zotregistry.dev/zot@v1.4.4-0.20240314164342-eec277e14d20/examples/metrics/kubernetes/prometheus/bundle.yaml (about) 1 2 --- 3 apiVersion: apiextensions.k8s.io/v1 4 kind: CustomResourceDefinition 5 metadata: 6 annotations: 7 controller-gen.kubebuilder.io/version: v0.6.2 8 creationTimestamp: null 9 name: alertmanagerconfigs.monitoring.coreos.com 10 spec: 11 group: monitoring.coreos.com 12 names: 13 categories: 14 - prometheus-operator 15 kind: AlertmanagerConfig 16 listKind: AlertmanagerConfigList 17 plural: alertmanagerconfigs 18 singular: alertmanagerconfig 19 scope: Namespaced 20 versions: 21 - name: v1alpha1 22 schema: 23 openAPIV3Schema: 24 description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to 25 be aggregated across multiple namespaces configuring one Alertmanager cluster. 26 properties: 27 apiVersion: 28 description: 'APIVersion defines the versioned schema of this representation 29 of an object. Servers should convert recognized schemas to the latest 30 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 31 type: string 32 kind: 33 description: 'Kind is a string value representing the REST resource this 34 object represents. Servers may infer this from the endpoint the client 35 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 36 type: string 37 metadata: 38 type: object 39 spec: 40 description: AlertmanagerConfigSpec is a specification of the desired 41 behavior of the Alertmanager configuration. By definition, the Alertmanager 42 configuration only applies to alerts for which the `namespace` label 43 is equal to the namespace of the AlertmanagerConfig resource. 44 properties: 45 inhibitRules: 46 description: List of inhibition rules. The rules will only apply to 47 alerts matching the resource’s namespace. 48 items: 49 description: InhibitRule defines an inhibition rule that allows 50 to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule 51 properties: 52 equal: 53 description: Labels that must have an equal value in the source 54 and target alert for the inhibition to take effect. 55 items: 56 type: string 57 type: array 58 sourceMatch: 59 description: Matchers for which one or more alerts have to exist 60 for the inhibition to take effect. The operator enforces that 61 the alert matches the resource’s namespace. 62 items: 63 description: Matcher defines how to match on alert's labels. 64 properties: 65 name: 66 description: Label to match. 67 minLength: 1 68 type: string 69 regex: 70 description: Whether to match on equality (false) or regular-expression 71 (true). 72 type: boolean 73 value: 74 description: Label value to match. 75 type: string 76 required: 77 - name 78 type: object 79 type: array 80 targetMatch: 81 description: Matchers that have to be fulfilled in the alerts 82 to be muted. The operator enforces that the alert matches 83 the resource’s namespace. 84 items: 85 description: Matcher defines how to match on alert's labels. 86 properties: 87 name: 88 description: Label to match. 89 minLength: 1 90 type: string 91 regex: 92 description: Whether to match on equality (false) or regular-expression 93 (true). 94 type: boolean 95 value: 96 description: Label value to match. 97 type: string 98 required: 99 - name 100 type: object 101 type: array 102 type: object 103 type: array 104 receivers: 105 description: List of receivers. 106 items: 107 description: Receiver defines one or more notification integrations. 108 properties: 109 emailConfigs: 110 description: List of Email configurations. 111 items: 112 description: EmailConfig configures notifications via Email. 113 properties: 114 authIdentity: 115 description: The identity to use for authentication. 116 type: string 117 authPassword: 118 description: The secret's key that contains the password 119 to use for authentication. The secret needs to be in 120 the same namespace as the AlertmanagerConfig object 121 and accessible by the Prometheus Operator. 122 properties: 123 key: 124 description: The key of the secret to select from. Must 125 be a valid secret key. 126 type: string 127 name: 128 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 129 TODO: Add other useful fields. apiVersion, kind, 130 uid?' 131 type: string 132 optional: 133 description: Specify whether the Secret or its key 134 must be defined 135 type: boolean 136 required: 137 - key 138 type: object 139 authSecret: 140 description: The secret's key that contains the CRAM-MD5 141 secret. The secret needs to be in the same namespace 142 as the AlertmanagerConfig object and accessible by the 143 Prometheus Operator. 144 properties: 145 key: 146 description: The key of the secret to select from. Must 147 be a valid secret key. 148 type: string 149 name: 150 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 151 TODO: Add other useful fields. apiVersion, kind, 152 uid?' 153 type: string 154 optional: 155 description: Specify whether the Secret or its key 156 must be defined 157 type: boolean 158 required: 159 - key 160 type: object 161 authUsername: 162 description: The username to use for authentication. 163 type: string 164 from: 165 description: The sender address. 166 type: string 167 headers: 168 description: Further headers email header key/value pairs. 169 Overrides any headers previously set by the notification 170 implementation. 171 items: 172 description: KeyValue defines a (key, value) tuple. 173 properties: 174 key: 175 description: Key of the tuple. 176 minLength: 1 177 type: string 178 value: 179 description: Value of the tuple. 180 type: string 181 required: 182 - key 183 - value 184 type: object 185 type: array 186 hello: 187 description: The hostname to identify to the SMTP server. 188 type: string 189 html: 190 description: The HTML body of the email notification. 191 type: string 192 requireTLS: 193 description: The SMTP TLS requirement. Note that Go does 194 not support unencrypted connections to remote SMTP endpoints. 195 type: boolean 196 sendResolved: 197 description: Whether or not to notify about resolved alerts. 198 type: boolean 199 smarthost: 200 description: The SMTP host and port through which emails 201 are sent. E.g. example.com:25 202 type: string 203 text: 204 description: The text body of the email notification. 205 type: string 206 tlsConfig: 207 description: TLS configuration 208 properties: 209 ca: 210 description: Struct containing the CA cert to use 211 for the targets. 212 properties: 213 configMap: 214 description: ConfigMap containing data to use 215 for the targets. 216 properties: 217 key: 218 description: The key to select. 219 type: string 220 name: 221 description: 'Name of the referent. More info: 222 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 223 TODO: Add other useful fields. apiVersion, 224 kind, uid?' 225 type: string 226 optional: 227 description: Specify whether the ConfigMap 228 or its key must be defined 229 type: boolean 230 required: 231 - key 232 type: object 233 secret: 234 description: Secret containing data to use for 235 the targets. 236 properties: 237 key: 238 description: The key of the secret to select 239 from. Must be a valid secret key. 240 type: string 241 name: 242 description: 'Name of the referent. More info: 243 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 244 TODO: Add other useful fields. apiVersion, 245 kind, uid?' 246 type: string 247 optional: 248 description: Specify whether the Secret or 249 its key must be defined 250 type: boolean 251 required: 252 - key 253 type: object 254 type: object 255 cert: 256 description: Struct containing the client cert file 257 for the targets. 258 properties: 259 configMap: 260 description: ConfigMap containing data to use 261 for the targets. 262 properties: 263 key: 264 description: The key to select. 