must be defined 535 type: boolean 536 required: 537 - key 538 type: object 539 type: object 540 certFile: 541 description: Path to the client cert file in the Prometheus container for the targets. 542 type: string 543 insecureSkipVerify: 544 description: Disable target certificate validation. 545 type: boolean 546 keyFile: 547 description: Path to the client key file in the Prometheus container for the targets. 548 type: string 549 keySecret: 550 description: Secret containing the client key file for the targets. 551 properties: 552 key: 553 description: The key of the secret to select from. Must be a valid secret key. 554 type: string 555 name: 556 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 557 type: string 558 optional: 559 description: Specify whether the Secret or its key must be defined 560 type: boolean 561 required: 562 - key 563 type: object 564 serverName: 565 description: Used to verify the hostname for the targets. 566 type: string 567 type: object 568 required: 569 - name 570 - namespace 571 - port 572 type: object 573 type: array 574 required: 575 - alertmanagers 576 type: object 577 allowOverlappingBlocks: 578 description: AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release. 579 type: boolean 580 apiserverConfig: 581 description: APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. 582 properties: 583 basicAuth: 584 description: BasicAuth allow an endpoint to authenticate over basic authentication 585 properties: 586 password: 587 description: The secret in the service monitor namespace that contains the password for authentication. 588 properties: 589 key: 590 description: The key of the secret to select from. Must be a valid secret key. 591 type: string 592 name: 593 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 594 type: string 595 optional: 596 description: Specify whether the Secret or its key must be defined 597 type: boolean 598 required: 599 - key 600 type: object 601 username: 602 description: The secret in the service monitor namespace that contains the username for authentication. 603 properties: 604 key: 605 description: The key of the secret to select from. Must be a valid secret key. 606 type: string 607 name: 608 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 609 type: string 610 optional: 611 description: Specify whether the Secret or its key must be defined 612 type: boolean 613 required: 614 - key 615 type: object 616 type: object 617 bearerToken: 618 description: Bearer token for accessing apiserver. 619 type: string 620 bearerTokenFile: 621 description: File to read bearer token for accessing apiserver. 622 type: string 623 host: 624 description: Host of apiserver. A valid string consisting of a hostname or IP followed by an optional port number 625 type: string 626 tlsConfig: 627 description: TLS Config to use for accessing apiserver. 628 properties: 629 ca: 630 description: Struct containing the CA cert to use for the targets. 631 properties: 632 configMap: 633 description: ConfigMap containing data to use for the targets. 634 properties: 635 key: 636 description: The key to select. 637 type: string 638 name: 639 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 640 type: string 641 optional: 642 description: Specify whether the ConfigMap or its key must be defined 643 type: boolean 644 required: 645 - key 646 type: object 647 secret: 648 description: Secret containing data to use for the targets. 649 properties: 650 key: 651 description: The key of the secret to select from. Must be a valid secret key. 652 type: string 653 name: 654 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 655 type: string 656 optional: 657 description: Specify whether the Secret or its key must be defined 658 type: boolean 659 required: 660 - key 661 type: object 662 type: object 663 caFile: 664 description: Path to the CA cert in the Prometheus container to use for the targets. 665 type: string 666 cert: 667 description: Struct containing the client cert file for the targets. 668 properties: 669 configMap: 670 description: ConfigMap containing data to use for the targets. 671 properties: 672 key: 673 description: The key to select. 674 type: string 675 name: 676 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 677 type: string 678 optional: 679 description: Specify whether the ConfigMap or its key must be defined 680 type: boolean 681 required: 682 - key 683 type: object 684 secret: 685 description: Secret containing data to use for the targets. 686 properties: 687 key: 688 description: The key of the secret to select from. Must be a valid secret key. 689 type: string 690 name: 691 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 692 type: string 693 optional: 694 description: Specify whether the Secret or its key must be defined 695 type: boolean 696 required: 697 - key 698 type: object 699 type: object 700 certFile: 701 description: Path to the client cert file in the Prometheus container for the targets. 702 type: string 703 insecureSkipVerify: 704 description: Disable target certificate validation. 705 type: boolean 706 keyFile: 707 description: Path to the client key file in the Prometheus container for the targets. 708 type: string 709 keySecret: 710 description: Secret containing the client key file for the targets. 711 properties: 712 key: 713 description: The key of the secret to select from. Must be a valid secret key. 714 type: string 715 name: 716 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 717 type: string 718 optional: 719 description: Specify whether the Secret or its key must be defined 720 type: boolean 721 required: 722 - key 723 type: object 724 serverName: 725 description: Used to verify the hostname for the targets. 726 type: string 727 type: object 728 required: 729 - host 730 type: object 731 arbitraryFSAccessThroughSMs: 732 description: ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files. 733 properties: 734 deny: 735 type: boolean 736 type: object 737 baseImage: 738 description: 'Base image to use for a Prometheus deployment. Deprecated: use ''image'' instead' 739 type: string 740 configMaps: 741 description: ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name>. 742 items: 743 type: string 744 type: array 745 containers: 746 description: 'Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.' 747 items: 748 description: A single application container that you want to run within a pod. 749 properties: 750 args: 751 description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 752 items: 753 type: string 754 type: array 755 command: 756 description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 757 items: 758 type: string 759 type: array 760 env: 761 description: List of environment variables to set in the container. Cannot be updated. 762 items: 763 description: EnvVar represents an environment variable present in a Container. 764 properties: 765 name: 766 description: Name of the environment variable. Must be a C_IDENTIFIER. 767 type: string 768 value: 769 description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' 770 type: string 771 valueFrom: 772 description: Source for the environment variable's value. Cannot be used if value is not empty. 773 properties: 774 configMapKeyRef: 775 description: Selects a key of a ConfigMap. 776 properties: 777 key: 778 description: The key to select. 779 type: string 780 name: 781 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 782 type: string 783 optional: 784 description: Specify whether the ConfigMap or its key must be defined 785 type: boolean 786 required: 787 - key 788 type: object 789 fieldRef: 790 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' 791 properties: 792 apiVersion: 793 description: Version of the schema the FieldPath is written in terms of, defaults to "v1". 794 type: string 795 fieldPath: 796 description: Path of the field to select in the specified API version. 797 type: string 798 required: 799 - fieldPath 800 type: object 801 resourceFieldRef: 802 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' 803 properties: 804 containerName: 805 description: 'Container name: required for volumes, optional for env vars' 806 type: string 807 divisor: 808 anyOf: 809 - type: integer 810 - type: string 811 description: Specifies the output format of the exposed resources, defaults to "1" 812 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 813 x-kubernetes-int-or-string: true 814 resource: 815 description: 'Required: resource to select' 816 type: string 817 required: 818 - resource 819 type: object 820 secretKeyRef: 821 description: Selects a key of a secret in the pod's namespace 822 properties: 823 key: 824 description: The key of the secret to select from. Must be a valid secret key. 825 type: string 826 name: 827 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 828 type: string 829 optional: 830 description: Specify whether the Secret or its key must be defined 831 type: boolean 832 required: 833 - key 834 type: object 835 type: object 836 required: 837 - name 838 type: object 839 type: array 840 envFrom: 841 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 842 items: 843 description: EnvFromSource represents the source of a set of ConfigMaps 844 properties: 845 configMapRef: 846 description: The ConfigMap to select from 847 properties: 848 name: 849 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 850 type: string 851 optional: 852 description: Specify whether the ConfigMap must be defined 853 type: boolean 854 type: object 855 prefix: 856 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 857 type: string 858 secretRef: 859 description: The Secret to select from 860 properties: 861 name: 862 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 863 type: string 864 optional: 865 description: Specify whether the Secret must be defined 866 type: boolean 867 type: object 868 type: object 869 type: array 870 image: 871 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' 872 type: string 873 imagePullPolicy: 874 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 875 type: string 876 lifecycle: 877 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated. 878 properties: 879 postStart: 880 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 881 properties: 882 exec: 883 description: One and only one of the following should be specified. Exec specifies the action to take. 884 properties: 885 command: 886 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 887 items: 888 type: string 889 type: array 890 type: object 891 httpGet: 892 description: HTTPGet specifies the http request to perform. 893 properties: 894 host: 895 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 896 type: string 897 httpHeaders: 898 description: Custom headers to set in the request. HTTP allows repeated headers. 899 items: 900 description: HTTPHeader describes a custom header to be used in HTTP probes 901 properties: 902 name: 903 description: The header field name 904 type: string 905 value: 906 description: The header field value 907 type: string 908 required: 909 - name 910 - value 911 type: object 912 type: array 913 path: 914 description: Path to access on the HTTP server. 915 type: string 916 port: 917 anyOf: 918 - type: integer 919 - type: string 920 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 921 x-kubernetes-int-or-string: true 922 scheme: 923 description: Scheme to use for connecting to the host. Defaults to HTTP. 924 type: string 925 required: 926 - port 927 type: object 928 tcpSocket: 929 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 930 properties: 931 host: 932 description: 'Optional: Host name to connect to, defaults to the pod IP.' 933 type: string 934 port: 935 anyOf: 936 - type: integer 937 - type: string 938 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 939 x-kubernetes-int-or-string: true 940 required: 941 - port 942 type: object 943 type: object 944 preStop: 945 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod''s termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 946 properties: 947 exec: 948 description: One and only one of the following should be specified. Exec specifies the action to take. 949 properties: 950 command: 951 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 952 items: 953 type: string 954 type: array 955 type: object 956 httpGet: 957 description: HTTPGet specifies the http request to perform. 958 properties: 959 host: 960 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 961 type: string 962 httpHeaders: 963 description: Custom headers to set in the request. HTTP allows repeated headers. 964 items: 965 description: HTTPHeader describes a custom header to be used in HTTP probes 966 properties: 967 name: 968 description: The header field name 969 type: string 970 value: 971 description: The header field value 972 type: string 973 required: 974 - name 975 - value 976 type: object 977 type: array 978 path: 979 description: Path to access on the HTTP server. 980 type: string 981 port: 982 anyOf: 983 - type: integer 984 - type: string 985 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 986 x-kubernetes-int-or-string: true 987 scheme: 988 description: Scheme to use for connecting to the host. Defaults to HTTP. 989 type: string 990 required: 991 - port 992 type: object 993 tcpSocket: 994 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 995 properties: 996 host: 997 description: 'Optional: Host name to connect to, defaults to the pod IP.' 998 type: string 999 port: 1000 anyOf: 1001 - type: integer 1002 - type: string 1003 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1004 x-kubernetes-int-or-string: true 1005 required: 1006 - port 1007 type: object 1008 type: object 1009 type: object 1010 livenessProbe: 1011 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1012 properties: 1013 exec: 1014 description: One and only one of the following should be specified. Exec specifies the action to take. 1015 properties: 1016 command: 1017 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1018 items: 1019 type: string 1020 type: array 1021 type: object 1022 failureThreshold: 1023 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1024 format: int32 1025 type: integer 1026 httpGet: 1027 description: HTTPGet specifies the http request to perform. 1028 properties: 1029 host: 1030 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1031 type: string 1032 httpHeaders: 1033 description: Custom headers to set in the request. HTTP allows repeated headers. 1034 items: 1035 description: HTTPHeader describes a custom header to be used in HTTP probes 1036 properties: 1037 name: 1038 description: The header field name 1039 type: string 1040 value: 1041 description: The header field value 1042 type: string 1043 required: 1044 - name 1045 - value 1046 type: object 1047 type: array 1048 path: 1049 description: Path to access on the HTTP server. 