sigs.k8s.io/cluster-api-provider-azure@v1.14.3/hack/observability/prometheus/resources/bundle.yaml (about) 1 2 --- 3 apiVersion: apiextensions.k8s.io/v1 4 kind: CustomResourceDefinition 5 metadata: 6 annotations: 7 controller-gen.kubebuilder.io/version: v0.2.4 8 creationTimestamp: null 9 name: alertmanagerconfigs.monitoring.coreos.com 10 spec: 11 group: monitoring.coreos.com 12 names: 13 kind: AlertmanagerConfig 14 listKind: AlertmanagerConfigList 15 plural: alertmanagerconfigs 16 singular: alertmanagerconfig 17 scope: Namespaced 18 versions: 19 - name: v1alpha1 20 schema: 21 openAPIV3Schema: 22 description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to 23 be aggregated across multiple namespaces configuring one Alertmanager. 24 properties: 25 apiVersion: 26 description: 'APIVersion defines the versioned schema of this representation 27 of an object. Servers should convert recognized schemas to the latest 28 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 29 type: string 30 kind: 31 description: 'Kind is a string value representing the REST resource this 32 object represents. Servers may infer this from the endpoint the client 33 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 34 type: string 35 metadata: 36 type: object 37 spec: 38 properties: 39 inhibitRules: 40 items: 41 properties: 42 equal: 43 items: 44 type: string 45 type: array 46 sourceMatch: 47 items: 48 properties: 49 name: 50 type: string 51 regex: 52 type: boolean 53 value: 54 type: string 55 required: 56 - name 57 - value 58 type: object 59 type: array 60 targetMatch: 61 items: 62 properties: 63 name: 64 type: string 65 regex: 66 type: boolean 67 value: 68 type: string 69 required: 70 - name 71 - value 72 type: object 73 type: array 74 type: object 75 type: array 76 receivers: 77 items: 78 properties: 79 name: 80 type: string 81 opsgenieConfigs: 82 items: 83 properties: 84 apiKey: 85 description: SecretKeySelector selects a key of a Secret. 86 properties: 87 key: 88 description: The key of the secret to select from. Must 89 be a valid secret key. 90 type: string 91 name: 92 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 93 TODO: Add other useful fields. apiVersion, kind, 94 uid?' 95 type: string 96 optional: 97 description: Specify whether the Secret or its key 98 must be defined 99 type: boolean 100 required: 101 - key 102 type: object 103 apiURL: 104 type: string 105 description: 106 type: string 107 details: 108 items: 109 properties: 110 key: 111 type: string 112 value: 113 type: string 114 required: 115 - key 116 - value 117 type: object 118 type: array 119 httpConfig: 120 properties: 121 basicAuth: 122 description: 'BasicAuth allow an endpoint to authenticate 123 over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 124 properties: 125 password: 126 description: The secret in the service monitor 127 namespace that contains the password for authentication. 128 properties: 129 key: 130 description: The key of the secret to select 131 from. Must be a valid secret key. 132 type: string 133 name: 134 description: 'Name of the referent. More info: 135 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 136 TODO: Add other useful fields. apiVersion, 137 kind, uid?' 138 type: string 139 optional: 140 description: Specify whether the Secret or 141 its key must be defined 142 type: boolean 143 required: 144 - key 145 type: object 146 username: 147 description: The secret in the service monitor 148 namespace that contains the username for authentication. 149 properties: 150 key: 151 description: The key of the secret to select 152 from. Must be a valid secret key. 153 type: string 154 name: 155 description: 'Name of the referent. More info: 156 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 157 TODO: Add other useful fields. apiVersion, 158 kind, uid?' 159 type: string 160 optional: 161 description: Specify whether the Secret or 162 its key must be defined 163 type: boolean 164 required: 165 - key 166 type: object 167 type: object 168 bearerTokenSecret: 169 description: SecretKeySelector selects a key of a 170 Secret. 171 properties: 172 key: 173 description: The key of the secret to select from. Must 174 be a valid secret key. 175 type: string 176 name: 177 description: 'Name of the referent. More info: 178 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 179 TODO: Add other useful fields. apiVersion, kind, 180 uid?' 181 type: string 182 optional: 183 description: Specify whether the Secret or its 184 key must be defined 185 type: boolean 186 required: 187 - key 188 type: object 189 proxyURL: 190 type: string 191 tlsConfig: 192 description: SafeTLSConfig specifies safe TLS configuration 193 parameters. 194 properties: 195 ca: 196 description: Struct containing the CA cert to 197 use for the targets. 198 properties: 199 configMap: 200 description: ConfigMap containing data to 201 use for the targets. 202 properties: 203 key: 204 description: The key to select. 205 type: string 206 name: 207 description: 'Name of the referent. More 208 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 209 TODO: Add other useful fields. apiVersion, 210 kind, uid?' 211 type: string 212 optional: 213 description: Specify whether the ConfigMap 214 or its key must be defined 215 type: boolean 216 required: 217 - key 218 type: object 219 secret: 220 description: Secret containing data to use 221 for the targets. 222 properties: 223 key: 224 description: The key of the secret to 225 select from. Must be a valid secret 226 key. 227 type: string 228 name: 229 description: 'Name of the referent. More 230 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 231 TODO: Add other useful fields. apiVersion, 232 kind, uid?' 233 type: string 234 optional: 235 description: Specify whether the Secret 236 or its key must be defined 237 type: boolean 238 required: 239 - key 240 type: object 241 type: object 242 cert: 243 description: Struct containing the client cert 244 file for the targets. 245 properties: 246 configMap: 247 description: ConfigMap containing data to 248 use for the targets. 249 properties: 250 key: 251 description: The key to select. 252 type: string 253 name: 254 description: 'Name of the referent. More 255 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 256 TODO: Add other useful fields. apiVersion, 257 kind, uid?' 258 type: string 259 optional: 260 description: Specify whether the ConfigMap 261 or its key must be defined 262 type: boolean 263 required: 264 - key 265 type: object 266 secret: 267 description: Secret containing data to use 268 for the targets. 269 properties: 270 key: 271 description: The key of the secret to 272 select from. Must be a valid secret 273 key. 274 type: string 275 name: 276 description: 'Name of the referent. More 277 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 278 TODO: Add other useful fields. apiVersion, 279 kind, uid?' 280 type: string 281 optional: 282 description: Specify whether the Secret 283 or its key must be defined 284 type: boolean 285 required: 286 - key 287 type: object 288 type: object 289 insecureSkipVerify: 290 description: Disable target certificate validation. 291 type: boolean 292 keySecret: 293 description: Secret containing the client key 294 file for the targets. 295 properties: 296 key: 297 description: The key of the secret to select 298 from. Must be a valid secret key. 299 type: string 300 name: 301 description: 'Name of the referent. More info: 302 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 303 TODO: Add other useful fields. apiVersion, 304 kind, uid?' 305 type: string 306 optional: 307 description: Specify whether the Secret or 308 its key must be defined 309 type: boolean 310 required: 311 - key 312 type: object 313 serverName: 314 description: Used to verify the hostname for the 315 targets. 316 type: string 317 type: object 318 type: object 319 message: 320 type: string 321 note: 322 type: string 323 priority: 324 type: string 325 responders: 326 items: 327 properties: 328 id: 329 type: string 330 name: 331 type: string 332 type: 333 type: string 334 username: 335 type: string 336 type: object 337 type: array 338 sendResolved: 339 type: boolean 340 source: 341 type: string 342 tags: 343 type: string 344 type: object 345 type: array 346 pagerDutyConfigs: 347 items: 348 properties: 349 class: 350 type: string 351 client: 352 type: string 353 clientURL: 354 type: string 355 component: 356 type: string 357 description: 358 type: string 359 details: 360 items: 361 properties: 362 key: 363 type: string 364 value: 365 type: string 366 required: 367 - key 368 - value 369 type: object 370 type: array 371 group: 372 type: string 373 httpConfig: 374 properties: 375 basicAuth: 376 description: 'BasicAuth allow an endpoint to authenticate 377 over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 378 properties: 379 password: 380 description: The secret in the service monitor 381 namespace that contains the password for authentication. 382 properties: 383 key: 384 description: The key of the secret to select 385 from. Must be a valid secret key. 386 type: string 387 name: 388 description: 'Name of the referent. More info: 389 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 390 TODO: Add other useful fields. apiVersion, 391 kind, uid?' 392 type: string 393 optional: 394 description: Specify whether the Secret or 395 its key must be defined 396 type: boolean 397 required: 398 - key 399 type: object 400 username: 401 description: The secret in the service monitor 402 namespace that contains the username for authentication. 403 properties: 404 key: 405 description: The key of the secret to select 406 from. Must be a valid secret key. 407 type: string 408 name: 409 description: 'Name of the referent. More info: 410 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 411 TODO: Add other useful fields. apiVersion, 412 kind, uid?' 413 type: string 414 optional: 415 description: Specify whether the Secret or 416 its key must be defined 417 type: boolean 418 required: 419 - key 420 type: object 421 type: object 422 bearerTokenSecret: 423 description: SecretKeySelector selects a key of a 424 Secret. 425 properties: 426 key: 427 description: The key of the secret to select from. Must 428 be a valid secret key. 429 type: string 430 name: 431 description: 'Name of the referent. More info: 432 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 433 TODO: Add other useful fields. apiVersion, kind, 434 uid?' 435 type: string 436 optional: 437 description: Specify whether the Secret or its 438 key must be defined 439 type: boolean 440 required: 441 - key 442 type: object 443 proxyURL: 444 type: string 445 tlsConfig: 446 description: SafeTLSConfig specifies safe TLS configuration 447 parameters. 448 properties: 449 ca: 450 description: Struct containing the CA cert to 451 use for the targets. 452 properties: 453 configMap: 454 description: ConfigMap containing data to 455 use for the targets. 456 properties: 457 key: 458 description: The key to select. 459 type: string 460 name: 461 description: 'Name of the referent. More 462 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 463 TODO: Add other useful fields. apiVersion, 464 kind, uid?' 465 type: string 466 optional: 467 description: Specify whether the ConfigMap 468 or its key must be defined 469 type: boolean 470 required: 471 - key 472 type: object 473 secret: 474 description: Secret containing data to use 475 for the targets. 476 properties: 477 key: 478 description: The key of the secret to 479 select from. Must be a valid secret 480 key. 481 type: string 482 name: 483 description: 'Name of the referent. More 484 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 485 TODO: Add other useful fields. apiVersion, 486 kind, uid?' 487 type: string 488 optional: 489 description: Specify whether the Secret 490 or its key must be defined 491 type: boolean 492 required: 493 - key 494 type: object 495 type: object 496 cert: 497 description: Struct containing the client cert 498 file for the targets. 499 properties: 500 configMap: 501 description: ConfigMap containing data to 502 use for the targets. 503 properties: 504 key: 505 description: The key to select. 506 type: string 507 name: 508 description: 'Name of the referent. More 509 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 510 TODO: Add other useful fields. apiVersion, 511 kind, uid?' 512 type: string 513 optional: 514 description: Specify whether the ConfigMap 515 or its key must be defined 516 type: boolean 517 required: 518 - key 519 type: object 520 secret: 521 description: Secret containing data to use 522 for the targets. 523 properties: 524 key: 525 description: The key of the secret to 526 select from. Must be a valid secret 527 key. 528 type: string 529 name: 530 description: 'Name of the referent. More 531 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 532 TODO: Add other useful fields. apiVersion, 533 kind, uid?' 534 type: string 535 optional: 536 description: Specify whether the Secret 537 or its key must be defined 538 type: boolean 539 required: 540 - key 541 type: object 542 type: object 543 insecureSkipVerify: 544 description: Disable target certificate validation. 545 type: boolean 546 keySecret: 547 description: Secret containing the client key 548 file for the targets. 549 properties: 550 key: 551 description: The key of the secret to select 552 from. Must be a valid secret key. 553 type: string 554 name: 555 description: 'Name of the referent. More info: 556 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 557 TODO: Add other useful fields. apiVersion, 558 kind, uid?' 559 type: string 560 optional: 561 description: Specify whether the Secret or 562 its key must be defined 563 type: boolean 564 required: 565 - key 566 type: object 567 serverName: 568 description: Used to verify the hostname for the 569 targets. 570 type: string 571 type: object 572 type: object 573 routingKey: 574 description: SecretKeySelector selects a key of a Secret. 575 properties: 576 key: 577 description: The key of the secret to select from. Must 578 be a valid secret key. 579 type: string 580 name: 581 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 582 TODO: Add other useful fields. apiVersion, kind, 583 uid?' 584 type: string 585 optional: 586 description: Specify whether the Secret or its key 587 must be defined 588 type: boolean 589 required: 590 - key 591 type: object 592 sendResolved: 593 type: boolean 594 serviceKey: 595 description: SecretKeySelector selects a key of a Secret. 596 properties: 597 key: 598 description: The key of the secret to select from. Must 599 be a valid secret key. 600 type: string 601 name: 602 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 603 TODO: Add other useful fields. apiVersion, kind, 604 uid?' 605 type: string 606 optional: 607 description: Specify whether the Secret or its key 608 must be defined 609 type: boolean 610 required: 611 - key 612 type: object 613 severity: 614 type: string 615 url: 616 type: string 617 type: object 618 type: array 619 weChatConfigs: 620 items: 621 properties: 622 agentID: 623 type: string 624 apiSecret: 625 description: SecretKeySelector selects a key of a Secret. 626 properties: 627 key: 628 description: The key of the secret to select from. Must 629 be a valid secret key. 630 type: string 631 name: 632 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 633 TODO: Add other useful fields. apiVersion, kind, 634 uid?' 635 type: string 636 optional: 637 description: Specify whether the Secret or its key 638 must be defined 639 type: boolean 640 required: 641 - key 642 type: object 643 apiURL: 644 type: string 645 corpID: 646 type: string 647 httpConfig: 648 properties: 649 basicAuth: 650 description: 'BasicAuth allow an endpoint to authenticate 651 over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 652 properties: 653 password: 654 description: The secret in the service monitor 655 namespace that contains the password for authentication. 656 properties: 657 key: 658 description: The key of the secret to select 659 from. Must be a valid secret key. 660 type: string 661 name: 662 description: 'Name of the referent. More info: 663 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 664 TODO: Add other useful fields. apiVersion, 665 kind, uid?' 666 type: string 667 optional: 668 description: Specify whether the Secret or 669 its key must be defined 670 type: boolean 671 required: 672 - key 673 type: object 674 username: 675 description: The secret in the service monitor 676 namespace that contains the username for authentication. 677 properties: 678 key: 679 description: The key of the secret to select 680 from. Must be a valid secret key. 681 type: string 682 name: 683 description: 'Name of the referent. More info: 684 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 685 TODO: Add other useful fields. apiVersion, 686 kind, uid?' 687 type: string 688 optional: 689 description: Specify whether the Secret or 690 its key must be defined 691 type: boolean 692 required: 693 - key 694 type: object 695 type: object 696 bearerTokenSecret: 697 description: SecretKeySelector selects a key of a 698 Secret. 699 properties: 700 key: 701 description: The key of the secret to select from. Must 702 be a valid secret key. 703 type: string 704 name: 705 description: 'Name of the referent. More info: 706 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 707 TODO: Add other useful fields. apiVersion, kind, 708 uid?' 709 type: string 710 optional: 711 description: Specify whether the Secret or its 712 key must be defined 713 type: boolean 714 required: 715 - key 716 type: object 717 proxyURL: 718 type: string 719 tlsConfig: 720 description: SafeTLSConfig specifies safe TLS configuration 721 parameters. 722 properties: 723 ca: 724 description: Struct containing the CA cert to 725 use for the targets. 726 properties: 727 configMap: 728 description: ConfigMap containing data to 729 use for the targets. 730 properties: 731 key: 732 description: The key to select. 733 type: string 734 name: 735 description: 'Name of the referent. More 736 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 737 TODO: Add other useful fields. apiVersion, 738 kind, uid?' 739 type: string 740 optional: 741 description: Specify whether the ConfigMap 742 or its key must be defined 743 type: boolean 744 required: 745 - key 746 type: object 747 secret: 748 description: Secret containing data to use 749 for the targets. 750 properties: 751 key: 752 description: The key of the secret to 753 select from. Must be a valid secret 754 key. 755 type: string 756 name: 757 description: 'Name of the referent. More 758 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 759 TODO: Add other useful fields. apiVersion, 760 kind, uid?' 761 type: string 762 optional: 763 description: Specify whether the Secret 764 or its key must be defined 765 type: boolean 766 required: 767 - key 768 type: object 769 type: object 770 cert: 771 description: Struct containing the client cert 772 file for the targets. 773 properties: 774 configMap: 775 description: ConfigMap containing data to 776 use for the targets. 777 properties: 778 key: 779 description: The key to select. 780 type: string 781 name: 782 description: 'Name of the referent. More 783 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 784 TODO: Add other useful fields. apiVersion, 785 kind, uid?' 786 type: string 787 optional: 788 description: Specify whether the ConfigMap 789 or its key must be defined 790 type: boolean 791 required: 792 - key 793 type: object 794 secret: 795 description: Secret containing data to use 796 for the targets. 797 properties: 798 key: 799 description: The key of the secret to 800 select from. Must be a valid secret 801 key. 802 type: string 803 name: 804 description: 'Name of the referent. More 805 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 806 TODO: Add other useful fields. apiVersion, 807 kind, uid?' 808 type: string 809 optional: 810 description: Specify whether the Secret 811 or its key must be defined 812 type: boolean 813 required: 814 - key 815 type: object 816 type: object 817 insecureSkipVerify: 818 description: Disable target certificate validation. 819 type: boolean 820 keySecret: 821 description: Secret containing the client key 822 file for the targets. 823 properties: 824 key: 825 description: The key of the secret to select 826 from. Must be a valid secret key. 827 type: string 828 name: 829 description: 'Name of the referent. More info: 830 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 831 TODO: Add other useful fields. apiVersion, 832 kind, uid?' 833 type: string 834 optional: 835 description: Specify whether the Secret or 836 its key must be defined 837 type: boolean 838 required: 839 - key 840 type: object 841 serverName: 842 description: Used to verify the hostname for the 843 targets. 844 type: string 845 type: object 846 type: object 847 message: 848 type: string 849 messageType: 850 type: string 851 sendResolved: 852 type: boolean 853 toParty: 854 type: string 855 toTag: 856 type: string 857 toUser: 858 type: string 859 type: object 860 type: array 861 webhookConfigs: 862 items: 863 properties: 864 httpConfig: 865 properties: 866 basicAuth: 867 description: 'BasicAuth allow an endpoint to authenticate 868 over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 869 properties: 870 password: 871 description: The secret in the service monitor 872 namespace that contains the password for authentication. 873 properties: 874 key: 875 description: The key of the secret to select 876 from. Must be a valid secret key. 877 type: string 878 name: 879 description: 'Name of the referent. More info: 880 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 881 TODO: Add other useful fields. apiVersion, 882 kind, uid?' 883 type: string 884 optional: 885 description: Specify whether the Secret or 886 its key must be defined 887 type: boolean 888 required: 889 - key 890 type: object 891 username: 892 description: The secret in the service monitor 893 namespace that contains the username for authentication. 894 properties: 895 key: 896 description: The key of the secret to select 897 from. Must be a valid secret key. 898 type: string 899 name: 900 description: 'Name of the referent. More info: 901 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 902 TODO: Add other useful fields. apiVersion, 903 kind, uid?' 904 type: string 905 optional: 906 description: Specify whether the Secret or 907 its key must be defined 908 type: boolean 909 required: 910 - key 911 type: object 912 type: object 913 bearerTokenSecret: 914 description: SecretKeySelector selects a key of a 915 Secret. 916 properties: 917 key: 918 description: The key of the secret to select from. Must 919 be a valid secret key. 920 type: string 921 name: 922 description: 'Name of the referent. More info: 923 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 924 TODO: Add other useful fields. apiVersion, kind, 925 uid?' 926 type: string 927 optional: 928 description: Specify whether the Secret or its 929 key must be defined 930 type: boolean 931 required: 932 - key 933 type: object 934 proxyURL: 935 type: string 936 tlsConfig: 937 description: SafeTLSConfig specifies safe TLS configuration 938 parameters. 939 properties: 940 ca: 941 description: Struct containing the CA cert to 942 use for the targets. 943 properties: 944 configMap: 945 description: ConfigMap containing data to 946 use for the targets. 947 properties: 948 key: 949 description: The key to select. 950 type: string 951 name: 952 description: 'Name of the referent. More 953 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 954 TODO: Add other useful fields. apiVersion, 955 kind, uid?' 956 type: string 957 optional: 958 description: Specify whether the ConfigMap 959 or its key must be defined 960 type: boolean 961 required: 962 - key 963 type: object 964 secret: 965 description: Secret containing data to use 966 for the targets. 967 properties: 968 key: 969 description: The key of the secret to 970 select from. Must be a valid secret 971 key. 972 type: string 973 name: 974 description: 'Name of the referent. More 975 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 976 TODO: Add other useful fields. apiVersion, 977 kind, uid?' 978 type: string 979 optional: 980 description: Specify whether the Secret 981 or its key must be defined 982 type: boolean 983 required: 984 - key 985 type: object 986 type: object 987 cert: 988 description: Struct containing the client cert 989 file for the targets. 990 properties: 991 configMap: 992 description: ConfigMap containing data to 993 use for the targets. 994 properties: 995 key: 996 description: The key to select. 997 type: string 998 name: 999 description: 'Name of the referent. More 1000 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1001 TODO: Add other useful fields. apiVersion, 1002 kind, uid?' 1003 type: string 1004 optional: 1005 description: Specify whether the ConfigMap 1006 or its key must be defined 1007 type: boolean 1008 required: 1009 - key 1010 type: object 1011 secret: 1012 description: Secret containing data to use 1013 for the targets. 1014 properties: 1015 key: 1016 description: The key of the secret to 1017 select from. Must be a valid secret 1018 key. 1019 type: string 1020 name: 1021 description: 'Name of the referent. More 1022 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1023 TODO: Add other useful fields. apiVersion, 1024 kind, uid?' 1025 type: string 1026 optional: 1027 description: Specify whether the Secret 1028 or its key must be defined 1029 type: boolean 1030 required: 1031 - key 1032 type: object 1033 type: object 1034 insecureSkipVerify: 1035 description: Disable target certificate validation. 1036 type: boolean 1037 keySecret: 1038 description: Secret containing the client key 1039 file for the targets. 1040 properties: 1041 key: 1042 description: The key of the secret to select 1043 from. Must be a valid secret key. 1044 type: string 1045 name: 1046 description: 'Name of the referent. More info: 1047 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1048 TODO: Add other useful fields. apiVersion, 1049 kind, uid?' 1050 type: string 1051 optional: 1052 description: Specify whether the Secret or 1053 its key must be defined 1054 type: boolean 1055 required: 1056 - key 1057 type: object 1058 serverName: 1059 description: Used to verify the hostname for the 1060 targets. 1061 type: string 1062 type: object 1063 type: object 1064 maxAlerts: 1065 format: int32 1066 type: integer 1067 sendResolved: 1068 type: boolean 1069 url: 1070 type: string 1071 urlSecret: 1072 description: SecretKeySelector selects a key of a Secret. 1073 properties: 1074 key: 1075 description: The key of the secret to select from. Must 1076 be a valid secret key. 1077 type: string 1078 name: 1079 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1080 TODO: Add other useful fields. apiVersion, kind, 1081 uid?' 1082 type: string 1083 optional: 1084 description: Specify whether the Secret or its key 1085 must be defined 1086 type: boolean 1087 required: 1088 - key 1089 type: object 1090 type: object 1091 type: array 1092 required: 1093 - name 1094 type: object 1095 type: array 1096 route: 1097 properties: 1098 continue: 1099 type: boolean 1100 groupBy: 1101 items: 1102 type: string 1103 type: array 1104 groupInterval: 1105 type: string 1106 groupWait: 1107 type: string 1108 matchers: 1109 items: 1110 properties: 1111 name: 1112 type: string 1113 regex: 1114 type: boolean 1115 value: 1116 type: string 1117 required: 1118 - name 1119 - value 1120 type: object 1121 type: array 1122 receiver: 1123 type: string 1124 repeatInterval: 1125 type: string 1126 routes: 1127 items: 1128 type: object 1129 type: array 1130 type: object 1131 type: object 1132 required: 1133 - spec 1134 type: object 1135 served: true 1136 storage: true 1137 status: 1138 acceptedNames: 1139 kind: "" 1140 plural: "" 1141 conditions: [] 1142 storedVersions: [] 1143 --- 1144 1145 --- 1146 apiVersion: apiextensions.k8s.io/v1 1147 kind: CustomResourceDefinition 1148 metadata: 1149 annotations: 1150 controller-gen.kubebuilder.io/version: v0.2.4 1151 creationTimestamp: null 1152 name: alertmanagers.monitoring.coreos.com 1153 spec: 1154 group: monitoring.coreos.com 1155 names: 1156 kind: Alertmanager 1157 listKind: AlertmanagerList 1158 plural: alertmanagers 1159 singular: alertmanager 1160 scope: Namespaced 1161 versions: 1162 - additionalPrinterColumns: 1163 - description: The version of Alertmanager 1164 jsonPath: .spec.version 1165 name: Version 1166 type: string 1167 - description: The desired replicas number of Alertmanagers 1168 jsonPath: .spec.replicas 1169 name: Replicas 1170 type: integer 1171 - jsonPath: .metadata.creationTimestamp 1172 name: Age 1173 type: date 1174 name: v1 1175 schema: 1176 openAPIV3Schema: 1177 description: Alertmanager describes an Alertmanager cluster. 1178 properties: 1179 apiVersion: 1180 description: 'APIVersion defines the versioned schema of this representation 1181 of an object. Servers should convert recognized schemas to the latest 1182 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 1183 type: string 1184 kind: 1185 description: 'Kind is a string value representing the REST resource this 1186 object represents. Servers may infer this from the endpoint the client 1187 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 1188 type: string 1189 metadata: 1190 type: object 1191 spec: 1192 description: 'Specification of the desired behavior of the Alertmanager 1193 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 1194 properties: 1195 additionalPeers: 1196 description: AdditionalPeers allows injecting a set of additional 1197 Alertmanagers to peer with to form a highly available cluster. 1198 items: 1199 type: string 1200 type: array 1201 affinity: 1202 description: If specified, the pod's scheduling constraints. 1203 properties: 1204 nodeAffinity: 1205 description: Describes node affinity scheduling rules for the 1206 pod. 1207 properties: 1208 preferredDuringSchedulingIgnoredDuringExecution: 1209 description: The scheduler will prefer to schedule pods to 1210 nodes that satisfy the affinity expressions specified by 1211 this field, but it may choose a node that violates one or 1212 more of the expressions. The node that is most preferred 1213 is the one with the greatest sum of weights, i.e. for each 1214 node that meets all of the scheduling requirements (resource 1215 request, requiredDuringScheduling affinity expressions, 1216 etc.), compute a sum by iterating through the elements of 1217 this field and adding "weight" to the sum if the node matches 1218 the corresponding matchExpressions; the node(s) with the 1219 highest sum are the most preferred. 1220 items: 1221 description: An empty preferred scheduling term matches 1222 all objects with implicit weight 0 (i.e. it's a no-op). 1223 A null preferred scheduling term matches no objects (i.e. 1224 is also a no-op). 1225 properties: 1226 preference: 1227 description: A node selector term, associated with the 1228 corresponding weight. 1229 properties: 1230 matchExpressions: 1231 description: A list of node selector requirements 1232 by node's labels. 1233 items: 1234 description: A node selector requirement is a 1235 selector that contains values, a key, and an 1236 operator that relates the key and values. 1237 properties: 1238 key: 1239 description: The label key that the selector 1240 applies to. 1241 type: string 1242 operator: 1243 description: Represents a key's relationship 1244 to a set of values. Valid operators are 1245 In, NotIn, Exists, DoesNotExist. Gt, and 1246 Lt. 1247 type: string 1248 values: 1249 description: An array of string values. If 1250 the operator is In or NotIn, the values 1251 array must be non-empty. If the operator 1252 is Exists or DoesNotExist, the values array 1253 must be empty. If the operator is Gt or 1254 Lt, the values array must have a single 1255 element, which will be interpreted as an 1256 integer. This array is replaced during a 1257 strategic merge patch. 1258 items: 1259 type: string 1260 type: array 1261 required: 1262 - key 1263 - operator 1264 type: object 1265 type: array 1266 matchFields: 1267 description: A list of node selector requirements 1268 by node's fields. 1269 items: 1270 description: A node selector requirement is a 1271 selector that contains values, a key, and an 1272 operator that relates the key and values. 1273 properties: 1274 key: 1275 description: The label key that the selector 1276 applies to. 1277 type: string 1278 operator: 1279 description: Represents a key's relationship 1280 to a set of values. Valid operators are 1281 In, NotIn, Exists, DoesNotExist. Gt, and 1282 Lt. 1283 type: string 1284 values: 1285 description: An array of string values. If 1286 the operator is In or NotIn, the values 1287 array must be non-empty. If the operator 1288 is Exists or DoesNotExist, the values array 1289 must be empty. If the operator is Gt or 1290 Lt, the values array must have a single 1291 element, which will be interpreted as an 1292 integer. This array is replaced during a 1293 strategic merge patch. 1294 items: 1295 type: string 1296 type: array 1297 required: 1298 - key 1299 - operator 1300 type: object 1301 type: array 1302 type: object 1303 weight: 1304 description: Weight associated with matching the corresponding 1305 nodeSelectorTerm, in the range 1-100. 1306 format: int32 1307 type: integer 1308 required: 1309 - preference 1310 - weight 1311 type: object 1312 type: array 1313 requiredDuringSchedulingIgnoredDuringExecution: 1314 description: If the affinity requirements specified by this 1315 field are not met at scheduling time, the pod will not be 1316 scheduled onto the node. If the affinity requirements specified 1317 by this field cease to be met at some point during pod execution 1318 (e.g. due to an update), the system may or may not try to 1319 eventually evict the pod from its node. 1320 properties: 1321 nodeSelectorTerms: 1322 description: Required. A list of node selector terms. 1323 The terms are ORed. 1324 items: 1325 description: A null or empty node selector term matches 1326 no objects. The requirements of them are ANDed. The 1327 TopologySelectorTerm type implements a subset of the 1328 NodeSelectorTerm. 1329 properties: 1330 matchExpressions: 1331 description: A list of node selector requirements 1332 by node's labels. 1333 items: 1334 description: A node selector requirement is a 1335 selector that contains values, a key, and an 1336 operator that relates the key and values. 1337 properties: 1338 key: 1339 description: The label key that the selector 1340 applies to. 1341 type: string 1342 operator: 1343 description: Represents a key's relationship 1344 to a set of values. Valid operators are 1345 In, NotIn, Exists, DoesNotExist. Gt, and 1346 Lt. 1347 type: string 1348 values: 1349 description: An array of string values. If 1350 the operator is In or NotIn, the values 1351 array must be non-empty. If the operator 1352 is Exists or DoesNotExist, the values array 1353 must be empty. If the operator is Gt or 1354 Lt, the values array must have a single 1355 element, which will be interpreted as an 1356 integer. This array is replaced during a 1357 strategic merge patch. 1358 items: 1359 type: string 1360 type: array 1361 required: 1362 - key 1363 - operator 1364 type: object 1365 type: array 1366 matchFields: 1367 description: A list of node selector requirements 1368 by node's fields. 1369 items: 1370 description: A node selector requirement is a 1371 selector that contains values, a key, and an 1372 operator that relates the key and values. 1373 properties: 1374 key: 1375 description: The label key that the selector 1376 applies to. 1377 type: string 1378 operator: 1379 description: Represents a key's relationship 1380 to a set of values. Valid operators are 1381 In, NotIn, Exists, DoesNotExist. Gt, and 1382 Lt. 1383 type: string 1384 values: 1385 description: An array of string values. If 1386 the operator is In or NotIn, the values 1387 array must be non-empty. If the operator 1388 is Exists or DoesNotExist, the values array 1389 must be empty. If the operator is Gt or 1390 Lt, the values array must have a single 1391 element, which will be interpreted as an 1392 integer. This array is replaced during a 1393 strategic merge patch. 1394 items: 1395 type: string 1396 type: array 1397 required: 1398 - key 1399 - operator 1400 type: object 1401 type: array 1402 type: object 1403 type: array 1404 required: 1405 - nodeSelectorTerms 1406 type: object 1407 type: object 1408 podAffinity: 1409 description: Describes pod affinity scheduling rules (e.g. co-locate 1410 this pod in the same node, zone, etc. as some other pod(s)). 1411 properties: 1412 preferredDuringSchedulingIgnoredDuringExecution: 1413 description: The scheduler will prefer to schedule pods to 1414 nodes that satisfy the affinity expressions specified by 1415 this field, but it may choose a node that violates one or 1416 more of the expressions. The node that is most preferred 1417 is the one with the greatest sum of weights, i.e. for each 1418 node that meets all of the scheduling requirements (resource 1419 request, requiredDuringScheduling affinity expressions, 1420 etc.), compute a sum by iterating through the elements of 1421 this field and adding "weight" to the sum if the node has 1422 pods which matches the corresponding podAffinityTerm; the 1423 node(s) with the highest sum are the most preferred. 1424 items: 1425 description: The weights of all of the matched WeightedPodAffinityTerm 1426 fields are added per-node to find the most preferred node(s) 1427 properties: 1428 podAffinityTerm: 1429 description: Required. A pod affinity term, associated 1430 with the corresponding weight. 1431 properties: 1432 labelSelector: 1433 description: A label query over a set of resources, 1434 in this case pods. 1435 properties: 1436 matchExpressions: 1437 description: matchExpressions is a list of label 1438 selector requirements. The requirements are 1439 ANDed. 1440 items: 1441 description: A label selector requirement 1442 is a selector that contains values, a key, 1443 and an operator that relates the key and 1444 values. 1445 properties: 1446 key: 1447 description: key is the label key that 1448 the selector applies to. 1449 type: string 1450 operator: 1451 description: operator represents a key's 1452 relationship to a set of values. Valid 1453 operators are In, NotIn, Exists and 1454 DoesNotExist. 1455 type: string 1456 values: 1457 description: values is an array of string 1458 values. If the operator is In or NotIn, 1459 the values array must be non-empty. 1460 If the operator is Exists or DoesNotExist, 1461 the values array must be empty. This 1462 array is replaced during a strategic 1463 merge patch. 1464 items: 1465 type: string 1466 type: array 1467 required: 1468 - key 1469 - operator 1470 type: object 1471 type: array 1472 matchLabels: 1473 additionalProperties: 1474 type: string 1475 description: matchLabels is a map of {key,value} 1476 pairs. A single {key,value} in the matchLabels 1477 map is equivalent to an element of matchExpressions, 1478 whose key field is "key", the operator is 1479 "In", and the values array contains only "value". 1480 The requirements are ANDed. 1481 type: object 1482 type: object 1483 namespaces: 1484 description: namespaces specifies which namespaces 1485 the labelSelector applies to (matches against); 1486 null or empty list means "this pod's namespace" 1487 items: 1488 type: string 1489 type: array 1490 topologyKey: 1491 description: This pod should be co-located (affinity) 1492 or not co-located (anti-affinity) with the pods 1493 matching the labelSelector in the specified namespaces, 1494 where co-located is defined as running on a node 1495 whose value of the label with key topologyKey 1496 matches that of any node on which any of the selected 1497 pods is running. Empty topologyKey is not allowed. 1498 type: string 1499 required: 1500 - topologyKey 1501 type: object 1502 weight: 1503 description: weight associated with matching the corresponding 1504 podAffinityTerm, in the range 1-100. 1505 format: int32 1506 type: integer 1507 required: 1508 - podAffinityTerm 1509 - weight 1510 type: object 1511 type: array 1512 requiredDuringSchedulingIgnoredDuringExecution: 1513 description: If the affinity requirements specified by this 1514 field are not met at scheduling time, the pod will not be 1515 scheduled onto the node. If the affinity requirements specified 1516 by this field cease to be met at some point during pod execution 1517 (e.g. due to a pod label update), the system may or may 1518 not try to eventually evict the pod from its node. When 1519 there are multiple elements, the lists of nodes corresponding 1520 to each podAffinityTerm are intersected, i.e. all terms 1521 must be satisfied. 1522 items: 1523 description: Defines a set of pods (namely those matching 1524 the labelSelector relative to the given namespace(s)) 1525 that this pod should be co-located (affinity) or not co-located 1526 (anti-affinity) with, where co-located is defined as running 1527 on a node whose value of the label with key <topologyKey> 1528 matches that of any node on which a pod of the set of 1529 pods is running 1530 properties: 1531 labelSelector: 1532 description: A label query over a set of resources, 1533 in this case pods. 1534 properties: 1535 matchExpressions: 1536 description: matchExpressions is a list of label 1537 selector requirements. The requirements are ANDed. 1538 items: 1539 description: A label selector requirement is a 1540 selector that contains values, a key, and an 1541 operator that relates the key and values. 1542 properties: 1543 key: 1544 description: key is the label key that the 1545 selector applies to. 1546 type: string 1547 operator: 1548 description: operator represents a key's relationship 1549 to a set of values. Valid operators are 1550 In, NotIn, Exists and DoesNotExist. 1551 type: string 1552 values: 1553 description: values is an array of string 1554 values. If the operator is In or NotIn, 1555 the values array must be non-empty. If the 1556 operator is Exists or DoesNotExist, the 1557 values array must be empty. This array is 1558 replaced during a strategic merge patch. 1559 items: 1560 type: string 1561 type: array 1562 required: 1563 - key 1564 - operator 1565 type: object 1566 type: array 1567 matchLabels: 1568 additionalProperties: 1569 type: string 1570 description: matchLabels is a map of {key,value} 1571 pairs. A single {key,value} in the matchLabels 1572 map is equivalent to an element of matchExpressions, 1573 whose key field is "key", the operator is "In", 1574 and the values array contains only "value". The 1575 requirements are ANDed. 1576 type: object 1577 type: object 1578 namespaces: 1579 description: namespaces specifies which namespaces the 1580 labelSelector applies to (matches against); null or 1581 empty list means "this pod's namespace" 1582 items: 1583 type: string 1584 type: array 1585 topologyKey: 1586 description: This pod should be co-located (affinity) 1587 or not co-located (anti-affinity) with the pods matching 1588 the labelSelector in the specified namespaces, where 1589 co-located is defined as running on a node whose value 1590 of the label with key topologyKey matches that of 1591 any node on which any of the selected pods is running. 1592 Empty topologyKey is not allowed. 1593 type: string 1594 required: 1595 - topologyKey 1596 type: object 1597 type: array 1598 type: object 1599 podAntiAffinity: 1600 description: Describes pod anti-affinity scheduling rules (e.g. 1601 avoid putting this pod in the same node, zone, etc. as some 1602 other pod(s)). 1603 properties: 1604 preferredDuringSchedulingIgnoredDuringExecution: 1605 description: The scheduler will prefer to schedule pods to 1606 nodes that satisfy the anti-affinity expressions specified 1607 by this field, but it may choose a node that violates one 1608 or more of the expressions. The node that is most preferred 1609 is the one with the greatest sum of weights, i.e. for each 1610 node that meets all of the scheduling requirements (resource 1611 request, requiredDuringScheduling anti-affinity expressions, 1612 etc.), compute a sum by iterating through the elements of 1613 this field and adding "weight" to the sum if the node has 1614 pods which matches the corresponding podAffinityTerm; the 1615 node(s) with the highest sum are the most preferred. 1616 items: 1617 description: The weights of all of the matched WeightedPodAffinityTerm 1618 fields are added per-node to find the most preferred node(s) 1619 properties: 1620 podAffinityTerm: 1621 description: Required. A pod affinity term, associated 1622 with the corresponding weight. 1623 properties: 1624 labelSelector: 1625 description: A label query over a set of resources, 1626 in this case pods. 1627 properties: 1628 matchExpressions: 1629 description: matchExpressions is a list of label 1630 selector requirements. The requirements are 1631 ANDed. 1632 items: 1633 description: A label selector requirement 1634 is a selector that contains values, a key, 1635 and an operator that relates the key and 1636 values. 1637 properties: 1638 key: 1639 description: key is the label key that 1640 the selector applies to. 1641 type: string 1642 operator: 1643 description: operator represents a key's 1644 relationship to a set of values. Valid 1645 operators are In, NotIn, Exists and 1646 DoesNotExist. 1647 type: string 1648 values: 1649 description: values is an array of string 1650 values. If the operator is In or NotIn, 1651 the values array must be non-empty. 1652 If the operator is Exists or DoesNotExist, 1653 the values array must be empty. This 1654 array is replaced during a strategic 1655 merge patch. 1656 items: 1657 type: string 1658 type: array 1659 required: 1660 - key 1661 - operator 1662 type: object 1663 type: array 1664 matchLabels: 1665 additionalProperties: 1666 type: string 1667 description: matchLabels is a map of {key,value} 1668 pairs. A single {key,value} in the matchLabels 1669 map is equivalent to an element of matchExpressions, 1670 whose key field is "key", the operator is 1671 "In", and the values array contains only "value". 1672 The requirements are ANDed. 1673 type: object 1674 type: object 1675 namespaces: 1676 description: namespaces specifies which namespaces 1677 the labelSelector applies to (matches against); 1678 null or empty list means "this pod's namespace" 1679 items: 1680 type: string 1681 type: array 1682 topologyKey: 1683 description: This pod should be co-located (affinity) 1684 or not co-located (anti-affinity) with the pods 1685 matching the labelSelector in the specified namespaces, 1686 where co-located is defined as running on a node 1687 whose value of the label with key topologyKey 1688 matches that of any node on which any of the selected 1689 pods is running. Empty topologyKey is not allowed. 1690 type: string 1691 required: 1692 - topologyKey 1693 type: object 1694 weight: 1695 description: weight associated with matching the corresponding 1696 podAffinityTerm, in the range 1-100. 1697 format: int32 1698 type: integer 1699 required: 1700 - podAffinityTerm 1701 - weight 1702 type: object 1703 type: array 1704 requiredDuringSchedulingIgnoredDuringExecution: 1705 description: If the anti-affinity requirements specified by 1706 this field are not met at scheduling time, the pod will 1707 not be scheduled onto the node. If the anti-affinity requirements 1708 specified by this field cease to be met at some point during 1709 pod execution (e.g. due to a pod label update), the system 1710 may or may not try to eventually evict the pod from its 1711 node. When there are multiple elements, the lists of nodes 1712 corresponding to each podAffinityTerm are intersected, i.e. 1713 all terms must be satisfied. 1714 items: 1715 description: Defines a set of pods (namely those matching 1716 the labelSelector relative to the given namespace(s)) 1717 that this pod should be co-located (affinity) or not co-located 1718 (anti-affinity) with, where co-located is defined as running 1719 on a node whose value of the label with key <topologyKey> 1720 matches that of any node on which a pod of the set of 1721 pods is running 1722 properties: 1723 labelSelector: 1724 description: A label query over a set of resources, 1725 in this case pods. 1726 properties: 1727 matchExpressions: 1728 description: matchExpressions is a list of label 1729 selector requirements. The requirements are ANDed. 1730 items: 1731 description: A label selector requirement is a 1732 selector that contains values, a key, and an 1733 operator that relates the key and values. 1734 properties: 1735 key: 1736 description: key is the label key that the 1737 selector applies to. 1738 type: string 1739 operator: 1740 description: operator represents a key's relationship 1741 to a set of values. Valid operators are 1742 In, NotIn, Exists and DoesNotExist. 1743 type: string 1744 values: 1745 description: values is an array of string 1746 values. If the operator is In or NotIn, 1747 the values array must be non-empty. If the 1748 operator is Exists or DoesNotExist, the 1749 values array must be empty. This array is 1750 replaced during a strategic merge patch. 1751 items: 1752 type: string 1753 type: array 1754 required: 1755 - key 1756 - operator 1757 type: object 1758 type: array 1759 matchLabels: 1760 additionalProperties: 1761 type: string 1762 description: matchLabels is a map of {key,value} 1763 pairs. A single {key,value} in the matchLabels 1764 map is equivalent to an element of matchExpressions, 1765 whose key field is "key", the operator is "In", 1766 and the values array contains only "value". The 1767 requirements are ANDed. 1768 type: object 1769 type: object 1770 namespaces: 1771 description: namespaces specifies which namespaces the 1772 labelSelector applies to (matches against); null or 1773 empty list means "this pod's namespace" 1774 items: 1775 type: string 1776 type: array 1777 topologyKey: 1778 description: This pod should be co-located (affinity) 1779 or not co-located (anti-affinity) with the pods matching 1780 the labelSelector in the specified namespaces, where 1781 co-located is defined as running on a node whose value 1782 of the label with key topologyKey matches that of 1783 any node on which any of the selected pods is running. 1784 Empty topologyKey is not allowed. 1785 type: string 1786 required: 1787 - topologyKey 1788 type: object 1789 type: array 1790 type: object 1791 type: object 1792 alertmanagerConfigNamespaceSelector: 1793 description: Namespaces to be selected for AlertmanagerConfig discovery. 1794 If nil, only check own namespace. 1795 properties: 1796 matchExpressions: 1797 description: matchExpressions is a list of label selector requirements. 1798 The requirements are ANDed. 1799 items: 1800 description: A label selector requirement is a selector that 1801 contains values, a key, and an operator that relates the key 1802 and values. 1803 properties: 1804 key: 1805 description: key is the label key that the selector applies 1806 to. 1807 type: string 1808 operator: 1809 description: operator represents a key's relationship to 1810 a set of values. Valid operators are In, NotIn, Exists 1811 and DoesNotExist. 1812 type: string 1813 values: 1814 description: values is an array of string values. If the 1815 operator is In or NotIn, the values array must be non-empty. 1816 If the operator is Exists or DoesNotExist, the values 1817 array must be empty. This array is replaced during a strategic 1818 merge patch. 1819 items: 1820 type: string 1821 type: array 1822 required: 1823 - key 1824 - operator 1825 type: object 1826 type: array 1827 matchLabels: 1828 additionalProperties: 1829 type: string 1830 description: matchLabels is a map of {key,value} pairs. A single 1831 {key,value} in the matchLabels map is equivalent to an element 1832 of matchExpressions, whose key field is "key", the operator 1833 is "In", and the values array contains only "value". The requirements 1834 are ANDed. 1835 type: object 1836 type: object 1837 alertmanagerConfigSelector: 1838 description: AlertmanagerConfigs to be selected for to merge and configure 1839 Alertmanager with. 1840 properties: 1841 matchExpressions: 1842 description: matchExpressions is a list of label selector requirements. 1843 The requirements are ANDed. 1844 items: 1845 description: A label selector requirement is a selector that 1846 contains values, a key, and an operator that relates the key 1847 and values. 1848 properties: 1849 key: 1850 description: key is the label key that the selector applies 1851 to. 1852 type: string 1853 operator: 1854 description: operator represents a key's relationship to 1855 a set of values. Valid operators are In, NotIn, Exists 1856 and DoesNotExist. 1857 type: string 1858 values: 1859 description: values is an array of string values. If the 1860 operator is In or NotIn, the values array must be non-empty. 1861 If the operator is Exists or DoesNotExist, the values 1862 array must be empty. This array is replaced during a strategic 1863 merge patch. 1864 items: 1865 type: string 1866 type: array 1867 required: 1868 - key 1869 - operator 1870 type: object 1871 type: array 1872 matchLabels: 1873 additionalProperties: 1874 type: string 1875 description: matchLabels is a map of {key,value} pairs. A single 1876 {key,value} in the matchLabels map is equivalent to an element 1877 of matchExpressions, whose key field is "key", the operator 1878 is "In", and the values array contains only "value". The requirements 1879 are ANDed. 1880 type: object 1881 type: object 1882 baseImage: 1883 description: 'Base image that is used to deploy pods, without tag. 1884 Deprecated: use ''image'' instead' 1885 type: string 1886 clusterAdvertiseAddress: 1887 description: 'ClusterAdvertiseAddress is the explicit address to advertise 1888 in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. 1889 [1] RFC1918: https://tools.ietf.org/html/rfc1918' 1890 type: string 1891 configMaps: 1892 description: ConfigMaps is a list of ConfigMaps in the same namespace 1893 as the Alertmanager object, which shall be mounted into the Alertmanager 1894 Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/<configmap-name>. 1895 items: 1896 type: string 1897 type: array 1898 configSecret: 1899 description: ConfigSecret is the name of a Kubernetes Secret in the 1900 same namespace as the Alertmanager object, which contains configuration 1901 for this Alertmanager instance. Defaults to 'alertmanager-<alertmanager-name>' 1902 The secret is mounted into /etc/alertmanager/config. 1903 type: string 1904 containers: 1905 description: 'Containers allows injecting additional containers. This 1906 is meant to allow adding an authentication proxy to an Alertmanager 1907 pod. Containers described here modify an operator generated container 1908 if they share the same name and modifications are done via a strategic 1909 merge patch. The current container names are: `alertmanager` and 1910 `config-reloader`. Overriding containers is entirely outside the 1911 scope of what the maintainers will support and by doing so, you 1912 accept that this behaviour may break at any time without notice.' 1913 items: 1914 description: A single application container that you want to run 1915 within a pod. 1916 properties: 1917 args: 1918 description: 'Arguments to the entrypoint. The docker image''s 1919 CMD is used if this is not provided. Variable references $(VAR_NAME) 1920 are expanded using the container''s environment. If a variable 1921 cannot be resolved, the reference in the input string will 1922 be unchanged. The $(VAR_NAME) syntax can be escaped with a 1923 double $$, ie: $$(VAR_NAME). Escaped references will never 1924 be expanded, regardless of whether the variable exists or 1925 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1926 items: 1927 type: string 1928 type: array 1929 command: 1930 description: 'Entrypoint array. Not executed within a shell. 1931 The docker image''s ENTRYPOINT is used if this is not provided. 1932 Variable references $(VAR_NAME) are expanded using the container''s 1933 environment. If a variable cannot be resolved, the reference 1934 in the input string will be unchanged. The $(VAR_NAME) syntax 1935 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 1936 references will never be expanded, regardless of whether the 1937 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 1938 items: 1939 type: string 1940 type: array 1941 env: 1942 description: List of environment variables to set in the container. 1943 Cannot be updated. 1944 items: 1945 description: EnvVar represents an environment variable present 1946 in a Container. 1947 properties: 1948 name: 1949 description: Name of the environment variable. Must be 1950 a C_IDENTIFIER. 1951 type: string 1952 value: 1953 description: 'Variable references $(VAR_NAME) are expanded 1954 using the previous defined environment variables in 1955 the container and any service environment variables. 1956 If a variable cannot be resolved, the reference in the 1957 input string will be unchanged. The $(VAR_NAME) syntax 1958 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 1959 references will never be expanded, regardless of whether 1960 the variable exists or not. Defaults to "".' 1961 type: string 1962 valueFrom: 1963 description: Source for the environment variable's value. 1964 Cannot be used if value is not empty. 1965 properties: 1966 configMapKeyRef: 1967 description: Selects a key of a ConfigMap. 1968 properties: 1969 key: 1970 description: The key to select. 1971 type: string 1972 name: 1973 description: 'Name of the referent. More info: 1974 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1975 TODO: Add other useful fields. apiVersion, kind, 1976 uid?' 1977 type: string 1978 optional: 1979 description: Specify whether the ConfigMap or 1980 its key must be defined 1981 type: boolean 1982 required: 1983 - key 1984 type: object 1985 fieldRef: 1986 description: 'Selects a field of the pod: supports 1987 metadata.name, metadata.namespace, metadata.labels, 1988 metadata.annotations, spec.nodeName, spec.serviceAccountName, 1989 status.hostIP, status.podIP, status.podIPs.' 1990 properties: 1991 apiVersion: 1992 description: Version of the schema the FieldPath 1993 is written in terms of, defaults to "v1". 1994 type: string 1995 fieldPath: 1996 description: Path of the field to select in the 1997 specified API version. 1998 type: string 1999 required: 2000 - fieldPath 2001 type: object 2002 resourceFieldRef: 2003 description: 'Selects a resource of the container: 2004 only resources limits and requests (limits.cpu, 2005 limits.memory, limits.ephemeral-storage, requests.cpu, 2006 requests.memory and requests.ephemeral-storage) 2007 are currently supported.' 2008 properties: 2009 containerName: 2010 description: 'Container name: required for volumes, 2011 optional for env vars' 2012 type: string 2013 divisor: 2014 description: Specifies the output format of the 2015 exposed resources, defaults to "1" 2016 type: string 2017 resource: 2018 description: 'Required: resource to select' 2019 type: string 2020 required: 2021 - resource 2022 type: object 2023 secretKeyRef: 2024 description: Selects a key of a secret in the pod's 2025 namespace 2026 properties: 2027 key: 2028 description: The key of the secret to select from. Must 2029 be a valid secret key. 2030 type: string 2031 name: 2032 description: 'Name of the referent. More info: 2033 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2034 TODO: Add other useful fields. apiVersion, kind, 2035 uid?' 2036 type: string 2037 optional: 2038 description: Specify whether the Secret or its 2039 key must be defined 2040 type: boolean 2041 required: 2042 - key 2043 type: object 2044 type: object 2045 required: 2046 - name 2047 type: object 2048 type: array 2049 envFrom: 2050 description: List of sources to populate environment variables 2051 in the container. The keys defined within a source must be 2052 a C_IDENTIFIER. All invalid keys will be reported as an event 2053 when the container is starting. When a key exists in multiple 2054 sources, the value associated with the last source will take 2055 precedence. Values defined by an Env with a duplicate key 2056 will take precedence. Cannot be updated. 2057 items: 2058 description: EnvFromSource represents the source of a set 2059 of ConfigMaps 2060 properties: 2061 configMapRef: 2062 description: The ConfigMap to select from 2063 properties: 2064 name: 2065 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2066 TODO: Add other useful fields. apiVersion, kind, 2067 uid?' 2068 type: string 2069 optional: 2070 description: Specify whether the ConfigMap must be 2071 defined 2072 type: boolean 2073 type: object 2074 prefix: 2075 description: An optional identifier to prepend to each 2076 key in the ConfigMap. Must be a C_IDENTIFIER. 2077 type: string 2078 secretRef: 2079 description: The Secret to select from 2080 properties: 2081 name: 2082 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2083 TODO: Add other useful fields. apiVersion, kind, 2084 uid?' 2085 type: string 2086 optional: 2087 description: Specify whether the Secret must be defined 2088 type: boolean 2089 type: object 2090 type: object 2091 type: array 2092 image: 2093 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2094 This field is optional to allow higher level config management 2095 to default or override container images in workload controllers 2096 like Deployments and StatefulSets.' 2097 type: string 2098 imagePullPolicy: 2099 description: 'Image pull policy. One of Always, Never, IfNotPresent. 2100 Defaults to Always if :latest tag is specified, or IfNotPresent 2101 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 2102 type: string 2103 lifecycle: 2104 description: Actions that the management system should take 2105 in response to container lifecycle events. Cannot be updated. 2106 properties: 2107 postStart: 2108 description: 'PostStart is called immediately after a container 2109 is created. If the handler fails, the container is terminated 2110 and restarted according to its restart policy. Other management 2111 of the container blocks until the hook completes. More 2112 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2113 properties: 2114 exec: 2115 description: One and only one of the following should 2116 be specified. Exec specifies the action to take. 2117 properties: 2118 command: 2119 description: Command is the command line to execute 2120 inside the container, the working directory for 2121 the command is root ('/') in the container's 2122 filesystem. The command is simply exec'd, it is 2123 not run inside a shell, so traditional shell instructions 2124 ('|', etc) won't work. To use a shell, you need 2125 to explicitly call out to that shell. Exit status 2126 of 0 is treated as live/healthy and non-zero is 2127 unhealthy. 2128 items: 2129 type: string 2130 type: array 2131 type: object 2132 httpGet: 2133 description: HTTPGet specifies the http request to perform. 2134 properties: 2135 host: 2136 description: Host name to connect to, defaults to 2137 the pod IP. You probably want to set "Host" in 2138 httpHeaders instead. 2139 type: string 2140 httpHeaders: 2141 description: Custom headers to set in the request. 2142 HTTP allows repeated headers. 2143 items: 2144 description: HTTPHeader describes a custom header 2145 to be used in HTTP probes 2146 properties: 2147 name: 2148 description: The header field name 2149 type: string 2150 value: 2151 description: The header field value 2152 type: string 2153 required: 2154 - name 2155 - value 2156 type: object 2157 type: array 2158 path: 2159 description: Path to access on the HTTP server. 2160 type: string 2161 port: 2162 anyOf: 2163 - type: integer 2164 - type: string 2165 description: Name or number of the port to access 2166 on the container. Number must be in the range 2167 1 to 65535. Name must be an IANA_SVC_NAME. 2168 x-kubernetes-int-or-string: true 2169 scheme: 2170 description: Scheme to use for connecting to the 2171 host. Defaults to HTTP. 2172 type: string 2173 required: 2174 - port 2175 type: object 2176 tcpSocket: 2177 description: 'TCPSocket specifies an action involving 2178 a TCP port. TCP hooks not yet supported TODO: implement 2179 a realistic TCP lifecycle hook' 2180 properties: 2181 host: 2182 description: 'Optional: Host name to connect to, 2183 defaults to the pod IP.' 2184 type: string 2185 port: 2186 anyOf: 2187 - type: integer 2188 - type: string 2189 description: Number or name of the port to access 2190 on the container. Number must be in the range 2191 1 to 65535. Name must be an IANA_SVC_NAME. 2192 x-kubernetes-int-or-string: true 2193 required: 2194 - port 2195 type: object 2196 type: object 2197 preStop: 2198 description: 'PreStop is called immediately before a container 2199 is terminated due to an API request or management event 2200 such as liveness/startup probe failure, preemption, resource 2201 contention, etc. The handler is not called if the container 2202 crashes or exits. The reason for termination is passed 2203 to the handler. The Pod''s termination grace period countdown 2204 begins before the PreStop hooked is executed. Regardless 2205 of the outcome of the handler, the container will eventually 2206 terminate within the Pod''s termination grace period. 2207 Other management of the container blocks until the hook 2208 completes or until the termination grace period is reached. 2209 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 2210 properties: 2211 exec: 2212 description: One and only one of the following should 2213 be specified. Exec specifies the action to take. 2214 properties: 2215 command: 2216 description: Command is the command line to execute 2217 inside the container, the working directory for 2218 the command is root ('/') in the container's 2219 filesystem. The command is simply exec'd, it is 2220 not run inside a shell, so traditional shell instructions 2221 ('|', etc) won't work. To use a shell, you need 2222 to explicitly call out to that shell. Exit status 2223 of 0 is treated as live/healthy and non-zero is 2224 unhealthy. 2225 items: 2226 type: string 2227 type: array 2228 type: object 2229 httpGet: 2230 description: HTTPGet specifies the http request to perform. 2231 properties: 2232 host: 2233 description: Host name to connect to, defaults to 2234 the pod IP. You probably want to set "Host" in 2235 httpHeaders instead. 2236 type: string 2237 httpHeaders: 2238 description: Custom headers to set in the request. 2239 HTTP allows repeated headers. 2240 items: 2241 description: HTTPHeader describes a custom header 2242 to be used in HTTP probes 2243 properties: 2244 name: 2245 description: The header field name 2246 type: string 2247 value: 2248 description: The header field value 2249 type: string 2250 required: 2251 - name 2252 - value 2253 type: object 2254 type: array 2255 path: 2256 description: Path to access on the HTTP server. 2257 type: string 2258 port: 2259 anyOf: 2260 - type: integer 2261 - type: string 2262 description: Name or number of the port to access 2263 on the container. Number must be in the range 2264 1 to 65535. Name must be an IANA_SVC_NAME. 2265 x-kubernetes-int-or-string: true 2266 scheme: 2267 description: Scheme to use for connecting to the 2268 host. Defaults to HTTP. 2269 type: string 2270 required: 2271 - port 2272 type: object 2273 tcpSocket: 2274 description: 'TCPSocket specifies an action involving 2275 a TCP port. TCP hooks not yet supported TODO: implement 2276 a realistic TCP lifecycle hook' 2277 properties: 2278 host: 2279 description: 'Optional: Host name to connect to, 2280 defaults to the pod IP.' 2281 type: string 2282 port: 2283 anyOf: 2284 - type: integer 2285 - type: string 2286 description: Number or name of the port to access 2287 on the container. Number must be in the range 2288 1 to 65535. Name must be an IANA_SVC_NAME. 2289 x-kubernetes-int-or-string: true 2290 required: 2291 - port 2292 type: object 2293 type: object 2294 type: object 2295 livenessProbe: 2296 description: 'Periodic probe of container liveness. Container 2297 will be restarted if the probe fails. Cannot be updated. More 2298 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2299 properties: 2300 exec: 2301 description: One and only one of the following should be 2302 specified. Exec specifies the action to take. 2303 properties: 2304 command: 2305 description: Command is the command line to execute 2306 inside the container, the working directory for the 2307 command is root ('/') in the container's filesystem. 2308 The command is simply exec'd, it is not run inside 2309 a shell, so traditional shell instructions ('|', etc) 2310 won't work. To use a shell, you need to explicitly 2311 call out to that shell. Exit status of 0 is treated 2312 as live/healthy and non-zero is unhealthy. 2313 items: 2314 type: string 2315 type: array 2316 type: object 2317 failureThreshold: 2318 description: Minimum consecutive failures for the probe 2319 to be considered failed after having succeeded. Defaults 2320 to 3. Minimum value is 1. 2321 format: int32 2322 type: integer 2323 httpGet: 2324 description: HTTPGet specifies the http request to perform. 2325 properties: 2326 host: 2327 description: Host name to connect to, defaults to the 2328 pod IP. You probably want to set "Host" in httpHeaders 2329 instead. 2330 type: string 2331 httpHeaders: 2332 description: Custom headers to set in the request. HTTP 2333 allows repeated headers. 2334 items: 2335 description: HTTPHeader describes a custom header 2336 to be used in HTTP probes 2337 properties: 2338 name: 2339 description: The header field name 2340 type: string 2341 value: 2342 description: The header field value 2343 type: string 2344 required: 2345 - name 2346 - value 2347 type: object 2348 type: array 2349 path: 2350 description: Path to access on the HTTP server. 2351 type: string 2352 port: 2353 anyOf: 2354 - type: integer 2355 - type: string 2356 description: Name or number of the port to access on 2357 the container. Number must be in the range 1 to 65535. 2358 Name must be an IANA_SVC_NAME. 2359 x-kubernetes-int-or-string: true 2360 scheme: 2361 description: Scheme to use for connecting to the host. 2362 Defaults to HTTP. 2363 type: string 2364 required: 2365 - port 2366 type: object 2367 initialDelaySeconds: 2368 description: 'Number of seconds after the container has 2369 started before liveness probes are initiated. More info: 2370 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2371 format: int32 2372 type: integer 2373 periodSeconds: 2374 description: How often (in seconds) to perform the probe. 2375 Default to 10 seconds. Minimum value is 1. 2376 format: int32 2377 type: integer 2378 successThreshold: 2379 description: Minimum consecutive successes for the probe 2380 to be considered successful after having failed. Defaults 2381 to 1. Must be 1 for liveness and startup. Minimum value 2382 is 1. 2383 format: int32 2384 type: integer 2385 tcpSocket: 2386 description: 'TCPSocket specifies an action involving a 2387 TCP port. TCP hooks not yet supported TODO: implement 2388 a realistic TCP lifecycle hook' 2389 properties: 2390 host: 2391 description: 'Optional: Host name to connect to, defaults 2392 to the pod IP.' 2393 type: string 2394 port: 2395 anyOf: 2396 - type: integer 2397 - type: string 2398 description: Number or name of the port to access on 2399 the container. Number must be in the range 1 to 65535. 2400 Name must be an IANA_SVC_NAME. 2401 x-kubernetes-int-or-string: true 2402 required: 2403 - port 2404 type: object 2405 timeoutSeconds: 2406 description: 'Number of seconds after which the probe times 2407 out. Defaults to 1 second. Minimum value is 1. More info: 2408 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2409 format: int32 2410 type: integer 2411 type: object 2412 name: 2413 description: Name of the container specified as a DNS_LABEL. 2414 Each container in a pod must have a unique name (DNS_LABEL). 2415 Cannot be updated. 2416 type: string 2417 ports: 2418 description: List of ports to expose from the container. Exposing 2419 a port here gives the system additional information about 2420 the network connections a container uses, but is primarily 2421 informational. Not specifying a port here DOES NOT prevent 2422 that port from being exposed. Any port which is listening 2423 on the default "0.0.0.0" address inside a container will be 2424 accessible from the network. Cannot be updated. 2425 items: 2426 description: ContainerPort represents a network port in a 2427 single container. 2428 properties: 2429 containerPort: 2430 description: Number of port to expose on the pod's IP 2431 address. This must be a valid port number, 0 < x < 65536. 2432 format: int32 2433 type: integer 2434 hostIP: 2435 description: What host IP to bind the external port to. 2436 type: string 2437 hostPort: 2438 description: Number of port to expose on the host. If 2439 specified, this must be a valid port number, 0 < x < 2440 65536. If HostNetwork is specified, this must match 2441 ContainerPort. Most containers do not need this. 2442 format: int32 2443 type: integer 2444 name: 2445 description: If specified, this must be an IANA_SVC_NAME 2446 and unique within the pod. Each named port in a pod 2447 must have a unique name. Name for the port that can 2448 be referred to by services. 2449 type: string 2450 protocol: 2451 description: Protocol for port. Must be UDP, TCP, or SCTP. 2452 Defaults to "TCP". 2453 type: string 2454 required: 2455 - containerPort 2456 type: object 2457 type: array 2458 readinessProbe: 2459 description: 'Periodic probe of container service readiness. 2460 Container will be removed from service endpoints if the probe 2461 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2462 properties: 2463 exec: 2464 description: One and only one of the following should be 2465 specified. Exec specifies the action to take. 2466 properties: 2467 command: 2468 description: Command is the command line to execute 2469 inside the container, the working directory for the 2470 command is root ('/') in the container's filesystem. 2471 The command is simply exec'd, it is not run inside 2472 a shell, so traditional shell instructions ('|', etc) 2473 won't work. To use a shell, you need to explicitly 2474 call out to that shell. Exit status of 0 is treated 2475 as live/healthy and non-zero is unhealthy. 2476 items: 2477 type: string 2478 type: array 2479 type: object 2480 failureThreshold: 2481 description: Minimum consecutive failures for the probe 2482 to be considered failed after having succeeded. Defaults 2483 to 3. Minimum value is 1. 2484 format: int32 2485 type: integer 2486 httpGet: 2487 description: HTTPGet specifies the http request to perform. 2488 properties: 2489 host: 2490 description: Host name to connect to, defaults to the 2491 pod IP. You probably want to set "Host" in httpHeaders 2492 instead. 2493 type: string 2494 httpHeaders: 2495 description: Custom headers to set in the request. HTTP 2496 allows repeated headers. 2497 items: 2498 description: HTTPHeader describes a custom header 2499 to be used in HTTP probes 2500 properties: 2501 name: 2502 description: The header field name 2503 type: string 2504 value: 2505 description: The header field value 2506 type: string 2507 required: 2508 - name 2509 - value 2510 type: object 2511 type: array 2512 path: 2513 description: Path to access on the HTTP server. 2514 type: string 2515 port: 2516 anyOf: 2517 - type: integer 2518 - type: string 2519 description: Name or number of the port to access on 2520 the container. Number must be in the range 1 to 65535. 2521 Name must be an IANA_SVC_NAME. 2522 x-kubernetes-int-or-string: true 2523 scheme: 2524 description: Scheme to use for connecting to the host. 2525 Defaults to HTTP. 2526 type: string 2527 required: 2528 - port 2529 type: object 2530 initialDelaySeconds: 2531 description: 'Number of seconds after the container has 2532 started before liveness probes are initiated. More info: 2533 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2534 format: int32 2535 type: integer 2536 periodSeconds: 2537 description: How often (in seconds) to perform the probe. 2538 Default to 10 seconds. Minimum value is 1. 2539 format: int32 2540 type: integer 2541 successThreshold: 2542 description: Minimum consecutive successes for the probe 2543 to be considered successful after having failed. Defaults 2544 to 1. Must be 1 for liveness and startup. Minimum value 2545 is 1. 2546 format: int32 2547 type: integer 2548 tcpSocket: 2549 description: 'TCPSocket specifies an action involving a 2550 TCP port. TCP hooks not yet supported TODO: implement 2551 a realistic TCP lifecycle hook' 2552 properties: 2553 host: 2554 description: 'Optional: Host name to connect to, defaults 2555 to the pod IP.' 2556 type: string 2557 port: 2558 anyOf: 2559 - type: integer 2560 - type: string 2561 description: Number or name of the port to access on 2562 the container. Number must be in the range 1 to 65535. 2563 Name must be an IANA_SVC_NAME. 2564 x-kubernetes-int-or-string: true 2565 required: 2566 - port 2567 type: object 2568 timeoutSeconds: 2569 description: 'Number of seconds after which the probe times 2570 out. Defaults to 1 second. Minimum value is 1. More info: 2571 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2572 format: int32 2573 type: integer 2574 type: object 2575 resources: 2576 description: 'Compute Resources required by this container. 2577 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 2578 properties: 2579 limits: 2580 additionalProperties: 2581 type: string 2582 description: 'Limits describes the maximum amount of compute 2583 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 2584 type: object 2585 requests: 2586 additionalProperties: 2587 type: string 2588 description: 'Requests describes the minimum amount of compute 2589 resources required. If Requests is omitted for a container, 2590 it defaults to Limits if that is explicitly specified, 2591 otherwise to an implementation-defined value. More info: 2592 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 2593 type: object 2594 type: object 2595 securityContext: 2596 description: 'Security options the pod should run with. More 2597 info: https://kubernetes.io/docs/concepts/policy/security-context/ 2598 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 2599 properties: 2600 allowPrivilegeEscalation: 2601 description: 'AllowPrivilegeEscalation controls whether 2602 a process can gain more privileges than its parent process. 2603 This bool directly controls if the no_new_privs flag will 2604 be set on the container process. AllowPrivilegeEscalation 2605 is true always when the container is: 1) run as Privileged 2606 2) has CAP_SYS_ADMIN' 2607 type: boolean 2608 capabilities: 2609 description: The capabilities to add/drop when running containers. 2610 Defaults to the default set of capabilities granted by 2611 the container runtime. 2612 properties: 2613 add: 2614 description: Added capabilities 2615 items: 2616 description: Capability represent POSIX capabilities 2617 type 2618 type: string 2619 type: array 2620 drop: 2621 description: Removed capabilities 2622 items: 2623 description: Capability represent POSIX capabilities 2624 type 2625 type: string 2626 type: array 2627 type: object 2628 privileged: 2629 description: Run container in privileged mode. Processes 2630 in privileged containers are essentially equivalent to 2631 root on the host. Defaults to false. 2632 type: boolean 2633 procMount: 2634 description: procMount denotes the type of proc mount to 2635 use for the containers. The default is DefaultProcMount 2636 which uses the container runtime defaults for readonly 2637 paths and masked paths. This requires the ProcMountType 2638 feature flag to be enabled. 2639 type: string 2640 readOnlyRootFilesystem: 2641 description: Whether this container has a read-only root 2642 filesystem. Default is false. 2643 type: boolean 2644 runAsGroup: 2645 description: The GID to run the entrypoint of the container 2646 process. Uses runtime default if unset. May also be set 2647 in PodSecurityContext. If set in both SecurityContext 2648 and PodSecurityContext, the value specified in SecurityContext 2649 takes precedence. 2650 format: int64 2651 type: integer 2652 runAsNonRoot: 2653 description: Indicates that the container must run as a 2654 non-root user. If true, the Kubelet will validate the 2655 image at runtime to ensure that it does not run as UID 2656 0 (root) and fail to start the container if it does. If 2657 unset or false, no such validation will be performed. 2658 May also be set in PodSecurityContext. If set in both 2659 SecurityContext and PodSecurityContext, the value specified 2660 in SecurityContext takes precedence. 2661 type: boolean 2662 runAsUser: 2663 description: The UID to run the entrypoint of the container 2664 process. Defaults to user specified in image metadata 2665 if unspecified. May also be set in PodSecurityContext. If 2666 set in both SecurityContext and PodSecurityContext, the 2667 value specified in SecurityContext takes precedence. 2668 format: int64 2669 type: integer 2670 seLinuxOptions: 2671 description: The SELinux context to be applied to the container. 2672 If unspecified, the container runtime will allocate a 2673 random SELinux context for each container. May also be 2674 set in PodSecurityContext. If set in both SecurityContext 2675 and PodSecurityContext, the value specified in SecurityContext 2676 takes precedence. 2677 properties: 2678 level: 2679 description: Level is SELinux level label that applies 2680 to the container. 2681 type: string 2682 role: 2683 description: Role is a SELinux role label that applies 2684 to the container. 