265 type: string 266 name: 267 description: 'Name of the referent. More info: 268 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 269 TODO: Add other useful fields. apiVersion, 270 kind, uid?' 271 type: string 272 optional: 273 description: Specify whether the ConfigMap 274 or its key must be defined 275 type: boolean 276 required: 277 - key 278 type: object 279 secret: 280 description: Secret containing data to use for 281 the targets. 282 properties: 283 key: 284 description: The key of the secret to select 285 from. Must be a valid secret key. 286 type: string 287 name: 288 description: 'Name of the referent. More info: 289 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 290 TODO: Add other useful fields. apiVersion, 291 kind, uid?' 292 type: string 293 optional: 294 description: Specify whether the Secret or 295 its key must be defined 296 type: boolean 297 required: 298 - key 299 type: object 300 type: object 301 insecureSkipVerify: 302 description: Disable target certificate validation. 303 type: boolean 304 keySecret: 305 description: Secret containing the client key file 306 for the targets. 307 properties: 308 key: 309 description: The key of the secret to select from. Must 310 be a valid secret key. 311 type: string 312 name: 313 description: 'Name of the referent. More info: 314 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 315 TODO: Add other useful fields. apiVersion, kind, 316 uid?' 317 type: string 318 optional: 319 description: Specify whether the Secret or its 320 key must be defined 321 type: boolean 322 required: 323 - key 324 type: object 325 serverName: 326 description: Used to verify the hostname for the targets. 327 type: string 328 type: object 329 to: 330 description: The email address to send notifications to. 331 type: string 332 type: object 333 type: array 334 name: 335 description: Name of the receiver. Must be unique across all 336 items from the list. 337 minLength: 1 338 type: string 339 opsgenieConfigs: 340 description: List of OpsGenie configurations. 341 items: 342 description: OpsGenieConfig configures notifications via OpsGenie. 343 See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config 344 properties: 345 apiKey: 346 description: The secret's key that contains the OpsGenie 347 API key. The secret needs to be in the same namespace 348 as the AlertmanagerConfig object and accessible by the 349 Prometheus Operator. 350 properties: 351 key: 352 description: The key of the secret to select from. Must 353 be a valid secret key. 354 type: string 355 name: 356 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 357 TODO: Add other useful fields. apiVersion, kind, 358 uid?' 359 type: string 360 optional: 361 description: Specify whether the Secret or its key 362 must be defined 363 type: boolean 364 required: 365 - key 366 type: object 367 apiURL: 368 description: The URL to send OpsGenie API requests to. 369 type: string 370 description: 371 description: Description of the incident. 372 type: string 373 details: 374 description: A set of arbitrary key/value pairs that provide 375 further detail about the incident. 376 items: 377 description: KeyValue defines a (key, value) tuple. 378 properties: 379 key: 380 description: Key of the tuple. 381 minLength: 1 382 type: string 383 value: 384 description: Value of the tuple. 385 type: string 386 required: 387 - key 388 - value 389 type: object 390 type: array 391 httpConfig: 392 description: HTTP client configuration. 393 properties: 394 authorization: 395 description: Authorization header configuration for 396 the client. This is mutually exclusive with BasicAuth 397 and is only available starting from Alertmanager 398 v0.22+. 399 properties: 400 credentials: 401 description: The secret's key that contains the 402 credentials of the request 403 properties: 404 key: 405 description: The key of the secret to select 406 from. Must be a valid secret key. 407 type: string 408 name: 409 description: 'Name of the referent. More info: 410 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 411 TODO: Add other useful fields. apiVersion, 412 kind, uid?' 413 type: string 414 optional: 415 description: Specify whether the Secret or 416 its key must be defined 417 type: boolean 418 required: 419 - key 420 type: object 421 type: 422 description: Set the authentication type. Defaults 423 to Bearer, Basic will cause an error 424 type: string 425 type: object 426 basicAuth: 427 description: BasicAuth for the client. This is mutually 428 exclusive with Authorization. If both are defined, 429 BasicAuth takes precedence. 430 properties: 431 password: 432 description: The secret in the service monitor 433 namespace that contains the password for authentication. 434 properties: 435 key: 436 description: The key of the secret to select 437 from. Must be a valid secret key. 438 type: string 439 name: 440 description: 'Name of the referent. More info: 441 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 442 TODO: Add other useful fields. apiVersion, 443 kind, uid?' 444 type: string 445 optional: 446 description: Specify whether the Secret or 447 its key must be defined 448 type: boolean 449 required: 450 - key 451 type: object 452 username: 453 description: The secret in the service monitor 454 namespace that contains the username for authentication. 455 properties: 456 key: 457 description: The key of the secret to select 458 from. Must be a valid secret key. 459 type: string 460 name: 461 description: 'Name of the referent. More info: 462 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 463 TODO: Add other useful fields. apiVersion, 464 kind, uid?' 465 type: string 466 optional: 467 description: Specify whether the Secret or 468 its key must be defined 469 type: boolean 470 required: 471 - key 472 type: object 473 type: object 474 bearerTokenSecret: 475 description: The secret's key that contains the bearer 476 token to be used by the client for authentication. 477 The secret needs to be in the same namespace as 478 the AlertmanagerConfig object and accessible by 479 the Prometheus Operator. 480 properties: 481 key: 482 description: The key of the secret to select from. Must 483 be a valid secret key. 484 type: string 485 name: 486 description: 'Name of the referent. More info: 487 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 488 TODO: Add other useful fields. apiVersion, kind, 489 uid?' 490 type: string 491 optional: 492 description: Specify whether the Secret or its 493 key must be defined 494 type: boolean 495 required: 496 - key 497 type: object 498 proxyURL: 499 description: Optional proxy URL. 500 type: string 501 tlsConfig: 502 description: TLS configuration for the client. 503 properties: 504 ca: 505 description: Struct containing the CA cert to 506 use for the targets. 507 properties: 508 configMap: 509 description: ConfigMap containing data to 510 use for the targets. 511 properties: 512 key: 513 description: The key to select. 514 type: string 515 name: 516 description: 'Name of the referent. More 517 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 518 TODO: Add other useful fields. apiVersion, 519 kind, uid?' 520 type: string 521 optional: 522 description: Specify whether the ConfigMap 523 or its key must be defined 524 type: boolean 525 required: 526 - key 527 type: object 528 secret: 529 description: Secret containing data to use 530 for the targets. 531 properties: 532 key: 533 description: The key of the secret to 534 select from. Must be a valid secret 535 key. 536 type: string 537 name: 538 description: 'Name of the referent. More 539 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 540 TODO: Add other useful fields. apiVersion, 541 kind, uid?' 542 type: string 543 optional: 544 description: Specify whether the Secret 545 or its key must be defined 546 type: boolean 547 required: 548 - key 549 type: object 550 type: object 551 cert: 552 description: Struct containing the client cert 553 file for the targets. 