1050 type: string 1051 port: 1052 anyOf: 1053 - type: integer 1054 - type: string 1055 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1056 x-kubernetes-int-or-string: true 1057 scheme: 1058 description: Scheme to use for connecting to the host. Defaults to HTTP. 1059 type: string 1060 required: 1061 - port 1062 type: object 1063 initialDelaySeconds: 1064 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1065 format: int32 1066 type: integer 1067 periodSeconds: 1068 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1069 format: int32 1070 type: integer 1071 successThreshold: 1072 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 1073 format: int32 1074 type: integer 1075 tcpSocket: 1076 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1077 properties: 1078 host: 1079 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1080 type: string 1081 port: 1082 anyOf: 1083 - type: integer 1084 - type: string 1085 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1086 x-kubernetes-int-or-string: true 1087 required: 1088 - port 1089 type: object 1090 timeoutSeconds: 1091 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1092 format: int32 1093 type: integer 1094 type: object 1095 name: 1096 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. 1097 type: string 1098 ports: 1099 description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. 1100 items: 1101 description: ContainerPort represents a network port in a single container. 1102 properties: 1103 containerPort: 1104 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1105 format: int32 1106 type: integer 1107 hostIP: 1108 description: What host IP to bind the external port to. 1109 type: string 1110 hostPort: 1111 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. 1112 format: int32 1113 type: integer 1114 name: 1115 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. 1116 type: string 1117 protocol: 1118 default: TCP 1119 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". 1120 type: string 1121 required: 1122 - containerPort 1123 type: object 1124 type: array 1125 x-kubernetes-list-map-keys: 1126 - containerPort 1127 - protocol 1128 x-kubernetes-list-type: map 1129 readinessProbe: 1130 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1131 properties: 1132 exec: 1133 description: One and only one of the following should be specified. Exec specifies the action to take. 1134 properties: 1135 command: 1136 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1137 items: 1138 type: string 1139 type: array 1140 type: object 1141 failureThreshold: 1142 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1143 format: int32 1144 type: integer 1145 httpGet: 1146 description: HTTPGet specifies the http request to perform. 1147 properties: 1148 host: 1149 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1150 type: string 1151 httpHeaders: 1152 description: Custom headers to set in the request. HTTP allows repeated headers. 1153 items: 1154 description: HTTPHeader describes a custom header to be used in HTTP probes 1155 properties: 1156 name: 1157 description: The header field name 1158 type: string 1159 value: 1160 description: The header field value 1161 type: string 1162 required: 1163 - name 1164 - value 1165 type: object 1166 type: array 1167 path: 1168 description: Path to access on the HTTP server. 1169 type: string 1170 port: 1171 anyOf: 1172 - type: integer 1173 - type: string 1174 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1175 x-kubernetes-int-or-string: true 1176 scheme: 1177 description: Scheme to use for connecting to the host. Defaults to HTTP. 1178 type: string 1179 required: 1180 - port 1181 type: object 1182 initialDelaySeconds: 1183 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1184 format: int32 1185 type: integer 1186 periodSeconds: 1187 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1188 format: int32 1189 type: integer 1190 successThreshold: 1191 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 1192 format: int32 1193 type: integer 1194 tcpSocket: 1195 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1196 properties: 1197 host: 1198 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1199 type: string 1200 port: 1201 anyOf: 1202 - type: integer 1203 - type: string 1204 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1205 x-kubernetes-int-or-string: true 1206 required: 1207 - port 1208 type: object 1209 timeoutSeconds: 1210 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1211 format: int32 1212 type: integer 1213 type: object 1214 resources: 1215 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1216 properties: 1217 limits: 1218 additionalProperties: 1219 anyOf: 1220 - type: integer 1221 - type: string 1222 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1223 x-kubernetes-int-or-string: true 1224 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1225 type: object 1226 requests: 1227 additionalProperties: 1228 anyOf: 1229 - type: integer 1230 - type: string 1231 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1232 x-kubernetes-int-or-string: true 1233 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1234 type: object 1235 type: object 1236 securityContext: 1237 description: 'Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1238 properties: 1239 allowPrivilegeEscalation: 1240 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN' 1241 type: boolean 1242 capabilities: 1243 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. 1244 properties: 1245 add: 1246 description: Added capabilities 1247 items: 1248 description: Capability represent POSIX capabilities type 1249 type: string 1250 type: array 1251 drop: 1252 description: Removed capabilities 1253 items: 1254 description: Capability represent POSIX capabilities type 1255 type: string 1256 type: array 1257 type: object 1258 privileged: 1259 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. 1260 type: boolean 1261 procMount: 1262 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. 1263 type: string 1264 readOnlyRootFilesystem: 1265 description: Whether this container has a read-only root filesystem. Default is false. 1266 type: boolean 1267 runAsGroup: 1268 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1269 format: int64 1270 type: integer 1271 runAsNonRoot: 1272 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1273 type: boolean 1274 runAsUser: 1275 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1276 format: int64 1277 type: integer 1278 seLinuxOptions: 1279 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1280 properties: 1281 level: 1282 description: Level is SELinux level label that applies to the container. 1283 type: string 1284 role: 1285 description: Role is a SELinux role label that applies to the container. 1286 type: string 1287 type: 1288 description: Type is a SELinux type label that applies to the container. 1289 type: string 1290 user: 1291 description: User is a SELinux user label that applies to the container. 1292 type: string 1293 type: object 1294 windowsOptions: 1295 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1296 properties: 1297 gmsaCredentialSpec: 1298 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. 1299 type: string 1300 gmsaCredentialSpecName: 1301 description: GMSACredentialSpecName is the name of the GMSA credential spec to use. 1302 type: string 1303 runAsUserName: 1304 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1305 type: string 1306 type: object 1307 type: object 1308 startupProbe: 1309 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1310 properties: 1311 exec: 1312 description: One and only one of the following should be specified. Exec specifies the action to take. 1313 properties: 1314 command: 1315 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1316 items: 1317 type: string 1318 type: array 1319 type: object 1320 failureThreshold: 1321 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1322 format: int32 1323 type: integer 1324 httpGet: 1325 description: HTTPGet specifies the http request to perform. 1326 properties: 1327 host: 1328 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1329 type: string 1330 httpHeaders: 1331 description: Custom headers to set in the request. HTTP allows repeated headers. 1332 items: 1333 description: HTTPHeader describes a custom header to be used in HTTP probes 1334 properties: 1335 name: 1336 description: The header field name 1337 type: string 1338 value: 1339 description: The header field value 1340 type: string 1341 required: 1342 - name 1343 - value 1344 type: object 1345 type: array 1346 path: 1347 description: Path to access on the HTTP server. 1348 type: string 1349 port: 1350 anyOf: 1351 - type: integer 1352 - type: string 1353 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1354 x-kubernetes-int-or-string: true 1355 scheme: 1356 description: Scheme to use for connecting to the host. Defaults to HTTP. 1357 type: string 1358 required: 1359 - port 1360 type: object 1361 initialDelaySeconds: 1362 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1363 format: int32 1364 type: integer 1365 periodSeconds: 1366 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1367 format: int32 1368 type: integer 1369 successThreshold: 1370 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 1371 format: int32 1372 type: integer 1373 tcpSocket: 1374 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1375 properties: 1376 host: 1377 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1378 type: string 1379 port: 1380 anyOf: 1381 - type: integer 1382 - type: string 1383 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1384 x-kubernetes-int-or-string: true 1385 required: 1386 - port 1387 type: object 1388 timeoutSeconds: 1389 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1390 format: int32 1391 type: integer 1392 type: object 1393 stdin: 1394 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. 1395 type: boolean 1396 stdinOnce: 1397 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false 1398 type: boolean 1399 terminationMessagePath: 1400 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 1401 type: string 1402 terminationMessagePolicy: 1403 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 1404 type: string 1405 tty: 1406 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. 1407 type: boolean 1408 volumeDevices: 1409 description: volumeDevices is the list of block devices to be used by the container. 1410 items: 1411 description: volumeDevice describes a mapping of a raw block device within a container. 1412 properties: 1413 devicePath: 1414 description: devicePath is the path inside of the container that the device will be mapped to. 1415 type: string 1416 name: 1417 description: name must match the name of a persistentVolumeClaim in the pod 1418 type: string 1419 required: 1420 - devicePath 1421 - name 1422 type: object 1423 type: array 1424 volumeMounts: 1425 description: Pod volumes to mount into the container's filesystem. Cannot be updated. 1426 items: 1427 description: VolumeMount describes a mounting of a Volume within a container. 1428 properties: 1429 mountPath: 1430 description: Path within the container at which the volume should be mounted. Must not contain ':'. 1431 type: string 1432 mountPropagation: 1433 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. 1434 type: string 1435 name: 1436 description: This must match the Name of a Volume. 1437 type: string 1438 readOnly: 1439 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 1440 type: boolean 1441 subPath: 1442 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 1443 type: string 1444 subPathExpr: 1445 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. 1446 type: string 1447 required: 1448 - mountPath 1449 - name 1450 type: object 1451 type: array 1452 workingDir: 1453 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. 1454 type: string 1455 required: 1456 - name 1457 type: object 1458 type: array 1459 disableCompaction: 1460 description: Disable prometheus compaction. 1461 type: boolean 1462 enableAdminAPI: 1463 description: 'Enable access to prometheus web admin API. Defaults to the value of `false`. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' 1464 type: boolean 1465 enforcedNamespaceLabel: 1466 description: EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created. 1467 type: string 1468 enforcedSampleLimit: 1469 description: EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead. 1470 format: int64 1471 type: integer 1472 enforcedTargetLimit: 1473 description: EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep overall number of targets under the desired limit. Note that if TargetLimit is higher that value will be taken instead. 1474 format: int64 1475 type: integer 1476 evaluationInterval: 1477 description: Interval between consecutive evaluations. 1478 type: string 1479 externalLabels: 1480 additionalProperties: 1481 type: string 1482 description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). 1483 type: object 1484 externalUrl: 1485 description: The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name. 1486 type: string 1487 ignoreNamespaceSelectors: 1488 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from the podmonitor and servicemonitor configs, and they will only discover endpoints within their current namespace. Defaults to false. 1489 type: boolean 1490 image: 1491 description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured. 1492 type: string 1493 imagePullSecrets: 1494 description: An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 1495 items: 1496 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. 1497 properties: 1498 name: 1499 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1500 type: string 1501 type: object 1502 type: array 1503 initContainers: 1504 description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.' 1505 items: 1506 description: A single application container that you want to run within a pod. 1507 properties: 1508 args: 1509 description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1510 items: 1511 type: string 1512 type: array 1513 command: 1514 description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1515 items: 1516 type: string 1517 type: array 1518 env: 1519 description: List of environment variables to set in the container. Cannot be updated. 1520 items: 1521 description: EnvVar represents an environment variable present in a Container. 1522 properties: 1523 name: 1524 description: Name of the environment variable. Must be a C_IDENTIFIER. 1525 type: string 1526 value: 1527 description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' 1528 type: string 1529 valueFrom: 1530 description: Source for the environment variable's value. Cannot be used if value is not empty. 1531 properties: 1532 configMapKeyRef: 1533 description: Selects a key of a ConfigMap. 1534 properties: 1535 key: 1536 description: The key to select. 