2685 type: string 2686 type: 2687 description: Type is a SELinux type label that applies 2688 to the container. 2689 type: string 2690 user: 2691 description: User is a SELinux user label that applies 2692 to the container. 2693 type: string 2694 type: object 2695 windowsOptions: 2696 description: The Windows specific settings applied to all 2697 containers. If unspecified, the options from the PodSecurityContext 2698 will be used. If set in both SecurityContext and PodSecurityContext, 2699 the value specified in SecurityContext takes precedence. 2700 properties: 2701 gmsaCredentialSpec: 2702 description: GMSACredentialSpec is where the GMSA admission 2703 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 2704 inlines the contents of the GMSA credential spec named 2705 by the GMSACredentialSpecName field. 2706 type: string 2707 gmsaCredentialSpecName: 2708 description: GMSACredentialSpecName is the name of the 2709 GMSA credential spec to use. 2710 type: string 2711 runAsUserName: 2712 description: The UserName in Windows to run the entrypoint 2713 of the container process. Defaults to the user specified 2714 in image metadata if unspecified. May also be set 2715 in PodSecurityContext. If set in both SecurityContext 2716 and PodSecurityContext, the value specified in SecurityContext 2717 takes precedence. 2718 type: string 2719 type: object 2720 type: object 2721 startupProbe: 2722 description: 'StartupProbe indicates that the Pod has successfully 2723 initialized. If specified, no other probes are executed until 2724 this completes successfully. If this probe fails, the Pod 2725 will be restarted, just as if the livenessProbe failed. This 2726 can be used to provide different probe parameters at the beginning 2727 of a Pod''s lifecycle, when it might take a long time to load 2728 data or warm a cache, than during steady-state operation. 2729 This cannot be updated. This is a beta feature enabled by 2730 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2731 properties: 2732 exec: 2733 description: One and only one of the following should be 2734 specified. Exec specifies the action to take. 2735 properties: 2736 command: 2737 description: Command is the command line to execute 2738 inside the container, the working directory for the 2739 command is root ('/') in the container's filesystem. 2740 The command is simply exec'd, it is not run inside 2741 a shell, so traditional shell instructions ('|', etc) 2742 won't work. To use a shell, you need to explicitly 2743 call out to that shell. Exit status of 0 is treated 2744 as live/healthy and non-zero is unhealthy. 2745 items: 2746 type: string 2747 type: array 2748 type: object 2749 failureThreshold: 2750 description: Minimum consecutive failures for the probe 2751 to be considered failed after having succeeded. Defaults 2752 to 3. Minimum value is 1. 2753 format: int32 2754 type: integer 2755 httpGet: 2756 description: HTTPGet specifies the http request to perform. 2757 properties: 2758 host: 2759 description: Host name to connect to, defaults to the 2760 pod IP. You probably want to set "Host" in httpHeaders 2761 instead. 2762 type: string 2763 httpHeaders: 2764 description: Custom headers to set in the request. HTTP 2765 allows repeated headers. 2766 items: 2767 description: HTTPHeader describes a custom header 2768 to be used in HTTP probes 2769 properties: 2770 name: 2771 description: The header field name 2772 type: string 2773 value: 2774 description: The header field value 2775 type: string 2776 required: 2777 - name 2778 - value 2779 type: object 2780 type: array 2781 path: 2782 description: Path to access on the HTTP server. 2783 type: string 2784 port: 2785 anyOf: 2786 - type: integer 2787 - type: string 2788 description: Name or number of the port to access on 2789 the container. Number must be in the range 1 to 65535. 2790 Name must be an IANA_SVC_NAME. 2791 x-kubernetes-int-or-string: true 2792 scheme: 2793 description: Scheme to use for connecting to the host. 2794 Defaults to HTTP. 2795 type: string 2796 required: 2797 - port 2798 type: object 2799 initialDelaySeconds: 2800 description: 'Number of seconds after the container has 2801 started before liveness probes are initiated. More info: 2802 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2803 format: int32 2804 type: integer 2805 periodSeconds: 2806 description: How often (in seconds) to perform the probe. 2807 Default to 10 seconds. Minimum value is 1. 2808 format: int32 2809 type: integer 2810 successThreshold: 2811 description: Minimum consecutive successes for the probe 2812 to be considered successful after having failed. Defaults 2813 to 1. Must be 1 for liveness and startup. Minimum value 2814 is 1. 2815 format: int32 2816 type: integer 2817 tcpSocket: 2818 description: 'TCPSocket specifies an action involving a 2819 TCP port. TCP hooks not yet supported TODO: implement 2820 a realistic TCP lifecycle hook' 2821 properties: 2822 host: 2823 description: 'Optional: Host name to connect to, defaults 2824 to the pod IP.' 2825 type: string 2826 port: 2827 anyOf: 2828 - type: integer 2829 - type: string 2830 description: Number or name of the port to access on 2831 the container. Number must be in the range 1 to 65535. 2832 Name must be an IANA_SVC_NAME. 2833 x-kubernetes-int-or-string: true 2834 required: 2835 - port 2836 type: object 2837 timeoutSeconds: 2838 description: 'Number of seconds after which the probe times 2839 out. Defaults to 1 second. Minimum value is 1. More info: 2840 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 2841 format: int32 2842 type: integer 2843 type: object 2844 stdin: 2845 description: Whether this container should allocate a buffer 2846 for stdin in the container runtime. If this is not set, reads 2847 from stdin in the container will always result in EOF. Default 2848 is false. 2849 type: boolean 2850 stdinOnce: 2851 description: Whether the container runtime should close the 2852 stdin channel after it has been opened by a single attach. 2853 When stdin is true the stdin stream will remain open across 2854 multiple attach sessions. If stdinOnce is set to true, stdin 2855 is opened on container start, is empty until the first client 2856 attaches to stdin, and then remains open and accepts data 2857 until the client disconnects, at which time stdin is closed 2858 and remains closed until the container is restarted. If this 2859 flag is false, a container processes that reads from stdin 2860 will never receive an EOF. Default is false 2861 type: boolean 2862 terminationMessagePath: 2863 description: 'Optional: Path at which the file to which the 2864 container''s termination message will be written is mounted 2865 into the container''s filesystem. Message written is intended 2866 to be brief final status, such as an assertion failure message. 2867 Will be truncated by the node if greater than 4096 bytes. 2868 The total message length across all containers will be limited 2869 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 2870 type: string 2871 terminationMessagePolicy: 2872 description: Indicate how the termination message should be 2873 populated. File will use the contents of terminationMessagePath 2874 to populate the container status message on both success and 2875 failure. FallbackToLogsOnError will use the last chunk of 2876 container log output if the termination message file is empty 2877 and the container exited with an error. The log output is 2878 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 2879 to File. Cannot be updated. 2880 type: string 2881 tty: 2882 description: Whether this container should allocate a TTY for 2883 itself, also requires 'stdin' to be true. Default is false. 2884 type: boolean 2885 volumeDevices: 2886 description: volumeDevices is the list of block devices to be 2887 used by the container. 2888 items: 2889 description: volumeDevice describes a mapping of a raw block 2890 device within a container. 2891 properties: 2892 devicePath: 2893 description: devicePath is the path inside of the container 2894 that the device will be mapped to. 2895 type: string 2896 name: 2897 description: name must match the name of a persistentVolumeClaim 2898 in the pod 2899 type: string 2900 required: 2901 - devicePath 2902 - name 2903 type: object 2904 type: array 2905 volumeMounts: 2906 description: Pod volumes to mount into the container's filesystem. 2907 Cannot be updated. 2908 items: 2909 description: VolumeMount describes a mounting of a Volume 2910 within a container. 2911 properties: 2912 mountPath: 2913 description: Path within the container at which the volume 2914 should be mounted. Must not contain ':'. 2915 type: string 2916 mountPropagation: 2917 description: mountPropagation determines how mounts are 2918 propagated from the host to container and the other 2919 way around. When not set, MountPropagationNone is used. 2920 This field is beta in 1.10. 2921 type: string 2922 name: 2923 description: This must match the Name of a Volume. 2924 type: string 2925 readOnly: 2926 description: Mounted read-only if true, read-write otherwise 2927 (false or unspecified). Defaults to false. 2928 type: boolean 2929 subPath: 2930 description: Path within the volume from which the container's 2931 volume should be mounted. Defaults to "" (volume's root). 2932 type: string 2933 subPathExpr: 2934 description: Expanded path within the volume from which 2935 the container's volume should be mounted. Behaves similarly 2936 to SubPath but environment variable references $(VAR_NAME) 2937 are expanded using the container's environment. Defaults 2938 to "" (volume's root). SubPathExpr and SubPath are mutually 2939 exclusive. 2940 type: string 2941 required: 2942 - mountPath 2943 - name 2944 type: object 2945 type: array 2946 workingDir: 2947 description: Container's working directory. If not specified, 2948 the container runtime's default will be used, which might 2949 be configured in the container image. Cannot be updated. 2950 type: string 2951 required: 2952 - name 2953 type: object 2954 type: array 2955 externalUrl: 2956 description: The external URL the Alertmanager instances will be available 2957 under. This is necessary to generate correct URLs. This is necessary 2958 if Alertmanager is not served from root of a DNS name. 2959 type: string 2960 forceEnableClusterMode: 2961 description: ForceEnableClusterMode ensures Alertmanager does not 2962 deactivate the cluster mode when running with a single replica. 2963 Use case is e.g. spanning an Alertmanager cluster across Kubernetes 2964 clusters with a single replica in each. 2965 type: boolean 2966 image: 2967 description: Image if specified has precedence over baseImage, tag 2968 and sha combinations. Specifying the version is still necessary 2969 to ensure the Prometheus Operator knows what version of Alertmanager 2970 is being configured. 2971 type: string 2972 imagePullSecrets: 2973 description: An optional list of references to secrets in the same 2974 namespace to use for pulling prometheus and alertmanager images 2975 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 2976 items: 2977 description: LocalObjectReference contains enough information to 2978 let you locate the referenced object inside the same namespace. 2979 properties: 2980 name: 2981 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2982 TODO: Add other useful fields. apiVersion, kind, uid?' 2983 type: string 2984 type: object 2985 type: array 2986 initContainers: 2987 description: 'InitContainers allows adding initContainers to the pod 2988 definition. Those can be used to e.g. fetch secrets for injection 2989 into the Alertmanager configuration from external sources. Any errors 2990 during the execution of an initContainer will lead to a restart 2991 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 2992 Using initContainers for any use case other then secret fetching 2993 is entirely outside the scope of what the maintainers will support 2994 and by doing so, you accept that this behaviour may break at any 2995 time without notice.' 2996 items: 2997 description: A single application container that you want to run 2998 within a pod. 2999 properties: 3000 args: 3001 description: 'Arguments to the entrypoint. The docker image''s 3002 CMD is used if this is not provided. Variable references $(VAR_NAME) 3003 are expanded using the container''s environment. If a variable 3004 cannot be resolved, the reference in the input string will 3005 be unchanged. The $(VAR_NAME) syntax can be escaped with a 3006 double $$, ie: $$(VAR_NAME). Escaped references will never 3007 be expanded, regardless of whether the variable exists or 3008 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3009 items: 3010 type: string 3011 type: array 3012 command: 3013 description: 'Entrypoint array. Not executed within a shell. 3014 The docker image''s ENTRYPOINT is used if this is not provided. 3015 Variable references $(VAR_NAME) are expanded using the container''s 3016 environment. If a variable cannot be resolved, the reference 3017 in the input string will be unchanged. The $(VAR_NAME) syntax 3018 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 3019 references will never be expanded, regardless of whether the 3020 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3021 items: 3022 type: string 3023 type: array 3024 env: 3025 description: List of environment variables to set in the container. 3026 Cannot be updated. 3027 items: 3028 description: EnvVar represents an environment variable present 3029 in a Container. 3030 properties: 3031 name: 3032 description: Name of the environment variable. Must be 3033 a C_IDENTIFIER. 3034 type: string 3035 value: 3036 description: 'Variable references $(VAR_NAME) are expanded 3037 using the previous defined environment variables in 3038 the container and any service environment variables. 3039 If a variable cannot be resolved, the reference in the 3040 input string will be unchanged. The $(VAR_NAME) syntax 3041 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 3042 references will never be expanded, regardless of whether 3043 the variable exists or not. Defaults to "".' 3044 type: string 3045 valueFrom: 3046 description: Source for the environment variable's value. 3047 Cannot be used if value is not empty. 3048 properties: 3049 configMapKeyRef: 3050 description: Selects a key of a ConfigMap. 3051 properties: 3052 key: 3053 description: The key to select. 3054 type: string 3055 name: 3056 description: 'Name of the referent. More info: 3057 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3058 TODO: Add other useful fields. apiVersion, kind, 3059 uid?' 3060 type: string 3061 optional: 3062 description: Specify whether the ConfigMap or 3063 its key must be defined 3064 type: boolean 3065 required: 3066 - key 3067 type: object 3068 fieldRef: 3069 description: 'Selects a field of the pod: supports 3070 metadata.name, metadata.namespace, metadata.labels, 3071 metadata.annotations, spec.nodeName, spec.serviceAccountName, 3072 status.hostIP, status.podIP, status.podIPs.' 3073 properties: 3074 apiVersion: 3075 description: Version of the schema the FieldPath 3076 is written in terms of, defaults to "v1". 3077 type: string 3078 fieldPath: 3079 description: Path of the field to select in the 3080 specified API version. 3081 type: string 3082 required: 3083 - fieldPath 3084 type: object 3085 resourceFieldRef: 3086 description: 'Selects a resource of the container: 3087 only resources limits and requests (limits.cpu, 3088 limits.memory, limits.ephemeral-storage, requests.cpu, 3089 requests.memory and requests.ephemeral-storage) 3090 are currently supported.' 3091 properties: 3092 containerName: 3093 description: 'Container name: required for volumes, 3094 optional for env vars' 3095 type: string 3096 divisor: 3097 description: Specifies the output format of the 3098 exposed resources, defaults to "1" 3099 type: string 3100 resource: 3101 description: 'Required: resource to select' 3102 type: string 3103 required: 3104 - resource 3105 type: object 3106 secretKeyRef: 3107 description: Selects a key of a secret in the pod's 3108 namespace 3109 properties: 3110 key: 3111 description: The key of the secret to select from. Must 3112 be a valid secret key. 3113 type: string 3114 name: 3115 description: 'Name of the referent. More info: 3116 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3117 TODO: Add other useful fields. apiVersion, kind, 3118 uid?' 3119 type: string 3120 optional: 3121 description: Specify whether the Secret or its 3122 key must be defined 3123 type: boolean 3124 required: 3125 - key 3126 type: object 3127 type: object 3128 required: 3129 - name 3130 type: object 3131 type: array 3132 envFrom: 3133 description: List of sources to populate environment variables 3134 in the container. The keys defined within a source must be 3135 a C_IDENTIFIER. All invalid keys will be reported as an event 3136 when the container is starting. When a key exists in multiple 3137 sources, the value associated with the last source will take 3138 precedence. Values defined by an Env with a duplicate key 3139 will take precedence. Cannot be updated. 3140 items: 3141 description: EnvFromSource represents the source of a set 3142 of ConfigMaps 3143 properties: 3144 configMapRef: 3145 description: The ConfigMap to select from 3146 properties: 3147 name: 3148 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3149 TODO: Add other useful fields. apiVersion, kind, 3150 uid?' 3151 type: string 3152 optional: 3153 description: Specify whether the ConfigMap must be 3154 defined 3155 type: boolean 3156 type: object 3157 prefix: 3158 description: An optional identifier to prepend to each 3159 key in the ConfigMap. Must be a C_IDENTIFIER. 3160 type: string 3161 secretRef: 3162 description: The Secret to select from 3163 properties: 3164 name: 3165 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3166 TODO: Add other useful fields. apiVersion, kind, 3167 uid?' 3168 type: string 3169 optional: 3170 description: Specify whether the Secret must be defined 3171 type: boolean 3172 type: object 3173 type: object 3174 type: array 3175 image: 3176 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3177 This field is optional to allow higher level config management 3178 to default or override container images in workload controllers 3179 like Deployments and StatefulSets.' 3180 type: string 3181 imagePullPolicy: 3182 description: 'Image pull policy. One of Always, Never, IfNotPresent. 3183 Defaults to Always if :latest tag is specified, or IfNotPresent 3184 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3185 type: string 3186 lifecycle: 3187 description: Actions that the management system should take 3188 in response to container lifecycle events. Cannot be updated. 3189 properties: 3190 postStart: 3191 description: 'PostStart is called immediately after a container 3192 is created. If the handler fails, the container is terminated 3193 and restarted according to its restart policy. Other management 3194 of the container blocks until the hook completes. More 3195 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3196 properties: 3197 exec: 3198 description: One and only one of the following should 3199 be specified. Exec specifies the action to take. 3200 properties: 3201 command: 3202 description: Command is the command line to execute 3203 inside the container, the working directory for 3204 the command is root ('/') in the container's 3205 filesystem. The command is simply exec'd, it is 3206 not run inside a shell, so traditional shell instructions 3207 ('|', etc) won't work. To use a shell, you need 3208 to explicitly call out to that shell. Exit status 3209 of 0 is treated as live/healthy and non-zero is 3210 unhealthy. 3211 items: 3212 type: string 3213 type: array 3214 type: object 3215 httpGet: 3216 description: HTTPGet specifies the http request to perform. 3217 properties: 3218 host: 3219 description: Host name to connect to, defaults to 3220 the pod IP. You probably want to set "Host" in 3221 httpHeaders instead. 3222 type: string 3223 httpHeaders: 3224 description: Custom headers to set in the request. 3225 HTTP allows repeated headers. 3226 items: 3227 description: HTTPHeader describes a custom header 3228 to be used in HTTP probes 3229 properties: 3230 name: 3231 description: The header field name 3232 type: string 3233 value: 3234 description: The header field value 3235 type: string 3236 required: 3237 - name 3238 - value 3239 type: object 3240 type: array 3241 path: 3242 description: Path to access on the HTTP server. 3243 type: string 3244 port: 3245 anyOf: 3246 - type: integer 3247 - type: string 3248 description: Name or number of the port to access 3249 on the container. Number must be in the range 3250 1 to 65535. Name must be an IANA_SVC_NAME. 3251 x-kubernetes-int-or-string: true 3252 scheme: 3253 description: Scheme to use for connecting to the 3254 host. Defaults to HTTP. 3255 type: string 3256 required: 3257 - port 3258 type: object 3259 tcpSocket: 3260 description: 'TCPSocket specifies an action involving 3261 a TCP port. TCP hooks not yet supported TODO: implement 3262 a realistic TCP lifecycle hook' 3263 properties: 3264 host: 3265 description: 'Optional: Host name to connect to, 3266 defaults to the pod IP.' 3267 type: string 3268 port: 3269 anyOf: 3270 - type: integer 3271 - type: string 3272 description: Number or name of the port to access 3273 on the container. Number must be in the range 3274 1 to 65535. Name must be an IANA_SVC_NAME. 3275 x-kubernetes-int-or-string: true 3276 required: 3277 - port 3278 type: object 3279 type: object 3280 preStop: 3281 description: 'PreStop is called immediately before a container 3282 is terminated due to an API request or management event 3283 such as liveness/startup probe failure, preemption, resource 3284 contention, etc. The handler is not called if the container 3285 crashes or exits. The reason for termination is passed 3286 to the handler. The Pod''s termination grace period countdown 3287 begins before the PreStop hooked is executed. Regardless 3288 of the outcome of the handler, the container will eventually 3289 terminate within the Pod''s termination grace period. 3290 Other management of the container blocks until the hook 3291 completes or until the termination grace period is reached. 3292 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3293 properties: 3294 exec: 3295 description: One and only one of the following should 3296 be specified. Exec specifies the action to take. 3297 properties: 3298 command: 3299 description: Command is the command line to execute 3300 inside the container, the working directory for 3301 the command is root ('/') in the container's 3302 filesystem. The command is simply exec'd, it is 3303 not run inside a shell, so traditional shell instructions 3304 ('|', etc) won't work. To use a shell, you need 3305 to explicitly call out to that shell. Exit status 3306 of 0 is treated as live/healthy and non-zero is 3307 unhealthy. 3308 items: 3309 type: string 3310 type: array 3311 type: object 3312 httpGet: 3313 description: HTTPGet specifies the http request to perform. 3314 properties: 3315 host: 3316 description: Host name to connect to, defaults to 3317 the pod IP. You probably want to set "Host" in 3318 httpHeaders instead. 3319 type: string 3320 httpHeaders: 3321 description: Custom headers to set in the request. 3322 HTTP allows repeated headers. 3323 items: 3324 description: HTTPHeader describes a custom header 3325 to be used in HTTP probes 3326 properties: 3327 name: 3328 description: The header field name 3329 type: string 3330 value: 3331 description: The header field value 3332 type: string 3333 required: 3334 - name 3335 - value 3336 type: object 3337 type: array 3338 path: 3339 description: Path to access on the HTTP server. 3340 type: string 3341 port: 3342 anyOf: 3343 - type: integer 3344 - type: string 3345 description: Name or number of the port to access 3346 on the container. Number must be in the range 3347 1 to 65535. Name must be an IANA_SVC_NAME. 3348 x-kubernetes-int-or-string: true 3349 scheme: 3350 description: Scheme to use for connecting to the 3351 host. Defaults to HTTP. 3352 type: string 3353 required: 3354 - port 3355 type: object 3356 tcpSocket: 3357 description: 'TCPSocket specifies an action involving 3358 a TCP port. TCP hooks not yet supported TODO: implement 3359 a realistic TCP lifecycle hook' 3360 properties: 3361 host: 3362 description: 'Optional: Host name to connect to, 3363 defaults to the pod IP.' 3364 type: string 3365 port: 3366 anyOf: 3367 - type: integer 3368 - type: string 3369 description: Number or name of the port to access 3370 on the container. Number must be in the range 3371 1 to 65535. Name must be an IANA_SVC_NAME. 3372 x-kubernetes-int-or-string: true 3373 required: 3374 - port 3375 type: object 3376 type: object 3377 type: object 3378 livenessProbe: 3379 description: 'Periodic probe of container liveness. Container 3380 will be restarted if the probe fails. Cannot be updated. More 3381 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3382 properties: 3383 exec: 3384 description: One and only one of the following should be 3385 specified. Exec specifies the action to take. 3386 properties: 3387 command: 3388 description: Command is the command line to execute 3389 inside the container, the working directory for the 3390 command is root ('/') in the container's filesystem. 3391 The command is simply exec'd, it is not run inside 3392 a shell, so traditional shell instructions ('|', etc) 3393 won't work. To use a shell, you need to explicitly 3394 call out to that shell. Exit status of 0 is treated 3395 as live/healthy and non-zero is unhealthy. 3396 items: 3397 type: string 3398 type: array 3399 type: object 3400 failureThreshold: 3401 description: Minimum consecutive failures for the probe 3402 to be considered failed after having succeeded. Defaults 3403 to 3. Minimum value is 1. 3404 format: int32 3405 type: integer 3406 httpGet: 3407 description: HTTPGet specifies the http request to perform. 3408 properties: 3409 host: 3410 description: Host name to connect to, defaults to the 3411 pod IP. You probably want to set "Host" in httpHeaders 3412 instead. 3413 type: string 3414 httpHeaders: 3415 description: Custom headers to set in the request. HTTP 3416 allows repeated headers. 3417 items: 3418 description: HTTPHeader describes a custom header 3419 to be used in HTTP probes 3420 properties: 3421 name: 3422 description: The header field name 3423 type: string 3424 value: 3425 description: The header field value 3426 type: string 3427 required: 3428 - name 3429 - value 3430 type: object 3431 type: array 3432 path: 3433 description: Path to access on the HTTP server. 3434 type: string 3435 port: 3436 anyOf: 3437 - type: integer 3438 - type: string 3439 description: Name or number of the port to access on 3440 the container. Number must be in the range 1 to 65535. 3441 Name must be an IANA_SVC_NAME. 3442 x-kubernetes-int-or-string: true 3443 scheme: 3444 description: Scheme to use for connecting to the host. 3445 Defaults to HTTP. 3446 type: string 3447 required: 3448 - port 3449 type: object 3450 initialDelaySeconds: 3451 description: 'Number of seconds after the container has 3452 started before liveness probes are initiated. More info: 3453 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3454 format: int32 3455 type: integer 3456 periodSeconds: 3457 description: How often (in seconds) to perform the probe. 3458 Default to 10 seconds. Minimum value is 1. 3459 format: int32 3460 type: integer 3461 successThreshold: 3462 description: Minimum consecutive successes for the probe 3463 to be considered successful after having failed. Defaults 3464 to 1. Must be 1 for liveness and startup. Minimum value 3465 is 1. 3466 format: int32 3467 type: integer 3468 tcpSocket: 3469 description: 'TCPSocket specifies an action involving a 3470 TCP port. TCP hooks not yet supported TODO: implement 3471 a realistic TCP lifecycle hook' 3472 properties: 3473 host: 3474 description: 'Optional: Host name to connect to, defaults 3475 to the pod IP.' 3476 type: string 3477 port: 3478 anyOf: 3479 - type: integer 3480 - type: string 3481 description: Number or name of the port to access on 3482 the container. Number must be in the range 1 to 65535. 3483 Name must be an IANA_SVC_NAME. 3484 x-kubernetes-int-or-string: true 3485 required: 3486 - port 3487 type: object 3488 timeoutSeconds: 3489 description: 'Number of seconds after which the probe times 3490 out. Defaults to 1 second. Minimum value is 1. More info: 3491 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3492 format: int32 3493 type: integer 3494 type: object 3495 name: 3496 description: Name of the container specified as a DNS_LABEL. 3497 Each container in a pod must have a unique name (DNS_LABEL). 3498 Cannot be updated. 3499 type: string 3500 ports: 3501 description: List of ports to expose from the container. Exposing 3502 a port here gives the system additional information about 3503 the network connections a container uses, but is primarily 3504 informational. Not specifying a port here DOES NOT prevent 3505 that port from being exposed. Any port which is listening 3506 on the default "0.0.0.0" address inside a container will be 3507 accessible from the network. Cannot be updated. 3508 items: 3509 description: ContainerPort represents a network port in a 3510 single container. 3511 properties: 3512 containerPort: 3513 description: Number of port to expose on the pod's IP 3514 address. This must be a valid port number, 0 < x < 65536. 3515 format: int32 3516 type: integer 3517 hostIP: 3518 description: What host IP to bind the external port to. 3519 type: string 3520 hostPort: 3521 description: Number of port to expose on the host. If 3522 specified, this must be a valid port number, 0 < x < 3523 65536. If HostNetwork is specified, this must match 3524 ContainerPort. Most containers do not need this. 3525 format: int32 3526 type: integer 3527 name: 3528 description: If specified, this must be an IANA_SVC_NAME 3529 and unique within the pod. Each named port in a pod 3530 must have a unique name. Name for the port that can 3531 be referred to by services. 3532 type: string 3533 protocol: 3534 description: Protocol for port. Must be UDP, TCP, or SCTP. 3535 Defaults to "TCP". 3536 type: string 3537 required: 3538 - containerPort 3539 type: object 3540 type: array 3541 readinessProbe: 3542 description: 'Periodic probe of container service readiness. 3543 Container will be removed from service endpoints if the probe 3544 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3545 properties: 3546 exec: 3547 description: One and only one of the following should be 3548 specified. Exec specifies the action to take. 3549 properties: 3550 command: 3551 description: Command is the command line to execute 3552 inside the container, the working directory for the 3553 command is root ('/') in the container's filesystem. 3554 The command is simply exec'd, it is not run inside 3555 a shell, so traditional shell instructions ('|', etc) 3556 won't work. To use a shell, you need to explicitly 3557 call out to that shell. Exit status of 0 is treated 3558 as live/healthy and non-zero is unhealthy. 3559 items: 3560 type: string 3561 type: array 3562 type: object 3563 failureThreshold: 3564 description: Minimum consecutive failures for the probe 3565 to be considered failed after having succeeded. Defaults 3566 to 3. Minimum value is 1. 3567 format: int32 3568 type: integer 3569 httpGet: 3570 description: HTTPGet specifies the http request to perform. 3571 properties: 3572 host: 3573 description: Host name to connect to, defaults to the 3574 pod IP. You probably want to set "Host" in httpHeaders 3575 instead. 3576 type: string 3577 httpHeaders: 3578 description: Custom headers to set in the request. HTTP 3579 allows repeated headers. 3580 items: 3581 description: HTTPHeader describes a custom header 3582 to be used in HTTP probes 3583 properties: 3584 name: 3585 description: The header field name 3586 type: string 3587 value: 3588 description: The header field value 3589 type: string 3590 required: 3591 - name 3592 - value 3593 type: object 3594 type: array 3595 path: 3596 description: Path to access on the HTTP server. 3597 type: string 3598 port: 3599 anyOf: 3600 - type: integer 3601 - type: string 3602 description: Name or number of the port to access on 3603 the container. Number must be in the range 1 to 65535. 3604 Name must be an IANA_SVC_NAME. 3605 x-kubernetes-int-or-string: true 3606 scheme: 3607 description: Scheme to use for connecting to the host. 3608 Defaults to HTTP. 3609 type: string 3610 required: 3611 - port 3612 type: object 3613 initialDelaySeconds: 3614 description: 'Number of seconds after the container has 3615 started before liveness probes are initiated. More info: 3616 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3617 format: int32 3618 type: integer 3619 periodSeconds: 3620 description: How often (in seconds) to perform the probe. 3621 Default to 10 seconds. Minimum value is 1. 3622 format: int32 3623 type: integer 3624 successThreshold: 3625 description: Minimum consecutive successes for the probe 3626 to be considered successful after having failed. Defaults 3627 to 1. Must be 1 for liveness and startup. Minimum value 3628 is 1. 3629 format: int32 3630 type: integer 3631 tcpSocket: 3632 description: 'TCPSocket specifies an action involving a 3633 TCP port. TCP hooks not yet supported TODO: implement 3634 a realistic TCP lifecycle hook' 3635 properties: 3636 host: 3637 description: 'Optional: Host name to connect to, defaults 3638 to the pod IP.' 3639 type: string 3640 port: 3641 anyOf: 3642 - type: integer 3643 - type: string 3644 description: Number or name of the port to access on 3645 the container. Number must be in the range 1 to 65535. 3646 Name must be an IANA_SVC_NAME. 3647 x-kubernetes-int-or-string: true 3648 required: 3649 - port 3650 type: object 3651 timeoutSeconds: 3652 description: 'Number of seconds after which the probe times 3653 out. Defaults to 1 second. Minimum value is 1. More info: 3654 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3655 format: int32 3656 type: integer 3657 type: object 3658 resources: 3659 description: 'Compute Resources required by this container. 3660 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3661 properties: 3662 limits: 3663 additionalProperties: 3664 type: string 3665 description: 'Limits describes the maximum amount of compute 3666 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3667 type: object 3668 requests: 3669 additionalProperties: 3670 type: string 3671 description: 'Requests describes the minimum amount of compute 3672 resources required. If Requests is omitted for a container, 3673 it defaults to Limits if that is explicitly specified, 3674 otherwise to an implementation-defined value. More info: 3675 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 3676 type: object 3677 type: object 3678 securityContext: 3679 description: 'Security options the pod should run with. More 3680 info: https://kubernetes.io/docs/concepts/policy/security-context/ 3681 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 3682 properties: 3683 allowPrivilegeEscalation: 3684 description: 'AllowPrivilegeEscalation controls whether 3685 a process can gain more privileges than its parent process. 3686 This bool directly controls if the no_new_privs flag will 3687 be set on the container process. AllowPrivilegeEscalation 3688 is true always when the container is: 1) run as Privileged 3689 2) has CAP_SYS_ADMIN' 3690 type: boolean 3691 capabilities: 3692 description: The capabilities to add/drop when running containers. 3693 Defaults to the default set of capabilities granted by 3694 the container runtime. 3695 properties: 3696 add: 3697 description: Added capabilities 3698 items: 3699 description: Capability represent POSIX capabilities 3700 type 3701 type: string 3702 type: array 3703 drop: 3704 description: Removed capabilities 3705 items: 3706 description: Capability represent POSIX capabilities 3707 type 3708 type: string 3709 type: array 3710 type: object 3711 privileged: 3712 description: Run container in privileged mode. Processes 3713 in privileged containers are essentially equivalent to 3714 root on the host. Defaults to false. 3715 type: boolean 3716 procMount: 3717 description: procMount denotes the type of proc mount to 3718 use for the containers. The default is DefaultProcMount 3719 which uses the container runtime defaults for readonly 3720 paths and masked paths. This requires the ProcMountType 3721 feature flag to be enabled. 3722 type: string 3723 readOnlyRootFilesystem: 3724 description: Whether this container has a read-only root 3725 filesystem. Default is false. 3726 type: boolean 3727 runAsGroup: 3728 description: The GID to run the entrypoint of the container 3729 process. Uses runtime default if unset. May also be set 3730 in PodSecurityContext. If set in both SecurityContext 3731 and PodSecurityContext, the value specified in SecurityContext 3732 takes precedence. 3733 format: int64 3734 type: integer 3735 runAsNonRoot: 3736 description: Indicates that the container must run as a 3737 non-root user. If true, the Kubelet will validate the 3738 image at runtime to ensure that it does not run as UID 3739 0 (root) and fail to start the container if it does. If 3740 unset or false, no such validation will be performed. 3741 May also be set in PodSecurityContext. If set in both 3742 SecurityContext and PodSecurityContext, the value specified 3743 in SecurityContext takes precedence. 3744 type: boolean 3745 runAsUser: 3746 description: The UID to run the entrypoint of the container 3747 process. Defaults to user specified in image metadata 3748 if unspecified. May also be set in PodSecurityContext. If 3749 set in both SecurityContext and PodSecurityContext, the 3750 value specified in SecurityContext takes precedence. 3751 format: int64 3752 type: integer 3753 seLinuxOptions: 3754 description: The SELinux context to be applied to the container. 3755 If unspecified, the container runtime will allocate a 3756 random SELinux context for each container. May also be 3757 set in PodSecurityContext. If set in both SecurityContext 3758 and PodSecurityContext, the value specified in SecurityContext 3759 takes precedence. 3760 properties: 3761 level: 3762 description: Level is SELinux level label that applies 3763 to the container. 3764 type: string 3765 role: 3766 description: Role is a SELinux role label that applies 3767 to the container. 3768 type: string 3769 type: 3770 description: Type is a SELinux type label that applies 3771 to the container. 3772 type: string 3773 user: 3774 description: User is a SELinux user label that applies 3775 to the container. 3776 type: string 3777 type: object 3778 windowsOptions: 3779 description: The Windows specific settings applied to all 3780 containers. If unspecified, the options from the PodSecurityContext 3781 will be used. If set in both SecurityContext and PodSecurityContext, 3782 the value specified in SecurityContext takes precedence. 3783 properties: 3784 gmsaCredentialSpec: 3785 description: GMSACredentialSpec is where the GMSA admission 3786 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 3787 inlines the contents of the GMSA credential spec named 3788 by the GMSACredentialSpecName field. 3789 type: string 3790 gmsaCredentialSpecName: 3791 description: GMSACredentialSpecName is the name of the 3792 GMSA credential spec to use. 3793 type: string 3794 runAsUserName: 3795 description: The UserName in Windows to run the entrypoint 3796 of the container process. Defaults to the user specified 3797 in image metadata if unspecified. May also be set 3798 in PodSecurityContext. If set in both SecurityContext 3799 and PodSecurityContext, the value specified in SecurityContext 3800 takes precedence. 3801 type: string 3802 type: object 3803 type: object 3804 startupProbe: 3805 description: 'StartupProbe indicates that the Pod has successfully 3806 initialized. If specified, no other probes are executed until 3807 this completes successfully. If this probe fails, the Pod 3808 will be restarted, just as if the livenessProbe failed. This 3809 can be used to provide different probe parameters at the beginning 3810 of a Pod''s lifecycle, when it might take a long time to load 3811 data or warm a cache, than during steady-state operation. 3812 This cannot be updated. This is a beta feature enabled by 3813 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3814 properties: 3815 exec: 3816 description: One and only one of the following should be 3817 specified. Exec specifies the action to take. 3818 properties: 3819 command: 3820 description: Command is the command line to execute 3821 inside the container, the working directory for the 3822 command is root ('/') in the container's filesystem. 3823 The command is simply exec'd, it is not run inside 3824 a shell, so traditional shell instructions ('|', etc) 3825 won't work. To use a shell, you need to explicitly 3826 call out to that shell. Exit status of 0 is treated 3827 as live/healthy and non-zero is unhealthy. 3828 items: 3829 type: string 3830 type: array 3831 type: object 3832 failureThreshold: 3833 description: Minimum consecutive failures for the probe 3834 to be considered failed after having succeeded. Defaults 3835 to 3. Minimum value is 1. 3836 format: int32 3837 type: integer 3838 httpGet: 3839 description: HTTPGet specifies the http request to perform. 3840 properties: 3841 host: 3842 description: Host name to connect to, defaults to the 3843 pod IP. You probably want to set "Host" in httpHeaders 3844 instead. 3845 type: string 3846 httpHeaders: 3847 description: Custom headers to set in the request. HTTP 3848 allows repeated headers. 3849 items: 3850 description: HTTPHeader describes a custom header 3851 to be used in HTTP probes 3852 properties: 3853 name: 3854 description: The header field name 3855 type: string 3856 value: 3857 description: The header field value 3858 type: string 3859 required: 3860 - name 3861 - value 3862 type: object 3863 type: array 3864 path: 3865 description: Path to access on the HTTP server. 3866 type: string 3867 port: 3868 anyOf: 3869 - type: integer 3870 - type: string 3871 description: Name or number of the port to access on 3872 the container. Number must be in the range 1 to 65535. 3873 Name must be an IANA_SVC_NAME. 3874 x-kubernetes-int-or-string: true 3875 scheme: 3876 description: Scheme to use for connecting to the host. 3877 Defaults to HTTP. 3878 type: string 3879 required: 3880 - port 3881 type: object 3882 initialDelaySeconds: 3883 description: 'Number of seconds after the container has 3884 started before liveness probes are initiated. More info: 3885 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3886 format: int32 3887 type: integer 3888 periodSeconds: 3889 description: How often (in seconds) to perform the probe. 3890 Default to 10 seconds. Minimum value is 1. 3891 format: int32 3892 type: integer 3893 successThreshold: 3894 description: Minimum consecutive successes for the probe 3895 to be considered successful after having failed. Defaults 3896 to 1. Must be 1 for liveness and startup. Minimum value 3897 is 1. 3898 format: int32 3899 type: integer 3900 tcpSocket: 3901 description: 'TCPSocket specifies an action involving a 3902 TCP port. TCP hooks not yet supported TODO: implement 3903 a realistic TCP lifecycle hook' 3904 properties: 3905 host: 3906 description: 'Optional: Host name to connect to, defaults 3907 to the pod IP.' 3908 type: string 3909 port: 3910 anyOf: 3911 - type: integer 3912 - type: string 3913 description: Number or name of the port to access on 3914 the container. Number must be in the range 1 to 65535. 3915 Name must be an IANA_SVC_NAME. 3916 x-kubernetes-int-or-string: true 3917 required: 3918 - port 3919 type: object 3920 timeoutSeconds: 3921 description: 'Number of seconds after which the probe times 3922 out. Defaults to 1 second. Minimum value is 1. More info: 3923 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 3924 format: int32 3925 type: integer 3926 type: object 3927 stdin: 3928 description: Whether this container should allocate a buffer 3929 for stdin in the container runtime. If this is not set, reads 3930 from stdin in the container will always result in EOF. Default 3931 is false. 3932 type: boolean 3933 stdinOnce: 3934 description: Whether the container runtime should close the 3935 stdin channel after it has been opened by a single attach. 3936 When stdin is true the stdin stream will remain open across 3937 multiple attach sessions. If stdinOnce is set to true, stdin 3938 is opened on container start, is empty until the first client 3939 attaches to stdin, and then remains open and accepts data 3940 until the client disconnects, at which time stdin is closed 3941 and remains closed until the container is restarted. If this 3942 flag is false, a container processes that reads from stdin 3943 will never receive an EOF. Default is false 3944 type: boolean 3945 terminationMessagePath: 3946 description: 'Optional: Path at which the file to which the 3947 container''s termination message will be written is mounted 3948 into the container''s filesystem. Message written is intended 3949 to be brief final status, such as an assertion failure message. 3950 Will be truncated by the node if greater than 4096 bytes. 3951 The total message length across all containers will be limited 3952 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 3953 type: string 3954 terminationMessagePolicy: 3955 description: Indicate how the termination message should be 3956 populated. File will use the contents of terminationMessagePath 3957 to populate the container status message on both success and 3958 failure. FallbackToLogsOnError will use the last chunk of 3959 container log output if the termination message file is empty 3960 and the container exited with an error. The log output is 3961 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 3962 to File. Cannot be updated. 3963 type: string 3964 tty: 3965 description: Whether this container should allocate a TTY for 3966 itself, also requires 'stdin' to be true. Default is false. 3967 type: boolean 3968 volumeDevices: 3969 description: volumeDevices is the list of block devices to be 3970 used by the container. 3971 items: 3972 description: volumeDevice describes a mapping of a raw block 3973 device within a container. 3974 properties: 3975 devicePath: 3976 description: devicePath is the path inside of the container 3977 that the device will be mapped to. 3978 type: string 3979 name: 3980 description: name must match the name of a persistentVolumeClaim 3981 in the pod 3982 type: string 3983 required: 3984 - devicePath 3985 - name 3986 type: object 3987 type: array 3988 volumeMounts: 3989 description: Pod volumes to mount into the container's filesystem. 3990 Cannot be updated. 3991 items: 3992 description: VolumeMount describes a mounting of a Volume 3993 within a container. 3994 properties: 3995 mountPath: 3996 description: Path within the container at which the volume 3997 should be mounted. Must not contain ':'. 3998 type: string 3999 mountPropagation: 4000 description: mountPropagation determines how mounts are 4001 propagated from the host to container and the other 4002 way around. When not set, MountPropagationNone is used. 4003 This field is beta in 1.10. 4004 type: string 4005 name: 4006 description: This must match the Name of a Volume. 4007 type: string 4008 readOnly: 4009 description: Mounted read-only if true, read-write otherwise 4010 (false or unspecified). Defaults to false. 4011 type: boolean 4012 subPath: 4013 description: Path within the volume from which the container's 4014 volume should be mounted. Defaults to "" (volume's root). 4015 type: string 4016 subPathExpr: 4017 description: Expanded path within the volume from which 4018 the container's volume should be mounted. Behaves similarly 4019 to SubPath but environment variable references $(VAR_NAME) 4020 are expanded using the container's environment. Defaults 4021 to "" (volume's root). SubPathExpr and SubPath are mutually 4022 exclusive. 4023 type: string 4024 required: 4025 - mountPath 4026 - name 4027 type: object 4028 type: array 4029 workingDir: 4030 description: Container's working directory. If not specified, 4031 the container runtime's default will be used, which might 4032 be configured in the container image. Cannot be updated. 4033 type: string 4034 required: 4035 - name 4036 type: object 4037 type: array 4038 listenLocal: 4039 description: ListenLocal makes the Alertmanager server listen on loopback, 4040 so that it does not bind against the Pod IP. Note this is only for 4041 the Alertmanager UI, not the gossip communication. 4042 type: boolean 4043 logFormat: 4044 description: Log format for Alertmanager to be configured with. 4045 type: string 4046 logLevel: 4047 description: Log level for Alertmanager to be configured with. 4048 type: string 4049 nodeSelector: 4050 additionalProperties: 4051 type: string 4052 description: Define which Nodes the Pods are scheduled on. 4053 type: object 4054 paused: 4055 description: If set to true all actions on the underlying managed 4056 objects are not goint to be performed, except for delete actions. 4057 type: boolean 4058 podMetadata: 4059 description: PodMetadata configures Labels and Annotations which are 4060 propagated to the alertmanager pods. 4061 properties: 4062 annotations: 4063 additionalProperties: 4064 type: string 4065 description: 'Annotations is an unstructured key value map stored 4066 with a resource that may be set by external tools to store and 4067 retrieve arbitrary metadata. They are not queryable and should 4068 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 4069 type: object 4070 labels: 4071 additionalProperties: 4072 type: string 4073 description: 'Map of string keys and values that can be used to 4074 organize and categorize (scope and select) objects. May match 4075 selectors of replication controllers and services. More info: 4076 http://kubernetes.io/docs/user-guide/labels' 4077 type: object 4078 name: 4079 description: 'Name must be unique within a namespace. Is required 4080 when creating resources, although some resources may allow a 4081 client to request the generation of an appropriate name automatically. 4082 Name is primarily intended for creation idempotence and configuration 4083 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 4084 type: string 4085 type: object 4086 portName: 4087 description: Port name used for the pods and governing service. This 4088 defaults to web 4089 type: string 4090 priorityClassName: 4091 description: Priority class assigned to the Pods 4092 type: string 4093 replicas: 4094 description: Size is the expected size of the alertmanager cluster. 4095 The controller will eventually make the size of the running cluster 4096 equal to the expected size. 4097 format: int32 4098 type: integer 4099 resources: 4100 description: Define resources requests and limits for single Pods. 4101 properties: 4102 limits: 4103 additionalProperties: 4104 type: string 4105 description: 'Limits describes the maximum amount of compute resources 4106 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 4107 type: object 4108 requests: 4109 additionalProperties: 4110 type: string 4111 description: 'Requests describes the minimum amount of compute 4112 resources required. If Requests is omitted for a container, 4113 it defaults to Limits if that is explicitly specified, otherwise 4114 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 4115 type: object 4116 type: object 4117 retention: 4118 description: Time duration Alertmanager shall retain data for. Default 4119 is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` 4120 (milliseconds seconds minutes hours). 4121 type: string 4122 routePrefix: 4123 description: The route prefix Alertmanager registers HTTP handlers 4124 for. This is useful, if using ExternalURL and a proxy is rewriting 4125 HTTP routes of a request, and the actual ExternalURL is still true, 4126 but the server serves requests under a different route prefix. For 4127 example for use with `kubectl proxy`. 4128 type: string 4129 secrets: 4130 description: Secrets is a list of Secrets in the same namespace as 4131 the Alertmanager object, which shall be mounted into the Alertmanager 4132 Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>. 4133 items: 4134 type: string 4135 type: array 4136 securityContext: 4137 description: SecurityContext holds pod-level security attributes and 4138 common container settings. This defaults to the default PodSecurityContext. 4139 properties: 4140 fsGroup: 4141 description: "A special supplemental group that applies to all 4142 containers in a pod. Some volume types allow the Kubelet to 4143 change the ownership of that volume to be owned by the pod: 4144 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 4145 set (new files created in the volume will be owned by FSGroup) 4146 3. The permission bits are OR'd with rw-rw---- \n If unset, 4147 the Kubelet will not modify the ownership and permissions of 4148 any volume." 4149 format: int64 4150 type: integer 4151 fsGroupChangePolicy: 4152 description: 'fsGroupChangePolicy defines behavior of changing 4153 ownership and permission of the volume before being exposed 4154 inside Pod. This field will only apply to volume types which 4155 support fsGroup based ownership(and permissions). It will have 4156 no effect on ephemeral volume types such as: secret, configmaps 4157 and emptydir. Valid values are "OnRootMismatch" and "Always". 4158 If not specified defaults to "Always".' 4159 type: string 4160 runAsGroup: 4161 description: The GID to run the entrypoint of the container process. 4162 Uses runtime default if unset. May also be set in SecurityContext. If 4163 set in both SecurityContext and PodSecurityContext, the value 4164 specified in SecurityContext takes precedence for that container. 4165 format: int64 4166 type: integer 4167 runAsNonRoot: 4168 description: Indicates that the container must run as a non-root 4169 user. If true, the Kubelet will validate the image at runtime 4170 to ensure that it does not run as UID 0 (root) and fail to start 4171 the container if it does. If unset or false, no such validation 4172 will be performed. May also be set in SecurityContext. If set 4173 in both SecurityContext and PodSecurityContext, the value specified 4174 in SecurityContext takes precedence. 4175 type: boolean 4176 runAsUser: 4177 description: The UID to run the entrypoint of the container process. 4178 Defaults to user specified in image metadata if unspecified. 4179 May also be set in SecurityContext. If set in both SecurityContext 4180 and PodSecurityContext, the value specified in SecurityContext 4181 takes precedence for that container. 4182 format: int64 4183 type: integer 4184 seLinuxOptions: 4185 description: The SELinux context to be applied to all containers. 4186 If unspecified, the container runtime will allocate a random 4187 SELinux context for each container. May also be set in SecurityContext. If 4188 set in both SecurityContext and PodSecurityContext, the value 4189 specified in SecurityContext takes precedence for that container. 4190 properties: 4191 level: 4192 description: Level is SELinux level label that applies to 4193 the container. 4194 type: string 4195 role: 4196 description: Role is a SELinux role label that applies to 4197 the container. 4198 type: string 4199 type: 4200 description: Type is a SELinux type label that applies to 4201 the container. 4202 type: string 4203 user: 4204 description: User is a SELinux user label that applies to 4205 the container. 4206 type: string 4207 type: object 4208 supplementalGroups: 4209 description: A list of groups applied to the first process run 4210 in each container, in addition to the container's primary GID. If 4211 unspecified, no groups will be added to any container. 4212 items: 4213 format: int64 4214 type: integer 4215 type: array 4216 sysctls: 4217 description: Sysctls hold a list of namespaced sysctls used for 4218 the pod. Pods with unsupported sysctls (by the container runtime) 4219 might fail to launch. 4220 items: 4221 description: Sysctl defines a kernel parameter to be set 4222 properties: 4223 name: 4224 description: Name of a property to set 4225 type: string 4226 value: 4227 description: Value of a property to set 4228 type: string 4229 required: 4230 - name 4231 - value 4232 type: object 4233 type: array 4234 windowsOptions: 4235 description: The Windows specific settings applied to all containers. 4236 If unspecified, the options within a container's SecurityContext 4237 will be used. If set in both SecurityContext and PodSecurityContext, 4238 the value specified in SecurityContext takes precedence. 4239 properties: 4240 gmsaCredentialSpec: 4241 description: GMSACredentialSpec is where the GMSA admission 4242 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4243 inlines the contents of the GMSA credential spec named by 4244 the GMSACredentialSpecName field. 4245 type: string 4246 gmsaCredentialSpecName: 4247 description: GMSACredentialSpecName is the name of the GMSA 4248 credential spec to use. 4249 type: string 4250 runAsUserName: 4251 description: The UserName in Windows to run the entrypoint 4252 of the container process. Defaults to the user specified 4253 in image metadata if unspecified. May also be set in PodSecurityContext. 4254 If set in both SecurityContext and PodSecurityContext, the 4255 value specified in SecurityContext takes precedence. 4256 type: string 4257 type: object 4258 type: object 4259 serviceAccountName: 4260 description: ServiceAccountName is the name of the ServiceAccount 4261 to use to run the Prometheus Pods. 4262 type: string 4263 sha: 4264 description: 'SHA of Alertmanager container image to be deployed. 4265 Defaults to the value of `version`. Similar to a tag, but the SHA 4266 explicitly deploys an immutable container image. Version and Tag 4267 are ignored if SHA is set. Deprecated: use ''image'' instead. The 4268 image digest can be specified as part of the image URL.' 4269 type: string 4270 storage: 4271 description: Storage is the definition of how storage will be used 4272 by the Alertmanager instances. 4273 properties: 4274 disableMountSubPath: 4275 description: 'Deprecated: subPath usage will be disabled by default 4276 in a future release, this option will become unnecessary. DisableMountSubPath 4277 allows to remove any subPath usage in volume mounts.' 4278 type: boolean 4279 emptyDir: 4280 description: 'EmptyDirVolumeSource to be used by the Prometheus 4281 StatefulSets. If specified, used in place of any volumeClaimTemplate. 4282 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 4283 properties: 4284 medium: 4285 description: 'What type of storage medium should back this 4286 directory. The default is "" which means to use the node''s 4287 default medium. Must be an empty string (default) or Memory. 4288 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 4289 type: string 4290 sizeLimit: 4291 description: 'Total amount of local storage required for this 4292 EmptyDir volume. The size limit is also applicable for memory 4293 medium. The maximum usage on memory medium EmptyDir would 4294 be the minimum value between the SizeLimit specified here 4295 and the sum of memory limits of all containers in a pod. 4296 The default is nil which means that the limit is undefined. 4297 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 4298 type: string 4299 type: object 4300 volumeClaimTemplate: 4301 description: A PVC spec to be used by the Prometheus StatefulSets. 4302 properties: 4303 apiVersion: 4304 description: 'APIVersion defines the versioned schema of this 4305 representation of an object. Servers should convert recognized 4306 schemas to the latest internal value, and may reject unrecognized 4307 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 4308 type: string 4309 kind: 4310 description: 'Kind is a string value representing the REST 4311 resource this object represents. Servers may infer this 4312 from the endpoint the client submits requests to. Cannot 4313 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 4314 type: string 4315 metadata: 4316 description: EmbeddedMetadata contains metadata relevant to 4317 an EmbeddedResource. 4318 properties: 4319 annotations: 4320 additionalProperties: 4321 type: string 4322 description: 'Annotations is an unstructured key value 4323 map stored with a resource that may be set by external 4324 tools to store and retrieve arbitrary metadata. They 4325 are not queryable and should be preserved when modifying 4326 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 4327 type: object 4328 labels: 4329 additionalProperties: 4330 type: string 4331 description: 'Map of string keys and values that can be 4332 used to organize and categorize (scope and select) objects. 4333 May match selectors of replication controllers and services. 4334 More info: http://kubernetes.io/docs/user-guide/labels' 4335 type: object 4336 name: 4337 description: 'Name must be unique within a namespace. 4338 Is required when creating resources, although some resources 4339 may allow a client to request the generation of an appropriate 4340 name automatically. Name is primarily intended for creation 4341 idempotence and configuration definition. Cannot be 4342 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 4343 type: string 4344 type: object 4345 spec: 4346 description: 'Spec defines the desired characteristics of 4347 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4348 properties: 4349 accessModes: 4350 description: 'AccessModes contains the desired access 4351 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4352 items: 4353 type: string 4354 type: array 4355 dataSource: 4356 description: 'This field can be used to specify either: 4357 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot 4358 - Beta) * An existing PVC (PersistentVolumeClaim) * 4359 An existing custom resource/object that implements data 4360 population (Alpha) In order to use VolumeSnapshot object 4361 types, the appropriate feature gate must be enabled 4362 (VolumeSnapshotDataSource or AnyVolumeDataSource) If 4363 the provisioner or an external controller can support 4364 the specified data source, it will create a new volume 4365 based on the contents of the specified data source. 4366 If the specified data source is not supported, the volume 4367 will not be created and the failure will be reported 4368 as an event. In the future, we plan to support more 4369 data source types and the behavior of the provisioner 4370 may change.' 4371 properties: 4372 apiGroup: 4373 description: APIGroup is the group for the resource 4374 being referenced. If APIGroup is not specified, 4375 the specified Kind must be in the core API group. 4376 For any other third-party types, APIGroup is required. 4377 type: string 4378 kind: 4379 description: Kind is the type of resource being referenced 4380 type: string 4381 name: 4382 description: Name is the name of resource being referenced 4383 type: string 4384 required: 4385 - kind 4386 - name 4387 type: object 4388 resources: 4389 description: 'Resources represents the minimum resources 4390 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 4391 properties: 4392 limits: 4393 additionalProperties: 4394 type: string 4395 description: 'Limits describes the maximum amount 4396 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 4397 type: object 4398 requests: 4399 additionalProperties: 4400 type: string 4401 description: 'Requests describes the minimum amount 4402 of compute resources required. If Requests is omitted 4403 for a container, it defaults to Limits if that is 4404 explicitly specified, otherwise to an implementation-defined 4405 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 4406 type: object 4407 type: object 4408 selector: 4409 description: A label query over volumes to consider for 4410 binding. 4411 properties: 4412 matchExpressions: 4413 description: matchExpressions is a list of label selector 4414 requirements. The requirements are ANDed. 4415 items: 4416 description: A label selector requirement is a selector 4417 that contains values, a key, and an operator that 4418 relates the key and values. 4419 properties: 4420 key: 4421 description: key is the label key that the selector 4422 applies to. 4423 type: string 4424 operator: 4425 description: operator represents a key's relationship 4426 to a set of values. Valid operators are In, 4427 NotIn, Exists and DoesNotExist. 4428 type: string 4429 values: 4430 description: values is an array of string values. 4431 If the operator is In or NotIn, the values 4432 array must be non-empty. If the operator is 4433 Exists or DoesNotExist, the values array must 4434 be empty. This array is replaced during a 4435 strategic merge patch. 4436 items: 4437 type: string 4438 type: array 4439 required: 4440 - key 4441 - operator 4442 type: object 4443 type: array 4444 matchLabels: 4445 additionalProperties: 4446 type: string 4447 description: matchLabels is a map of {key,value} pairs. 4448 A single {key,value} in the matchLabels map is equivalent 4449 to an element of matchExpressions, whose key field 4450 is "key", the operator is "In", and the values array 4451 contains only "value". The requirements are ANDed. 4452 type: object 4453 type: object 4454 storageClassName: 4455 description: 'Name of the StorageClass required by the 4456 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 4457 type: string 4458 volumeMode: 4459 description: volumeMode defines what type of volume is 4460 required by the claim. Value of Filesystem is implied 4461 when not included in claim spec. 4462 type: string 4463 volumeName: 4464 description: VolumeName is the binding reference to the 4465 PersistentVolume backing this claim. 4466 type: string 4467 type: object 4468 status: 4469 description: 'Status represents the current information/status 4470 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 4471 properties: 4472 accessModes: 4473 description: 'AccessModes contains the actual access modes 4474 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 4475 items: 4476 type: string 4477 type: array 4478 capacity: 4479 additionalProperties: 4480 type: string 4481 description: Represents the actual resources of the underlying 4482 volume. 4483 type: object 4484 conditions: 4485 description: Current Condition of persistent volume claim. 4486 If underlying persistent volume is being resized then 4487 the Condition will be set to 'ResizeStarted'. 4488 items: 4489 description: PersistentVolumeClaimCondition contains 4490 details about state of pvc 4491 properties: 4492 lastProbeTime: 4493 description: Last time we probed the condition. 4494 format: date-time 4495 type: string 4496 lastTransitionTime: 4497 description: Last time the condition transitioned 4498 from one status to another. 4499 format: date-time 4500 type: string 4501 message: 4502 description: Human-readable message indicating details 4503 about last transition. 4504 type: string 4505 reason: 4506 description: Unique, this should be a short, machine 4507 understandable string that gives the reason for 4508 condition's last transition. If it reports "ResizeStarted" 4509 that means the underlying persistent volume is 4510 being resized. 4511 type: string 4512 status: 4513 type: string 4514 type: 4515 description: PersistentVolumeClaimConditionType 4516 is a valid value of PersistentVolumeClaimCondition.Type 4517 type: string 4518 required: 4519 - status 4520 - type 4521 type: object 4522 type: array 4523 phase: 4524 description: Phase represents the current phase of PersistentVolumeClaim. 4525 type: string 4526 type: object 4527 type: object 4528 type: object 4529 tag: 4530 description: 'Tag of Alertmanager container image to be deployed. 4531 Defaults to the value of `version`. Version is ignored if Tag is 4532 set. Deprecated: use ''image'' instead. The image tag can be specified 4533 as part of the image URL.' 4534 type: string 4535 tolerations: 4536 description: If specified, the pod's tolerations. 4537 items: 4538 description: The pod this Toleration is attached to tolerates any 4539 taint that matches the triple <key,value,effect> using the matching 4540 operator <operator>. 4541 properties: 4542 effect: 4543 description: Effect indicates the taint effect to match. Empty 4544 means match all taint effects. When specified, allowed values 4545 are NoSchedule, PreferNoSchedule and NoExecute. 4546 type: string 4547 key: 4548 description: Key is the taint key that the toleration applies 4549 to. Empty means match all taint keys. If the key is empty, 4550 operator must be Exists; this combination means to match all 4551 values and all keys. 4552 type: string 4553 operator: 4554 description: Operator represents a key's relationship to the 4555 value. Valid operators are Exists and Equal. Defaults to Equal. 4556 Exists is equivalent to wildcard for value, so that a pod 4557 can tolerate all taints of a particular category. 4558 type: string 4559 tolerationSeconds: 4560 description: TolerationSeconds represents the period of time 4561 the toleration (which must be of effect NoExecute, otherwise 4562 this field is ignored) tolerates the taint. By default, it 4563 is not set, which means tolerate the taint forever (do not 4564 evict). Zero and negative values will be treated as 0 (evict 4565 immediately) by the system. 4566 format: int64 4567 type: integer 4568 value: 4569 description: Value is the taint value the toleration matches 4570 to. If the operator is Exists, the value should be empty, 4571 otherwise just a regular string. 4572 type: string 4573 type: object 4574 type: array 4575 topologySpreadConstraints: 4576 description: If specified, the pod's topology spread constraints. 4577 items: 4578 description: TopologySpreadConstraint specifies how to spread matching 4579 pods among the given topology. 4580 properties: 4581 labelSelector: 4582 description: LabelSelector is used to find matching pods. Pods 4583 that match this label selector are counted to determine the 4584 number of pods in their corresponding topology domain. 4585 properties: 4586 matchExpressions: 4587 description: matchExpressions is a list of label selector 4588 requirements. The requirements are ANDed. 4589 items: 4590 description: A label selector requirement is a selector 4591 that contains values, a key, and an operator that relates 4592 the key and values. 4593 properties: 4594 key: 4595 description: key is the label key that the selector 4596 applies to. 4597 type: string 4598 operator: 4599 description: operator represents a key's relationship 4600 to a set of values. Valid operators are In, NotIn, 4601 Exists and DoesNotExist. 4602 type: string 4603 values: 4604 description: values is an array of string values. 4605 If the operator is In or NotIn, the values array 4606 must be non-empty. If the operator is Exists or 4607 DoesNotExist, the values array must be empty. This 4608 array is replaced during a strategic merge patch. 4609 items: 4610 type: string 4611 type: array 4612 required: 4613 - key 4614 - operator 4615 type: object 4616 type: array 4617 matchLabels: 4618 additionalProperties: 4619 type: string 4620 description: matchLabels is a map of {key,value} pairs. 4621 A single {key,value} in the matchLabels map is equivalent 4622 to an element of matchExpressions, whose key field is 4623 "key", the operator is "In", and the values array contains 4624 only "value". The requirements are ANDed. 4625 type: object 4626 type: object 4627 maxSkew: 4628 description: 'MaxSkew describes the degree to which pods may 4629 be unevenly distributed. It''s the maximum permitted difference 4630 between the number of matching pods in any two topology domains 4631 of a given topology type. For example, in a 3-zone cluster, 4632 MaxSkew is set to 1, and pods with the same labelSelector 4633 spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | 4634 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 4635 to become 1/1/1; scheduling it onto zone1(zone2) would make 4636 the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - 4637 if MaxSkew is 2, incoming pod can be scheduled onto any zone. 4638 It''s a required field. Default value is 1 and 0 is not allowed.' 4639 format: int32 4640 type: integer 4641 topologyKey: 4642 description: TopologyKey is the key of node labels. Nodes that 4643 have a label with this key and identical values are considered 4644 to be in the same topology. We consider each <key, value> 4645 as a "bucket", and try to put balanced number of pods into 4646 each bucket. It's a required field. 4647 type: string 4648 whenUnsatisfiable: 4649 description: 'WhenUnsatisfiable indicates how to deal with a 4650 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 4651 (default) tells the scheduler not to schedule it - ScheduleAnyway 4652 tells the scheduler to still schedule it It''s considered 4653 as "Unsatisfiable" if and only if placing incoming pod on 4654 any topology violates "MaxSkew". For example, in a 3-zone 4655 cluster, MaxSkew is set to 1, and pods with the same labelSelector 4656 spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | 4657 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod 4658 can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) 4659 as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In 4660 other words, the cluster can still be imbalanced, but scheduler 4661 won''t make it *more* imbalanced. It''s a required field.' 4662 type: string 4663 required: 4664 - maxSkew 4665 - topologyKey 4666 - whenUnsatisfiable 4667 type: object 4668 type: array 4669 version: 4670 description: Version the cluster should be on. 4671 type: string 4672 volumeMounts: 4673 description: VolumeMounts allows configuration of additional VolumeMounts 4674 on the output StatefulSet definition. VolumeMounts specified will 4675 be appended to other VolumeMounts in the alertmanager container, 4676 that are generated as a result of StorageSpec objects. 4677 items: 4678 description: VolumeMount describes a mounting of a Volume within 4679 a container. 4680 properties: 4681 mountPath: 4682 description: Path within the container at which the volume should 4683 be mounted. Must not contain ':'. 4684 type: string 4685 mountPropagation: 4686 description: mountPropagation determines how mounts are propagated 4687 from the host to container and the other way around. When 4688 not set, MountPropagationNone is used. This field is beta 4689 in 1.10. 4690 type: string 4691 name: 4692 description: This must match the Name of a Volume. 4693 type: string 4694 readOnly: 4695 description: Mounted read-only if true, read-write otherwise 4696 (false or unspecified). Defaults to false. 4697 type: boolean 4698 subPath: 4699 description: Path within the volume from which the container's 4700 volume should be mounted. Defaults to "" (volume's root). 4701 type: string 4702 subPathExpr: 4703 description: Expanded path within the volume from which the 4704 container's volume should be mounted. Behaves similarly to 4705 SubPath but environment variable references $(VAR_NAME) are 4706 expanded using the container's environment. Defaults to "" 4707 (volume's root). SubPathExpr and SubPath are mutually exclusive. 4708 type: string 4709 required: 4710 - mountPath 4711 - name 4712 type: object 4713 type: array 4714 volumes: 4715 description: Volumes allows configuration of additional volumes on 4716 the output StatefulSet definition. Volumes specified will be appended 4717 to other volumes that are generated as a result of StorageSpec objects. 4718 items: 4719 description: Volume represents a named volume in a pod that may 4720 be accessed by any container in the pod. 4721 properties: 4722 awsElasticBlockStore: 4723 description: 'AWSElasticBlockStore represents an AWS Disk resource 4724 that is attached to a kubelet''s host machine and then exposed 4725 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4726 properties: 4727 fsType: 4728 description: 'Filesystem type of the volume that you want 4729 to mount. Tip: Ensure that the filesystem type is supported 4730 by the host operating system. Examples: "ext4", "xfs", 4731 "ntfs". Implicitly inferred to be "ext4" if unspecified. 4732 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 4733 TODO: how do we prevent errors in the filesystem from 4734 compromising the machine' 4735 type: string 4736 partition: 4737 description: 'The partition in the volume that you want 4738 to mount. If omitted, the default is to mount by volume 4739 name. Examples: For volume /dev/sda1, you specify the 4740 partition as "1". Similarly, the volume partition for 4741 /dev/sda is "0" (or you can leave the property empty).' 4742 format: int32 4743 type: integer 4744 readOnly: 4745 description: 'Specify "true" to force and set the ReadOnly 4746 property in VolumeMounts to "true". If omitted, the default 4747 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4748 type: boolean 4749 volumeID: 4750 description: 'Unique ID of the persistent disk resource 4751 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 4752 type: string 4753 required: 4754 - volumeID 4755 type: object 4756 azureDisk: 4757 description: AzureDisk represents an Azure Data Disk mount on 4758 the host and bind mount to the pod. 4759 properties: 4760 cachingMode: 4761 description: 'Host Caching mode: None, Read Only, Read Write.' 4762 type: string 4763 diskName: 4764 description: The Name of the data disk in the blob storage 4765 type: string 4766 diskURI: 4767 description: The URI the data disk in the blob storage 4768 type: string 4769 fsType: 4770 description: Filesystem type to mount. Must be a filesystem 4771 type supported by the host operating system. Ex. "ext4", 4772 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 4773 type: string 4774 kind: 4775 description: 'Expected values Shared: multiple blob disks 4776 per storage account Dedicated: single blob disk per storage 4777 account Managed: azure managed data disk (only in managed 4778 availability set). defaults to shared' 4779 type: string 4780 readOnly: 4781 description: Defaults to false (read/write). ReadOnly here 4782 will force the ReadOnly setting in VolumeMounts. 4783 type: boolean 4784 required: 4785 - diskName 4786 - diskURI 4787 type: object 4788 azureFile: 4789 description: AzureFile represents an Azure File Service mount 4790 on the host and bind mount to the pod. 4791 properties: 4792 readOnly: 4793 description: Defaults to false (read/write). ReadOnly here 4794 will force the ReadOnly setting in VolumeMounts. 4795 type: boolean 4796 secretName: 4797 description: the name of secret that contains Azure Storage 4798 Account Name and Key 4799 type: string 4800 shareName: 4801 description: Share Name 4802 type: string 4803 required: 4804 - secretName 4805 - shareName 4806 type: object 4807 cephfs: 4808 description: CephFS represents a Ceph FS mount on the host that 4809 shares a pod's lifetime 4810 properties: 4811 monitors: 4812 description: 'Required: Monitors is a collection of Ceph 4813 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4814 items: 4815 type: string 4816 type: array 4817 path: 4818 description: 'Optional: Used as the mounted root, rather 4819 than the full Ceph tree, default is /' 4820 type: string 4821 readOnly: 4822 description: 'Optional: Defaults to false (read/write). 4823 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4824 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4825 type: boolean 4826 secretFile: 4827 description: 'Optional: SecretFile is the path to key ring 4828 for User, default is /etc/ceph/user.secret More info: 4829 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4830 type: string 4831 secretRef: 4832 description: 'Optional: SecretRef is reference to the authentication 4833 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4834 properties: 4835 name: 4836 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4837 TODO: Add other useful fields. apiVersion, kind, uid?' 4838 type: string 4839 type: object 4840 user: 4841 description: 'Optional: User is the rados user name, default 4842 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 4843 type: string 4844 required: 4845 - monitors 4846 type: object 4847 cinder: 4848 description: 'Cinder represents a cinder volume attached and 4849 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4850 properties: 4851 fsType: 4852 description: 'Filesystem type to mount. Must be a filesystem 4853 type supported by the host operating system. Examples: 4854 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 4855 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4856 type: string 4857 readOnly: 4858 description: 'Optional: Defaults to false (read/write). 4859 ReadOnly here will force the ReadOnly setting in VolumeMounts. 4860 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4861 type: boolean 4862 secretRef: 4863 description: 'Optional: points to a secret object containing 4864 parameters used to connect to OpenStack.' 4865 properties: 4866 name: 4867 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4868 TODO: Add other useful fields. apiVersion, kind, uid?' 4869 type: string 4870 type: object 4871 volumeID: 4872 description: 'volume id used to identify the volume in cinder. 