554 properties: 555 configMap: 556 description: ConfigMap containing data to 557 use for the targets. 558 properties: 559 key: 560 description: The key to select. 561 type: string 562 name: 563 description: 'Name of the referent. More 564 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 565 TODO: Add other useful fields. apiVersion, 566 kind, uid?' 567 type: string 568 optional: 569 description: Specify whether the ConfigMap 570 or its key must be defined 571 type: boolean 572 required: 573 - key 574 type: object 575 secret: 576 description: Secret containing data to use 577 for the targets. 578 properties: 579 key: 580 description: The key of the secret to 581 select from. Must be a valid secret 582 key. 583 type: string 584 name: 585 description: 'Name of the referent. More 586 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 587 TODO: Add other useful fields. apiVersion, 588 kind, uid?' 589 type: string 590 optional: 591 description: Specify whether the Secret 592 or its key must be defined 593 type: boolean 594 required: 595 - key 596 type: object 597 type: object 598 insecureSkipVerify: 599 description: Disable target certificate validation. 600 type: boolean 601 keySecret: 602 description: Secret containing the client key 603 file for the targets. 604 properties: 605 key: 606 description: The key of the secret to select 607 from. Must be a valid secret key. 608 type: string 609 name: 610 description: 'Name of the referent. More info: 611 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 612 TODO: Add other useful fields. apiVersion, 613 kind, uid?' 614 type: string 615 optional: 616 description: Specify whether the Secret or 617 its key must be defined 618 type: boolean 619 required: 620 - key 621 type: object 622 serverName: 623 description: Used to verify the hostname for the 624 targets. 625 type: string 626 type: object 627 type: object 628 message: 629 description: Alert text limited to 130 characters. 630 type: string 631 note: 632 description: Additional alert note. 633 type: string 634 priority: 635 description: Priority level of alert. Possible values 636 are P1, P2, P3, P4, and P5. 637 type: string 638 responders: 639 description: List of responders responsible for notifications. 640 items: 641 description: OpsGenieConfigResponder defines a responder 642 to an incident. One of `id`, `name` or `username` 643 has to be defined. 644 properties: 645 id: 646 description: ID of the responder. 647 type: string 648 name: 649 description: Name of the responder. 650 type: string 651 type: 652 description: Type of responder. 653 minLength: 1 654 type: string 655 username: 656 description: Username of the responder. 657 type: string 658 required: 659 - type 660 type: object 661 type: array 662 sendResolved: 663 description: Whether or not to notify about resolved alerts. 664 type: boolean 665 source: 666 description: Backlink to the sender of the notification. 667 type: string 668 tags: 669 description: Comma separated list of tags attached to 670 the notifications. 671 type: string 672 type: object 673 type: array 674 pagerdutyConfigs: 675 description: List of PagerDuty configurations. 676 items: 677 description: PagerDutyConfig configures notifications via 678 PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config 679 properties: 680 class: 681 description: The class/type of the event. 682 type: string 683 client: 684 description: Client identification. 685 type: string 686 clientURL: 687 description: Backlink to the sender of notification. 688 type: string 689 component: 690 description: The part or component of the affected system 691 that is broken. 692 type: string 693 description: 694 description: Description of the incident. 695 type: string 696 details: 697 description: Arbitrary key/value pairs that provide further 698 detail about the incident. 699 items: 700 description: KeyValue defines a (key, value) tuple. 701 properties: 702 key: 703 description: Key of the tuple. 704 minLength: 1 705 type: string 706 value: 707 description: Value of the tuple. 708 type: string 709 required: 710 - key 711 - value 712 type: object 713 type: array 714 group: 715 description: A cluster or grouping of sources. 716 type: string 717 httpConfig: 718 description: HTTP client configuration. 719 properties: 720 authorization: 721 description: Authorization header configuration for 722 the client. This is mutually exclusive with BasicAuth 723 and is only available starting from Alertmanager 724 v0.22+. 725 properties: 726 credentials: 727 description: The secret's key that contains the 728 credentials of the request 729 properties: 730 key: 731 description: The key of the secret to select 732 from. Must be a valid secret key. 733 type: string 734 name: 735 description: 'Name of the referent. More info: 736 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 737 TODO: Add other useful fields. apiVersion, 738 kind, uid?' 739 type: string 740 optional: 741 description: Specify whether the Secret or 742 its key must be defined 743 type: boolean 744 required: 745 - key 746 type: object 747 type: 748 description: Set the authentication type. Defaults 749 to Bearer, Basic will cause an error 750 type: string 751 type: object 752 basicAuth: 753 description: BasicAuth for the client. This is mutually 754 exclusive with Authorization. If both are defined, 755 BasicAuth takes precedence. 756 properties: 757 password: 758 description: The secret in the service monitor 759 namespace that contains the password for authentication. 760 properties: 761 key: 762 description: The key of the secret to select 763 from. Must be a valid secret key. 764 type: string 765 name: 766 description: 'Name of the referent. More info: 767 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 768 TODO: Add other useful fields. apiVersion, 769 kind, uid?' 770 type: string 771 optional: 772 description: Specify whether the Secret or 773 its key must be defined 774 type: boolean 775 required: 776 - key 777 type: object 778 username: 779 description: The secret in the service monitor 780 namespace that contains the username for authentication. 781 properties: 782 key: 783 description: The key of the secret to select 784 from. Must be a valid secret key. 785 type: string 786 name: 787 description: 'Name of the referent. More info: 788 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 789 TODO: Add other useful fields. apiVersion, 790 kind, uid?' 791 type: string 792 optional: 793 description: Specify whether the Secret or 794 its key must be defined 795 type: boolean 796 required: 797 - key 798 type: object 799 type: object 800 bearerTokenSecret: 801 description: The secret's key that contains the bearer 802 token to be used by the client for authentication. 803 The secret needs to be in the same namespace as 804 the AlertmanagerConfig object and accessible by 805 the Prometheus Operator. 806 properties: 807 key: 808 description: The key of the secret to select from. Must 809 be a valid secret key. 810 type: string 811 name: 812 description: 'Name of the referent. More info: 813 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 814 TODO: Add other useful fields. apiVersion, kind, 815 uid?' 816 type: string 817 optional: 818 description: Specify whether the Secret or its 819 key must be defined 820 type: boolean 821 required: 822 - key 823 type: object 824 proxyURL: 825 description: Optional proxy URL. 826 type: string 827 tlsConfig: 828 description: TLS configuration for the client. 829 properties: 830 ca: 831 description: Struct containing the CA cert to 832 use for the targets. 833 properties: 834 configMap: 835 description: ConfigMap containing data to 836 use for the targets. 837 properties: 838 key: 839 description: The key to select. 