1537 type: string 1538 name: 1539 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1540 type: string 1541 optional: 1542 description: Specify whether the ConfigMap or its key must be defined 1543 type: boolean 1544 required: 1545 - key 1546 type: object 1547 fieldRef: 1548 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' 1549 properties: 1550 apiVersion: 1551 description: Version of the schema the FieldPath is written in terms of, defaults to "v1". 1552 type: string 1553 fieldPath: 1554 description: Path of the field to select in the specified API version. 1555 type: string 1556 required: 1557 - fieldPath 1558 type: object 1559 resourceFieldRef: 1560 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' 1561 properties: 1562 containerName: 1563 description: 'Container name: required for volumes, optional for env vars' 1564 type: string 1565 divisor: 1566 anyOf: 1567 - type: integer 1568 - type: string 1569 description: Specifies the output format of the exposed resources, defaults to "1" 1570 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1571 x-kubernetes-int-or-string: true 1572 resource: 1573 description: 'Required: resource to select' 1574 type: string 1575 required: 1576 - resource 1577 type: object 1578 secretKeyRef: 1579 description: Selects a key of a secret in the pod's namespace 1580 properties: 1581 key: 1582 description: The key of the secret to select from. Must be a valid secret key. 1583 type: string 1584 name: 1585 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1586 type: string 1587 optional: 1588 description: Specify whether the Secret or its key must be defined 1589 type: boolean 1590 required: 1591 - key 1592 type: object 1593 type: object 1594 required: 1595 - name 1596 type: object 1597 type: array 1598 envFrom: 1599 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 1600 items: 1601 description: EnvFromSource represents the source of a set of ConfigMaps 1602 properties: 1603 configMapRef: 1604 description: The ConfigMap to select from 1605 properties: 1606 name: 1607 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1608 type: string 1609 optional: 1610 description: Specify whether the ConfigMap must be defined 1611 type: boolean 1612 type: object 1613 prefix: 1614 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1615 type: string 1616 secretRef: 1617 description: The Secret to select from 1618 properties: 1619 name: 1620 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 1621 type: string 1622 optional: 1623 description: Specify whether the Secret must be defined 1624 type: boolean 1625 type: object 1626 type: object 1627 type: array 1628 image: 1629 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' 1630 type: string 1631 imagePullPolicy: 1632 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 1633 type: string 1634 lifecycle: 1635 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated. 1636 properties: 1637 postStart: 1638 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1639 properties: 1640 exec: 1641 description: One and only one of the following should be specified. Exec specifies the action to take. 1642 properties: 1643 command: 1644 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1645 items: 1646 type: string 1647 type: array 1648 type: object 1649 httpGet: 1650 description: HTTPGet specifies the http request to perform. 1651 properties: 1652 host: 1653 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1654 type: string 1655 httpHeaders: 1656 description: Custom headers to set in the request. HTTP allows repeated headers. 1657 items: 1658 description: HTTPHeader describes a custom header to be used in HTTP probes 1659 properties: 1660 name: 1661 description: The header field name 1662 type: string 1663 value: 1664 description: The header field value 1665 type: string 1666 required: 1667 - name 1668 - value 1669 type: object 1670 type: array 1671 path: 1672 description: Path to access on the HTTP server. 1673 type: string 1674 port: 1675 anyOf: 1676 - type: integer 1677 - type: string 1678 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1679 x-kubernetes-int-or-string: true 1680 scheme: 1681 description: Scheme to use for connecting to the host. Defaults to HTTP. 1682 type: string 1683 required: 1684 - port 1685 type: object 1686 tcpSocket: 1687 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1688 properties: 1689 host: 1690 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1691 type: string 1692 port: 1693 anyOf: 1694 - type: integer 1695 - type: string 1696 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1697 x-kubernetes-int-or-string: true 1698 required: 1699 - port 1700 type: object 1701 type: object 1702 preStop: 1703 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod''s termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 1704 properties: 1705 exec: 1706 description: One and only one of the following should be specified. Exec specifies the action to take. 1707 properties: 1708 command: 1709 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1710 items: 1711 type: string 1712 type: array 1713 type: object 1714 httpGet: 1715 description: HTTPGet specifies the http request to perform. 1716 properties: 1717 host: 1718 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1719 type: string 1720 httpHeaders: 1721 description: Custom headers to set in the request. HTTP allows repeated headers. 1722 items: 1723 description: HTTPHeader describes a custom header to be used in HTTP probes 1724 properties: 1725 name: 1726 description: The header field name 1727 type: string 1728 value: 1729 description: The header field value 1730 type: string 1731 required: 1732 - name 1733 - value 1734 type: object 1735 type: array 1736 path: 1737 description: Path to access on the HTTP server. 1738 type: string 1739 port: 1740 anyOf: 1741 - type: integer 1742 - type: string 1743 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1744 x-kubernetes-int-or-string: true 1745 scheme: 1746 description: Scheme to use for connecting to the host. Defaults to HTTP. 1747 type: string 1748 required: 1749 - port 1750 type: object 1751 tcpSocket: 1752 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1753 properties: 1754 host: 1755 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1756 type: string 1757 port: 1758 anyOf: 1759 - type: integer 1760 - type: string 1761 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1762 x-kubernetes-int-or-string: true 1763 required: 1764 - port 1765 type: object 1766 type: object 1767 type: object 1768 livenessProbe: 1769 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1770 properties: 1771 exec: 1772 description: One and only one of the following should be specified. Exec specifies the action to take. 1773 properties: 1774 command: 1775 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1776 items: 1777 type: string 1778 type: array 1779 type: object 1780 failureThreshold: 1781 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1782 format: int32 1783 type: integer 1784 httpGet: 1785 description: HTTPGet specifies the http request to perform. 1786 properties: 1787 host: 1788 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1789 type: string 1790 httpHeaders: 1791 description: Custom headers to set in the request. HTTP allows repeated headers. 1792 items: 1793 description: HTTPHeader describes a custom header to be used in HTTP probes 1794 properties: 1795 name: 1796 description: The header field name 1797 type: string 1798 value: 1799 description: The header field value 1800 type: string 1801 required: 1802 - name 1803 - value 1804 type: object 1805 type: array 1806 path: 1807 description: Path to access on the HTTP server. 1808 type: string 1809 port: 1810 anyOf: 1811 - type: integer 1812 - type: string 1813 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1814 x-kubernetes-int-or-string: true 1815 scheme: 1816 description: Scheme to use for connecting to the host. Defaults to HTTP. 1817 type: string 1818 required: 1819 - port 1820 type: object 1821 initialDelaySeconds: 1822 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1823 format: int32 1824 type: integer 1825 periodSeconds: 1826 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1827 format: int32 1828 type: integer 1829 successThreshold: 1830 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 1831 format: int32 1832 type: integer 1833 tcpSocket: 1834 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1835 properties: 1836 host: 1837 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1838 type: string 1839 port: 1840 anyOf: 1841 - type: integer 1842 - type: string 1843 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1844 x-kubernetes-int-or-string: true 1845 required: 1846 - port 1847 type: object 1848 timeoutSeconds: 1849 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1850 format: int32 1851 type: integer 1852 type: object 1853 name: 1854 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. 1855 type: string 1856 ports: 1857 description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. 1858 items: 1859 description: ContainerPort represents a network port in a single container. 1860 properties: 1861 containerPort: 1862 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1863 format: int32 1864 type: integer 1865 hostIP: 1866 description: What host IP to bind the external port to. 1867 type: string 1868 hostPort: 1869 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. 1870 format: int32 1871 type: integer 1872 name: 1873 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. 1874 type: string 1875 protocol: 1876 default: TCP 1877 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". 1878 type: string 1879 required: 1880 - containerPort 1881 type: object 1882 type: array 1883 x-kubernetes-list-map-keys: 1884 - containerPort 1885 - protocol 1886 x-kubernetes-list-type: map 1887 readinessProbe: 1888 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1889 properties: 1890 exec: 1891 description: One and only one of the following should be specified. Exec specifies the action to take. 1892 properties: 1893 command: 1894 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1895 items: 1896 type: string 1897 type: array 1898 type: object 1899 failureThreshold: 1900 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1901 format: int32 1902 type: integer 1903 httpGet: 1904 description: HTTPGet specifies the http request to perform. 1905 properties: 1906 host: 1907 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1908 type: string 1909 httpHeaders: 1910 description: Custom headers to set in the request. HTTP allows repeated headers. 1911 items: 1912 description: HTTPHeader describes a custom header to be used in HTTP probes 1913 properties: 1914 name: 1915 description: The header field name 1916 type: string 1917 value: 1918 description: The header field value 1919 type: string 1920 required: 1921 - name 1922 - value 1923 type: object 1924 type: array 1925 path: 1926 description: Path to access on the HTTP server. 1927 type: string 1928 port: 1929 anyOf: 1930 - type: integer 1931 - type: string 1932 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1933 x-kubernetes-int-or-string: true 1934 scheme: 1935 description: Scheme to use for connecting to the host. Defaults to HTTP. 1936 type: string 1937 required: 1938 - port 1939 type: object 1940 initialDelaySeconds: 1941 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1942 format: int32 1943 type: integer 1944 periodSeconds: 1945 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1946 format: int32 1947 type: integer 1948 successThreshold: 1949 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 1950 format: int32 1951 type: integer 1952 tcpSocket: 1953 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 1954 properties: 1955 host: 1956 description: 'Optional: Host name to connect to, defaults to the pod IP.' 1957 type: string 1958 port: 1959 anyOf: 1960 - type: integer 1961 - type: string 1962 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1963 x-kubernetes-int-or-string: true 1964 required: 1965 - port 1966 type: object 1967 timeoutSeconds: 1968 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 1969 format: int32 1970 type: integer 1971 type: object 1972 resources: 1973 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1974 properties: 1975 limits: 1976 additionalProperties: 1977 anyOf: 1978 - type: integer 1979 - type: string 1980 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1981 x-kubernetes-int-or-string: true 1982 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1983 type: object 1984 requests: 1985 additionalProperties: 1986 anyOf: 1987 - type: integer 1988 - type: string 1989 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 1990 x-kubernetes-int-or-string: true 1991 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 1992 type: object 1993 type: object 1994 securityContext: 1995 description: 'Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 1996 properties: 1997 allowPrivilegeEscalation: 1998 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN' 1999 type: boolean 2000 capabilities: 2001 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. 2002 properties: 2003 add: 2004 description: Added capabilities 2005 items: 2006 description: Capability represent POSIX capabilities type 2007 type: string 2008 type: array 2009 drop: 2010 description: Removed capabilities 2011 items: 2012 description: Capability represent POSIX capabilities type 2013 type: string 2014 type: array 2015 type: object 2016 privileged: 2017 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. 2018 type: boolean 2019 procMount: 2020 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. 2021 type: string 2022 readOnlyRootFilesystem: 2023 description: Whether this container has a read-only root filesystem. Default is false. 2024 type: boolean 2025 runAsGroup: 2026 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2027 format: int64 2028 type: integer 2029 runAsNonRoot: 2030 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2031 type: boolean 2032 runAsUser: 2033 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2034 format: int64 2035 type: integer 2036 seLinuxOptions: 2037 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2038 properties: 2039 level: 2040 description: Level is SELinux level label that applies to the container. 2041 type: string 2042 role: 2043 description: Role is a SELinux role label that applies to the container. 2044 type: string 2045 type: 2046 description: Type is a SELinux type label that applies to the container. 2047 type: string 2048 user: 2049 description: User is a SELinux user label that applies to the container. 2050 type: string 2051 type: object 2052 windowsOptions: 2053 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2054 properties: 2055 gmsaCredentialSpec: 2056 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. 