4873 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 4874 type: string 4875 required: 4876 - volumeID 4877 type: object 4878 configMap: 4879 description: ConfigMap represents a configMap that should populate 4880 this volume 4881 properties: 4882 defaultMode: 4883 description: 'Optional: mode bits to use on created files 4884 by default. Must be a value between 0 and 0777. Defaults 4885 to 0644. Directories within the path are not affected 4886 by this setting. This might be in conflict with other 4887 options that affect the file mode, like fsGroup, and the 4888 result can be other mode bits set.' 4889 format: int32 4890 type: integer 4891 items: 4892 description: If unspecified, each key-value pair in the 4893 Data field of the referenced ConfigMap will be projected 4894 into the volume as a file whose name is the key and content 4895 is the value. If specified, the listed keys will be projected 4896 into the specified paths, and unlisted keys will not be 4897 present. If a key is specified which is not present in 4898 the ConfigMap, the volume setup will error unless it is 4899 marked optional. Paths must be relative and may not contain 4900 the '..' path or start with '..'. 4901 items: 4902 description: Maps a string key to a path within a volume. 4903 properties: 4904 key: 4905 description: The key to project. 4906 type: string 4907 mode: 4908 description: 'Optional: mode bits to use on this file, 4909 must be a value between 0 and 0777. If not specified, 4910 the volume defaultMode will be used. This might 4911 be in conflict with other options that affect the 4912 file mode, like fsGroup, and the result can be other 4913 mode bits set.' 4914 format: int32 4915 type: integer 4916 path: 4917 description: The relative path of the file to map 4918 the key to. May not be an absolute path. May not 4919 contain the path element '..'. May not start with 4920 the string '..'. 4921 type: string 4922 required: 4923 - key 4924 - path 4925 type: object 4926 type: array 4927 name: 4928 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4929 TODO: Add other useful fields. apiVersion, kind, uid?' 4930 type: string 4931 optional: 4932 description: Specify whether the ConfigMap or its keys must 4933 be defined 4934 type: boolean 4935 type: object 4936 csi: 4937 description: CSI (Container Storage Interface) represents storage 4938 that is handled by an external CSI driver (Alpha feature). 4939 properties: 4940 driver: 4941 description: Driver is the name of the CSI driver that handles 4942 this volume. Consult with your admin for the correct name 4943 as registered in the cluster. 4944 type: string 4945 fsType: 4946 description: Filesystem type to mount. Ex. "ext4", "xfs", 4947 "ntfs". If not provided, the empty value is passed to 4948 the associated CSI driver which will determine the default 4949 filesystem to apply. 4950 type: string 4951 nodePublishSecretRef: 4952 description: NodePublishSecretRef is a reference to the 4953 secret object containing sensitive information to pass 4954 to the CSI driver to complete the CSI NodePublishVolume 4955 and NodeUnpublishVolume calls. This field is optional, 4956 and may be empty if no secret is required. If the secret 4957 object contains more than one secret, all secret references 4958 are passed. 4959 properties: 4960 name: 4961 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4962 TODO: Add other useful fields. apiVersion, kind, uid?' 4963 type: string 4964 type: object 4965 readOnly: 4966 description: Specifies a read-only configuration for the 4967 volume. Defaults to false (read/write). 4968 type: boolean 4969 volumeAttributes: 4970 additionalProperties: 4971 type: string 4972 description: VolumeAttributes stores driver-specific properties 4973 that are passed to the CSI driver. Consult your driver's 4974 documentation for supported values. 4975 type: object 4976 required: 4977 - driver 4978 type: object 4979 downwardAPI: 4980 description: DownwardAPI represents downward API about the pod 4981 that should populate this volume 4982 properties: 4983 defaultMode: 4984 description: 'Optional: mode bits to use on created files 4985 by default. Must be a value between 0 and 0777. Defaults 4986 to 0644. Directories within the path are not affected 4987 by this setting. This might be in conflict with other 4988 options that affect the file mode, like fsGroup, and the 4989 result can be other mode bits set.' 4990 format: int32 4991 type: integer 4992 items: 4993 description: Items is a list of downward API volume file 4994 items: 4995 description: DownwardAPIVolumeFile represents information 4996 to create the file containing the pod field 4997 properties: 4998 fieldRef: 4999 description: 'Required: Selects a field of the pod: 5000 only annotations, labels, name and namespace are 5001 supported.' 5002 properties: 5003 apiVersion: 5004 description: Version of the schema the FieldPath 5005 is written in terms of, defaults to "v1". 5006 type: string 5007 fieldPath: 5008 description: Path of the field to select in the 5009 specified API version. 5010 type: string 5011 required: 5012 - fieldPath 5013 type: object 5014 mode: 5015 description: 'Optional: mode bits to use on this file, 5016 must be a value between 0 and 0777. If not specified, 5017 the volume defaultMode will be used. This might 5018 be in conflict with other options that affect the 5019 file mode, like fsGroup, and the result can be other 5020 mode bits set.' 5021 format: int32 5022 type: integer 5023 path: 5024 description: 'Required: Path is the relative path 5025 name of the file to be created. Must not be absolute 5026 or contain the ''..'' path. Must be utf-8 encoded. 5027 The first item of the relative path must not start 5028 with ''..''' 5029 type: string 5030 resourceFieldRef: 5031 description: 'Selects a resource of the container: 5032 only resources limits and requests (limits.cpu, 5033 limits.memory, requests.cpu and requests.memory) 5034 are currently supported.' 5035 properties: 5036 containerName: 5037 description: 'Container name: required for volumes, 5038 optional for env vars' 5039 type: string 5040 divisor: 5041 description: Specifies the output format of the 5042 exposed resources, defaults to "1" 5043 type: string 5044 resource: 5045 description: 'Required: resource to select' 5046 type: string 5047 required: 5048 - resource 5049 type: object 5050 required: 5051 - path 5052 type: object 5053 type: array 5054 type: object 5055 emptyDir: 5056 description: 'EmptyDir represents a temporary directory that 5057 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 5058 properties: 5059 medium: 5060 description: 'What type of storage medium should back this 5061 directory. The default is "" which means to use the node''s 5062 default medium. Must be an empty string (default) or Memory. 5063 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 5064 type: string 5065 sizeLimit: 5066 description: 'Total amount of local storage required for 5067 this EmptyDir volume. The size limit is also applicable 5068 for memory medium. The maximum usage on memory medium 5069 EmptyDir would be the minimum value between the SizeLimit 5070 specified here and the sum of memory limits of all containers 5071 in a pod. The default is nil which means that the limit 5072 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 5073 type: string 5074 type: object 5075 fc: 5076 description: FC represents a Fibre Channel resource that is 5077 attached to a kubelet's host machine and then exposed to the 5078 pod. 5079 properties: 5080 fsType: 5081 description: 'Filesystem type to mount. Must be a filesystem 5082 type supported by the host operating system. Ex. "ext4", 5083 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 5084 TODO: how do we prevent errors in the filesystem from 5085 compromising the machine' 5086 type: string 5087 lun: 5088 description: 'Optional: FC target lun number' 5089 format: int32 5090 type: integer 5091 readOnly: 5092 description: 'Optional: Defaults to false (read/write). 5093 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 5094 type: boolean 5095 targetWWNs: 5096 description: 'Optional: FC target worldwide names (WWNs)' 5097 items: 5098 type: string 5099 type: array 5100 wwids: 5101 description: 'Optional: FC volume world wide identifiers 5102 (wwids) Either wwids or combination of targetWWNs and 5103 lun must be set, but not both simultaneously.' 5104 items: 5105 type: string 5106 type: array 5107 type: object 5108 flexVolume: 5109 description: FlexVolume represents a generic volume resource 5110 that is provisioned/attached using an exec based plugin. 5111 properties: 5112 driver: 5113 description: Driver is the name of the driver to use for 5114 this volume. 5115 type: string 5116 fsType: 5117 description: Filesystem type to mount. Must be a filesystem 5118 type supported by the host operating system. Ex. "ext4", 5119 "xfs", "ntfs". The default filesystem depends on FlexVolume 5120 script. 5121 type: string 5122 options: 5123 additionalProperties: 5124 type: string 5125 description: 'Optional: Extra command options if any.' 5126 type: object 5127 readOnly: 5128 description: 'Optional: Defaults to false (read/write). 5129 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 5130 type: boolean 5131 secretRef: 5132 description: 'Optional: SecretRef is reference to the secret 5133 object containing sensitive information to pass to the 5134 plugin scripts. This may be empty if no secret object 5135 is specified. If the secret object contains more than 5136 one secret, all secrets are passed to the plugin scripts.' 5137 properties: 5138 name: 5139 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5140 TODO: Add other useful fields. apiVersion, kind, uid?' 5141 type: string 5142 type: object 5143 required: 5144 - driver 5145 type: object 5146 flocker: 5147 description: Flocker represents a Flocker volume attached to 5148 a kubelet's host machine. This depends on the Flocker control 5149 service being running 5150 properties: 5151 datasetName: 5152 description: Name of the dataset stored as metadata -> name 5153 on the dataset for Flocker should be considered as deprecated 5154 type: string 5155 datasetUUID: 5156 description: UUID of the dataset. This is unique identifier 5157 of a Flocker dataset 5158 type: string 5159 type: object 5160 gcePersistentDisk: 5161 description: 'GCEPersistentDisk represents a GCE Disk resource 5162 that is attached to a kubelet''s host machine and then exposed 5163 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5164 properties: 5165 fsType: 5166 description: 'Filesystem type of the volume that you want 5167 to mount. Tip: Ensure that the filesystem type is supported 5168 by the host operating system. Examples: "ext4", "xfs", 5169 "ntfs". Implicitly inferred to be "ext4" if unspecified. 5170 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 5171 TODO: how do we prevent errors in the filesystem from 5172 compromising the machine' 5173 type: string 5174 partition: 5175 description: 'The partition in the volume that you want 5176 to mount. If omitted, the default is to mount by volume 5177 name. Examples: For volume /dev/sda1, you specify the 5178 partition as "1". Similarly, the volume partition for 5179 /dev/sda is "0" (or you can leave the property empty). 5180 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5181 format: int32 5182 type: integer 5183 pdName: 5184 description: 'Unique name of the PD resource in GCE. Used 5185 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5186 type: string 5187 readOnly: 5188 description: 'ReadOnly here will force the ReadOnly setting 5189 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 5190 type: boolean 5191 required: 5192 - pdName 5193 type: object 5194 gitRepo: 5195 description: 'GitRepo represents a git repository at a particular 5196 revision. DEPRECATED: GitRepo is deprecated. To provision 5197 a container with a git repo, mount an EmptyDir into an InitContainer 5198 that clones the repo using git, then mount the EmptyDir into 5199 the Pod''s container.' 5200 properties: 5201 directory: 5202 description: Target directory name. Must not contain or 5203 start with '..'. If '.' is supplied, the volume directory 5204 will be the git repository. Otherwise, if specified, 5205 the volume will contain the git repository in the subdirectory 5206 with the given name. 5207 type: string 5208 repository: 5209 description: Repository URL 5210 type: string 5211 revision: 5212 description: Commit hash for the specified revision. 5213 type: string 5214 required: 5215 - repository 5216 type: object 5217 glusterfs: 5218 description: 'Glusterfs represents a Glusterfs mount on the 5219 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 5220 properties: 5221 endpoints: 5222 description: 'EndpointsName is the endpoint name that details 5223 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5224 type: string 5225 path: 5226 description: 'Path is the Glusterfs volume path. More info: 5227 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5228 type: string 5229 readOnly: 5230 description: 'ReadOnly here will force the Glusterfs volume 5231 to be mounted with read-only permissions. Defaults to 5232 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 5233 type: boolean 5234 required: 5235 - endpoints 5236 - path 5237 type: object 5238 hostPath: 5239 description: 'HostPath represents a pre-existing file or directory 5240 on the host machine that is directly exposed to the container. 5241 This is generally used for system agents or other privileged 5242 things that are allowed to see the host machine. Most containers 5243 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 5244 --- TODO(jonesdl) We need to restrict who can use host directory 5245 mounts and who can/can not mount host directories as read/write.' 5246 properties: 5247 path: 5248 description: 'Path of the directory on the host. If the 5249 path is a symlink, it will follow the link to the real 5250 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5251 type: string 5252 type: 5253 description: 'Type for HostPath Volume Defaults to "" More 5254 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 5255 type: string 5256 required: 5257 - path 5258 type: object 5259 iscsi: 5260 description: 'ISCSI represents an ISCSI Disk resource that is 5261 attached to a kubelet''s host machine and then exposed to 5262 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 5263 properties: 5264 chapAuthDiscovery: 5265 description: whether support iSCSI Discovery CHAP authentication 5266 type: boolean 5267 chapAuthSession: 5268 description: whether support iSCSI Session CHAP authentication 5269 type: boolean 5270 fsType: 5271 description: 'Filesystem type of the volume that you want 5272 to mount. Tip: Ensure that the filesystem type is supported 5273 by the host operating system. Examples: "ext4", "xfs", 5274 "ntfs". Implicitly inferred to be "ext4" if unspecified. 5275 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 5276 TODO: how do we prevent errors in the filesystem from 5277 compromising the machine' 5278 type: string 5279 initiatorName: 5280 description: Custom iSCSI Initiator Name. If initiatorName 5281 is specified with iscsiInterface simultaneously, new iSCSI 5282 interface <target portal>:<volume name> will be created 5283 for the connection. 5284 type: string 5285 iqn: 5286 description: Target iSCSI Qualified Name. 5287 type: string 5288 iscsiInterface: 5289 description: iSCSI Interface Name that uses an iSCSI transport. 5290 Defaults to 'default' (tcp). 5291 type: string 5292 lun: 5293 description: iSCSI Target Lun number. 5294 format: int32 5295 type: integer 5296 portals: 5297 description: iSCSI Target Portal List. The portal is either 5298 an IP or ip_addr:port if the port is other than default 5299 (typically TCP ports 860 and 3260). 5300 items: 5301 type: string 5302 type: array 5303 readOnly: 5304 description: ReadOnly here will force the ReadOnly setting 5305 in VolumeMounts. Defaults to false. 5306 type: boolean 5307 secretRef: 5308 description: CHAP Secret for iSCSI target and initiator 5309 authentication 5310 properties: 5311 name: 5312 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5313 TODO: Add other useful fields. apiVersion, kind, uid?' 5314 type: string 5315 type: object 5316 targetPortal: 5317 description: iSCSI Target Portal. The Portal is either an 5318 IP or ip_addr:port if the port is other than default (typically 5319 TCP ports 860 and 3260). 5320 type: string 5321 required: 5322 - iqn 5323 - lun 5324 - targetPortal 5325 type: object 5326 name: 5327 description: 'Volume''s name. Must be a DNS_LABEL and unique 5328 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 5329 type: string 5330 nfs: 5331 description: 'NFS represents an NFS mount on the host that shares 5332 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5333 properties: 5334 path: 5335 description: 'Path that is exported by the NFS server. More 5336 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5337 type: string 5338 readOnly: 5339 description: 'ReadOnly here will force the NFS export to 5340 be mounted with read-only permissions. Defaults to false. 5341 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5342 type: boolean 5343 server: 5344 description: 'Server is the hostname or IP address of the 5345 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 5346 type: string 5347 required: 5348 - path 5349 - server 5350 type: object 5351 persistentVolumeClaim: 5352 description: 'PersistentVolumeClaimVolumeSource represents a 5353 reference to a PersistentVolumeClaim in the same namespace. 5354 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5355 properties: 5356 claimName: 5357 description: 'ClaimName is the name of a PersistentVolumeClaim 5358 in the same namespace as the pod using this volume. More 5359 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 5360 type: string 5361 readOnly: 5362 description: Will force the ReadOnly setting in VolumeMounts. 5363 Default false. 5364 type: boolean 5365 required: 5366 - claimName 5367 type: object 5368 photonPersistentDisk: 5369 description: PhotonPersistentDisk represents a PhotonController 5370 persistent disk attached and mounted on kubelets host machine 5371 properties: 5372 fsType: 5373 description: Filesystem type to mount. Must be a filesystem 5374 type supported by the host operating system. Ex. "ext4", 5375 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 5376 type: string 5377 pdID: 5378 description: ID that identifies Photon Controller persistent 5379 disk 5380 type: string 5381 required: 5382 - pdID 5383 type: object 5384 portworxVolume: 5385 description: PortworxVolume represents a portworx volume attached 5386 and mounted on kubelets host machine 5387 properties: 5388 fsType: 5389 description: FSType represents the filesystem type to mount 5390 Must be a filesystem type supported by the host operating 5391 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 5392 if unspecified. 5393 type: string 5394 readOnly: 5395 description: Defaults to false (read/write). ReadOnly here 5396 will force the ReadOnly setting in VolumeMounts. 5397 type: boolean 5398 volumeID: 5399 description: VolumeID uniquely identifies a Portworx volume 5400 type: string 5401 required: 5402 - volumeID 5403 type: object 5404 projected: 5405 description: Items for all in one resources secrets, configmaps, 5406 and downward API 5407 properties: 5408 defaultMode: 5409 description: Mode bits to use on created files by default. 5410 Must be a value between 0 and 0777. Directories within 5411 the path are not affected by this setting. This might 5412 be in conflict with other options that affect the file 5413 mode, like fsGroup, and the result can be other mode bits 5414 set. 5415 format: int32 5416 type: integer 5417 sources: 5418 description: list of volume projections 5419 items: 5420 description: Projection that may be projected along with 5421 other supported volume types 5422 properties: 5423 configMap: 5424 description: information about the configMap data 5425 to project 5426 properties: 5427 items: 5428 description: If unspecified, each key-value pair 5429 in the Data field of the referenced ConfigMap 5430 will be projected into the volume as a file 5431 whose name is the key and content is the value. 5432 If specified, the listed keys will be projected 5433 into the specified paths, and unlisted keys 5434 will not be present. If a key is specified which 5435 is not present in the ConfigMap, the volume 5436 setup will error unless it is marked optional. 5437 Paths must be relative and may not contain the 5438 '..' path or start with '..'. 5439 items: 5440 description: Maps a string key to a path within 5441 a volume. 5442 properties: 5443 key: 5444 description: The key to project. 5445 type: string 5446 mode: 5447 description: 'Optional: mode bits to use 5448 on this file, must be a value between 5449 0 and 0777. If not specified, the volume 5450 defaultMode will be used. This might be 5451 in conflict with other options that affect 5452 the file mode, like fsGroup, and the result 5453 can be other mode bits set.' 5454 format: int32 5455 type: integer 5456 path: 5457 description: The relative path of the file 5458 to map the key to. May not be an absolute 5459 path. May not contain the path element 5460 '..'. May not start with the string '..'. 5461 type: string 5462 required: 5463 - key 5464 - path 5465 type: object 5466 type: array 5467 name: 5468 description: 'Name of the referent. More info: 5469 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5470 TODO: Add other useful fields. apiVersion, kind, 5471 uid?' 5472 type: string 5473 optional: 5474 description: Specify whether the ConfigMap or 5475 its keys must be defined 5476 type: boolean 5477 type: object 5478 downwardAPI: 5479 description: information about the downwardAPI data 5480 to project 5481 properties: 5482 items: 5483 description: Items is a list of DownwardAPIVolume 5484 file 5485 items: 5486 description: DownwardAPIVolumeFile represents 5487 information to create the file containing 5488 the pod field 5489 properties: 5490 fieldRef: 5491 description: 'Required: Selects a field 5492 of the pod: only annotations, labels, 5493 name and namespace are supported.' 5494 properties: 5495 apiVersion: 5496 description: Version of the schema the 5497 FieldPath is written in terms of, 5498 defaults to "v1". 5499 type: string 5500 fieldPath: 5501 description: Path of the field to select 5502 in the specified API version. 5503 type: string 5504 required: 5505 - fieldPath 5506 type: object 5507 mode: 5508 description: 'Optional: mode bits to use 5509 on this file, must be a value between 5510 0 and 0777. If not specified, the volume 5511 defaultMode will be used. This might be 5512 in conflict with other options that affect 5513 the file mode, like fsGroup, and the result 5514 can be other mode bits set.' 5515 format: int32 5516 type: integer 5517 path: 5518 description: 'Required: Path is the relative 5519 path name of the file to be created. Must 5520 not be absolute or contain the ''..'' 5521 path. Must be utf-8 encoded. The first 5522 item of the relative path must not start 5523 with ''..''' 5524 type: string 5525 resourceFieldRef: 5526 description: 'Selects a resource of the 5527 container: only resources limits and requests 5528 (limits.cpu, limits.memory, requests.cpu 5529 and requests.memory) are currently supported.' 5530 properties: 5531 containerName: 5532 description: 'Container name: required 5533 for volumes, optional for env vars' 5534 type: string 5535 divisor: 5536 description: Specifies the output format 5537 of the exposed resources, defaults 5538 to "1" 5539 type: string 5540 resource: 5541 description: 'Required: resource to 5542 select' 5543 type: string 5544 required: 5545 - resource 5546 type: object 5547 required: 5548 - path 5549 type: object 5550 type: array 5551 type: object 5552 secret: 5553 description: information about the secret data to 5554 project 5555 properties: 5556 items: 5557 description: If unspecified, each key-value pair 5558 in the Data field of the referenced Secret will 5559 be projected into the volume as a file whose 5560 name is the key and content is the value. If 5561 specified, the listed keys will be projected 5562 into the specified paths, and unlisted keys 5563 will not be present. If a key is specified which 5564 is not present in the Secret, the volume setup 5565 will error unless it is marked optional. Paths 5566 must be relative and may not contain the '..' 5567 path or start with '..'. 5568 items: 5569 description: Maps a string key to a path within 5570 a volume. 5571 properties: 5572 key: 5573 description: The key to project. 5574 type: string 5575 mode: 5576 description: 'Optional: mode bits to use 5577 on this file, must be a value between 5578 0 and 0777. If not specified, the volume 5579 defaultMode will be used. This might be 5580 in conflict with other options that affect 5581 the file mode, like fsGroup, and the result 5582 can be other mode bits set.' 5583 format: int32 5584 type: integer 5585 path: 5586 description: The relative path of the file 5587 to map the key to. May not be an absolute 5588 path. May not contain the path element 5589 '..'. May not start with the string '..'. 5590 type: string 5591 required: 5592 - key 5593 - path 5594 type: object 5595 type: array 5596 name: 5597 description: 'Name of the referent. More info: 5598 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5599 TODO: Add other useful fields. apiVersion, kind, 5600 uid?' 5601 type: string 5602 optional: 5603 description: Specify whether the Secret or its 5604 key must be defined 5605 type: boolean 5606 type: object 5607 serviceAccountToken: 5608 description: information about the serviceAccountToken 5609 data to project 5610 properties: 5611 audience: 5612 description: Audience is the intended audience 5613 of the token. A recipient of a token must identify 5614 itself with an identifier specified in the audience 5615 of the token, and otherwise should reject the 5616 token. The audience defaults to the identifier 5617 of the apiserver. 5618 type: string 5619 expirationSeconds: 5620 description: ExpirationSeconds is the requested 5621 duration of validity of the service account 5622 token. As the token approaches expiration, the 5623 kubelet volume plugin will proactively rotate 5624 the service account token. The kubelet will 5625 start trying to rotate the token if the token 5626 is older than 80 percent of its time to live 5627 or if the token is older than 24 hours.Defaults 5628 to 1 hour and must be at least 10 minutes. 5629 format: int64 5630 type: integer 5631 path: 5632 description: Path is the path relative to the 5633 mount point of the file to project the token 5634 into. 5635 type: string 5636 required: 5637 - path 5638 type: object 5639 type: object 5640 type: array 5641 required: 5642 - sources 5643 type: object 5644 quobyte: 5645 description: Quobyte represents a Quobyte mount on the host 5646 that shares a pod's lifetime 5647 properties: 5648 group: 5649 description: Group to map volume access to Default is no 5650 group 5651 type: string 5652 readOnly: 5653 description: ReadOnly here will force the Quobyte volume 5654 to be mounted with read-only permissions. Defaults to 5655 false. 5656 type: boolean 5657 registry: 5658 description: Registry represents a single or multiple Quobyte 5659 Registry services specified as a string as host:port pair 5660 (multiple entries are separated with commas) which acts 5661 as the central registry for volumes 5662 type: string 5663 tenant: 5664 description: Tenant owning the given Quobyte volume in the 5665 Backend Used with dynamically provisioned Quobyte volumes, 5666 value is set by the plugin 5667 type: string 5668 user: 5669 description: User to map volume access to Defaults to serivceaccount 5670 user 5671 type: string 5672 volume: 5673 description: Volume is a string that references an already 5674 created Quobyte volume by name. 5675 type: string 5676 required: 5677 - registry 5678 - volume 5679 type: object 5680 rbd: 5681 description: 'RBD represents a Rados Block Device mount on the 5682 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 5683 properties: 5684 fsType: 5685 description: 'Filesystem type of the volume that you want 5686 to mount. Tip: Ensure that the filesystem type is supported 5687 by the host operating system. Examples: "ext4", "xfs", 5688 "ntfs". Implicitly inferred to be "ext4" if unspecified. 5689 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 5690 TODO: how do we prevent errors in the filesystem from 5691 compromising the machine' 5692 type: string 5693 image: 5694 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5695 type: string 5696 keyring: 5697 description: 'Keyring is the path to key ring for RBDUser. 5698 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5699 type: string 5700 monitors: 5701 description: 'A collection of Ceph monitors. More info: 5702 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5703 items: 5704 type: string 5705 type: array 5706 pool: 5707 description: 'The rados pool name. Default is rbd. More 5708 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5709 type: string 5710 readOnly: 5711 description: 'ReadOnly here will force the ReadOnly setting 5712 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5713 type: boolean 5714 secretRef: 5715 description: 'SecretRef is name of the authentication secret 5716 for RBDUser. If provided overrides keyring. Default is 5717 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5718 properties: 5719 name: 5720 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5721 TODO: Add other useful fields. apiVersion, kind, uid?' 5722 type: string 5723 type: object 5724 user: 5725 description: 'The rados user name. Default is admin. More 5726 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 5727 type: string 5728 required: 5729 - image 5730 - monitors 5731 type: object 5732 scaleIO: 5733 description: ScaleIO represents a ScaleIO persistent volume 5734 attached and mounted on Kubernetes nodes. 5735 properties: 5736 fsType: 5737 description: Filesystem type to mount. Must be a filesystem 5738 type supported by the host operating system. Ex. "ext4", 5739 "xfs", "ntfs". Default is "xfs". 5740 type: string 5741 gateway: 5742 description: The host address of the ScaleIO API Gateway. 5743 type: string 5744 protectionDomain: 5745 description: The name of the ScaleIO Protection Domain for 5746 the configured storage. 5747 type: string 5748 readOnly: 5749 description: Defaults to false (read/write). ReadOnly here 5750 will force the ReadOnly setting in VolumeMounts. 5751 type: boolean 5752 secretRef: 5753 description: SecretRef references to the secret for ScaleIO 5754 user and other sensitive information. If this is not provided, 5755 Login operation will fail. 5756 properties: 5757 name: 5758 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5759 TODO: Add other useful fields. apiVersion, kind, uid?' 5760 type: string 5761 type: object 5762 sslEnabled: 5763 description: Flag to enable/disable SSL communication with 5764 Gateway, default false 5765 type: boolean 5766 storageMode: 5767 description: Indicates whether the storage for a volume 5768 should be ThickProvisioned or ThinProvisioned. Default 5769 is ThinProvisioned. 5770 type: string 5771 storagePool: 5772 description: The ScaleIO Storage Pool associated with the 5773 protection domain. 5774 type: string 5775 system: 5776 description: The name of the storage system as configured 5777 in ScaleIO. 5778 type: string 5779 volumeName: 5780 description: The name of a volume already created in the 5781 ScaleIO system that is associated with this volume source. 5782 type: string 5783 required: 5784 - gateway 5785 - secretRef 5786 - system 5787 type: object 5788 secret: 5789 description: 'Secret represents a secret that should populate 5790 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5791 properties: 5792 defaultMode: 5793 description: 'Optional: mode bits to use on created files 5794 by default. Must be a value between 0 and 0777. Defaults 5795 to 0644. Directories within the path are not affected 5796 by this setting. This might be in conflict with other 5797 options that affect the file mode, like fsGroup, and the 5798 result can be other mode bits set.' 5799 format: int32 5800 type: integer 5801 items: 5802 description: If unspecified, each key-value pair in the 5803 Data field of the referenced Secret will be projected 5804 into the volume as a file whose name is the key and content 5805 is the value. If specified, the listed keys will be projected 5806 into the specified paths, and unlisted keys will not be 5807 present. If a key is specified which is not present in 5808 the Secret, the volume setup will error unless it is marked 5809 optional. Paths must be relative and may not contain the 5810 '..' path or start with '..'. 5811 items: 5812 description: Maps a string key to a path within a volume. 5813 properties: 5814 key: 5815 description: The key to project. 5816 type: string 5817 mode: 5818 description: 'Optional: mode bits to use on this file, 5819 must be a value between 0 and 0777. If not specified, 5820 the volume defaultMode will be used. This might 5821 be in conflict with other options that affect the 5822 file mode, like fsGroup, and the result can be other 5823 mode bits set.' 5824 format: int32 5825 type: integer 5826 path: 5827 description: The relative path of the file to map 5828 the key to. May not be an absolute path. May not 5829 contain the path element '..'. May not start with 5830 the string '..'. 5831 type: string 5832 required: 5833 - key 5834 - path 5835 type: object 5836 type: array 5837 optional: 5838 description: Specify whether the Secret or its keys must 5839 be defined 5840 type: boolean 5841 secretName: 5842 description: 'Name of the secret in the pod''s namespace 5843 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 5844 type: string 5845 type: object 5846 storageos: 5847 description: StorageOS represents a StorageOS volume attached 5848 and mounted on Kubernetes nodes. 5849 properties: 5850 fsType: 5851 description: Filesystem type to mount. Must be a filesystem 5852 type supported by the host operating system. Ex. "ext4", 5853 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 5854 type: string 5855 readOnly: 5856 description: Defaults to false (read/write). ReadOnly here 5857 will force the ReadOnly setting in VolumeMounts. 5858 type: boolean 5859 secretRef: 5860 description: SecretRef specifies the secret to use for obtaining 5861 the StorageOS API credentials. If not specified, default 5862 values will be attempted. 5863 properties: 5864 name: 5865 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5866 TODO: Add other useful fields. apiVersion, kind, uid?' 5867 type: string 5868 type: object 5869 volumeName: 5870 description: VolumeName is the human-readable name of the 5871 StorageOS volume. Volume names are only unique within 5872 a namespace. 5873 type: string 5874 volumeNamespace: 5875 description: VolumeNamespace specifies the scope of the 5876 volume within StorageOS. If no namespace is specified 5877 then the Pod's namespace will be used. This allows the 5878 Kubernetes name scoping to be mirrored within StorageOS 5879 for tighter integration. Set VolumeName to any name to 5880 override the default behaviour. Set to "default" if you 5881 are not using namespaces within StorageOS. Namespaces 5882 that do not pre-exist within StorageOS will be created. 5883 type: string 5884 type: object 5885 vsphereVolume: 5886 description: VsphereVolume represents a vSphere volume attached 5887 and mounted on kubelets host machine 5888 properties: 5889 fsType: 5890 description: Filesystem type to mount. Must be a filesystem 5891 type supported by the host operating system. Ex. "ext4", 5892 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 5893 type: string 5894 storagePolicyID: 5895 description: Storage Policy Based Management (SPBM) profile 5896 ID associated with the StoragePolicyName. 5897 type: string 5898 storagePolicyName: 5899 description: Storage Policy Based Management (SPBM) profile 5900 name. 5901 type: string 5902 volumePath: 5903 description: Path that identifies vSphere volume vmdk 5904 type: string 5905 required: 5906 - volumePath 5907 type: object 5908 required: 5909 - name 5910 type: object 5911 type: array 5912 type: object 5913 status: 5914 description: 'Most recent observed status of the Alertmanager cluster. 5915 Read-only. Not included when requesting from the apiserver, only from 5916 the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 5917 properties: 5918 availableReplicas: 5919 description: Total number of available pods (ready for at least minReadySeconds) 5920 targeted by this Alertmanager cluster. 5921 format: int32 5922 type: integer 5923 paused: 5924 description: Represents whether any actions on the underlying managed 5925 objects are being performed. Only delete actions will be performed. 5926 type: boolean 5927 replicas: 5928 description: Total number of non-terminated pods targeted by this 5929 Alertmanager cluster (their labels match the selector). 5930 format: int32 5931 type: integer 5932 unavailableReplicas: 5933 description: Total number of unavailable pods targeted by this Alertmanager 5934 cluster. 5935 format: int32 5936 type: integer 5937 updatedReplicas: 5938 description: Total number of non-terminated pods targeted by this 5939 Alertmanager cluster that have the desired version spec. 5940 format: int32 5941 type: integer 5942 required: 5943 - availableReplicas 5944 - paused 5945 - replicas 5946 - unavailableReplicas 5947 - updatedReplicas 5948 type: object 5949 required: 5950 - spec 5951 type: object 5952 served: true 5953 storage: true 5954 subresources: {} 5955 status: 5956 acceptedNames: 5957 kind: "" 5958 plural: "" 5959 conditions: [] 5960 storedVersions: [] 5961 --- 5962 5963 --- 5964 apiVersion: apiextensions.k8s.io/v1 5965 kind: CustomResourceDefinition 5966 metadata: 5967 annotations: 5968 controller-gen.kubebuilder.io/version: v0.2.4 5969 creationTimestamp: null 5970 name: podmonitors.monitoring.coreos.com 5971 spec: 5972 group: monitoring.coreos.com 5973 names: 5974 kind: PodMonitor 5975 listKind: PodMonitorList 5976 plural: podmonitors 5977 singular: podmonitor 5978 scope: Namespaced 5979 versions: 5980 - name: v1 5981 schema: 5982 openAPIV3Schema: 5983 description: PodMonitor defines monitoring for a set of pods. 5984 properties: 5985 apiVersion: 5986 description: 'APIVersion defines the versioned schema of this representation 5987 of an object. Servers should convert recognized schemas to the latest 5988 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 5989 type: string 5990 kind: 5991 description: 'Kind is a string value representing the REST resource this 5992 object represents. Servers may infer this from the endpoint the client 5993 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 5994 type: string 5995 metadata: 5996 type: object 5997 spec: 5998 description: Specification of desired Pod selection for target discovery 5999 by Prometheus. 6000 properties: 6001 jobLabel: 6002 description: The label to use to retrieve the job name from. 6003 type: string 6004 namespaceSelector: 6005 description: Selector to select which namespaces the Endpoints objects 6006 are discovered from. 6007 properties: 6008 any: 6009 description: Boolean describing whether all namespaces are selected 6010 in contrast to a list restricting them. 6011 type: boolean 6012 matchNames: 6013 description: List of namespace names. 6014 items: 6015 type: string 6016 type: array 6017 type: object 6018 podMetricsEndpoints: 6019 description: A list of endpoints allowed as part of this PodMonitor. 6020 items: 6021 description: PodMetricsEndpoint defines a scrapeable endpoint of 6022 a Kubernetes Pod serving Prometheus metrics. 6023 properties: 6024 basicAuth: 6025 description: 'BasicAuth allow an endpoint to authenticate over 6026 basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' 6027 properties: 6028 password: 6029 description: The secret in the service monitor namespace 6030 that contains the password for authentication. 6031 properties: 6032 key: 6033 description: The key of the secret to select from. Must 6034 be a valid secret key. 6035 type: string 6036 name: 6037 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6038 TODO: Add other useful fields. apiVersion, kind, uid?' 6039 type: string 6040 optional: 6041 description: Specify whether the Secret or its key must 6042 be defined 6043 type: boolean 6044 required: 6045 - key 6046 type: object 6047 username: 6048 description: The secret in the service monitor namespace 6049 that contains the username for authentication. 6050 properties: 6051 key: 6052 description: The key of the secret to select from. Must 6053 be a valid secret key. 6054 type: string 6055 name: 6056 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6057 TODO: Add other useful fields. apiVersion, kind, uid?' 6058 type: string 6059 optional: 6060 description: Specify whether the Secret or its key must 6061 be defined 6062 type: boolean 6063 required: 6064 - key 6065 type: object 6066 type: object 6067 bearerTokenSecret: 6068 description: Secret to mount to read bearer token for scraping 6069 targets. The secret needs to be in the same namespace as the 6070 pod monitor and accessible by the Prometheus Operator. 6071 properties: 6072 key: 6073 description: The key of the secret to select from. Must 6074 be a valid secret key. 6075 type: string 6076 name: 6077 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6078 TODO: Add other useful fields. apiVersion, kind, uid?' 6079 type: string 6080 optional: 6081 description: Specify whether the Secret or its key must 6082 be defined 6083 type: boolean 6084 required: 6085 - key 6086 type: object 6087 honorLabels: 6088 description: HonorLabels chooses the metric's labels on collisions 6089 with target labels. 6090 type: boolean 6091 honorTimestamps: 6092 description: HonorTimestamps controls whether Prometheus respects 6093 the timestamps present in scraped data. 6094 type: boolean 6095 interval: 6096 description: Interval at which metrics should be scraped 6097 type: string 6098 metricRelabelings: 6099 description: MetricRelabelConfigs to apply to samples before 6100 ingestion. 6101 items: 6102 description: 'RelabelConfig allows dynamic rewriting of the 6103 label set, being applied to samples before ingestion. It 6104 defines `<metric_relabel_configs>`-section of Prometheus 6105 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 6106 properties: 6107 action: 6108 description: Action to perform based on regex matching. 6109 Default is 'replace' 6110 type: string 6111 modulus: 6112 description: Modulus to take of the hash of the source 6113 label values. 6114 format: int64 6115 type: integer 6116 regex: 6117 description: Regular expression against which the extracted 6118 value is matched. Default is '(.*)' 6119 type: string 6120 replacement: 6121 description: Replacement value against which a regex replace 6122 is performed if the regular expression matches. Regex 6123 capture groups are available. Default is '$1' 6124 type: string 6125 separator: 6126 description: Separator placed between concatenated source 6127 label values. default is ';'. 6128 type: string 6129 sourceLabels: 6130 description: The source labels select values from existing 6131 labels. Their content is concatenated using the configured 6132 separator and matched against the configured regular 6133 expression for the replace, keep, and drop actions. 6134 items: 6135 type: string 6136 type: array 6137 targetLabel: 6138 description: Label to which the resulting value is written 6139 in a replace action. It is mandatory for replace actions. 6140 Regex capture groups are available. 6141 type: string 6142 type: object 6143 type: array 6144 params: 6145 additionalProperties: 6146 items: 6147 type: string 6148 type: array 6149 description: Optional HTTP URL parameters 6150 type: object 6151 path: 6152 description: HTTP path to scrape for metrics. 6153 type: string 6154 port: 6155 description: Name of the pod port this endpoint refers to. Mutually 6156 exclusive with targetPort. 6157 type: string 6158 proxyUrl: 6159 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 6160 to proxy through this endpoint. 6161 type: string 6162 relabelings: 6163 description: 'RelabelConfigs to apply to samples before ingestion. 6164 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 6165 items: 6166 description: 'RelabelConfig allows dynamic rewriting of the 6167 label set, being applied to samples before ingestion. It 6168 defines `<metric_relabel_configs>`-section of Prometheus 6169 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 6170 properties: 6171 action: 6172 description: Action to perform based on regex matching. 6173 Default is 'replace' 6174 type: string 6175 modulus: 6176 description: Modulus to take of the hash of the source 6177 label values. 6178 format: int64 6179 type: integer 6180 regex: 6181 description: Regular expression against which the extracted 6182 value is matched. Default is '(.*)' 6183 type: string 6184 replacement: 6185 description: Replacement value against which a regex replace 6186 is performed if the regular expression matches. Regex 6187 capture groups are available. Default is '$1' 6188 type: string 6189 separator: 6190 description: Separator placed between concatenated source 6191 label values. default is ';'. 6192 type: string 6193 sourceLabels: 6194 description: The source labels select values from existing 6195 labels. Their content is concatenated using the configured 6196 separator and matched against the configured regular 6197 expression for the replace, keep, and drop actions. 6198 items: 6199 type: string 6200 type: array 6201 targetLabel: 6202 description: Label to which the resulting value is written 6203 in a replace action. It is mandatory for replace actions. 6204 Regex capture groups are available. 6205 type: string 6206 type: object 6207 type: array 6208 scheme: 6209 description: HTTP scheme to use for scraping. 6210 type: string 6211 scrapeTimeout: 6212 description: Timeout after which the scrape is ended 6213 type: string 6214 targetPort: 6215 anyOf: 6216 - type: integer 6217 - type: string 6218 description: 'Deprecated: Use ''port'' instead.' 6219 x-kubernetes-int-or-string: true 6220 tlsConfig: 6221 description: TLS configuration to use when scraping the endpoint. 6222 properties: 6223 ca: 6224 description: Struct containing the CA cert to use for the 6225 targets. 6226 properties: 6227 configMap: 6228 description: ConfigMap containing data to use for the 6229 targets. 6230 properties: 6231 key: 6232 description: The key to select. 6233 type: string 6234 name: 6235 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6236 TODO: Add other useful fields. apiVersion, kind, 6237 uid?' 6238 type: string 6239 optional: 6240 description: Specify whether the ConfigMap or its 6241 key must be defined 6242 type: boolean 6243 required: 6244 - key 6245 type: object 6246 secret: 6247 description: Secret containing data to use for the targets. 6248 properties: 6249 key: 6250 description: The key of the secret to select from. Must 6251 be a valid secret key. 6252 type: string 6253 name: 6254 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6255 TODO: Add other useful fields. apiVersion, kind, 6256 uid?' 6257 type: string 6258 optional: 6259 description: Specify whether the Secret or its key 6260 must be defined 6261 type: boolean 6262 required: 6263 - key 6264 type: object 6265 type: object 6266 cert: 6267 description: Struct containing the client cert file for 6268 the targets. 6269 properties: 6270 configMap: 6271 description: ConfigMap containing data to use for the 6272 targets. 6273 properties: 6274 key: 6275 description: The key to select. 6276 type: string 6277 name: 6278 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6279 TODO: Add other useful fields. apiVersion, kind, 6280 uid?' 6281 type: string 6282 optional: 6283 description: Specify whether the ConfigMap or its 6284 key must be defined 6285 type: boolean 6286 required: 6287 - key 6288 type: object 6289 secret: 6290 description: Secret containing data to use for the targets. 6291 properties: 6292 key: 6293 description: The key of the secret to select from. Must 6294 be a valid secret key. 6295 type: string 6296 name: 6297 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6298 TODO: Add other useful fields. apiVersion, kind, 6299 uid?' 6300 type: string 6301 optional: 6302 description: Specify whether the Secret or its key 6303 must be defined 6304 type: boolean 6305 required: 6306 - key 6307 type: object 6308 type: object 6309 insecureSkipVerify: 6310 description: Disable target certificate validation. 6311 type: boolean 6312 keySecret: 6313 description: Secret containing the client key file for the 6314 targets. 6315 properties: 6316 key: 6317 description: The key of the secret to select from. Must 6318 be a valid secret key. 6319 type: string 6320 name: 6321 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6322 TODO: Add other useful fields. apiVersion, kind, uid?' 6323 type: string 6324 optional: 6325 description: Specify whether the Secret or its key must 6326 be defined 6327 type: boolean 6328 required: 6329 - key 6330 type: object 6331 serverName: 6332 description: Used to verify the hostname for the targets. 6333 type: string 6334 type: object 6335 type: object 6336 type: array 6337 podTargetLabels: 6338 description: PodTargetLabels transfers labels on the Kubernetes Pod 6339 onto the target. 6340 items: 6341 type: string 6342 type: array 6343 sampleLimit: 6344 description: SampleLimit defines per-scrape limit on number of scraped 6345 samples that will be accepted. 6346 format: int64 6347 type: integer 6348 selector: 6349 description: Selector to select Pod objects. 6350 properties: 6351 matchExpressions: 6352 description: matchExpressions is a list of label selector requirements. 6353 The requirements are ANDed. 6354 items: 6355 description: A label selector requirement is a selector that 6356 contains values, a key, and an operator that relates the key 6357 and values. 6358 properties: 6359 key: 6360 description: key is the label key that the selector applies 6361 to. 6362 type: string 6363 operator: 6364 description: operator represents a key's relationship to 6365 a set of values. Valid operators are In, NotIn, Exists 6366 and DoesNotExist. 6367 type: string 6368 values: 6369 description: values is an array of string values. If the 6370 operator is In or NotIn, the values array must be non-empty. 6371 If the operator is Exists or DoesNotExist, the values 6372 array must be empty. This array is replaced during a strategic 6373 merge patch. 6374 items: 6375 type: string 6376 type: array 6377 required: 6378 - key 6379 - operator 6380 type: object 6381 type: array 6382 matchLabels: 6383 additionalProperties: 6384 type: string 6385 description: matchLabels is a map of {key,value} pairs. A single 6386 {key,value} in the matchLabels map is equivalent to an element 6387 of matchExpressions, whose key field is "key", the operator 6388 is "In", and the values array contains only "value". The requirements 6389 are ANDed. 6390 type: object 6391 type: object 6392 targetLimit: 6393 description: TargetLimit defines a limit on the number of scraped 6394 targets that will be accepted. 6395 format: int64 6396 type: integer 6397 required: 6398 - podMetricsEndpoints 6399 - selector 6400 type: object 6401 required: 6402 - spec 6403 type: object 6404 served: true 6405 storage: true 6406 status: 6407 acceptedNames: 6408 kind: "" 6409 plural: "" 6410 conditions: [] 6411 storedVersions: [] 6412 --- 6413 6414 --- 6415 apiVersion: apiextensions.k8s.io/v1 6416 kind: CustomResourceDefinition 6417 metadata: 6418 annotations: 6419 controller-gen.kubebuilder.io/version: v0.2.4 6420 creationTimestamp: null 6421 name: probes.monitoring.coreos.com 6422 spec: 6423 group: monitoring.coreos.com 6424 names: 6425 kind: Probe 6426 listKind: ProbeList 6427 plural: probes 6428 singular: probe 6429 scope: Namespaced 6430 versions: 6431 - name: v1 6432 schema: 6433 openAPIV3Schema: 6434 description: Probe defines monitoring for a set of static targets or ingresses. 6435 properties: 6436 apiVersion: 6437 description: 'APIVersion defines the versioned schema of this representation 6438 of an object. Servers should convert recognized schemas to the latest 6439 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6440 type: string 6441 kind: 6442 description: 'Kind is a string value representing the REST resource this 6443 object represents. Servers may infer this from the endpoint the client 6444 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6445 type: string 6446 metadata: 6447 type: object 6448 spec: 6449 description: Specification of desired Ingress selection for target discovery 6450 by Prometheus. 6451 properties: 6452 interval: 6453 description: Interval at which targets are probed using the configured 6454 prober. If not specified Prometheus' global scrape interval is used. 6455 type: string 6456 jobName: 6457 description: The job name assigned to scraped metrics by default. 6458 type: string 6459 module: 6460 description: 'The module to use for probing specifying how to probe 6461 the target. Example module configuring in the blackbox exporter: 6462 https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' 6463 type: string 6464 prober: 6465 description: Specification for the prober to use for probing targets. 6466 The prober.URL parameter is required. Targets cannot be probed if 6467 left empty. 6468 properties: 6469 path: 6470 description: Path to collect metrics from. Defaults to `/probe`. 6471 type: string 6472 scheme: 6473 description: HTTP scheme to use for scraping. Defaults to `http`. 6474 type: string 6475 url: 6476 description: Mandatory URL of the prober. 6477 type: string 6478 required: 6479 - url 6480 type: object 6481 scrapeTimeout: 6482 description: Timeout for scraping metrics from the Prometheus exporter. 6483 type: string 6484 targets: 6485 description: Targets defines a set of static and/or dynamically discovered 6486 targets to be probed using the prober. 6487 properties: 6488 ingress: 6489 description: Ingress defines the set of dynamically discovered 6490 ingress objects which hosts are considered for probing. 6491 properties: 6492 namespaceSelector: 6493 description: Select Ingress objects by namespace. 6494 properties: 6495 any: 6496 description: Boolean describing whether all namespaces 6497 are selected in contrast to a list restricting them. 6498 type: boolean 6499 matchNames: 6500 description: List of namespace names. 6501 items: 6502 type: string 6503 type: array 6504 type: object 6505 relabelingConfigs: 6506 description: 'RelabelConfigs to apply to samples before ingestion. 6507 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 6508 items: 6509 description: 'RelabelConfig allows dynamic rewriting of 6510 the label set, being applied to samples before ingestion. 6511 It defines `<metric_relabel_configs>`-section of Prometheus 6512 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 6513 properties: 6514 action: 6515 description: Action to perform based on regex matching. 6516 Default is 'replace' 6517 type: string 6518 modulus: 6519 description: Modulus to take of the hash of the source 6520 label values. 6521 format: int64 6522 type: integer 6523 regex: 6524 description: Regular expression against which the extracted 6525 value is matched. Default is '(.*)' 6526 type: string 6527 replacement: 6528 description: Replacement value against which a regex 6529 replace is performed if the regular expression matches. 6530 Regex capture groups are available. Default is '$1' 6531 type: string 6532 separator: 6533 description: Separator placed between concatenated source 6534 label values. default is ';'. 6535 type: string 6536 sourceLabels: 6537 description: The source labels select values from existing 6538 labels. Their content is concatenated using the configured 6539 separator and matched against the configured regular 6540 expression for the replace, keep, and drop actions. 6541 items: 6542 type: string 6543 type: array 6544 targetLabel: 6545 description: Label to which the resulting value is written 6546 in a replace action. It is mandatory for replace actions. 6547 Regex capture groups are available. 6548 type: string 6549 type: object 6550 type: array 6551 selector: 6552 description: Select Ingress objects by labels. 6553 properties: 6554 matchExpressions: 6555 description: matchExpressions is a list of label selector 6556 requirements. The requirements are ANDed. 6557 items: 6558 description: A label selector requirement is a selector 6559 that contains values, a key, and an operator that 6560 relates the key and values. 6561 properties: 6562 key: 6563 description: key is the label key that the selector 6564 applies to. 6565 type: string 6566 operator: 6567 description: operator represents a key's relationship 6568 to a set of values. Valid operators are In, NotIn, 6569 Exists and DoesNotExist. 6570 type: string 6571 values: 6572 description: values is an array of string values. 6573 If the operator is In or NotIn, the values array 6574 must be non-empty. If the operator is Exists or 6575 DoesNotExist, the values array must be empty. 6576 This array is replaced during a strategic merge 6577 patch. 6578 items: 6579 type: string 6580 type: array 6581 required: 6582 - key 6583 - operator 6584 type: object 6585 type: array 6586 matchLabels: 6587 additionalProperties: 6588 type: string 6589 description: matchLabels is a map of {key,value} pairs. 6590 A single {key,value} in the matchLabels map is equivalent 6591 to an element of matchExpressions, whose key field is 6592 "key", the operator is "In", and the values array contains 6593 only "value". The requirements are ANDed. 6594 type: object 6595 type: object 6596 type: object 6597 staticConfig: 6598 description: 'StaticConfig defines static targets which are considers 6599 for probing. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' 6600 properties: 6601 labels: 6602 additionalProperties: 6603 type: string 6604 description: Labels assigned to all metrics scraped from the 6605 targets. 6606 type: object 6607 static: 6608 description: Targets is a list of URLs to probe using the 6609 configured prober. 6610 items: 6611 type: string 6612 type: array 6613 type: object 6614 type: object 6615 type: object 6616 required: 6617 - spec 6618 type: object 6619 served: true 6620 storage: true 6621 status: 6622 acceptedNames: 6623 kind: "" 6624 plural: "" 6625 conditions: [] 6626 storedVersions: [] 6627 --- 6628 6629 --- 6630 apiVersion: apiextensions.k8s.io/v1 6631 kind: CustomResourceDefinition 6632 metadata: 6633 annotations: 6634 controller-gen.kubebuilder.io/version: v0.2.4 6635 creationTimestamp: null 6636 name: prometheuses.monitoring.coreos.com 6637 spec: 6638 group: monitoring.coreos.com 6639 names: 6640 kind: Prometheus 6641 listKind: PrometheusList 6642 plural: prometheuses 6643 singular: prometheus 6644 scope: Namespaced 6645 versions: 6646 - additionalPrinterColumns: 6647 - description: The version of Prometheus 6648 jsonPath: .spec.version 6649 name: Version 6650 type: string 6651 - description: The desired replicas number of Prometheuses 6652 jsonPath: .spec.replicas 6653 name: Replicas 6654 type: integer 6655 - jsonPath: .metadata.creationTimestamp 6656 name: Age 6657 type: date 6658 name: v1 6659 schema: 6660 openAPIV3Schema: 6661 description: Prometheus defines a Prometheus deployment. 6662 properties: 6663 apiVersion: 6664 description: 'APIVersion defines the versioned schema of this representation 6665 of an object. Servers should convert recognized schemas to the latest 6666 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6667 type: string 6668 kind: 6669 description: 'Kind is a string value representing the REST resource this 6670 object represents. Servers may infer this from the endpoint the client 6671 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6672 type: string 6673 metadata: 6674 type: object 6675 spec: 6676 description: 'Specification of the desired behavior of the Prometheus 6677 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 6678 properties: 6679 additionalAlertManagerConfigs: 6680 description: 'AdditionalAlertManagerConfigs allows specifying a key 6681 of a Secret containing additional Prometheus AlertManager configurations. 6682 AlertManager configurations specified are appended to the configurations 6683 generated by the Prometheus Operator. Job configurations specified 6684 must have the form as specified in the official Prometheus documentation: 6685 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. 6686 As AlertManager configs are appended, the user is responsible to 6687 make sure it is valid. Note that using this feature may expose the 6688 possibility to break upgrades of Prometheus. It is advised to review 6689 Prometheus release notes to ensure that no incompatible AlertManager 6690 configs are going to break Prometheus after the upgrade.' 6691 properties: 6692 key: 6693 description: The key of the secret to select from. Must be a 6694 valid secret key. 6695 type: string 6696 name: 6697 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6698 TODO: Add other useful fields. apiVersion, kind, uid?' 6699 type: string 6700 optional: 6701 description: Specify whether the Secret or its key must be defined 6702 type: boolean 6703 required: 6704 - key 6705 type: object 6706 additionalAlertRelabelConfigs: 6707 description: 'AdditionalAlertRelabelConfigs allows specifying a key 6708 of a Secret containing additional Prometheus alert relabel configurations. 6709 Alert relabel configurations specified are appended to the configurations 6710 generated by the Prometheus Operator. Alert relabel configurations 6711 specified must have the form as specified in the official Prometheus 6712 documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. 6713 As alert relabel configs are appended, the user is responsible to 6714 make sure it is valid. Note that using this feature may expose the 6715 possibility to break upgrades of Prometheus. It is advised to review 6716 Prometheus release notes to ensure that no incompatible alert relabel 6717 configs are going to break Prometheus after the upgrade.' 6718 properties: 6719 key: 6720 description: The key of the secret to select from. Must be a 6721 valid secret key. 6722 type: string 6723 name: 6724 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6725 TODO: Add other useful fields. apiVersion, kind, uid?' 6726 type: string 6727 optional: 6728 description: Specify whether the Secret or its key must be defined 6729 type: boolean 6730 required: 6731 - key 6732 type: object 6733 additionalScrapeConfigs: 6734 description: 'AdditionalScrapeConfigs allows specifying a key of a 6735 Secret containing additional Prometheus scrape configurations. Scrape 6736 configurations specified are appended to the configurations generated 6737 by the Prometheus Operator. Job configurations specified must have 6738 the form as specified in the official Prometheus documentation: 6739 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. 6740 As scrape configs are appended, the user is responsible to make 6741 sure it is valid. Note that using this feature may expose the possibility 6742 to break upgrades of Prometheus. It is advised to review Prometheus 6743 release notes to ensure that no incompatible scrape configs are 6744 going to break Prometheus after the upgrade.' 6745 properties: 6746 key: 6747 description: The key of the secret to select from. Must be a 6748 valid secret key. 6749 type: string 6750 name: 6751 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6752 TODO: Add other useful fields. apiVersion, kind, uid?' 6753 type: string 6754 optional: 6755 description: Specify whether the Secret or its key must be defined 6756 type: boolean 6757 required: 6758 - key 6759 type: object 6760 affinity: 6761 description: If specified, the pod's scheduling constraints. 6762 properties: 6763 nodeAffinity: 6764 description: Describes node affinity scheduling rules for the 6765 pod. 6766 properties: 6767 preferredDuringSchedulingIgnoredDuringExecution: 6768 description: The scheduler will prefer to schedule pods to 6769 nodes that satisfy the affinity expressions specified by 6770 this field, but it may choose a node that violates one or 6771 more of the expressions. The node that is most preferred 6772 is the one with the greatest sum of weights, i.e. for each 6773 node that meets all of the scheduling requirements (resource 6774 request, requiredDuringScheduling affinity expressions, 6775 etc.), compute a sum by iterating through the elements of 6776 this field and adding "weight" to the sum if the node matches 6777 the corresponding matchExpressions; the node(s) with the 6778 highest sum are the most preferred. 6779 items: 6780 description: An empty preferred scheduling term matches 6781 all objects with implicit weight 0 (i.e. it's a no-op). 6782 A null preferred scheduling term matches no objects (i.e. 6783 is also a no-op). 6784 properties: 6785 preference: 6786 description: A node selector term, associated with the 6787 corresponding weight. 6788 properties: 6789 matchExpressions: 6790 description: A list of node selector requirements 6791 by node's labels. 6792 items: 6793 description: A node selector requirement is a 6794 selector that contains values, a key, and an 6795 operator that relates the key and values. 6796 properties: 6797 key: 6798 description: The label key that the selector 6799 applies to. 6800 type: string 6801 operator: 6802 description: Represents a key's relationship 6803 to a set of values. Valid operators are 6804 In, NotIn, Exists, DoesNotExist. Gt, and 6805 Lt. 6806 type: string 6807 values: 6808 description: An array of string values. If 6809 the operator is In or NotIn, the values 6810 array must be non-empty. If the operator 6811 is Exists or DoesNotExist, the values array 6812 must be empty. If the operator is Gt or 6813 Lt, the values array must have a single 6814 element, which will be interpreted as an 6815 integer. This array is replaced during a 6816 strategic merge patch. 6817 items: 6818 type: string 6819 type: array 6820 required: 6821 - key 6822 - operator 6823 type: object 6824 type: array 6825 matchFields: 6826 description: A list of node selector requirements 6827 by node's fields. 6828 items: 6829 description: A node selector requirement is a 6830 selector that contains values, a key, and an 6831 operator that relates the key and values. 6832 properties: 6833 key: 6834 description: The label key that the selector 6835 applies to. 6836 type: string 6837 operator: 6838 description: Represents a key's relationship 6839 to a set of values. Valid operators are 6840 In, NotIn, Exists, DoesNotExist. Gt, and 6841 Lt. 6842 type: string 6843 values: 6844 description: An array of string values. If 6845 the operator is In or NotIn, the values 6846 array must be non-empty. If the operator 6847 is Exists or DoesNotExist, the values array 6848 must be empty. If the operator is Gt or 6849 Lt, the values array must have a single 6850 element, which will be interpreted as an 6851 integer. This array is replaced during a 6852 strategic merge patch. 6853 items: 6854 type: string 6855 type: array 6856 required: 6857 - key 6858 - operator 6859 type: object 6860 type: array 6861 type: object 6862 weight: 6863 description: Weight associated with matching the corresponding 6864 nodeSelectorTerm, in the range 1-100. 6865 format: int32 6866 type: integer 6867 required: 6868 - preference 6869 - weight 6870 type: object 6871 type: array 6872 requiredDuringSchedulingIgnoredDuringExecution: 6873 description: If the affinity requirements specified by this 6874 field are not met at scheduling time, the pod will not be 6875 scheduled onto the node. If the affinity requirements specified 6876 by this field cease to be met at some point during pod execution 6877 (e.g. due to an update), the system may or may not try to 6878 eventually evict the pod from its node. 6879 properties: 6880 nodeSelectorTerms: 6881 description: Required. A list of node selector terms. 6882 The terms are ORed. 6883 items: 6884 description: A null or empty node selector term matches 6885 no objects. The requirements of them are ANDed. The 6886 TopologySelectorTerm type implements a subset of the 6887 NodeSelectorTerm. 6888 properties: 6889 matchExpressions: 6890 description: A list of node selector requirements 6891 by node's labels. 6892 items: 6893 description: A node selector requirement is a 6894 selector that contains values, a key, and an 6895 operator that relates the key and values. 6896 properties: 6897 key: 6898 description: The label key that the selector 6899 applies to. 6900 type: string 6901 operator: 6902 description: Represents a key's relationship 6903 to a set of values. Valid operators are 6904 In, NotIn, Exists, DoesNotExist. Gt, and 6905 Lt. 6906 type: string 6907 values: 6908 description: An array of string values. If 6909 the operator is In or NotIn, the values 6910 array must be non-empty. If the operator 6911 is Exists or DoesNotExist, the values array 6912 must be empty. If the operator is Gt or 6913 Lt, the values array must have a single 6914 element, which will be interpreted as an 6915 integer. This array is replaced during a 6916 strategic merge patch. 6917 items: 6918 type: string 6919 type: array 6920 required: 6921 - key 6922 - operator 6923 type: object 6924 type: array 6925 matchFields: 6926 description: A list of node selector requirements 6927 by node's fields. 6928 items: 6929 description: A node selector requirement is a 6930 selector that contains values, a key, and an 6931 operator that relates the key and values. 6932 properties: 6933 key: 6934 description: The label key that the selector 6935 applies to. 6936 type: string 6937 operator: 6938 description: Represents a key's relationship 6939 to a set of values. Valid operators are 6940 In, NotIn, Exists, DoesNotExist. Gt, and 6941 Lt. 6942 type: string 6943 values: 6944 description: An array of string values. If 6945 the operator is In or NotIn, the values 6946 array must be non-empty. If the operator 6947 is Exists or DoesNotExist, the values array 6948 must be empty. If the operator is Gt or 6949 Lt, the values array must have a single 6950 element, which will be interpreted as an 6951 integer. This array is replaced during a 6952 strategic merge patch. 6953 items: 6954 type: string 6955 type: array 6956 required: 6957 - key 6958 - operator 6959 type: object 6960 type: array 6961 type: object 6962 type: array 6963 required: 6964 - nodeSelectorTerms 6965 type: object 6966 type: object 6967 podAffinity: 6968 description: Describes pod affinity scheduling rules (e.g. co-locate 6969 this pod in the same node, zone, etc. as some other pod(s)). 6970 properties: 6971 preferredDuringSchedulingIgnoredDuringExecution: 6972 description: The scheduler will prefer to schedule pods to 6973 nodes that satisfy the affinity expressions specified by 6974 this field, but it may choose a node that violates one or 6975 more of the expressions. The node that is most preferred 6976 is the one with the greatest sum of weights, i.e. for each 6977 node that meets all of the scheduling requirements (resource 6978 request, requiredDuringScheduling affinity expressions, 6979 etc.), compute a sum by iterating through the elements of 6980 this field and adding "weight" to the sum if the node has 6981 pods which matches the corresponding podAffinityTerm; the 6982 node(s) with the highest sum are the most preferred. 6983 items: 6984 description: The weights of all of the matched WeightedPodAffinityTerm 6985 fields are added per-node to find the most preferred node(s) 6986 properties: 6987 podAffinityTerm: 6988 description: Required. A pod affinity term, associated 6989 with the corresponding weight. 6990 properties: 6991 labelSelector: 6992 description: A label query over a set of resources, 6993 in this case pods. 6994 properties: 6995 matchExpressions: 6996 description: matchExpressions is a list of label 6997 selector requirements. The requirements are 6998 ANDed. 6999 items: 7000 description: A label selector requirement 7001 is a selector that contains values, a key, 7002 and an operator that relates the key and 7003 values. 7004 properties: 7005 key: 7006 description: key is the label key that 7007 the selector applies to. 7008 type: string 7009 operator: 7010 description: operator represents a key's 7011 relationship to a set of values. Valid 7012 operators are In, NotIn, Exists and 7013 DoesNotExist. 7014 type: string 7015 values: 7016 description: values is an array of string 7017 values. If the operator is In or NotIn, 7018 the values array must be non-empty. 7019 If the operator is Exists or DoesNotExist, 7020 the values array must be empty. This 7021 array is replaced during a strategic 7022 merge patch. 7023 items: 7024 type: string 7025 type: array 7026 required: 7027 - key 7028 - operator 7029 type: object 7030 type: array 7031 matchLabels: 7032 additionalProperties: 7033 type: string 7034 description: matchLabels is a map of {key,value} 7035 pairs. A single {key,value} in the matchLabels 7036 map is equivalent to an element of matchExpressions, 7037 whose key field is "key", the operator is 7038 "In", and the values array contains only "value". 7039 The requirements are ANDed. 7040 type: object 7041 type: object 7042 namespaces: 7043 description: namespaces specifies which namespaces 7044 the labelSelector applies to (matches against); 7045 null or empty list means "this pod's namespace" 7046 items: 7047 type: string 7048 type: array 7049 topologyKey: 7050 description: This pod should be co-located (affinity) 7051 or not co-located (anti-affinity) with the pods 7052 matching the labelSelector in the specified namespaces, 7053 where co-located is defined as running on a node 7054 whose value of the label with key topologyKey 7055 matches that of any node on which any of the selected 7056 pods is running. Empty topologyKey is not allowed. 7057 type: string 7058 required: 7059 - topologyKey 7060 type: object 7061 weight: 7062 description: weight associated with matching the corresponding 7063 podAffinityTerm, in the range 1-100. 7064 format: int32 7065 type: integer 7066 required: 7067 - podAffinityTerm 7068 - weight 7069 type: object 7070 type: array 7071 requiredDuringSchedulingIgnoredDuringExecution: 7072 description: If the affinity requirements specified by this 7073 field are not met at scheduling time, the pod will not be 7074 scheduled onto the node. If the affinity requirements specified 7075 by this field cease to be met at some point during pod execution 7076 (e.g. due to a pod label update), the system may or may 7077 not try to eventually evict the pod from its node. When 7078 there are multiple elements, the lists of nodes corresponding 7079 to each podAffinityTerm are intersected, i.e. all terms 7080 must be satisfied. 7081 items: 7082 description: Defines a set of pods (namely those matching 7083 the labelSelector relative to the given namespace(s)) 7084 that this pod should be co-located (affinity) or not co-located 7085 (anti-affinity) with, where co-located is defined as running 7086 on a node whose value of the label with key <topologyKey> 7087 matches that of any node on which a pod of the set of 7088 pods is running 7089 properties: 7090 labelSelector: 7091 description: A label query over a set of resources, 7092 in this case pods. 7093 properties: 7094 matchExpressions: 7095 description: matchExpressions is a list of label 7096 selector requirements. The requirements are ANDed. 7097 items: 7098 description: A label selector requirement is a 7099 selector that contains values, a key, and an 7100 operator that relates the key and values. 7101 properties: 7102 key: 7103 description: key is the label key that the 7104 selector applies to. 7105 type: string 7106 operator: 7107 description: operator represents a key's relationship 7108 to a set of values. Valid operators are 7109 In, NotIn, Exists and DoesNotExist. 7110 type: string 7111 values: 7112 description: values is an array of string 7113 values. If the operator is In or NotIn, 7114 the values array must be non-empty. If the 7115 operator is Exists or DoesNotExist, the 7116 values array must be empty. This array is 7117 replaced during a strategic merge patch. 7118 items: 7119 type: string 7120 type: array 7121 required: 7122 - key 7123 - operator 7124 type: object 7125 type: array 7126 matchLabels: 7127 additionalProperties: 7128 type: string 7129 description: matchLabels is a map of {key,value} 7130 pairs. A single {key,value} in the matchLabels 7131 map is equivalent to an element of matchExpressions, 7132 whose key field is "key", the operator is "In", 7133 and the values array contains only "value". The 7134 requirements are ANDed. 7135 type: object 7136 type: object 7137 namespaces: 7138 description: namespaces specifies which namespaces the 7139 labelSelector applies to (matches against); null or 7140 empty list means "this pod's namespace" 7141 items: 7142 type: string 7143 type: array 7144 topologyKey: 7145 description: This pod should be co-located (affinity) 7146 or not co-located (anti-affinity) with the pods matching 7147 the labelSelector in the specified namespaces, where 7148 co-located is defined as running on a node whose value 7149 of the label with key topologyKey matches that of 7150 any node on which any of the selected pods is running. 7151 Empty topologyKey is not allowed. 7152 type: string 7153 required: 7154 - topologyKey 7155 type: object 7156 type: array 7157 type: object 7158 podAntiAffinity: 7159 description: Describes pod anti-affinity scheduling rules (e.g. 7160 avoid putting this pod in the same node, zone, etc. as some 7161 other pod(s)). 7162 properties: 7163 preferredDuringSchedulingIgnoredDuringExecution: 7164 description: The scheduler will prefer to schedule pods to 7165 nodes that satisfy the anti-affinity expressions specified 7166 by this field, but it may choose a node that violates one 7167 or more of the expressions. The node that is most preferred 7168 is the one with the greatest sum of weights, i.e. for each 7169 node that meets all of the scheduling requirements (resource 7170 request, requiredDuringScheduling anti-affinity expressions, 7171 etc.), compute a sum by iterating through the elements of 7172 this field and adding "weight" to the sum if the node has 7173 pods which matches the corresponding podAffinityTerm; the 7174 node(s) with the highest sum are the most preferred. 7175 items: 7176 description: The weights of all of the matched WeightedPodAffinityTerm 7177 fields are added per-node to find the most preferred node(s) 7178 properties: 7179 podAffinityTerm: 7180 description: Required. A pod affinity term, associated 7181 with the corresponding weight. 7182 properties: 7183 labelSelector: 7184 description: A label query over a set of resources, 7185 in this case pods. 7186 properties: 7187 matchExpressions: 7188 description: matchExpressions is a list of label 7189 selector requirements. The requirements are 7190 ANDed. 7191 items: 7192 description: A label selector requirement 7193 is a selector that contains values, a key, 7194 and an operator that relates the key and 7195 values. 7196 properties: 7197 key: 7198 description: key is the label key that 7199 the selector applies to. 7200 type: string 7201 operator: 7202 description: operator represents a key's 7203 relationship to a set of values. Valid 7204 operators are In, NotIn, Exists and 7205 DoesNotExist. 7206 type: string 7207 values: 7208 description: values is an array of string 7209 values. If the operator is In or NotIn, 7210 the values array must be non-empty. 7211 If the operator is Exists or DoesNotExist, 7212 the values array must be empty. This 7213 array is replaced during a strategic 7214 merge patch. 7215 items: 7216 type: string 7217 type: array 7218 required: 7219 - key 7220 - operator 7221 type: object 7222 type: array 7223 matchLabels: 7224 additionalProperties: 7225 type: string 7226 description: matchLabels is a map of {key,value} 7227 pairs. A single {key,value} in the matchLabels 7228 map is equivalent to an element of matchExpressions, 7229 whose key field is "key", the operator is 7230 "In", and the values array contains only "value". 7231 The requirements are ANDed. 7232 type: object 7233 type: object 7234 namespaces: 7235 description: namespaces specifies which namespaces 7236 the labelSelector applies to (matches against); 7237 null or empty list means "this pod's namespace" 7238 items: 7239 type: string 7240 type: array 7241 topologyKey: 7242 description: This pod should be co-located (affinity) 7243 or not co-located (anti-affinity) with the pods 7244 matching the labelSelector in the specified namespaces, 7245 where co-located is defined as running on a node 7246 whose value of the label with key topologyKey 7247 matches that of any node on which any of the selected 7248 pods is running. Empty topologyKey is not allowed. 7249 type: string 7250 required: 7251 - topologyKey 7252 type: object 7253 weight: 7254 description: weight associated with matching the corresponding 7255 podAffinityTerm, in the range 1-100. 7256 format: int32 7257 type: integer 7258 required: 7259 - podAffinityTerm 7260 - weight 7261 type: object 7262 type: array 7263 requiredDuringSchedulingIgnoredDuringExecution: 7264 description: If the anti-affinity requirements specified by 7265 this field are not met at scheduling time, the pod will 7266 not be scheduled onto the node. If the anti-affinity requirements 7267 specified by this field cease to be met at some point during 7268 pod execution (e.g. due to a pod label update), the system 7269 may or may not try to eventually evict the pod from its 7270 node. When there are multiple elements, the lists of nodes 7271 corresponding to each podAffinityTerm are intersected, i.e. 7272 all terms must be satisfied. 