840 type: string 841 name: 842 description: 'Name of the referent. More 843 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 844 TODO: Add other useful fields. apiVersion, 845 kind, uid?' 846 type: string 847 optional: 848 description: Specify whether the ConfigMap 849 or its key must be defined 850 type: boolean 851 required: 852 - key 853 type: object 854 secret: 855 description: Secret containing data to use 856 for the targets. 857 properties: 858 key: 859 description: The key of the secret to 860 select from. Must be a valid secret 861 key. 862 type: string 863 name: 864 description: 'Name of the referent. More 865 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 866 TODO: Add other useful fields. apiVersion, 867 kind, uid?' 868 type: string 869 optional: 870 description: Specify whether the Secret 871 or its key must be defined 872 type: boolean 873 required: 874 - key 875 type: object 876 type: object 877 cert: 878 description: Struct containing the client cert 879 file for the targets. 880 properties: 881 configMap: 882 description: ConfigMap containing data to 883 use for the targets. 884 properties: 885 key: 886 description: The key to select. 887 type: string 888 name: 889 description: 'Name of the referent. More 890 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 891 TODO: Add other useful fields. apiVersion, 892 kind, uid?' 893 type: string 894 optional: 895 description: Specify whether the ConfigMap 896 or its key must be defined 897 type: boolean 898 required: 899 - key 900 type: object 901 secret: 902 description: Secret containing data to use 903 for the targets. 904 properties: 905 key: 906 description: The key of the secret to 907 select from. Must be a valid secret 908 key. 909 type: string 910 name: 911 description: 'Name of the referent. More 912 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 913 TODO: Add other useful fields. apiVersion, 914 kind, uid?' 915 type: string 916 optional: 917 description: Specify whether the Secret 918 or its key must be defined 919 type: boolean 920 required: 921 - key 922 type: object 923 type: object 924 insecureSkipVerify: 925 description: Disable target certificate validation. 926 type: boolean 927 keySecret: 928 description: Secret containing the client key 929 file for the targets. 930 properties: 931 key: 932 description: The key of the secret to select 933 from. Must be a valid secret key. 934 type: string 935 name: 936 description: 'Name of the referent. More info: 937 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 938 TODO: Add other useful fields. apiVersion, 939 kind, uid?' 940 type: string 941 optional: 942 description: Specify whether the Secret or 943 its key must be defined 944 type: boolean 945 required: 946 - key 947 type: object 948 serverName: 949 description: Used to verify the hostname for the 950 targets. 951 type: string 952 type: object 953 type: object 954 routingKey: 955 description: The secret's key that contains the PagerDuty 956 integration key (when using Events API v2). Either this 957 field or `serviceKey` needs to be defined. The secret 958 needs to be in the same namespace as the AlertmanagerConfig 959 object and accessible by the Prometheus Operator. 960 properties: 961 key: 962 description: The key of the secret to select from. Must 963 be a valid secret key. 964 type: string 965 name: 966 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 967 TODO: Add other useful fields. apiVersion, kind, 968 uid?' 969 type: string 970 optional: 971 description: Specify whether the Secret or its key 972 must be defined 973 type: boolean 974 required: 975 - key 976 type: object 977 sendResolved: 978 description: Whether or not to notify about resolved alerts. 979 type: boolean 980 serviceKey: 981 description: The secret's key that contains the PagerDuty 982 service key (when using integration type "Prometheus"). 983 Either this field or `routingKey` needs to be defined. 984 The secret needs to be in the same namespace as the 985 AlertmanagerConfig object and accessible by the Prometheus 986 Operator. 987 properties: 988 key: 989 description: The key of the secret to select from. Must 990 be a valid secret key. 991 type: string 992 name: 993 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 994 TODO: Add other useful fields. apiVersion, kind, 995 uid?' 996 type: string 997 optional: 998 description: Specify whether the Secret or its key 999 must be defined 1000 type: boolean 1001 required: 1002 - key 1003 type: object 1004 severity: 1005 description: Severity of the incident. 1006 type: string 1007 url: 1008 description: The URL to send requests to. 1009 type: string 1010 type: object 1011 type: array 1012 pushoverConfigs: 1013 description: List of Pushover configurations. 1014 items: 1015 description: PushoverConfig configures notifications via Pushover. 1016 See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config 1017 properties: 1018 expire: 1019 description: How long your notification will continue 1020 to be retried for, unless the user acknowledges the 1021 notification. 1022 type: string 1023 html: 1024 description: Whether notification message is HTML or plain 1025 text. 1026 type: boolean 1027 httpConfig: 1028 description: HTTP client configuration. 1029 properties: 1030 authorization: 1031 description: Authorization header configuration for 1032 the client. This is mutually exclusive with BasicAuth 1033 and is only available starting from Alertmanager 1034 v0.22+. 1035 properties: 1036 credentials: 1037 description: The secret's key that contains the 1038 credentials of the request 1039 properties: 1040 key: 1041 description: The key of the secret to select 1042 from. Must be a valid secret key. 1043 type: string 1044 name: 1045 description: 'Name of the referent. More info: 1046 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1047 TODO: Add other useful fields. apiVersion, 1048 kind, uid?' 1049 type: string 1050 optional: 1051 description: Specify whether the Secret or 1052 its key must be defined 1053 type: boolean 1054 required: 1055 - key 1056 type: object 1057 type: 1058 description: Set the authentication type. Defaults 1059 to Bearer, Basic will cause an error 1060 type: string 1061 type: object 1062 basicAuth: 1063 description: BasicAuth for the client. This is mutually 1064 exclusive with Authorization. If both are defined, 1065 BasicAuth takes precedence. 1066 properties: 1067 password: 1068 description: The secret in the service monitor 1069 namespace that contains the password for authentication. 1070 properties: 1071 key: 1072 description: The key of the secret to select 1073 from. Must be a valid secret key. 1074 type: string 1075 name: 1076 description: 'Name of the referent. More info: 1077 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1078 TODO: Add other useful fields. apiVersion, 1079 kind, uid?' 1080 type: string 1081 optional: 1082 description: Specify whether the Secret or 1083 its key must be defined 1084 type: boolean 1085 required: 1086 - key 1087 type: object 1088 username: 1089 description: The secret in the service monitor 1090 namespace that contains the username for authentication. 1091 properties: 1092 key: 1093 description: The key of the secret to select 1094 from. Must be a valid secret key. 1095 type: string 1096 name: 1097 description: 'Name of the referent. More info: 1098 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1099 TODO: Add other useful fields. apiVersion, 1100 kind, uid?' 1101 type: string 1102 optional: 1103 description: Specify whether the Secret or 1104 its key must be defined 1105 type: boolean 1106 required: 1107 - key 1108 type: object 1109 type: object 1110 bearerTokenSecret: 1111 description: The secret's key that contains the bearer 1112 token to be used by the client for authentication. 1113 The secret needs to be in the same namespace as 1114 the AlertmanagerConfig object and accessible by 1115 the Prometheus Operator. 