2057 type: string 2058 gmsaCredentialSpecName: 2059 description: GMSACredentialSpecName is the name of the GMSA credential spec to use. 2060 type: string 2061 runAsUserName: 2062 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2063 type: string 2064 type: object 2065 type: object 2066 startupProbe: 2067 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2068 properties: 2069 exec: 2070 description: One and only one of the following should be specified. Exec specifies the action to take. 2071 properties: 2072 command: 2073 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2074 items: 2075 type: string 2076 type: array 2077 type: object 2078 failureThreshold: 2079 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2080 format: int32 2081 type: integer 2082 httpGet: 2083 description: HTTPGet specifies the http request to perform. 2084 properties: 2085 host: 2086 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2087 type: string 2088 httpHeaders: 2089 description: Custom headers to set in the request. HTTP allows repeated headers. 2090 items: 2091 description: HTTPHeader describes a custom header to be used in HTTP probes 2092 properties: 2093 name: 2094 description: The header field name 2095 type: string 2096 value: 2097 description: The header field value 2098 type: string 2099 required: 2100 - name 2101 - value 2102 type: object 2103 type: array 2104 path: 2105 description: Path to access on the HTTP server. 2106 type: string 2107 port: 2108 anyOf: 2109 - type: integer 2110 - type: string 2111 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2112 x-kubernetes-int-or-string: true 2113 scheme: 2114 description: Scheme to use for connecting to the host. Defaults to HTTP. 2115 type: string 2116 required: 2117 - port 2118 type: object 2119 initialDelaySeconds: 2120 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2121 format: int32 2122 type: integer 2123 periodSeconds: 2124 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 2125 format: int32 2126 type: integer 2127 successThreshold: 2128 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. 2129 format: int32 2130 type: integer 2131 tcpSocket: 2132 description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook' 2133 properties: 2134 host: 2135 description: 'Optional: Host name to connect to, defaults to the pod IP.' 2136 type: string 2137 port: 2138 anyOf: 2139 - type: integer 2140 - type: string 2141 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2142 x-kubernetes-int-or-string: true 2143 required: 2144 - port 2145 type: object 2146 timeoutSeconds: 2147 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2148 format: int32 2149 type: integer 2150 type: object 2151 stdin: 2152 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. 2153 type: boolean 2154 stdinOnce: 2155 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false 2156 type: boolean 2157 terminationMessagePath: 2158 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 2159 type: string 2160 terminationMessagePolicy: 2161 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 2162 type: string 2163 tty: 2164 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. 2165 type: boolean 2166 volumeDevices: 2167 description: volumeDevices is the list of block devices to be used by the container. 2168 items: 2169 description: volumeDevice describes a mapping of a raw block device within a container. 2170 properties: 2171 devicePath: 2172 description: devicePath is the path inside of the container that the device will be mapped to. 2173 type: string 2174 name: 2175 description: name must match the name of a persistentVolumeClaim in the pod 2176 type: string 2177 required: 2178 - devicePath 2179 - name 2180 type: object 2181 type: array 2182 volumeMounts: 2183 description: Pod volumes to mount into the container's filesystem. Cannot be updated. 2184 items: 2185 description: VolumeMount describes a mounting of a Volume within a container. 2186 properties: 2187 mountPath: 2188 description: Path within the container at which the volume should be mounted. Must not contain ':'. 2189 type: string 2190 mountPropagation: 2191 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. 2192 type: string 2193 name: 2194 description: This must match the Name of a Volume. 2195 type: string 2196 readOnly: 2197 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 2198 type: boolean 2199 subPath: 2200 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 2201 type: string 2202 subPathExpr: 2203 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. 2204 type: string 2205 required: 2206 - mountPath 2207 - name 2208 type: object 2209 type: array 2210 workingDir: 2211 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. 2212 type: string 2213 required: 2214 - name 2215 type: object 2216 type: array 2217 listenLocal: 2218 description: ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP. 2219 type: boolean 2220 logFormat: 2221 description: Log format for Prometheus to be configured with. 2222 type: string 2223 logLevel: 2224 description: Log level for Prometheus to be configured with. 2225 type: string 2226 nodeSelector: 2227 additionalProperties: 2228 type: string 2229 description: Define which Nodes the Pods are scheduled on. 2230 type: object 2231 overrideHonorLabels: 2232 description: OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor or PodMonitor to true, this overrides honor_labels to false. 2233 type: boolean 2234 overrideHonorTimestamps: 2235 description: OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs. 2236 type: boolean 2237 paused: 2238 description: When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. 2239 type: boolean 2240 podMetadata: 2241 description: PodMetadata configures Labels and Annotations which are propagated to the prometheus pods. 2242 properties: 2243 annotations: 2244 additionalProperties: 2245 type: string 2246 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 2247 type: object 2248 labels: 2249 additionalProperties: 2250 type: string 2251 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' 2252 type: object 2253 name: 2254 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 2255 type: string 2256 type: object 2257 podMonitorNamespaceSelector: 2258 description: Namespace's labels to match for PodMonitor discovery. If nil, only check own namespace. 2259 properties: 2260 matchExpressions: 2261 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2262 items: 2263 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2264 properties: 2265 key: 2266 description: key is the label key that the selector applies to. 2267 type: string 2268 operator: 2269 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2270 type: string 2271 values: 2272 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2273 items: 2274 type: string 2275 type: array 2276 required: 2277 - key 2278 - operator 2279 type: object 2280 type: array 2281 matchLabels: 2282 additionalProperties: 2283 type: string 2284 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2285 type: object 2286 type: object 2287 podMonitorSelector: 2288 description: '*Experimental* PodMonitors to be selected for target discovery. *Deprecated:* if neither this nor serviceMonitorSelector are specified, configuration is unmanaged.' 2289 properties: 2290 matchExpressions: 2291 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2292 items: 2293 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2294 properties: 2295 key: 2296 description: key is the label key that the selector applies to. 2297 type: string 2298 operator: 2299 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2300 type: string 2301 values: 2302 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2303 items: 2304 type: string 2305 type: array 2306 required: 2307 - key 2308 - operator 2309 type: object 2310 type: array 2311 matchLabels: 2312 additionalProperties: 2313 type: string 2314 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2315 type: object 2316 type: object 2317 portName: 2318 description: Port name used for the pods and governing service. This defaults to web 2319 type: string 2320 priorityClassName: 2321 description: Priority class assigned to the Pods 2322 type: string 2323 probeNamespaceSelector: 2324 description: '*Experimental* Namespaces to be selected for Probe discovery. If nil, only check own namespace.' 2325 properties: 2326 matchExpressions: 2327 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2328 items: 2329 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2330 properties: 2331 key: 2332 description: key is the label key that the selector applies to. 2333 type: string 2334 operator: 2335 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2336 type: string 2337 values: 2338 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2339 items: 2340 type: string 2341 type: array 2342 required: 2343 - key 2344 - operator 2345 type: object 2346 type: array 2347 matchLabels: 2348 additionalProperties: 2349 type: string 2350 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2351 type: object 2352 type: object 2353 probeSelector: 2354 description: '*Experimental* Probes to be selected for target discovery.' 2355 properties: 2356 matchExpressions: 2357 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2358 items: 2359 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2360 properties: 2361 key: 2362 description: key is the label key that the selector applies to. 2363 type: string 2364 operator: 2365 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2366 type: string 2367 values: 2368 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2369 items: 2370 type: string 2371 type: array 2372 required: 2373 - key 2374 - operator 2375 type: object 2376 type: array 2377 matchLabels: 2378 additionalProperties: 2379 type: string 2380 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2381 type: object 2382 type: object 2383 prometheusExternalLabelName: 2384 description: Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will _not_ be added when value is set to empty string (`""`). 2385 type: string 2386 prometheusRulesExcludedFromEnforce: 2387 description: PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair 2388 items: 2389 description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics. 2390 properties: 2391 ruleName: 2392 description: RuleNamespace - name of excluded rule 2393 type: string 2394 ruleNamespace: 2395 description: RuleNamespace - namespace of excluded rule 2396 type: string 2397 required: 2398 - ruleName 2399 - ruleNamespace 2400 type: object 2401 type: array 2402 query: 2403 description: QuerySpec defines the query command line flags when starting Prometheus. 2404 properties: 2405 lookbackDelta: 2406 description: The delta difference allowed for retrieving metrics during expression evaluations. 2407 type: string 2408 maxConcurrency: 2409 description: Number of concurrent queries that can be run at once. 2410 format: int32 2411 type: integer 2412 maxSamples: 2413 description: Maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return. 2414 format: int32 2415 type: integer 2416 timeout: 2417 description: Maximum time a query may take before being aborted. 2418 type: string 2419 type: object 2420 queryLogFile: 2421 description: QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable, and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such as `/dev/stdout` to log querie information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/) 2422 type: string 2423 remoteRead: 2424 description: If specified, the remote_read spec. This is an experimental feature, it may change in any upcoming release in a breaking way. 2425 items: 2426 description: RemoteReadSpec defines the remote_read configuration for prometheus. 2427 properties: 2428 basicAuth: 2429 description: BasicAuth for the URL. 2430 properties: 2431 password: 2432 description: The secret in the service monitor namespace that contains the password for authentication. 2433 properties: 2434 key: 2435 description: The key of the secret to select from. Must be a valid secret key. 2436 type: string 2437 name: 2438 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2439 type: string 2440 optional: 2441 description: Specify whether the Secret or its key must be defined 2442 type: boolean 2443 required: 2444 - key 2445 type: object 2446 username: 2447 description: The secret in the service monitor namespace that contains the username for authentication. 2448 properties: 2449 key: 2450 description: The key of the secret to select from. Must be a valid secret key. 2451 type: string 2452 name: 2453 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2454 type: string 2455 optional: 2456 description: Specify whether the Secret or its key must be defined 2457 type: boolean 2458 required: 2459 - key 2460 type: object 2461 type: object 2462 bearerToken: 2463 description: bearer token for remote read. 2464 type: string 2465 bearerTokenFile: 2466 description: File to read bearer token for remote read. 2467 type: string 2468 name: 2469 description: The name of the remote read queue, must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. Only valid in Prometheus versions 2.15.0 and newer. 2470 type: string 2471 proxyUrl: 2472 description: Optional ProxyURL 2473 type: string 2474 readRecent: 2475 description: Whether reads should be made for queries for time ranges that the local storage should have complete data for. 2476 type: boolean 2477 remoteTimeout: 2478 description: Timeout for requests to the remote read endpoint. 2479 type: string 2480 requiredMatchers: 2481 additionalProperties: 2482 type: string 2483 description: An optional list of equality matchers which have to be present in a selector to query the remote read endpoint. 2484 type: object 2485 tlsConfig: 2486 description: TLS Config to use for remote read. 2487 properties: 2488 ca: 2489 description: Struct containing the CA cert to use for the targets. 2490 properties: 2491 configMap: 2492 description: ConfigMap containing data to use for the targets. 2493 properties: 2494 key: 2495 description: The key to select. 2496 type: string 2497 name: 2498 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2499 type: string 2500 optional: 2501 description: Specify whether the ConfigMap or its key must be defined 2502 type: boolean 2503 required: 2504 - key 2505 type: object 2506 secret: 2507 description: Secret containing data to use for the targets. 2508 properties: 2509 key: 2510 description: The key of the secret to select from. Must be a valid secret key. 2511 type: string 2512 name: 2513 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2514 type: string 2515 optional: 2516 description: Specify whether the Secret or its key must be defined 2517 type: boolean 2518 required: 2519 - key 2520 type: object 2521 type: object 2522 caFile: 2523 description: Path to the CA cert in the Prometheus container to use for the targets. 2524 type: string 2525 cert: 2526 description: Struct containing the client cert file for the targets. 2527 properties: 2528 configMap: 2529 description: ConfigMap containing data to use for the targets. 2530 properties: 2531 key: 2532 description: The key to select. 