7273 items: 7274 description: Defines a set of pods (namely those matching 7275 the labelSelector relative to the given namespace(s)) 7276 that this pod should be co-located (affinity) or not co-located 7277 (anti-affinity) with, where co-located is defined as running 7278 on a node whose value of the label with key <topologyKey> 7279 matches that of any node on which a pod of the set of 7280 pods is running 7281 properties: 7282 labelSelector: 7283 description: A label query over a set of resources, 7284 in this case pods. 7285 properties: 7286 matchExpressions: 7287 description: matchExpressions is a list of label 7288 selector requirements. The requirements are ANDed. 7289 items: 7290 description: A label selector requirement is a 7291 selector that contains values, a key, and an 7292 operator that relates the key and values. 7293 properties: 7294 key: 7295 description: key is the label key that the 7296 selector applies to. 7297 type: string 7298 operator: 7299 description: operator represents a key's relationship 7300 to a set of values. Valid operators are 7301 In, NotIn, Exists and DoesNotExist. 7302 type: string 7303 values: 7304 description: values is an array of string 7305 values. If the operator is In or NotIn, 7306 the values array must be non-empty. If the 7307 operator is Exists or DoesNotExist, the 7308 values array must be empty. This array is 7309 replaced during a strategic merge patch. 7310 items: 7311 type: string 7312 type: array 7313 required: 7314 - key 7315 - operator 7316 type: object 7317 type: array 7318 matchLabels: 7319 additionalProperties: 7320 type: string 7321 description: matchLabels is a map of {key,value} 7322 pairs. A single {key,value} in the matchLabels 7323 map is equivalent to an element of matchExpressions, 7324 whose key field is "key", the operator is "In", 7325 and the values array contains only "value". The 7326 requirements are ANDed. 7327 type: object 7328 type: object 7329 namespaces: 7330 description: namespaces specifies which namespaces the 7331 labelSelector applies to (matches against); null or 7332 empty list means "this pod's namespace" 7333 items: 7334 type: string 7335 type: array 7336 topologyKey: 7337 description: This pod should be co-located (affinity) 7338 or not co-located (anti-affinity) with the pods matching 7339 the labelSelector in the specified namespaces, where 7340 co-located is defined as running on a node whose value 7341 of the label with key topologyKey matches that of 7342 any node on which any of the selected pods is running. 7343 Empty topologyKey is not allowed. 7344 type: string 7345 required: 7346 - topologyKey 7347 type: object 7348 type: array 7349 type: object 7350 type: object 7351 alerting: 7352 description: Define details regarding alerting. 7353 properties: 7354 alertmanagers: 7355 description: AlertmanagerEndpoints Prometheus should fire alerts 7356 against. 7357 items: 7358 description: AlertmanagerEndpoints defines a selection of a 7359 single Endpoints object containing alertmanager IPs to fire 7360 alerts against. 7361 properties: 7362 apiVersion: 7363 description: Version of the Alertmanager API that Prometheus 7364 uses to send alerts. It can be "v1" or "v2". 7365 type: string 7366 bearerTokenFile: 7367 description: BearerTokenFile to read from filesystem to 7368 use when authenticating to Alertmanager. 7369 type: string 7370 name: 7371 description: Name of Endpoints object in Namespace. 7372 type: string 7373 namespace: 7374 description: Namespace of Endpoints object. 7375 type: string 7376 pathPrefix: 7377 description: Prefix for the HTTP path alerts are pushed 7378 to. 7379 type: string 7380 port: 7381 anyOf: 7382 - type: integer 7383 - type: string 7384 description: Port the Alertmanager API is exposed on. 7385 x-kubernetes-int-or-string: true 7386 scheme: 7387 description: Scheme to use when firing alerts. 7388 type: string 7389 timeout: 7390 description: Timeout is a per-target Alertmanager timeout 7391 when pushing alerts. 7392 type: string 7393 tlsConfig: 7394 description: TLS Config to use for alertmanager connection. 7395 properties: 7396 ca: 7397 description: Struct containing the CA cert to use for 7398 the targets. 7399 properties: 7400 configMap: 7401 description: ConfigMap containing data to use for 7402 the targets. 7403 properties: 7404 key: 7405 description: The key to select. 7406 type: string 7407 name: 7408 description: 'Name of the referent. More info: 7409 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7410 TODO: Add other useful fields. apiVersion, 7411 kind, uid?' 7412 type: string 7413 optional: 7414 description: Specify whether the ConfigMap or 7415 its key must be defined 7416 type: boolean 7417 required: 7418 - key 7419 type: object 7420 secret: 7421 description: Secret containing data to use for the 7422 targets. 7423 properties: 7424 key: 7425 description: The key of the secret to select 7426 from. Must be a valid secret key. 7427 type: string 7428 name: 7429 description: 'Name of the referent. More info: 7430 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7431 TODO: Add other useful fields. apiVersion, 7432 kind, uid?' 7433 type: string 7434 optional: 7435 description: Specify whether the Secret or its 7436 key must be defined 7437 type: boolean 7438 required: 7439 - key 7440 type: object 7441 type: object 7442 caFile: 7443 description: Path to the CA cert in the Prometheus container 7444 to use for the targets. 7445 type: string 7446 cert: 7447 description: Struct containing the client cert file 7448 for the targets. 7449 properties: 7450 configMap: 7451 description: ConfigMap containing data to use for 7452 the targets. 7453 properties: 7454 key: 7455 description: The key to select. 7456 type: string 7457 name: 7458 description: 'Name of the referent. More info: 7459 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7460 TODO: Add other useful fields. apiVersion, 7461 kind, uid?' 7462 type: string 7463 optional: 7464 description: Specify whether the ConfigMap or 7465 its key must be defined 7466 type: boolean 7467 required: 7468 - key 7469 type: object 7470 secret: 7471 description: Secret containing data to use for the 7472 targets. 7473 properties: 7474 key: 7475 description: The key of the secret to select 7476 from. Must be a valid secret key. 7477 type: string 7478 name: 7479 description: 'Name of the referent. More info: 7480 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7481 TODO: Add other useful fields. apiVersion, 7482 kind, uid?' 7483 type: string 7484 optional: 7485 description: Specify whether the Secret or its 7486 key must be defined 7487 type: boolean 7488 required: 7489 - key 7490 type: object 7491 type: object 7492 certFile: 7493 description: Path to the client cert file in the Prometheus 7494 container for the targets. 7495 type: string 7496 insecureSkipVerify: 7497 description: Disable target certificate validation. 7498 type: boolean 7499 keyFile: 7500 description: Path to the client key file in the Prometheus 7501 container for the targets. 7502 type: string 7503 keySecret: 7504 description: Secret containing the client key file for 7505 the targets. 7506 properties: 7507 key: 7508 description: The key of the secret to select from. Must 7509 be a valid secret key. 7510 type: string 7511 name: 7512 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7513 TODO: Add other useful fields. apiVersion, kind, 7514 uid?' 7515 type: string 7516 optional: 7517 description: Specify whether the Secret or its key 7518 must be defined 7519 type: boolean 7520 required: 7521 - key 7522 type: object 7523 serverName: 7524 description: Used to verify the hostname for the targets. 7525 type: string 7526 type: object 7527 required: 7528 - name 7529 - namespace 7530 - port 7531 type: object 7532 type: array 7533 required: 7534 - alertmanagers 7535 type: object 7536 allowOverlappingBlocks: 7537 description: AllowOverlappingBlocks enables vertical compaction and 7538 vertical query merge in Prometheus. This is still experimental in 7539 Prometheus so it may change in any upcoming release. 7540 type: boolean 7541 apiserverConfig: 7542 description: APIServerConfig allows specifying a host and auth methods 7543 to access apiserver. If left empty, Prometheus is assumed to run 7544 inside of the cluster and will discover API servers automatically 7545 and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. 7546 properties: 7547 basicAuth: 7548 description: BasicAuth allow an endpoint to authenticate over 7549 basic authentication 7550 properties: 7551 password: 7552 description: The secret in the service monitor namespace that 7553 contains the password for authentication. 7554 properties: 7555 key: 7556 description: The key of the secret to select from. Must 7557 be a valid secret key. 7558 type: string 7559 name: 7560 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7561 TODO: Add other useful fields. apiVersion, kind, uid?' 7562 type: string 7563 optional: 7564 description: Specify whether the Secret or its key must 7565 be defined 7566 type: boolean 7567 required: 7568 - key 7569 type: object 7570 username: 7571 description: The secret in the service monitor namespace that 7572 contains the username for authentication. 7573 properties: 7574 key: 7575 description: The key of the secret to select from. Must 7576 be a valid secret key. 7577 type: string 7578 name: 7579 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7580 TODO: Add other useful fields. apiVersion, kind, uid?' 7581 type: string 7582 optional: 7583 description: Specify whether the Secret or its key must 7584 be defined 7585 type: boolean 7586 required: 7587 - key 7588 type: object 7589 type: object 7590 bearerToken: 7591 description: Bearer token for accessing apiserver. 7592 type: string 7593 bearerTokenFile: 7594 description: File to read bearer token for accessing apiserver. 7595 type: string 7596 host: 7597 description: Host of apiserver. A valid string consisting of a 7598 hostname or IP followed by an optional port number 7599 type: string 7600 tlsConfig: 7601 description: TLS Config to use for accessing apiserver. 7602 properties: 7603 ca: 7604 description: Struct containing the CA cert to use for the 7605 targets. 7606 properties: 7607 configMap: 7608 description: ConfigMap containing data to use for the 7609 targets. 7610 properties: 7611 key: 7612 description: The key to select. 7613 type: string 7614 name: 7615 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7616 TODO: Add other useful fields. apiVersion, kind, 7617 uid?' 7618 type: string 7619 optional: 7620 description: Specify whether the ConfigMap or its 7621 key must be defined 7622 type: boolean 7623 required: 7624 - key 7625 type: object 7626 secret: 7627 description: Secret containing data to use for the targets. 7628 properties: 7629 key: 7630 description: The key of the secret to select from. Must 7631 be a valid secret key. 7632 type: string 7633 name: 7634 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7635 TODO: Add other useful fields. apiVersion, kind, 7636 uid?' 7637 type: string 7638 optional: 7639 description: Specify whether the Secret or its key 7640 must be defined 7641 type: boolean 7642 required: 7643 - key 7644 type: object 7645 type: object 7646 caFile: 7647 description: Path to the CA cert in the Prometheus container 7648 to use for the targets. 7649 type: string 7650 cert: 7651 description: Struct containing the client cert file for the 7652 targets. 7653 properties: 7654 configMap: 7655 description: ConfigMap containing data to use for the 7656 targets. 7657 properties: 7658 key: 7659 description: The key to select. 7660 type: string 7661 name: 7662 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7663 TODO: Add other useful fields. apiVersion, kind, 7664 uid?' 7665 type: string 7666 optional: 7667 description: Specify whether the ConfigMap or its 7668 key must be defined 7669 type: boolean 7670 required: 7671 - key 7672 type: object 7673 secret: 7674 description: Secret containing data to use for the targets. 7675 properties: 7676 key: 7677 description: The key of the secret to select from. Must 7678 be a valid secret key. 7679 type: string 7680 name: 7681 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7682 TODO: Add other useful fields. apiVersion, kind, 7683 uid?' 7684 type: string 7685 optional: 7686 description: Specify whether the Secret or its key 7687 must be defined 7688 type: boolean 7689 required: 7690 - key 7691 type: object 7692 type: object 7693 certFile: 7694 description: Path to the client cert file in the Prometheus 7695 container for the targets. 7696 type: string 7697 insecureSkipVerify: 7698 description: Disable target certificate validation. 7699 type: boolean 7700 keyFile: 7701 description: Path to the client key file in the Prometheus 7702 container for the targets. 7703 type: string 7704 keySecret: 7705 description: Secret containing the client key file for the 7706 targets. 7707 properties: 7708 key: 7709 description: The key of the secret to select from. Must 7710 be a valid secret key. 7711 type: string 7712 name: 7713 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7714 TODO: Add other useful fields. apiVersion, kind, uid?' 7715 type: string 7716 optional: 7717 description: Specify whether the Secret or its key must 7718 be defined 7719 type: boolean 7720 required: 7721 - key 7722 type: object 7723 serverName: 7724 description: Used to verify the hostname for the targets. 7725 type: string 7726 type: object 7727 required: 7728 - host 7729 type: object 7730 arbitraryFSAccessThroughSMs: 7731 description: ArbitraryFSAccessThroughSMs configures whether configuration 7732 based on a service monitor can access arbitrary files on the file 7733 system of the Prometheus container e.g. bearer token files. 7734 properties: 7735 deny: 7736 type: boolean 7737 type: object 7738 baseImage: 7739 description: 'Base image to use for a Prometheus deployment. Deprecated: 7740 use ''image'' instead' 7741 type: string 7742 configMaps: 7743 description: ConfigMaps is a list of ConfigMaps in the same namespace 7744 as the Prometheus object, which shall be mounted into the Prometheus 7745 Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name>. 7746 items: 7747 type: string 7748 type: array 7749 containers: 7750 description: 'Containers allows injecting additional containers or 7751 modifying operator generated containers. This can be used to allow 7752 adding an authentication proxy to a Prometheus pod or to change 7753 the behavior of an operator generated container. Containers described 7754 here modify an operator generated container if they share the same 7755 name and modifications are done via a strategic merge patch. The 7756 current container names are: `prometheus`, `config-reloader`, and 7757 `thanos-sidecar`. Overriding containers is entirely outside the 7758 scope of what the maintainers will support and by doing so, you 7759 accept that this behaviour may break at any time without notice.' 7760 items: 7761 description: A single application container that you want to run 7762 within a pod. 7763 properties: 7764 args: 7765 description: 'Arguments to the entrypoint. The docker image''s 7766 CMD is used if this is not provided. Variable references $(VAR_NAME) 7767 are expanded using the container''s environment. If a variable 7768 cannot be resolved, the reference in the input string will 7769 be unchanged. The $(VAR_NAME) syntax can be escaped with a 7770 double $$, ie: $$(VAR_NAME). Escaped references will never 7771 be expanded, regardless of whether the variable exists or 7772 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 7773 items: 7774 type: string 7775 type: array 7776 command: 7777 description: 'Entrypoint array. Not executed within a shell. 7778 The docker image''s ENTRYPOINT is used if this is not provided. 7779 Variable references $(VAR_NAME) are expanded using the container''s 7780 environment. If a variable cannot be resolved, the reference 7781 in the input string will be unchanged. The $(VAR_NAME) syntax 7782 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 7783 references will never be expanded, regardless of whether the 7784 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 7785 items: 7786 type: string 7787 type: array 7788 env: 7789 description: List of environment variables to set in the container. 7790 Cannot be updated. 7791 items: 7792 description: EnvVar represents an environment variable present 7793 in a Container. 7794 properties: 7795 name: 7796 description: Name of the environment variable. Must be 7797 a C_IDENTIFIER. 7798 type: string 7799 value: 7800 description: 'Variable references $(VAR_NAME) are expanded 7801 using the previous defined environment variables in 7802 the container and any service environment variables. 7803 If a variable cannot be resolved, the reference in the 7804 input string will be unchanged. The $(VAR_NAME) syntax 7805 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 7806 references will never be expanded, regardless of whether 7807 the variable exists or not. Defaults to "".' 7808 type: string 7809 valueFrom: 7810 description: Source for the environment variable's value. 7811 Cannot be used if value is not empty. 7812 properties: 7813 configMapKeyRef: 7814 description: Selects a key of a ConfigMap. 7815 properties: 7816 key: 7817 description: The key to select. 7818 type: string 7819 name: 7820 description: 'Name of the referent. More info: 7821 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7822 TODO: Add other useful fields. apiVersion, kind, 7823 uid?' 7824 type: string 7825 optional: 7826 description: Specify whether the ConfigMap or 7827 its key must be defined 7828 type: boolean 7829 required: 7830 - key 7831 type: object 7832 fieldRef: 7833 description: 'Selects a field of the pod: supports 7834 metadata.name, metadata.namespace, metadata.labels, 7835 metadata.annotations, spec.nodeName, spec.serviceAccountName, 7836 status.hostIP, status.podIP, status.podIPs.' 7837 properties: 7838 apiVersion: 7839 description: Version of the schema the FieldPath 7840 is written in terms of, defaults to "v1". 7841 type: string 7842 fieldPath: 7843 description: Path of the field to select in the 7844 specified API version. 7845 type: string 7846 required: 7847 - fieldPath 7848 type: object 7849 resourceFieldRef: 7850 description: 'Selects a resource of the container: 7851 only resources limits and requests (limits.cpu, 7852 limits.memory, limits.ephemeral-storage, requests.cpu, 7853 requests.memory and requests.ephemeral-storage) 7854 are currently supported.' 7855 properties: 7856 containerName: 7857 description: 'Container name: required for volumes, 7858 optional for env vars' 7859 type: string 7860 divisor: 7861 description: Specifies the output format of the 7862 exposed resources, defaults to "1" 7863 type: string 7864 resource: 7865 description: 'Required: resource to select' 7866 type: string 7867 required: 7868 - resource 7869 type: object 7870 secretKeyRef: 7871 description: Selects a key of a secret in the pod's 7872 namespace 7873 properties: 7874 key: 7875 description: The key of the secret to select from. Must 7876 be a valid secret key. 7877 type: string 7878 name: 7879 description: 'Name of the referent. More info: 7880 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7881 TODO: Add other useful fields. apiVersion, kind, 7882 uid?' 7883 type: string 7884 optional: 7885 description: Specify whether the Secret or its 7886 key must be defined 7887 type: boolean 7888 required: 7889 - key 7890 type: object 7891 type: object 7892 required: 7893 - name 7894 type: object 7895 type: array 7896 envFrom: 7897 description: List of sources to populate environment variables 7898 in the container. The keys defined within a source must be 7899 a C_IDENTIFIER. All invalid keys will be reported as an event 7900 when the container is starting. When a key exists in multiple 7901 sources, the value associated with the last source will take 7902 precedence. Values defined by an Env with a duplicate key 7903 will take precedence. Cannot be updated. 7904 items: 7905 description: EnvFromSource represents the source of a set 7906 of ConfigMaps 7907 properties: 7908 configMapRef: 7909 description: The ConfigMap to select from 7910 properties: 7911 name: 7912 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7913 TODO: Add other useful fields. apiVersion, kind, 7914 uid?' 7915 type: string 7916 optional: 7917 description: Specify whether the ConfigMap must be 7918 defined 7919 type: boolean 7920 type: object 7921 prefix: 7922 description: An optional identifier to prepend to each 7923 key in the ConfigMap. Must be a C_IDENTIFIER. 7924 type: string 7925 secretRef: 7926 description: The Secret to select from 7927 properties: 7928 name: 7929 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7930 TODO: Add other useful fields. apiVersion, kind, 7931 uid?' 7932 type: string 7933 optional: 7934 description: Specify whether the Secret must be defined 7935 type: boolean 7936 type: object 7937 type: object 7938 type: array 7939 image: 7940 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7941 This field is optional to allow higher level config management 7942 to default or override container images in workload controllers 7943 like Deployments and StatefulSets.' 7944 type: string 7945 imagePullPolicy: 7946 description: 'Image pull policy. One of Always, Never, IfNotPresent. 7947 Defaults to Always if :latest tag is specified, or IfNotPresent 7948 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 7949 type: string 7950 lifecycle: 7951 description: Actions that the management system should take 7952 in response to container lifecycle events. Cannot be updated. 7953 properties: 7954 postStart: 7955 description: 'PostStart is called immediately after a container 7956 is created. If the handler fails, the container is terminated 7957 and restarted according to its restart policy. Other management 7958 of the container blocks until the hook completes. More 7959 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 7960 properties: 7961 exec: 7962 description: One and only one of the following should 7963 be specified. Exec specifies the action to take. 7964 properties: 7965 command: 7966 description: Command is the command line to execute 7967 inside the container, the working directory for 7968 the command is root ('/') in the container's 7969 filesystem. The command is simply exec'd, it is 7970 not run inside a shell, so traditional shell instructions 7971 ('|', etc) won't work. To use a shell, you need 7972 to explicitly call out to that shell. Exit status 7973 of 0 is treated as live/healthy and non-zero is 7974 unhealthy. 7975 items: 7976 type: string 7977 type: array 7978 type: object 7979 httpGet: 7980 description: HTTPGet specifies the http request to perform. 7981 properties: 7982 host: 7983 description: Host name to connect to, defaults to 7984 the pod IP. You probably want to set "Host" in 7985 httpHeaders instead. 7986 type: string 7987 httpHeaders: 7988 description: Custom headers to set in the request. 7989 HTTP allows repeated headers. 7990 items: 7991 description: HTTPHeader describes a custom header 7992 to be used in HTTP probes 7993 properties: 7994 name: 7995 description: The header field name 7996 type: string 7997 value: 7998 description: The header field value 7999 type: string 8000 required: 8001 - name 8002 - value 8003 type: object 8004 type: array 8005 path: 8006 description: Path to access on the HTTP server. 8007 type: string 8008 port: 8009 anyOf: 8010 - type: integer 8011 - type: string 8012 description: Name or number of the port to access 8013 on the container. Number must be in the range 8014 1 to 65535. Name must be an IANA_SVC_NAME. 8015 x-kubernetes-int-or-string: true 8016 scheme: 8017 description: Scheme to use for connecting to the 8018 host. Defaults to HTTP. 8019 type: string 8020 required: 8021 - port 8022 type: object 8023 tcpSocket: 8024 description: 'TCPSocket specifies an action involving 8025 a TCP port. TCP hooks not yet supported TODO: implement 8026 a realistic TCP lifecycle hook' 8027 properties: 8028 host: 8029 description: 'Optional: Host name to connect to, 8030 defaults to the pod IP.' 8031 type: string 8032 port: 8033 anyOf: 8034 - type: integer 8035 - type: string 8036 description: Number or name of the port to access 8037 on the container. Number must be in the range 8038 1 to 65535. Name must be an IANA_SVC_NAME. 8039 x-kubernetes-int-or-string: true 8040 required: 8041 - port 8042 type: object 8043 type: object 8044 preStop: 8045 description: 'PreStop is called immediately before a container 8046 is terminated due to an API request or management event 8047 such as liveness/startup probe failure, preemption, resource 8048 contention, etc. The handler is not called if the container 8049 crashes or exits. The reason for termination is passed 8050 to the handler. The Pod''s termination grace period countdown 8051 begins before the PreStop hooked is executed. Regardless 8052 of the outcome of the handler, the container will eventually 8053 terminate within the Pod''s termination grace period. 8054 Other management of the container blocks until the hook 8055 completes or until the termination grace period is reached. 8056 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 8057 properties: 8058 exec: 8059 description: One and only one of the following should 8060 be specified. Exec specifies the action to take. 8061 properties: 8062 command: 8063 description: Command is the command line to execute 8064 inside the container, the working directory for 8065 the command is root ('/') in the container's 8066 filesystem. The command is simply exec'd, it is 8067 not run inside a shell, so traditional shell instructions 8068 ('|', etc) won't work. To use a shell, you need 8069 to explicitly call out to that shell. Exit status 8070 of 0 is treated as live/healthy and non-zero is 8071 unhealthy. 8072 items: 8073 type: string 8074 type: array 8075 type: object 8076 httpGet: 8077 description: HTTPGet specifies the http request to perform. 8078 properties: 8079 host: 8080 description: Host name to connect to, defaults to 8081 the pod IP. You probably want to set "Host" in 8082 httpHeaders instead. 8083 type: string 8084 httpHeaders: 8085 description: Custom headers to set in the request. 8086 HTTP allows repeated headers. 8087 items: 8088 description: HTTPHeader describes a custom header 8089 to be used in HTTP probes 8090 properties: 8091 name: 8092 description: The header field name 8093 type: string 8094 value: 8095 description: The header field value 8096 type: string 8097 required: 8098 - name 8099 - value 8100 type: object 8101 type: array 8102 path: 8103 description: Path to access on the HTTP server. 8104 type: string 8105 port: 8106 anyOf: 8107 - type: integer 8108 - type: string 8109 description: Name or number of the port to access 8110 on the container. Number must be in the range 8111 1 to 65535. Name must be an IANA_SVC_NAME. 8112 x-kubernetes-int-or-string: true 8113 scheme: 8114 description: Scheme to use for connecting to the 8115 host. Defaults to HTTP. 8116 type: string 8117 required: 8118 - port 8119 type: object 8120 tcpSocket: 8121 description: 'TCPSocket specifies an action involving 8122 a TCP port. TCP hooks not yet supported TODO: implement 8123 a realistic TCP lifecycle hook' 8124 properties: 8125 host: 8126 description: 'Optional: Host name to connect to, 8127 defaults to the pod IP.' 8128 type: string 8129 port: 8130 anyOf: 8131 - type: integer 8132 - type: string 8133 description: Number or name of the port to access 8134 on the container. Number must be in the range 8135 1 to 65535. Name must be an IANA_SVC_NAME. 8136 x-kubernetes-int-or-string: true 8137 required: 8138 - port 8139 type: object 8140 type: object 8141 type: object 8142 livenessProbe: 8143 description: 'Periodic probe of container liveness. Container 8144 will be restarted if the probe fails. Cannot be updated. More 8145 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8146 properties: 8147 exec: 8148 description: One and only one of the following should be 8149 specified. Exec specifies the action to take. 8150 properties: 8151 command: 8152 description: Command is the command line to execute 8153 inside the container, the working directory for the 8154 command is root ('/') in the container's filesystem. 8155 The command is simply exec'd, it is not run inside 8156 a shell, so traditional shell instructions ('|', etc) 8157 won't work. To use a shell, you need to explicitly 8158 call out to that shell. Exit status of 0 is treated 8159 as live/healthy and non-zero is unhealthy. 8160 items: 8161 type: string 8162 type: array 8163 type: object 8164 failureThreshold: 8165 description: Minimum consecutive failures for the probe 8166 to be considered failed after having succeeded. Defaults 8167 to 3. Minimum value is 1. 8168 format: int32 8169 type: integer 8170 httpGet: 8171 description: HTTPGet specifies the http request to perform. 8172 properties: 8173 host: 8174 description: Host name to connect to, defaults to the 8175 pod IP. You probably want to set "Host" in httpHeaders 8176 instead. 8177 type: string 8178 httpHeaders: 8179 description: Custom headers to set in the request. HTTP 8180 allows repeated headers. 8181 items: 8182 description: HTTPHeader describes a custom header 8183 to be used in HTTP probes 8184 properties: 8185 name: 8186 description: The header field name 8187 type: string 8188 value: 8189 description: The header field value 8190 type: string 8191 required: 8192 - name 8193 - value 8194 type: object 8195 type: array 8196 path: 8197 description: Path to access on the HTTP server. 8198 type: string 8199 port: 8200 anyOf: 8201 - type: integer 8202 - type: string 8203 description: Name or number of the port to access on 8204 the container. Number must be in the range 1 to 65535. 8205 Name must be an IANA_SVC_NAME. 8206 x-kubernetes-int-or-string: true 8207 scheme: 8208 description: Scheme to use for connecting to the host. 8209 Defaults to HTTP. 8210 type: string 8211 required: 8212 - port 8213 type: object 8214 initialDelaySeconds: 8215 description: 'Number of seconds after the container has 8216 started before liveness probes are initiated. More info: 8217 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8218 format: int32 8219 type: integer 8220 periodSeconds: 8221 description: How often (in seconds) to perform the probe. 8222 Default to 10 seconds. Minimum value is 1. 8223 format: int32 8224 type: integer 8225 successThreshold: 8226 description: Minimum consecutive successes for the probe 8227 to be considered successful after having failed. Defaults 8228 to 1. Must be 1 for liveness and startup. Minimum value 8229 is 1. 8230 format: int32 8231 type: integer 8232 tcpSocket: 8233 description: 'TCPSocket specifies an action involving a 8234 TCP port. TCP hooks not yet supported TODO: implement 8235 a realistic TCP lifecycle hook' 8236 properties: 8237 host: 8238 description: 'Optional: Host name to connect to, defaults 8239 to the pod IP.' 8240 type: string 8241 port: 8242 anyOf: 8243 - type: integer 8244 - type: string 8245 description: Number or name of the port to access on 8246 the container. Number must be in the range 1 to 65535. 8247 Name must be an IANA_SVC_NAME. 8248 x-kubernetes-int-or-string: true 8249 required: 8250 - port 8251 type: object 8252 timeoutSeconds: 8253 description: 'Number of seconds after which the probe times 8254 out. Defaults to 1 second. Minimum value is 1. More info: 8255 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8256 format: int32 8257 type: integer 8258 type: object 8259 name: 8260 description: Name of the container specified as a DNS_LABEL. 8261 Each container in a pod must have a unique name (DNS_LABEL). 8262 Cannot be updated. 8263 type: string 8264 ports: 8265 description: List of ports to expose from the container. Exposing 8266 a port here gives the system additional information about 8267 the network connections a container uses, but is primarily 8268 informational. Not specifying a port here DOES NOT prevent 8269 that port from being exposed. Any port which is listening 8270 on the default "0.0.0.0" address inside a container will be 8271 accessible from the network. Cannot be updated. 8272 items: 8273 description: ContainerPort represents a network port in a 8274 single container. 8275 properties: 8276 containerPort: 8277 description: Number of port to expose on the pod's IP 8278 address. This must be a valid port number, 0 < x < 65536. 8279 format: int32 8280 type: integer 8281 hostIP: 8282 description: What host IP to bind the external port to. 8283 type: string 8284 hostPort: 8285 description: Number of port to expose on the host. If 8286 specified, this must be a valid port number, 0 < x < 8287 65536. If HostNetwork is specified, this must match 8288 ContainerPort. Most containers do not need this. 8289 format: int32 8290 type: integer 8291 name: 8292 description: If specified, this must be an IANA_SVC_NAME 8293 and unique within the pod. Each named port in a pod 8294 must have a unique name. Name for the port that can 8295 be referred to by services. 8296 type: string 8297 protocol: 8298 description: Protocol for port. Must be UDP, TCP, or SCTP. 8299 Defaults to "TCP". 8300 type: string 8301 required: 8302 - containerPort 8303 type: object 8304 type: array 8305 readinessProbe: 8306 description: 'Periodic probe of container service readiness. 8307 Container will be removed from service endpoints if the probe 8308 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8309 properties: 8310 exec: 8311 description: One and only one of the following should be 8312 specified. Exec specifies the action to take. 8313 properties: 8314 command: 8315 description: Command is the command line to execute 8316 inside the container, the working directory for the 8317 command is root ('/') in the container's filesystem. 8318 The command is simply exec'd, it is not run inside 8319 a shell, so traditional shell instructions ('|', etc) 8320 won't work. To use a shell, you need to explicitly 8321 call out to that shell. Exit status of 0 is treated 8322 as live/healthy and non-zero is unhealthy. 8323 items: 8324 type: string 8325 type: array 8326 type: object 8327 failureThreshold: 8328 description: Minimum consecutive failures for the probe 8329 to be considered failed after having succeeded. Defaults 8330 to 3. Minimum value is 1. 8331 format: int32 8332 type: integer 8333 httpGet: 8334 description: HTTPGet specifies the http request to perform. 8335 properties: 8336 host: 8337 description: Host name to connect to, defaults to the 8338 pod IP. You probably want to set "Host" in httpHeaders 8339 instead. 8340 type: string 8341 httpHeaders: 8342 description: Custom headers to set in the request. HTTP 8343 allows repeated headers. 8344 items: 8345 description: HTTPHeader describes a custom header 8346 to be used in HTTP probes 8347 properties: 8348 name: 8349 description: The header field name 8350 type: string 8351 value: 8352 description: The header field value 8353 type: string 8354 required: 8355 - name 8356 - value 8357 type: object 8358 type: array 8359 path: 8360 description: Path to access on the HTTP server. 8361 type: string 8362 port: 8363 anyOf: 8364 - type: integer 8365 - type: string 8366 description: Name or number of the port to access on 8367 the container. Number must be in the range 1 to 65535. 8368 Name must be an IANA_SVC_NAME. 8369 x-kubernetes-int-or-string: true 8370 scheme: 8371 description: Scheme to use for connecting to the host. 8372 Defaults to HTTP. 8373 type: string 8374 required: 8375 - port 8376 type: object 8377 initialDelaySeconds: 8378 description: 'Number of seconds after the container has 8379 started before liveness probes are initiated. More info: 8380 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8381 format: int32 8382 type: integer 8383 periodSeconds: 8384 description: How often (in seconds) to perform the probe. 8385 Default to 10 seconds. Minimum value is 1. 8386 format: int32 8387 type: integer 8388 successThreshold: 8389 description: Minimum consecutive successes for the probe 8390 to be considered successful after having failed. Defaults 8391 to 1. Must be 1 for liveness and startup. Minimum value 8392 is 1. 8393 format: int32 8394 type: integer 8395 tcpSocket: 8396 description: 'TCPSocket specifies an action involving a 8397 TCP port. TCP hooks not yet supported TODO: implement 8398 a realistic TCP lifecycle hook' 8399 properties: 8400 host: 8401 description: 'Optional: Host name to connect to, defaults 8402 to the pod IP.' 8403 type: string 8404 port: 8405 anyOf: 8406 - type: integer 8407 - type: string 8408 description: Number or name of the port to access on 8409 the container. Number must be in the range 1 to 65535. 8410 Name must be an IANA_SVC_NAME. 8411 x-kubernetes-int-or-string: true 8412 required: 8413 - port 8414 type: object 8415 timeoutSeconds: 8416 description: 'Number of seconds after which the probe times 8417 out. Defaults to 1 second. Minimum value is 1. More info: 8418 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8419 format: int32 8420 type: integer 8421 type: object 8422 resources: 8423 description: 'Compute Resources required by this container. 8424 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 8425 properties: 8426 limits: 8427 additionalProperties: 8428 type: string 8429 description: 'Limits describes the maximum amount of compute 8430 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 8431 type: object 8432 requests: 8433 additionalProperties: 8434 type: string 8435 description: 'Requests describes the minimum amount of compute 8436 resources required. If Requests is omitted for a container, 8437 it defaults to Limits if that is explicitly specified, 8438 otherwise to an implementation-defined value. More info: 8439 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 8440 type: object 8441 type: object 8442 securityContext: 8443 description: 'Security options the pod should run with. More 8444 info: https://kubernetes.io/docs/concepts/policy/security-context/ 8445 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 8446 properties: 8447 allowPrivilegeEscalation: 8448 description: 'AllowPrivilegeEscalation controls whether 8449 a process can gain more privileges than its parent process. 8450 This bool directly controls if the no_new_privs flag will 8451 be set on the container process. AllowPrivilegeEscalation 8452 is true always when the container is: 1) run as Privileged 8453 2) has CAP_SYS_ADMIN' 8454 type: boolean 8455 capabilities: 8456 description: The capabilities to add/drop when running containers. 8457 Defaults to the default set of capabilities granted by 8458 the container runtime. 8459 properties: 8460 add: 8461 description: Added capabilities 8462 items: 8463 description: Capability represent POSIX capabilities 8464 type 8465 type: string 8466 type: array 8467 drop: 8468 description: Removed capabilities 8469 items: 8470 description: Capability represent POSIX capabilities 8471 type 8472 type: string 8473 type: array 8474 type: object 8475 privileged: 8476 description: Run container in privileged mode. Processes 8477 in privileged containers are essentially equivalent to 8478 root on the host. Defaults to false. 8479 type: boolean 8480 procMount: 8481 description: procMount denotes the type of proc mount to 8482 use for the containers. The default is DefaultProcMount 8483 which uses the container runtime defaults for readonly 8484 paths and masked paths. This requires the ProcMountType 8485 feature flag to be enabled. 8486 type: string 8487 readOnlyRootFilesystem: 8488 description: Whether this container has a read-only root 8489 filesystem. Default is false. 8490 type: boolean 8491 runAsGroup: 8492 description: The GID to run the entrypoint of the container 8493 process. Uses runtime default if unset. May also be set 8494 in PodSecurityContext. If set in both SecurityContext 8495 and PodSecurityContext, the value specified in SecurityContext 8496 takes precedence. 8497 format: int64 8498 type: integer 8499 runAsNonRoot: 8500 description: Indicates that the container must run as a 8501 non-root user. If true, the Kubelet will validate the 8502 image at runtime to ensure that it does not run as UID 8503 0 (root) and fail to start the container if it does. If 8504 unset or false, no such validation will be performed. 8505 May also be set in PodSecurityContext. If set in both 8506 SecurityContext and PodSecurityContext, the value specified 8507 in SecurityContext takes precedence. 8508 type: boolean 8509 runAsUser: 8510 description: The UID to run the entrypoint of the container 8511 process. Defaults to user specified in image metadata 8512 if unspecified. May also be set in PodSecurityContext. If 8513 set in both SecurityContext and PodSecurityContext, the 8514 value specified in SecurityContext takes precedence. 8515 format: int64 8516 type: integer 8517 seLinuxOptions: 8518 description: The SELinux context to be applied to the container. 8519 If unspecified, the container runtime will allocate a 8520 random SELinux context for each container. May also be 8521 set in PodSecurityContext. If set in both SecurityContext 8522 and PodSecurityContext, the value specified in SecurityContext 8523 takes precedence. 8524 properties: 8525 level: 8526 description: Level is SELinux level label that applies 8527 to the container. 8528 type: string 8529 role: 8530 description: Role is a SELinux role label that applies 8531 to the container. 8532 type: string 8533 type: 8534 description: Type is a SELinux type label that applies 8535 to the container. 8536 type: string 8537 user: 8538 description: User is a SELinux user label that applies 8539 to the container. 8540 type: string 8541 type: object 8542 windowsOptions: 8543 description: The Windows specific settings applied to all 8544 containers. If unspecified, the options from the PodSecurityContext 8545 will be used. If set in both SecurityContext and PodSecurityContext, 8546 the value specified in SecurityContext takes precedence. 8547 properties: 8548 gmsaCredentialSpec: 8549 description: GMSACredentialSpec is where the GMSA admission 8550 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 8551 inlines the contents of the GMSA credential spec named 8552 by the GMSACredentialSpecName field. 8553 type: string 8554 gmsaCredentialSpecName: 8555 description: GMSACredentialSpecName is the name of the 8556 GMSA credential spec to use. 8557 type: string 8558 runAsUserName: 8559 description: The UserName in Windows to run the entrypoint 8560 of the container process. Defaults to the user specified 8561 in image metadata if unspecified. May also be set 8562 in PodSecurityContext. If set in both SecurityContext 8563 and PodSecurityContext, the value specified in SecurityContext 8564 takes precedence. 8565 type: string 8566 type: object 8567 type: object 8568 startupProbe: 8569 description: 'StartupProbe indicates that the Pod has successfully 8570 initialized. If specified, no other probes are executed until 8571 this completes successfully. If this probe fails, the Pod 8572 will be restarted, just as if the livenessProbe failed. This 8573 can be used to provide different probe parameters at the beginning 8574 of a Pod''s lifecycle, when it might take a long time to load 8575 data or warm a cache, than during steady-state operation. 8576 This cannot be updated. This is a beta feature enabled by 8577 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8578 properties: 8579 exec: 8580 description: One and only one of the following should be 8581 specified. Exec specifies the action to take. 8582 properties: 8583 command: 8584 description: Command is the command line to execute 8585 inside the container, the working directory for the 8586 command is root ('/') in the container's filesystem. 8587 The command is simply exec'd, it is not run inside 8588 a shell, so traditional shell instructions ('|', etc) 8589 won't work. To use a shell, you need to explicitly 8590 call out to that shell. Exit status of 0 is treated 8591 as live/healthy and non-zero is unhealthy. 8592 items: 8593 type: string 8594 type: array 8595 type: object 8596 failureThreshold: 8597 description: Minimum consecutive failures for the probe 8598 to be considered failed after having succeeded. Defaults 8599 to 3. Minimum value is 1. 8600 format: int32 8601 type: integer 8602 httpGet: 8603 description: HTTPGet specifies the http request to perform. 8604 properties: 8605 host: 8606 description: Host name to connect to, defaults to the 8607 pod IP. You probably want to set "Host" in httpHeaders 8608 instead. 8609 type: string 8610 httpHeaders: 8611 description: Custom headers to set in the request. HTTP 8612 allows repeated headers. 8613 items: 8614 description: HTTPHeader describes a custom header 8615 to be used in HTTP probes 8616 properties: 8617 name: 8618 description: The header field name 8619 type: string 8620 value: 8621 description: The header field value 8622 type: string 8623 required: 8624 - name 8625 - value 8626 type: object 8627 type: array 8628 path: 8629 description: Path to access on the HTTP server. 8630 type: string 8631 port: 8632 anyOf: 8633 - type: integer 8634 - type: string 8635 description: Name or number of the port to access on 8636 the container. Number must be in the range 1 to 65535. 8637 Name must be an IANA_SVC_NAME. 8638 x-kubernetes-int-or-string: true 8639 scheme: 8640 description: Scheme to use for connecting to the host. 8641 Defaults to HTTP. 8642 type: string 8643 required: 8644 - port 8645 type: object 8646 initialDelaySeconds: 8647 description: 'Number of seconds after the container has 8648 started before liveness probes are initiated. More info: 8649 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8650 format: int32 8651 type: integer 8652 periodSeconds: 8653 description: How often (in seconds) to perform the probe. 8654 Default to 10 seconds. Minimum value is 1. 8655 format: int32 8656 type: integer 8657 successThreshold: 8658 description: Minimum consecutive successes for the probe 8659 to be considered successful after having failed. Defaults 8660 to 1. Must be 1 for liveness and startup. Minimum value 8661 is 1. 8662 format: int32 8663 type: integer 8664 tcpSocket: 8665 description: 'TCPSocket specifies an action involving a 8666 TCP port. TCP hooks not yet supported TODO: implement 8667 a realistic TCP lifecycle hook' 8668 properties: 8669 host: 8670 description: 'Optional: Host name to connect to, defaults 8671 to the pod IP.' 8672 type: string 8673 port: 8674 anyOf: 8675 - type: integer 8676 - type: string 8677 description: Number or name of the port to access on 8678 the container. Number must be in the range 1 to 65535. 8679 Name must be an IANA_SVC_NAME. 8680 x-kubernetes-int-or-string: true 8681 required: 8682 - port 8683 type: object 8684 timeoutSeconds: 8685 description: 'Number of seconds after which the probe times 8686 out. Defaults to 1 second. Minimum value is 1. More info: 8687 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 8688 format: int32 8689 type: integer 8690 type: object 8691 stdin: 8692 description: Whether this container should allocate a buffer 8693 for stdin in the container runtime. If this is not set, reads 8694 from stdin in the container will always result in EOF. Default 8695 is false. 8696 type: boolean 8697 stdinOnce: 8698 description: Whether the container runtime should close the 8699 stdin channel after it has been opened by a single attach. 8700 When stdin is true the stdin stream will remain open across 8701 multiple attach sessions. If stdinOnce is set to true, stdin 8702 is opened on container start, is empty until the first client 8703 attaches to stdin, and then remains open and accepts data 8704 until the client disconnects, at which time stdin is closed 8705 and remains closed until the container is restarted. If this 8706 flag is false, a container processes that reads from stdin 8707 will never receive an EOF. Default is false 8708 type: boolean 8709 terminationMessagePath: 8710 description: 'Optional: Path at which the file to which the 8711 container''s termination message will be written is mounted 8712 into the container''s filesystem. Message written is intended 8713 to be brief final status, such as an assertion failure message. 8714 Will be truncated by the node if greater than 4096 bytes. 8715 The total message length across all containers will be limited 8716 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 8717 type: string 8718 terminationMessagePolicy: 8719 description: Indicate how the termination message should be 8720 populated. File will use the contents of terminationMessagePath 8721 to populate the container status message on both success and 8722 failure. FallbackToLogsOnError will use the last chunk of 8723 container log output if the termination message file is empty 8724 and the container exited with an error. The log output is 8725 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 8726 to File. Cannot be updated. 8727 type: string 8728 tty: 8729 description: Whether this container should allocate a TTY for 8730 itself, also requires 'stdin' to be true. Default is false. 8731 type: boolean 8732 volumeDevices: 8733 description: volumeDevices is the list of block devices to be 8734 used by the container. 8735 items: 8736 description: volumeDevice describes a mapping of a raw block 8737 device within a container. 8738 properties: 8739 devicePath: 8740 description: devicePath is the path inside of the container 8741 that the device will be mapped to. 8742 type: string 8743 name: 8744 description: name must match the name of a persistentVolumeClaim 8745 in the pod 8746 type: string 8747 required: 8748 - devicePath 8749 - name 8750 type: object 8751 type: array 8752 volumeMounts: 8753 description: Pod volumes to mount into the container's filesystem. 8754 Cannot be updated. 8755 items: 8756 description: VolumeMount describes a mounting of a Volume 8757 within a container. 8758 properties: 8759 mountPath: 8760 description: Path within the container at which the volume 8761 should be mounted. Must not contain ':'. 8762 type: string 8763 mountPropagation: 8764 description: mountPropagation determines how mounts are 8765 propagated from the host to container and the other 8766 way around. When not set, MountPropagationNone is used. 8767 This field is beta in 1.10. 8768 type: string 8769 name: 8770 description: This must match the Name of a Volume. 8771 type: string 8772 readOnly: 8773 description: Mounted read-only if true, read-write otherwise 8774 (false or unspecified). Defaults to false. 8775 type: boolean 8776 subPath: 8777 description: Path within the volume from which the container's 8778 volume should be mounted. Defaults to "" (volume's root). 8779 type: string 8780 subPathExpr: 8781 description: Expanded path within the volume from which 8782 the container's volume should be mounted. Behaves similarly 8783 to SubPath but environment variable references $(VAR_NAME) 8784 are expanded using the container's environment. Defaults 8785 to "" (volume's root). SubPathExpr and SubPath are mutually 8786 exclusive. 8787 type: string 8788 required: 8789 - mountPath 8790 - name 8791 type: object 8792 type: array 8793 workingDir: 8794 description: Container's working directory. If not specified, 8795 the container runtime's default will be used, which might 8796 be configured in the container image. Cannot be updated. 8797 type: string 8798 required: 8799 - name 8800 type: object 8801 type: array 8802 disableCompaction: 8803 description: Disable prometheus compaction. 8804 type: boolean 8805 enableAdminAPI: 8806 description: 'Enable access to prometheus web admin API. Defaults 8807 to the value of `false`. WARNING: Enabling the admin APIs enables 8808 mutating endpoints, to delete data, shutdown Prometheus, and more. 8809 Enabling this should be done with care and the user is advised to 8810 add additional authentication authorization via a proxy to ensure 8811 only clients authorized to perform these actions can do so. For 8812 more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' 8813 type: boolean 8814 enforcedNamespaceLabel: 8815 description: EnforcedNamespaceLabel enforces adding a namespace label 8816 of origin for each alert and metric that is user created. The label 8817 value will always be the namespace of the object that is being created. 8818 type: string 8819 enforcedSampleLimit: 8820 description: EnforcedSampleLimit defines global limit on number of 8821 scraped samples that will be accepted. This overrides any SampleLimit 8822 set per ServiceMonitor or/and PodMonitor. It is meant to be used 8823 by admins to enforce the SampleLimit to keep overall number of samples/series 8824 under the desired limit. Note that if SampleLimit is lower that 8825 value will be taken instead. 8826 format: int64 8827 type: integer 8828 enforcedTargetLimit: 8829 description: EnforcedTargetLimit defines a global limit on the number 8830 of scraped targets. This overrides any TargetLimit set per ServiceMonitor 8831 or/and PodMonitor. It is meant to be used by admins to enforce the 8832 TargetLimit to keep overall number of targets under the desired 8833 limit. Note that if TargetLimit is higher that value will be taken 8834 instead. 8835 format: int64 8836 type: integer 8837 evaluationInterval: 8838 description: Interval between consecutive evaluations. 8839 type: string 8840 externalLabels: 8841 additionalProperties: 8842 type: string 8843 description: The labels to add to any time series or alerts when communicating 8844 with external systems (federation, remote storage, Alertmanager). 8845 type: object 8846 externalUrl: 8847 description: The external URL the Prometheus instances will be available 8848 under. This is necessary to generate correct URLs. This is necessary 8849 if Prometheus is not served from root of a DNS name. 8850 type: string 8851 ignoreNamespaceSelectors: 8852 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector 8853 settings from the podmonitor and servicemonitor configs, and they 8854 will only discover endpoints within their current namespace. Defaults 8855 to false. 8856 type: boolean 8857 image: 8858 description: Image if specified has precedence over baseImage, tag 8859 and sha combinations. Specifying the version is still necessary 8860 to ensure the Prometheus Operator knows what version of Prometheus 8861 is being configured. 8862 type: string 8863 imagePullSecrets: 8864 description: An optional list of references to secrets in the same 8865 namespace to use for pulling prometheus and alertmanager images 8866 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 8867 items: 8868 description: LocalObjectReference contains enough information to 8869 let you locate the referenced object inside the same namespace. 8870 properties: 8871 name: 8872 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8873 TODO: Add other useful fields. apiVersion, kind, uid?' 8874 type: string 8875 type: object 8876 type: array 8877 initContainers: 8878 description: 'InitContainers allows adding initContainers to the pod 8879 definition. Those can be used to e.g. fetch secrets for injection 8880 into the Prometheus configuration from external sources. Any errors 8881 during the execution of an initContainer will lead to a restart 8882 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 8883 Using initContainers for any use case other then secret fetching 8884 is entirely outside the scope of what the maintainers will support 8885 and by doing so, you accept that this behaviour may break at any 8886 time without notice.' 8887 items: 8888 description: A single application container that you want to run 8889 within a pod. 8890 properties: 8891 args: 8892 description: 'Arguments to the entrypoint. The docker image''s 8893 CMD is used if this is not provided. Variable references $(VAR_NAME) 8894 are expanded using the container''s environment. If a variable 8895 cannot be resolved, the reference in the input string will 8896 be unchanged. The $(VAR_NAME) syntax can be escaped with a 8897 double $$, ie: $$(VAR_NAME). Escaped references will never 8898 be expanded, regardless of whether the variable exists or 8899 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8900 items: 8901 type: string 8902 type: array 8903 command: 8904 description: 'Entrypoint array. Not executed within a shell. 8905 The docker image''s ENTRYPOINT is used if this is not provided. 8906 Variable references $(VAR_NAME) are expanded using the container''s 8907 environment. If a variable cannot be resolved, the reference 8908 in the input string will be unchanged. The $(VAR_NAME) syntax 8909 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 8910 references will never be expanded, regardless of whether the 8911 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 8912 items: 8913 type: string 8914 type: array 8915 env: 8916 description: List of environment variables to set in the container. 8917 Cannot be updated. 8918 items: 8919 description: EnvVar represents an environment variable present 8920 in a Container. 8921 properties: 8922 name: 8923 description: Name of the environment variable. Must be 8924 a C_IDENTIFIER. 8925 type: string 8926 value: 8927 description: 'Variable references $(VAR_NAME) are expanded 8928 using the previous defined environment variables in 8929 the container and any service environment variables. 8930 If a variable cannot be resolved, the reference in the 8931 input string will be unchanged. The $(VAR_NAME) syntax 8932 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 8933 references will never be expanded, regardless of whether 8934 the variable exists or not. Defaults to "".' 8935 type: string 8936 valueFrom: 8937 description: Source for the environment variable's value. 8938 Cannot be used if value is not empty. 8939 properties: 8940 configMapKeyRef: 8941 description: Selects a key of a ConfigMap. 8942 properties: 8943 key: 8944 description: The key to select. 8945 type: string 8946 name: 8947 description: 'Name of the referent. More info: 8948 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8949 TODO: Add other useful fields. apiVersion, kind, 8950 uid?' 8951 type: string 8952 optional: 8953 description: Specify whether the ConfigMap or 8954 its key must be defined 8955 type: boolean 8956 required: 8957 - key 8958 type: object 8959 fieldRef: 8960 description: 'Selects a field of the pod: supports 8961 metadata.name, metadata.namespace, metadata.labels, 8962 metadata.annotations, spec.nodeName, spec.serviceAccountName, 8963 status.hostIP, status.podIP, status.podIPs.' 8964 properties: 8965 apiVersion: 8966 description: Version of the schema the FieldPath 8967 is written in terms of, defaults to "v1". 8968 type: string 8969 fieldPath: 8970 description: Path of the field to select in the 8971 specified API version. 8972 type: string 8973 required: 8974 - fieldPath 8975 type: object 8976 resourceFieldRef: 8977 description: 'Selects a resource of the container: 8978 only resources limits and requests (limits.cpu, 8979 limits.memory, limits.ephemeral-storage, requests.cpu, 8980 requests.memory and requests.ephemeral-storage) 8981 are currently supported.' 8982 properties: 8983 containerName: 8984 description: 'Container name: required for volumes, 8985 optional for env vars' 8986 type: string 8987 divisor: 8988 description: Specifies the output format of the 8989 exposed resources, defaults to "1" 8990 type: string 8991 resource: 8992 description: 'Required: resource to select' 8993 type: string 8994 required: 8995 - resource 8996 type: object 8997 secretKeyRef: 8998 description: Selects a key of a secret in the pod's 8999 namespace 9000 properties: 9001 key: 9002 description: The key of the secret to select from. Must 9003 be a valid secret key. 9004 type: string 9005 name: 9006 description: 'Name of the referent. More info: 9007 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9008 TODO: Add other useful fields. apiVersion, kind, 9009 uid?' 9010 type: string 9011 optional: 9012 description: Specify whether the Secret or its 9013 key must be defined 9014 type: boolean 9015 required: 9016 - key 9017 type: object 9018 type: object 9019 required: 9020 - name 9021 type: object 9022 type: array 9023 envFrom: 9024 description: List of sources to populate environment variables 9025 in the container. The keys defined within a source must be 9026 a C_IDENTIFIER. All invalid keys will be reported as an event 9027 when the container is starting. When a key exists in multiple 9028 sources, the value associated with the last source will take 9029 precedence. Values defined by an Env with a duplicate key 9030 will take precedence. Cannot be updated. 9031 items: 9032 description: EnvFromSource represents the source of a set 9033 of ConfigMaps 9034 properties: 9035 configMapRef: 9036 description: The ConfigMap to select from 9037 properties: 9038 name: 9039 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9040 TODO: Add other useful fields. apiVersion, kind, 9041 uid?' 9042 type: string 9043 optional: 9044 description: Specify whether the ConfigMap must be 9045 defined 9046 type: boolean 9047 type: object 9048 prefix: 9049 description: An optional identifier to prepend to each 9050 key in the ConfigMap. Must be a C_IDENTIFIER. 9051 type: string 9052 secretRef: 9053 description: The Secret to select from 9054 properties: 9055 name: 9056 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9057 TODO: Add other useful fields. apiVersion, kind, 9058 uid?' 9059 type: string 9060 optional: 9061 description: Specify whether the Secret must be defined 9062 type: boolean 9063 type: object 9064 type: object 9065 type: array 9066 image: 9067 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9068 This field is optional to allow higher level config management 9069 to default or override container images in workload controllers 9070 like Deployments and StatefulSets.' 9071 type: string 9072 imagePullPolicy: 9073 description: 'Image pull policy. One of Always, Never, IfNotPresent. 9074 Defaults to Always if :latest tag is specified, or IfNotPresent 9075 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 9076 type: string 9077 lifecycle: 9078 description: Actions that the management system should take 9079 in response to container lifecycle events. Cannot be updated. 9080 properties: 9081 postStart: 9082 description: 'PostStart is called immediately after a container 9083 is created. If the handler fails, the container is terminated 9084 and restarted according to its restart policy. Other management 9085 of the container blocks until the hook completes. More 9086 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 9087 properties: 9088 exec: 9089 description: One and only one of the following should 9090 be specified. Exec specifies the action to take. 9091 properties: 9092 command: 9093 description: Command is the command line to execute 9094 inside the container, the working directory for 9095 the command is root ('/') in the container's 9096 filesystem. The command is simply exec'd, it is 9097 not run inside a shell, so traditional shell instructions 9098 ('|', etc) won't work. To use a shell, you need 9099 to explicitly call out to that shell. Exit status 9100 of 0 is treated as live/healthy and non-zero is 9101 unhealthy. 9102 items: 9103 type: string 9104 type: array 9105 type: object 9106 httpGet: 9107 description: HTTPGet specifies the http request to perform. 9108 properties: 9109 host: 9110 description: Host name to connect to, defaults to 9111 the pod IP. You probably want to set "Host" in 9112 httpHeaders instead. 9113 type: string 9114 httpHeaders: 9115 description: Custom headers to set in the request. 9116 HTTP allows repeated headers. 9117 items: 9118 description: HTTPHeader describes a custom header 9119 to be used in HTTP probes 9120 properties: 9121 name: 9122 description: The header field name 9123 type: string 9124 value: 9125 description: The header field value 9126 type: string 9127 required: 9128 - name 9129 - value 9130 type: object 9131 type: array 9132 path: 9133 description: Path to access on the HTTP server. 9134 type: string 9135 port: 9136 anyOf: 9137 - type: integer 9138 - type: string 9139 description: Name or number of the port to access 9140 on the container. Number must be in the range 9141 1 to 65535. Name must be an IANA_SVC_NAME. 9142 x-kubernetes-int-or-string: true 9143 scheme: 9144 description: Scheme to use for connecting to the 9145 host. Defaults to HTTP. 9146 type: string 9147 required: 9148 - port 9149 type: object 9150 tcpSocket: 9151 description: 'TCPSocket specifies an action involving 9152 a TCP port. TCP hooks not yet supported TODO: implement 9153 a realistic TCP lifecycle hook' 9154 properties: 9155 host: 9156 description: 'Optional: Host name to connect to, 9157 defaults to the pod IP.' 9158 type: string 9159 port: 9160 anyOf: 9161 - type: integer 9162 - type: string 9163 description: Number or name of the port to access 9164 on the container. Number must be in the range 9165 1 to 65535. Name must be an IANA_SVC_NAME. 9166 x-kubernetes-int-or-string: true 9167 required: 9168 - port 9169 type: object 9170 type: object 9171 preStop: 9172 description: 'PreStop is called immediately before a container 9173 is terminated due to an API request or management event 9174 such as liveness/startup probe failure, preemption, resource 9175 contention, etc. The handler is not called if the container 9176 crashes or exits. The reason for termination is passed 9177 to the handler. The Pod''s termination grace period countdown 9178 begins before the PreStop hooked is executed. Regardless 9179 of the outcome of the handler, the container will eventually 9180 terminate within the Pod''s termination grace period. 9181 Other management of the container blocks until the hook 9182 completes or until the termination grace period is reached. 9183 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 9184 properties: 9185 exec: 9186 description: One and only one of the following should 9187 be specified. Exec specifies the action to take. 9188 properties: 9189 command: 9190 description: Command is the command line to execute 9191 inside the container, the working directory for 9192 the command is root ('/') in the container's 9193 filesystem. The command is simply exec'd, it is 9194 not run inside a shell, so traditional shell instructions 9195 ('|', etc) won't work. To use a shell, you need 9196 to explicitly call out to that shell. Exit status 9197 of 0 is treated as live/healthy and non-zero is 9198 unhealthy. 9199 items: 9200 type: string 9201 type: array 9202 type: object 9203 httpGet: 9204 description: HTTPGet specifies the http request to perform. 9205 properties: 9206 host: 9207 description: Host name to connect to, defaults to 9208 the pod IP. You probably want to set "Host" in 9209 httpHeaders instead. 9210 type: string 9211 httpHeaders: 9212 description: Custom headers to set in the request. 9213 HTTP allows repeated headers. 9214 items: 9215 description: HTTPHeader describes a custom header 9216 to be used in HTTP probes 9217 properties: 9218 name: 9219 description: The header field name 9220 type: string 9221 value: 9222 description: The header field value 9223 type: string 9224 required: 9225 - name 9226 - value 9227 type: object 9228 type: array 9229 path: 9230 description: Path to access on the HTTP server. 9231 type: string 9232 port: 9233 anyOf: 9234 - type: integer 9235 - type: string 9236 description: Name or number of the port to access 9237 on the container. Number must be in the range 9238 1 to 65535. Name must be an IANA_SVC_NAME. 9239 x-kubernetes-int-or-string: true 9240 scheme: 9241 description: Scheme to use for connecting to the 9242 host. Defaults to HTTP. 9243 type: string 9244 required: 9245 - port 9246 type: object 9247 tcpSocket: 9248 description: 'TCPSocket specifies an action involving 9249 a TCP port. TCP hooks not yet supported TODO: implement 9250 a realistic TCP lifecycle hook' 9251 properties: 9252 host: 9253 description: 'Optional: Host name to connect to, 9254 defaults to the pod IP.' 9255 type: string 9256 port: 9257 anyOf: 9258 - type: integer 9259 - type: string 9260 description: Number or name of the port to access 9261 on the container. Number must be in the range 9262 1 to 65535. Name must be an IANA_SVC_NAME. 9263 x-kubernetes-int-or-string: true 9264 required: 9265 - port 9266 type: object 9267 type: object 9268 type: object 9269 livenessProbe: 9270 description: 'Periodic probe of container liveness. Container 9271 will be restarted if the probe fails. Cannot be updated. More 9272 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9273 properties: 9274 exec: 9275 description: One and only one of the following should be 9276 specified. Exec specifies the action to take. 9277 properties: 9278 command: 9279 description: Command is the command line to execute 9280 inside the container, the working directory for the 9281 command is root ('/') in the container's filesystem. 9282 The command is simply exec'd, it is not run inside 9283 a shell, so traditional shell instructions ('|', etc) 9284 won't work. To use a shell, you need to explicitly 9285 call out to that shell. Exit status of 0 is treated 9286 as live/healthy and non-zero is unhealthy. 9287 items: 9288 type: string 9289 type: array 9290 type: object 9291 failureThreshold: 9292 description: Minimum consecutive failures for the probe 9293 to be considered failed after having succeeded. Defaults 9294 to 3. Minimum value is 1. 9295 format: int32 9296 type: integer 9297 httpGet: 9298 description: HTTPGet specifies the http request to perform. 9299 properties: 9300 host: 9301 description: Host name to connect to, defaults to the 9302 pod IP. You probably want to set "Host" in httpHeaders 9303 instead. 9304 type: string 9305 httpHeaders: 9306 description: Custom headers to set in the request. HTTP 9307 allows repeated headers. 9308 items: 9309 description: HTTPHeader describes a custom header 9310 to be used in HTTP probes 9311 properties: 9312 name: 9313 description: The header field name 9314 type: string 9315 value: 9316 description: The header field value 9317 type: string 9318 required: 9319 - name 9320 - value 9321 type: object 9322 type: array 9323 path: 9324 description: Path to access on the HTTP server. 9325 type: string 9326 port: 9327 anyOf: 9328 - type: integer 9329 - type: string 9330 description: Name or number of the port to access on 9331 the container. Number must be in the range 1 to 65535. 9332 Name must be an IANA_SVC_NAME. 9333 x-kubernetes-int-or-string: true 9334 scheme: 9335 description: Scheme to use for connecting to the host. 9336 Defaults to HTTP. 9337 type: string 9338 required: 9339 - port 9340 type: object 9341 initialDelaySeconds: 9342 description: 'Number of seconds after the container has 9343 started before liveness probes are initiated. More info: 9344 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9345 format: int32 9346 type: integer 9347 periodSeconds: 9348 description: How often (in seconds) to perform the probe. 9349 Default to 10 seconds. Minimum value is 1. 9350 format: int32 9351 type: integer 9352 successThreshold: 9353 description: Minimum consecutive successes for the probe 9354 to be considered successful after having failed. Defaults 9355 to 1. Must be 1 for liveness and startup. Minimum value 9356 is 1. 9357 format: int32 9358 type: integer 9359 tcpSocket: 9360 description: 'TCPSocket specifies an action involving a 9361 TCP port. TCP hooks not yet supported TODO: implement 9362 a realistic TCP lifecycle hook' 9363 properties: 9364 host: 9365 description: 'Optional: Host name to connect to, defaults 9366 to the pod IP.' 9367 type: string 9368 port: 9369 anyOf: 9370 - type: integer 9371 - type: string 9372 description: Number or name of the port to access on 9373 the container. Number must be in the range 1 to 65535. 9374 Name must be an IANA_SVC_NAME. 9375 x-kubernetes-int-or-string: true 9376 required: 9377 - port 9378 type: object 9379 timeoutSeconds: 9380 description: 'Number of seconds after which the probe times 9381 out. Defaults to 1 second. Minimum value is 1. More info: 9382 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9383 format: int32 9384 type: integer 9385 type: object 9386 name: 9387 description: Name of the container specified as a DNS_LABEL. 9388 Each container in a pod must have a unique name (DNS_LABEL). 9389 Cannot be updated. 9390 type: string 9391 ports: 9392 description: List of ports to expose from the container. Exposing 9393 a port here gives the system additional information about 9394 the network connections a container uses, but is primarily 9395 informational. Not specifying a port here DOES NOT prevent 9396 that port from being exposed. Any port which is listening 9397 on the default "0.0.0.0" address inside a container will be 9398 accessible from the network. Cannot be updated. 9399 items: 9400 description: ContainerPort represents a network port in a 9401 single container. 9402 properties: 9403 containerPort: 9404 description: Number of port to expose on the pod's IP 9405 address. This must be a valid port number, 0 < x < 65536. 9406 format: int32 9407 type: integer 9408 hostIP: 9409 description: What host IP to bind the external port to. 9410 type: string 9411 hostPort: 9412 description: Number of port to expose on the host. If 9413 specified, this must be a valid port number, 0 < x < 9414 65536. If HostNetwork is specified, this must match 9415 ContainerPort. Most containers do not need this. 9416 format: int32 9417 type: integer 9418 name: 9419 description: If specified, this must be an IANA_SVC_NAME 9420 and unique within the pod. Each named port in a pod 9421 must have a unique name. Name for the port that can 9422 be referred to by services. 9423 type: string 9424 protocol: 9425 description: Protocol for port. Must be UDP, TCP, or SCTP. 9426 Defaults to "TCP". 9427 type: string 9428 required: 9429 - containerPort 9430 type: object 9431 type: array 9432 readinessProbe: 9433 description: 'Periodic probe of container service readiness. 9434 Container will be removed from service endpoints if the probe 9435 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9436 properties: 9437 exec: 9438 description: One and only one of the following should be 9439 specified. Exec specifies the action to take. 9440 properties: 9441 command: 9442 description: Command is the command line to execute 9443 inside the container, the working directory for the 9444 command is root ('/') in the container's filesystem. 9445 The command is simply exec'd, it is not run inside 9446 a shell, so traditional shell instructions ('|', etc) 9447 won't work. To use a shell, you need to explicitly 9448 call out to that shell. Exit status of 0 is treated 9449 as live/healthy and non-zero is unhealthy. 9450 items: 9451 type: string 9452 type: array 9453 type: object 9454 failureThreshold: 9455 description: Minimum consecutive failures for the probe 9456 to be considered failed after having succeeded. Defaults 9457 to 3. Minimum value is 1. 9458 format: int32 9459 type: integer 9460 httpGet: 9461 description: HTTPGet specifies the http request to perform. 9462 properties: 9463 host: 9464 description: Host name to connect to, defaults to the 9465 pod IP. You probably want to set "Host" in httpHeaders 9466 instead. 9467 type: string 9468 httpHeaders: 9469 description: Custom headers to set in the request. HTTP 9470 allows repeated headers. 9471 items: 9472 description: HTTPHeader describes a custom header 9473 to be used in HTTP probes 9474 properties: 9475 name: 9476 description: The header field name 9477 type: string 9478 value: 9479 description: The header field value 9480 type: string 9481 required: 9482 - name 9483 - value 9484 type: object 9485 type: array 9486 path: 9487 description: Path to access on the HTTP server. 9488 type: string 9489 port: 9490 anyOf: 9491 - type: integer 9492 - type: string 9493 description: Name or number of the port to access on 9494 the container. Number must be in the range 1 to 65535. 9495 Name must be an IANA_SVC_NAME. 9496 x-kubernetes-int-or-string: true 9497 scheme: 9498 description: Scheme to use for connecting to the host. 9499 Defaults to HTTP. 9500 type: string 9501 required: 9502 - port 9503 type: object 9504 initialDelaySeconds: 9505 description: 'Number of seconds after the container has 9506 started before liveness probes are initiated. More info: 9507 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9508 format: int32 9509 type: integer 9510 periodSeconds: 9511 description: How often (in seconds) to perform the probe. 9512 Default to 10 seconds. Minimum value is 1. 9513 format: int32 9514 type: integer 9515 successThreshold: 9516 description: Minimum consecutive successes for the probe 9517 to be considered successful after having failed. Defaults 9518 to 1. Must be 1 for liveness and startup. Minimum value 9519 is 1. 9520 format: int32 9521 type: integer 9522 tcpSocket: 9523 description: 'TCPSocket specifies an action involving a 9524 TCP port. TCP hooks not yet supported TODO: implement 9525 a realistic TCP lifecycle hook' 9526 properties: 9527 host: 9528 description: 'Optional: Host name to connect to, defaults 9529 to the pod IP.' 9530 type: string 9531 port: 9532 anyOf: 9533 - type: integer 9534 - type: string 9535 description: Number or name of the port to access on 9536 the container. Number must be in the range 1 to 65535. 9537 Name must be an IANA_SVC_NAME. 9538 x-kubernetes-int-or-string: true 9539 required: 9540 - port 9541 type: object 9542 timeoutSeconds: 9543 description: 'Number of seconds after which the probe times 9544 out. Defaults to 1 second. Minimum value is 1. More info: 9545 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9546 format: int32 9547 type: integer 9548 type: object 9549 resources: 9550 description: 'Compute Resources required by this container. 9551 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 9552 properties: 9553 limits: 9554 additionalProperties: 9555 type: string 9556 description: 'Limits describes the maximum amount of compute 9557 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 9558 type: object 9559 requests: 9560 additionalProperties: 9561 type: string 9562 description: 'Requests describes the minimum amount of compute 9563 resources required. If Requests is omitted for a container, 9564 it defaults to Limits if that is explicitly specified, 9565 otherwise to an implementation-defined value. More info: 9566 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 9567 type: object 9568 type: object 9569 securityContext: 9570 description: 'Security options the pod should run with. More 9571 info: https://kubernetes.io/docs/concepts/policy/security-context/ 9572 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 9573 properties: 9574 allowPrivilegeEscalation: 9575 description: 'AllowPrivilegeEscalation controls whether 9576 a process can gain more privileges than its parent process. 9577 This bool directly controls if the no_new_privs flag will 9578 be set on the container process. AllowPrivilegeEscalation 9579 is true always when the container is: 1) run as Privileged 9580 2) has CAP_SYS_ADMIN' 9581 type: boolean 9582 capabilities: 9583 description: The capabilities to add/drop when running containers. 9584 Defaults to the default set of capabilities granted by 9585 the container runtime. 9586 properties: 9587 add: 9588 description: Added capabilities 9589 items: 9590 description: Capability represent POSIX capabilities 9591 type 9592 type: string 9593 type: array 9594 drop: 9595 description: Removed capabilities 9596 items: 9597 description: Capability represent POSIX capabilities 9598 type 9599 type: string 9600 type: array 9601 type: object 9602 privileged: 9603 description: Run container in privileged mode. Processes 9604 in privileged containers are essentially equivalent to 9605 root on the host. Defaults to false. 9606 type: boolean 9607 procMount: 9608 description: procMount denotes the type of proc mount to 9609 use for the containers. The default is DefaultProcMount 9610 which uses the container runtime defaults for readonly 9611 paths and masked paths. This requires the ProcMountType 9612 feature flag to be enabled. 9613 type: string 9614 readOnlyRootFilesystem: 9615 description: Whether this container has a read-only root 9616 filesystem. Default is false. 9617 type: boolean 9618 runAsGroup: 9619 description: The GID to run the entrypoint of the container 9620 process. Uses runtime default if unset. May also be set 9621 in PodSecurityContext. If set in both SecurityContext 9622 and PodSecurityContext, the value specified in SecurityContext 9623 takes precedence. 9624 format: int64 9625 type: integer 9626 runAsNonRoot: 9627 description: Indicates that the container must run as a 9628 non-root user. If true, the Kubelet will validate the 9629 image at runtime to ensure that it does not run as UID 9630 0 (root) and fail to start the container if it does. If 9631 unset or false, no such validation will be performed. 9632 May also be set in PodSecurityContext. If set in both 9633 SecurityContext and PodSecurityContext, the value specified 9634 in SecurityContext takes precedence. 9635 type: boolean 9636 runAsUser: 9637 description: The UID to run the entrypoint of the container 9638 process. Defaults to user specified in image metadata 9639 if unspecified. May also be set in PodSecurityContext. If 9640 set in both SecurityContext and PodSecurityContext, the 9641 value specified in SecurityContext takes precedence. 9642 format: int64 9643 type: integer 9644 seLinuxOptions: 9645 description: The SELinux context to be applied to the container. 