1116 properties: 1117 key: 1118 description: The key of the secret to select from. Must 1119 be a valid secret key. 1120 type: string 1121 name: 1122 description: 'Name of the referent. More info: 1123 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1124 TODO: Add other useful fields. apiVersion, kind, 1125 uid?' 1126 type: string 1127 optional: 1128 description: Specify whether the Secret or its 1129 key must be defined 1130 type: boolean 1131 required: 1132 - key 1133 type: object 1134 proxyURL: 1135 description: Optional proxy URL. 1136 type: string 1137 tlsConfig: 1138 description: TLS configuration for the client. 1139 properties: 1140 ca: 1141 description: Struct containing the CA cert to 1142 use for the targets. 1143 properties: 1144 configMap: 1145 description: ConfigMap containing data to 1146 use for the targets. 1147 properties: 1148 key: 1149 description: The key to select. 1150 type: string 1151 name: 1152 description: 'Name of the referent. More 1153 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1154 TODO: Add other useful fields. apiVersion, 1155 kind, uid?' 1156 type: string 1157 optional: 1158 description: Specify whether the ConfigMap 1159 or its key must be defined 1160 type: boolean 1161 required: 1162 - key 1163 type: object 1164 secret: 1165 description: Secret containing data to use 1166 for the targets. 1167 properties: 1168 key: 1169 description: The key of the secret to 1170 select from. Must be a valid secret 1171 key. 1172 type: string 1173 name: 1174 description: 'Name of the referent. More 1175 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1176 TODO: Add other useful fields. apiVersion, 1177 kind, uid?' 1178 type: string 1179 optional: 1180 description: Specify whether the Secret 1181 or its key must be defined 1182 type: boolean 1183 required: 1184 - key 1185 type: object 1186 type: object 1187 cert: 1188 description: Struct containing the client cert 1189 file for the targets. 1190 properties: 1191 configMap: 1192 description: ConfigMap containing data to 1193 use for the targets. 1194 properties: 1195 key: 1196 description: The key to select. 1197 type: string 1198 name: 1199 description: 'Name of the referent. More 1200 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1201 TODO: Add other useful fields. apiVersion, 1202 kind, uid?' 1203 type: string 1204 optional: 1205 description: Specify whether the ConfigMap 1206 or its key must be defined 1207 type: boolean 1208 required: 1209 - key 1210 type: object 1211 secret: 1212 description: Secret containing data to use 1213 for the targets. 1214 properties: 1215 key: 1216 description: The key of the secret to 1217 select from. Must be a valid secret 1218 key. 1219 type: string 1220 name: 1221 description: 'Name of the referent. More 1222 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1223 TODO: Add other useful fields. apiVersion, 1224 kind, uid?' 1225 type: string 1226 optional: 1227 description: Specify whether the Secret 1228 or its key must be defined 1229 type: boolean 1230 required: 1231 - key 1232 type: object 1233 type: object 1234 insecureSkipVerify: 1235 description: Disable target certificate validation. 1236 type: boolean 1237 keySecret: 1238 description: Secret containing the client key 1239 file for the targets. 1240 properties: 1241 key: 1242 description: The key of the secret to select 1243 from. Must be a valid secret key. 1244 type: string 1245 name: 1246 description: 'Name of the referent. More info: 1247 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1248 TODO: Add other useful fields. apiVersion, 1249 kind, uid?' 1250 type: string 1251 optional: 1252 description: Specify whether the Secret or 1253 its key must be defined 1254 type: boolean 1255 required: 1256 - key 1257 type: object 1258 serverName: 1259 description: Used to verify the hostname for the 1260 targets. 1261 type: string 1262 type: object 1263 type: object 1264 message: 1265 description: Notification message. 1266 type: string 1267 priority: 1268 description: Priority, see https://pushover.net/api#priority 1269 type: string 1270 retry: 1271 description: How often the Pushover servers will send 1272 the same notification to the user. Must be at least 1273 30 seconds. 1274 type: string 1275 sendResolved: 1276 description: Whether or not to notify about resolved alerts. 1277 type: boolean 1278 sound: 1279 description: The name of one of the sounds supported by 1280 device clients to override the user's default sound 1281 choice 1282 type: string 1283 title: 1284 description: Notification title. 1285 type: string 1286 token: 1287 description: The secret's key that contains the registered 1288 application’s API token, see https://pushover.net/apps. 1289 The secret needs to be in the same namespace as the 1290 AlertmanagerConfig object and accessible by the Prometheus 1291 Operator. 1292 properties: 1293 key: 1294 description: The key of the secret to select from. Must 1295 be a valid secret key. 1296 type: string 1297 name: 1298 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1299 TODO: Add other useful fields. apiVersion, kind, 1300 uid?' 1301 type: string 1302 optional: 1303 description: Specify whether the Secret or its key 1304 must be defined 1305 type: boolean 1306 required: 1307 - key 1308 type: object 1309 url: 1310 description: A supplementary URL shown alongside the message. 1311 type: string 1312 urlTitle: 1313 description: A title for supplementary URL, otherwise 1314 just the URL is shown 1315 type: string 1316 userKey: 1317 description: The secret's key that contains the recipient 1318 user’s user key. The secret needs to be in the same 1319 namespace as the AlertmanagerConfig object and accessible 1320 by the Prometheus Operator. 1321 properties: 1322 key: 1323 description: The key of the secret to select from. Must 1324 be a valid secret key. 1325 type: string 1326 name: 1327 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1328 TODO: Add other useful fields. apiVersion, kind, 1329 uid?' 1330 type: string 1331 optional: 1332 description: Specify whether the Secret or its key 1333 must be defined 1334 type: boolean 1335 required: 1336 - key 1337 type: object 1338 type: object 1339 type: array 1340 slackConfigs: 1341 description: List of Slack configurations. 1342 items: 1343 description: SlackConfig configures notifications via Slack. 1344 See https://prometheus.io/docs/alerting/latest/configuration/#slack_config 1345 properties: 1346 actions: 1347 description: A list of Slack actions that are sent with 1348 each notification. 1349 items: 1350 description: SlackAction configures a single Slack action 1351 that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields 1352 and https://api.slack.com/docs/message-buttons for 1353 more information. 1354 properties: 1355 confirm: 1356 description: SlackConfirmationField protect users 1357 from destructive actions or particularly distinguished 1358 decisions by asking them to confirm their button 1359 click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields 1360 for more information. 1361 properties: 1362 dismissText: 1363 type: string 1364 okText: 1365 type: string 1366 text: 1367 minLength: 1 1368 type: string 1369 title: 1370 type: string 1371 required: 1372 - text 1373 type: object 1374 name: 1375 type: string 1376 style: 1377 type: string 1378 text: 1379 minLength: 1 1380 type: string 1381 type: 1382 minLength: 1 1383 type: string 1384 url: 1385 type: string 1386 value: 1387 type: string 1388 required: 1389 - text 1390 - type 1391 type: object 1392 type: array 1393 apiURL: 1394 description: The secret's key that contains the Slack 1395 webhook URL. The secret needs to be in the same namespace 1396 as the AlertmanagerConfig object and accessible by the 1397 Prometheus Operator. 