2533 type: string 2534 name: 2535 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2536 type: string 2537 optional: 2538 description: Specify whether the ConfigMap or its key must be defined 2539 type: boolean 2540 required: 2541 - key 2542 type: object 2543 secret: 2544 description: Secret containing data to use for the targets. 2545 properties: 2546 key: 2547 description: The key of the secret to select from. Must be a valid secret key. 2548 type: string 2549 name: 2550 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2551 type: string 2552 optional: 2553 description: Specify whether the Secret or its key must be defined 2554 type: boolean 2555 required: 2556 - key 2557 type: object 2558 type: object 2559 certFile: 2560 description: Path to the client cert file in the Prometheus container for the targets. 2561 type: string 2562 insecureSkipVerify: 2563 description: Disable target certificate validation. 2564 type: boolean 2565 keyFile: 2566 description: Path to the client key file in the Prometheus container for the targets. 2567 type: string 2568 keySecret: 2569 description: Secret containing the client key file for the targets. 2570 properties: 2571 key: 2572 description: The key of the secret to select from. Must be a valid secret key. 2573 type: string 2574 name: 2575 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2576 type: string 2577 optional: 2578 description: Specify whether the Secret or its key must be defined 2579 type: boolean 2580 required: 2581 - key 2582 type: object 2583 serverName: 2584 description: Used to verify the hostname for the targets. 2585 type: string 2586 type: object 2587 url: 2588 description: The URL of the endpoint to send samples to. 2589 type: string 2590 required: 2591 - url 2592 type: object 2593 type: array 2594 remoteWrite: 2595 description: If specified, the remote_write spec. This is an experimental feature, it may change in any upcoming release in a breaking way. 2596 items: 2597 description: RemoteWriteSpec defines the remote_write configuration for prometheus. 2598 properties: 2599 basicAuth: 2600 description: BasicAuth for the URL. 2601 properties: 2602 password: 2603 description: The secret in the service monitor namespace that contains the password for authentication. 2604 properties: 2605 key: 2606 description: The key of the secret to select from. Must be a valid secret key. 2607 type: string 2608 name: 2609 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2610 type: string 2611 optional: 2612 description: Specify whether the Secret or its key must be defined 2613 type: boolean 2614 required: 2615 - key 2616 type: object 2617 username: 2618 description: The secret in the service monitor namespace that contains the username for authentication. 2619 properties: 2620 key: 2621 description: The key of the secret to select from. Must be a valid secret key. 2622 type: string 2623 name: 2624 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2625 type: string 2626 optional: 2627 description: Specify whether the Secret or its key must be defined 2628 type: boolean 2629 required: 2630 - key 2631 type: object 2632 type: object 2633 bearerToken: 2634 description: File to read bearer token for remote write. 2635 type: string 2636 bearerTokenFile: 2637 description: File to read bearer token for remote write. 2638 type: string 2639 name: 2640 description: The name of the remote write queue, must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer. 2641 type: string 2642 proxyUrl: 2643 description: Optional ProxyURL 2644 type: string 2645 queueConfig: 2646 description: QueueConfig allows tuning of the remote write queue parameters. 2647 properties: 2648 batchSendDeadline: 2649 description: BatchSendDeadline is the maximum time a sample will wait in buffer. 2650 type: string 2651 capacity: 2652 description: Capacity is the number of samples to buffer per shard before we start dropping them. 2653 type: integer 2654 maxBackoff: 2655 description: MaxBackoff is the maximum retry delay. 2656 type: string 2657 maxRetries: 2658 description: MaxRetries is the maximum number of times to retry a batch on recoverable errors. 2659 type: integer 2660 maxSamplesPerSend: 2661 description: MaxSamplesPerSend is the maximum number of samples per send. 2662 type: integer 2663 maxShards: 2664 description: MaxShards is the maximum number of shards, i.e. amount of concurrency. 2665 type: integer 2666 minBackoff: 2667 description: MinBackoff is the initial retry delay. Gets doubled for every retry. 2668 type: string 2669 minShards: 2670 description: MinShards is the minimum number of shards, i.e. amount of concurrency. 2671 type: integer 2672 type: object 2673 remoteTimeout: 2674 description: Timeout for requests to the remote write endpoint. 2675 type: string 2676 tlsConfig: 2677 description: TLS Config to use for remote write. 2678 properties: 2679 ca: 2680 description: Struct containing the CA cert to use for the targets. 2681 properties: 2682 configMap: 2683 description: ConfigMap containing data to use for the targets. 2684 properties: 2685 key: 2686 description: The key to select. 2687 type: string 2688 name: 2689 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2690 type: string 2691 optional: 2692 description: Specify whether the ConfigMap or its key must be defined 2693 type: boolean 2694 required: 2695 - key 2696 type: object 2697 secret: 2698 description: Secret containing data to use for the targets. 2699 properties: 2700 key: 2701 description: The key of the secret to select from. Must be a valid secret key. 2702 type: string 2703 name: 2704 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2705 type: string 2706 optional: 2707 description: Specify whether the Secret or its key must be defined 2708 type: boolean 2709 required: 2710 - key 2711 type: object 2712 type: object 2713 caFile: 2714 description: Path to the CA cert in the Prometheus container to use for the targets. 2715 type: string 2716 cert: 2717 description: Struct containing the client cert file for the targets. 2718 properties: 2719 configMap: 2720 description: ConfigMap containing data to use for the targets. 2721 properties: 2722 key: 2723 description: The key to select. 2724 type: string 2725 name: 2726 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2727 type: string 2728 optional: 2729 description: Specify whether the ConfigMap or its key must be defined 2730 type: boolean 2731 required: 2732 - key 2733 type: object 2734 secret: 2735 description: Secret containing data to use for the targets. 2736 properties: 2737 key: 2738 description: The key of the secret to select from. Must be a valid secret key. 2739 type: string 2740 name: 2741 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2742 type: string 2743 optional: 2744 description: Specify whether the Secret or its key must be defined 2745 type: boolean 2746 required: 2747 - key 2748 type: object 2749 type: object 2750 certFile: 2751 description: Path to the client cert file in the Prometheus container for the targets. 2752 type: string 2753 insecureSkipVerify: 2754 description: Disable target certificate validation. 2755 type: boolean 2756 keyFile: 2757 description: Path to the client key file in the Prometheus container for the targets. 2758 type: string 2759 keySecret: 2760 description: Secret containing the client key file for the targets. 2761 properties: 2762 key: 2763 description: The key of the secret to select from. Must be a valid secret key. 2764 type: string 2765 name: 2766 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 2767 type: string 2768 optional: 2769 description: Specify whether the Secret or its key must be defined 2770 type: boolean 2771 required: 2772 - key 2773 type: object 2774 serverName: 2775 description: Used to verify the hostname for the targets. 2776 type: string 2777 type: object 2778 url: 2779 description: The URL of the endpoint to send samples to. 2780 type: string 2781 writeRelabelConfigs: 2782 description: The list of remote write relabel configurations. 2783 items: 2784 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 2785 properties: 2786 action: 2787 description: Action to perform based on regex matching. Default is 'replace' 2788 type: string 2789 modulus: 2790 description: Modulus to take of the hash of the source label values. 2791 format: int64 2792 type: integer 2793 regex: 2794 description: Regular expression against which the extracted value is matched. Default is '(.*)' 2795 type: string 2796 replacement: 2797 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' 2798 type: string 2799 separator: 2800 description: Separator placed between concatenated source label values. default is ';'. 2801 type: string 2802 sourceLabels: 2803 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. 2804 items: 2805 type: string 2806 type: array 2807 targetLabel: 2808 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. 2809 type: string 2810 type: object 2811 type: array 2812 required: 2813 - url 2814 type: object 2815 type: array 2816 replicaExternalLabelName: 2817 description: Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will _not_ be added when value is set to empty string (`""`). 2818 type: string 2819 replicas: 2820 description: Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created. 2821 format: int32 2822 type: integer 2823 resources: 2824 description: Define resources requests and limits for single Pods. 2825 properties: 2826 limits: 2827 additionalProperties: 2828 anyOf: 2829 - type: integer 2830 - type: string 2831 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2832 x-kubernetes-int-or-string: true 2833 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 2834 type: object 2835 requests: 2836 additionalProperties: 2837 anyOf: 2838 - type: integer 2839 - type: string 2840 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 2841 x-kubernetes-int-or-string: true 2842 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 2843 type: object 2844 type: object 2845 retention: 2846 description: Time duration Prometheus shall retain data for. Default is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years). 2847 type: string 2848 retentionSize: 2849 description: 'Maximum amount of disk space used by blocks. Supported units: B, KB, MB, GB, TB, PB, EB. Ex: `512MB`.' 2850 type: string 2851 routePrefix: 2852 description: The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. 2853 type: string 2854 ruleNamespaceSelector: 2855 description: Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used. 2856 properties: 2857 matchExpressions: 2858 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2859 items: 2860 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2861 properties: 2862 key: 2863 description: key is the label key that the selector applies to. 2864 type: string 2865 operator: 2866 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2867 type: string 2868 values: 2869 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2870 items: 2871 type: string 2872 type: array 2873 required: 2874 - key 2875 - operator 2876 type: object 2877 type: array 2878 matchLabels: 2879 additionalProperties: 2880 type: string 2881 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2882 type: object 2883 type: object 2884 ruleSelector: 2885 description: A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated. 2886 properties: 2887 matchExpressions: 2888 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 2889 items: 2890 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 2891 properties: 2892 key: 2893 description: key is the label key that the selector applies to. 2894 type: string 2895 operator: 2896 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 2897 type: string 2898 values: 2899 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 2900 items: 2901 type: string 2902 type: array 2903 required: 2904 - key 2905 - operator 2906 type: object 2907 type: array 2908 matchLabels: 2909 additionalProperties: 2910 type: string 2911 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 2912 type: object 2913 type: object 2914 rules: 2915 description: /--rules.*/ command-line arguments. 2916 properties: 2917 alert: 2918 description: /--rules.alert.*/ command-line arguments 2919 properties: 2920 forGracePeriod: 2921 description: Minimum duration between alert and restored 'for' state. This is maintained only for alerts with configured 'for' time greater than grace period. 2922 type: string 2923 forOutageTolerance: 2924 description: Max time to tolerate prometheus outage for restoring 'for' state of alert. 2925 type: string 2926 resendDelay: 2927 description: Minimum amount of time to wait before resending an alert to Alertmanager. 2928 type: string 2929 type: object 2930 type: object 2931 scrapeInterval: 2932 description: Interval between consecutive scrapes. 2933 type: string 2934 scrapeTimeout: 2935 description: Number of seconds to wait for target to respond before erroring. 2936 type: string 2937 secrets: 2938 description: Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>. 2939 items: 2940 type: string 2941 type: array 2942 securityContext: 2943 description: SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. 2944 properties: 2945 fsGroup: 2946 description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume." 2947 format: int64 2948 type: integer 2949 fsGroupChangePolicy: 2950 description: 'fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified defaults to "Always".' 2951 type: string 2952 runAsGroup: 2953 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. 2954 format: int64 2955 type: integer 2956 runAsNonRoot: 2957 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2958 type: boolean 2959 runAsUser: 2960 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. 2961 format: int64 2962 type: integer 2963 seLinuxOptions: 2964 description: The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. 2965 properties: 2966 level: 2967 description: Level is SELinux level label that applies to the container. 2968 type: string 2969 role: 2970 description: Role is a SELinux role label that applies to the container. 2971 type: string 2972 type: 2973 description: Type is a SELinux type label that applies to the container. 2974 type: string 2975 user: 2976 description: User is a SELinux user label that applies to the container. 2977 type: string 2978 type: object 2979 supplementalGroups: 2980 description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. 2981 items: 2982 format: int64 2983 type: integer 2984 type: array 2985 sysctls: 2986 description: Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. 2987 items: 2988 description: Sysctl defines a kernel parameter to be set 2989 properties: 2990 name: 2991 description: Name of a property to set 2992 type: string 2993 value: 2994 description: Value of a property to set 2995 type: string 2996 required: 2997 - name 2998 - value 2999 type: object 3000 type: array 3001 windowsOptions: 3002 description: The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 3003 properties: 3004 gmsaCredentialSpec: 3005 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. 