9646 If unspecified, the container runtime will allocate a 9647 random SELinux context for each container. May also be 9648 set in PodSecurityContext. If set in both SecurityContext 9649 and PodSecurityContext, the value specified in SecurityContext 9650 takes precedence. 9651 properties: 9652 level: 9653 description: Level is SELinux level label that applies 9654 to the container. 9655 type: string 9656 role: 9657 description: Role is a SELinux role label that applies 9658 to the container. 9659 type: string 9660 type: 9661 description: Type is a SELinux type label that applies 9662 to the container. 9663 type: string 9664 user: 9665 description: User is a SELinux user label that applies 9666 to the container. 9667 type: string 9668 type: object 9669 windowsOptions: 9670 description: The Windows specific settings applied to all 9671 containers. If unspecified, the options from the PodSecurityContext 9672 will be used. If set in both SecurityContext and PodSecurityContext, 9673 the value specified in SecurityContext takes precedence. 9674 properties: 9675 gmsaCredentialSpec: 9676 description: GMSACredentialSpec is where the GMSA admission 9677 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 9678 inlines the contents of the GMSA credential spec named 9679 by the GMSACredentialSpecName field. 9680 type: string 9681 gmsaCredentialSpecName: 9682 description: GMSACredentialSpecName is the name of the 9683 GMSA credential spec to use. 9684 type: string 9685 runAsUserName: 9686 description: The UserName in Windows to run the entrypoint 9687 of the container process. Defaults to the user specified 9688 in image metadata if unspecified. May also be set 9689 in PodSecurityContext. If set in both SecurityContext 9690 and PodSecurityContext, the value specified in SecurityContext 9691 takes precedence. 9692 type: string 9693 type: object 9694 type: object 9695 startupProbe: 9696 description: 'StartupProbe indicates that the Pod has successfully 9697 initialized. If specified, no other probes are executed until 9698 this completes successfully. If this probe fails, the Pod 9699 will be restarted, just as if the livenessProbe failed. This 9700 can be used to provide different probe parameters at the beginning 9701 of a Pod''s lifecycle, when it might take a long time to load 9702 data or warm a cache, than during steady-state operation. 9703 This cannot be updated. This is a beta feature enabled by 9704 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9705 properties: 9706 exec: 9707 description: One and only one of the following should be 9708 specified. Exec specifies the action to take. 9709 properties: 9710 command: 9711 description: Command is the command line to execute 9712 inside the container, the working directory for the 9713 command is root ('/') in the container's filesystem. 9714 The command is simply exec'd, it is not run inside 9715 a shell, so traditional shell instructions ('|', etc) 9716 won't work. To use a shell, you need to explicitly 9717 call out to that shell. Exit status of 0 is treated 9718 as live/healthy and non-zero is unhealthy. 9719 items: 9720 type: string 9721 type: array 9722 type: object 9723 failureThreshold: 9724 description: Minimum consecutive failures for the probe 9725 to be considered failed after having succeeded. Defaults 9726 to 3. Minimum value is 1. 9727 format: int32 9728 type: integer 9729 httpGet: 9730 description: HTTPGet specifies the http request to perform. 9731 properties: 9732 host: 9733 description: Host name to connect to, defaults to the 9734 pod IP. You probably want to set "Host" in httpHeaders 9735 instead. 9736 type: string 9737 httpHeaders: 9738 description: Custom headers to set in the request. HTTP 9739 allows repeated headers. 9740 items: 9741 description: HTTPHeader describes a custom header 9742 to be used in HTTP probes 9743 properties: 9744 name: 9745 description: The header field name 9746 type: string 9747 value: 9748 description: The header field value 9749 type: string 9750 required: 9751 - name 9752 - value 9753 type: object 9754 type: array 9755 path: 9756 description: Path to access on the HTTP server. 9757 type: string 9758 port: 9759 anyOf: 9760 - type: integer 9761 - type: string 9762 description: Name or number of the port to access on 9763 the container. Number must be in the range 1 to 65535. 9764 Name must be an IANA_SVC_NAME. 9765 x-kubernetes-int-or-string: true 9766 scheme: 9767 description: Scheme to use for connecting to the host. 9768 Defaults to HTTP. 9769 type: string 9770 required: 9771 - port 9772 type: object 9773 initialDelaySeconds: 9774 description: 'Number of seconds after the container has 9775 started before liveness probes are initiated. More info: 9776 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9777 format: int32 9778 type: integer 9779 periodSeconds: 9780 description: How often (in seconds) to perform the probe. 9781 Default to 10 seconds. Minimum value is 1. 9782 format: int32 9783 type: integer 9784 successThreshold: 9785 description: Minimum consecutive successes for the probe 9786 to be considered successful after having failed. Defaults 9787 to 1. Must be 1 for liveness and startup. Minimum value 9788 is 1. 9789 format: int32 9790 type: integer 9791 tcpSocket: 9792 description: 'TCPSocket specifies an action involving a 9793 TCP port. TCP hooks not yet supported TODO: implement 9794 a realistic TCP lifecycle hook' 9795 properties: 9796 host: 9797 description: 'Optional: Host name to connect to, defaults 9798 to the pod IP.' 9799 type: string 9800 port: 9801 anyOf: 9802 - type: integer 9803 - type: string 9804 description: Number or name of the port to access on 9805 the container. Number must be in the range 1 to 65535. 9806 Name must be an IANA_SVC_NAME. 9807 x-kubernetes-int-or-string: true 9808 required: 9809 - port 9810 type: object 9811 timeoutSeconds: 9812 description: 'Number of seconds after which the probe times 9813 out. Defaults to 1 second. Minimum value is 1. More info: 9814 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 9815 format: int32 9816 type: integer 9817 type: object 9818 stdin: 9819 description: Whether this container should allocate a buffer 9820 for stdin in the container runtime. If this is not set, reads 9821 from stdin in the container will always result in EOF. Default 9822 is false. 9823 type: boolean 9824 stdinOnce: 9825 description: Whether the container runtime should close the 9826 stdin channel after it has been opened by a single attach. 9827 When stdin is true the stdin stream will remain open across 9828 multiple attach sessions. If stdinOnce is set to true, stdin 9829 is opened on container start, is empty until the first client 9830 attaches to stdin, and then remains open and accepts data 9831 until the client disconnects, at which time stdin is closed 9832 and remains closed until the container is restarted. If this 9833 flag is false, a container processes that reads from stdin 9834 will never receive an EOF. Default is false 9835 type: boolean 9836 terminationMessagePath: 9837 description: 'Optional: Path at which the file to which the 9838 container''s termination message will be written is mounted 9839 into the container''s filesystem. Message written is intended 9840 to be brief final status, such as an assertion failure message. 9841 Will be truncated by the node if greater than 4096 bytes. 9842 The total message length across all containers will be limited 9843 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 9844 type: string 9845 terminationMessagePolicy: 9846 description: Indicate how the termination message should be 9847 populated. File will use the contents of terminationMessagePath 9848 to populate the container status message on both success and 9849 failure. FallbackToLogsOnError will use the last chunk of 9850 container log output if the termination message file is empty 9851 and the container exited with an error. The log output is 9852 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 9853 to File. Cannot be updated. 9854 type: string 9855 tty: 9856 description: Whether this container should allocate a TTY for 9857 itself, also requires 'stdin' to be true. Default is false. 9858 type: boolean 9859 volumeDevices: 9860 description: volumeDevices is the list of block devices to be 9861 used by the container. 9862 items: 9863 description: volumeDevice describes a mapping of a raw block 9864 device within a container. 9865 properties: 9866 devicePath: 9867 description: devicePath is the path inside of the container 9868 that the device will be mapped to. 9869 type: string 9870 name: 9871 description: name must match the name of a persistentVolumeClaim 9872 in the pod 9873 type: string 9874 required: 9875 - devicePath 9876 - name 9877 type: object 9878 type: array 9879 volumeMounts: 9880 description: Pod volumes to mount into the container's filesystem. 9881 Cannot be updated. 9882 items: 9883 description: VolumeMount describes a mounting of a Volume 9884 within a container. 9885 properties: 9886 mountPath: 9887 description: Path within the container at which the volume 9888 should be mounted. Must not contain ':'. 9889 type: string 9890 mountPropagation: 9891 description: mountPropagation determines how mounts are 9892 propagated from the host to container and the other 9893 way around. When not set, MountPropagationNone is used. 9894 This field is beta in 1.10. 9895 type: string 9896 name: 9897 description: This must match the Name of a Volume. 9898 type: string 9899 readOnly: 9900 description: Mounted read-only if true, read-write otherwise 9901 (false or unspecified). Defaults to false. 9902 type: boolean 9903 subPath: 9904 description: Path within the volume from which the container's 9905 volume should be mounted. Defaults to "" (volume's root). 9906 type: string 9907 subPathExpr: 9908 description: Expanded path within the volume from which 9909 the container's volume should be mounted. Behaves similarly 9910 to SubPath but environment variable references $(VAR_NAME) 9911 are expanded using the container's environment. Defaults 9912 to "" (volume's root). SubPathExpr and SubPath are mutually 9913 exclusive. 9914 type: string 9915 required: 9916 - mountPath 9917 - name 9918 type: object 9919 type: array 9920 workingDir: 9921 description: Container's working directory. If not specified, 9922 the container runtime's default will be used, which might 9923 be configured in the container image. Cannot be updated. 9924 type: string 9925 required: 9926 - name 9927 type: object 9928 type: array 9929 listenLocal: 9930 description: ListenLocal makes the Prometheus server listen on loopback, 9931 so that it does not bind against the Pod IP. 9932 type: boolean 9933 logFormat: 9934 description: Log format for Prometheus to be configured with. 9935 type: string 9936 logLevel: 9937 description: Log level for Prometheus to be configured with. 9938 type: string 9939 nodeSelector: 9940 additionalProperties: 9941 type: string 9942 description: Define which Nodes the Pods are scheduled on. 9943 type: object 9944 overrideHonorLabels: 9945 description: OverrideHonorLabels if set to true overrides all user 9946 configured honor_labels. If HonorLabels is set in ServiceMonitor 9947 or PodMonitor to true, this overrides honor_labels to false. 9948 type: boolean 9949 overrideHonorTimestamps: 9950 description: OverrideHonorTimestamps allows to globally enforce honoring 9951 timestamps in all scrape configs. 9952 type: boolean 9953 paused: 9954 description: When a Prometheus deployment is paused, no actions except 9955 for deletion will be performed on the underlying objects. 9956 type: boolean 9957 podMetadata: 9958 description: PodMetadata configures Labels and Annotations which are 9959 propagated to the prometheus pods. 9960 properties: 9961 annotations: 9962 additionalProperties: 9963 type: string 9964 description: 'Annotations is an unstructured key value map stored 9965 with a resource that may be set by external tools to store and 9966 retrieve arbitrary metadata. They are not queryable and should 9967 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 9968 type: object 9969 labels: 9970 additionalProperties: 9971 type: string 9972 description: 'Map of string keys and values that can be used to 9973 organize and categorize (scope and select) objects. May match 9974 selectors of replication controllers and services. More info: 9975 http://kubernetes.io/docs/user-guide/labels' 9976 type: object 9977 name: 9978 description: 'Name must be unique within a namespace. Is required 9979 when creating resources, although some resources may allow a 9980 client to request the generation of an appropriate name automatically. 9981 Name is primarily intended for creation idempotence and configuration 9982 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 9983 type: string 9984 type: object 9985 podMonitorNamespaceSelector: 9986 description: Namespaces to be selected for PodMonitor discovery. If 9987 nil, only check own namespace. 9988 properties: 9989 matchExpressions: 9990 description: matchExpressions is a list of label selector requirements. 9991 The requirements are ANDed. 9992 items: 9993 description: A label selector requirement is a selector that 9994 contains values, a key, and an operator that relates the key 9995 and values. 9996 properties: 9997 key: 9998 description: key is the label key that the selector applies 9999 to. 10000 type: string 10001 operator: 10002 description: operator represents a key's relationship to 10003 a set of values. Valid operators are In, NotIn, Exists 10004 and DoesNotExist. 10005 type: string 10006 values: 10007 description: values is an array of string values. If the 10008 operator is In or NotIn, the values array must be non-empty. 10009 If the operator is Exists or DoesNotExist, the values 10010 array must be empty. This array is replaced during a strategic 10011 merge patch. 10012 items: 10013 type: string 10014 type: array 10015 required: 10016 - key 10017 - operator 10018 type: object 10019 type: array 10020 matchLabels: 10021 additionalProperties: 10022 type: string 10023 description: matchLabels is a map of {key,value} pairs. A single 10024 {key,value} in the matchLabels map is equivalent to an element 10025 of matchExpressions, whose key field is "key", the operator 10026 is "In", and the values array contains only "value". The requirements 10027 are ANDed. 10028 type: object 10029 type: object 10030 podMonitorSelector: 10031 description: '*Experimental* PodMonitors to be selected for target 10032 discovery. *Deprecated:* if neither this nor serviceMonitorSelector 10033 are specified, configuration is unmanaged.' 10034 properties: 10035 matchExpressions: 10036 description: matchExpressions is a list of label selector requirements. 10037 The requirements are ANDed. 10038 items: 10039 description: A label selector requirement is a selector that 10040 contains values, a key, and an operator that relates the key 10041 and values. 10042 properties: 10043 key: 10044 description: key is the label key that the selector applies 10045 to. 10046 type: string 10047 operator: 10048 description: operator represents a key's relationship to 10049 a set of values. Valid operators are In, NotIn, Exists 10050 and DoesNotExist. 10051 type: string 10052 values: 10053 description: values is an array of string values. If the 10054 operator is In or NotIn, the values array must be non-empty. 10055 If the operator is Exists or DoesNotExist, the values 10056 array must be empty. This array is replaced during a strategic 10057 merge patch. 10058 items: 10059 type: string 10060 type: array 10061 required: 10062 - key 10063 - operator 10064 type: object 10065 type: array 10066 matchLabels: 10067 additionalProperties: 10068 type: string 10069 description: matchLabels is a map of {key,value} pairs. A single 10070 {key,value} in the matchLabels map is equivalent to an element 10071 of matchExpressions, whose key field is "key", the operator 10072 is "In", and the values array contains only "value". The requirements 10073 are ANDed. 10074 type: object 10075 type: object 10076 portName: 10077 description: Port name used for the pods and governing service. This 10078 defaults to web 10079 type: string 10080 priorityClassName: 10081 description: Priority class assigned to the Pods 10082 type: string 10083 probeNamespaceSelector: 10084 description: '*Experimental* Namespaces to be selected for Probe discovery. 10085 If nil, only check own namespace.' 10086 properties: 10087 matchExpressions: 10088 description: matchExpressions is a list of label selector requirements. 10089 The requirements are ANDed. 10090 items: 10091 description: A label selector requirement is a selector that 10092 contains values, a key, and an operator that relates the key 10093 and values. 10094 properties: 10095 key: 10096 description: key is the label key that the selector applies 10097 to. 10098 type: string 10099 operator: 10100 description: operator represents a key's relationship to 10101 a set of values. Valid operators are In, NotIn, Exists 10102 and DoesNotExist. 10103 type: string 10104 values: 10105 description: values is an array of string values. If the 10106 operator is In or NotIn, the values array must be non-empty. 10107 If the operator is Exists or DoesNotExist, the values 10108 array must be empty. This array is replaced during a strategic 10109 merge patch. 10110 items: 10111 type: string 10112 type: array 10113 required: 10114 - key 10115 - operator 10116 type: object 10117 type: array 10118 matchLabels: 10119 additionalProperties: 10120 type: string 10121 description: matchLabels is a map of {key,value} pairs. A single 10122 {key,value} in the matchLabels map is equivalent to an element 10123 of matchExpressions, whose key field is "key", the operator 10124 is "In", and the values array contains only "value". The requirements 10125 are ANDed. 10126 type: object 10127 type: object 10128 probeSelector: 10129 description: '*Experimental* Probes to be selected for target discovery.' 10130 properties: 10131 matchExpressions: 10132 description: matchExpressions is a list of label selector requirements. 10133 The requirements are ANDed. 10134 items: 10135 description: A label selector requirement is a selector that 10136 contains values, a key, and an operator that relates the key 10137 and values. 10138 properties: 10139 key: 10140 description: key is the label key that the selector applies 10141 to. 10142 type: string 10143 operator: 10144 description: operator represents a key's relationship to 10145 a set of values. Valid operators are In, NotIn, Exists 10146 and DoesNotExist. 10147 type: string 10148 values: 10149 description: values is an array of string values. If the 10150 operator is In or NotIn, the values array must be non-empty. 10151 If the operator is Exists or DoesNotExist, the values 10152 array must be empty. This array is replaced during a strategic 10153 merge patch. 10154 items: 10155 type: string 10156 type: array 10157 required: 10158 - key 10159 - operator 10160 type: object 10161 type: array 10162 matchLabels: 10163 additionalProperties: 10164 type: string 10165 description: matchLabels is a map of {key,value} pairs. A single 10166 {key,value} in the matchLabels map is equivalent to an element 10167 of matchExpressions, whose key field is "key", the operator 10168 is "In", and the values array contains only "value". The requirements 10169 are ANDed. 10170 type: object 10171 type: object 10172 prometheusExternalLabelName: 10173 description: Name of Prometheus external label used to denote Prometheus 10174 instance name. Defaults to the value of `prometheus`. External label 10175 will _not_ be added when value is set to empty string (`""`). 10176 type: string 10177 prometheusRulesExcludedFromEnforce: 10178 description: PrometheusRulesExcludedFromEnforce - list of prometheus 10179 rules to be excluded from enforcing of adding namespace labels. 10180 Works only if enforcedNamespaceLabel set to true. Make sure both 10181 ruleNamespace and ruleName are set for each pair 10182 items: 10183 description: PrometheusRuleExcludeConfig enables users to configure 10184 excluded PrometheusRule names and their namespaces to be ignored 10185 while enforcing namespace label for alerts and metrics. 10186 properties: 10187 ruleName: 10188 description: RuleNamespace - name of excluded rule 10189 type: string 10190 ruleNamespace: 10191 description: RuleNamespace - namespace of excluded rule 10192 type: string 10193 required: 10194 - ruleName 10195 - ruleNamespace 10196 type: object 10197 type: array 10198 query: 10199 description: QuerySpec defines the query command line flags when starting 10200 Prometheus. 10201 properties: 10202 lookbackDelta: 10203 description: The delta difference allowed for retrieving metrics 10204 during expression evaluations. 10205 type: string 10206 maxConcurrency: 10207 description: Number of concurrent queries that can be run at once. 10208 format: int32 10209 type: integer 10210 maxSamples: 10211 description: Maximum number of samples a single query can load 10212 into memory. Note that queries will fail if they would load 10213 more samples than this into memory, so this also limits the 10214 number of samples a query can return. 10215 format: int32 10216 type: integer 10217 timeout: 10218 description: Maximum time a query may take before being aborted. 10219 type: string 10220 type: object 10221 queryLogFile: 10222 description: QueryLogFile specifies the file to which PromQL queries 10223 are logged. Note that this location must be writable, and can be 10224 persisted using an attached volume. Alternatively, the location 10225 can be set to a stdout location such as `/dev/stdout` to log querie 10226 information to the default Prometheus log stream. This is only available 10227 in versions of Prometheus >= 2.16.0. For more details, see the Prometheus 10228 docs (https://prometheus.io/docs/guides/query-log/) 10229 type: string 10230 remoteRead: 10231 description: If specified, the remote_read spec. This is an experimental 10232 feature, it may change in any upcoming release in a breaking way. 10233 items: 10234 description: RemoteReadSpec defines the remote_read configuration 10235 for prometheus. 10236 properties: 10237 basicAuth: 10238 description: BasicAuth for the URL. 10239 properties: 10240 password: 10241 description: The secret in the service monitor namespace 10242 that contains the password for authentication. 10243 properties: 10244 key: 10245 description: The key of the secret to select from. Must 10246 be a valid secret key. 10247 type: string 10248 name: 10249 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10250 TODO: Add other useful fields. apiVersion, kind, uid?' 10251 type: string 10252 optional: 10253 description: Specify whether the Secret or its key must 10254 be defined 10255 type: boolean 10256 required: 10257 - key 10258 type: object 10259 username: 10260 description: The secret in the service monitor namespace 10261 that contains the username for authentication. 10262 properties: 10263 key: 10264 description: The key of the secret to select from. Must 10265 be a valid secret key. 10266 type: string 10267 name: 10268 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10269 TODO: Add other useful fields. apiVersion, kind, uid?' 10270 type: string 10271 optional: 10272 description: Specify whether the Secret or its key must 10273 be defined 10274 type: boolean 10275 required: 10276 - key 10277 type: object 10278 type: object 10279 bearerToken: 10280 description: bearer token for remote read. 10281 type: string 10282 bearerTokenFile: 10283 description: File to read bearer token for remote read. 10284 type: string 10285 name: 10286 description: The name of the remote read queue, must be unique 10287 if specified. The name is used in metrics and logging in order 10288 to differentiate read configurations. Only valid in Prometheus 10289 versions 2.15.0 and newer. 10290 type: string 10291 proxyUrl: 10292 description: Optional ProxyURL 10293 type: string 10294 readRecent: 10295 description: Whether reads should be made for queries for time 10296 ranges that the local storage should have complete data for. 10297 type: boolean 10298 remoteTimeout: 10299 description: Timeout for requests to the remote read endpoint. 10300 type: string 10301 requiredMatchers: 10302 additionalProperties: 10303 type: string 10304 description: An optional list of equality matchers which have 10305 to be present in a selector to query the remote read endpoint. 10306 type: object 10307 tlsConfig: 10308 description: TLS Config to use for remote read. 10309 properties: 10310 ca: 10311 description: Struct containing the CA cert to use for the 10312 targets. 10313 properties: 10314 configMap: 10315 description: ConfigMap containing data to use for the 10316 targets. 10317 properties: 10318 key: 10319 description: The key to select. 10320 type: string 10321 name: 10322 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10323 TODO: Add other useful fields. apiVersion, kind, 10324 uid?' 10325 type: string 10326 optional: 10327 description: Specify whether the ConfigMap or its 10328 key must be defined 10329 type: boolean 10330 required: 10331 - key 10332 type: object 10333 secret: 10334 description: Secret containing data to use for the targets. 10335 properties: 10336 key: 10337 description: The key of the secret to select from. Must 10338 be a valid secret key. 10339 type: string 10340 name: 10341 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10342 TODO: Add other useful fields. apiVersion, kind, 10343 uid?' 10344 type: string 10345 optional: 10346 description: Specify whether the Secret or its key 10347 must be defined 10348 type: boolean 10349 required: 10350 - key 10351 type: object 10352 type: object 10353 caFile: 10354 description: Path to the CA cert in the Prometheus container 10355 to use for the targets. 10356 type: string 10357 cert: 10358 description: Struct containing the client cert file for 10359 the targets. 10360 properties: 10361 configMap: 10362 description: ConfigMap containing data to use for the 10363 targets. 10364 properties: 10365 key: 10366 description: The key to select. 10367 type: string 10368 name: 10369 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10370 TODO: Add other useful fields. apiVersion, kind, 10371 uid?' 10372 type: string 10373 optional: 10374 description: Specify whether the ConfigMap or its 10375 key must be defined 10376 type: boolean 10377 required: 10378 - key 10379 type: object 10380 secret: 10381 description: Secret containing data to use for the targets. 10382 properties: 10383 key: 10384 description: The key of the secret to select from. Must 10385 be a valid secret key. 10386 type: string 10387 name: 10388 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10389 TODO: Add other useful fields. apiVersion, kind, 10390 uid?' 10391 type: string 10392 optional: 10393 description: Specify whether the Secret or its key 10394 must be defined 10395 type: boolean 10396 required: 10397 - key 10398 type: object 10399 type: object 10400 certFile: 10401 description: Path to the client cert file in the Prometheus 10402 container for the targets. 10403 type: string 10404 insecureSkipVerify: 10405 description: Disable target certificate validation. 10406 type: boolean 10407 keyFile: 10408 description: Path to the client key file in the Prometheus 10409 container for the targets. 10410 type: string 10411 keySecret: 10412 description: Secret containing the client key file for the 10413 targets. 10414 properties: 10415 key: 10416 description: The key of the secret to select from. Must 10417 be a valid secret key. 10418 type: string 10419 name: 10420 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10421 TODO: Add other useful fields. apiVersion, kind, uid?' 10422 type: string 10423 optional: 10424 description: Specify whether the Secret or its key must 10425 be defined 10426 type: boolean 10427 required: 10428 - key 10429 type: object 10430 serverName: 10431 description: Used to verify the hostname for the targets. 10432 type: string 10433 type: object 10434 url: 10435 description: The URL of the endpoint to send samples to. 10436 type: string 10437 required: 10438 - url 10439 type: object 10440 type: array 10441 remoteWrite: 10442 description: If specified, the remote_write spec. This is an experimental 10443 feature, it may change in any upcoming release in a breaking way. 10444 items: 10445 description: RemoteWriteSpec defines the remote_write configuration 10446 for prometheus. 10447 properties: 10448 basicAuth: 10449 description: BasicAuth for the URL. 10450 properties: 10451 password: 10452 description: The secret in the service monitor namespace 10453 that contains the password for authentication. 10454 properties: 10455 key: 10456 description: The key of the secret to select from. Must 10457 be a valid secret key. 10458 type: string 10459 name: 10460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10461 TODO: Add other useful fields. apiVersion, kind, uid?' 10462 type: string 10463 optional: 10464 description: Specify whether the Secret or its key must 10465 be defined 10466 type: boolean 10467 required: 10468 - key 10469 type: object 10470 username: 10471 description: The secret in the service monitor namespace 10472 that contains the username for authentication. 10473 properties: 10474 key: 10475 description: The key of the secret to select from. Must 10476 be a valid secret key. 10477 type: string 10478 name: 10479 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10480 TODO: Add other useful fields. apiVersion, kind, uid?' 10481 type: string 10482 optional: 10483 description: Specify whether the Secret or its key must 10484 be defined 10485 type: boolean 10486 required: 10487 - key 10488 type: object 10489 type: object 10490 bearerToken: 10491 description: File to read bearer token for remote write. 10492 type: string 10493 bearerTokenFile: 10494 description: File to read bearer token for remote write. 10495 type: string 10496 name: 10497 description: The name of the remote write queue, must be unique 10498 if specified. The name is used in metrics and logging in order 10499 to differentiate queues. Only valid in Prometheus versions 10500 2.15.0 and newer. 10501 type: string 10502 proxyUrl: 10503 description: Optional ProxyURL 10504 type: string 10505 queueConfig: 10506 description: QueueConfig allows tuning of the remote write queue 10507 parameters. 10508 properties: 10509 batchSendDeadline: 10510 description: BatchSendDeadline is the maximum time a sample 10511 will wait in buffer. 10512 type: string 10513 capacity: 10514 description: Capacity is the number of samples to buffer 10515 per shard before we start dropping them. 10516 type: integer 10517 maxBackoff: 10518 description: MaxBackoff is the maximum retry delay. 10519 type: string 10520 maxRetries: 10521 description: MaxRetries is the maximum number of times to 10522 retry a batch on recoverable errors. 10523 type: integer 10524 maxSamplesPerSend: 10525 description: MaxSamplesPerSend is the maximum number of 10526 samples per send. 10527 type: integer 10528 maxShards: 10529 description: MaxShards is the maximum number of shards, 10530 i.e. amount of concurrency. 10531 type: integer 10532 minBackoff: 10533 description: MinBackoff is the initial retry delay. Gets 10534 doubled for every retry. 10535 type: string 10536 minShards: 10537 description: MinShards is the minimum number of shards, 10538 i.e. amount of concurrency. 10539 type: integer 10540 type: object 10541 remoteTimeout: 10542 description: Timeout for requests to the remote write endpoint. 10543 type: string 10544 tlsConfig: 10545 description: TLS Config to use for remote write. 10546 properties: 10547 ca: 10548 description: Struct containing the CA cert to use for the 10549 targets. 10550 properties: 10551 configMap: 10552 description: ConfigMap containing data to use for the 10553 targets. 10554 properties: 10555 key: 10556 description: The key to select. 10557 type: string 10558 name: 10559 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10560 TODO: Add other useful fields. apiVersion, kind, 10561 uid?' 10562 type: string 10563 optional: 10564 description: Specify whether the ConfigMap or its 10565 key must be defined 10566 type: boolean 10567 required: 10568 - key 10569 type: object 10570 secret: 10571 description: Secret containing data to use for the targets. 10572 properties: 10573 key: 10574 description: The key of the secret to select from. Must 10575 be a valid secret key. 10576 type: string 10577 name: 10578 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10579 TODO: Add other useful fields. apiVersion, kind, 10580 uid?' 10581 type: string 10582 optional: 10583 description: Specify whether the Secret or its key 10584 must be defined 10585 type: boolean 10586 required: 10587 - key 10588 type: object 10589 type: object 10590 caFile: 10591 description: Path to the CA cert in the Prometheus container 10592 to use for the targets. 10593 type: string 10594 cert: 10595 description: Struct containing the client cert file for 10596 the targets. 10597 properties: 10598 configMap: 10599 description: ConfigMap containing data to use for the 10600 targets. 10601 properties: 10602 key: 10603 description: The key to select. 10604 type: string 10605 name: 10606 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10607 TODO: Add other useful fields. apiVersion, kind, 10608 uid?' 10609 type: string 10610 optional: 10611 description: Specify whether the ConfigMap or its 10612 key must be defined 10613 type: boolean 10614 required: 10615 - key 10616 type: object 10617 secret: 10618 description: Secret containing data to use for the targets. 10619 properties: 10620 key: 10621 description: The key of the secret to select from. Must 10622 be a valid secret key. 10623 type: string 10624 name: 10625 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10626 TODO: Add other useful fields. apiVersion, kind, 10627 uid?' 10628 type: string 10629 optional: 10630 description: Specify whether the Secret or its key 10631 must be defined 10632 type: boolean 10633 required: 10634 - key 10635 type: object 10636 type: object 10637 certFile: 10638 description: Path to the client cert file in the Prometheus 10639 container for the targets. 10640 type: string 10641 insecureSkipVerify: 10642 description: Disable target certificate validation. 10643 type: boolean 10644 keyFile: 10645 description: Path to the client key file in the Prometheus 10646 container for the targets. 10647 type: string 10648 keySecret: 10649 description: Secret containing the client key file for the 10650 targets. 10651 properties: 10652 key: 10653 description: The key of the secret to select from. Must 10654 be a valid secret key. 10655 type: string 10656 name: 10657 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10658 TODO: Add other useful fields. apiVersion, kind, uid?' 10659 type: string 10660 optional: 10661 description: Specify whether the Secret or its key must 10662 be defined 10663 type: boolean 10664 required: 10665 - key 10666 type: object 10667 serverName: 10668 description: Used to verify the hostname for the targets. 10669 type: string 10670 type: object 10671 url: 10672 description: The URL of the endpoint to send samples to. 10673 type: string 10674 writeRelabelConfigs: 10675 description: The list of remote write relabel configurations. 10676 items: 10677 description: 'RelabelConfig allows dynamic rewriting of the 10678 label set, being applied to samples before ingestion. It 10679 defines `<metric_relabel_configs>`-section of Prometheus 10680 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 10681 properties: 10682 action: 10683 description: Action to perform based on regex matching. 10684 Default is 'replace' 10685 type: string 10686 modulus: 10687 description: Modulus to take of the hash of the source 10688 label values. 10689 format: int64 10690 type: integer 10691 regex: 10692 description: Regular expression against which the extracted 10693 value is matched. Default is '(.*)' 10694 type: string 10695 replacement: 10696 description: Replacement value against which a regex replace 10697 is performed if the regular expression matches. Regex 10698 capture groups are available. Default is '$1' 10699 type: string 10700 separator: 10701 description: Separator placed between concatenated source 10702 label values. default is ';'. 10703 type: string 10704 sourceLabels: 10705 description: The source labels select values from existing 10706 labels. Their content is concatenated using the configured 10707 separator and matched against the configured regular 10708 expression for the replace, keep, and drop actions. 10709 items: 10710 type: string 10711 type: array 10712 targetLabel: 10713 description: Label to which the resulting value is written 10714 in a replace action. It is mandatory for replace actions. 10715 Regex capture groups are available. 10716 type: string 10717 type: object 10718 type: array 10719 required: 10720 - url 10721 type: object 10722 type: array 10723 replicaExternalLabelName: 10724 description: Name of Prometheus external label used to denote replica 10725 name. Defaults to the value of `prometheus_replica`. External label 10726 will _not_ be added when value is set to empty string (`""`). 10727 type: string 10728 replicas: 10729 description: Number of instances to deploy for a Prometheus deployment. 10730 format: int32 10731 type: integer 10732 resources: 10733 description: Define resources requests and limits for single Pods. 10734 properties: 10735 limits: 10736 additionalProperties: 10737 type: string 10738 description: 'Limits describes the maximum amount of compute resources 10739 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 10740 type: object 10741 requests: 10742 additionalProperties: 10743 type: string 10744 description: 'Requests describes the minimum amount of compute 10745 resources required. If Requests is omitted for a container, 10746 it defaults to Limits if that is explicitly specified, otherwise 10747 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 10748 type: object 10749 type: object 10750 retention: 10751 description: Time duration Prometheus shall retain data for. Default 10752 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 10753 (milliseconds seconds minutes hours days weeks years). 10754 type: string 10755 retentionSize: 10756 description: Maximum amount of disk space used by blocks. 10757 type: string 10758 routePrefix: 10759 description: The route prefix Prometheus registers HTTP handlers for. 10760 This is useful, if using ExternalURL and a proxy is rewriting HTTP 10761 routes of a request, and the actual ExternalURL is still true, but 10762 the server serves requests under a different route prefix. For example 10763 for use with `kubectl proxy`. 10764 type: string 10765 ruleNamespaceSelector: 10766 description: Namespaces to be selected for PrometheusRules discovery. 10767 If unspecified, only the same namespace as the Prometheus object 10768 is in is used. 10769 properties: 10770 matchExpressions: 10771 description: matchExpressions is a list of label selector requirements. 10772 The requirements are ANDed. 10773 items: 10774 description: A label selector requirement is a selector that 10775 contains values, a key, and an operator that relates the key 10776 and values. 10777 properties: 10778 key: 10779 description: key is the label key that the selector applies 10780 to. 10781 type: string 10782 operator: 10783 description: operator represents a key's relationship to 10784 a set of values. Valid operators are In, NotIn, Exists 10785 and DoesNotExist. 10786 type: string 10787 values: 10788 description: values is an array of string values. If the 10789 operator is In or NotIn, the values array must be non-empty. 10790 If the operator is Exists or DoesNotExist, the values 10791 array must be empty. This array is replaced during a strategic 10792 merge patch. 10793 items: 10794 type: string 10795 type: array 10796 required: 10797 - key 10798 - operator 10799 type: object 10800 type: array 10801 matchLabels: 10802 additionalProperties: 10803 type: string 10804 description: matchLabels is a map of {key,value} pairs. A single 10805 {key,value} in the matchLabels map is equivalent to an element 10806 of matchExpressions, whose key field is "key", the operator 10807 is "In", and the values array contains only "value". The requirements 10808 are ANDed. 10809 type: object 10810 type: object 10811 ruleSelector: 10812 description: A selector to select which PrometheusRules to mount for 10813 loading alerting/recording rules from. Until (excluding) Prometheus 10814 Operator v0.24.0 Prometheus Operator will migrate any legacy rule 10815 ConfigMaps to PrometheusRule custom resources selected by RuleSelector. 10816 Make sure it does not match any config maps that you do not want 10817 to be migrated. 10818 properties: 10819 matchExpressions: 10820 description: matchExpressions is a list of label selector requirements. 10821 The requirements are ANDed. 10822 items: 10823 description: A label selector requirement is a selector that 10824 contains values, a key, and an operator that relates the key 10825 and values. 10826 properties: 10827 key: 10828 description: key is the label key that the selector applies 10829 to. 10830 type: string 10831 operator: 10832 description: operator represents a key's relationship to 10833 a set of values. Valid operators are In, NotIn, Exists 10834 and DoesNotExist. 10835 type: string 10836 values: 10837 description: values is an array of string values. If the 10838 operator is In or NotIn, the values array must be non-empty. 10839 If the operator is Exists or DoesNotExist, the values 10840 array must be empty. This array is replaced during a strategic 10841 merge patch. 10842 items: 10843 type: string 10844 type: array 10845 required: 10846 - key 10847 - operator 10848 type: object 10849 type: array 10850 matchLabels: 10851 additionalProperties: 10852 type: string 10853 description: matchLabels is a map of {key,value} pairs. A single 10854 {key,value} in the matchLabels map is equivalent to an element 10855 of matchExpressions, whose key field is "key", the operator 10856 is "In", and the values array contains only "value". The requirements 10857 are ANDed. 10858 type: object 10859 type: object 10860 rules: 10861 description: /--rules.*/ command-line arguments. 10862 properties: 10863 alert: 10864 description: /--rules.alert.*/ command-line arguments 10865 properties: 10866 forGracePeriod: 10867 description: Minimum duration between alert and restored 'for' 10868 state. This is maintained only for alerts with configured 10869 'for' time greater than grace period. 10870 type: string 10871 forOutageTolerance: 10872 description: Max time to tolerate prometheus outage for restoring 10873 'for' state of alert. 10874 type: string 10875 resendDelay: 10876 description: Minimum amount of time to wait before resending 10877 an alert to Alertmanager. 10878 type: string 10879 type: object 10880 type: object 10881 scrapeInterval: 10882 description: Interval between consecutive scrapes. 10883 type: string 10884 scrapeTimeout: 10885 description: Number of seconds to wait for target to respond before 10886 erroring. 10887 type: string 10888 secrets: 10889 description: Secrets is a list of Secrets in the same namespace as 10890 the Prometheus object, which shall be mounted into the Prometheus 10891 Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>. 10892 items: 10893 type: string 10894 type: array 10895 securityContext: 10896 description: SecurityContext holds pod-level security attributes and 10897 common container settings. This defaults to the default PodSecurityContext. 10898 properties: 10899 fsGroup: 10900 description: "A special supplemental group that applies to all 10901 containers in a pod. Some volume types allow the Kubelet to 10902 change the ownership of that volume to be owned by the pod: 10903 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 10904 set (new files created in the volume will be owned by FSGroup) 10905 3. The permission bits are OR'd with rw-rw---- \n If unset, 10906 the Kubelet will not modify the ownership and permissions of 10907 any volume." 10908 format: int64 10909 type: integer 10910 fsGroupChangePolicy: 10911 description: 'fsGroupChangePolicy defines behavior of changing 10912 ownership and permission of the volume before being exposed 10913 inside Pod. This field will only apply to volume types which 10914 support fsGroup based ownership(and permissions). It will have 10915 no effect on ephemeral volume types such as: secret, configmaps 10916 and emptydir. Valid values are "OnRootMismatch" and "Always". 10917 If not specified defaults to "Always".' 10918 type: string 10919 runAsGroup: 10920 description: The GID to run the entrypoint of the container process. 10921 Uses runtime default if unset. May also be set in SecurityContext. If 10922 set in both SecurityContext and PodSecurityContext, the value 10923 specified in SecurityContext takes precedence for that container. 10924 format: int64 10925 type: integer 10926 runAsNonRoot: 10927 description: Indicates that the container must run as a non-root 10928 user. If true, the Kubelet will validate the image at runtime 10929 to ensure that it does not run as UID 0 (root) and fail to start 10930 the container if it does. If unset or false, no such validation 10931 will be performed. May also be set in SecurityContext. If set 10932 in both SecurityContext and PodSecurityContext, the value specified 10933 in SecurityContext takes precedence. 10934 type: boolean 10935 runAsUser: 10936 description: The UID to run the entrypoint of the container process. 10937 Defaults to user specified in image metadata if unspecified. 10938 May also be set in SecurityContext. If set in both SecurityContext 10939 and PodSecurityContext, the value specified in SecurityContext 10940 takes precedence for that container. 10941 format: int64 10942 type: integer 10943 seLinuxOptions: 10944 description: The SELinux context to be applied to all containers. 10945 If unspecified, the container runtime will allocate a random 10946 SELinux context for each container. May also be set in SecurityContext. If 10947 set in both SecurityContext and PodSecurityContext, the value 10948 specified in SecurityContext takes precedence for that container. 10949 properties: 10950 level: 10951 description: Level is SELinux level label that applies to 10952 the container. 10953 type: string 10954 role: 10955 description: Role is a SELinux role label that applies to 10956 the container. 10957 type: string 10958 type: 10959 description: Type is a SELinux type label that applies to 10960 the container. 10961 type: string 10962 user: 10963 description: User is a SELinux user label that applies to 10964 the container. 10965 type: string 10966 type: object 10967 supplementalGroups: 10968 description: A list of groups applied to the first process run 10969 in each container, in addition to the container's primary GID. If 10970 unspecified, no groups will be added to any container. 10971 items: 10972 format: int64 10973 type: integer 10974 type: array 10975 sysctls: 10976 description: Sysctls hold a list of namespaced sysctls used for 10977 the pod. Pods with unsupported sysctls (by the container runtime) 10978 might fail to launch. 10979 items: 10980 description: Sysctl defines a kernel parameter to be set 10981 properties: 10982 name: 10983 description: Name of a property to set 10984 type: string 10985 value: 10986 description: Value of a property to set 10987 type: string 10988 required: 10989 - name 10990 - value 10991 type: object 10992 type: array 10993 windowsOptions: 10994 description: The Windows specific settings applied to all containers. 10995 If unspecified, the options within a container's SecurityContext 10996 will be used. If set in both SecurityContext and PodSecurityContext, 10997 the value specified in SecurityContext takes precedence. 10998 properties: 10999 gmsaCredentialSpec: 11000 description: GMSACredentialSpec is where the GMSA admission 11001 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 11002 inlines the contents of the GMSA credential spec named by 11003 the GMSACredentialSpecName field. 11004 type: string 11005 gmsaCredentialSpecName: 11006 description: GMSACredentialSpecName is the name of the GMSA 11007 credential spec to use. 11008 type: string 11009 runAsUserName: 11010 description: The UserName in Windows to run the entrypoint 11011 of the container process. Defaults to the user specified 11012 in image metadata if unspecified. May also be set in PodSecurityContext. 11013 If set in both SecurityContext and PodSecurityContext, the 11014 value specified in SecurityContext takes precedence. 11015 type: string 11016 type: object 11017 type: object 11018 serviceAccountName: 11019 description: ServiceAccountName is the name of the ServiceAccount 11020 to use to run the Prometheus Pods. 11021 type: string 11022 serviceMonitorNamespaceSelector: 11023 description: Namespaces to be selected for ServiceMonitor discovery. 11024 If nil, only check own namespace. 11025 properties: 11026 matchExpressions: 11027 description: matchExpressions is a list of label selector requirements. 11028 The requirements are ANDed. 11029 items: 11030 description: A label selector requirement is a selector that 11031 contains values, a key, and an operator that relates the key 11032 and values. 11033 properties: 11034 key: 11035 description: key is the label key that the selector applies 11036 to. 11037 type: string 11038 operator: 11039 description: operator represents a key's relationship to 11040 a set of values. Valid operators are In, NotIn, Exists 11041 and DoesNotExist. 11042 type: string 11043 values: 11044 description: values is an array of string values. If the 11045 operator is In or NotIn, the values array must be non-empty. 11046 If the operator is Exists or DoesNotExist, the values 11047 array must be empty. This array is replaced during a strategic 11048 merge patch. 11049 items: 11050 type: string 11051 type: array 11052 required: 11053 - key 11054 - operator 11055 type: object 11056 type: array 11057 matchLabels: 11058 additionalProperties: 11059 type: string 11060 description: matchLabels is a map of {key,value} pairs. A single 11061 {key,value} in the matchLabels map is equivalent to an element 11062 of matchExpressions, whose key field is "key", the operator 11063 is "In", and the values array contains only "value". The requirements 11064 are ANDed. 11065 type: object 11066 type: object 11067 serviceMonitorSelector: 11068 description: ServiceMonitors to be selected for target discovery. 11069 *Deprecated:* if neither this nor podMonitorSelector are specified, 11070 configuration is unmanaged. 11071 properties: 11072 matchExpressions: 11073 description: matchExpressions is a list of label selector requirements. 11074 The requirements are ANDed. 11075 items: 11076 description: A label selector requirement is a selector that 11077 contains values, a key, and an operator that relates the key 11078 and values. 11079 properties: 11080 key: 11081 description: key is the label key that the selector applies 11082 to. 11083 type: string 11084 operator: 11085 description: operator represents a key's relationship to 11086 a set of values. Valid operators are In, NotIn, Exists 11087 and DoesNotExist. 11088 type: string 11089 values: 11090 description: values is an array of string values. If the 11091 operator is In or NotIn, the values array must be non-empty. 11092 If the operator is Exists or DoesNotExist, the values 11093 array must be empty. This array is replaced during a strategic 11094 merge patch. 11095 items: 11096 type: string 11097 type: array 11098 required: 11099 - key 11100 - operator 11101 type: object 11102 type: array 11103 matchLabels: 11104 additionalProperties: 11105 type: string 11106 description: matchLabels is a map of {key,value} pairs. A single 11107 {key,value} in the matchLabels map is equivalent to an element 11108 of matchExpressions, whose key field is "key", the operator 11109 is "In", and the values array contains only "value". The requirements 11110 are ANDed. 11111 type: object 11112 type: object 11113 sha: 11114 description: 'SHA of Prometheus container image to be deployed. Defaults 11115 to the value of `version`. Similar to a tag, but the SHA explicitly 11116 deploys an immutable container image. Version and Tag are ignored 11117 if SHA is set. Deprecated: use ''image'' instead. The image digest 11118 can be specified as part of the image URL.' 11119 type: string 11120 storage: 11121 description: Storage spec to specify how storage shall be used. 11122 properties: 11123 disableMountSubPath: 11124 description: 'Deprecated: subPath usage will be disabled by default 11125 in a future release, this option will become unnecessary. DisableMountSubPath 11126 allows to remove any subPath usage in volume mounts.' 11127 type: boolean 11128 emptyDir: 11129 description: 'EmptyDirVolumeSource to be used by the Prometheus 11130 StatefulSets. If specified, used in place of any volumeClaimTemplate. 11131 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 11132 properties: 11133 medium: 11134 description: 'What type of storage medium should back this 11135 directory. The default is "" which means to use the node''s 11136 default medium. Must be an empty string (default) or Memory. 11137 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 11138 type: string 11139 sizeLimit: 11140 description: 'Total amount of local storage required for this 11141 EmptyDir volume. The size limit is also applicable for memory 11142 medium. The maximum usage on memory medium EmptyDir would 11143 be the minimum value between the SizeLimit specified here 11144 and the sum of memory limits of all containers in a pod. 11145 The default is nil which means that the limit is undefined. 11146 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 11147 type: string 11148 type: object 11149 volumeClaimTemplate: 11150 description: A PVC spec to be used by the Prometheus StatefulSets. 11151 properties: 11152 apiVersion: 11153 description: 'APIVersion defines the versioned schema of this 11154 representation of an object. Servers should convert recognized 11155 schemas to the latest internal value, and may reject unrecognized 11156 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 11157 type: string 11158 kind: 11159 description: 'Kind is a string value representing the REST 11160 resource this object represents. Servers may infer this 11161 from the endpoint the client submits requests to. Cannot 11162 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 11163 type: string 11164 metadata: 11165 description: EmbeddedMetadata contains metadata relevant to 11166 an EmbeddedResource. 11167 properties: 11168 annotations: 11169 additionalProperties: 11170 type: string 11171 description: 'Annotations is an unstructured key value 11172 map stored with a resource that may be set by external 11173 tools to store and retrieve arbitrary metadata. They 11174 are not queryable and should be preserved when modifying 11175 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 11176 type: object 11177 labels: 11178 additionalProperties: 11179 type: string 11180 description: 'Map of string keys and values that can be 11181 used to organize and categorize (scope and select) objects. 11182 May match selectors of replication controllers and services. 11183 More info: http://kubernetes.io/docs/user-guide/labels' 11184 type: object 11185 name: 11186 description: 'Name must be unique within a namespace. 11187 Is required when creating resources, although some resources 11188 may allow a client to request the generation of an appropriate 11189 name automatically. Name is primarily intended for creation 11190 idempotence and configuration definition. Cannot be 11191 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 11192 type: string 11193 type: object 11194 spec: 11195 description: 'Spec defines the desired characteristics of 11196 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 11197 properties: 11198 accessModes: 11199 description: 'AccessModes contains the desired access 11200 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 11201 items: 11202 type: string 11203 type: array 11204 dataSource: 11205 description: 'This field can be used to specify either: 11206 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot 11207 - Beta) * An existing PVC (PersistentVolumeClaim) * 11208 An existing custom resource/object that implements data 11209 population (Alpha) In order to use VolumeSnapshot object 11210 types, the appropriate feature gate must be enabled 11211 (VolumeSnapshotDataSource or AnyVolumeDataSource) If 11212 the provisioner or an external controller can support 11213 the specified data source, it will create a new volume 11214 based on the contents of the specified data source. 11215 If the specified data source is not supported, the volume 11216 will not be created and the failure will be reported 11217 as an event. In the future, we plan to support more 11218 data source types and the behavior of the provisioner 11219 may change.' 11220 properties: 11221 apiGroup: 11222 description: APIGroup is the group for the resource 11223 being referenced. If APIGroup is not specified, 11224 the specified Kind must be in the core API group. 11225 For any other third-party types, APIGroup is required. 11226 type: string 11227 kind: 11228 description: Kind is the type of resource being referenced 11229 type: string 11230 name: 11231 description: Name is the name of resource being referenced 11232 type: string 11233 required: 11234 - kind 11235 - name 11236 type: object 11237 resources: 11238 description: 'Resources represents the minimum resources 11239 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 11240 properties: 11241 limits: 11242 additionalProperties: 11243 type: string 11244 description: 'Limits describes the maximum amount 11245 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 11246 type: object 11247 requests: 11248 additionalProperties: 11249 type: string 11250 description: 'Requests describes the minimum amount 11251 of compute resources required. If Requests is omitted 11252 for a container, it defaults to Limits if that is 11253 explicitly specified, otherwise to an implementation-defined 11254 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 11255 type: object 11256 type: object 11257 selector: 11258 description: A label query over volumes to consider for 11259 binding. 11260 properties: 11261 matchExpressions: 11262 description: matchExpressions is a list of label selector 11263 requirements. The requirements are ANDed. 11264 items: 11265 description: A label selector requirement is a selector 11266 that contains values, a key, and an operator that 11267 relates the key and values. 11268 properties: 11269 key: 11270 description: key is the label key that the selector 11271 applies to. 11272 type: string 11273 operator: 11274 description: operator represents a key's relationship 11275 to a set of values. Valid operators are In, 11276 NotIn, Exists and DoesNotExist. 11277 type: string 11278 values: 11279 description: values is an array of string values. 11280 If the operator is In or NotIn, the values 11281 array must be non-empty. If the operator is 11282 Exists or DoesNotExist, the values array must 11283 be empty. This array is replaced during a 11284 strategic merge patch. 11285 items: 11286 type: string 11287 type: array 11288 required: 11289 - key 11290 - operator 11291 type: object 11292 type: array 11293 matchLabels: 11294 additionalProperties: 11295 type: string 11296 description: matchLabels is a map of {key,value} pairs. 11297 A single {key,value} in the matchLabels map is equivalent 11298 to an element of matchExpressions, whose key field 11299 is "key", the operator is "In", and the values array 11300 contains only "value". The requirements are ANDed. 11301 type: object 11302 type: object 11303 storageClassName: 11304 description: 'Name of the StorageClass required by the 11305 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 11306 type: string 11307 volumeMode: 11308 description: volumeMode defines what type of volume is 11309 required by the claim. Value of Filesystem is implied 11310 when not included in claim spec. 11311 type: string 11312 volumeName: 11313 description: VolumeName is the binding reference to the 11314 PersistentVolume backing this claim. 11315 type: string 11316 type: object 11317 status: 11318 description: 'Status represents the current information/status 11319 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 11320 properties: 11321 accessModes: 11322 description: 'AccessModes contains the actual access modes 11323 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 11324 items: 11325 type: string 11326 type: array 11327 capacity: 11328 additionalProperties: 11329 type: string 11330 description: Represents the actual resources of the underlying 11331 volume. 11332 type: object 11333 conditions: 11334 description: Current Condition of persistent volume claim. 11335 If underlying persistent volume is being resized then 11336 the Condition will be set to 'ResizeStarted'. 11337 items: 11338 description: PersistentVolumeClaimCondition contains 11339 details about state of pvc 11340 properties: 11341 lastProbeTime: 11342 description: Last time we probed the condition. 11343 format: date-time 11344 type: string 11345 lastTransitionTime: 11346 description: Last time the condition transitioned 11347 from one status to another. 11348 format: date-time 11349 type: string 11350 message: 11351 description: Human-readable message indicating details 11352 about last transition. 11353 type: string 11354 reason: 11355 description: Unique, this should be a short, machine 11356 understandable string that gives the reason for 11357 condition's last transition. If it reports "ResizeStarted" 11358 that means the underlying persistent volume is 11359 being resized. 11360 type: string 11361 status: 11362 type: string 11363 type: 11364 description: PersistentVolumeClaimConditionType 11365 is a valid value of PersistentVolumeClaimCondition.Type 11366 type: string 11367 required: 11368 - status 11369 - type 11370 type: object 11371 type: array 11372 phase: 11373 description: Phase represents the current phase of PersistentVolumeClaim. 11374 type: string 11375 type: object 11376 type: object 11377 type: object 11378 tag: 11379 description: 'Tag of Prometheus container image to be deployed. Defaults 11380 to the value of `version`. Version is ignored if Tag is set. Deprecated: 11381 use ''image'' instead. The image tag can be specified as part of 11382 the image URL.' 11383 type: string 11384 thanos: 11385 description: "Thanos configuration allows configuring various aspects 11386 of a Prometheus server in a Thanos environment. \n This section 11387 is experimental, it may change significantly without deprecation 11388 notice in any release. \n This is experimental and may change significantly 11389 without backward compatibility in any release." 11390 properties: 11391 baseImage: 11392 description: 'Thanos base image if other than default. Deprecated: 11393 use ''image'' instead' 11394 type: string 11395 grpcServerTlsConfig: 11396 description: 'GRPCServerTLSConfig configures the gRPC server from 11397 which Thanos Querier reads recorded rule data. Note: Currently 11398 only the CAFile, CertFile, and KeyFile fields are supported. 11399 Maps to the ''--grpc-server-tls-*'' CLI args.' 11400 properties: 11401 ca: 11402 description: Struct containing the CA cert to use for the 11403 targets. 11404 properties: 11405 configMap: 11406 description: ConfigMap containing data to use for the 11407 targets. 11408 properties: 11409 key: 11410 description: The key to select. 11411 type: string 11412 name: 11413 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11414 TODO: Add other useful fields. apiVersion, kind, 11415 uid?' 11416 type: string 11417 optional: 11418 description: Specify whether the ConfigMap or its 11419 key must be defined 11420 type: boolean 11421 required: 11422 - key 11423 type: object 11424 secret: 11425 description: Secret containing data to use for the targets. 11426 properties: 11427 key: 11428 description: The key of the secret to select from. Must 11429 be a valid secret key. 11430 type: string 11431 name: 11432 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11433 TODO: Add other useful fields. apiVersion, kind, 11434 uid?' 11435 type: string 11436 optional: 11437 description: Specify whether the Secret or its key 11438 must be defined 11439 type: boolean 11440 required: 11441 - key 11442 type: object 11443 type: object 11444 caFile: 11445 description: Path to the CA cert in the Prometheus container 11446 to use for the targets. 11447 type: string 11448 cert: 11449 description: Struct containing the client cert file for the 11450 targets. 11451 properties: 11452 configMap: 11453 description: ConfigMap containing data to use for the 11454 targets. 11455 properties: 11456 key: 11457 description: The key to select. 11458 type: string 11459 name: 11460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11461 TODO: Add other useful fields. apiVersion, kind, 11462 uid?' 11463 type: string 11464 optional: 11465 description: Specify whether the ConfigMap or its 11466 key must be defined 11467 type: boolean 11468 required: 11469 - key 11470 type: object 11471 secret: 11472 description: Secret containing data to use for the targets. 11473 properties: 11474 key: 11475 description: The key of the secret to select from. Must 11476 be a valid secret key. 11477 type: string 11478 name: 11479 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11480 TODO: Add other useful fields. apiVersion, kind, 11481 uid?' 11482 type: string 11483 optional: 11484 description: Specify whether the Secret or its key 11485 must be defined 11486 type: boolean 11487 required: 11488 - key 11489 type: object 11490 type: object 11491 certFile: 11492 description: Path to the client cert file in the Prometheus 11493 container for the targets. 11494 type: string 11495 insecureSkipVerify: 11496 description: Disable target certificate validation. 11497 type: boolean 11498 keyFile: 11499 description: Path to the client key file in the Prometheus 11500 container for the targets. 11501 type: string 11502 keySecret: 11503 description: Secret containing the client key file for the 11504 targets. 11505 properties: 11506 key: 11507 description: The key of the secret to select from. Must 11508 be a valid secret key. 11509 type: string 11510 name: 11511 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11512 TODO: Add other useful fields. apiVersion, kind, uid?' 11513 type: string 11514 optional: 11515 description: Specify whether the Secret or its key must 11516 be defined 11517 type: boolean 11518 required: 11519 - key 11520 type: object 11521 serverName: 11522 description: Used to verify the hostname for the targets. 11523 type: string 11524 type: object 11525 image: 11526 description: Image if specified has precedence over baseImage, 11527 tag and sha combinations. Specifying the version is still necessary 11528 to ensure the Prometheus Operator knows what version of Thanos 11529 is being configured. 11530 type: string 11531 listenLocal: 11532 description: ListenLocal makes the Thanos sidecar listen on loopback, 11533 so that it does not bind against the Pod IP. 11534 type: boolean 11535 logFormat: 11536 description: LogFormat for Thanos sidecar to be configured with. 11537 type: string 11538 logLevel: 11539 description: LogLevel for Thanos sidecar to be configured with. 11540 type: string 11541 minTime: 11542 description: MinTime for Thanos sidecar to be configured with. 11543 Option can be a constant time in RFC3339 format or time duration 11544 relative to current time, such as -1d or 2h45m. Valid duration 11545 units are ms, s, m, h, d, w, y. 11546 type: string 11547 objectStorageConfig: 11548 description: ObjectStorageConfig configures object storage in 11549 Thanos. 11550 properties: 11551 key: 11552 description: The key of the secret to select from. Must be 11553 a valid secret key. 11554 type: string 11555 name: 11556 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11557 TODO: Add other useful fields. apiVersion, kind, uid?' 11558 type: string 11559 optional: 11560 description: Specify whether the Secret or its key must be 11561 defined 11562 type: boolean 11563 required: 11564 - key 11565 type: object 11566 resources: 11567 description: Resources defines the resource requirements for the 11568 Thanos sidecar. If not provided, no requests/limits will be 11569 set 11570 properties: 11571 limits: 11572 additionalProperties: 11573 type: string 11574 description: 'Limits describes the maximum amount of compute 11575 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 11576 type: object 11577 requests: 11578 additionalProperties: 11579 type: string 11580 description: 'Requests describes the minimum amount of compute 11581 resources required. If Requests is omitted for a container, 11582 it defaults to Limits if that is explicitly specified, otherwise 11583 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 11584 type: object 11585 type: object 11586 sha: 11587 description: 'SHA of Thanos container image to be deployed. Defaults 11588 to the value of `version`. Similar to a tag, but the SHA explicitly 11589 deploys an immutable container image. Version and Tag are ignored 11590 if SHA is set. Deprecated: use ''image'' instead. The image 11591 digest can be specified as part of the image URL.' 11592 type: string 11593 tag: 11594 description: 'Tag of Thanos sidecar container image to be deployed. 11595 Defaults to the value of `version`. Version is ignored if Tag 11596 is set. Deprecated: use ''image'' instead. The image tag can 11597 be specified as part of the image URL.' 11598 type: string 11599 tracingConfig: 11600 description: TracingConfig configures tracing in Thanos. This 11601 is an experimental feature, it may change in any upcoming release 11602 in a breaking way. 11603 properties: 11604 key: 11605 description: The key of the secret to select from. Must be 11606 a valid secret key. 11607 type: string 11608 name: 11609 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11610 TODO: Add other useful fields. apiVersion, kind, uid?' 11611 type: string 11612 optional: 11613 description: Specify whether the Secret or its key must be 11614 defined 11615 type: boolean 11616 required: 11617 - key 11618 type: object 11619 version: 11620 description: Version describes the version of Thanos to use. 11621 type: string 11622 type: object 11623 tolerations: 11624 description: If specified, the pod's tolerations. 11625 items: 11626 description: The pod this Toleration is attached to tolerates any 11627 taint that matches the triple <key,value,effect> using the matching 11628 operator <operator>. 11629 properties: 11630 effect: 11631 description: Effect indicates the taint effect to match. Empty 11632 means match all taint effects. When specified, allowed values 11633 are NoSchedule, PreferNoSchedule and NoExecute. 11634 type: string 11635 key: 11636 description: Key is the taint key that the toleration applies 11637 to. Empty means match all taint keys. If the key is empty, 11638 operator must be Exists; this combination means to match all 11639 values and all keys. 11640 type: string 11641 operator: 11642 description: Operator represents a key's relationship to the 11643 value. Valid operators are Exists and Equal. Defaults to Equal. 11644 Exists is equivalent to wildcard for value, so that a pod 11645 can tolerate all taints of a particular category. 11646 type: string 11647 tolerationSeconds: 11648 description: TolerationSeconds represents the period of time 11649 the toleration (which must be of effect NoExecute, otherwise 11650 this field is ignored) tolerates the taint. By default, it 11651 is not set, which means tolerate the taint forever (do not 11652 evict). Zero and negative values will be treated as 0 (evict 11653 immediately) by the system. 11654 format: int64 11655 type: integer 11656 value: 11657 description: Value is the taint value the toleration matches 11658 to. If the operator is Exists, the value should be empty, 11659 otherwise just a regular string. 11660 type: string 11661 type: object 11662 type: array 11663 topologySpreadConstraints: 11664 description: If specified, the pod's topology spread constraints. 11665 items: 11666 description: TopologySpreadConstraint specifies how to spread matching 11667 pods among the given topology. 11668 properties: 11669 labelSelector: 11670 description: LabelSelector is used to find matching pods. Pods 11671 that match this label selector are counted to determine the 11672 number of pods in their corresponding topology domain. 11673 properties: 11674 matchExpressions: 11675 description: matchExpressions is a list of label selector 11676 requirements. The requirements are ANDed. 11677 items: 11678 description: A label selector requirement is a selector 11679 that contains values, a key, and an operator that relates 11680 the key and values. 11681 properties: 11682 key: 11683 description: key is the label key that the selector 11684 applies to. 11685 type: string 11686 operator: 11687 description: operator represents a key's relationship 11688 to a set of values. Valid operators are In, NotIn, 11689 Exists and DoesNotExist. 11690 type: string 11691 values: 11692 description: values is an array of string values. 11693 If the operator is In or NotIn, the values array 11694 must be non-empty. If the operator is Exists or 11695 DoesNotExist, the values array must be empty. This 11696 array is replaced during a strategic merge patch. 11697 items: 11698 type: string 11699 type: array 11700 required: 11701 - key 11702 - operator 11703 type: object 11704 type: array 11705 matchLabels: 11706 additionalProperties: 11707 type: string 11708 description: matchLabels is a map of {key,value} pairs. 11709 A single {key,value} in the matchLabels map is equivalent 11710 to an element of matchExpressions, whose key field is 11711 "key", the operator is "In", and the values array contains 11712 only "value". The requirements are ANDed. 11713 type: object 11714 type: object 11715 maxSkew: 11716 description: 'MaxSkew describes the degree to which pods may 11717 be unevenly distributed. It''s the maximum permitted difference 11718 between the number of matching pods in any two topology domains 11719 of a given topology type. For example, in a 3-zone cluster, 11720 MaxSkew is set to 1, and pods with the same labelSelector 11721 spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | 11722 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 11723 to become 1/1/1; scheduling it onto zone1(zone2) would make 11724 the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - 11725 if MaxSkew is 2, incoming pod can be scheduled onto any zone. 11726 It''s a required field. Default value is 1 and 0 is not allowed.' 11727 format: int32 11728 type: integer 11729 topologyKey: 11730 description: TopologyKey is the key of node labels. Nodes that 11731 have a label with this key and identical values are considered 11732 to be in the same topology. We consider each <key, value> 11733 as a "bucket", and try to put balanced number of pods into 11734 each bucket. It's a required field. 11735 type: string 11736 whenUnsatisfiable: 11737 description: 'WhenUnsatisfiable indicates how to deal with a 11738 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 11739 (default) tells the scheduler not to schedule it - ScheduleAnyway 11740 tells the scheduler to still schedule it It''s considered 11741 as "Unsatisfiable" if and only if placing incoming pod on 11742 any topology violates "MaxSkew". For example, in a 3-zone 11743 cluster, MaxSkew is set to 1, and pods with the same labelSelector 11744 spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | 11745 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod 11746 can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) 11747 as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In 11748 other words, the cluster can still be imbalanced, but scheduler 11749 won''t make it *more* imbalanced. It''s a required field.' 11750 type: string 11751 required: 11752 - maxSkew 11753 - topologyKey 11754 - whenUnsatisfiable 11755 type: object 11756 type: array 11757 version: 11758 description: Version of Prometheus to be deployed. 11759 type: string 11760 volumeMounts: 11761 description: VolumeMounts allows configuration of additional VolumeMounts 11762 on the output StatefulSet definition. VolumeMounts specified will 11763 be appended to other VolumeMounts in the prometheus container, that 11764 are generated as a result of StorageSpec objects. 11765 items: 11766 description: VolumeMount describes a mounting of a Volume within 11767 a container. 11768 properties: 11769 mountPath: 11770 description: Path within the container at which the volume should 11771 be mounted. Must not contain ':'. 11772 type: string 11773 mountPropagation: 11774 description: mountPropagation determines how mounts are propagated 11775 from the host to container and the other way around. When 11776 not set, MountPropagationNone is used. This field is beta 11777 in 1.10. 11778 type: string 11779 name: 11780 description: This must match the Name of a Volume. 11781 type: string 11782 readOnly: 11783 description: Mounted read-only if true, read-write otherwise 11784 (false or unspecified). Defaults to false. 11785 type: boolean 11786 subPath: 11787 description: Path within the volume from which the container's 11788 volume should be mounted. Defaults to "" (volume's root). 11789 type: string 11790 subPathExpr: 11791 description: Expanded path within the volume from which the 11792 container's volume should be mounted. Behaves similarly to 11793 SubPath but environment variable references $(VAR_NAME) are 11794 expanded using the container's environment. Defaults to "" 11795 (volume's root). SubPathExpr and SubPath are mutually exclusive. 11796 type: string 11797 required: 11798 - mountPath 11799 - name 11800 type: object 11801 type: array 11802 volumes: 11803 description: Volumes allows configuration of additional volumes on 11804 the output StatefulSet definition. Volumes specified will be appended 11805 to other volumes that are generated as a result of StorageSpec objects. 11806 items: 11807 description: Volume represents a named volume in a pod that may 11808 be accessed by any container in the pod. 11809 properties: 11810 awsElasticBlockStore: 11811 description: 'AWSElasticBlockStore represents an AWS Disk resource 11812 that is attached to a kubelet''s host machine and then exposed 11813 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11814 properties: 11815 fsType: 11816 description: 'Filesystem type of the volume that you want 11817 to mount. Tip: Ensure that the filesystem type is supported 11818 by the host operating system. Examples: "ext4", "xfs", 11819 "ntfs". Implicitly inferred to be "ext4" if unspecified. 11820 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 11821 TODO: how do we prevent errors in the filesystem from 11822 compromising the machine' 11823 type: string 11824 partition: 11825 description: 'The partition in the volume that you want 11826 to mount. If omitted, the default is to mount by volume 11827 name. Examples: For volume /dev/sda1, you specify the 11828 partition as "1". Similarly, the volume partition for 11829 /dev/sda is "0" (or you can leave the property empty).' 11830 format: int32 11831 type: integer 11832 readOnly: 11833 description: 'Specify "true" to force and set the ReadOnly 11834 property in VolumeMounts to "true". If omitted, the default 11835 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11836 type: boolean 11837 volumeID: 11838 description: 'Unique ID of the persistent disk resource 11839 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 11840 type: string 11841 required: 11842 - volumeID 11843 type: object 11844 azureDisk: 11845 description: AzureDisk represents an Azure Data Disk mount on 11846 the host and bind mount to the pod. 11847 properties: 11848 cachingMode: 11849 description: 'Host Caching mode: None, Read Only, Read Write.' 11850 type: string 11851 diskName: 11852 description: The Name of the data disk in the blob storage 11853 type: string 11854 diskURI: 11855 description: The URI the data disk in the blob storage 11856 type: string 11857 fsType: 11858 description: Filesystem type to mount. Must be a filesystem 11859 type supported by the host operating system. Ex. "ext4", 11860 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 11861 type: string 11862 kind: 11863 description: 'Expected values Shared: multiple blob disks 11864 per storage account Dedicated: single blob disk per storage 11865 account Managed: azure managed data disk (only in managed 11866 availability set). defaults to shared' 11867 type: string 11868 readOnly: 11869 description: Defaults to false (read/write). ReadOnly here 11870 will force the ReadOnly setting in VolumeMounts. 11871 type: boolean 11872 required: 11873 - diskName 11874 - diskURI 11875 type: object 11876 azureFile: 11877 description: AzureFile represents an Azure File Service mount 11878 on the host and bind mount to the pod. 11879 properties: 11880 readOnly: 11881 description: Defaults to false (read/write). ReadOnly here 11882 will force the ReadOnly setting in VolumeMounts. 