1398 properties: 1399 key: 1400 description: The key of the secret to select from. Must 1401 be a valid secret key. 1402 type: string 1403 name: 1404 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1405 TODO: Add other useful fields. apiVersion, kind, 1406 uid?' 1407 type: string 1408 optional: 1409 description: Specify whether the Secret or its key 1410 must be defined 1411 type: boolean 1412 required: 1413 - key 1414 type: object 1415 callbackId: 1416 type: string 1417 channel: 1418 description: The channel or user to send notifications 1419 to. 1420 type: string 1421 color: 1422 type: string 1423 fallback: 1424 type: string 1425 fields: 1426 description: A list of Slack fields that are sent with 1427 each notification. 1428 items: 1429 description: SlackField configures a single Slack field 1430 that is sent with each notification. Each field must 1431 contain a title, value, and optionally, a boolean 1432 value to indicate if the field is short enough to 1433 be displayed next to other fields designated as short. 1434 See https://api.slack.com/docs/message-attachments#fields 1435 for more information. 1436 properties: 1437 short: 1438 type: boolean 1439 title: 1440 minLength: 1 1441 type: string 1442 value: 1443 minLength: 1 1444 type: string 1445 required: 1446 - title 1447 - value 1448 type: object 1449 type: array 1450 footer: 1451 type: string 1452 httpConfig: 1453 description: HTTP client configuration. 1454 properties: 1455 authorization: 1456 description: Authorization header configuration for 1457 the client. This is mutually exclusive with BasicAuth 1458 and is only available starting from Alertmanager 1459 v0.22+. 1460 properties: 1461 credentials: 1462 description: The secret's key that contains the 1463 credentials of the request 1464 properties: 1465 key: 1466 description: The key of the secret to select 1467 from. Must be a valid secret key. 1468 type: string 1469 name: 1470 description: 'Name of the referent. More info: 1471 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1472 TODO: Add other useful fields. apiVersion, 1473 kind, uid?' 1474 type: string 1475 optional: 1476 description: Specify whether the Secret or 1477 its key must be defined 1478 type: boolean 1479 required: 1480 - key 1481 type: object 1482 type: 1483 description: Set the authentication type. Defaults 1484 to Bearer, Basic will cause an error 1485 type: string 1486 type: object 1487 basicAuth: 1488 description: BasicAuth for the client. This is mutually 1489 exclusive with Authorization. If both are defined, 1490 BasicAuth takes precedence. 1491 properties: 1492 password: 1493 description: The secret in the service monitor 1494 namespace that contains the password for authentication. 1495 properties: 1496 key: 1497 description: The key of the secret to select 1498 from. Must be a valid secret key. 1499 type: string 1500 name: 1501 description: 'Name of the referent. More info: 1502 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1503 TODO: Add other useful fields. apiVersion, 1504 kind, uid?' 1505 type: string 1506 optional: 1507 description: Specify whether the Secret or 1508 its key must be defined 1509 type: boolean 1510 required: 1511 - key 1512 type: object 1513 username: 1514 description: The secret in the service monitor 1515 namespace that contains the username for authentication. 1516 properties: 1517 key: 1518 description: The key of the secret to select 1519 from. Must be a valid secret key. 1520 type: string 1521 name: 1522 description: 'Name of the referent. More info: 1523 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1524 TODO: Add other useful fields. apiVersion, 1525 kind, uid?' 1526 type: string 1527 optional: 1528 description: Specify whether the Secret or 1529 its key must be defined 1530 type: boolean 1531 required: 1532 - key 1533 type: object 1534 type: object 1535 bearerTokenSecret: 1536 description: The secret's key that contains the bearer 1537 token to be used by the client for authentication. 1538 The secret needs to be in the same namespace as 1539 the AlertmanagerConfig object and accessible by 1540 the Prometheus Operator. 1541 properties: 1542 key: 1543 description: The key of the secret to select from. Must 1544 be a valid secret key. 1545 type: string 1546 name: 1547 description: 'Name of the referent. More info: 1548 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1549 TODO: Add other useful fields. apiVersion, kind, 1550 uid?' 1551 type: string 1552 optional: 1553 description: Specify whether the Secret or its 1554 key must be defined 1555 type: boolean 1556 required: 1557 - key 1558 type: object 1559 proxyURL: 1560 description: Optional proxy URL. 1561 type: string 1562 tlsConfig: 1563 description: TLS configuration for the client. 1564 properties: 1565 ca: 1566 description: Struct containing the CA cert to 1567 use for the targets. 1568 properties: 1569 configMap: 1570 description: ConfigMap containing data to 1571 use for the targets. 1572 properties: 1573 key: 1574 description: The key to select. 1575 type: string 1576 name: 1577 description: 'Name of the referent. More 1578 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1579 TODO: Add other useful fields. apiVersion, 1580 kind, uid?' 1581 type: string 1582 optional: 1583 description: Specify whether the ConfigMap 1584 or its key must be defined 1585 type: boolean 1586 required: 1587 - key 1588 type: object 1589 secret: 1590 description: Secret containing data to use 1591 for the targets. 1592 properties: 1593 key: 1594 description: The key of the secret to 1595 select from. Must be a valid secret 1596 key. 1597 type: string 1598 name: 1599 description: 'Name of the referent. More 1600 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1601 TODO: Add other useful fields. apiVersion, 1602 kind, uid?' 1603 type: string 1604 optional: 1605 description: Specify whether the Secret 1606 or its key must be defined 1607 type: boolean 1608 required: 1609 - key 1610 type: object 1611 type: object 1612 cert: 1613 description: Struct containing the client cert 1614 file for the targets. 1615 properties: 1616 configMap: 1617 description: ConfigMap containing data to 1618 use for the targets. 1619 properties: 1620 key: 1621 description: The key to select. 1622 type: string 1623 name: 1624 description: 'Name of the referent. More 1625 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1626 TODO: Add other useful fields. apiVersion, 1627 kind, uid?' 1628 type: string 1629 optional: 1630 description: Specify whether the ConfigMap 1631 or its key must be defined 1632 type: boolean 1633 required: 1634 - key 1635 type: object 1636 secret: 1637 description: Secret containing data to use 1638 for the targets. 1639 properties: 1640 key: 1641 description: The key of the secret to 1642 select from. Must be a valid secret 1643 key. 1644 type: string 1645 name: 1646 description: 'Name of the referent. More 1647 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1648 TODO: Add other useful fields. apiVersion, 1649 kind, uid?' 1650 type: string 1651 optional: 1652 description: Specify whether the Secret 1653 or its key must be defined 1654 type: boolean 1655 required: 1656 - key 1657 type: object 1658 type: object 1659 insecureSkipVerify: 1660 description: Disable target certificate validation. 1661 type: boolean 1662 keySecret: 1663 description: Secret containing the client key 1664 file for the targets. 1665 properties: 1666 key: 1667 description: The key of the secret to select 1668 from. Must be a valid secret key. 1669 type: string 1670 name: 1671 description: 'Name of the referent. More info: 1672 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1673 TODO: Add other useful fields. apiVersion, 1674 kind, uid?' 1675 type: string 1676 optional: 1677 description: Specify whether the Secret or 1678 its key must be defined 1679 type: boolean 1680 required: 1681 - key 1682 type: object 1683 serverName: 1684 description: Used to verify the hostname for the 1685 targets. 