3006 type: string 3007 gmsaCredentialSpecName: 3008 description: GMSACredentialSpecName is the name of the GMSA credential spec to use. 3009 type: string 3010 runAsUserName: 3011 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 3012 type: string 3013 type: object 3014 type: object 3015 serviceAccountName: 3016 description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. 3017 type: string 3018 serviceMonitorNamespaceSelector: 3019 description: Namespace's labels to match for ServiceMonitor discovery. If nil, only check own namespace. 3020 properties: 3021 matchExpressions: 3022 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 3023 items: 3024 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 3025 properties: 3026 key: 3027 description: key is the label key that the selector applies to. 3028 type: string 3029 operator: 3030 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 3031 type: string 3032 values: 3033 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 3034 items: 3035 type: string 3036 type: array 3037 required: 3038 - key 3039 - operator 3040 type: object 3041 type: array 3042 matchLabels: 3043 additionalProperties: 3044 type: string 3045 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 3046 type: object 3047 type: object 3048 serviceMonitorSelector: 3049 description: ServiceMonitors to be selected for target discovery. *Deprecated:* if neither this nor podMonitorSelector are specified, configuration is unmanaged. 3050 properties: 3051 matchExpressions: 3052 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 3053 items: 3054 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 3055 properties: 3056 key: 3057 description: key is the label key that the selector applies to. 3058 type: string 3059 operator: 3060 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 3061 type: string 3062 values: 3063 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 3064 items: 3065 type: string 3066 type: array 3067 required: 3068 - key 3069 - operator 3070 type: object 3071 type: array 3072 matchLabels: 3073 additionalProperties: 3074 type: string 3075 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 3076 type: object 3077 type: object 3078 sha: 3079 description: 'SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.' 3080 type: string 3081 shards: 3082 description: 'EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.' 3083 format: int32 3084 type: integer 3085 storage: 3086 description: Storage spec to specify how storage shall be used. 3087 properties: 3088 disableMountSubPath: 3089 description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.' 3090 type: boolean 3091 emptyDir: 3092 description: 'EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 3093 properties: 3094 medium: 3095 description: 'What type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 3096 type: string 3097 sizeLimit: 3098 anyOf: 3099 - type: integer 3100 - type: string 3101 description: 'Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 3102 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3103 x-kubernetes-int-or-string: true 3104 type: object 3105 volumeClaimTemplate: 3106 description: A PVC spec to be used by the Prometheus StatefulSets. 3107 properties: 3108 apiVersion: 3109 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 3110 type: string 3111 kind: 3112 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 3113 type: string 3114 metadata: 3115 description: EmbeddedMetadata contains metadata relevant to an EmbeddedResource. 3116 properties: 3117 annotations: 3118 additionalProperties: 3119 type: string 3120 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 3121 type: object 3122 labels: 3123 additionalProperties: 3124 type: string 3125 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' 3126 type: object 3127 name: 3128 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 3129 type: string 3130 type: object 3131 spec: 3132 description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3133 properties: 3134 accessModes: 3135 description: 'AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 3136 items: 3137 type: string 3138 type: array 3139 dataSource: 3140 description: 'This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - Beta) * An existing PVC (PersistentVolumeClaim) * An existing custom resource/object that implements data population (Alpha) In order to use VolumeSnapshot object types, the appropriate feature gate must be enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the specified data source is not supported, the volume will not be created and the failure will be reported as an event. In the future, we plan to support more data source types and the behavior of the provisioner may change.' 3141 properties: 3142 apiGroup: 3143 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. 3144 type: string 3145 kind: 3146 description: Kind is the type of resource being referenced 3147 type: string 3148 name: 3149 description: Name is the name of resource being referenced 3150 type: string 3151 required: 3152 - kind 3153 - name 3154 type: object 3155 resources: 3156 description: 'Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 3157 properties: 3158 limits: 3159 additionalProperties: 3160 anyOf: 3161 - type: integer 3162 - type: string 3163 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3164 x-kubernetes-int-or-string: true 3165 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3166 type: object 3167 requests: 3168 additionalProperties: 3169 anyOf: 3170 - type: integer 3171 - type: string 3172 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3173 x-kubernetes-int-or-string: true 3174 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3175 type: object 3176 type: object 3177 selector: 3178 description: A label query over volumes to consider for binding. 3179 properties: 3180 matchExpressions: 3181 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 3182 items: 3183 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 3184 properties: 3185 key: 3186 description: key is the label key that the selector applies to. 3187 type: string 3188 operator: 3189 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 3190 type: string 3191 values: 3192 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 3193 items: 3194 type: string 3195 type: array 3196 required: 3197 - key 3198 - operator 3199 type: object 3200 type: array 3201 matchLabels: 3202 additionalProperties: 3203 type: string 3204 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 3205 type: object 3206 type: object 3207 storageClassName: 3208 description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 3209 type: string 3210 volumeMode: 3211 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. 3212 type: string 3213 volumeName: 3214 description: VolumeName is the binding reference to the PersistentVolume backing this claim. 3215 type: string 3216 type: object 3217 status: 3218 description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 3219 properties: 3220 accessModes: 3221 description: 'AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 3222 items: 3223 type: string 3224 type: array 3225 capacity: 3226 additionalProperties: 3227 anyOf: 3228 - type: integer 3229 - type: string 3230 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3231 x-kubernetes-int-or-string: true 3232 description: Represents the actual resources of the underlying volume. 3233 type: object 3234 conditions: 3235 description: Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. 3236 items: 3237 description: PersistentVolumeClaimCondition contails details about state of pvc 3238 properties: 3239 lastProbeTime: 3240 description: Last time we probed the condition. 3241 format: date-time 3242 type: string 3243 lastTransitionTime: 3244 description: Last time the condition transitioned from one status to another. 3245 format: date-time 3246 type: string 3247 message: 3248 description: Human-readable message indicating details about last transition. 3249 type: string 3250 reason: 3251 description: Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized. 3252 type: string 3253 status: 3254 type: string 3255 type: 3256 description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type 3257 type: string 3258 required: 3259 - status 3260 - type 3261 type: object 3262 type: array 3263 phase: 3264 description: Phase represents the current phase of PersistentVolumeClaim. 3265 type: string 3266 type: object 3267 type: object 3268 type: object 3269 tag: 3270 description: 'Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.' 3271 type: string 3272 thanos: 3273 description: "Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. \n This section is experimental, it may change significantly without deprecation notice in any release. \n This is experimental and may change significantly without backward compatibility in any release." 3274 properties: 3275 baseImage: 3276 description: 'Thanos base image if other than default. Deprecated: use ''image'' instead' 3277 type: string 3278 grpcServerTlsConfig: 3279 description: 'GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ''--grpc-server-tls-*'' CLI args.' 3280 properties: 3281 ca: 3282 description: Struct containing the CA cert to use for the targets. 3283 properties: 3284 configMap: 3285 description: ConfigMap containing data to use for the targets. 3286 properties: 3287 key: 3288 description: The key to select. 3289 type: string 3290 name: 3291 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3292 type: string 3293 optional: 3294 description: Specify whether the ConfigMap or its key must be defined 3295 type: boolean 3296 required: 3297 - key 3298 type: object 3299 secret: 3300 description: Secret containing data to use for the targets. 3301 properties: 3302 key: 3303 description: The key of the secret to select from. Must be a valid secret key. 3304 type: string 3305 name: 3306 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3307 type: string 3308 optional: 3309 description: Specify whether the Secret or its key must be defined 3310 type: boolean 3311 required: 3312 - key 3313 type: object 3314 type: object 3315 caFile: 3316 description: Path to the CA cert in the Prometheus container to use for the targets. 3317 type: string 3318 cert: 3319 description: Struct containing the client cert file for the targets. 3320 properties: 3321 configMap: 3322 description: ConfigMap containing data to use for the targets. 3323 properties: 3324 key: 3325 description: The key to select. 3326 type: string 3327 name: 3328 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3329 type: string 3330 optional: 3331 description: Specify whether the ConfigMap or its key must be defined 3332 type: boolean 3333 required: 3334 - key 3335 type: object 3336 secret: 3337 description: Secret containing data to use for the targets. 3338 properties: 3339 key: 3340 description: The key of the secret to select from. Must be a valid secret key. 3341 type: string 3342 name: 3343 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3344 type: string 3345 optional: 3346 description: Specify whether the Secret or its key must be defined 3347 type: boolean 3348 required: 3349 - key 3350 type: object 3351 type: object 3352 certFile: 3353 description: Path to the client cert file in the Prometheus container for the targets. 3354 type: string 3355 insecureSkipVerify: 3356 description: Disable target certificate validation. 3357 type: boolean 3358 keyFile: 3359 description: Path to the client key file in the Prometheus container for the targets. 3360 type: string 3361 keySecret: 3362 description: Secret containing the client key file for the targets. 3363 properties: 3364 key: 3365 description: The key of the secret to select from. Must be a valid secret key. 3366 type: string 3367 name: 3368 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3369 type: string 3370 optional: 3371 description: Specify whether the Secret or its key must be defined 3372 type: boolean 3373 required: 3374 - key 3375 type: object 3376 serverName: 3377 description: Used to verify the hostname for the targets. 3378 type: string 3379 type: object 3380 image: 3381 description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Thanos is being configured. 3382 type: string 3383 listenLocal: 3384 description: ListenLocal makes the Thanos sidecar listen on loopback, so that it does not bind against the Pod IP. 3385 type: boolean 3386 logFormat: 3387 description: LogFormat for Thanos sidecar to be configured with. 3388 type: string 3389 logLevel: 3390 description: LogLevel for Thanos sidecar to be configured with. 3391 type: string 3392 minTime: 3393 description: MinTime for Thanos sidecar to be configured with. Option can be a constant time in RFC3339 format or time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y. 3394 type: string 3395 objectStorageConfig: 3396 description: ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority. 3397 properties: 3398 key: 3399 description: The key of the secret to select from. Must be a valid secret key. 3400 type: string 3401 name: 3402 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3403 type: string 3404 optional: 3405 description: Specify whether the Secret or its key must be defined 3406 type: boolean 3407 required: 3408 - key 3409 type: object 3410 objectStorageConfigFile: 3411 description: ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence. 3412 type: string 3413 resources: 3414 description: Resources defines the resource requirements for the Thanos sidecar. If not provided, no requests/limits will be set 3415 properties: 3416 limits: 3417 additionalProperties: 3418 anyOf: 3419 - type: integer 3420 - type: string 3421 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3422 x-kubernetes-int-or-string: true 3423 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3424 type: object 3425 requests: 3426 additionalProperties: 3427 anyOf: 3428 - type: integer 3429 - type: string 3430 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3431 x-kubernetes-int-or-string: true 3432 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3433 type: object 3434 type: object 3435 sha: 3436 description: 'SHA of Thanos container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.' 3437 type: string 3438 tag: 3439 description: 'Tag of Thanos sidecar container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.' 3440 type: string 3441 tracingConfig: 3442 description: TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way. 3443 properties: 3444 key: 3445 description: The key of the secret to select from. Must be a valid secret key. 3446 type: string 3447 name: 3448 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3449 type: string 3450 optional: 3451 description: Specify whether the Secret or its key must be defined 3452 type: boolean 3453 required: 3454 - key 3455 type: object 3456 tracingConfigFile: 3457 description: TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence. 3458 type: string 3459 version: 3460 description: Version describes the version of Thanos to use. 3461 type: string 3462 type: object 3463 tolerations: 3464 description: If specified, the pod's tolerations. 