11883 type: boolean 11884 secretName: 11885 description: the name of secret that contains Azure Storage 11886 Account Name and Key 11887 type: string 11888 shareName: 11889 description: Share Name 11890 type: string 11891 required: 11892 - secretName 11893 - shareName 11894 type: object 11895 cephfs: 11896 description: CephFS represents a Ceph FS mount on the host that 11897 shares a pod's lifetime 11898 properties: 11899 monitors: 11900 description: 'Required: Monitors is a collection of Ceph 11901 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11902 items: 11903 type: string 11904 type: array 11905 path: 11906 description: 'Optional: Used as the mounted root, rather 11907 than the full Ceph tree, default is /' 11908 type: string 11909 readOnly: 11910 description: 'Optional: Defaults to false (read/write). 11911 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11912 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11913 type: boolean 11914 secretFile: 11915 description: 'Optional: SecretFile is the path to key ring 11916 for User, default is /etc/ceph/user.secret More info: 11917 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11918 type: string 11919 secretRef: 11920 description: 'Optional: SecretRef is reference to the authentication 11921 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11922 properties: 11923 name: 11924 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11925 TODO: Add other useful fields. apiVersion, kind, uid?' 11926 type: string 11927 type: object 11928 user: 11929 description: 'Optional: User is the rados user name, default 11930 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 11931 type: string 11932 required: 11933 - monitors 11934 type: object 11935 cinder: 11936 description: 'Cinder represents a cinder volume attached and 11937 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11938 properties: 11939 fsType: 11940 description: 'Filesystem type to mount. Must be a filesystem 11941 type supported by the host operating system. Examples: 11942 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 11943 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11944 type: string 11945 readOnly: 11946 description: 'Optional: Defaults to false (read/write). 11947 ReadOnly here will force the ReadOnly setting in VolumeMounts. 11948 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11949 type: boolean 11950 secretRef: 11951 description: 'Optional: points to a secret object containing 11952 parameters used to connect to OpenStack.' 11953 properties: 11954 name: 11955 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11956 TODO: Add other useful fields. apiVersion, kind, uid?' 11957 type: string 11958 type: object 11959 volumeID: 11960 description: 'volume id used to identify the volume in cinder. 11961 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 11962 type: string 11963 required: 11964 - volumeID 11965 type: object 11966 configMap: 11967 description: ConfigMap represents a configMap that should populate 11968 this volume 11969 properties: 11970 defaultMode: 11971 description: 'Optional: mode bits to use on created files 11972 by default. Must be a value between 0 and 0777. Defaults 11973 to 0644. Directories within the path are not affected 11974 by this setting. This might be in conflict with other 11975 options that affect the file mode, like fsGroup, and the 11976 result can be other mode bits set.' 11977 format: int32 11978 type: integer 11979 items: 11980 description: If unspecified, each key-value pair in the 11981 Data field of the referenced ConfigMap will be projected 11982 into the volume as a file whose name is the key and content 11983 is the value. If specified, the listed keys will be projected 11984 into the specified paths, and unlisted keys will not be 11985 present. If a key is specified which is not present in 11986 the ConfigMap, the volume setup will error unless it is 11987 marked optional. Paths must be relative and may not contain 11988 the '..' path or start with '..'. 11989 items: 11990 description: Maps a string key to a path within a volume. 11991 properties: 11992 key: 11993 description: The key to project. 11994 type: string 11995 mode: 11996 description: 'Optional: mode bits to use on this file, 11997 must be a value between 0 and 0777. If not specified, 11998 the volume defaultMode will be used. This might 11999 be in conflict with other options that affect the 12000 file mode, like fsGroup, and the result can be other 12001 mode bits set.' 12002 format: int32 12003 type: integer 12004 path: 12005 description: The relative path of the file to map 12006 the key to. May not be an absolute path. May not 12007 contain the path element '..'. May not start with 12008 the string '..'. 12009 type: string 12010 required: 12011 - key 12012 - path 12013 type: object 12014 type: array 12015 name: 12016 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12017 TODO: Add other useful fields. apiVersion, kind, uid?' 12018 type: string 12019 optional: 12020 description: Specify whether the ConfigMap or its keys must 12021 be defined 12022 type: boolean 12023 type: object 12024 csi: 12025 description: CSI (Container Storage Interface) represents storage 12026 that is handled by an external CSI driver (Alpha feature). 12027 properties: 12028 driver: 12029 description: Driver is the name of the CSI driver that handles 12030 this volume. Consult with your admin for the correct name 12031 as registered in the cluster. 12032 type: string 12033 fsType: 12034 description: Filesystem type to mount. Ex. "ext4", "xfs", 12035 "ntfs". If not provided, the empty value is passed to 12036 the associated CSI driver which will determine the default 12037 filesystem to apply. 12038 type: string 12039 nodePublishSecretRef: 12040 description: NodePublishSecretRef is a reference to the 12041 secret object containing sensitive information to pass 12042 to the CSI driver to complete the CSI NodePublishVolume 12043 and NodeUnpublishVolume calls. This field is optional, 12044 and may be empty if no secret is required. If the secret 12045 object contains more than one secret, all secret references 12046 are passed. 12047 properties: 12048 name: 12049 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12050 TODO: Add other useful fields. apiVersion, kind, uid?' 12051 type: string 12052 type: object 12053 readOnly: 12054 description: Specifies a read-only configuration for the 12055 volume. Defaults to false (read/write). 12056 type: boolean 12057 volumeAttributes: 12058 additionalProperties: 12059 type: string 12060 description: VolumeAttributes stores driver-specific properties 12061 that are passed to the CSI driver. Consult your driver's 12062 documentation for supported values. 12063 type: object 12064 required: 12065 - driver 12066 type: object 12067 downwardAPI: 12068 description: DownwardAPI represents downward API about the pod 12069 that should populate this volume 12070 properties: 12071 defaultMode: 12072 description: 'Optional: mode bits to use on created files 12073 by default. Must be a value between 0 and 0777. Defaults 12074 to 0644. Directories within the path are not affected 12075 by this setting. This might be in conflict with other 12076 options that affect the file mode, like fsGroup, and the 12077 result can be other mode bits set.' 12078 format: int32 12079 type: integer 12080 items: 12081 description: Items is a list of downward API volume file 12082 items: 12083 description: DownwardAPIVolumeFile represents information 12084 to create the file containing the pod field 12085 properties: 12086 fieldRef: 12087 description: 'Required: Selects a field of the pod: 12088 only annotations, labels, name and namespace are 12089 supported.' 12090 properties: 12091 apiVersion: 12092 description: Version of the schema the FieldPath 12093 is written in terms of, defaults to "v1". 12094 type: string 12095 fieldPath: 12096 description: Path of the field to select in the 12097 specified API version. 12098 type: string 12099 required: 12100 - fieldPath 12101 type: object 12102 mode: 12103 description: 'Optional: mode bits to use on this file, 12104 must be a value between 0 and 0777. If not specified, 12105 the volume defaultMode will be used. This might 12106 be in conflict with other options that affect the 12107 file mode, like fsGroup, and the result can be other 12108 mode bits set.' 12109 format: int32 12110 type: integer 12111 path: 12112 description: 'Required: Path is the relative path 12113 name of the file to be created. Must not be absolute 12114 or contain the ''..'' path. Must be utf-8 encoded. 12115 The first item of the relative path must not start 12116 with ''..''' 12117 type: string 12118 resourceFieldRef: 12119 description: 'Selects a resource of the container: 12120 only resources limits and requests (limits.cpu, 12121 limits.memory, requests.cpu and requests.memory) 12122 are currently supported.' 12123 properties: 12124 containerName: 12125 description: 'Container name: required for volumes, 12126 optional for env vars' 12127 type: string 12128 divisor: 12129 description: Specifies the output format of the 12130 exposed resources, defaults to "1" 12131 type: string 12132 resource: 12133 description: 'Required: resource to select' 12134 type: string 12135 required: 12136 - resource 12137 type: object 12138 required: 12139 - path 12140 type: object 12141 type: array 12142 type: object 12143 emptyDir: 12144 description: 'EmptyDir represents a temporary directory that 12145 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 12146 properties: 12147 medium: 12148 description: 'What type of storage medium should back this 12149 directory. The default is "" which means to use the node''s 12150 default medium. Must be an empty string (default) or Memory. 12151 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 12152 type: string 12153 sizeLimit: 12154 description: 'Total amount of local storage required for 12155 this EmptyDir volume. The size limit is also applicable 12156 for memory medium. The maximum usage on memory medium 12157 EmptyDir would be the minimum value between the SizeLimit 12158 specified here and the sum of memory limits of all containers 12159 in a pod. The default is nil which means that the limit 12160 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 12161 type: string 12162 type: object 12163 fc: 12164 description: FC represents a Fibre Channel resource that is 12165 attached to a kubelet's host machine and then exposed to the 12166 pod. 12167 properties: 12168 fsType: 12169 description: 'Filesystem type to mount. Must be a filesystem 12170 type supported by the host operating system. Ex. "ext4", 12171 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 12172 TODO: how do we prevent errors in the filesystem from 12173 compromising the machine' 12174 type: string 12175 lun: 12176 description: 'Optional: FC target lun number' 12177 format: int32 12178 type: integer 12179 readOnly: 12180 description: 'Optional: Defaults to false (read/write). 12181 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 12182 type: boolean 12183 targetWWNs: 12184 description: 'Optional: FC target worldwide names (WWNs)' 12185 items: 12186 type: string 12187 type: array 12188 wwids: 12189 description: 'Optional: FC volume world wide identifiers 12190 (wwids) Either wwids or combination of targetWWNs and 12191 lun must be set, but not both simultaneously.' 12192 items: 12193 type: string 12194 type: array 12195 type: object 12196 flexVolume: 12197 description: FlexVolume represents a generic volume resource 12198 that is provisioned/attached using an exec based plugin. 12199 properties: 12200 driver: 12201 description: Driver is the name of the driver to use for 12202 this volume. 12203 type: string 12204 fsType: 12205 description: Filesystem type to mount. Must be a filesystem 12206 type supported by the host operating system. Ex. "ext4", 12207 "xfs", "ntfs". The default filesystem depends on FlexVolume 12208 script. 12209 type: string 12210 options: 12211 additionalProperties: 12212 type: string 12213 description: 'Optional: Extra command options if any.' 12214 type: object 12215 readOnly: 12216 description: 'Optional: Defaults to false (read/write). 12217 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 12218 type: boolean 12219 secretRef: 12220 description: 'Optional: SecretRef is reference to the secret 12221 object containing sensitive information to pass to the 12222 plugin scripts. This may be empty if no secret object 12223 is specified. If the secret object contains more than 12224 one secret, all secrets are passed to the plugin scripts.' 12225 properties: 12226 name: 12227 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12228 TODO: Add other useful fields. apiVersion, kind, uid?' 12229 type: string 12230 type: object 12231 required: 12232 - driver 12233 type: object 12234 flocker: 12235 description: Flocker represents a Flocker volume attached to 12236 a kubelet's host machine. This depends on the Flocker control 12237 service being running 12238 properties: 12239 datasetName: 12240 description: Name of the dataset stored as metadata -> name 12241 on the dataset for Flocker should be considered as deprecated 12242 type: string 12243 datasetUUID: 12244 description: UUID of the dataset. This is unique identifier 12245 of a Flocker dataset 12246 type: string 12247 type: object 12248 gcePersistentDisk: 12249 description: 'GCEPersistentDisk represents a GCE Disk resource 12250 that is attached to a kubelet''s host machine and then exposed 12251 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12252 properties: 12253 fsType: 12254 description: 'Filesystem type of the volume that you want 12255 to mount. Tip: Ensure that the filesystem type is supported 12256 by the host operating system. Examples: "ext4", "xfs", 12257 "ntfs". Implicitly inferred to be "ext4" if unspecified. 12258 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 12259 TODO: how do we prevent errors in the filesystem from 12260 compromising the machine' 12261 type: string 12262 partition: 12263 description: 'The partition in the volume that you want 12264 to mount. If omitted, the default is to mount by volume 12265 name. Examples: For volume /dev/sda1, you specify the 12266 partition as "1". Similarly, the volume partition for 12267 /dev/sda is "0" (or you can leave the property empty). 12268 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12269 format: int32 12270 type: integer 12271 pdName: 12272 description: 'Unique name of the PD resource in GCE. Used 12273 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12274 type: string 12275 readOnly: 12276 description: 'ReadOnly here will force the ReadOnly setting 12277 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 12278 type: boolean 12279 required: 12280 - pdName 12281 type: object 12282 gitRepo: 12283 description: 'GitRepo represents a git repository at a particular 12284 revision. DEPRECATED: GitRepo is deprecated. To provision 12285 a container with a git repo, mount an EmptyDir into an InitContainer 12286 that clones the repo using git, then mount the EmptyDir into 12287 the Pod''s container.' 12288 properties: 12289 directory: 12290 description: Target directory name. Must not contain or 12291 start with '..'. If '.' is supplied, the volume directory 12292 will be the git repository. Otherwise, if specified, 12293 the volume will contain the git repository in the subdirectory 12294 with the given name. 12295 type: string 12296 repository: 12297 description: Repository URL 12298 type: string 12299 revision: 12300 description: Commit hash for the specified revision. 12301 type: string 12302 required: 12303 - repository 12304 type: object 12305 glusterfs: 12306 description: 'Glusterfs represents a Glusterfs mount on the 12307 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 12308 properties: 12309 endpoints: 12310 description: 'EndpointsName is the endpoint name that details 12311 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12312 type: string 12313 path: 12314 description: 'Path is the Glusterfs volume path. More info: 12315 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12316 type: string 12317 readOnly: 12318 description: 'ReadOnly here will force the Glusterfs volume 12319 to be mounted with read-only permissions. Defaults to 12320 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 12321 type: boolean 12322 required: 12323 - endpoints 12324 - path 12325 type: object 12326 hostPath: 12327 description: 'HostPath represents a pre-existing file or directory 12328 on the host machine that is directly exposed to the container. 12329 This is generally used for system agents or other privileged 12330 things that are allowed to see the host machine. Most containers 12331 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 12332 --- TODO(jonesdl) We need to restrict who can use host directory 12333 mounts and who can/can not mount host directories as read/write.' 12334 properties: 12335 path: 12336 description: 'Path of the directory on the host. If the 12337 path is a symlink, it will follow the link to the real 12338 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12339 type: string 12340 type: 12341 description: 'Type for HostPath Volume Defaults to "" More 12342 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 12343 type: string 12344 required: 12345 - path 12346 type: object 12347 iscsi: 12348 description: 'ISCSI represents an ISCSI Disk resource that is 12349 attached to a kubelet''s host machine and then exposed to 12350 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 12351 properties: 12352 chapAuthDiscovery: 12353 description: whether support iSCSI Discovery CHAP authentication 12354 type: boolean 12355 chapAuthSession: 12356 description: whether support iSCSI Session CHAP authentication 12357 type: boolean 12358 fsType: 12359 description: 'Filesystem type of the volume that you want 12360 to mount. Tip: Ensure that the filesystem type is supported 12361 by the host operating system. Examples: "ext4", "xfs", 12362 "ntfs". Implicitly inferred to be "ext4" if unspecified. 12363 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 12364 TODO: how do we prevent errors in the filesystem from 12365 compromising the machine' 12366 type: string 12367 initiatorName: 12368 description: Custom iSCSI Initiator Name. If initiatorName 12369 is specified with iscsiInterface simultaneously, new iSCSI 12370 interface <target portal>:<volume name> will be created 12371 for the connection. 12372 type: string 12373 iqn: 12374 description: Target iSCSI Qualified Name. 12375 type: string 12376 iscsiInterface: 12377 description: iSCSI Interface Name that uses an iSCSI transport. 12378 Defaults to 'default' (tcp). 12379 type: string 12380 lun: 12381 description: iSCSI Target Lun number. 12382 format: int32 12383 type: integer 12384 portals: 12385 description: iSCSI Target Portal List. The portal is either 12386 an IP or ip_addr:port if the port is other than default 12387 (typically TCP ports 860 and 3260). 12388 items: 12389 type: string 12390 type: array 12391 readOnly: 12392 description: ReadOnly here will force the ReadOnly setting 12393 in VolumeMounts. Defaults to false. 12394 type: boolean 12395 secretRef: 12396 description: CHAP Secret for iSCSI target and initiator 12397 authentication 12398 properties: 12399 name: 12400 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12401 TODO: Add other useful fields. apiVersion, kind, uid?' 12402 type: string 12403 type: object 12404 targetPortal: 12405 description: iSCSI Target Portal. The Portal is either an 12406 IP or ip_addr:port if the port is other than default (typically 12407 TCP ports 860 and 3260). 12408 type: string 12409 required: 12410 - iqn 12411 - lun 12412 - targetPortal 12413 type: object 12414 name: 12415 description: 'Volume''s name. Must be a DNS_LABEL and unique 12416 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 12417 type: string 12418 nfs: 12419 description: 'NFS represents an NFS mount on the host that shares 12420 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12421 properties: 12422 path: 12423 description: 'Path that is exported by the NFS server. More 12424 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12425 type: string 12426 readOnly: 12427 description: 'ReadOnly here will force the NFS export to 12428 be mounted with read-only permissions. Defaults to false. 12429 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12430 type: boolean 12431 server: 12432 description: 'Server is the hostname or IP address of the 12433 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 12434 type: string 12435 required: 12436 - path 12437 - server 12438 type: object 12439 persistentVolumeClaim: 12440 description: 'PersistentVolumeClaimVolumeSource represents a 12441 reference to a PersistentVolumeClaim in the same namespace. 12442 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12443 properties: 12444 claimName: 12445 description: 'ClaimName is the name of a PersistentVolumeClaim 12446 in the same namespace as the pod using this volume. More 12447 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 12448 type: string 12449 readOnly: 12450 description: Will force the ReadOnly setting in VolumeMounts. 12451 Default false. 12452 type: boolean 12453 required: 12454 - claimName 12455 type: object 12456 photonPersistentDisk: 12457 description: PhotonPersistentDisk represents a PhotonController 12458 persistent disk attached and mounted on kubelets host machine 12459 properties: 12460 fsType: 12461 description: Filesystem type to mount. Must be a filesystem 12462 type supported by the host operating system. Ex. "ext4", 12463 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 12464 type: string 12465 pdID: 12466 description: ID that identifies Photon Controller persistent 12467 disk 12468 type: string 12469 required: 12470 - pdID 12471 type: object 12472 portworxVolume: 12473 description: PortworxVolume represents a portworx volume attached 12474 and mounted on kubelets host machine 12475 properties: 12476 fsType: 12477 description: FSType represents the filesystem type to mount 12478 Must be a filesystem type supported by the host operating 12479 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 12480 if unspecified. 12481 type: string 12482 readOnly: 12483 description: Defaults to false (read/write). ReadOnly here 12484 will force the ReadOnly setting in VolumeMounts. 12485 type: boolean 12486 volumeID: 12487 description: VolumeID uniquely identifies a Portworx volume 12488 type: string 12489 required: 12490 - volumeID 12491 type: object 12492 projected: 12493 description: Items for all in one resources secrets, configmaps, 12494 and downward API 12495 properties: 12496 defaultMode: 12497 description: Mode bits to use on created files by default. 12498 Must be a value between 0 and 0777. Directories within 12499 the path are not affected by this setting. This might 12500 be in conflict with other options that affect the file 12501 mode, like fsGroup, and the result can be other mode bits 12502 set. 12503 format: int32 12504 type: integer 12505 sources: 12506 description: list of volume projections 12507 items: 12508 description: Projection that may be projected along with 12509 other supported volume types 12510 properties: 12511 configMap: 12512 description: information about the configMap data 12513 to project 12514 properties: 12515 items: 12516 description: If unspecified, each key-value pair 12517 in the Data field of the referenced ConfigMap 12518 will be projected into the volume as a file 12519 whose name is the key and content is the value. 12520 If specified, the listed keys will be projected 12521 into the specified paths, and unlisted keys 12522 will not be present. If a key is specified which 12523 is not present in the ConfigMap, the volume 12524 setup will error unless it is marked optional. 12525 Paths must be relative and may not contain the 12526 '..' path or start with '..'. 12527 items: 12528 description: Maps a string key to a path within 12529 a volume. 12530 properties: 12531 key: 12532 description: The key to project. 12533 type: string 12534 mode: 12535 description: 'Optional: mode bits to use 12536 on this file, must be a value between 12537 0 and 0777. If not specified, the volume 12538 defaultMode will be used. This might be 12539 in conflict with other options that affect 12540 the file mode, like fsGroup, and the result 12541 can be other mode bits set.' 12542 format: int32 12543 type: integer 12544 path: 12545 description: The relative path of the file 12546 to map the key to. May not be an absolute 12547 path. May not contain the path element 12548 '..'. May not start with the string '..'. 12549 type: string 12550 required: 12551 - key 12552 - path 12553 type: object 12554 type: array 12555 name: 12556 description: 'Name of the referent. More info: 12557 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12558 TODO: Add other useful fields. apiVersion, kind, 12559 uid?' 12560 type: string 12561 optional: 12562 description: Specify whether the ConfigMap or 12563 its keys must be defined 12564 type: boolean 12565 type: object 12566 downwardAPI: 12567 description: information about the downwardAPI data 12568 to project 12569 properties: 12570 items: 12571 description: Items is a list of DownwardAPIVolume 12572 file 12573 items: 12574 description: DownwardAPIVolumeFile represents 12575 information to create the file containing 12576 the pod field 12577 properties: 12578 fieldRef: 12579 description: 'Required: Selects a field 12580 of the pod: only annotations, labels, 12581 name and namespace are supported.' 12582 properties: 12583 apiVersion: 12584 description: Version of the schema the 12585 FieldPath is written in terms of, 12586 defaults to "v1". 12587 type: string 12588 fieldPath: 12589 description: Path of the field to select 12590 in the specified API version. 12591 type: string 12592 required: 12593 - fieldPath 12594 type: object 12595 mode: 12596 description: 'Optional: mode bits to use 12597 on this file, must be a value between 12598 0 and 0777. If not specified, the volume 12599 defaultMode will be used. This might be 12600 in conflict with other options that affect 12601 the file mode, like fsGroup, and the result 12602 can be other mode bits set.' 12603 format: int32 12604 type: integer 12605 path: 12606 description: 'Required: Path is the relative 12607 path name of the file to be created. Must 12608 not be absolute or contain the ''..'' 12609 path. Must be utf-8 encoded. The first 12610 item of the relative path must not start 12611 with ''..''' 12612 type: string 12613 resourceFieldRef: 12614 description: 'Selects a resource of the 12615 container: only resources limits and requests 12616 (limits.cpu, limits.memory, requests.cpu 12617 and requests.memory) are currently supported.' 12618 properties: 12619 containerName: 12620 description: 'Container name: required 12621 for volumes, optional for env vars' 12622 type: string 12623 divisor: 12624 description: Specifies the output format 12625 of the exposed resources, defaults 12626 to "1" 12627 type: string 12628 resource: 12629 description: 'Required: resource to 12630 select' 12631 type: string 12632 required: 12633 - resource 12634 type: object 12635 required: 12636 - path 12637 type: object 12638 type: array 12639 type: object 12640 secret: 12641 description: information about the secret data to 12642 project 12643 properties: 12644 items: 12645 description: If unspecified, each key-value pair 12646 in the Data field of the referenced Secret will 12647 be projected into the volume as a file whose 12648 name is the key and content is the value. If 12649 specified, the listed keys will be projected 12650 into the specified paths, and unlisted keys 12651 will not be present. If a key is specified which 12652 is not present in the Secret, the volume setup 12653 will error unless it is marked optional. Paths 12654 must be relative and may not contain the '..' 12655 path or start with '..'. 12656 items: 12657 description: Maps a string key to a path within 12658 a volume. 12659 properties: 12660 key: 12661 description: The key to project. 12662 type: string 12663 mode: 12664 description: 'Optional: mode bits to use 12665 on this file, must be a value between 12666 0 and 0777. If not specified, the volume 12667 defaultMode will be used. This might be 12668 in conflict with other options that affect 12669 the file mode, like fsGroup, and the result 12670 can be other mode bits set.' 12671 format: int32 12672 type: integer 12673 path: 12674 description: The relative path of the file 12675 to map the key to. May not be an absolute 12676 path. May not contain the path element 12677 '..'. May not start with the string '..'. 12678 type: string 12679 required: 12680 - key 12681 - path 12682 type: object 12683 type: array 12684 name: 12685 description: 'Name of the referent. More info: 12686 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12687 TODO: Add other useful fields. apiVersion, kind, 12688 uid?' 12689 type: string 12690 optional: 12691 description: Specify whether the Secret or its 12692 key must be defined 12693 type: boolean 12694 type: object 12695 serviceAccountToken: 12696 description: information about the serviceAccountToken 12697 data to project 12698 properties: 12699 audience: 12700 description: Audience is the intended audience 12701 of the token. A recipient of a token must identify 12702 itself with an identifier specified in the audience 12703 of the token, and otherwise should reject the 12704 token. The audience defaults to the identifier 12705 of the apiserver. 12706 type: string 12707 expirationSeconds: 12708 description: ExpirationSeconds is the requested 12709 duration of validity of the service account 12710 token. As the token approaches expiration, the 12711 kubelet volume plugin will proactively rotate 12712 the service account token. The kubelet will 12713 start trying to rotate the token if the token 12714 is older than 80 percent of its time to live 12715 or if the token is older than 24 hours.Defaults 12716 to 1 hour and must be at least 10 minutes. 12717 format: int64 12718 type: integer 12719 path: 12720 description: Path is the path relative to the 12721 mount point of the file to project the token 12722 into. 12723 type: string 12724 required: 12725 - path 12726 type: object 12727 type: object 12728 type: array 12729 required: 12730 - sources 12731 type: object 12732 quobyte: 12733 description: Quobyte represents a Quobyte mount on the host 12734 that shares a pod's lifetime 12735 properties: 12736 group: 12737 description: Group to map volume access to Default is no 12738 group 12739 type: string 12740 readOnly: 12741 description: ReadOnly here will force the Quobyte volume 12742 to be mounted with read-only permissions. Defaults to 12743 false. 12744 type: boolean 12745 registry: 12746 description: Registry represents a single or multiple Quobyte 12747 Registry services specified as a string as host:port pair 12748 (multiple entries are separated with commas) which acts 12749 as the central registry for volumes 12750 type: string 12751 tenant: 12752 description: Tenant owning the given Quobyte volume in the 12753 Backend Used with dynamically provisioned Quobyte volumes, 12754 value is set by the plugin 12755 type: string 12756 user: 12757 description: User to map volume access to Defaults to serivceaccount 12758 user 12759 type: string 12760 volume: 12761 description: Volume is a string that references an already 12762 created Quobyte volume by name. 12763 type: string 12764 required: 12765 - registry 12766 - volume 12767 type: object 12768 rbd: 12769 description: 'RBD represents a Rados Block Device mount on the 12770 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 12771 properties: 12772 fsType: 12773 description: 'Filesystem type of the volume that you want 12774 to mount. Tip: Ensure that the filesystem type is supported 12775 by the host operating system. Examples: "ext4", "xfs", 12776 "ntfs". Implicitly inferred to be "ext4" if unspecified. 12777 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 12778 TODO: how do we prevent errors in the filesystem from 12779 compromising the machine' 12780 type: string 12781 image: 12782 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12783 type: string 12784 keyring: 12785 description: 'Keyring is the path to key ring for RBDUser. 12786 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12787 type: string 12788 monitors: 12789 description: 'A collection of Ceph monitors. More info: 12790 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12791 items: 12792 type: string 12793 type: array 12794 pool: 12795 description: 'The rados pool name. Default is rbd. More 12796 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12797 type: string 12798 readOnly: 12799 description: 'ReadOnly here will force the ReadOnly setting 12800 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12801 type: boolean 12802 secretRef: 12803 description: 'SecretRef is name of the authentication secret 12804 for RBDUser. If provided overrides keyring. Default is 12805 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12806 properties: 12807 name: 12808 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12809 TODO: Add other useful fields. apiVersion, kind, uid?' 12810 type: string 12811 type: object 12812 user: 12813 description: 'The rados user name. Default is admin. More 12814 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 12815 type: string 12816 required: 12817 - image 12818 - monitors 12819 type: object 12820 scaleIO: 12821 description: ScaleIO represents a ScaleIO persistent volume 12822 attached and mounted on Kubernetes nodes. 12823 properties: 12824 fsType: 12825 description: Filesystem type to mount. Must be a filesystem 12826 type supported by the host operating system. Ex. "ext4", 12827 "xfs", "ntfs". Default is "xfs". 12828 type: string 12829 gateway: 12830 description: The host address of the ScaleIO API Gateway. 12831 type: string 12832 protectionDomain: 12833 description: The name of the ScaleIO Protection Domain for 12834 the configured storage. 12835 type: string 12836 readOnly: 12837 description: Defaults to false (read/write). ReadOnly here 12838 will force the ReadOnly setting in VolumeMounts. 12839 type: boolean 12840 secretRef: 12841 description: SecretRef references to the secret for ScaleIO 12842 user and other sensitive information. If this is not provided, 12843 Login operation will fail. 12844 properties: 12845 name: 12846 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12847 TODO: Add other useful fields. apiVersion, kind, uid?' 12848 type: string 12849 type: object 12850 sslEnabled: 12851 description: Flag to enable/disable SSL communication with 12852 Gateway, default false 12853 type: boolean 12854 storageMode: 12855 description: Indicates whether the storage for a volume 12856 should be ThickProvisioned or ThinProvisioned. Default 12857 is ThinProvisioned. 12858 type: string 12859 storagePool: 12860 description: The ScaleIO Storage Pool associated with the 12861 protection domain. 12862 type: string 12863 system: 12864 description: The name of the storage system as configured 12865 in ScaleIO. 12866 type: string 12867 volumeName: 12868 description: The name of a volume already created in the 12869 ScaleIO system that is associated with this volume source. 12870 type: string 12871 required: 12872 - gateway 12873 - secretRef 12874 - system 12875 type: object 12876 secret: 12877 description: 'Secret represents a secret that should populate 12878 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12879 properties: 12880 defaultMode: 12881 description: 'Optional: mode bits to use on created files 12882 by default. Must be a value between 0 and 0777. Defaults 12883 to 0644. Directories within the path are not affected 12884 by this setting. This might be in conflict with other 12885 options that affect the file mode, like fsGroup, and the 12886 result can be other mode bits set.' 12887 format: int32 12888 type: integer 12889 items: 12890 description: If unspecified, each key-value pair in the 12891 Data field of the referenced Secret will be projected 12892 into the volume as a file whose name is the key and content 12893 is the value. If specified, the listed keys will be projected 12894 into the specified paths, and unlisted keys will not be 12895 present. If a key is specified which is not present in 12896 the Secret, the volume setup will error unless it is marked 12897 optional. Paths must be relative and may not contain the 12898 '..' path or start with '..'. 12899 items: 12900 description: Maps a string key to a path within a volume. 12901 properties: 12902 key: 12903 description: The key to project. 12904 type: string 12905 mode: 12906 description: 'Optional: mode bits to use on this file, 12907 must be a value between 0 and 0777. If not specified, 12908 the volume defaultMode will be used. This might 12909 be in conflict with other options that affect the 12910 file mode, like fsGroup, and the result can be other 12911 mode bits set.' 12912 format: int32 12913 type: integer 12914 path: 12915 description: The relative path of the file to map 12916 the key to. May not be an absolute path. May not 12917 contain the path element '..'. May not start with 12918 the string '..'. 12919 type: string 12920 required: 12921 - key 12922 - path 12923 type: object 12924 type: array 12925 optional: 12926 description: Specify whether the Secret or its keys must 12927 be defined 12928 type: boolean 12929 secretName: 12930 description: 'Name of the secret in the pod''s namespace 12931 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 12932 type: string 12933 type: object 12934 storageos: 12935 description: StorageOS represents a StorageOS volume attached 12936 and mounted on Kubernetes nodes. 12937 properties: 12938 fsType: 12939 description: Filesystem type to mount. Must be a filesystem 12940 type supported by the host operating system. Ex. "ext4", 12941 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 12942 type: string 12943 readOnly: 12944 description: Defaults to false (read/write). ReadOnly here 12945 will force the ReadOnly setting in VolumeMounts. 12946 type: boolean 12947 secretRef: 12948 description: SecretRef specifies the secret to use for obtaining 12949 the StorageOS API credentials. If not specified, default 12950 values will be attempted. 12951 properties: 12952 name: 12953 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12954 TODO: Add other useful fields. apiVersion, kind, uid?' 12955 type: string 12956 type: object 12957 volumeName: 12958 description: VolumeName is the human-readable name of the 12959 StorageOS volume. Volume names are only unique within 12960 a namespace. 12961 type: string 12962 volumeNamespace: 12963 description: VolumeNamespace specifies the scope of the 12964 volume within StorageOS. If no namespace is specified 12965 then the Pod's namespace will be used. This allows the 12966 Kubernetes name scoping to be mirrored within StorageOS 12967 for tighter integration. Set VolumeName to any name to 12968 override the default behaviour. Set to "default" if you 12969 are not using namespaces within StorageOS. Namespaces 12970 that do not pre-exist within StorageOS will be created. 12971 type: string 12972 type: object 12973 vsphereVolume: 12974 description: VsphereVolume represents a vSphere volume attached 12975 and mounted on kubelets host machine 12976 properties: 12977 fsType: 12978 description: Filesystem type to mount. Must be a filesystem 12979 type supported by the host operating system. Ex. "ext4", 12980 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 12981 type: string 12982 storagePolicyID: 12983 description: Storage Policy Based Management (SPBM) profile 12984 ID associated with the StoragePolicyName. 12985 type: string 12986 storagePolicyName: 12987 description: Storage Policy Based Management (SPBM) profile 12988 name. 12989 type: string 12990 volumePath: 12991 description: Path that identifies vSphere volume vmdk 12992 type: string 12993 required: 12994 - volumePath 12995 type: object 12996 required: 12997 - name 12998 type: object 12999 type: array 13000 walCompression: 13001 description: Enable compression of the write-ahead log using Snappy. 13002 This flag is only available in versions of Prometheus >= 2.11.0. 13003 type: boolean 13004 web: 13005 description: WebSpec defines the web command line flags when starting 13006 Prometheus. 13007 properties: 13008 pageTitle: 13009 description: The prometheus web page title 13010 type: string 13011 type: object 13012 type: object 13013 status: 13014 description: 'Most recent observed status of the Prometheus cluster. Read-only. 13015 Not included when requesting from the apiserver, only from the Prometheus 13016 Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 13017 properties: 13018 availableReplicas: 13019 description: Total number of available pods (ready for at least minReadySeconds) 13020 targeted by this Prometheus deployment. 13021 format: int32 13022 type: integer 13023 paused: 13024 description: Represents whether any actions on the underlying managed 13025 objects are being performed. Only delete actions will be performed. 13026 type: boolean 13027 replicas: 13028 description: Total number of non-terminated pods targeted by this 13029 Prometheus deployment (their labels match the selector). 13030 format: int32 13031 type: integer 13032 unavailableReplicas: 13033 description: Total number of unavailable pods targeted by this Prometheus 13034 deployment. 13035 format: int32 13036 type: integer 13037 updatedReplicas: 13038 description: Total number of non-terminated pods targeted by this 13039 Prometheus deployment that have the desired version spec. 13040 format: int32 13041 type: integer 13042 required: 13043 - availableReplicas 13044 - paused 13045 - replicas 13046 - unavailableReplicas 13047 - updatedReplicas 13048 type: object 13049 required: 13050 - spec 13051 type: object 13052 served: true 13053 storage: true 13054 subresources: {} 13055 status: 13056 acceptedNames: 13057 kind: "" 13058 plural: "" 13059 conditions: [] 13060 storedVersions: [] 13061 --- 13062 13063 --- 13064 apiVersion: apiextensions.k8s.io/v1 13065 kind: CustomResourceDefinition 13066 metadata: 13067 annotations: 13068 controller-gen.kubebuilder.io/version: v0.2.4 13069 creationTimestamp: null 13070 name: prometheusrules.monitoring.coreos.com 13071 spec: 13072 group: monitoring.coreos.com 13073 names: 13074 kind: PrometheusRule 13075 listKind: PrometheusRuleList 13076 plural: prometheusrules 13077 singular: prometheusrule 13078 scope: Namespaced 13079 versions: 13080 - name: v1 13081 schema: 13082 openAPIV3Schema: 13083 description: PrometheusRule defines alerting rules for a Prometheus instance 13084 properties: 13085 apiVersion: 13086 description: 'APIVersion defines the versioned schema of this representation 13087 of an object. Servers should convert recognized schemas to the latest 13088 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 13089 type: string 13090 kind: 13091 description: 'Kind is a string value representing the REST resource this 13092 object represents. Servers may infer this from the endpoint the client 13093 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13094 type: string 13095 metadata: 13096 type: object 13097 spec: 13098 description: Specification of desired alerting rule definitions for Prometheus. 13099 properties: 13100 groups: 13101 description: Content of Prometheus rule file 13102 items: 13103 description: 'RuleGroup is a list of sequentially evaluated recording 13104 and alerting rules. Note: PartialResponseStrategy is only used 13105 by ThanosRuler and will be ignored by Prometheus instances. Valid 13106 values for this field are ''warn'' or ''abort''. More info: https://github.com/thanos-io/thanos/blob/master/docs/components/rule.md#partial-response' 13107 properties: 13108 interval: 13109 type: string 13110 name: 13111 type: string 13112 partial_response_strategy: 13113 type: string 13114 rules: 13115 items: 13116 description: Rule describes an alerting or recording rule. 13117 properties: 13118 alert: 13119 type: string 13120 annotations: 13121 additionalProperties: 13122 type: string 13123 type: object 13124 expr: 13125 anyOf: 13126 - type: integer 13127 - type: string 13128 x-kubernetes-int-or-string: true 13129 for: 13130 type: string 13131 labels: 13132 additionalProperties: 13133 type: string 13134 type: object 13135 record: 13136 type: string 13137 required: 13138 - expr 13139 type: object 13140 type: array 13141 required: 13142 - name 13143 - rules 13144 type: object 13145 type: array 13146 type: object 13147 required: 13148 - spec 13149 type: object 13150 served: true 13151 storage: true 13152 status: 13153 acceptedNames: 13154 kind: "" 13155 plural: "" 13156 conditions: [] 13157 storedVersions: [] 13158 --- 13159 13160 --- 13161 apiVersion: apiextensions.k8s.io/v1 13162 kind: CustomResourceDefinition 13163 metadata: 13164 annotations: 13165 controller-gen.kubebuilder.io/version: v0.2.4 13166 creationTimestamp: null 13167 name: servicemonitors.monitoring.coreos.com 13168 spec: 13169 group: monitoring.coreos.com 13170 names: 13171 kind: ServiceMonitor 13172 listKind: ServiceMonitorList 13173 plural: servicemonitors 13174 singular: servicemonitor 13175 scope: Namespaced 13176 versions: 13177 - name: v1 13178 schema: 13179 openAPIV3Schema: 13180 description: ServiceMonitor defines monitoring for a set of services. 13181 properties: 13182 apiVersion: 13183 description: 'APIVersion defines the versioned schema of this representation 13184 of an object. Servers should convert recognized schemas to the latest 13185 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 13186 type: string 13187 kind: 13188 description: 'Kind is a string value representing the REST resource this 13189 object represents. Servers may infer this from the endpoint the client 13190 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13191 type: string 13192 metadata: 13193 type: object 13194 spec: 13195 description: Specification of desired Service selection for target discovery 13196 by Prometheus. 13197 properties: 13198 endpoints: 13199 description: A list of endpoints allowed as part of this ServiceMonitor. 13200 items: 13201 description: Endpoint defines a scrapeable endpoint serving Prometheus 13202 metrics. 13203 properties: 13204 basicAuth: 13205 description: 'BasicAuth allow an endpoint to authenticate over 13206 basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 13207 properties: 13208 password: 13209 description: The secret in the service monitor namespace 13210 that contains the password for authentication. 13211 properties: 13212 key: 13213 description: The key of the secret to select from. Must 13214 be a valid secret key. 13215 type: string 13216 name: 13217 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13218 TODO: Add other useful fields. apiVersion, kind, uid?' 13219 type: string 13220 optional: 13221 description: Specify whether the Secret or its key must 13222 be defined 13223 type: boolean 13224 required: 13225 - key 13226 type: object 13227 username: 13228 description: The secret in the service monitor namespace 13229 that contains the username for authentication. 13230 properties: 13231 key: 13232 description: The key of the secret to select from. Must 13233 be a valid secret key. 13234 type: string 13235 name: 13236 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13237 TODO: Add other useful fields. apiVersion, kind, uid?' 13238 type: string 13239 optional: 13240 description: Specify whether the Secret or its key must 13241 be defined 13242 type: boolean 13243 required: 13244 - key 13245 type: object 13246 type: object 13247 bearerTokenFile: 13248 description: File to read bearer token for scraping targets. 13249 type: string 13250 bearerTokenSecret: 13251 description: Secret to mount to read bearer token for scraping 13252 targets. The secret needs to be in the same namespace as the 13253 service monitor and accessible by the Prometheus Operator. 13254 properties: 13255 key: 13256 description: The key of the secret to select from. Must 13257 be a valid secret key. 13258 type: string 13259 name: 13260 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13261 TODO: Add other useful fields. apiVersion, kind, uid?' 13262 type: string 13263 optional: 13264 description: Specify whether the Secret or its key must 13265 be defined 13266 type: boolean 13267 required: 13268 - key 13269 type: object 13270 honorLabels: 13271 description: HonorLabels chooses the metric's labels on collisions 13272 with target labels. 13273 type: boolean 13274 honorTimestamps: 13275 description: HonorTimestamps controls whether Prometheus respects 13276 the timestamps present in scraped data. 13277 type: boolean 13278 interval: 13279 description: Interval at which metrics should be scraped 13280 type: string 13281 metricRelabelings: 13282 description: MetricRelabelConfigs to apply to samples before 13283 ingestion. 13284 items: 13285 description: 'RelabelConfig allows dynamic rewriting of the 13286 label set, being applied to samples before ingestion. It 13287 defines `<metric_relabel_configs>`-section of Prometheus 13288 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 13289 properties: 13290 action: 13291 description: Action to perform based on regex matching. 13292 Default is 'replace' 13293 type: string 13294 modulus: 13295 description: Modulus to take of the hash of the source 13296 label values. 13297 format: int64 13298 type: integer 13299 regex: 13300 description: Regular expression against which the extracted 13301 value is matched. Default is '(.*)' 13302 type: string 13303 replacement: 13304 description: Replacement value against which a regex replace 13305 is performed if the regular expression matches. Regex 13306 capture groups are available. Default is '$1' 13307 type: string 13308 separator: 13309 description: Separator placed between concatenated source 13310 label values. default is ';'. 13311 type: string 13312 sourceLabels: 13313 description: The source labels select values from existing 13314 labels. Their content is concatenated using the configured 13315 separator and matched against the configured regular 13316 expression for the replace, keep, and drop actions. 13317 items: 13318 type: string 13319 type: array 13320 targetLabel: 13321 description: Label to which the resulting value is written 13322 in a replace action. It is mandatory for replace actions. 13323 Regex capture groups are available. 13324 type: string 13325 type: object 13326 type: array 13327 params: 13328 additionalProperties: 13329 items: 13330 type: string 13331 type: array 13332 description: Optional HTTP URL parameters 13333 type: object 13334 path: 13335 description: HTTP path to scrape for metrics. 13336 type: string 13337 port: 13338 description: Name of the service port this endpoint refers to. 13339 Mutually exclusive with targetPort. 13340 type: string 13341 proxyUrl: 13342 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 13343 to proxy through this endpoint. 13344 type: string 13345 relabelings: 13346 description: 'RelabelConfigs to apply to samples before scraping. 13347 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 13348 items: 13349 description: 'RelabelConfig allows dynamic rewriting of the 13350 label set, being applied to samples before ingestion. It 13351 defines `<metric_relabel_configs>`-section of Prometheus 13352 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 13353 properties: 13354 action: 13355 description: Action to perform based on regex matching. 13356 Default is 'replace' 13357 type: string 13358 modulus: 13359 description: Modulus to take of the hash of the source 13360 label values. 13361 format: int64 13362 type: integer 13363 regex: 13364 description: Regular expression against which the extracted 13365 value is matched. Default is '(.*)' 13366 type: string 13367 replacement: 13368 description: Replacement value against which a regex replace 13369 is performed if the regular expression matches. Regex 13370 capture groups are available. Default is '$1' 13371 type: string 13372 separator: 13373 description: Separator placed between concatenated source 13374 label values. default is ';'. 13375 type: string 13376 sourceLabels: 13377 description: The source labels select values from existing 13378 labels. Their content is concatenated using the configured 13379 separator and matched against the configured regular 13380 expression for the replace, keep, and drop actions. 13381 items: 13382 type: string 13383 type: array 13384 targetLabel: 13385 description: Label to which the resulting value is written 13386 in a replace action. It is mandatory for replace actions. 13387 Regex capture groups are available. 13388 type: string 13389 type: object 13390 type: array 13391 scheme: 13392 description: HTTP scheme to use for scraping. 13393 type: string 13394 scrapeTimeout: 13395 description: Timeout after which the scrape is ended 13396 type: string 13397 targetPort: 13398 anyOf: 13399 - type: integer 13400 - type: string 13401 description: Name or number of the target port of the Pod behind 13402 the Service, the port must be specified with container port 13403 property. Mutually exclusive with port. 13404 x-kubernetes-int-or-string: true 13405 tlsConfig: 13406 description: TLS configuration to use when scraping the endpoint 13407 properties: 13408 ca: 13409 description: Struct containing the CA cert to use for the 13410 targets. 13411 properties: 13412 configMap: 13413 description: ConfigMap containing data to use for the 13414 targets. 13415 properties: 13416 key: 13417 description: The key to select. 13418 type: string 13419 name: 13420 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13421 TODO: Add other useful fields. apiVersion, kind, 13422 uid?' 13423 type: string 13424 optional: 13425 description: Specify whether the ConfigMap or its 13426 key must be defined 13427 type: boolean 13428 required: 13429 - key 13430 type: object 13431 secret: 13432 description: Secret containing data to use for the targets. 13433 properties: 13434 key: 13435 description: The key of the secret to select from. Must 13436 be a valid secret key. 13437 type: string 13438 name: 13439 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13440 TODO: Add other useful fields. apiVersion, kind, 13441 uid?' 13442 type: string 13443 optional: 13444 description: Specify whether the Secret or its key 13445 must be defined 13446 type: boolean 13447 required: 13448 - key 13449 type: object 13450 type: object 13451 caFile: 13452 description: Path to the CA cert in the Prometheus container 13453 to use for the targets. 13454 type: string 13455 cert: 13456 description: Struct containing the client cert file for 13457 the targets. 13458 properties: 13459 configMap: 13460 description: ConfigMap containing data to use for the 13461 targets. 13462 properties: 13463 key: 13464 description: The key to select. 13465 type: string 13466 name: 13467 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13468 TODO: Add other useful fields. apiVersion, kind, 13469 uid?' 13470 type: string 13471 optional: 13472 description: Specify whether the ConfigMap or its 13473 key must be defined 13474 type: boolean 13475 required: 13476 - key 13477 type: object 13478 secret: 13479 description: Secret containing data to use for the targets. 13480 properties: 13481 key: 13482 description: The key of the secret to select from. Must 13483 be a valid secret key. 13484 type: string 13485 name: 13486 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13487 TODO: Add other useful fields. apiVersion, kind, 13488 uid?' 13489 type: string 13490 optional: 13491 description: Specify whether the Secret or its key 13492 must be defined 13493 type: boolean 13494 required: 13495 - key 13496 type: object 13497 type: object 13498 certFile: 13499 description: Path to the client cert file in the Prometheus 13500 container for the targets. 13501 type: string 13502 insecureSkipVerify: 13503 description: Disable target certificate validation. 13504 type: boolean 13505 keyFile: 13506 description: Path to the client key file in the Prometheus 13507 container for the targets. 13508 type: string 13509 keySecret: 13510 description: Secret containing the client key file for the 13511 targets. 13512 properties: 13513 key: 13514 description: The key of the secret to select from. Must 13515 be a valid secret key. 13516 type: string 13517 name: 13518 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13519 TODO: Add other useful fields. apiVersion, kind, uid?' 13520 type: string 13521 optional: 13522 description: Specify whether the Secret or its key must 13523 be defined 13524 type: boolean 13525 required: 13526 - key 13527 type: object 13528 serverName: 13529 description: Used to verify the hostname for the targets. 13530 type: string 13531 type: object 13532 type: object 13533 type: array 13534 jobLabel: 13535 description: The label to use to retrieve the job name from. 13536 type: string 13537 namespaceSelector: 13538 description: Selector to select which namespaces the Endpoints objects 13539 are discovered from. 13540 properties: 13541 any: 13542 description: Boolean describing whether all namespaces are selected 13543 in contrast to a list restricting them. 13544 type: boolean 13545 matchNames: 13546 description: List of namespace names. 13547 items: 13548 type: string 13549 type: array 13550 type: object 13551 podTargetLabels: 13552 description: PodTargetLabels transfers labels on the Kubernetes Pod 13553 onto the target. 13554 items: 13555 type: string 13556 type: array 13557 sampleLimit: 13558 description: SampleLimit defines per-scrape limit on number of scraped 13559 samples that will be accepted. 13560 format: int64 13561 type: integer 13562 selector: 13563 description: Selector to select Endpoints objects. 13564 properties: 13565 matchExpressions: 13566 description: matchExpressions is a list of label selector requirements. 13567 The requirements are ANDed. 13568 items: 13569 description: A label selector requirement is a selector that 13570 contains values, a key, and an operator that relates the key 13571 and values. 13572 properties: 13573 key: 13574 description: key is the label key that the selector applies 13575 to. 13576 type: string 13577 operator: 13578 description: operator represents a key's relationship to 13579 a set of values. Valid operators are In, NotIn, Exists 13580 and DoesNotExist. 13581 type: string 13582 values: 13583 description: values is an array of string values. If the 13584 operator is In or NotIn, the values array must be non-empty. 13585 If the operator is Exists or DoesNotExist, the values 13586 array must be empty. This array is replaced during a strategic 13587 merge patch. 13588 items: 13589 type: string 13590 type: array 13591 required: 13592 - key 13593 - operator 13594 type: object 13595 type: array 13596 matchLabels: 13597 additionalProperties: 13598 type: string 13599 description: matchLabels is a map of {key,value} pairs. A single 13600 {key,value} in the matchLabels map is equivalent to an element 13601 of matchExpressions, whose key field is "key", the operator 13602 is "In", and the values array contains only "value". The requirements 13603 are ANDed. 13604 type: object 13605 type: object 13606 targetLabels: 13607 description: TargetLabels transfers labels on the Kubernetes Service 13608 onto the target. 13609 items: 13610 type: string 13611 type: array 13612 targetLimit: 13613 description: TargetLimit defines a limit on the number of scraped 13614 targets that will be accepted. 13615 format: int64 13616 type: integer 13617 required: 13618 - endpoints 13619 - selector 13620 type: object 13621 required: 13622 - spec 13623 type: object 13624 served: true 13625 storage: true 13626 status: 13627 acceptedNames: 13628 kind: "" 13629 plural: "" 13630 conditions: [] 13631 storedVersions: [] 13632 --- 13633 13634 --- 13635 apiVersion: apiextensions.k8s.io/v1 13636 kind: CustomResourceDefinition 13637 metadata: 13638 annotations: 13639 controller-gen.kubebuilder.io/version: v0.2.4 13640 creationTimestamp: null 13641 name: thanosrulers.monitoring.coreos.com 13642 spec: 13643 group: monitoring.coreos.com 13644 names: 13645 kind: ThanosRuler 13646 listKind: ThanosRulerList 13647 plural: thanosrulers 13648 singular: thanosruler 13649 scope: Namespaced 13650 versions: 13651 - name: v1 13652 schema: 13653 openAPIV3Schema: 13654 description: ThanosRuler defines a ThanosRuler deployment. 13655 properties: 13656 apiVersion: 13657 description: 'APIVersion defines the versioned schema of this representation 13658 of an object. Servers should convert recognized schemas to the latest 13659 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 13660 type: string 13661 kind: 13662 description: 'Kind is a string value representing the REST resource this 13663 object represents. Servers may infer this from the endpoint the client 13664 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 13665 type: string 13666 metadata: 13667 type: object 13668 spec: 13669 description: 'Specification of the desired behavior of the ThanosRuler 13670 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 13671 properties: 13672 affinity: 13673 description: If specified, the pod's scheduling constraints. 13674 properties: 13675 nodeAffinity: 13676 description: Describes node affinity scheduling rules for the 13677 pod. 13678 properties: 13679 preferredDuringSchedulingIgnoredDuringExecution: 13680 description: The scheduler will prefer to schedule pods to 13681 nodes that satisfy the affinity expressions specified by 13682 this field, but it may choose a node that violates one or 13683 more of the expressions. The node that is most preferred 13684 is the one with the greatest sum of weights, i.e. for each 13685 node that meets all of the scheduling requirements (resource 13686 request, requiredDuringScheduling affinity expressions, 13687 etc.), compute a sum by iterating through the elements of 13688 this field and adding "weight" to the sum if the node matches 13689 the corresponding matchExpressions; the node(s) with the 13690 highest sum are the most preferred. 13691 items: 13692 description: An empty preferred scheduling term matches 13693 all objects with implicit weight 0 (i.e. it's a no-op). 13694 A null preferred scheduling term matches no objects (i.e. 13695 is also a no-op). 13696 properties: 13697 preference: 13698 description: A node selector term, associated with the 13699 corresponding weight. 13700 properties: 13701 matchExpressions: 13702 description: A list of node selector requirements 13703 by node's labels. 13704 items: 13705 description: A node selector requirement is a 13706 selector that contains values, a key, and an 13707 operator that relates the key and values. 13708 properties: 13709 key: 13710 description: The label key that the selector 13711 applies to. 13712 type: string 13713 operator: 13714 description: Represents a key's relationship 13715 to a set of values. Valid operators are 13716 In, NotIn, Exists, DoesNotExist. Gt, and 13717 Lt. 13718 type: string 13719 values: 13720 description: An array of string values. If 13721 the operator is In or NotIn, the values 13722 array must be non-empty. If the operator 13723 is Exists or DoesNotExist, the values array 13724 must be empty. If the operator is Gt or 13725 Lt, the values array must have a single 13726 element, which will be interpreted as an 13727 integer. This array is replaced during a 13728 strategic merge patch. 13729 items: 13730 type: string 13731 type: array 13732 required: 13733 - key 13734 - operator 13735 type: object 13736 type: array 13737 matchFields: 13738 description: A list of node selector requirements 13739 by node's fields. 13740 items: 13741 description: A node selector requirement is a 13742 selector that contains values, a key, and an 13743 operator that relates the key and values. 13744 properties: 13745 key: 13746 description: The label key that the selector 13747 applies to. 13748 type: string 13749 operator: 13750 description: Represents a key's relationship 13751 to a set of values. Valid operators are 13752 In, NotIn, Exists, DoesNotExist. Gt, and 13753 Lt. 13754 type: string 13755 values: 13756 description: An array of string values. If 13757 the operator is In or NotIn, the values 13758 array must be non-empty. If the operator 13759 is Exists or DoesNotExist, the values array 13760 must be empty. If the operator is Gt or 13761 Lt, the values array must have a single 13762 element, which will be interpreted as an 13763 integer. This array is replaced during a 13764 strategic merge patch. 13765 items: 13766 type: string 13767 type: array 13768 required: 13769 - key 13770 - operator 13771 type: object 13772 type: array 13773 type: object 13774 weight: 13775 description: Weight associated with matching the corresponding 13776 nodeSelectorTerm, in the range 1-100. 13777 format: int32 13778 type: integer 13779 required: 13780 - preference 13781 - weight 13782 type: object 13783 type: array 13784 requiredDuringSchedulingIgnoredDuringExecution: 13785 description: If the affinity requirements specified by this 13786 field are not met at scheduling time, the pod will not be 13787 scheduled onto the node. If the affinity requirements specified 13788 by this field cease to be met at some point during pod execution 13789 (e.g. due to an update), the system may or may not try to 13790 eventually evict the pod from its node. 13791 properties: 13792 nodeSelectorTerms: 13793 description: Required. A list of node selector terms. 13794 The terms are ORed. 13795 items: 13796 description: A null or empty node selector term matches 13797 no objects. The requirements of them are ANDed. The 13798 TopologySelectorTerm type implements a subset of the 13799 NodeSelectorTerm. 13800 properties: 13801 matchExpressions: 13802 description: A list of node selector requirements 13803 by node's labels. 13804 items: 13805 description: A node selector requirement is a 13806 selector that contains values, a key, and an 13807 operator that relates the key and values. 13808 properties: 13809 key: 13810 description: The label key that the selector 13811 applies to. 13812 type: string 13813 operator: 13814 description: Represents a key's relationship 13815 to a set of values. Valid operators are 13816 In, NotIn, Exists, DoesNotExist. Gt, and 13817 Lt. 13818 type: string 13819 values: 13820 description: An array of string values. If 13821 the operator is In or NotIn, the values 13822 array must be non-empty. If the operator 13823 is Exists or DoesNotExist, the values array 13824 must be empty. If the operator is Gt or 13825 Lt, the values array must have a single 13826 element, which will be interpreted as an 13827 integer. This array is replaced during a 13828 strategic merge patch. 13829 items: 13830 type: string 13831 type: array 13832 required: 13833 - key 13834 - operator 13835 type: object 13836 type: array 13837 matchFields: 13838 description: A list of node selector requirements 13839 by node's fields. 13840 items: 13841 description: A node selector requirement is a 13842 selector that contains values, a key, and an 13843 operator that relates the key and values. 13844 properties: 13845 key: 13846 description: The label key that the selector 13847 applies to. 13848 type: string 13849 operator: 13850 description: Represents a key's relationship 13851 to a set of values. Valid operators are 13852 In, NotIn, Exists, DoesNotExist. Gt, and 13853 Lt. 13854 type: string 13855 values: 13856 description: An array of string values. If 13857 the operator is In or NotIn, the values 13858 array must be non-empty. If the operator 13859 is Exists or DoesNotExist, the values array 13860 must be empty. If the operator is Gt or 13861 Lt, the values array must have a single 13862 element, which will be interpreted as an 13863 integer. This array is replaced during a 13864 strategic merge patch. 13865 items: 13866 type: string 13867 type: array 13868 required: 13869 - key 13870 - operator 13871 type: object 13872 type: array 13873 type: object 13874 type: array 13875 required: 13876 - nodeSelectorTerms 13877 type: object 13878 type: object 13879 podAffinity: 13880 description: Describes pod affinity scheduling rules (e.g. co-locate 13881 this pod in the same node, zone, etc. as some other pod(s)). 13882 properties: 13883 preferredDuringSchedulingIgnoredDuringExecution: 13884 description: The scheduler will prefer to schedule pods to 13885 nodes that satisfy the affinity expressions specified by 13886 this field, but it may choose a node that violates one or 13887 more of the expressions. The node that is most preferred 13888 is the one with the greatest sum of weights, i.e. for each 13889 node that meets all of the scheduling requirements (resource 13890 request, requiredDuringScheduling affinity expressions, 13891 etc.), compute a sum by iterating through the elements of 13892 this field and adding "weight" to the sum if the node has 13893 pods which matches the corresponding podAffinityTerm; the 13894 node(s) with the highest sum are the most preferred. 13895 items: 13896 description: The weights of all of the matched WeightedPodAffinityTerm 13897 fields are added per-node to find the most preferred node(s) 13898 properties: 13899 podAffinityTerm: 13900 description: Required. A pod affinity term, associated 13901 with the corresponding weight. 13902 properties: 13903 labelSelector: 13904 description: A label query over a set of resources, 13905 in this case pods. 13906 properties: 13907 matchExpressions: 13908 description: matchExpressions is a list of label 13909 selector requirements. The requirements are 13910 ANDed. 13911 items: 13912 description: A label selector requirement 13913 is a selector that contains values, a key, 13914 and an operator that relates the key and 13915 values. 13916 properties: 13917 key: 13918 description: key is the label key that 13919 the selector applies to. 13920 type: string 13921 operator: 13922 description: operator represents a key's 13923 relationship to a set of values. Valid 13924 operators are In, NotIn, Exists and 13925 DoesNotExist. 13926 type: string 13927 values: 13928 description: values is an array of string 13929 values. If the operator is In or NotIn, 13930 the values array must be non-empty. 13931 If the operator is Exists or DoesNotExist, 13932 the values array must be empty. This 13933 array is replaced during a strategic 13934 merge patch. 13935 items: 13936 type: string 13937 type: array 13938 required: 13939 - key 13940 - operator 13941 type: object 13942 type: array 13943 matchLabels: 13944 additionalProperties: 13945 type: string 13946 description: matchLabels is a map of {key,value} 13947 pairs. A single {key,value} in the matchLabels 13948 map is equivalent to an element of matchExpressions, 13949 whose key field is "key", the operator is 13950 "In", and the values array contains only "value". 13951 The requirements are ANDed. 13952 type: object 13953 type: object 13954 namespaces: 13955 description: namespaces specifies which namespaces 13956 the labelSelector applies to (matches against); 13957 null or empty list means "this pod's namespace" 13958 items: 13959 type: string 13960 type: array 13961 topologyKey: 13962 description: This pod should be co-located (affinity) 13963 or not co-located (anti-affinity) with the pods 13964 matching the labelSelector in the specified namespaces, 13965 where co-located is defined as running on a node 13966 whose value of the label with key topologyKey 13967 matches that of any node on which any of the selected 13968 pods is running. Empty topologyKey is not allowed. 13969 type: string 13970 required: 13971 - topologyKey 13972 type: object 13973 weight: 13974 description: weight associated with matching the corresponding 13975 podAffinityTerm, in the range 1-100. 13976 format: int32 13977 type: integer 13978 required: 13979 - podAffinityTerm 13980 - weight 13981 type: object 13982 type: array 13983 requiredDuringSchedulingIgnoredDuringExecution: 13984 description: If the affinity requirements specified by this 13985 field are not met at scheduling time, the pod will not be 13986 scheduled onto the node. If the affinity requirements specified 13987 by this field cease to be met at some point during pod execution 13988 (e.g. due to a pod label update), the system may or may 13989 not try to eventually evict the pod from its node. When 13990 there are multiple elements, the lists of nodes corresponding 13991 to each podAffinityTerm are intersected, i.e. all terms 13992 must be satisfied. 13993 items: 13994 description: Defines a set of pods (namely those matching 13995 the labelSelector relative to the given namespace(s)) 13996 that this pod should be co-located (affinity) or not co-located 13997 (anti-affinity) with, where co-located is defined as running 13998 on a node whose value of the label with key <topologyKey> 13999 matches that of any node on which a pod of the set of 14000 pods is running 14001 properties: 14002 labelSelector: 14003 description: A label query over a set of resources, 14004 in this case pods. 14005 properties: 14006 matchExpressions: 14007 description: matchExpressions is a list of label 14008 selector requirements. The requirements are ANDed. 14009 items: 14010 description: A label selector requirement is a 14011 selector that contains values, a key, and an 14012 operator that relates the key and values. 14013 properties: 14014 key: 14015 description: key is the label key that the 14016 selector applies to. 14017 type: string 14018 operator: 14019 description: operator represents a key's relationship 14020 to a set of values. Valid operators are 14021 In, NotIn, Exists and DoesNotExist. 14022 type: string 14023 values: 14024 description: values is an array of string 14025 values. If the operator is In or NotIn, 14026 the values array must be non-empty. If the 14027 operator is Exists or DoesNotExist, the 14028 values array must be empty. This array is 14029 replaced during a strategic merge patch. 14030 items: 14031 type: string 14032 type: array 14033 required: 14034 - key 14035 - operator 14036 type: object 14037 type: array 14038 matchLabels: 14039 additionalProperties: 14040 type: string 14041 description: matchLabels is a map of {key,value} 14042 pairs. A single {key,value} in the matchLabels 14043 map is equivalent to an element of matchExpressions, 14044 whose key field is "key", the operator is "In", 14045 and the values array contains only "value". The 14046 requirements are ANDed. 14047 type: object 14048 type: object 14049 namespaces: 14050 description: namespaces specifies which namespaces the 14051 labelSelector applies to (matches against); null or 14052 empty list means "this pod's namespace" 14053 items: 14054 type: string 14055 type: array 14056 topologyKey: 14057 description: This pod should be co-located (affinity) 14058 or not co-located (anti-affinity) with the pods matching 14059 the labelSelector in the specified namespaces, where 14060 co-located is defined as running on a node whose value 14061 of the label with key topologyKey matches that of 14062 any node on which any of the selected pods is running. 14063 Empty topologyKey is not allowed. 14064 type: string 14065 required: 14066 - topologyKey 14067 type: object 14068 type: array 14069 type: object 14070 podAntiAffinity: 14071 description: Describes pod anti-affinity scheduling rules (e.g. 14072 avoid putting this pod in the same node, zone, etc. as some 14073 other pod(s)). 14074 properties: 14075 preferredDuringSchedulingIgnoredDuringExecution: 14076 description: The scheduler will prefer to schedule pods to 14077 nodes that satisfy the anti-affinity expressions specified 14078 by this field, but it may choose a node that violates one 14079 or more of the expressions. The node that is most preferred 14080 is the one with the greatest sum of weights, i.e. for each 14081 node that meets all of the scheduling requirements (resource 14082 request, requiredDuringScheduling anti-affinity expressions, 14083 etc.), compute a sum by iterating through the elements of 14084 this field and adding "weight" to the sum if the node has 14085 pods which matches the corresponding podAffinityTerm; the 14086 node(s) with the highest sum are the most preferred. 14087 items: 14088 description: The weights of all of the matched WeightedPodAffinityTerm 14089 fields are added per-node to find the most preferred node(s) 14090 properties: 14091 podAffinityTerm: 14092 description: Required. A pod affinity term, associated 14093 with the corresponding weight. 14094 properties: 14095 labelSelector: 14096 description: A label query over a set of resources, 14097 in this case pods. 14098 properties: 14099 matchExpressions: 14100 description: matchExpressions is a list of label 14101 selector requirements. The requirements are 14102 ANDed. 14103 items: 14104 description: A label selector requirement 14105 is a selector that contains values, a key, 14106 and an operator that relates the key and 14107 values. 14108 properties: 14109 key: 14110 description: key is the label key that 14111 the selector applies to. 14112 type: string 14113 operator: 14114 description: operator represents a key's 14115 relationship to a set of values. Valid 14116 operators are In, NotIn, Exists and 14117 DoesNotExist. 14118 type: string 14119 values: 14120 description: values is an array of string 14121 values. If the operator is In or NotIn, 14122 the values array must be non-empty. 14123 If the operator is Exists or DoesNotExist, 14124 the values array must be empty. This 14125 array is replaced during a strategic 14126 merge patch. 14127 items: 14128 type: string 14129 type: array 14130 required: 14131 - key 14132 - operator 14133 type: object 14134 type: array 14135 matchLabels: 14136 additionalProperties: 14137 type: string 14138 description: matchLabels is a map of {key,value} 14139 pairs. A single {key,value} in the matchLabels 14140 map is equivalent to an element of matchExpressions, 14141 whose key field is "key", the operator is 14142 "In", and the values array contains only "value". 14143 The requirements are ANDed. 14144 type: object 14145 type: object 14146 namespaces: 14147 description: namespaces specifies which namespaces 14148 the labelSelector applies to (matches against); 14149 null or empty list means "this pod's namespace" 14150 items: 14151 type: string 14152 type: array 14153 topologyKey: 14154 description: This pod should be co-located (affinity) 14155 or not co-located (anti-affinity) with the pods 14156 matching the labelSelector in the specified namespaces, 14157 where co-located is defined as running on a node 14158 whose value of the label with key topologyKey 14159 matches that of any node on which any of the selected 14160 pods is running. Empty topologyKey is not allowed. 14161 type: string 14162 required: 14163 - topologyKey 14164 type: object 14165 weight: 14166 description: weight associated with matching the corresponding 14167 podAffinityTerm, in the range 1-100. 14168 format: int32 14169 type: integer 14170 required: 14171 - podAffinityTerm 14172 - weight 14173 type: object 14174 type: array 14175 requiredDuringSchedulingIgnoredDuringExecution: 14176 description: If the anti-affinity requirements specified by 14177 this field are not met at scheduling time, the pod will 14178 not be scheduled onto the node. If the anti-affinity requirements 14179 specified by this field cease to be met at some point during 14180 pod execution (e.g. due to a pod label update), the system 14181 may or may not try to eventually evict the pod from its 14182 node. When there are multiple elements, the lists of nodes 14183 corresponding to each podAffinityTerm are intersected, i.e. 14184 all terms must be satisfied. 14185 items: 14186 description: Defines a set of pods (namely those matching 14187 the labelSelector relative to the given namespace(s)) 14188 that this pod should be co-located (affinity) or not co-located 14189 (anti-affinity) with, where co-located is defined as running 14190 on a node whose value of the label with key <topologyKey> 14191 matches that of any node on which a pod of the set of 14192 pods is running 14193 properties: 14194 labelSelector: 14195 description: A label query over a set of resources, 14196 in this case pods. 14197 properties: 14198 matchExpressions: 14199 description: matchExpressions is a list of label 14200 selector requirements. The requirements are ANDed. 14201 items: 14202 description: A label selector requirement is a 14203 selector that contains values, a key, and an 14204 operator that relates the key and values. 14205 properties: 14206 key: 14207 description: key is the label key that the 14208 selector applies to. 14209 type: string 14210 operator: 14211 description: operator represents a key's relationship 14212 to a set of values. Valid operators are 14213 In, NotIn, Exists and DoesNotExist. 14214 type: string 14215 values: 14216 description: values is an array of string 14217 values. If the operator is In or NotIn, 14218 the values array must be non-empty. If the 14219 operator is Exists or DoesNotExist, the 14220 values array must be empty. This array is 14221 replaced during a strategic merge patch. 14222 items: 14223 type: string 14224 type: array 14225 required: 14226 - key 14227 - operator 14228 type: object 14229 type: array 14230 matchLabels: 14231 additionalProperties: 14232 type: string 14233 description: matchLabels is a map of {key,value} 14234 pairs. A single {key,value} in the matchLabels 14235 map is equivalent to an element of matchExpressions, 14236 whose key field is "key", the operator is "In", 14237 and the values array contains only "value". The 14238 requirements are ANDed. 