1686 type: string 1687 type: object 1688 type: object 1689 iconEmoji: 1690 type: string 1691 iconURL: 1692 type: string 1693 imageURL: 1694 type: string 1695 linkNames: 1696 type: boolean 1697 mrkdwnIn: 1698 items: 1699 type: string 1700 type: array 1701 pretext: 1702 type: string 1703 sendResolved: 1704 description: Whether or not to notify about resolved alerts. 1705 type: boolean 1706 shortFields: 1707 type: boolean 1708 text: 1709 type: string 1710 thumbURL: 1711 type: string 1712 title: 1713 type: string 1714 titleLink: 1715 type: string 1716 username: 1717 type: string 1718 type: object 1719 type: array 1720 victoropsConfigs: 1721 description: List of VictorOps configurations. 1722 items: 1723 description: VictorOpsConfig configures notifications via 1724 VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config 1725 properties: 1726 apiKey: 1727 description: The secret's key that contains the API key 1728 to use when talking to the VictorOps API. The secret 1729 needs to be in the same namespace as the AlertmanagerConfig 1730 object and accessible by the Prometheus Operator. 1731 properties: 1732 key: 1733 description: The key of the secret to select from. Must 1734 be a valid secret key. 1735 type: string 1736 name: 1737 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1738 TODO: Add other useful fields. apiVersion, kind, 1739 uid?' 1740 type: string 1741 optional: 1742 description: Specify whether the Secret or its key 1743 must be defined 1744 type: boolean 1745 required: 1746 - key 1747 type: object 1748 apiUrl: 1749 description: The VictorOps API URL. 1750 type: string 1751 customFields: 1752 description: Additional custom fields for notification. 1753 items: 1754 description: KeyValue defines a (key, value) tuple. 1755 properties: 1756 key: 1757 description: Key of the tuple. 1758 minLength: 1 1759 type: string 1760 value: 1761 description: Value of the tuple. 1762 type: string 1763 required: 1764 - key 1765 - value 1766 type: object 1767 type: array 1768 entityDisplayName: 1769 description: Contains summary of the alerted problem. 1770 type: string 1771 httpConfig: 1772 description: The HTTP client's configuration. 1773 properties: 1774 authorization: 1775 description: Authorization header configuration for 1776 the client. This is mutually exclusive with BasicAuth 1777 and is only available starting from Alertmanager 1778 v0.22+. 1779 properties: 1780 credentials: 1781 description: The secret's key that contains the 1782 credentials of the request 1783 properties: 1784 key: 1785 description: The key of the secret to select 1786 from. Must be a valid secret key. 1787 type: string 1788 name: 1789 description: 'Name of the referent. More info: 1790 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1791 TODO: Add other useful fields. apiVersion, 1792 kind, uid?' 1793 type: string 1794 optional: 1795 description: Specify whether the Secret or 1796 its key must be defined 1797 type: boolean 1798 required: 1799 - key 1800 type: object 1801 type: 1802 description: Set the authentication type. Defaults 1803 to Bearer, Basic will cause an error 1804 type: string 1805 type: object 1806 basicAuth: 1807 description: BasicAuth for the client. This is mutually 1808 exclusive with Authorization. If both are defined, 1809 BasicAuth takes precedence. 1810 properties: 1811 password: 1812 description: The secret in the service monitor 1813 namespace that contains the password for authentication. 1814 properties: 1815 key: 1816 description: The key of the secret to select 1817 from. Must be a valid secret key. 1818 type: string 1819 name: 1820 description: 'Name of the referent. More info: 1821 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1822 TODO: Add other useful fields. apiVersion, 1823 kind, uid?' 1824 type: string 1825 optional: 1826 description: Specify whether the Secret or 1827 its key must be defined 1828 type: boolean 1829 required: 1830 - key 1831 type: object 1832 username: 1833 description: The secret in the service monitor 1834 namespace that contains the username for authentication. 1835 properties: 1836 key: 1837 description: The key of the secret to select 1838 from. Must be a valid secret key. 1839 type: string 1840 name: 1841 description: 'Name of the referent. More info: 1842 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1843 TODO: Add other useful fields. apiVersion, 1844 kind, uid?' 1845 type: string 1846 optional: 1847 description: Specify whether the Secret or 1848 its key must be defined 1849 type: boolean 1850 required: 1851 - key 1852 type: object 1853 type: object 1854 bearerTokenSecret: 1855 description: The secret's key that contains the bearer 1856 token to be used by the client for authentication. 1857 The secret needs to be in the same namespace as 1858 the AlertmanagerConfig object and accessible by 1859 the Prometheus Operator. 1860 properties: 1861 key: 1862 description: The key of the secret to select from. Must 1863 be a valid secret key. 1864 type: string 1865 name: 1866 description: 'Name of the referent. More info: 1867 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1868 TODO: Add other useful fields. apiVersion, kind, 1869 uid?' 1870 type: string 1871 optional: 1872 description: Specify whether the Secret or its 1873 key must be defined 1874 type: boolean 1875 required: 1876 - key 1877 type: object 1878 proxyURL: 1879 description: Optional proxy URL. 1880 type: string 1881 tlsConfig: 1882 description: TLS configuration for the client. 1883 properties: 1884 ca: 1885 description: Struct containing the CA cert to 1886 use for the targets. 1887 properties: 1888 configMap: 1889 description: ConfigMap containing data to 1890 use for the targets. 1891 properties: 1892 key: 1893 description: The key to select. 1894 type: string 1895 name: 1896 description: 'Name of the referent. More 1897 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1898 TODO: Add other useful fields. apiVersion, 1899 kind, uid?' 1900 type: string 1901 optional: 1902 description: Specify whether the ConfigMap 1903 or its key must be defined 1904 type: boolean 1905 required: 1906 - key 1907 type: object 1908 secret: 1909 description: Secret containing data to use 1910 for the targets. 1911 properties: 1912 key: 1913 description: The key of the secret to 1914 select from. Must be a valid secret 1915 key. 1916 type: string 1917 name: 1918 description: 'Name of the referent. More 1919 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1920 TODO: Add other useful fields. apiVersion, 1921 kind, uid?' 1922 type: string 1923 optional: 1924 description: Specify whether the Secret 1925 or its key must be defined 1926 type: boolean 1927 required: 1928 - key 1929 type: object 1930 type: object 1931 cert: 1932 description: Struct containing the client cert 1933 file for the targets. 1934 properties: 1935 configMap: 1936 description: ConfigMap containing data to 1937 use for the targets. 1938 properties: 1939 key: 1940 description: The key to select. 1941 type: string 1942 name: 1943 description: 'Name of the referent. More 1944 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1945 TODO: Add other useful fields. apiVersion, 1946 kind, uid?' 1947 type: string 1948 optional: 1949 description: Specify whether the ConfigMap 1950 or its key must be defined 1951 type: boolean 1952 required: 1953 - key 1954 type: object 1955 secret: 1956 description: Secret containing data to use 1957 for the targets. 1958 properties: 1959 key: 1960 description: The key of the secret to 1961 select from. Must be a valid secret 1962 key. 1963 type: string 1964 name: 1965 description: 'Name of the referent. More 1966 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1967 TODO: Add other useful fields. apiVersion, 1968 kind, uid?' 1969 type: string 1970 optional: 1971 description: Specify whether the Secret 1972 or its key must be defined 1973 type: boolean 1974 required: 1975 - key 1976 type: object 1977 type: object 1978 insecureSkipVerify: 1979 description: Disable target certificate validation. 