3465 items: 3466 description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. 3467 properties: 3468 effect: 3469 description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. 3470 type: string 3471 key: 3472 description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. 3473 type: string 3474 operator: 3475 description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. 3476 type: string 3477 tolerationSeconds: 3478 description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. 3479 format: int64 3480 type: integer 3481 value: 3482 description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. 3483 type: string 3484 type: object 3485 type: array 3486 topologySpreadConstraints: 3487 description: If specified, the pod's topology spread constraints. 3488 items: 3489 description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. 3490 properties: 3491 labelSelector: 3492 description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. 3493 properties: 3494 matchExpressions: 3495 description: matchExpressions is a list of label selector requirements. The requirements are ANDed. 3496 items: 3497 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. 3498 properties: 3499 key: 3500 description: key is the label key that the selector applies to. 3501 type: string 3502 operator: 3503 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. 3504 type: string 3505 values: 3506 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. 3507 items: 3508 type: string 3509 type: array 3510 required: 3511 - key 3512 - operator 3513 type: object 3514 type: array 3515 matchLabels: 3516 additionalProperties: 3517 type: string 3518 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. 3519 type: object 3520 type: object 3521 maxSkew: 3522 description: 'MaxSkew describes the degree to which pods may be unevenly distributed. It''s the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It''s a required field. Default value is 1 and 0 is not allowed.' 3523 format: int32 3524 type: integer 3525 topologyKey: 3526 description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. It's a required field. 3527 type: string 3528 whenUnsatisfiable: 3529 description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It''s considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' 3530 type: string 3531 required: 3532 - maxSkew 3533 - topologyKey 3534 - whenUnsatisfiable 3535 type: object 3536 type: array 3537 version: 3538 description: Version of Prometheus to be deployed. 3539 type: string 3540 volumeMounts: 3541 description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects. 3542 items: 3543 description: VolumeMount describes a mounting of a Volume within a container. 3544 properties: 3545 mountPath: 3546 description: Path within the container at which the volume should be mounted. Must not contain ':'. 3547 type: string 3548 mountPropagation: 3549 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. 3550 type: string 3551 name: 3552 description: This must match the Name of a Volume. 3553 type: string 3554 readOnly: 3555 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. 3556 type: boolean 3557 subPath: 3558 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 3559 type: string 3560 subPathExpr: 3561 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. 3562 type: string 3563 required: 3564 - mountPath 3565 - name 3566 type: object 3567 type: array 3568 volumes: 3569 description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. 3570 items: 3571 description: Volume represents a named volume in a pod that may be accessed by any container in the pod. 3572 properties: 3573 awsElasticBlockStore: 3574 description: 'AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 3575 properties: 3576 fsType: 3577 description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine' 3578 type: string 3579 partition: 3580 description: 'The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).' 3581 format: int32 3582 type: integer 3583 readOnly: 3584 description: 'Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". If omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 3585 type: boolean 3586 volumeID: 3587 description: 'Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 3588 type: string 3589 required: 3590 - volumeID 3591 type: object 3592 azureDisk: 3593 description: AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. 3594 properties: 3595 cachingMode: 3596 description: 'Host Caching mode: None, Read Only, Read Write.' 3597 type: string 3598 diskName: 3599 description: The Name of the data disk in the blob storage 3600 type: string 3601 diskURI: 3602 description: The URI the data disk in the blob storage 3603 type: string 3604 fsType: 3605 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 3606 type: string 3607 kind: 3608 description: 'Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared' 3609 type: string 3610 readOnly: 3611 description: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. 3612 type: boolean 3613 required: 3614 - diskName 3615 - diskURI 3616 type: object 3617 azureFile: 3618 description: AzureFile represents an Azure File Service mount on the host and bind mount to the pod. 3619 properties: 3620 readOnly: 3621 description: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. 3622 type: boolean 3623 secretName: 3624 description: the name of secret that contains Azure Storage Account Name and Key 3625 type: string 3626 shareName: 3627 description: Share Name 3628 type: string 3629 required: 3630 - secretName 3631 - shareName 3632 type: object 3633 cephfs: 3634 description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime 3635 properties: 3636 monitors: 3637 description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 3638 items: 3639 type: string 3640 type: array 3641 path: 3642 description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /' 3643 type: string 3644 readOnly: 3645 description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 3646 type: boolean 3647 secretFile: 3648 description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 3649 type: string 3650 secretRef: 3651 description: 'Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 3652 properties: 3653 name: 3654 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3655 type: string 3656 type: object 3657 user: 3658 description: 'Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 3659 type: string 3660 required: 3661 - monitors 3662 type: object 3663 cinder: 3664 description: 'Cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 3665 properties: 3666 fsType: 3667 description: 'Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 3668 type: string 3669 readOnly: 3670 description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 3671 type: boolean 3672 secretRef: 3673 description: 'Optional: points to a secret object containing parameters used to connect to OpenStack.' 3674 properties: 3675 name: 3676 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3677 type: string 3678 type: object 3679 volumeID: 3680 description: 'volume id used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 3681 type: string 3682 required: 3683 - volumeID 3684 type: object 3685 configMap: 3686 description: ConfigMap represents a configMap that should populate this volume 3687 properties: 3688 defaultMode: 3689 description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3690 format: int32 3691 type: integer 3692 items: 3693 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 3694 items: 3695 description: Maps a string key to a path within a volume. 3696 properties: 3697 key: 3698 description: The key to project. 3699 type: string 3700 mode: 3701 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3702 format: int32 3703 type: integer 3704 path: 3705 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3706 type: string 3707 required: 3708 - key 3709 - path 3710 type: object 3711 type: array 3712 name: 3713 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3714 type: string 3715 optional: 3716 description: Specify whether the ConfigMap or its keys must be defined 3717 type: boolean 3718 type: object 3719 csi: 3720 description: CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature). 3721 properties: 3722 driver: 3723 description: Driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. 3724 type: string 3725 fsType: 3726 description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. 3727 type: string 3728 nodePublishSecretRef: 3729 description: NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. 3730 properties: 3731 name: 3732 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3733 type: string 3734 type: object 3735 readOnly: 3736 description: Specifies a read-only configuration for the volume. Defaults to false (read/write). 3737 type: boolean 3738 volumeAttributes: 3739 additionalProperties: 3740 type: string 3741 description: VolumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. 3742 type: object 3743 required: 3744 - driver 3745 type: object 3746 downwardAPI: 3747 description: DownwardAPI represents downward API about the pod that should populate this volume 3748 properties: 3749 defaultMode: 3750 description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3751 format: int32 3752 type: integer 3753 items: 3754 description: Items is a list of downward API volume file 3755 items: 3756 description: DownwardAPIVolumeFile represents information to create the file containing the pod field 3757 properties: 3758 fieldRef: 3759 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' 3760 properties: 3761 apiVersion: 3762 description: Version of the schema the FieldPath is written in terms of, defaults to "v1". 3763 type: string 3764 fieldPath: 3765 description: Path of the field to select in the specified API version. 3766 type: string 3767 required: 3768 - fieldPath 3769 type: object 3770 mode: 3771 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 3772 format: int32 3773 type: integer 3774 path: 3775 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' 3776 type: string 3777 resourceFieldRef: 3778 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' 3779 properties: 3780 containerName: 3781 description: 'Container name: required for volumes, optional for env vars' 3782 type: string 3783 divisor: 3784 anyOf: 3785 - type: integer 3786 - type: string 3787 description: Specifies the output format of the exposed resources, defaults to "1" 3788 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3789 x-kubernetes-int-or-string: true 3790 resource: 3791 description: 'Required: resource to select' 3792 type: string 3793 required: 3794 - resource 3795 type: object 3796 required: 3797 - path 3798 type: object 3799 type: array 3800 type: object 3801 emptyDir: 3802 description: 'EmptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 3803 properties: 3804 medium: 3805 description: 'What type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 3806 type: string 3807 sizeLimit: 3808 anyOf: 3809 - type: integer 3810 - type: string 3811 description: 'Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 3812 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3813 x-kubernetes-int-or-string: true 3814 type: object 3815 fc: 3816 description: FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. 3817 properties: 3818 fsType: 3819 description: 'Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine' 3820 type: string 3821 lun: 3822 description: 'Optional: FC target lun number' 3823 format: int32 3824 type: integer 3825 readOnly: 3826 description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.' 3827 type: boolean 3828 targetWWNs: 3829 description: 'Optional: FC target worldwide names (WWNs)' 3830 items: 3831 type: string 3832 type: array 3833 wwids: 3834 description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.' 3835 items: 3836 type: string 3837 type: array 3838 type: object 3839 flexVolume: 3840 description: FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. 3841 properties: 3842 driver: 3843 description: Driver is the name of the driver to use for this volume. 3844 type: string 3845 fsType: 3846 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. 3847 type: string 3848 options: 3849 additionalProperties: 3850 type: string 3851 description: 'Optional: Extra command options if any.' 3852 type: object 3853 readOnly: 3854 description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.' 3855 type: boolean 3856 secretRef: 3857 description: 'Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.' 3858 properties: 3859 name: 3860 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3861 type: string 3862 type: object 3863 required: 3864 - driver 3865 type: object 3866 flocker: 3867 description: Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running 3868 properties: 3869 datasetName: 3870 description: Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated 3871 type: string 3872 datasetUUID: 3873 description: UUID of the dataset. This is unique identifier of a Flocker dataset 3874 type: string 3875 type: object 3876 gcePersistentDisk: 3877 description: 'GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3878 properties: 3879 fsType: 3880 description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine' 3881 type: string 3882 partition: 3883 description: 'The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3884 format: int32 3885 type: integer 3886 pdName: 3887 description: 'Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3888 type: string 3889 readOnly: 3890 description: 'ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 3891 type: boolean 3892 required: 3893 - pdName 3894 type: object 3895 gitRepo: 3896 description: 'GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod''s container.' 3897 properties: 3898 directory: 3899 description: Target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. 3900 type: string 3901 repository: 3902 description: Repository URL 3903 type: string 3904 revision: 3905 description: Commit hash for the specified revision. 3906 type: string 3907 required: 3908 - repository 3909 type: object 3910 glusterfs: 3911 description: 'Glusterfs represents a Glusterfs mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 3912 properties: 3913 endpoints: 3914 description: 'EndpointsName is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3915 type: string 3916 path: 3917 description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3918 type: string 3919 readOnly: 3920 description: 'ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 3921 type: boolean 3922 required: 3923 - endpoints 3924 - path 3925 type: object 3926 hostPath: 3927 description: 'HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.' 