14239 type: object 14240 type: object 14241 namespaces: 14242 description: namespaces specifies which namespaces the 14243 labelSelector applies to (matches against); null or 14244 empty list means "this pod's namespace" 14245 items: 14246 type: string 14247 type: array 14248 topologyKey: 14249 description: This pod should be co-located (affinity) 14250 or not co-located (anti-affinity) with the pods matching 14251 the labelSelector in the specified namespaces, where 14252 co-located is defined as running on a node whose value 14253 of the label with key topologyKey matches that of 14254 any node on which any of the selected pods is running. 14255 Empty topologyKey is not allowed. 14256 type: string 14257 required: 14258 - topologyKey 14259 type: object 14260 type: array 14261 type: object 14262 type: object 14263 alertDropLabels: 14264 description: AlertDropLabels configure the label names which should 14265 be dropped in ThanosRuler alerts. If `labels` field is not provided, 14266 `thanos_ruler_replica` will be dropped in alerts by default. 14267 items: 14268 type: string 14269 type: array 14270 alertQueryUrl: 14271 description: The external Query URL the Thanos Ruler will set in the 14272 'Source' field of all alerts. Maps to the '--alert.query-url' CLI 14273 arg. 14274 type: string 14275 alertmanagersConfig: 14276 description: Define configuration for connecting to alertmanager. Only 14277 available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` 14278 arg. 14279 properties: 14280 key: 14281 description: The key of the secret to select from. Must be a 14282 valid secret key. 14283 type: string 14284 name: 14285 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14286 TODO: Add other useful fields. apiVersion, kind, uid?' 14287 type: string 14288 optional: 14289 description: Specify whether the Secret or its key must be defined 14290 type: boolean 14291 required: 14292 - key 14293 type: object 14294 alertmanagersUrl: 14295 description: 'Define URLs to send alerts to Alertmanager. For Thanos 14296 v0.10.0 and higher, AlertManagersConfig should be used instead. Note: 14297 this field will be ignored if AlertManagersConfig is specified. 14298 Maps to the `alertmanagers.url` arg.' 14299 items: 14300 type: string 14301 type: array 14302 containers: 14303 description: 'Containers allows injecting additional containers or 14304 modifying operator generated containers. This can be used to allow 14305 adding an authentication proxy to a ThanosRuler pod or to change 14306 the behavior of an operator generated container. Containers described 14307 here modify an operator generated container if they share the same 14308 name and modifications are done via a strategic merge patch. The 14309 current container names are: `thanos-ruler` and `config-reloader`. 14310 Overriding containers is entirely outside the scope of what the 14311 maintainers will support and by doing so, you accept that this behaviour 14312 may break at any time without notice.' 14313 items: 14314 description: A single application container that you want to run 14315 within a pod. 14316 properties: 14317 args: 14318 description: 'Arguments to the entrypoint. The docker image''s 14319 CMD is used if this is not provided. Variable references $(VAR_NAME) 14320 are expanded using the container''s environment. If a variable 14321 cannot be resolved, the reference in the input string will 14322 be unchanged. The $(VAR_NAME) syntax can be escaped with a 14323 double $$, ie: $$(VAR_NAME). Escaped references will never 14324 be expanded, regardless of whether the variable exists or 14325 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 14326 items: 14327 type: string 14328 type: array 14329 command: 14330 description: 'Entrypoint array. Not executed within a shell. 14331 The docker image''s ENTRYPOINT is used if this is not provided. 14332 Variable references $(VAR_NAME) are expanded using the container''s 14333 environment. If a variable cannot be resolved, the reference 14334 in the input string will be unchanged. The $(VAR_NAME) syntax 14335 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 14336 references will never be expanded, regardless of whether the 14337 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 14338 items: 14339 type: string 14340 type: array 14341 env: 14342 description: List of environment variables to set in the container. 14343 Cannot be updated. 14344 items: 14345 description: EnvVar represents an environment variable present 14346 in a Container. 14347 properties: 14348 name: 14349 description: Name of the environment variable. Must be 14350 a C_IDENTIFIER. 14351 type: string 14352 value: 14353 description: 'Variable references $(VAR_NAME) are expanded 14354 using the previous defined environment variables in 14355 the container and any service environment variables. 14356 If a variable cannot be resolved, the reference in the 14357 input string will be unchanged. The $(VAR_NAME) syntax 14358 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 14359 references will never be expanded, regardless of whether 14360 the variable exists or not. Defaults to "".' 14361 type: string 14362 valueFrom: 14363 description: Source for the environment variable's value. 14364 Cannot be used if value is not empty. 14365 properties: 14366 configMapKeyRef: 14367 description: Selects a key of a ConfigMap. 14368 properties: 14369 key: 14370 description: The key to select. 14371 type: string 14372 name: 14373 description: 'Name of the referent. More info: 14374 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14375 TODO: Add other useful fields. apiVersion, kind, 14376 uid?' 14377 type: string 14378 optional: 14379 description: Specify whether the ConfigMap or 14380 its key must be defined 14381 type: boolean 14382 required: 14383 - key 14384 type: object 14385 fieldRef: 14386 description: 'Selects a field of the pod: supports 14387 metadata.name, metadata.namespace, metadata.labels, 14388 metadata.annotations, spec.nodeName, spec.serviceAccountName, 14389 status.hostIP, status.podIP, status.podIPs.' 14390 properties: 14391 apiVersion: 14392 description: Version of the schema the FieldPath 14393 is written in terms of, defaults to "v1". 14394 type: string 14395 fieldPath: 14396 description: Path of the field to select in the 14397 specified API version. 14398 type: string 14399 required: 14400 - fieldPath 14401 type: object 14402 resourceFieldRef: 14403 description: 'Selects a resource of the container: 14404 only resources limits and requests (limits.cpu, 14405 limits.memory, limits.ephemeral-storage, requests.cpu, 14406 requests.memory and requests.ephemeral-storage) 14407 are currently supported.' 14408 properties: 14409 containerName: 14410 description: 'Container name: required for volumes, 14411 optional for env vars' 14412 type: string 14413 divisor: 14414 description: Specifies the output format of the 14415 exposed resources, defaults to "1" 14416 type: string 14417 resource: 14418 description: 'Required: resource to select' 14419 type: string 14420 required: 14421 - resource 14422 type: object 14423 secretKeyRef: 14424 description: Selects a key of a secret in the pod's 14425 namespace 14426 properties: 14427 key: 14428 description: The key of the secret to select from. Must 14429 be a valid secret key. 14430 type: string 14431 name: 14432 description: 'Name of the referent. More info: 14433 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14434 TODO: Add other useful fields. apiVersion, kind, 14435 uid?' 14436 type: string 14437 optional: 14438 description: Specify whether the Secret or its 14439 key must be defined 14440 type: boolean 14441 required: 14442 - key 14443 type: object 14444 type: object 14445 required: 14446 - name 14447 type: object 14448 type: array 14449 envFrom: 14450 description: List of sources to populate environment variables 14451 in the container. The keys defined within a source must be 14452 a C_IDENTIFIER. All invalid keys will be reported as an event 14453 when the container is starting. When a key exists in multiple 14454 sources, the value associated with the last source will take 14455 precedence. Values defined by an Env with a duplicate key 14456 will take precedence. Cannot be updated. 14457 items: 14458 description: EnvFromSource represents the source of a set 14459 of ConfigMaps 14460 properties: 14461 configMapRef: 14462 description: The ConfigMap to select from 14463 properties: 14464 name: 14465 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14466 TODO: Add other useful fields. apiVersion, kind, 14467 uid?' 14468 type: string 14469 optional: 14470 description: Specify whether the ConfigMap must be 14471 defined 14472 type: boolean 14473 type: object 14474 prefix: 14475 description: An optional identifier to prepend to each 14476 key in the ConfigMap. Must be a C_IDENTIFIER. 14477 type: string 14478 secretRef: 14479 description: The Secret to select from 14480 properties: 14481 name: 14482 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14483 TODO: Add other useful fields. apiVersion, kind, 14484 uid?' 14485 type: string 14486 optional: 14487 description: Specify whether the Secret must be defined 14488 type: boolean 14489 type: object 14490 type: object 14491 type: array 14492 image: 14493 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14494 This field is optional to allow higher level config management 14495 to default or override container images in workload controllers 14496 like Deployments and StatefulSets.' 14497 type: string 14498 imagePullPolicy: 14499 description: 'Image pull policy. One of Always, Never, IfNotPresent. 14500 Defaults to Always if :latest tag is specified, or IfNotPresent 14501 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 14502 type: string 14503 lifecycle: 14504 description: Actions that the management system should take 14505 in response to container lifecycle events. Cannot be updated. 14506 properties: 14507 postStart: 14508 description: 'PostStart is called immediately after a container 14509 is created. If the handler fails, the container is terminated 14510 and restarted according to its restart policy. Other management 14511 of the container blocks until the hook completes. More 14512 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 14513 properties: 14514 exec: 14515 description: One and only one of the following should 14516 be specified. Exec specifies the action to take. 14517 properties: 14518 command: 14519 description: Command is the command line to execute 14520 inside the container, the working directory for 14521 the command is root ('/') in the container's 14522 filesystem. The command is simply exec'd, it is 14523 not run inside a shell, so traditional shell instructions 14524 ('|', etc) won't work. To use a shell, you need 14525 to explicitly call out to that shell. Exit status 14526 of 0 is treated as live/healthy and non-zero is 14527 unhealthy. 14528 items: 14529 type: string 14530 type: array 14531 type: object 14532 httpGet: 14533 description: HTTPGet specifies the http request to perform. 14534 properties: 14535 host: 14536 description: Host name to connect to, defaults to 14537 the pod IP. You probably want to set "Host" in 14538 httpHeaders instead. 14539 type: string 14540 httpHeaders: 14541 description: Custom headers to set in the request. 14542 HTTP allows repeated headers. 14543 items: 14544 description: HTTPHeader describes a custom header 14545 to be used in HTTP probes 14546 properties: 14547 name: 14548 description: The header field name 14549 type: string 14550 value: 14551 description: The header field value 14552 type: string 14553 required: 14554 - name 14555 - value 14556 type: object 14557 type: array 14558 path: 14559 description: Path to access on the HTTP server. 14560 type: string 14561 port: 14562 anyOf: 14563 - type: integer 14564 - type: string 14565 description: Name or number of the port to access 14566 on the container. Number must be in the range 14567 1 to 65535. Name must be an IANA_SVC_NAME. 14568 x-kubernetes-int-or-string: true 14569 scheme: 14570 description: Scheme to use for connecting to the 14571 host. Defaults to HTTP. 14572 type: string 14573 required: 14574 - port 14575 type: object 14576 tcpSocket: 14577 description: 'TCPSocket specifies an action involving 14578 a TCP port. TCP hooks not yet supported TODO: implement 14579 a realistic TCP lifecycle hook' 14580 properties: 14581 host: 14582 description: 'Optional: Host name to connect to, 14583 defaults to the pod IP.' 14584 type: string 14585 port: 14586 anyOf: 14587 - type: integer 14588 - type: string 14589 description: Number or name of the port to access 14590 on the container. Number must be in the range 14591 1 to 65535. Name must be an IANA_SVC_NAME. 14592 x-kubernetes-int-or-string: true 14593 required: 14594 - port 14595 type: object 14596 type: object 14597 preStop: 14598 description: 'PreStop is called immediately before a container 14599 is terminated due to an API request or management event 14600 such as liveness/startup probe failure, preemption, resource 14601 contention, etc. The handler is not called if the container 14602 crashes or exits. The reason for termination is passed 14603 to the handler. The Pod''s termination grace period countdown 14604 begins before the PreStop hooked is executed. Regardless 14605 of the outcome of the handler, the container will eventually 14606 terminate within the Pod''s termination grace period. 14607 Other management of the container blocks until the hook 14608 completes or until the termination grace period is reached. 14609 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 14610 properties: 14611 exec: 14612 description: One and only one of the following should 14613 be specified. Exec specifies the action to take. 14614 properties: 14615 command: 14616 description: Command is the command line to execute 14617 inside the container, the working directory for 14618 the command is root ('/') in the container's 14619 filesystem. The command is simply exec'd, it is 14620 not run inside a shell, so traditional shell instructions 14621 ('|', etc) won't work. To use a shell, you need 14622 to explicitly call out to that shell. Exit status 14623 of 0 is treated as live/healthy and non-zero is 14624 unhealthy. 14625 items: 14626 type: string 14627 type: array 14628 type: object 14629 httpGet: 14630 description: HTTPGet specifies the http request to perform. 14631 properties: 14632 host: 14633 description: Host name to connect to, defaults to 14634 the pod IP. You probably want to set "Host" in 14635 httpHeaders instead. 14636 type: string 14637 httpHeaders: 14638 description: Custom headers to set in the request. 14639 HTTP allows repeated headers. 14640 items: 14641 description: HTTPHeader describes a custom header 14642 to be used in HTTP probes 14643 properties: 14644 name: 14645 description: The header field name 14646 type: string 14647 value: 14648 description: The header field value 14649 type: string 14650 required: 14651 - name 14652 - value 14653 type: object 14654 type: array 14655 path: 14656 description: Path to access on the HTTP server. 14657 type: string 14658 port: 14659 anyOf: 14660 - type: integer 14661 - type: string 14662 description: Name or number of the port to access 14663 on the container. Number must be in the range 14664 1 to 65535. Name must be an IANA_SVC_NAME. 14665 x-kubernetes-int-or-string: true 14666 scheme: 14667 description: Scheme to use for connecting to the 14668 host. Defaults to HTTP. 14669 type: string 14670 required: 14671 - port 14672 type: object 14673 tcpSocket: 14674 description: 'TCPSocket specifies an action involving 14675 a TCP port. TCP hooks not yet supported TODO: implement 14676 a realistic TCP lifecycle hook' 14677 properties: 14678 host: 14679 description: 'Optional: Host name to connect to, 14680 defaults to the pod IP.' 14681 type: string 14682 port: 14683 anyOf: 14684 - type: integer 14685 - type: string 14686 description: Number or name of the port to access 14687 on the container. Number must be in the range 14688 1 to 65535. Name must be an IANA_SVC_NAME. 14689 x-kubernetes-int-or-string: true 14690 required: 14691 - port 14692 type: object 14693 type: object 14694 type: object 14695 livenessProbe: 14696 description: 'Periodic probe of container liveness. Container 14697 will be restarted if the probe fails. Cannot be updated. More 14698 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14699 properties: 14700 exec: 14701 description: One and only one of the following should be 14702 specified. Exec specifies the action to take. 14703 properties: 14704 command: 14705 description: Command is the command line to execute 14706 inside the container, the working directory for the 14707 command is root ('/') in the container's filesystem. 14708 The command is simply exec'd, it is not run inside 14709 a shell, so traditional shell instructions ('|', etc) 14710 won't work. To use a shell, you need to explicitly 14711 call out to that shell. Exit status of 0 is treated 14712 as live/healthy and non-zero is unhealthy. 14713 items: 14714 type: string 14715 type: array 14716 type: object 14717 failureThreshold: 14718 description: Minimum consecutive failures for the probe 14719 to be considered failed after having succeeded. Defaults 14720 to 3. Minimum value is 1. 14721 format: int32 14722 type: integer 14723 httpGet: 14724 description: HTTPGet specifies the http request to perform. 14725 properties: 14726 host: 14727 description: Host name to connect to, defaults to the 14728 pod IP. You probably want to set "Host" in httpHeaders 14729 instead. 14730 type: string 14731 httpHeaders: 14732 description: Custom headers to set in the request. HTTP 14733 allows repeated headers. 14734 items: 14735 description: HTTPHeader describes a custom header 14736 to be used in HTTP probes 14737 properties: 14738 name: 14739 description: The header field name 14740 type: string 14741 value: 14742 description: The header field value 14743 type: string 14744 required: 14745 - name 14746 - value 14747 type: object 14748 type: array 14749 path: 14750 description: Path to access on the HTTP server. 14751 type: string 14752 port: 14753 anyOf: 14754 - type: integer 14755 - type: string 14756 description: Name or number of the port to access on 14757 the container. Number must be in the range 1 to 65535. 14758 Name must be an IANA_SVC_NAME. 14759 x-kubernetes-int-or-string: true 14760 scheme: 14761 description: Scheme to use for connecting to the host. 14762 Defaults to HTTP. 14763 type: string 14764 required: 14765 - port 14766 type: object 14767 initialDelaySeconds: 14768 description: 'Number of seconds after the container has 14769 started before liveness probes are initiated. More info: 14770 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14771 format: int32 14772 type: integer 14773 periodSeconds: 14774 description: How often (in seconds) to perform the probe. 14775 Default to 10 seconds. Minimum value is 1. 14776 format: int32 14777 type: integer 14778 successThreshold: 14779 description: Minimum consecutive successes for the probe 14780 to be considered successful after having failed. Defaults 14781 to 1. Must be 1 for liveness and startup. Minimum value 14782 is 1. 14783 format: int32 14784 type: integer 14785 tcpSocket: 14786 description: 'TCPSocket specifies an action involving a 14787 TCP port. TCP hooks not yet supported TODO: implement 14788 a realistic TCP lifecycle hook' 14789 properties: 14790 host: 14791 description: 'Optional: Host name to connect to, defaults 14792 to the pod IP.' 14793 type: string 14794 port: 14795 anyOf: 14796 - type: integer 14797 - type: string 14798 description: Number or name of the port to access on 14799 the container. Number must be in the range 1 to 65535. 14800 Name must be an IANA_SVC_NAME. 14801 x-kubernetes-int-or-string: true 14802 required: 14803 - port 14804 type: object 14805 timeoutSeconds: 14806 description: 'Number of seconds after which the probe times 14807 out. Defaults to 1 second. Minimum value is 1. More info: 14808 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14809 format: int32 14810 type: integer 14811 type: object 14812 name: 14813 description: Name of the container specified as a DNS_LABEL. 14814 Each container in a pod must have a unique name (DNS_LABEL). 14815 Cannot be updated. 14816 type: string 14817 ports: 14818 description: List of ports to expose from the container. Exposing 14819 a port here gives the system additional information about 14820 the network connections a container uses, but is primarily 14821 informational. Not specifying a port here DOES NOT prevent 14822 that port from being exposed. Any port which is listening 14823 on the default "0.0.0.0" address inside a container will be 14824 accessible from the network. Cannot be updated. 14825 items: 14826 description: ContainerPort represents a network port in a 14827 single container. 14828 properties: 14829 containerPort: 14830 description: Number of port to expose on the pod's IP 14831 address. This must be a valid port number, 0 < x < 65536. 14832 format: int32 14833 type: integer 14834 hostIP: 14835 description: What host IP to bind the external port to. 14836 type: string 14837 hostPort: 14838 description: Number of port to expose on the host. If 14839 specified, this must be a valid port number, 0 < x < 14840 65536. If HostNetwork is specified, this must match 14841 ContainerPort. Most containers do not need this. 14842 format: int32 14843 type: integer 14844 name: 14845 description: If specified, this must be an IANA_SVC_NAME 14846 and unique within the pod. Each named port in a pod 14847 must have a unique name. Name for the port that can 14848 be referred to by services. 14849 type: string 14850 protocol: 14851 description: Protocol for port. Must be UDP, TCP, or SCTP. 14852 Defaults to "TCP". 14853 type: string 14854 required: 14855 - containerPort 14856 type: object 14857 type: array 14858 readinessProbe: 14859 description: 'Periodic probe of container service readiness. 14860 Container will be removed from service endpoints if the probe 14861 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14862 properties: 14863 exec: 14864 description: One and only one of the following should be 14865 specified. Exec specifies the action to take. 14866 properties: 14867 command: 14868 description: Command is the command line to execute 14869 inside the container, the working directory for the 14870 command is root ('/') in the container's filesystem. 14871 The command is simply exec'd, it is not run inside 14872 a shell, so traditional shell instructions ('|', etc) 14873 won't work. To use a shell, you need to explicitly 14874 call out to that shell. Exit status of 0 is treated 14875 as live/healthy and non-zero is unhealthy. 14876 items: 14877 type: string 14878 type: array 14879 type: object 14880 failureThreshold: 14881 description: Minimum consecutive failures for the probe 14882 to be considered failed after having succeeded. Defaults 14883 to 3. Minimum value is 1. 14884 format: int32 14885 type: integer 14886 httpGet: 14887 description: HTTPGet specifies the http request to perform. 14888 properties: 14889 host: 14890 description: Host name to connect to, defaults to the 14891 pod IP. You probably want to set "Host" in httpHeaders 14892 instead. 14893 type: string 14894 httpHeaders: 14895 description: Custom headers to set in the request. HTTP 14896 allows repeated headers. 14897 items: 14898 description: HTTPHeader describes a custom header 14899 to be used in HTTP probes 14900 properties: 14901 name: 14902 description: The header field name 14903 type: string 14904 value: 14905 description: The header field value 14906 type: string 14907 required: 14908 - name 14909 - value 14910 type: object 14911 type: array 14912 path: 14913 description: Path to access on the HTTP server. 14914 type: string 14915 port: 14916 anyOf: 14917 - type: integer 14918 - type: string 14919 description: Name or number of the port to access on 14920 the container. Number must be in the range 1 to 65535. 14921 Name must be an IANA_SVC_NAME. 14922 x-kubernetes-int-or-string: true 14923 scheme: 14924 description: Scheme to use for connecting to the host. 14925 Defaults to HTTP. 14926 type: string 14927 required: 14928 - port 14929 type: object 14930 initialDelaySeconds: 14931 description: 'Number of seconds after the container has 14932 started before liveness probes are initiated. More info: 14933 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14934 format: int32 14935 type: integer 14936 periodSeconds: 14937 description: How often (in seconds) to perform the probe. 14938 Default to 10 seconds. Minimum value is 1. 14939 format: int32 14940 type: integer 14941 successThreshold: 14942 description: Minimum consecutive successes for the probe 14943 to be considered successful after having failed. Defaults 14944 to 1. Must be 1 for liveness and startup. Minimum value 14945 is 1. 14946 format: int32 14947 type: integer 14948 tcpSocket: 14949 description: 'TCPSocket specifies an action involving a 14950 TCP port. TCP hooks not yet supported TODO: implement 14951 a realistic TCP lifecycle hook' 14952 properties: 14953 host: 14954 description: 'Optional: Host name to connect to, defaults 14955 to the pod IP.' 14956 type: string 14957 port: 14958 anyOf: 14959 - type: integer 14960 - type: string 14961 description: Number or name of the port to access on 14962 the container. Number must be in the range 1 to 65535. 14963 Name must be an IANA_SVC_NAME. 14964 x-kubernetes-int-or-string: true 14965 required: 14966 - port 14967 type: object 14968 timeoutSeconds: 14969 description: 'Number of seconds after which the probe times 14970 out. Defaults to 1 second. Minimum value is 1. More info: 14971 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 14972 format: int32 14973 type: integer 14974 type: object 14975 resources: 14976 description: 'Compute Resources required by this container. 14977 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 14978 properties: 14979 limits: 14980 additionalProperties: 14981 type: string 14982 description: 'Limits describes the maximum amount of compute 14983 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 14984 type: object 14985 requests: 14986 additionalProperties: 14987 type: string 14988 description: 'Requests describes the minimum amount of compute 14989 resources required. If Requests is omitted for a container, 14990 it defaults to Limits if that is explicitly specified, 14991 otherwise to an implementation-defined value. More info: 14992 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 14993 type: object 14994 type: object 14995 securityContext: 14996 description: 'Security options the pod should run with. More 14997 info: https://kubernetes.io/docs/concepts/policy/security-context/ 14998 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 14999 properties: 15000 allowPrivilegeEscalation: 15001 description: 'AllowPrivilegeEscalation controls whether 15002 a process can gain more privileges than its parent process. 15003 This bool directly controls if the no_new_privs flag will 15004 be set on the container process. AllowPrivilegeEscalation 15005 is true always when the container is: 1) run as Privileged 15006 2) has CAP_SYS_ADMIN' 15007 type: boolean 15008 capabilities: 15009 description: The capabilities to add/drop when running containers. 15010 Defaults to the default set of capabilities granted by 15011 the container runtime. 15012 properties: 15013 add: 15014 description: Added capabilities 15015 items: 15016 description: Capability represent POSIX capabilities 15017 type 15018 type: string 15019 type: array 15020 drop: 15021 description: Removed capabilities 15022 items: 15023 description: Capability represent POSIX capabilities 15024 type 15025 type: string 15026 type: array 15027 type: object 15028 privileged: 15029 description: Run container in privileged mode. Processes 15030 in privileged containers are essentially equivalent to 15031 root on the host. Defaults to false. 15032 type: boolean 15033 procMount: 15034 description: procMount denotes the type of proc mount to 15035 use for the containers. The default is DefaultProcMount 15036 which uses the container runtime defaults for readonly 15037 paths and masked paths. This requires the ProcMountType 15038 feature flag to be enabled. 15039 type: string 15040 readOnlyRootFilesystem: 15041 description: Whether this container has a read-only root 15042 filesystem. Default is false. 15043 type: boolean 15044 runAsGroup: 15045 description: The GID to run the entrypoint of the container 15046 process. Uses runtime default if unset. May also be set 15047 in PodSecurityContext. If set in both SecurityContext 15048 and PodSecurityContext, the value specified in SecurityContext 15049 takes precedence. 15050 format: int64 15051 type: integer 15052 runAsNonRoot: 15053 description: Indicates that the container must run as a 15054 non-root user. If true, the Kubelet will validate the 15055 image at runtime to ensure that it does not run as UID 15056 0 (root) and fail to start the container if it does. If 15057 unset or false, no such validation will be performed. 15058 May also be set in PodSecurityContext. If set in both 15059 SecurityContext and PodSecurityContext, the value specified 15060 in SecurityContext takes precedence. 15061 type: boolean 15062 runAsUser: 15063 description: The UID to run the entrypoint of the container 15064 process. Defaults to user specified in image metadata 15065 if unspecified. May also be set in PodSecurityContext. If 15066 set in both SecurityContext and PodSecurityContext, the 15067 value specified in SecurityContext takes precedence. 15068 format: int64 15069 type: integer 15070 seLinuxOptions: 15071 description: The SELinux context to be applied to the container. 15072 If unspecified, the container runtime will allocate a 15073 random SELinux context for each container. May also be 15074 set in PodSecurityContext. If set in both SecurityContext 15075 and PodSecurityContext, the value specified in SecurityContext 15076 takes precedence. 15077 properties: 15078 level: 15079 description: Level is SELinux level label that applies 15080 to the container. 15081 type: string 15082 role: 15083 description: Role is a SELinux role label that applies 15084 to the container. 15085 type: string 15086 type: 15087 description: Type is a SELinux type label that applies 15088 to the container. 15089 type: string 15090 user: 15091 description: User is a SELinux user label that applies 15092 to the container. 15093 type: string 15094 type: object 15095 windowsOptions: 15096 description: The Windows specific settings applied to all 15097 containers. If unspecified, the options from the PodSecurityContext 15098 will be used. If set in both SecurityContext and PodSecurityContext, 15099 the value specified in SecurityContext takes precedence. 15100 properties: 15101 gmsaCredentialSpec: 15102 description: GMSACredentialSpec is where the GMSA admission 15103 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 15104 inlines the contents of the GMSA credential spec named 15105 by the GMSACredentialSpecName field. 15106 type: string 15107 gmsaCredentialSpecName: 15108 description: GMSACredentialSpecName is the name of the 15109 GMSA credential spec to use. 15110 type: string 15111 runAsUserName: 15112 description: The UserName in Windows to run the entrypoint 15113 of the container process. Defaults to the user specified 15114 in image metadata if unspecified. May also be set 15115 in PodSecurityContext. If set in both SecurityContext 15116 and PodSecurityContext, the value specified in SecurityContext 15117 takes precedence. 15118 type: string 15119 type: object 15120 type: object 15121 startupProbe: 15122 description: 'StartupProbe indicates that the Pod has successfully 15123 initialized. If specified, no other probes are executed until 15124 this completes successfully. If this probe fails, the Pod 15125 will be restarted, just as if the livenessProbe failed. This 15126 can be used to provide different probe parameters at the beginning 15127 of a Pod''s lifecycle, when it might take a long time to load 15128 data or warm a cache, than during steady-state operation. 15129 This cannot be updated. This is a beta feature enabled by 15130 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 15131 properties: 15132 exec: 15133 description: One and only one of the following should be 15134 specified. Exec specifies the action to take. 15135 properties: 15136 command: 15137 description: Command is the command line to execute 15138 inside the container, the working directory for the 15139 command is root ('/') in the container's filesystem. 15140 The command is simply exec'd, it is not run inside 15141 a shell, so traditional shell instructions ('|', etc) 15142 won't work. To use a shell, you need to explicitly 15143 call out to that shell. Exit status of 0 is treated 15144 as live/healthy and non-zero is unhealthy. 15145 items: 15146 type: string 15147 type: array 15148 type: object 15149 failureThreshold: 15150 description: Minimum consecutive failures for the probe 15151 to be considered failed after having succeeded. Defaults 15152 to 3. Minimum value is 1. 15153 format: int32 15154 type: integer 15155 httpGet: 15156 description: HTTPGet specifies the http request to perform. 15157 properties: 15158 host: 15159 description: Host name to connect to, defaults to the 15160 pod IP. You probably want to set "Host" in httpHeaders 15161 instead. 15162 type: string 15163 httpHeaders: 15164 description: Custom headers to set in the request. HTTP 15165 allows repeated headers. 15166 items: 15167 description: HTTPHeader describes a custom header 15168 to be used in HTTP probes 15169 properties: 15170 name: 15171 description: The header field name 15172 type: string 15173 value: 15174 description: The header field value 15175 type: string 15176 required: 15177 - name 15178 - value 15179 type: object 15180 type: array 15181 path: 15182 description: Path to access on the HTTP server. 15183 type: string 15184 port: 15185 anyOf: 15186 - type: integer 15187 - type: string 15188 description: Name or number of the port to access on 15189 the container. Number must be in the range 1 to 65535. 15190 Name must be an IANA_SVC_NAME. 15191 x-kubernetes-int-or-string: true 15192 scheme: 15193 description: Scheme to use for connecting to the host. 15194 Defaults to HTTP. 15195 type: string 15196 required: 15197 - port 15198 type: object 15199 initialDelaySeconds: 15200 description: 'Number of seconds after the container has 15201 started before liveness probes are initiated. More info: 15202 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 15203 format: int32 15204 type: integer 15205 periodSeconds: 15206 description: How often (in seconds) to perform the probe. 15207 Default to 10 seconds. Minimum value is 1. 15208 format: int32 15209 type: integer 15210 successThreshold: 15211 description: Minimum consecutive successes for the probe 15212 to be considered successful after having failed. Defaults 15213 to 1. Must be 1 for liveness and startup. Minimum value 15214 is 1. 15215 format: int32 15216 type: integer 15217 tcpSocket: 15218 description: 'TCPSocket specifies an action involving a 15219 TCP port. TCP hooks not yet supported TODO: implement 15220 a realistic TCP lifecycle hook' 15221 properties: 15222 host: 15223 description: 'Optional: Host name to connect to, defaults 15224 to the pod IP.' 15225 type: string 15226 port: 15227 anyOf: 15228 - type: integer 15229 - type: string 15230 description: Number or name of the port to access on 15231 the container. Number must be in the range 1 to 65535. 15232 Name must be an IANA_SVC_NAME. 15233 x-kubernetes-int-or-string: true 15234 required: 15235 - port 15236 type: object 15237 timeoutSeconds: 15238 description: 'Number of seconds after which the probe times 15239 out. Defaults to 1 second. Minimum value is 1. More info: 15240 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 15241 format: int32 15242 type: integer 15243 type: object 15244 stdin: 15245 description: Whether this container should allocate a buffer 15246 for stdin in the container runtime. If this is not set, reads 15247 from stdin in the container will always result in EOF. Default 15248 is false. 15249 type: boolean 15250 stdinOnce: 15251 description: Whether the container runtime should close the 15252 stdin channel after it has been opened by a single attach. 15253 When stdin is true the stdin stream will remain open across 15254 multiple attach sessions. If stdinOnce is set to true, stdin 15255 is opened on container start, is empty until the first client 15256 attaches to stdin, and then remains open and accepts data 15257 until the client disconnects, at which time stdin is closed 15258 and remains closed until the container is restarted. If this 15259 flag is false, a container processes that reads from stdin 15260 will never receive an EOF. Default is false 15261 type: boolean 15262 terminationMessagePath: 15263 description: 'Optional: Path at which the file to which the 15264 container''s termination message will be written is mounted 15265 into the container''s filesystem. Message written is intended 15266 to be brief final status, such as an assertion failure message. 15267 Will be truncated by the node if greater than 4096 bytes. 15268 The total message length across all containers will be limited 15269 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 15270 type: string 15271 terminationMessagePolicy: 15272 description: Indicate how the termination message should be 15273 populated. File will use the contents of terminationMessagePath 15274 to populate the container status message on both success and 15275 failure. FallbackToLogsOnError will use the last chunk of 15276 container log output if the termination message file is empty 15277 and the container exited with an error. The log output is 15278 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 15279 to File. Cannot be updated. 15280 type: string 15281 tty: 15282 description: Whether this container should allocate a TTY for 15283 itself, also requires 'stdin' to be true. Default is false. 15284 type: boolean 15285 volumeDevices: 15286 description: volumeDevices is the list of block devices to be 15287 used by the container. 15288 items: 15289 description: volumeDevice describes a mapping of a raw block 15290 device within a container. 15291 properties: 15292 devicePath: 15293 description: devicePath is the path inside of the container 15294 that the device will be mapped to. 15295 type: string 15296 name: 15297 description: name must match the name of a persistentVolumeClaim 15298 in the pod 15299 type: string 15300 required: 15301 - devicePath 15302 - name 15303 type: object 15304 type: array 15305 volumeMounts: 15306 description: Pod volumes to mount into the container's filesystem. 15307 Cannot be updated. 15308 items: 15309 description: VolumeMount describes a mounting of a Volume 15310 within a container. 15311 properties: 15312 mountPath: 15313 description: Path within the container at which the volume 15314 should be mounted. Must not contain ':'. 15315 type: string 15316 mountPropagation: 15317 description: mountPropagation determines how mounts are 15318 propagated from the host to container and the other 15319 way around. When not set, MountPropagationNone is used. 15320 This field is beta in 1.10. 15321 type: string 15322 name: 15323 description: This must match the Name of a Volume. 15324 type: string 15325 readOnly: 15326 description: Mounted read-only if true, read-write otherwise 15327 (false or unspecified). Defaults to false. 15328 type: boolean 15329 subPath: 15330 description: Path within the volume from which the container's 15331 volume should be mounted. Defaults to "" (volume's root). 15332 type: string 15333 subPathExpr: 15334 description: Expanded path within the volume from which 15335 the container's volume should be mounted. Behaves similarly 15336 to SubPath but environment variable references $(VAR_NAME) 15337 are expanded using the container's environment. Defaults 15338 to "" (volume's root). SubPathExpr and SubPath are mutually 15339 exclusive. 15340 type: string 15341 required: 15342 - mountPath 15343 - name 15344 type: object 15345 type: array 15346 workingDir: 15347 description: Container's working directory. If not specified, 15348 the container runtime's default will be used, which might 15349 be configured in the container image. Cannot be updated. 15350 type: string 15351 required: 15352 - name 15353 type: object 15354 type: array 15355 enforcedNamespaceLabel: 15356 description: EnforcedNamespaceLabel enforces adding a namespace label 15357 of origin for each alert and metric that is user created. The label 15358 value will always be the namespace of the object that is being created. 15359 type: string 15360 evaluationInterval: 15361 description: Interval between consecutive evaluations. 15362 type: string 15363 externalPrefix: 15364 description: The external URL the Thanos Ruler instances will be available 15365 under. This is necessary to generate correct URLs. This is necessary 15366 if Thanos Ruler is not served from root of a DNS name. 15367 type: string 15368 grpcServerTlsConfig: 15369 description: 'GRPCServerTLSConfig configures the gRPC server from 15370 which Thanos Querier reads recorded rule data. Note: Currently only 15371 the CAFile, CertFile, and KeyFile fields are supported. Maps to 15372 the ''--grpc-server-tls-*'' CLI args.' 15373 properties: 15374 ca: 15375 description: Struct containing the CA cert to use for the targets. 15376 properties: 15377 configMap: 15378 description: ConfigMap containing data to use for the targets. 15379 properties: 15380 key: 15381 description: The key to select. 15382 type: string 15383 name: 15384 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15385 TODO: Add other useful fields. apiVersion, kind, uid?' 15386 type: string 15387 optional: 15388 description: Specify whether the ConfigMap or its key 15389 must be defined 15390 type: boolean 15391 required: 15392 - key 15393 type: object 15394 secret: 15395 description: Secret containing data to use for the targets. 15396 properties: 15397 key: 15398 description: The key of the secret to select from. Must 15399 be a valid secret key. 15400 type: string 15401 name: 15402 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15403 TODO: Add other useful fields. apiVersion, kind, uid?' 15404 type: string 15405 optional: 15406 description: Specify whether the Secret or its key must 15407 be defined 15408 type: boolean 15409 required: 15410 - key 15411 type: object 15412 type: object 15413 caFile: 15414 description: Path to the CA cert in the Prometheus container to 15415 use for the targets. 15416 type: string 15417 cert: 15418 description: Struct containing the client cert file for the targets. 15419 properties: 15420 configMap: 15421 description: ConfigMap containing data to use for the targets. 15422 properties: 15423 key: 15424 description: The key to select. 15425 type: string 15426 name: 15427 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15428 TODO: Add other useful fields. apiVersion, kind, uid?' 15429 type: string 15430 optional: 15431 description: Specify whether the ConfigMap or its key 15432 must be defined 15433 type: boolean 15434 required: 15435 - key 15436 type: object 15437 secret: 15438 description: Secret containing data to use for the targets. 15439 properties: 15440 key: 15441 description: The key of the secret to select from. Must 15442 be a valid secret key. 15443 type: string 15444 name: 15445 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15446 TODO: Add other useful fields. apiVersion, kind, uid?' 15447 type: string 15448 optional: 15449 description: Specify whether the Secret or its key must 15450 be defined 15451 type: boolean 15452 required: 15453 - key 15454 type: object 15455 type: object 15456 certFile: 15457 description: Path to the client cert file in the Prometheus container 15458 for the targets. 15459 type: string 15460 insecureSkipVerify: 15461 description: Disable target certificate validation. 15462 type: boolean 15463 keyFile: 15464 description: Path to the client key file in the Prometheus container 15465 for the targets. 15466 type: string 15467 keySecret: 15468 description: Secret containing the client key file for the targets. 15469 properties: 15470 key: 15471 description: The key of the secret to select from. Must be 15472 a valid secret key. 15473 type: string 15474 name: 15475 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15476 TODO: Add other useful fields. apiVersion, kind, uid?' 15477 type: string 15478 optional: 15479 description: Specify whether the Secret or its key must be 15480 defined 15481 type: boolean 15482 required: 15483 - key 15484 type: object 15485 serverName: 15486 description: Used to verify the hostname for the targets. 15487 type: string 15488 type: object 15489 image: 15490 description: Thanos container image URL. 15491 type: string 15492 imagePullSecrets: 15493 description: An optional list of references to secrets in the same 15494 namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 15495 items: 15496 description: LocalObjectReference contains enough information to 15497 let you locate the referenced object inside the same namespace. 15498 properties: 15499 name: 15500 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15501 TODO: Add other useful fields. apiVersion, kind, uid?' 15502 type: string 15503 type: object 15504 type: array 15505 initContainers: 15506 description: 'InitContainers allows adding initContainers to the pod 15507 definition. Those can be used to e.g. fetch secrets for injection 15508 into the ThanosRuler configuration from external sources. Any errors 15509 during the execution of an initContainer will lead to a restart 15510 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 15511 Using initContainers for any use case other then secret fetching 15512 is entirely outside the scope of what the maintainers will support 15513 and by doing so, you accept that this behaviour may break at any 15514 time without notice.' 15515 items: 15516 description: A single application container that you want to run 15517 within a pod. 15518 properties: 15519 args: 15520 description: 'Arguments to the entrypoint. The docker image''s 15521 CMD is used if this is not provided. Variable references $(VAR_NAME) 15522 are expanded using the container''s environment. If a variable 15523 cannot be resolved, the reference in the input string will 15524 be unchanged. The $(VAR_NAME) syntax can be escaped with a 15525 double $$, ie: $$(VAR_NAME). Escaped references will never 15526 be expanded, regardless of whether the variable exists or 15527 not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 15528 items: 15529 type: string 15530 type: array 15531 command: 15532 description: 'Entrypoint array. Not executed within a shell. 15533 The docker image''s ENTRYPOINT is used if this is not provided. 15534 Variable references $(VAR_NAME) are expanded using the container''s 15535 environment. If a variable cannot be resolved, the reference 15536 in the input string will be unchanged. The $(VAR_NAME) syntax 15537 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 15538 references will never be expanded, regardless of whether the 15539 variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 15540 items: 15541 type: string 15542 type: array 15543 env: 15544 description: List of environment variables to set in the container. 15545 Cannot be updated. 15546 items: 15547 description: EnvVar represents an environment variable present 15548 in a Container. 15549 properties: 15550 name: 15551 description: Name of the environment variable. Must be 15552 a C_IDENTIFIER. 15553 type: string 15554 value: 15555 description: 'Variable references $(VAR_NAME) are expanded 15556 using the previous defined environment variables in 15557 the container and any service environment variables. 15558 If a variable cannot be resolved, the reference in the 15559 input string will be unchanged. The $(VAR_NAME) syntax 15560 can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 15561 references will never be expanded, regardless of whether 15562 the variable exists or not. Defaults to "".' 15563 type: string 15564 valueFrom: 15565 description: Source for the environment variable's value. 15566 Cannot be used if value is not empty. 15567 properties: 15568 configMapKeyRef: 15569 description: Selects a key of a ConfigMap. 15570 properties: 15571 key: 15572 description: The key to select. 15573 type: string 15574 name: 15575 description: 'Name of the referent. More info: 15576 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15577 TODO: Add other useful fields. apiVersion, kind, 15578 uid?' 15579 type: string 15580 optional: 15581 description: Specify whether the ConfigMap or 15582 its key must be defined 15583 type: boolean 15584 required: 15585 - key 15586 type: object 15587 fieldRef: 15588 description: 'Selects a field of the pod: supports 15589 metadata.name, metadata.namespace, metadata.labels, 15590 metadata.annotations, spec.nodeName, spec.serviceAccountName, 15591 status.hostIP, status.podIP, status.podIPs.' 15592 properties: 15593 apiVersion: 15594 description: Version of the schema the FieldPath 15595 is written in terms of, defaults to "v1". 15596 type: string 15597 fieldPath: 15598 description: Path of the field to select in the 15599 specified API version. 15600 type: string 15601 required: 15602 - fieldPath 15603 type: object 15604 resourceFieldRef: 15605 description: 'Selects a resource of the container: 15606 only resources limits and requests (limits.cpu, 15607 limits.memory, limits.ephemeral-storage, requests.cpu, 15608 requests.memory and requests.ephemeral-storage) 15609 are currently supported.' 15610 properties: 15611 containerName: 15612 description: 'Container name: required for volumes, 15613 optional for env vars' 15614 type: string 15615 divisor: 15616 description: Specifies the output format of the 15617 exposed resources, defaults to "1" 15618 type: string 15619 resource: 15620 description: 'Required: resource to select' 15621 type: string 15622 required: 15623 - resource 15624 type: object 15625 secretKeyRef: 15626 description: Selects a key of a secret in the pod's 15627 namespace 15628 properties: 15629 key: 15630 description: The key of the secret to select from. Must 15631 be a valid secret key. 15632 type: string 15633 name: 15634 description: 'Name of the referent. More info: 15635 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15636 TODO: Add other useful fields. apiVersion, kind, 15637 uid?' 15638 type: string 15639 optional: 15640 description: Specify whether the Secret or its 15641 key must be defined 15642 type: boolean 15643 required: 15644 - key 15645 type: object 15646 type: object 15647 required: 15648 - name 15649 type: object 15650 type: array 15651 envFrom: 15652 description: List of sources to populate environment variables 15653 in the container. The keys defined within a source must be 15654 a C_IDENTIFIER. All invalid keys will be reported as an event 15655 when the container is starting. When a key exists in multiple 15656 sources, the value associated with the last source will take 15657 precedence. Values defined by an Env with a duplicate key 15658 will take precedence. Cannot be updated. 15659 items: 15660 description: EnvFromSource represents the source of a set 15661 of ConfigMaps 15662 properties: 15663 configMapRef: 15664 description: The ConfigMap to select from 15665 properties: 15666 name: 15667 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15668 TODO: Add other useful fields. apiVersion, kind, 15669 uid?' 15670 type: string 15671 optional: 15672 description: Specify whether the ConfigMap must be 15673 defined 15674 type: boolean 15675 type: object 15676 prefix: 15677 description: An optional identifier to prepend to each 15678 key in the ConfigMap. Must be a C_IDENTIFIER. 15679 type: string 15680 secretRef: 15681 description: The Secret to select from 15682 properties: 15683 name: 15684 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15685 TODO: Add other useful fields. apiVersion, kind, 15686 uid?' 15687 type: string 15688 optional: 15689 description: Specify whether the Secret must be defined 15690 type: boolean 15691 type: object 15692 type: object 15693 type: array 15694 image: 15695 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15696 This field is optional to allow higher level config management 15697 to default or override container images in workload controllers 15698 like Deployments and StatefulSets.' 15699 type: string 15700 imagePullPolicy: 15701 description: 'Image pull policy. One of Always, Never, IfNotPresent. 15702 Defaults to Always if :latest tag is specified, or IfNotPresent 15703 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 15704 type: string 15705 lifecycle: 15706 description: Actions that the management system should take 15707 in response to container lifecycle events. Cannot be updated. 15708 properties: 15709 postStart: 15710 description: 'PostStart is called immediately after a container 15711 is created. If the handler fails, the container is terminated 15712 and restarted according to its restart policy. Other management 15713 of the container blocks until the hook completes. More 15714 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 15715 properties: 15716 exec: 15717 description: One and only one of the following should 15718 be specified. Exec specifies the action to take. 15719 properties: 15720 command: 15721 description: Command is the command line to execute 15722 inside the container, the working directory for 15723 the command is root ('/') in the container's 15724 filesystem. The command is simply exec'd, it is 15725 not run inside a shell, so traditional shell instructions 15726 ('|', etc) won't work. To use a shell, you need 15727 to explicitly call out to that shell. Exit status 15728 of 0 is treated as live/healthy and non-zero is 15729 unhealthy. 15730 items: 15731 type: string 15732 type: array 15733 type: object 15734 httpGet: 15735 description: HTTPGet specifies the http request to perform. 15736 properties: 15737 host: 15738 description: Host name to connect to, defaults to 15739 the pod IP. You probably want to set "Host" in 15740 httpHeaders instead. 15741 type: string 15742 httpHeaders: 15743 description: Custom headers to set in the request. 15744 HTTP allows repeated headers. 15745 items: 15746 description: HTTPHeader describes a custom header 15747 to be used in HTTP probes 15748 properties: 15749 name: 15750 description: The header field name 15751 type: string 15752 value: 15753 description: The header field value 15754 type: string 15755 required: 15756 - name 15757 - value 15758 type: object 15759 type: array 15760 path: 15761 description: Path to access on the HTTP server. 15762 type: string 15763 port: 15764 anyOf: 15765 - type: integer 15766 - type: string 15767 description: Name or number of the port to access 15768 on the container. Number must be in the range 15769 1 to 65535. Name must be an IANA_SVC_NAME. 15770 x-kubernetes-int-or-string: true 15771 scheme: 15772 description: Scheme to use for connecting to the 15773 host. Defaults to HTTP. 15774 type: string 15775 required: 15776 - port 15777 type: object 15778 tcpSocket: 15779 description: 'TCPSocket specifies an action involving 15780 a TCP port. TCP hooks not yet supported TODO: implement 15781 a realistic TCP lifecycle hook' 15782 properties: 15783 host: 15784 description: 'Optional: Host name to connect to, 15785 defaults to the pod IP.' 15786 type: string 15787 port: 15788 anyOf: 15789 - type: integer 15790 - type: string 15791 description: Number or name of the port to access 15792 on the container. Number must be in the range 15793 1 to 65535. Name must be an IANA_SVC_NAME. 15794 x-kubernetes-int-or-string: true 15795 required: 15796 - port 15797 type: object 15798 type: object 15799 preStop: 15800 description: 'PreStop is called immediately before a container 15801 is terminated due to an API request or management event 15802 such as liveness/startup probe failure, preemption, resource 15803 contention, etc. The handler is not called if the container 15804 crashes or exits. The reason for termination is passed 15805 to the handler. The Pod''s termination grace period countdown 15806 begins before the PreStop hooked is executed. Regardless 15807 of the outcome of the handler, the container will eventually 15808 terminate within the Pod''s termination grace period. 15809 Other management of the container blocks until the hook 15810 completes or until the termination grace period is reached. 15811 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 15812 properties: 15813 exec: 15814 description: One and only one of the following should 15815 be specified. Exec specifies the action to take. 15816 properties: 15817 command: 15818 description: Command is the command line to execute 15819 inside the container, the working directory for 15820 the command is root ('/') in the container's 15821 filesystem. The command is simply exec'd, it is 15822 not run inside a shell, so traditional shell instructions 15823 ('|', etc) won't work. To use a shell, you need 15824 to explicitly call out to that shell. Exit status 15825 of 0 is treated as live/healthy and non-zero is 15826 unhealthy. 15827 items: 15828 type: string 15829 type: array 15830 type: object 15831 httpGet: 15832 description: HTTPGet specifies the http request to perform. 15833 properties: 15834 host: 15835 description: Host name to connect to, defaults to 15836 the pod IP. You probably want to set "Host" in 15837 httpHeaders instead. 15838 type: string 15839 httpHeaders: 15840 description: Custom headers to set in the request. 15841 HTTP allows repeated headers. 15842 items: 15843 description: HTTPHeader describes a custom header 15844 to be used in HTTP probes 15845 properties: 15846 name: 15847 description: The header field name 15848 type: string 15849 value: 15850 description: The header field value 15851 type: string 15852 required: 15853 - name 15854 - value 15855 type: object 15856 type: array 15857 path: 15858 description: Path to access on the HTTP server. 15859 type: string 15860 port: 15861 anyOf: 15862 - type: integer 15863 - type: string 15864 description: Name or number of the port to access 15865 on the container. Number must be in the range 15866 1 to 65535. Name must be an IANA_SVC_NAME. 15867 x-kubernetes-int-or-string: true 15868 scheme: 15869 description: Scheme to use for connecting to the 15870 host. Defaults to HTTP. 15871 type: string 15872 required: 15873 - port 15874 type: object 15875 tcpSocket: 15876 description: 'TCPSocket specifies an action involving 15877 a TCP port. TCP hooks not yet supported TODO: implement 15878 a realistic TCP lifecycle hook' 15879 properties: 15880 host: 15881 description: 'Optional: Host name to connect to, 15882 defaults to the pod IP.' 15883 type: string 15884 port: 15885 anyOf: 15886 - type: integer 15887 - type: string 15888 description: Number or name of the port to access 15889 on the container. Number must be in the range 15890 1 to 65535. Name must be an IANA_SVC_NAME. 15891 x-kubernetes-int-or-string: true 15892 required: 15893 - port 15894 type: object 15895 type: object 15896 type: object 15897 livenessProbe: 15898 description: 'Periodic probe of container liveness. Container 15899 will be restarted if the probe fails. Cannot be updated. More 15900 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 15901 properties: 15902 exec: 15903 description: One and only one of the following should be 15904 specified. Exec specifies the action to take. 15905 properties: 15906 command: 15907 description: Command is the command line to execute 15908 inside the container, the working directory for the 15909 command is root ('/') in the container's filesystem. 15910 The command is simply exec'd, it is not run inside 15911 a shell, so traditional shell instructions ('|', etc) 15912 won't work. To use a shell, you need to explicitly 15913 call out to that shell. Exit status of 0 is treated 15914 as live/healthy and non-zero is unhealthy. 15915 items: 15916 type: string 15917 type: array 15918 type: object 15919 failureThreshold: 15920 description: Minimum consecutive failures for the probe 15921 to be considered failed after having succeeded. Defaults 15922 to 3. Minimum value is 1. 15923 format: int32 15924 type: integer 15925 httpGet: 15926 description: HTTPGet specifies the http request to perform. 15927 properties: 15928 host: 15929 description: Host name to connect to, defaults to the 15930 pod IP. You probably want to set "Host" in httpHeaders 15931 instead. 15932 type: string 15933 httpHeaders: 15934 description: Custom headers to set in the request. HTTP 15935 allows repeated headers. 15936 items: 15937 description: HTTPHeader describes a custom header 15938 to be used in HTTP probes 15939 properties: 15940 name: 15941 description: The header field name 15942 type: string 15943 value: 15944 description: The header field value 15945 type: string 15946 required: 15947 - name 15948 - value 15949 type: object 15950 type: array 15951 path: 15952 description: Path to access on the HTTP server. 15953 type: string 15954 port: 15955 anyOf: 15956 - type: integer 15957 - type: string 15958 description: Name or number of the port to access on 15959 the container. Number must be in the range 1 to 65535. 15960 Name must be an IANA_SVC_NAME. 15961 x-kubernetes-int-or-string: true 15962 scheme: 15963 description: Scheme to use for connecting to the host. 15964 Defaults to HTTP. 15965 type: string 15966 required: 15967 - port 15968 type: object 15969 initialDelaySeconds: 15970 description: 'Number of seconds after the container has 15971 started before liveness probes are initiated. More info: 15972 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 15973 format: int32 15974 type: integer 15975 periodSeconds: 15976 description: How often (in seconds) to perform the probe. 15977 Default to 10 seconds. Minimum value is 1. 15978 format: int32 15979 type: integer 15980 successThreshold: 15981 description: Minimum consecutive successes for the probe 15982 to be considered successful after having failed. Defaults 15983 to 1. Must be 1 for liveness and startup. Minimum value 15984 is 1. 15985 format: int32 15986 type: integer 15987 tcpSocket: 15988 description: 'TCPSocket specifies an action involving a 15989 TCP port. TCP hooks not yet supported TODO: implement 15990 a realistic TCP lifecycle hook' 15991 properties: 15992 host: 15993 description: 'Optional: Host name to connect to, defaults 15994 to the pod IP.' 15995 type: string 15996 port: 15997 anyOf: 15998 - type: integer 15999 - type: string 16000 description: Number or name of the port to access on 16001 the container. Number must be in the range 1 to 65535. 16002 Name must be an IANA_SVC_NAME. 16003 x-kubernetes-int-or-string: true 16004 required: 16005 - port 16006 type: object 16007 timeoutSeconds: 16008 description: 'Number of seconds after which the probe times 16009 out. Defaults to 1 second. Minimum value is 1. More info: 16010 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16011 format: int32 16012 type: integer 16013 type: object 16014 name: 16015 description: Name of the container specified as a DNS_LABEL. 16016 Each container in a pod must have a unique name (DNS_LABEL). 16017 Cannot be updated. 16018 type: string 16019 ports: 16020 description: List of ports to expose from the container. Exposing 16021 a port here gives the system additional information about 16022 the network connections a container uses, but is primarily 16023 informational. Not specifying a port here DOES NOT prevent 16024 that port from being exposed. Any port which is listening 16025 on the default "0.0.0.0" address inside a container will be 16026 accessible from the network. Cannot be updated. 16027 items: 16028 description: ContainerPort represents a network port in a 16029 single container. 16030 properties: 16031 containerPort: 16032 description: Number of port to expose on the pod's IP 16033 address. This must be a valid port number, 0 < x < 65536. 16034 format: int32 16035 type: integer 16036 hostIP: 16037 description: What host IP to bind the external port to. 16038 type: string 16039 hostPort: 16040 description: Number of port to expose on the host. If 16041 specified, this must be a valid port number, 0 < x < 16042 65536. If HostNetwork is specified, this must match 16043 ContainerPort. Most containers do not need this. 16044 format: int32 16045 type: integer 16046 name: 16047 description: If specified, this must be an IANA_SVC_NAME 16048 and unique within the pod. Each named port in a pod 16049 must have a unique name. Name for the port that can 16050 be referred to by services. 16051 type: string 16052 protocol: 16053 description: Protocol for port. Must be UDP, TCP, or SCTP. 16054 Defaults to "TCP". 16055 type: string 16056 required: 16057 - containerPort 16058 type: object 16059 type: array 16060 readinessProbe: 16061 description: 'Periodic probe of container service readiness. 16062 Container will be removed from service endpoints if the probe 16063 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16064 properties: 16065 exec: 16066 description: One and only one of the following should be 16067 specified. Exec specifies the action to take. 16068 properties: 16069 command: 16070 description: Command is the command line to execute 16071 inside the container, the working directory for the 16072 command is root ('/') in the container's filesystem. 16073 The command is simply exec'd, it is not run inside 16074 a shell, so traditional shell instructions ('|', etc) 16075 won't work. To use a shell, you need to explicitly 16076 call out to that shell. Exit status of 0 is treated 16077 as live/healthy and non-zero is unhealthy. 16078 items: 16079 type: string 16080 type: array 16081 type: object 16082 failureThreshold: 16083 description: Minimum consecutive failures for the probe 16084 to be considered failed after having succeeded. Defaults 16085 to 3. Minimum value is 1. 16086 format: int32 16087 type: integer 16088 httpGet: 16089 description: HTTPGet specifies the http request to perform. 16090 properties: 16091 host: 16092 description: Host name to connect to, defaults to the 16093 pod IP. You probably want to set "Host" in httpHeaders 16094 instead. 16095 type: string 16096 httpHeaders: 16097 description: Custom headers to set in the request. HTTP 16098 allows repeated headers. 16099 items: 16100 description: HTTPHeader describes a custom header 16101 to be used in HTTP probes 16102 properties: 16103 name: 16104 description: The header field name 16105 type: string 16106 value: 16107 description: The header field value 16108 type: string 16109 required: 16110 - name 16111 - value 16112 type: object 16113 type: array 16114 path: 16115 description: Path to access on the HTTP server. 16116 type: string 16117 port: 16118 anyOf: 16119 - type: integer 16120 - type: string 16121 description: Name or number of the port to access on 16122 the container. Number must be in the range 1 to 65535. 16123 Name must be an IANA_SVC_NAME. 16124 x-kubernetes-int-or-string: true 16125 scheme: 16126 description: Scheme to use for connecting to the host. 16127 Defaults to HTTP. 16128 type: string 16129 required: 16130 - port 16131 type: object 16132 initialDelaySeconds: 16133 description: 'Number of seconds after the container has 16134 started before liveness probes are initiated. More info: 16135 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16136 format: int32 16137 type: integer 16138 periodSeconds: 16139 description: How often (in seconds) to perform the probe. 16140 Default to 10 seconds. Minimum value is 1. 16141 format: int32 16142 type: integer 16143 successThreshold: 16144 description: Minimum consecutive successes for the probe 16145 to be considered successful after having failed. Defaults 16146 to 1. Must be 1 for liveness and startup. Minimum value 16147 is 1. 16148 format: int32 16149 type: integer 16150 tcpSocket: 16151 description: 'TCPSocket specifies an action involving a 16152 TCP port. TCP hooks not yet supported TODO: implement 16153 a realistic TCP lifecycle hook' 16154 properties: 16155 host: 16156 description: 'Optional: Host name to connect to, defaults 16157 to the pod IP.' 16158 type: string 16159 port: 16160 anyOf: 16161 - type: integer 16162 - type: string 16163 description: Number or name of the port to access on 16164 the container. Number must be in the range 1 to 65535. 16165 Name must be an IANA_SVC_NAME. 16166 x-kubernetes-int-or-string: true 16167 required: 16168 - port 16169 type: object 16170 timeoutSeconds: 16171 description: 'Number of seconds after which the probe times 16172 out. Defaults to 1 second. Minimum value is 1. More info: 16173 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16174 format: int32 16175 type: integer 16176 type: object 16177 resources: 16178 description: 'Compute Resources required by this container. 16179 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 16180 properties: 16181 limits: 16182 additionalProperties: 16183 type: string 16184 description: 'Limits describes the maximum amount of compute 16185 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 16186 type: object 16187 requests: 16188 additionalProperties: 16189 type: string 16190 description: 'Requests describes the minimum amount of compute 16191 resources required. If Requests is omitted for a container, 16192 it defaults to Limits if that is explicitly specified, 16193 otherwise to an implementation-defined value. More info: 16194 https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 16195 type: object 16196 type: object 16197 securityContext: 16198 description: 'Security options the pod should run with. More 16199 info: https://kubernetes.io/docs/concepts/policy/security-context/ 16200 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 16201 properties: 16202 allowPrivilegeEscalation: 16203 description: 'AllowPrivilegeEscalation controls whether 16204 a process can gain more privileges than its parent process. 16205 This bool directly controls if the no_new_privs flag will 16206 be set on the container process. AllowPrivilegeEscalation 16207 is true always when the container is: 1) run as Privileged 16208 2) has CAP_SYS_ADMIN' 16209 type: boolean 16210 capabilities: 16211 description: The capabilities to add/drop when running containers. 16212 Defaults to the default set of capabilities granted by 16213 the container runtime. 16214 properties: 16215 add: 16216 description: Added capabilities 16217 items: 16218 description: Capability represent POSIX capabilities 16219 type 16220 type: string 16221 type: array 16222 drop: 16223 description: Removed capabilities 16224 items: 16225 description: Capability represent POSIX capabilities 16226 type 16227 type: string 16228 type: array 16229 type: object 16230 privileged: 16231 description: Run container in privileged mode. Processes 16232 in privileged containers are essentially equivalent to 16233 root on the host. Defaults to false. 16234 type: boolean 16235 procMount: 16236 description: procMount denotes the type of proc mount to 16237 use for the containers. The default is DefaultProcMount 16238 which uses the container runtime defaults for readonly 16239 paths and masked paths. This requires the ProcMountType 16240 feature flag to be enabled. 16241 type: string 16242 readOnlyRootFilesystem: 16243 description: Whether this container has a read-only root 16244 filesystem. Default is false. 16245 type: boolean 16246 runAsGroup: 16247 description: The GID to run the entrypoint of the container 16248 process. Uses runtime default if unset. May also be set 16249 in PodSecurityContext. If set in both SecurityContext 16250 and PodSecurityContext, the value specified in SecurityContext 16251 takes precedence. 16252 format: int64 16253 type: integer 16254 runAsNonRoot: 16255 description: Indicates that the container must run as a 16256 non-root user. If true, the Kubelet will validate the 16257 image at runtime to ensure that it does not run as UID 16258 0 (root) and fail to start the container if it does. If 16259 unset or false, no such validation will be performed. 16260 May also be set in PodSecurityContext. If set in both 16261 SecurityContext and PodSecurityContext, the value specified 16262 in SecurityContext takes precedence. 16263 type: boolean 16264 runAsUser: 16265 description: The UID to run the entrypoint of the container 16266 process. Defaults to user specified in image metadata 16267 if unspecified. May also be set in PodSecurityContext. If 16268 set in both SecurityContext and PodSecurityContext, the 16269 value specified in SecurityContext takes precedence. 16270 format: int64 16271 type: integer 16272 seLinuxOptions: 16273 description: The SELinux context to be applied to the container. 16274 If unspecified, the container runtime will allocate a 16275 random SELinux context for each container. May also be 16276 set in PodSecurityContext. If set in both SecurityContext 16277 and PodSecurityContext, the value specified in SecurityContext 16278 takes precedence. 16279 properties: 16280 level: 16281 description: Level is SELinux level label that applies 16282 to the container. 16283 type: string 16284 role: 16285 description: Role is a SELinux role label that applies 16286 to the container. 16287 type: string 16288 type: 16289 description: Type is a SELinux type label that applies 16290 to the container. 16291 type: string 16292 user: 16293 description: User is a SELinux user label that applies 16294 to the container. 16295 type: string 16296 type: object 16297 windowsOptions: 16298 description: The Windows specific settings applied to all 16299 containers. If unspecified, the options from the PodSecurityContext 16300 will be used. If set in both SecurityContext and PodSecurityContext, 16301 the value specified in SecurityContext takes precedence. 16302 properties: 16303 gmsaCredentialSpec: 16304 description: GMSACredentialSpec is where the GMSA admission 16305 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 16306 inlines the contents of the GMSA credential spec named 16307 by the GMSACredentialSpecName field. 16308 type: string 16309 gmsaCredentialSpecName: 16310 description: GMSACredentialSpecName is the name of the 16311 GMSA credential spec to use. 16312 type: string 16313 runAsUserName: 16314 description: The UserName in Windows to run the entrypoint 16315 of the container process. Defaults to the user specified 16316 in image metadata if unspecified. May also be set 16317 in PodSecurityContext. If set in both SecurityContext 16318 and PodSecurityContext, the value specified in SecurityContext 16319 takes precedence. 16320 type: string 16321 type: object 16322 type: object 16323 startupProbe: 16324 description: 'StartupProbe indicates that the Pod has successfully 16325 initialized. If specified, no other probes are executed until 16326 this completes successfully. If this probe fails, the Pod 16327 will be restarted, just as if the livenessProbe failed. This 16328 can be used to provide different probe parameters at the beginning 16329 of a Pod''s lifecycle, when it might take a long time to load 16330 data or warm a cache, than during steady-state operation. 16331 This cannot be updated. This is a beta feature enabled by 16332 the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16333 properties: 16334 exec: 16335 description: One and only one of the following should be 16336 specified. Exec specifies the action to take. 16337 properties: 16338 command: 16339 description: Command is the command line to execute 16340 inside the container, the working directory for the 16341 command is root ('/') in the container's filesystem. 16342 The command is simply exec'd, it is not run inside 16343 a shell, so traditional shell instructions ('|', etc) 16344 won't work. To use a shell, you need to explicitly 16345 call out to that shell. Exit status of 0 is treated 16346 as live/healthy and non-zero is unhealthy. 16347 items: 16348 type: string 16349 type: array 16350 type: object 16351 failureThreshold: 16352 description: Minimum consecutive failures for the probe 16353 to be considered failed after having succeeded. Defaults 16354 to 3. Minimum value is 1. 16355 format: int32 16356 type: integer 16357 httpGet: 16358 description: HTTPGet specifies the http request to perform. 16359 properties: 16360 host: 16361 description: Host name to connect to, defaults to the 16362 pod IP. You probably want to set "Host" in httpHeaders 16363 instead. 16364 type: string 16365 httpHeaders: 16366 description: Custom headers to set in the request. HTTP 16367 allows repeated headers. 16368 items: 16369 description: HTTPHeader describes a custom header 16370 to be used in HTTP probes 16371 properties: 16372 name: 16373 description: The header field name 16374 type: string 16375 value: 16376 description: The header field value 16377 type: string 16378 required: 16379 - name 16380 - value 16381 type: object 16382 type: array 16383 path: 16384 description: Path to access on the HTTP server. 16385 type: string 16386 port: 16387 anyOf: 16388 - type: integer 16389 - type: string 16390 description: Name or number of the port to access on 16391 the container. Number must be in the range 1 to 65535. 16392 Name must be an IANA_SVC_NAME. 16393 x-kubernetes-int-or-string: true 16394 scheme: 16395 description: Scheme to use for connecting to the host. 16396 Defaults to HTTP. 16397 type: string 16398 required: 16399 - port 16400 type: object 16401 initialDelaySeconds: 16402 description: 'Number of seconds after the container has 16403 started before liveness probes are initiated. More info: 16404 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16405 format: int32 16406 type: integer 16407 periodSeconds: 16408 description: How often (in seconds) to perform the probe. 16409 Default to 10 seconds. Minimum value is 1. 16410 format: int32 16411 type: integer 16412 successThreshold: 16413 description: Minimum consecutive successes for the probe 16414 to be considered successful after having failed. Defaults 16415 to 1. Must be 1 for liveness and startup. Minimum value 16416 is 1. 16417 format: int32 16418 type: integer 16419 tcpSocket: 16420 description: 'TCPSocket specifies an action involving a 16421 TCP port. TCP hooks not yet supported TODO: implement 16422 a realistic TCP lifecycle hook' 16423 properties: 16424 host: 16425 description: 'Optional: Host name to connect to, defaults 16426 to the pod IP.' 16427 type: string 16428 port: 16429 anyOf: 16430 - type: integer 16431 - type: string 16432 description: Number or name of the port to access on 16433 the container. Number must be in the range 1 to 65535. 16434 Name must be an IANA_SVC_NAME. 16435 x-kubernetes-int-or-string: true 16436 required: 16437 - port 16438 type: object 16439 timeoutSeconds: 16440 description: 'Number of seconds after which the probe times 16441 out. Defaults to 1 second. Minimum value is 1. More info: 16442 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 16443 format: int32 16444 type: integer 16445 type: object 16446 stdin: 16447 description: Whether this container should allocate a buffer 16448 for stdin in the container runtime. If this is not set, reads 16449 from stdin in the container will always result in EOF. Default 16450 is false. 16451 type: boolean 16452 stdinOnce: 16453 description: Whether the container runtime should close the 16454 stdin channel after it has been opened by a single attach. 16455 When stdin is true the stdin stream will remain open across 16456 multiple attach sessions. If stdinOnce is set to true, stdin 16457 is opened on container start, is empty until the first client 16458 attaches to stdin, and then remains open and accepts data 16459 until the client disconnects, at which time stdin is closed 16460 and remains closed until the container is restarted. If this 16461 flag is false, a container processes that reads from stdin 16462 will never receive an EOF. Default is false 16463 type: boolean 16464 terminationMessagePath: 16465 description: 'Optional: Path at which the file to which the 16466 container''s termination message will be written is mounted 16467 into the container''s filesystem. Message written is intended 16468 to be brief final status, such as an assertion failure message. 16469 Will be truncated by the node if greater than 4096 bytes. 16470 The total message length across all containers will be limited 16471 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 16472 type: string 16473 terminationMessagePolicy: 16474 description: Indicate how the termination message should be 16475 populated. File will use the contents of terminationMessagePath 16476 to populate the container status message on both success and 16477 failure. FallbackToLogsOnError will use the last chunk of 16478 container log output if the termination message file is empty 16479 and the container exited with an error. The log output is 16480 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 16481 to File. Cannot be updated. 16482 type: string 16483 tty: 16484 description: Whether this container should allocate a TTY for 16485 itself, also requires 'stdin' to be true. Default is false. 16486 type: boolean 16487 volumeDevices: 16488 description: volumeDevices is the list of block devices to be 16489 used by the container. 16490 items: 16491 description: volumeDevice describes a mapping of a raw block 16492 device within a container. 16493 properties: 16494 devicePath: 16495 description: devicePath is the path inside of the container 16496 that the device will be mapped to. 16497 type: string 16498 name: 16499 description: name must match the name of a persistentVolumeClaim 16500 in the pod 16501 type: string 16502 required: 16503 - devicePath 16504 - name 16505 type: object 16506 type: array 16507 volumeMounts: 16508 description: Pod volumes to mount into the container's filesystem. 16509 Cannot be updated. 16510 items: 16511 description: VolumeMount describes a mounting of a Volume 16512 within a container. 16513 properties: 16514 mountPath: 16515 description: Path within the container at which the volume 16516 should be mounted. Must not contain ':'. 16517 type: string 16518 mountPropagation: 16519 description: mountPropagation determines how mounts are 16520 propagated from the host to container and the other 16521 way around. When not set, MountPropagationNone is used. 16522 This field is beta in 1.10. 16523 type: string 16524 name: 16525 description: This must match the Name of a Volume. 16526 type: string 16527 readOnly: 16528 description: Mounted read-only if true, read-write otherwise 16529 (false or unspecified). Defaults to false. 16530 type: boolean 16531 subPath: 16532 description: Path within the volume from which the container's 16533 volume should be mounted. Defaults to "" (volume's root). 16534 type: string 16535 subPathExpr: 16536 description: Expanded path within the volume from which 16537 the container's volume should be mounted. Behaves similarly 16538 to SubPath but environment variable references $(VAR_NAME) 16539 are expanded using the container's environment. Defaults 16540 to "" (volume's root). SubPathExpr and SubPath are mutually 16541 exclusive. 16542 type: string 16543 required: 16544 - mountPath 16545 - name 16546 type: object 16547 type: array 16548 workingDir: 16549 description: Container's working directory. If not specified, 16550 the container runtime's default will be used, which might 16551 be configured in the container image. Cannot be updated. 16552 type: string 16553 required: 16554 - name 16555 type: object 16556 type: array 16557 labels: 16558 additionalProperties: 16559 type: string 16560 description: Labels configure the external label pairs to ThanosRuler. 16561 If not provided, default replica label `thanos_ruler_replica` will 16562 be added as a label and be dropped in alerts. 16563 type: object 16564 listenLocal: 16565 description: ListenLocal makes the Thanos ruler listen on loopback, 16566 so that it does not bind against the Pod IP. 16567 type: boolean 16568 logFormat: 16569 description: Log format for ThanosRuler to be configured with. 16570 type: string 16571 logLevel: 16572 description: Log level for ThanosRuler to be configured with. 16573 type: string 16574 nodeSelector: 16575 additionalProperties: 16576 type: string 16577 description: Define which Nodes the Pods are scheduled on. 16578 type: object 16579 objectStorageConfig: 16580 description: ObjectStorageConfig configures object storage in Thanos. 16581 properties: 16582 key: 16583 description: The key of the secret to select from. Must be a 16584 valid secret key. 16585 type: string 16586 name: 16587 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16588 TODO: Add other useful fields. apiVersion, kind, uid?' 16589 type: string 16590 optional: 16591 description: Specify whether the Secret or its key must be defined 16592 type: boolean 16593 required: 16594 - key 16595 type: object 16596 paused: 16597 description: When a ThanosRuler deployment is paused, no actions except 16598 for deletion will be performed on the underlying objects. 16599 type: boolean 16600 podMetadata: 16601 description: PodMetadata contains Labels and Annotations gets propagated 16602 to the thanos ruler pods. 16603 properties: 16604 annotations: 16605 additionalProperties: 16606 type: string 16607 description: 'Annotations is an unstructured key value map stored 16608 with a resource that may be set by external tools to store and 16609 retrieve arbitrary metadata. They are not queryable and should 16610 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 16611 type: object 16612 labels: 16613 additionalProperties: 16614 type: string 16615 description: 'Map of string keys and values that can be used to 16616 organize and categorize (scope and select) objects. May match 16617 selectors of replication controllers and services. More info: 16618 http://kubernetes.io/docs/user-guide/labels' 16619 type: object 16620 name: 16621 description: 'Name must be unique within a namespace. Is required 16622 when creating resources, although some resources may allow a 16623 client to request the generation of an appropriate name automatically. 16624 Name is primarily intended for creation idempotence and configuration 16625 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 16626 type: string 16627 type: object 16628 portName: 16629 description: Port name used for the pods and governing service. This 16630 defaults to web 16631 type: string 16632 priorityClassName: 16633 description: Priority class assigned to the Pods 16634 type: string 16635 prometheusRulesExcludedFromEnforce: 16636 description: PrometheusRulesExcludedFromEnforce - list of Prometheus 16637 rules to be excluded from enforcing of adding namespace labels. 16638 Works only if enforcedNamespaceLabel set to true. Make sure both 16639 ruleNamespace and ruleName are set for each pair 16640 items: 16641 description: PrometheusRuleExcludeConfig enables users to configure 16642 excluded PrometheusRule names and their namespaces to be ignored 16643 while enforcing namespace label for alerts and metrics. 16644 properties: 16645 ruleName: 16646 description: RuleNamespace - name of excluded rule 16647 type: string 16648 ruleNamespace: 16649 description: RuleNamespace - namespace of excluded rule 16650 type: string 16651 required: 16652 - ruleName 16653 - ruleNamespace 16654 type: object 16655 type: array 16656 queryConfig: 16657 description: Define configuration for connecting to thanos query instances. 16658 If this is defined, the QueryEndpoints field will be ignored. Maps 16659 to the `query.config` CLI argument. Only available with thanos v0.11.0 16660 and higher. 16661 properties: 16662 key: 16663 description: The key of the secret to select from. Must be a 16664 valid secret key. 16665 type: string 16666 name: 16667 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16668 TODO: Add other useful fields. apiVersion, kind, uid?' 16669 type: string 16670 optional: 16671 description: Specify whether the Secret or its key must be defined 16672 type: boolean 16673 required: 16674 - key 16675 type: object 16676 queryEndpoints: 16677 description: QueryEndpoints defines Thanos querier endpoints from 16678 which to query metrics. Maps to the --query flag of thanos ruler. 16679 items: 16680 type: string 16681 type: array 16682 replicas: 16683 description: Number of thanos ruler instances to deploy. 16684 format: int32 16685 type: integer 16686 resources: 16687 description: Resources defines the resource requirements for single 16688 Pods. If not provided, no requests/limits will be set 16689 properties: 16690 limits: 16691 additionalProperties: 16692 type: string 16693 description: 'Limits describes the maximum amount of compute resources 16694 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 16695 type: object 16696 requests: 16697 additionalProperties: 16698 type: string 16699 description: 'Requests describes the minimum amount of compute 16700 resources required. If Requests is omitted for a container, 16701 it defaults to Limits if that is explicitly specified, otherwise 16702 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 16703 type: object 16704 type: object 16705 retention: 16706 description: Time duration ThanosRuler shall retain data for. Default 16707 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 16708 (milliseconds seconds minutes hours days weeks years). 16709 type: string 16710 routePrefix: 16711 description: The route prefix ThanosRuler registers HTTP handlers 16712 for. This allows thanos UI to be served on a sub-path. 16713 type: string 16714 ruleNamespaceSelector: 16715 description: Namespaces to be selected for Rules discovery. If unspecified, 16716 only the same namespace as the ThanosRuler object is in is used. 16717 properties: 16718 matchExpressions: 16719 description: matchExpressions is a list of label selector requirements. 16720 The requirements are ANDed. 16721 items: 16722 description: A label selector requirement is a selector that 16723 contains values, a key, and an operator that relates the key 16724 and values. 16725 properties: 16726 key: 16727 description: key is the label key that the selector applies 16728 to. 16729 type: string 16730 operator: 16731 description: operator represents a key's relationship to 16732 a set of values. Valid operators are In, NotIn, Exists 16733 and DoesNotExist. 16734 type: string 16735 values: 16736 description: values is an array of string values. If the 16737 operator is In or NotIn, the values array must be non-empty. 16738 If the operator is Exists or DoesNotExist, the values 16739 array must be empty. This array is replaced during a strategic 16740 merge patch. 16741 items: 16742 type: string 16743 type: array 16744 required: 16745 - key 16746 - operator 16747 type: object 16748 type: array 16749 matchLabels: 16750 additionalProperties: 16751 type: string 16752 description: matchLabels is a map of {key,value} pairs. A single 16753 {key,value} in the matchLabels map is equivalent to an element 16754 of matchExpressions, whose key field is "key", the operator 16755 is "In", and the values array contains only "value". The requirements 16756 are ANDed. 16757 type: object 16758 type: object 16759 ruleSelector: 16760 description: A label selector to select which PrometheusRules to mount 16761 for alerting and recording. 16762 properties: 16763 matchExpressions: 16764 description: matchExpressions is a list of label selector requirements. 16765 The requirements are ANDed. 16766 items: 16767 description: A label selector requirement is a selector that 16768 contains values, a key, and an operator that relates the key 16769 and values. 16770 properties: 16771 key: 16772 description: key is the label key that the selector applies 16773 to. 16774 type: string 16775 operator: 16776 description: operator represents a key's relationship to 16777 a set of values. Valid operators are In, NotIn, Exists 16778 and DoesNotExist. 16779 type: string 16780 values: 16781 description: values is an array of string values. If the 16782 operator is In or NotIn, the values array must be non-empty. 16783 If the operator is Exists or DoesNotExist, the values 16784 array must be empty. This array is replaced during a strategic 16785 merge patch. 16786 items: 16787 type: string 16788 type: array 16789 required: 16790 - key 16791 - operator 16792 type: object 16793 type: array 16794 matchLabels: 16795 additionalProperties: 16796 type: string 16797 description: matchLabels is a map of {key,value} pairs. A single 16798 {key,value} in the matchLabels map is equivalent to an element 16799 of matchExpressions, whose key field is "key", the operator 16800 is "In", and the values array contains only "value". The requirements 16801 are ANDed. 16802 type: object 16803 type: object 16804 securityContext: 16805 description: SecurityContext holds pod-level security attributes and 16806 common container settings. This defaults to the default PodSecurityContext. 16807 properties: 16808 fsGroup: 16809 description: "A special supplemental group that applies to all 16810 containers in a pod. Some volume types allow the Kubelet to 16811 change the ownership of that volume to be owned by the pod: 16812 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 16813 set (new files created in the volume will be owned by FSGroup) 16814 3. The permission bits are OR'd with rw-rw---- \n If unset, 16815 the Kubelet will not modify the ownership and permissions of 16816 any volume." 16817 format: int64 16818 type: integer 16819 fsGroupChangePolicy: 16820 description: 'fsGroupChangePolicy defines behavior of changing 16821 ownership and permission of the volume before being exposed 16822 inside Pod. This field will only apply to volume types which 16823 support fsGroup based ownership(and permissions). It will have 16824 no effect on ephemeral volume types such as: secret, configmaps 16825 and emptydir. Valid values are "OnRootMismatch" and "Always". 16826 If not specified defaults to "Always".' 16827 type: string 16828 runAsGroup: 16829 description: The GID to run the entrypoint of the container process. 16830 Uses runtime default if unset. May also be set in SecurityContext. If 16831 set in both SecurityContext and PodSecurityContext, the value 16832 specified in SecurityContext takes precedence for that container. 16833 format: int64 16834 type: integer 16835 runAsNonRoot: 16836 description: Indicates that the container must run as a non-root 16837 user. If true, the Kubelet will validate the image at runtime 16838 to ensure that it does not run as UID 0 (root) and fail to start 16839 the container if it does. If unset or false, no such validation 16840 will be performed. May also be set in SecurityContext. If set 16841 in both SecurityContext and PodSecurityContext, the value specified 16842 in SecurityContext takes precedence. 16843 type: boolean 16844 runAsUser: 16845 description: The UID to run the entrypoint of the container process. 16846 Defaults to user specified in image metadata if unspecified. 16847 May also be set in SecurityContext. If set in both SecurityContext 16848 and PodSecurityContext, the value specified in SecurityContext 16849 takes precedence for that container. 16850 format: int64 16851 type: integer 16852 seLinuxOptions: 16853 description: The SELinux context to be applied to all containers. 16854 If unspecified, the container runtime will allocate a random 16855 SELinux context for each container. May also be set in SecurityContext. If 16856 set in both SecurityContext and PodSecurityContext, the value 16857 specified in SecurityContext takes precedence for that container. 16858 properties: 16859 level: 16860 description: Level is SELinux level label that applies to 16861 the container. 16862 type: string 16863 role: 16864 description: Role is a SELinux role label that applies to 16865 the container. 16866 type: string 16867 type: 16868 description: Type is a SELinux type label that applies to 16869 the container. 16870 type: string 16871 user: 16872 description: User is a SELinux user label that applies to 16873 the container. 16874 type: string 16875 type: object 16876 supplementalGroups: 16877 description: A list of groups applied to the first process run 16878 in each container, in addition to the container's primary GID. If 16879 unspecified, no groups will be added to any container. 16880 items: 16881 format: int64 16882 type: integer 16883 type: array 16884 sysctls: 16885 description: Sysctls hold a list of namespaced sysctls used for 16886 the pod. Pods with unsupported sysctls (by the container runtime) 16887 might fail to launch. 16888 items: 16889 description: Sysctl defines a kernel parameter to be set 16890 properties: 16891 name: 16892 description: Name of a property to set 16893 type: string 16894 value: 16895 description: Value of a property to set 16896 type: string 16897 required: 16898 - name 16899 - value 16900 type: object 16901 type: array 16902 windowsOptions: 16903 description: The Windows specific settings applied to all containers. 16904 If unspecified, the options within a container's SecurityContext 16905 will be used. If set in both SecurityContext and PodSecurityContext, 16906 the value specified in SecurityContext takes precedence. 16907 properties: 16908 gmsaCredentialSpec: 16909 description: GMSACredentialSpec is where the GMSA admission 16910 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 16911 inlines the contents of the GMSA credential spec named by 16912 the GMSACredentialSpecName field. 16913 type: string 16914 gmsaCredentialSpecName: 16915 description: GMSACredentialSpecName is the name of the GMSA 16916 credential spec to use. 16917 type: string 16918 runAsUserName: 16919 description: The UserName in Windows to run the entrypoint 16920 of the container process. Defaults to the user specified 16921 in image metadata if unspecified. May also be set in PodSecurityContext. 16922 If set in both SecurityContext and PodSecurityContext, the 16923 value specified in SecurityContext takes precedence. 16924 type: string 16925 type: object 16926 type: object 16927 serviceAccountName: 16928 description: ServiceAccountName is the name of the ServiceAccount 16929 to use to run the Thanos Ruler Pods. 16930 type: string 16931 storage: 16932 description: Storage spec to specify how storage shall be used. 16933 properties: 16934 disableMountSubPath: 16935 description: 'Deprecated: subPath usage will be disabled by default 16936 in a future release, this option will become unnecessary. DisableMountSubPath 16937 allows to remove any subPath usage in volume mounts.' 16938 type: boolean 16939 emptyDir: 16940 description: 'EmptyDirVolumeSource to be used by the Prometheus 16941 StatefulSets. If specified, used in place of any volumeClaimTemplate. 16942 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 16943 properties: 16944 medium: 16945 description: 'What type of storage medium should back this 16946 directory. The default is "" which means to use the node''s 16947 default medium. Must be an empty string (default) or Memory. 16948 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 16949 type: string 16950 sizeLimit: 16951 description: 'Total amount of local storage required for this 16952 EmptyDir volume. The size limit is also applicable for memory 16953 medium. The maximum usage on memory medium EmptyDir would 16954 be the minimum value between the SizeLimit specified here 16955 and the sum of memory limits of all containers in a pod. 16956 The default is nil which means that the limit is undefined. 16957 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 16958 type: string 16959 type: object 16960 volumeClaimTemplate: 16961 description: A PVC spec to be used by the Prometheus StatefulSets. 16962 properties: 16963 apiVersion: 16964 description: 'APIVersion defines the versioned schema of this 16965 representation of an object. Servers should convert recognized 16966 schemas to the latest internal value, and may reject unrecognized 16967 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 16968 type: string 16969 kind: 16970 description: 'Kind is a string value representing the REST 16971 resource this object represents. Servers may infer this 16972 from the endpoint the client submits requests to. Cannot 16973 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 16974 type: string 16975 metadata: 16976 description: EmbeddedMetadata contains metadata relevant to 16977 an EmbeddedResource. 16978 properties: 16979 annotations: 16980 additionalProperties: 16981 type: string 16982 description: 'Annotations is an unstructured key value 16983 map stored with a resource that may be set by external 16984 tools to store and retrieve arbitrary metadata. They 16985 are not queryable and should be preserved when modifying 16986 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 16987 type: object 16988 labels: 16989 additionalProperties: 16990 type: string 16991 description: 'Map of string keys and values that can be 16992 used to organize and categorize (scope and select) objects. 16993 May match selectors of replication controllers and services. 16994 More info: http://kubernetes.io/docs/user-guide/labels' 16995 type: object 16996 name: 16997 description: 'Name must be unique within a namespace. 16998 Is required when creating resources, although some resources 16999 may allow a client to request the generation of an appropriate 17000 name automatically. Name is primarily intended for creation 17001 idempotence and configuration definition. Cannot be 17002 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 17003 type: string 17004 type: object 17005 spec: 17006 description: 'Spec defines the desired characteristics of 17007 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17008 properties: 17009 accessModes: 17010 description: 'AccessModes contains the desired access 17011 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 17012 items: 17013 type: string 17014 type: array 17015 dataSource: 17016 description: 'This field can be used to specify either: 17017 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot 17018 - Beta) * An existing PVC (PersistentVolumeClaim) * 17019 An existing custom resource/object that implements data 17020 population (Alpha) In order to use VolumeSnapshot object 17021 types, the appropriate feature gate must be enabled 17022 (VolumeSnapshotDataSource or AnyVolumeDataSource) If 17023 the provisioner or an external controller can support 17024 the specified data source, it will create a new volume 17025 based on the contents of the specified data source. 17026 If the specified data source is not supported, the volume 17027 will not be created and the failure will be reported 17028 as an event. In the future, we plan to support more 17029 data source types and the behavior of the provisioner 17030 may change.' 17031 properties: 17032 apiGroup: 17033 description: APIGroup is the group for the resource 17034 being referenced. If APIGroup is not specified, 17035 the specified Kind must be in the core API group. 17036 For any other third-party types, APIGroup is required. 17037 type: string 17038 kind: 17039 description: Kind is the type of resource being referenced 17040 type: string 17041 name: 17042 description: Name is the name of resource being referenced 17043 type: string 17044 required: 17045 - kind 17046 - name 17047 type: object 17048 resources: 17049 description: 'Resources represents the minimum resources 17050 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 17051 properties: 17052 limits: 17053 additionalProperties: 17054 type: string 17055 description: 'Limits describes the maximum amount 17056 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 17057 type: object 17058 requests: 17059 additionalProperties: 17060 type: string 17061 description: 'Requests describes the minimum amount 17062 of compute resources required. If Requests is omitted 17063 for a container, it defaults to Limits if that is 17064 explicitly specified, otherwise to an implementation-defined 17065 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' 17066 type: object 17067 type: object 17068 selector: 17069 description: A label query over volumes to consider for 17070 binding. 17071 properties: 17072 matchExpressions: 17073 description: matchExpressions is a list of label selector 17074 requirements. The requirements are ANDed. 17075 items: 17076 description: A label selector requirement is a selector 17077 that contains values, a key, and an operator that 17078 relates the key and values. 17079 properties: 17080 key: 17081 description: key is the label key that the selector 17082 applies to. 17083 type: string 17084 operator: 17085 description: operator represents a key's relationship 17086 to a set of values. Valid operators are In, 17087 NotIn, Exists and DoesNotExist. 17088 type: string 17089 values: 17090 description: values is an array of string values. 17091 If the operator is In or NotIn, the values 17092 array must be non-empty. If the operator is 17093 Exists or DoesNotExist, the values array must 17094 be empty. This array is replaced during a 17095 strategic merge patch. 17096 items: 17097 type: string 17098 type: array 17099 required: 17100 - key 17101 - operator 17102 type: object 17103 type: array 17104 matchLabels: 17105 additionalProperties: 17106 type: string 17107 description: matchLabels is a map of {key,value} pairs. 17108 A single {key,value} in the matchLabels map is equivalent 17109 to an element of matchExpressions, whose key field 17110 is "key", the operator is "In", and the values array 17111 contains only "value". The requirements are ANDed. 17112 type: object 17113 type: object 17114 storageClassName: 17115 description: 'Name of the StorageClass required by the 17116 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 17117 type: string 17118 volumeMode: 17119 description: volumeMode defines what type of volume is 17120 required by the claim. Value of Filesystem is implied 17121 when not included in claim spec. 17122 type: string 17123 volumeName: 17124 description: VolumeName is the binding reference to the 17125 PersistentVolume backing this claim. 17126 type: string 17127 type: object 17128 status: 17129 description: 'Status represents the current information/status 17130 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17131 properties: 17132 accessModes: 17133 description: 'AccessModes contains the actual access modes 17134 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 17135 items: 17136 type: string 17137 type: array 17138 capacity: 17139 additionalProperties: 17140 type: string 17141 description: Represents the actual resources of the underlying 17142 volume. 17143 type: object 17144 conditions: 17145 description: Current Condition of persistent volume claim. 17146 If underlying persistent volume is being resized then 17147 the Condition will be set to 'ResizeStarted'. 17148 items: 17149 description: PersistentVolumeClaimCondition contains 17150 details about state of pvc 17151 properties: 17152 lastProbeTime: 17153 description: Last time we probed the condition. 17154 format: date-time 17155 type: string 17156 lastTransitionTime: 17157 description: Last time the condition transitioned 17158 from one status to another. 17159 format: date-time 17160 type: string 17161 message: 17162 description: Human-readable message indicating details 17163 about last transition. 17164 type: string 17165 reason: 17166 description: Unique, this should be a short, machine 17167 understandable string that gives the reason for 17168 condition's last transition. If it reports "ResizeStarted" 17169 that means the underlying persistent volume is 17170 being resized. 17171 type: string 17172 status: 17173 type: string 17174 type: 17175 description: PersistentVolumeClaimConditionType 17176 is a valid value of PersistentVolumeClaimCondition.Type 17177 type: string 17178 required: 17179 - status 17180 - type 17181 type: object 17182 type: array 17183 phase: 17184 description: Phase represents the current phase of PersistentVolumeClaim. 17185 type: string 17186 type: object 17187 type: object 17188 type: object 17189 tolerations: 17190 description: If specified, the pod's tolerations. 17191 items: 17192 description: The pod this Toleration is attached to tolerates any 17193 taint that matches the triple <key,value,effect> using the matching 17194 operator <operator>. 17195 properties: 17196 effect: 17197 description: Effect indicates the taint effect to match. Empty 17198 means match all taint effects. When specified, allowed values 17199 are NoSchedule, PreferNoSchedule and NoExecute. 17200 type: string 17201 key: 17202 description: Key is the taint key that the toleration applies 17203 to. Empty means match all taint keys. If the key is empty, 17204 operator must be Exists; this combination means to match all 17205 values and all keys. 17206 type: string 17207 operator: 17208 description: Operator represents a key's relationship to the 17209 value. Valid operators are Exists and Equal. Defaults to Equal. 17210 Exists is equivalent to wildcard for value, so that a pod 17211 can tolerate all taints of a particular category. 17212 type: string 17213 tolerationSeconds: 17214 description: TolerationSeconds represents the period of time 17215 the toleration (which must be of effect NoExecute, otherwise 17216 this field is ignored) tolerates the taint. By default, it 17217 is not set, which means tolerate the taint forever (do not 17218 evict). Zero and negative values will be treated as 0 (evict 17219 immediately) by the system. 17220 format: int64 17221 type: integer 17222 value: 17223 description: Value is the taint value the toleration matches 17224 to. If the operator is Exists, the value should be empty, 17225 otherwise just a regular string. 17226 type: string 17227 type: object 17228 type: array 17229 topologySpreadConstraints: 17230 description: If specified, the pod's topology spread constraints. 17231 items: 17232 description: TopologySpreadConstraint specifies how to spread matching 17233 pods among the given topology. 17234 properties: 17235 labelSelector: 17236 description: LabelSelector is used to find matching pods. Pods 17237 that match this label selector are counted to determine the 17238 number of pods in their corresponding topology domain. 17239 properties: 17240 matchExpressions: 17241 description: matchExpressions is a list of label selector 17242 requirements. The requirements are ANDed. 17243 items: 17244 description: A label selector requirement is a selector 17245 that contains values, a key, and an operator that relates 17246 the key and values. 17247 properties: 17248 key: 17249 description: key is the label key that the selector 17250 applies to. 17251 type: string 17252 operator: 17253 description: operator represents a key's relationship 17254 to a set of values. Valid operators are In, NotIn, 17255 Exists and DoesNotExist. 17256 type: string 17257 values: 17258 description: values is an array of string values. 17259 If the operator is In or NotIn, the values array 17260 must be non-empty. If the operator is Exists or 17261 DoesNotExist, the values array must be empty. This 17262 array is replaced during a strategic merge patch. 17263 items: 17264 type: string 17265 type: array 17266 required: 17267 - key 17268 - operator 17269 type: object 17270 type: array 17271 matchLabels: 17272 additionalProperties: 17273 type: string 17274 description: matchLabels is a map of {key,value} pairs. 17275 A single {key,value} in the matchLabels map is equivalent 17276 to an element of matchExpressions, whose key field is 17277 "key", the operator is "In", and the values array contains 17278 only "value". The requirements are ANDed. 17279 type: object 17280 type: object 17281 maxSkew: 17282 description: 'MaxSkew describes the degree to which pods may 17283 be unevenly distributed. It''s the maximum permitted difference 17284 between the number of matching pods in any two topology domains 17285 of a given topology type. For example, in a 3-zone cluster, 17286 MaxSkew is set to 1, and pods with the same labelSelector 17287 spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | 17288 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 17289 to become 1/1/1; scheduling it onto zone1(zone2) would make 17290 the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - 17291 if MaxSkew is 2, incoming pod can be scheduled onto any zone. 17292 It''s a required field. Default value is 1 and 0 is not allowed.' 17293 format: int32 17294 type: integer 17295 topologyKey: 17296 description: TopologyKey is the key of node labels. Nodes that 17297 have a label with this key and identical values are considered 17298 to be in the same topology. We consider each <key, value> 17299 as a "bucket", and try to put balanced number of pods into 17300 each bucket. It's a required field. 17301 type: string 17302 whenUnsatisfiable: 17303 description: 'WhenUnsatisfiable indicates how to deal with a 17304 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 17305 (default) tells the scheduler not to schedule it - ScheduleAnyway 17306 tells the scheduler to still schedule it It''s considered 17307 as "Unsatisfiable" if and only if placing incoming pod on 17308 any topology violates "MaxSkew". For example, in a 3-zone 17309 cluster, MaxSkew is set to 1, and pods with the same labelSelector 17310 spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | 17311 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod 17312 can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) 17313 as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In 17314 other words, the cluster can still be imbalanced, but scheduler 17315 won''t make it *more* imbalanced. It''s a required field.' 17316 type: string 17317 required: 17318 - maxSkew 17319 - topologyKey 17320 - whenUnsatisfiable 17321 type: object 17322 type: array 17323 tracingConfig: 17324 description: TracingConfig configures tracing in Thanos. This is an 17325 experimental feature, it may change in any upcoming release in a 17326 breaking way. 17327 properties: 17328 key: 17329 description: The key of the secret to select from. Must be a 17330 valid secret key. 17331 type: string 17332 name: 17333 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17334 TODO: Add other useful fields. apiVersion, kind, uid?' 17335 type: string 17336 optional: 17337 description: Specify whether the Secret or its key must be defined 17338 type: boolean 17339 required: 17340 - key 17341 type: object 17342 volumes: 17343 description: Volumes allows configuration of additional volumes on 17344 the output StatefulSet definition. Volumes specified will be appended 17345 to other volumes that are generated as a result of StorageSpec objects. 17346 items: 17347 description: Volume represents a named volume in a pod that may 17348 be accessed by any container in the pod. 17349 properties: 17350 awsElasticBlockStore: 17351 description: 'AWSElasticBlockStore represents an AWS Disk resource 17352 that is attached to a kubelet''s host machine and then exposed 17353 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 17354 properties: 17355 fsType: 17356 description: 'Filesystem type of the volume that you want 17357 to mount. Tip: Ensure that the filesystem type is supported 17358 by the host operating system. Examples: "ext4", "xfs", 17359 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17360 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 17361 TODO: how do we prevent errors in the filesystem from 17362 compromising the machine' 17363 type: string 17364 partition: 17365 description: 'The partition in the volume that you want 17366 to mount. If omitted, the default is to mount by volume 17367 name. Examples: For volume /dev/sda1, you specify the 17368 partition as "1". Similarly, the volume partition for 17369 /dev/sda is "0" (or you can leave the property empty).' 17370 format: int32 17371 type: integer 17372 readOnly: 17373 description: 'Specify "true" to force and set the ReadOnly 17374 property in VolumeMounts to "true". If omitted, the default 17375 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 17376 type: boolean 17377 volumeID: 17378 description: 'Unique ID of the persistent disk resource 17379 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 17380 type: string 17381 required: 17382 - volumeID 17383 type: object 17384 azureDisk: 17385 description: AzureDisk represents an Azure Data Disk mount on 17386 the host and bind mount to the pod. 17387 properties: 17388 cachingMode: 17389 description: 'Host Caching mode: None, Read Only, Read Write.' 17390 type: string 17391 diskName: 17392 description: The Name of the data disk in the blob storage 17393 type: string 17394 diskURI: 17395 description: The URI the data disk in the blob storage 17396 type: string 17397 fsType: 17398 description: Filesystem type to mount. Must be a filesystem 17399 type supported by the host operating system. Ex. "ext4", 17400 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17401 type: string 17402 kind: 17403 description: 'Expected values Shared: multiple blob disks 17404 per storage account Dedicated: single blob disk per storage 17405 account Managed: azure managed data disk (only in managed 17406 availability set). defaults to shared' 17407 type: string 17408 readOnly: 17409 description: Defaults to false (read/write). ReadOnly here 17410 will force the ReadOnly setting in VolumeMounts. 17411 type: boolean 17412 required: 17413 - diskName 17414 - diskURI 17415 type: object 17416 azureFile: 17417 description: AzureFile represents an Azure File Service mount 17418 on the host and bind mount to the pod. 17419 properties: 17420 readOnly: 17421 description: Defaults to false (read/write). ReadOnly here 17422 will force the ReadOnly setting in VolumeMounts. 17423 type: boolean 17424 secretName: 17425 description: the name of secret that contains Azure Storage 17426 Account Name and Key 17427 type: string 17428 shareName: 17429 description: Share Name 17430 type: string 17431 required: 17432 - secretName 17433 - shareName 17434 type: object 17435 cephfs: 17436 description: CephFS represents a Ceph FS mount on the host that 17437 shares a pod's lifetime 17438 properties: 17439 monitors: 17440 description: 'Required: Monitors is a collection of Ceph 17441 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 17442 items: 17443 type: string 17444 type: array 17445 path: 17446 description: 'Optional: Used as the mounted root, rather 17447 than the full Ceph tree, default is /' 17448 type: string 17449 readOnly: 17450 description: 'Optional: Defaults to false (read/write). 17451 ReadOnly here will force the ReadOnly setting in VolumeMounts. 17452 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 17453 type: boolean 17454 secretFile: 17455 description: 'Optional: SecretFile is the path to key ring 17456 for User, default is /etc/ceph/user.secret More info: 17457 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 17458 type: string 17459 secretRef: 17460 description: 'Optional: SecretRef is reference to the authentication 17461 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 17462 properties: 17463 name: 17464 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17465 TODO: Add other useful fields. apiVersion, kind, uid?' 17466 type: string 17467 type: object 17468 user: 17469 description: 'Optional: User is the rados user name, default 17470 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 17471 type: string 17472 required: 17473 - monitors 17474 type: object 17475 cinder: 17476 description: 'Cinder represents a cinder volume attached and 17477 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 17478 properties: 17479 fsType: 17480 description: 'Filesystem type to mount. Must be a filesystem 17481 type supported by the host operating system. Examples: 17482 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 17483 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 17484 type: string 17485 readOnly: 17486 description: 'Optional: Defaults to false (read/write). 17487 ReadOnly here will force the ReadOnly setting in VolumeMounts. 17488 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 17489 type: boolean 17490 secretRef: 17491 description: 'Optional: points to a secret object containing 17492 parameters used to connect to OpenStack.' 17493 properties: 17494 name: 17495 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17496 TODO: Add other useful fields. apiVersion, kind, uid?' 17497 type: string 17498 type: object 17499 volumeID: 17500 description: 'volume id used to identify the volume in cinder. 17501 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 17502 type: string 17503 required: 17504 - volumeID 17505 type: object 17506 configMap: 17507 description: ConfigMap represents a configMap that should populate 17508 this volume 17509 properties: 17510 defaultMode: 17511 description: 'Optional: mode bits to use on created files 17512 by default. Must be a value between 0 and 0777. Defaults 17513 to 0644. Directories within the path are not affected 17514 by this setting. This might be in conflict with other 17515 options that affect the file mode, like fsGroup, and the 17516 result can be other mode bits set.' 17517 format: int32 17518 type: integer 17519 items: 17520 description: If unspecified, each key-value pair in the 17521 Data field of the referenced ConfigMap will be projected 17522 into the volume as a file whose name is the key and content 17523 is the value. If specified, the listed keys will be projected 17524 into the specified paths, and unlisted keys will not be 17525 present. If a key is specified which is not present in 17526 the ConfigMap, the volume setup will error unless it is 17527 marked optional. Paths must be relative and may not contain 17528 the '..' path or start with '..'. 17529 items: 17530 description: Maps a string key to a path within a volume. 17531 properties: 17532 key: 17533 description: The key to project. 17534 type: string 17535 mode: 17536 description: 'Optional: mode bits to use on this file, 17537 must be a value between 0 and 0777. If not specified, 17538 the volume defaultMode will be used. This might 17539 be in conflict with other options that affect the 17540 file mode, like fsGroup, and the result can be other 17541 mode bits set.' 17542 format: int32 17543 type: integer 17544 path: 17545 description: The relative path of the file to map 17546 the key to. May not be an absolute path. May not 17547 contain the path element '..'. May not start with 17548 the string '..'. 17549 type: string 17550 required: 17551 - key 17552 - path 17553 type: object 17554 type: array 17555 name: 17556 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17557 TODO: Add other useful fields. apiVersion, kind, uid?' 17558 type: string 17559 optional: 17560 description: Specify whether the ConfigMap or its keys must 17561 be defined 17562 type: boolean 17563 type: object 17564 csi: 17565 description: CSI (Container Storage Interface) represents storage 17566 that is handled by an external CSI driver (Alpha feature). 17567 properties: 17568 driver: 17569 description: Driver is the name of the CSI driver that handles 17570 this volume. Consult with your admin for the correct name 17571 as registered in the cluster. 17572 type: string 17573 fsType: 17574 description: Filesystem type to mount. Ex. "ext4", "xfs", 17575 "ntfs". If not provided, the empty value is passed to 17576 the associated CSI driver which will determine the default 17577 filesystem to apply. 17578 type: string 17579 nodePublishSecretRef: 17580 description: NodePublishSecretRef is a reference to the 17581 secret object containing sensitive information to pass 17582 to the CSI driver to complete the CSI NodePublishVolume 17583 and NodeUnpublishVolume calls. This field is optional, 17584 and may be empty if no secret is required. If the secret 17585 object contains more than one secret, all secret references 17586 are passed. 17587 properties: 17588 name: 17589 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17590 TODO: Add other useful fields. apiVersion, kind, uid?' 17591 type: string 17592 type: object 17593 readOnly: 17594 description: Specifies a read-only configuration for the 17595 volume. Defaults to false (read/write). 17596 type: boolean 17597 volumeAttributes: 17598 additionalProperties: 17599 type: string 17600 description: VolumeAttributes stores driver-specific properties 17601 that are passed to the CSI driver. Consult your driver's 17602 documentation for supported values. 17603 type: object 17604 required: 17605 - driver 17606 type: object 17607 downwardAPI: 17608 description: DownwardAPI represents downward API about the pod 17609 that should populate this volume 17610 properties: 17611 defaultMode: 17612 description: 'Optional: mode bits to use on created files 17613 by default. Must be a value between 0 and 0777. Defaults 17614 to 0644. Directories within the path are not affected 17615 by this setting. This might be in conflict with other 17616 options that affect the file mode, like fsGroup, and the 17617 result can be other mode bits set.' 17618 format: int32 17619 type: integer 17620 items: 17621 description: Items is a list of downward API volume file 17622 items: 17623 description: DownwardAPIVolumeFile represents information 17624 to create the file containing the pod field 17625 properties: 17626 fieldRef: 17627 description: 'Required: Selects a field of the pod: 17628 only annotations, labels, name and namespace are 17629 supported.' 17630 properties: 17631 apiVersion: 17632 description: Version of the schema the FieldPath 17633 is written in terms of, defaults to "v1". 17634 type: string 17635 fieldPath: 17636 description: Path of the field to select in the 17637 specified API version. 17638 type: string 17639 required: 17640 - fieldPath 17641 type: object 17642 mode: 17643 description: 'Optional: mode bits to use on this file, 17644 must be a value between 0 and 0777. If not specified, 17645 the volume defaultMode will be used. This might 17646 be in conflict with other options that affect the 17647 file mode, like fsGroup, and the result can be other 17648 mode bits set.' 17649 format: int32 17650 type: integer 17651 path: 17652 description: 'Required: Path is the relative path 17653 name of the file to be created. Must not be absolute 17654 or contain the ''..'' path. Must be utf-8 encoded. 17655 The first item of the relative path must not start 17656 with ''..''' 17657 type: string 17658 resourceFieldRef: 17659 description: 'Selects a resource of the container: 17660 only resources limits and requests (limits.cpu, 17661 limits.memory, requests.cpu and requests.memory) 17662 are currently supported.' 17663 properties: 17664 containerName: 17665 description: 'Container name: required for volumes, 17666 optional for env vars' 17667 type: string 17668 divisor: 17669 description: Specifies the output format of the 17670 exposed resources, defaults to "1" 17671 type: string 17672 resource: 17673 description: 'Required: resource to select' 17674 type: string 17675 required: 17676 - resource 17677 type: object 17678 required: 17679 - path 17680 type: object 17681 type: array 17682 type: object 17683 emptyDir: 17684 description: 'EmptyDir represents a temporary directory that 17685 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 17686 properties: 17687 medium: 17688 description: 'What type of storage medium should back this 17689 directory. The default is "" which means to use the node''s 17690 default medium. Must be an empty string (default) or Memory. 17691 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 17692 type: string 17693 sizeLimit: 17694 description: 'Total amount of local storage required for 17695 this EmptyDir volume. The size limit is also applicable 17696 for memory medium. The maximum usage on memory medium 17697 EmptyDir would be the minimum value between the SizeLimit 17698 specified here and the sum of memory limits of all containers 17699 in a pod. The default is nil which means that the limit 17700 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 17701 type: string 17702 type: object 17703 fc: 17704 description: FC represents a Fibre Channel resource that is 17705 attached to a kubelet's host machine and then exposed to the 17706 pod. 17707 properties: 17708 fsType: 17709 description: 'Filesystem type to mount. Must be a filesystem 17710 type supported by the host operating system. Ex. "ext4", 17711 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17712 TODO: how do we prevent errors in the filesystem from 17713 compromising the machine' 17714 type: string 17715 lun: 17716 description: 'Optional: FC target lun number' 17717 format: int32 17718 type: integer 17719 readOnly: 17720 description: 'Optional: Defaults to false (read/write). 17721 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 17722 type: boolean 17723 targetWWNs: 17724 description: 'Optional: FC target worldwide names (WWNs)' 17725 items: 17726 type: string 17727 type: array 17728 wwids: 17729 description: 'Optional: FC volume world wide identifiers 17730 (wwids) Either wwids or combination of targetWWNs and 17731 lun must be set, but not both simultaneously.' 17732 items: 17733 type: string 17734 type: array 17735 type: object 17736 flexVolume: 17737 description: FlexVolume represents a generic volume resource 17738 that is provisioned/attached using an exec based plugin. 17739 properties: 17740 driver: 17741 description: Driver is the name of the driver to use for 17742 this volume. 17743 type: string 17744 fsType: 17745 description: Filesystem type to mount. Must be a filesystem 17746 type supported by the host operating system. Ex. "ext4", 17747 "xfs", "ntfs". The default filesystem depends on FlexVolume 17748 script. 17749 type: string 17750 options: 17751 additionalProperties: 17752 type: string 17753 description: 'Optional: Extra command options if any.' 17754 type: object 17755 readOnly: 17756 description: 'Optional: Defaults to false (read/write). 17757 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 17758 type: boolean 17759 secretRef: 17760 description: 'Optional: SecretRef is reference to the secret 17761 object containing sensitive information to pass to the 17762 plugin scripts. This may be empty if no secret object 17763 is specified. If the secret object contains more than 17764 one secret, all secrets are passed to the plugin scripts.' 17765 properties: 17766 name: 17767 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17768 TODO: Add other useful fields. apiVersion, kind, uid?' 17769 type: string 17770 type: object 17771 required: 17772 - driver 17773 type: object 17774 flocker: 17775 description: Flocker represents a Flocker volume attached to 17776 a kubelet's host machine. This depends on the Flocker control 17777 service being running 17778 properties: 17779 datasetName: 17780 description: Name of the dataset stored as metadata -> name 17781 on the dataset for Flocker should be considered as deprecated 17782 type: string 17783 datasetUUID: 17784 description: UUID of the dataset. This is unique identifier 17785 of a Flocker dataset 17786 type: string 17787 type: object 17788 gcePersistentDisk: 17789 description: 'GCEPersistentDisk represents a GCE Disk resource 17790 that is attached to a kubelet''s host machine and then exposed 17791 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17792 properties: 17793 fsType: 17794 description: 'Filesystem type of the volume that you want 17795 to mount. Tip: Ensure that the filesystem type is supported 17796 by the host operating system. Examples: "ext4", "xfs", 17797 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17798 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 17799 TODO: how do we prevent errors in the filesystem from 17800 compromising the machine' 17801 type: string 17802 partition: 17803 description: 'The partition in the volume that you want 17804 to mount. If omitted, the default is to mount by volume 17805 name. Examples: For volume /dev/sda1, you specify the 17806 partition as "1". Similarly, the volume partition for 17807 /dev/sda is "0" (or you can leave the property empty). 17808 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17809 format: int32 17810 type: integer 17811 pdName: 17812 description: 'Unique name of the PD resource in GCE. Used 17813 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17814 type: string 17815 readOnly: 17816 description: 'ReadOnly here will force the ReadOnly setting 17817 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 17818 type: boolean 17819 required: 17820 - pdName 17821 type: object 17822 gitRepo: 17823 description: 'GitRepo represents a git repository at a particular 17824 revision. DEPRECATED: GitRepo is deprecated. To provision 17825 a container with a git repo, mount an EmptyDir into an InitContainer 17826 that clones the repo using git, then mount the EmptyDir into 17827 the Pod''s container.' 17828 properties: 17829 directory: 17830 description: Target directory name. Must not contain or 17831 start with '..'. If '.' is supplied, the volume directory 17832 will be the git repository. Otherwise, if specified, 17833 the volume will contain the git repository in the subdirectory 17834 with the given name. 17835 type: string 17836 repository: 17837 description: Repository URL 17838 type: string 17839 revision: 17840 description: Commit hash for the specified revision. 17841 type: string 17842 required: 17843 - repository 17844 type: object 17845 glusterfs: 17846 description: 'Glusterfs represents a Glusterfs mount on the 17847 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 17848 properties: 17849 endpoints: 17850 description: 'EndpointsName is the endpoint name that details 17851 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17852 type: string 17853 path: 17854 description: 'Path is the Glusterfs volume path. More info: 17855 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17856 type: string 17857 readOnly: 17858 description: 'ReadOnly here will force the Glusterfs volume 17859 to be mounted with read-only permissions. Defaults to 17860 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 17861 type: boolean 17862 required: 17863 - endpoints 17864 - path 17865 type: object 17866 hostPath: 17867 description: 'HostPath represents a pre-existing file or directory 17868 on the host machine that is directly exposed to the container. 17869 This is generally used for system agents or other privileged 17870 things that are allowed to see the host machine. Most containers 17871 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 17872 --- TODO(jonesdl) We need to restrict who can use host directory 17873 mounts and who can/can not mount host directories as read/write.' 17874 properties: 17875 path: 17876 description: 'Path of the directory on the host. If the 17877 path is a symlink, it will follow the link to the real 17878 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 17879 type: string 17880 type: 17881 description: 'Type for HostPath Volume Defaults to "" More 17882 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 17883 type: string 17884 required: 17885 - path 17886 type: object 17887 iscsi: 17888 description: 'ISCSI represents an ISCSI Disk resource that is 17889 attached to a kubelet''s host machine and then exposed to 17890 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 17891 properties: 17892 chapAuthDiscovery: 17893 description: whether support iSCSI Discovery CHAP authentication 17894 type: boolean 17895 chapAuthSession: 17896 description: whether support iSCSI Session CHAP authentication 17897 type: boolean 17898 fsType: 17899 description: 'Filesystem type of the volume that you want 17900 to mount. Tip: Ensure that the filesystem type is supported 17901 by the host operating system. Examples: "ext4", "xfs", 17902 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17903 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 17904 TODO: how do we prevent errors in the filesystem from 17905 compromising the machine' 17906 type: string 17907 initiatorName: 17908 description: Custom iSCSI Initiator Name. If initiatorName 17909 is specified with iscsiInterface simultaneously, new iSCSI 17910 interface <target portal>:<volume name> will be created 17911 for the connection. 17912 type: string 17913 iqn: 17914 description: Target iSCSI Qualified Name. 17915 type: string 17916 iscsiInterface: 17917 description: iSCSI Interface Name that uses an iSCSI transport. 17918 Defaults to 'default' (tcp). 17919 type: string 17920 lun: 17921 description: iSCSI Target Lun number. 17922 format: int32 17923 type: integer 17924 portals: 17925 description: iSCSI Target Portal List. The portal is either 17926 an IP or ip_addr:port if the port is other than default 17927 (typically TCP ports 860 and 3260). 17928 items: 17929 type: string 17930 type: array 17931 readOnly: 17932 description: ReadOnly here will force the ReadOnly setting 17933 in VolumeMounts. Defaults to false. 17934 type: boolean 17935 secretRef: 17936 description: CHAP Secret for iSCSI target and initiator 17937 authentication 17938 properties: 17939 name: 17940 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17941 TODO: Add other useful fields. apiVersion, kind, uid?' 17942 type: string 17943 type: object 17944 targetPortal: 17945 description: iSCSI Target Portal. The Portal is either an 17946 IP or ip_addr:port if the port is other than default (typically 17947 TCP ports 860 and 3260). 17948 type: string 17949 required: 17950 - iqn 17951 - lun 17952 - targetPortal 17953 type: object 17954 name: 17955 description: 'Volume''s name. Must be a DNS_LABEL and unique 17956 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 17957 type: string 17958 nfs: 17959 description: 'NFS represents an NFS mount on the host that shares 17960 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17961 properties: 17962 path: 17963 description: 'Path that is exported by the NFS server. More 17964 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17965 type: string 17966 readOnly: 17967 description: 'ReadOnly here will force the NFS export to 17968 be mounted with read-only permissions. Defaults to false. 17969 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17970 type: boolean 17971 server: 17972 description: 'Server is the hostname or IP address of the 17973 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17974 type: string 17975 required: 17976 - path 17977 - server 17978 type: object 17979 persistentVolumeClaim: 17980 description: 'PersistentVolumeClaimVolumeSource represents a 17981 reference to a PersistentVolumeClaim in the same namespace. 17982 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17983 properties: 17984 claimName: 17985 description: 'ClaimName is the name of a PersistentVolumeClaim 17986 in the same namespace as the pod using this volume. More 17987 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17988 type: string 17989 readOnly: 17990 description: Will force the ReadOnly setting in VolumeMounts. 17991 Default false. 17992 type: boolean 17993 required: 17994 - claimName 17995 type: object 17996 photonPersistentDisk: 17997 description: PhotonPersistentDisk represents a PhotonController 17998 persistent disk attached and mounted on kubelets host machine 17999 properties: 18000 fsType: 18001 description: Filesystem type to mount. Must be a filesystem 18002 type supported by the host operating system. Ex. "ext4", 18003 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 18004 type: string 18005 pdID: 18006 description: ID that identifies Photon Controller persistent 18007 disk 18008 type: string 18009 required: 18010 - pdID 18011 type: object 18012 portworxVolume: 18013 description: PortworxVolume represents a portworx volume attached 18014 and mounted on kubelets host machine 18015 properties: 18016 fsType: 18017 description: FSType represents the filesystem type to mount 18018 Must be a filesystem type supported by the host operating 18019 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 18020 if unspecified. 18021 type: string 18022 readOnly: 18023 description: Defaults to false (read/write). ReadOnly here 18024 will force the ReadOnly setting in VolumeMounts. 18025 type: boolean 18026 volumeID: 18027 description: VolumeID uniquely identifies a Portworx volume 18028 type: string 18029 required: 18030 - volumeID 18031 type: object 18032 projected: 18033 description: Items for all in one resources secrets, configmaps, 18034 and downward API 18035 properties: 18036 defaultMode: 18037 description: Mode bits to use on created files by default. 18038 Must be a value between 0 and 0777. Directories within 18039 the path are not affected by this setting. This might 18040 be in conflict with other options that affect the file 18041 mode, like fsGroup, and the result can be other mode bits 18042 set. 18043 format: int32 18044 type: integer 18045 sources: 18046 description: list of volume projections 18047 items: 18048 description: Projection that may be projected along with 18049 other supported volume types 18050 properties: 18051 configMap: 18052 description: information about the configMap data 18053 to project 18054 properties: 18055 items: 18056 description: If unspecified, each key-value pair 18057 in the Data field of the referenced ConfigMap 18058 will be projected into the volume as a file 18059 whose name is the key and content is the value. 18060 If specified, the listed keys will be projected 18061 into the specified paths, and unlisted keys 18062 will not be present. If a key is specified which 18063 is not present in the ConfigMap, the volume 18064 setup will error unless it is marked optional. 18065 Paths must be relative and may not contain the 18066 '..' path or start with '..'. 18067 items: 18068 description: Maps a string key to a path within 18069 a volume. 18070 properties: 18071 key: 18072 description: The key to project. 18073 type: string 18074 mode: 18075 description: 'Optional: mode bits to use 18076 on this file, must be a value between 18077 0 and 0777. If not specified, the volume 18078 defaultMode will be used. This might be 18079 in conflict with other options that affect 18080 the file mode, like fsGroup, and the result 18081 can be other mode bits set.' 18082 format: int32 18083 type: integer 18084 path: 18085 description: The relative path of the file 18086 to map the key to. May not be an absolute 18087 path. May not contain the path element 18088 '..'. May not start with the string '..'. 18089 type: string 18090 required: 18091 - key 18092 - path 18093 type: object 18094 type: array 18095 name: 18096 description: 'Name of the referent. More info: 18097 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18098 TODO: Add other useful fields. apiVersion, kind, 18099 uid?' 18100 type: string 18101 optional: 18102 description: Specify whether the ConfigMap or 18103 its keys must be defined 18104 type: boolean 18105 type: object 18106 downwardAPI: 18107 description: information about the downwardAPI data 18108 to project 18109 properties: 18110 items: 18111 description: Items is a list of DownwardAPIVolume 18112 file 18113 items: 18114 description: DownwardAPIVolumeFile represents 18115 information to create the file containing 18116 the pod field 18117 properties: 18118 fieldRef: 18119 description: 'Required: Selects a field 18120 of the pod: only annotations, labels, 18121 name and namespace are supported.' 18122 properties: 18123 apiVersion: 18124 description: Version of the schema the 18125 FieldPath is written in terms of, 18126 defaults to "v1". 18127 type: string 18128 fieldPath: 18129 description: Path of the field to select 18130 in the specified API version. 18131 type: string 18132 required: 18133 - fieldPath 18134 type: object 18135 mode: 18136 description: 'Optional: mode bits to use 18137 on this file, must be a value between 18138 0 and 0777. If not specified, the volume 18139 defaultMode will be used. This might be 18140 in conflict with other options that affect 18141 the file mode, like fsGroup, and the result 18142 can be other mode bits set.' 18143 format: int32 18144 type: integer 18145 path: 18146 description: 'Required: Path is the relative 18147 path name of the file to be created. Must 18148 not be absolute or contain the ''..'' 18149 path. Must be utf-8 encoded. The first 18150 item of the relative path must not start 18151 with ''..''' 18152 type: string 18153 resourceFieldRef: 18154 description: 'Selects a resource of the 18155 container: only resources limits and requests 18156 (limits.cpu, limits.memory, requests.cpu 18157 and requests.memory) are currently supported.' 18158 properties: 18159 containerName: 18160 description: 'Container name: required 18161 for volumes, optional for env vars' 18162 type: string 18163 divisor: 18164 description: Specifies the output format 18165 of the exposed resources, defaults 18166 to "1" 18167 type: string 18168 resource: 18169 description: 'Required: resource to 18170 select' 18171 type: string 18172 required: 18173 - resource 18174 type: object 18175 required: 18176 - path 18177 type: object 18178 type: array 18179 type: object 18180 secret: 18181 description: information about the secret data to 18182 project 18183 properties: 18184 items: 18185 description: If unspecified, each key-value pair 18186 in the Data field of the referenced Secret will 18187 be projected into the volume as a file whose 18188 name is the key and content is the value. If 18189 specified, the listed keys will be projected 18190 into the specified paths, and unlisted keys 18191 will not be present. If a key is specified which 18192 is not present in the Secret, the volume setup 18193 will error unless it is marked optional. Paths 18194 must be relative and may not contain the '..' 18195 path or start with '..'. 18196 items: 18197 description: Maps a string key to a path within 18198 a volume. 18199 properties: 18200 key: 18201 description: The key to project. 18202 type: string 18203 mode: 18204 description: 'Optional: mode bits to use 18205 on this file, must be a value between 18206 0 and 0777. If not specified, the volume 18207 defaultMode will be used. This might be 18208 in conflict with other options that affect 18209 the file mode, like fsGroup, and the result 18210 can be other mode bits set.' 18211 format: int32 18212 type: integer 18213 path: 18214 description: The relative path of the file 18215 to map the key to. May not be an absolute 18216 path. May not contain the path element 18217 '..'. May not start with the string '..'. 18218 type: string 18219 required: 18220 - key 18221 - path 18222 type: object 18223 type: array 18224 name: 18225 description: 'Name of the referent. More info: 18226 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18227 TODO: Add other useful fields. apiVersion, kind, 18228 uid?' 18229 type: string 18230 optional: 18231 description: Specify whether the Secret or its 18232 key must be defined 18233 type: boolean 18234 type: object 18235 serviceAccountToken: 18236 description: information about the serviceAccountToken 18237 data to project 18238 properties: 18239 audience: 18240 description: Audience is the intended audience 18241 of the token. A recipient of a token must identify 18242 itself with an identifier specified in the audience 18243 of the token, and otherwise should reject the 18244 token. The audience defaults to the identifier 18245 of the apiserver. 18246 type: string 18247 expirationSeconds: 18248 description: ExpirationSeconds is the requested 18249 duration of validity of the service account 18250 token. As the token approaches expiration, the 18251 kubelet volume plugin will proactively rotate 18252 the service account token. The kubelet will 18253 start trying to rotate the token if the token 18254 is older than 80 percent of its time to live 18255 or if the token is older than 24 hours.Defaults 18256 to 1 hour and must be at least 10 minutes. 18257 format: int64 18258 type: integer 18259 path: 18260 description: Path is the path relative to the 18261 mount point of the file to project the token 18262 into. 18263 type: string 18264 required: 18265 - path 18266 type: object 18267 type: object 18268 type: array 18269 required: 18270 - sources 18271 type: object 18272 quobyte: 18273 description: Quobyte represents a Quobyte mount on the host 18274 that shares a pod's lifetime 18275 properties: 18276 group: 18277 description: Group to map volume access to Default is no 18278 group 18279 type: string 18280 readOnly: 18281 description: ReadOnly here will force the Quobyte volume 18282 to be mounted with read-only permissions. Defaults to 18283 false. 18284 type: boolean 18285 registry: 18286 description: Registry represents a single or multiple Quobyte 18287 Registry services specified as a string as host:port pair 18288 (multiple entries are separated with commas) which acts 18289 as the central registry for volumes 18290 type: string 18291 tenant: 18292 description: Tenant owning the given Quobyte volume in the 18293 Backend Used with dynamically provisioned Quobyte volumes, 18294 value is set by the plugin 18295 type: string 18296 user: 18297 description: User to map volume access to Defaults to serivceaccount 18298 user 18299 type: string 18300 volume: 18301 description: Volume is a string that references an already 18302 created Quobyte volume by name. 18303 type: string 18304 required: 18305 - registry 18306 - volume 18307 type: object 18308 rbd: 18309 description: 'RBD represents a Rados Block Device mount on the 18310 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 18311 properties: 18312 fsType: 18313 description: 'Filesystem type of the volume that you want 18314 to mount. Tip: Ensure that the filesystem type is supported 18315 by the host operating system. Examples: "ext4", "xfs", 18316 "ntfs". Implicitly inferred to be "ext4" if unspecified. 18317 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 18318 TODO: how do we prevent errors in the filesystem from 18319 compromising the machine' 18320 type: string 18321 image: 18322 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18323 type: string 18324 keyring: 18325 description: 'Keyring is the path to key ring for RBDUser. 18326 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18327 type: string 18328 monitors: 18329 description: 'A collection of Ceph monitors. More info: 18330 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18331 items: 18332 type: string 18333 type: array 18334 pool: 18335 description: 'The rados pool name. Default is rbd. More 18336 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18337 type: string 18338 readOnly: 18339 description: 'ReadOnly here will force the ReadOnly setting 18340 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18341 type: boolean 18342 secretRef: 18343 description: 'SecretRef is name of the authentication secret 18344 for RBDUser. If provided overrides keyring. Default is 18345 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18346 properties: 18347 name: 18348 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18349 TODO: Add other useful fields. apiVersion, kind, uid?' 18350 type: string 18351 type: object 18352 user: 18353 description: 'The rados user name. Default is admin. More 18354 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 18355 type: string 18356 required: 18357 - image 18358 - monitors 18359 type: object 18360 scaleIO: 18361 description: ScaleIO represents a ScaleIO persistent volume 18362 attached and mounted on Kubernetes nodes. 18363 properties: 18364 fsType: 18365 description: Filesystem type to mount. Must be a filesystem 18366 type supported by the host operating system. Ex. "ext4", 18367 "xfs", "ntfs". Default is "xfs". 18368 type: string 18369 gateway: 18370 description: The host address of the ScaleIO API Gateway. 18371 type: string 18372 protectionDomain: 18373 description: The name of the ScaleIO Protection Domain for 18374 the configured storage. 18375 type: string 18376 readOnly: 18377 description: Defaults to false (read/write). ReadOnly here 18378 will force the ReadOnly setting in VolumeMounts. 18379 type: boolean 18380 secretRef: 18381 description: SecretRef references to the secret for ScaleIO 18382 user and other sensitive information. If this is not provided, 18383 Login operation will fail. 18384 properties: 18385 name: 18386 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18387 TODO: Add other useful fields. apiVersion, kind, uid?' 18388 type: string 18389 type: object 18390 sslEnabled: 18391 description: Flag to enable/disable SSL communication with 18392 Gateway, default false 18393 type: boolean 18394 storageMode: 18395 description: Indicates whether the storage for a volume 18396 should be ThickProvisioned or ThinProvisioned. Default 18397 is ThinProvisioned. 18398 type: string 18399 storagePool: 18400 description: The ScaleIO Storage Pool associated with the 18401 protection domain. 18402 type: string 18403 system: 18404 description: The name of the storage system as configured 18405 in ScaleIO. 18406 type: string 18407 volumeName: 18408 description: The name of a volume already created in the 18409 ScaleIO system that is associated with this volume source. 18410 type: string 18411 required: 18412 - gateway 18413 - secretRef 18414 - system 18415 type: object 18416 secret: 18417 description: 'Secret represents a secret that should populate 18418 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 18419 properties: 18420 defaultMode: 18421 description: 'Optional: mode bits to use on created files 18422 by default. Must be a value between 0 and 0777. Defaults 18423 to 0644. Directories within the path are not affected 18424 by this setting. This might be in conflict with other 18425 options that affect the file mode, like fsGroup, and the 18426 result can be other mode bits set.' 18427 format: int32 18428 type: integer 18429 items: 18430 description: If unspecified, each key-value pair in the 18431 Data field of the referenced Secret will be projected 18432 into the volume as a file whose name is the key and content 18433 is the value. If specified, the listed keys will be projected 18434 into the specified paths, and unlisted keys will not be 18435 present. If a key is specified which is not present in 18436 the Secret, the volume setup will error unless it is marked 18437 optional. Paths must be relative and may not contain the 18438 '..' path or start with '..'. 18439 items: 18440 description: Maps a string key to a path within a volume. 18441 properties: 18442 key: 18443 description: The key to project. 18444 type: string 18445 mode: 18446 description: 'Optional: mode bits to use on this file, 18447 must be a value between 0 and 0777. If not specified, 18448 the volume defaultMode will be used. This might 18449 be in conflict with other options that affect the 18450 file mode, like fsGroup, and the result can be other 18451 mode bits set.' 18452 format: int32 18453 type: integer 18454 path: 18455 description: The relative path of the file to map 18456 the key to. May not be an absolute path. May not 18457 contain the path element '..'. May not start with 18458 the string '..'. 18459 type: string 18460 required: 18461 - key 18462 - path 18463 type: object 18464 type: array 18465 optional: 18466 description: Specify whether the Secret or its keys must 18467 be defined 18468 type: boolean 18469 secretName: 18470 description: 'Name of the secret in the pod''s namespace 18471 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 18472 type: string 18473 type: object 18474 storageos: 18475 description: StorageOS represents a StorageOS volume attached 18476 and mounted on Kubernetes nodes. 18477 properties: 18478 fsType: 18479 description: Filesystem type to mount. Must be a filesystem 18480 type supported by the host operating system. Ex. "ext4", 18481 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 18482 type: string 18483 readOnly: 18484 description: Defaults to false (read/write). ReadOnly here 18485 will force the ReadOnly setting in VolumeMounts. 18486 type: boolean 18487 secretRef: 18488 description: SecretRef specifies the secret to use for obtaining 18489 the StorageOS API credentials. If not specified, default 18490 values will be attempted. 18491 properties: 18492 name: 18493 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18494 TODO: Add other useful fields. apiVersion, kind, uid?' 18495 type: string 18496 type: object 18497 volumeName: 18498 description: VolumeName is the human-readable name of the 18499 StorageOS volume. Volume names are only unique within 18500 a namespace. 18501 type: string 18502 volumeNamespace: 18503 description: VolumeNamespace specifies the scope of the 18504 volume within StorageOS. If no namespace is specified 18505 then the Pod's namespace will be used. This allows the 18506 Kubernetes name scoping to be mirrored within StorageOS 18507 for tighter integration. Set VolumeName to any name to 18508 override the default behaviour. Set to "default" if you 18509 are not using namespaces within StorageOS. Namespaces 18510 that do not pre-exist within StorageOS will be created. 18511 type: string 18512 type: object 18513 vsphereVolume: 18514 description: VsphereVolume represents a vSphere volume attached 18515 and mounted on kubelets host machine 18516 properties: 18517 fsType: 18518 description: Filesystem type to mount. Must be a filesystem 18519 type supported by the host operating system. Ex. "ext4", 18520 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 18521 type: string 18522 storagePolicyID: 18523 description: Storage Policy Based Management (SPBM) profile 18524 ID associated with the StoragePolicyName. 18525 type: string 18526 storagePolicyName: 18527 description: Storage Policy Based Management (SPBM) profile 18528 name. 18529 type: string 18530 volumePath: 18531 description: Path that identifies vSphere volume vmdk 18532 type: string 18533 required: 18534 - volumePath 18535 type: object 18536 required: 18537 - name 18538 type: object 18539 type: array 18540 type: object 18541 status: 18542 description: 'Most recent observed status of the ThanosRuler cluster. 18543 Read-only. Not included when requesting from the apiserver, only from 18544 the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 18545 properties: 18546 availableReplicas: 18547 description: Total number of available pods (ready for at least minReadySeconds) 18548 targeted by this ThanosRuler deployment. 18549 format: int32 18550 type: integer 18551 paused: 18552 description: Represents whether any actions on the underlying managed 18553 objects are being performed. Only delete actions will be performed. 18554 type: boolean 18555 replicas: 18556 description: Total number of non-terminated pods targeted by this 18557 ThanosRuler deployment (their labels match the selector). 18558 format: int32 18559 type: integer 18560 unavailableReplicas: 18561 description: Total number of unavailable pods targeted by this ThanosRuler 18562 deployment. 18563 format: int32 18564 type: integer 18565 updatedReplicas: 18566 description: Total number of non-terminated pods targeted by this 18567 ThanosRuler deployment that have the desired version spec. 18568 format: int32 18569 type: integer 18570 required: 18571 - availableReplicas 18572 - paused 18573 - replicas 18574 - unavailableReplicas 18575 - updatedReplicas 18576 type: object 18577 required: 18578 - spec 18579 type: object 18580 served: true 18581 storage: true 18582 status: 18583 acceptedNames: 18584 kind: "" 18585 plural: "" 18586 conditions: [] 18587 storedVersions: [] 18588 --- 18589 apiVersion: rbac.authorization.k8s.io/v1 18590 kind: ClusterRoleBinding 18591 metadata: 18592 labels: 18593 app.kubernetes.io/component: controller 18594 app.kubernetes.io/name: prometheus-operator 18595 app.kubernetes.io/version: v0.43.0 18596 name: prometheus-operator 18597 roleRef: 18598 apiGroup: rbac.authorization.k8s.io 18599 kind: ClusterRole 18600 name: prometheus-operator 18601 subjects: 18602 - kind: ServiceAccount 18603 name: prometheus-operator 18604 namespace: default 18605 --- 18606 apiVersion: rbac.authorization.k8s.io/v1 18607 kind: ClusterRole 18608 metadata: 18609 labels: 18610 app.kubernetes.io/component: controller 18611 app.kubernetes.io/name: prometheus-operator 18612 app.kubernetes.io/version: v0.43.0 18613 name: prometheus-operator 18614 rules: 18615 - apiGroups: 18616 - monitoring.coreos.com 18617 resources: 18618 - alertmanagers 18619 - alertmanagers/finalizers 18620 - alertmanagerconfigs 18621 - prometheuses 18622 - prometheuses/finalizers 18623 - thanosrulers 18624 - thanosrulers/finalizers 18625 - servicemonitors 18626 - podmonitors 18627 - probes 18628 - prometheusrules 18629 verbs: 18630 - '*' 18631 - apiGroups: 18632 - apps 18633 resources: 18634 - statefulsets 18635 verbs: 18636 - '*' 18637 - apiGroups: 18638 - "" 18639 resources: 18640 - configmaps 18641 - secrets 18642 verbs: 18643 - '*' 18644 - apiGroups: 18645 - "" 18646 resources: 18647 - pods 18648 verbs: 18649 - list 18650 - delete 18651 - apiGroups: 18652 - "" 18653 resources: 18654 - services 18655 - services/finalizers 18656 - endpoints 18657 verbs: 18658 - get 18659 - create 18660 - update 18661 - delete 18662 - apiGroups: 18663 - "" 18664 resources: 18665 - nodes 18666 verbs: 18667 - list 18668 - watch 18669 - apiGroups: 18670 - "" 18671 resources: 18672 - namespaces 18673 verbs: 18674 - get 18675 - list 18676 - watch 18677 - apiGroups: 18678 - networking.k8s.io 18679 resources: 18680 - ingresses 18681 verbs: 18682 - get 18683 - list 18684 - watch 18685 --- 18686 apiVersion: apps/v1 18687 kind: Deployment 18688 metadata: 18689 labels: 18690 app.kubernetes.io/component: controller 18691 app.kubernetes.io/name: prometheus-operator 18692 app.kubernetes.io/version: v0.43.0 18693 name: prometheus-operator 18694 namespace: default 18695 spec: 18696 replicas: 1 18697 selector: 18698 matchLabels: 18699 app.kubernetes.io/component: controller 18700 app.kubernetes.io/name: prometheus-operator 18701 template: 18702 metadata: 18703 labels: 18704 app.kubernetes.io/component: controller 18705 app.kubernetes.io/name: prometheus-operator 18706 app.kubernetes.io/version: v0.43.0 18707 spec: 18708 containers: 18709 - args: 18710 - --kubelet-service=kube-system/kubelet 18711 - --logtostderr=true 18712 - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.43.0 18713 image: quay.io/prometheus-operator/prometheus-operator:v0.43.0 18714 name: prometheus-operator 18715 ports: 18716 - containerPort: 8080 18717 name: http 18718 resources: 18719 limits: 18720 cpu: 200m 18721 memory: 200Mi 18722 requests: 18723 cpu: 100m 18724 memory: 100Mi 18725 securityContext: 18726 allowPrivilegeEscalation: false 18727 nodeSelector: 18728 kubernetes.io/os: linux 18729 securityContext: 18730 runAsNonRoot: true 18731 runAsUser: 65534 18732 serviceAccountName: prometheus-operator 18733 --- 18734 apiVersion: v1 18735 kind: ServiceAccount 18736 metadata: 18737 labels: 18738 app.kubernetes.io/component: controller 18739 app.kubernetes.io/name: prometheus-operator 18740 app.kubernetes.io/version: v0.43.0 18741 name: prometheus-operator 18742 namespace: default 18743 --- 18744 apiVersion: v1 18745 kind: Service 18746 metadata: 18747 labels: 18748 app.kubernetes.io/component: controller 18749 app.kubernetes.io/name: prometheus-operator 18750 app.kubernetes.io/version: v0.43.0 18751 name: prometheus-operator 18752 namespace: default 18753 spec: 18754 clusterIP: None 18755 ports: 18756 - name: http 18757 port: 8080 18758 targetPort: http 18759 selector: 18760 app.kubernetes.io/component: controller 18761 app.kubernetes.io/name: prometheus-operator