3928 properties: 3929 path: 3930 description: 'Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3931 type: string 3932 type: 3933 description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 3934 type: string 3935 required: 3936 - path 3937 type: object 3938 iscsi: 3939 description: 'ISCSI represents an ISCSI Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 3940 properties: 3941 chapAuthDiscovery: 3942 description: whether support iSCSI Discovery CHAP authentication 3943 type: boolean 3944 chapAuthSession: 3945 description: whether support iSCSI Session CHAP authentication 3946 type: boolean 3947 fsType: 3948 description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine' 3949 type: string 3950 initiatorName: 3951 description: Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection. 3952 type: string 3953 iqn: 3954 description: Target iSCSI Qualified Name. 3955 type: string 3956 iscsiInterface: 3957 description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). 3958 type: string 3959 lun: 3960 description: iSCSI Target Lun number. 3961 format: int32 3962 type: integer 3963 portals: 3964 description: iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). 3965 items: 3966 type: string 3967 type: array 3968 readOnly: 3969 description: ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. 3970 type: boolean 3971 secretRef: 3972 description: CHAP Secret for iSCSI target and initiator authentication 3973 properties: 3974 name: 3975 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 3976 type: string 3977 type: object 3978 targetPortal: 3979 description: iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). 3980 type: string 3981 required: 3982 - iqn 3983 - lun 3984 - targetPortal 3985 type: object 3986 name: 3987 description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 3988 type: string 3989 nfs: 3990 description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3991 properties: 3992 path: 3993 description: 'Path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3994 type: string 3995 readOnly: 3996 description: 'ReadOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 3997 type: boolean 3998 server: 3999 description: 'Server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 4000 type: string 4001 required: 4002 - path 4003 - server 4004 type: object 4005 persistentVolumeClaim: 4006 description: 'PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4007 properties: 4008 claimName: 4009 description: 'ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4010 type: string 4011 readOnly: 4012 description: Will force the ReadOnly setting in VolumeMounts. Default false. 4013 type: boolean 4014 required: 4015 - claimName 4016 type: object 4017 photonPersistentDisk: 4018 description: PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine 4019 properties: 4020 fsType: 4021 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 4022 type: string 4023 pdID: 4024 description: ID that identifies Photon Controller persistent disk 4025 type: string 4026 required: 4027 - pdID 4028 type: object 4029 portworxVolume: 4030 description: PortworxVolume represents a portworx volume attached and mounted on kubelets host machine 4031 properties: 4032 fsType: 4033 description: FSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. 4034 type: string 4035 readOnly: 4036 description: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. 4037 type: boolean 4038 volumeID: 4039 description: VolumeID uniquely identifies a Portworx volume 4040 type: string 4041 required: 4042 - volumeID 4043 type: object 4044 projected: 4045 description: Items for all in one resources secrets, configmaps, and downward API 4046 properties: 4047 defaultMode: 4048 description: Mode bits to use on created files by default. Must be a value between 0 and 0777. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 4049 format: int32 4050 type: integer 4051 sources: 4052 description: list of volume projections 4053 items: 4054 description: Projection that may be projected along with other supported volume types 4055 properties: 4056 configMap: 4057 description: information about the configMap data to project 4058 properties: 4059 items: 4060 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 4061 items: 4062 description: Maps a string key to a path within a volume. 4063 properties: 4064 key: 4065 description: The key to project. 4066 type: string 4067 mode: 4068 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 4069 format: int32 4070 type: integer 4071 path: 4072 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4073 type: string 4074 required: 4075 - key 4076 - path 4077 type: object 4078 type: array 4079 name: 4080 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 4081 type: string 4082 optional: 4083 description: Specify whether the ConfigMap or its keys must be defined 4084 type: boolean 4085 type: object 4086 downwardAPI: 4087 description: information about the downwardAPI data to project 4088 properties: 4089 items: 4090 description: Items is a list of DownwardAPIVolume file 4091 items: 4092 description: DownwardAPIVolumeFile represents information to create the file containing the pod field 4093 properties: 4094 fieldRef: 4095 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' 4096 properties: 4097 apiVersion: 4098 description: Version of the schema the FieldPath is written in terms of, defaults to "v1". 4099 type: string 4100 fieldPath: 4101 description: Path of the field to select in the specified API version. 4102 type: string 4103 required: 4104 - fieldPath 4105 type: object 4106 mode: 4107 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 4108 format: int32 4109 type: integer 4110 path: 4111 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' 4112 type: string 4113 resourceFieldRef: 4114 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' 4115 properties: 4116 containerName: 4117 description: 'Container name: required for volumes, optional for env vars' 4118 type: string 4119 divisor: 4120 anyOf: 4121 - type: integer 4122 - type: string 4123 description: Specifies the output format of the exposed resources, defaults to "1" 4124 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4125 x-kubernetes-int-or-string: true 4126 resource: 4127 description: 'Required: resource to select' 4128 type: string 4129 required: 4130 - resource 4131 type: object 4132 required: 4133 - path 4134 type: object 4135 type: array 4136 type: object 4137 secret: 4138 description: information about the secret data to project 4139 properties: 4140 items: 4141 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 4142 items: 4143 description: Maps a string key to a path within a volume. 4144 properties: 4145 key: 4146 description: The key to project. 4147 type: string 4148 mode: 4149 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 4150 format: int32 4151 type: integer 4152 path: 4153 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4154 type: string 4155 required: 4156 - key 4157 - path 4158 type: object 4159 type: array 4160 name: 4161 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 4162 type: string 4163 optional: 4164 description: Specify whether the Secret or its key must be defined 4165 type: boolean 4166 type: object 4167 serviceAccountToken: 4168 description: information about the serviceAccountToken data to project 4169 properties: 4170 audience: 4171 description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. 4172 type: string 4173 expirationSeconds: 4174 description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. 4175 format: int64 4176 type: integer 4177 path: 4178 description: Path is the path relative to the mount point of the file to project the token into. 4179 type: string 4180 required: 4181 - path 4182 type: object 4183 type: object 4184 type: array 4185 required: 4186 - sources 4187 type: object 4188 quobyte: 4189 description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime 4190 properties: 4191 group: 4192 description: Group to map volume access to Default is no group 4193 type: string 4194 readOnly: 4195 description: ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. 4196 type: boolean 4197 registry: 4198 description: Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes 4199 type: string 4200 tenant: 4201 description: Tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin 4202 type: string 4203 user: 4204 description: User to map volume access to Defaults to serivceaccount user 4205 type: string 4206 volume: 4207 description: Volume is a string that references an already created Quobyte volume by name. 4208 type: string 4209 required: 4210 - registry 4211 - volume 4212 type: object 4213 rbd: 4214 description: 'RBD represents a Rados Block Device mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 4215 properties: 4216 fsType: 4217 description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine' 4218 type: string 4219 image: 4220 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4221 type: string 4222 keyring: 4223 description: 'Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4224 type: string 4225 monitors: 4226 description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4227 items: 4228 type: string 4229 type: array 4230 pool: 4231 description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4232 type: string 4233 readOnly: 4234 description: 'ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4235 type: boolean 4236 secretRef: 4237 description: 'SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4238 properties: 4239 name: 4240 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 4241 type: string 4242 type: object 4243 user: 4244 description: 'The rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 4245 type: string 4246 required: 4247 - image 4248 - monitors 4249 type: object 4250 scaleIO: 4251 description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. 4252 properties: 4253 fsType: 4254 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". 4255 type: string 4256 gateway: 4257 description: The host address of the ScaleIO API Gateway. 4258 type: string 4259 protectionDomain: 4260 description: The name of the ScaleIO Protection Domain for the configured storage. 4261 type: string 4262 readOnly: 4263 description: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. 4264 type: boolean 4265 secretRef: 4266 description: SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. 4267 properties: 4268 name: 4269 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 4270 type: string 4271 type: object 4272 sslEnabled: 4273 description: Flag to enable/disable SSL communication with Gateway, default false 4274 type: boolean 4275 storageMode: 4276 description: Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. 4277 type: string 4278 storagePool: 4279 description: The ScaleIO Storage Pool associated with the protection domain. 4280 type: string 4281 system: 4282 description: The name of the storage system as configured in ScaleIO. 4283 type: string 4284 volumeName: 4285 description: The name of a volume already created in the ScaleIO system that is associated with this volume source. 4286 type: string 4287 required: 4288 - gateway 4289 - secretRef 4290 - system 4291 type: object 4292 secret: 4293 description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 4294 properties: 4295 defaultMode: 4296 description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 4297 format: int32 4298 type: integer 4299 items: 4300 description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. 4301 items: 4302 description: Maps a string key to a path within a volume. 4303 properties: 4304 key: 4305 description: The key to project. 4306 type: string 4307 mode: 4308 description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' 4309 format: int32 4310 type: integer 4311 path: 4312 description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4313 type: string 4314 required: 4315 - key 4316 - path 4317 type: object 4318 type: array 4319 optional: 4320 description: Specify whether the Secret or its keys must be defined 4321 type: boolean 4322 secretName: 4323 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 4324 type: string 4325 type: object 4326 storageos: 4327 description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. 4328 properties: 4329 fsType: 4330 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 4331 type: string 4332 readOnly: 4333 description: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. 4334 type: boolean 4335 secretRef: 4336 description: SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. 4337 properties: 4338 name: 4339 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' 4340 type: string 4341 type: object 4342 volumeName: 4343 description: VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. 4344 type: string 4345 volumeNamespace: 4346 description: VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. 4347 type: string 4348 type: object 4349 vsphereVolume: 4350 description: VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine 4351 properties: 4352 fsType: 4353 description: Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 4354 type: string 4355 storagePolicyID: 4356 description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. 4357 type: string 4358 storagePolicyName: 4359 description: Storage Policy Based Management (SPBM) profile name. 4360 type: string 4361 volumePath: 4362 description: Path that identifies vSphere volume vmdk 4363 type: string 4364 required: 4365 - volumePath 4366 type: object 4367 required: 4368 - name 4369 type: object 4370 type: array 4371 walCompression: 4372 description: Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0. 4373 type: boolean 4374 web: 4375 description: WebSpec defines the web command line flags when starting Prometheus. 4376 properties: 4377 pageTitle: 4378 description: The prometheus web page title 4379 type: string 4380 type: object 4381 type: object 4382 status: 4383 description: 'Most recent observed status of the Prometheus cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 4384 properties: 4385 availableReplicas: 4386 description: Total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. 4387 format: int32 4388 type: integer 4389 paused: 4390 description: Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. 4391 type: boolean 4392 replicas: 4393 description: Total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). 4394 format: int32 4395 type: integer 4396 unavailableReplicas: 4397 description: Total number of unavailable pods targeted by this Prometheus deployment. 4398 format: int32 4399 type: integer 4400 updatedReplicas: 4401 description: Total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. 4402 format: int32 4403 type: integer 4404 required: 4405 - availableReplicas 4406 - paused 4407 - replicas 4408 - unavailableReplicas 4409 - updatedReplicas 4410 type: object 4411 required: 4412 - spec 4413 type: object 4414 served: true 4415 storage: true 4416 subresources: {} 4417 status: 4418 acceptedNames: 4419 kind: "" 4420 plural: "" 4421 conditions: [] 4422 storedVersions: []