1980 type: boolean 1981 keySecret: 1982 description: Secret containing the client key 1983 file for the targets. 1984 properties: 1985 key: 1986 description: The key of the secret to select 1987 from. Must be a valid secret key. 1988 type: string 1989 name: 1990 description: 'Name of the referent. More info: 1991 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1992 TODO: Add other useful fields. apiVersion, 1993 kind, uid?' 1994 type: string 1995 optional: 1996 description: Specify whether the Secret or 1997 its key must be defined 1998 type: boolean 1999 required: 2000 - key 2001 type: object 2002 serverName: 2003 description: Used to verify the hostname for the 2004 targets. 2005 type: string 2006 type: object 2007 type: object 2008 messageType: 2009 description: Describes the behavior of the alert (CRITICAL, 2010 WARNING, INFO). 2011 type: string 2012 monitoringTool: 2013 description: The monitoring tool the state message is 2014 from. 2015 type: string 2016 routingKey: 2017 description: A key used to map the alert to a team. 2018 type: string 2019 sendResolved: 2020 description: Whether or not to notify about resolved alerts. 2021 type: boolean 2022 stateMessage: 2023 description: Contains long explanation of the alerted 2024 problem. 2025 type: string 2026 type: object 2027 type: array 2028 webhookConfigs: 2029 description: List of webhook configurations. 2030 items: 2031 description: WebhookConfig configures notifications via a 2032 generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config 2033 properties: 2034 httpConfig: 2035 description: HTTP client configuration. 2036 properties: 2037 authorization: 2038 description: Authorization header configuration for 2039 the client. This is mutually exclusive with BasicAuth 2040 and is only available starting from Alertmanager 2041 v0.22+. 2042 properties: 2043 credentials: 2044 description: The secret's key that contains the 2045 credentials of the request 2046 properties: 2047 key: 2048 description: The key of the secret to select 2049 from. Must be a valid secret key. 2050 type: string 2051 name: 2052 description: 'Name of the referent. More info: 2053 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2054 TODO: Add other useful fields. apiVersion, 2055 kind, uid?' 2056 type: string 2057 optional: 2058 description: Specify whether the Secret or 2059 its key must be defined 2060 type: boolean 2061 required: 2062 - key 2063 type: object 2064 type: 2065 description: Set the authentication type. Defaults 2066 to Bearer, Basic will cause an error 2067 type: string 2068 type: object 2069 basicAuth: 2070 description: BasicAuth for the client. This is mutually 2071 exclusive with Authorization. If both are defined, 2072 BasicAuth takes precedence. 2073 properties: 2074 password: 2075 description: The secret in the service monitor 2076 namespace that contains the password for authentication. 2077 properties: 2078 key: 2079 description: The key of the secret to select 2080 from. Must be a valid secret key. 2081 type: string 2082 name: 2083 description: 'Name of the referent. More info: 2084 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2085 TODO: Add other useful fields. apiVersion, 2086 kind, uid?' 2087 type: string 2088 optional: 2089 description: Specify whether the Secret or 2090 its key must be defined 2091 type: boolean 2092 required: 2093 - key 2094 type: object 2095 username: 2096 description: The secret in the service monitor 2097 namespace that contains the username for authentication. 2098 properties: 2099 key: 2100 description: The key of the secret to select 2101 from. Must be a valid secret key. 2102 type: string 2103 name: 2104 description: 'Name of the referent. More info: 2105 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2106 TODO: Add other useful fields. apiVersion, 2107 kind, uid?' 2108 type: string 2109 optional: 2110 description: Specify whether the Secret or 2111 its key must be defined 2112 type: boolean 2113 required: 2114 - key 2115 type: object 2116 type: object 2117 bearerTokenSecret: 2118 description: The secret's key that contains the bearer 2119 token to be used by the client for authentication. 2120 The secret needs to be in the same namespace as 2121 the AlertmanagerConfig object and accessible by 2122 the Prometheus Operator. 2123 properties: 2124 key: 2125 description: The key of the secret to select from. Must 2126 be a valid secret key. 2127 type: string 2128 name: 2129 description: 'Name of the referent. More info: 2130 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2131 TODO: Add other useful fields. apiVersion, kind, 2132 uid?' 2133 type: string 2134 optional: 2135 description: Specify whether the Secret or its 2136 key must be defined 2137 type: boolean 2138 required: 2139 - key 2140 type: object 2141 proxyURL: 2142 description: Optional proxy URL. 2143 type: string 2144 tlsConfig: 2145 description: TLS configuration for the client. 2146 properties: 2147 ca: 2148 description: Struct containing the CA cert to 2149 use for the targets. 2150 properties: 2151 configMap: 2152 description: ConfigMap containing data to 2153 use for the targets. 2154 properties: 2155 key: 2156 description: The key to select. 2157 type: string 2158 name: 2159 description: 'Name of the referent. More 2160 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2161 TODO: Add other useful fields. apiVersion, 2162 kind, uid?' 2163 type: string 2164 optional: 2165 description: Specify whether the ConfigMap 2166 or its key must be defined 2167 type: boolean 2168 required: 2169 - key 2170 type: object 2171 secret: 2172 description: Secret containing data to use 2173 for the targets. 2174 properties: 2175 key: 2176 description: The key of the secret to 2177 select from. Must be a valid secret 2178 key. 2179 type: string 2180 name: 2181 description: 'Name of the referent. More 2182 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2183 TODO: Add other useful fields. apiVersion, 2184 kind, uid?' 2185 type: string 2186 optional: 2187 description: Specify whether the Secret 2188 or its key must be defined 2189 type: boolean 2190 required: 2191 - key 2192 type: object 2193 type: object 2194 cert: 2195 description: Struct containing the client cert 2196 file for the targets. 2197 properties: 2198 configMap: 2199 description: ConfigMap containing data to 2200 use for the targets. 2201 properties: 2202 key: 2203 description: The key to select. 2204 type: string 2205 name: 2206 description: 'Name of the referent. More 2207 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2208 TODO: Add other useful fields. apiVersion, 2209 kind, uid?' 2210 type: string 2211 optional: 2212 description: Specify whether the ConfigMap 2213 or its key must be defined 2214 type: boolean 2215 required: 2216 - key 2217 type: object 2218 secret: 2219 description: Secret containing data to use 2220 for the targets. 2221 properties: 2222 key: 2223 description: The key of the secret to 2224 select from. Must be a valid secret 2225 key. 2226 type: string 2227 name: 2228 description: 'Name of the referent. More 2229 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2230 TODO: Add other useful fields. apiVersion, 2231 kind, uid?' 2232 type: string 2233 optional: 2234 description: Specify whether the Secret 2235 or its key must be defined 2236 type: boolean 2237 required: 2238 - key 2239 type: object 2240 type: object 2241 insecureSkipVerify: 2242 description: Disable target certificate validation. 2243 type: boolean 2244 keySecret: 2245 description: Secret containing the client key 2246 file for the targets. 2247 properties: 2248 key: 2249 description: The key of the secret to select 2250 from. Must be a valid secret key. 2251 type: string 2252 name: 2253 description: 'Name of the referent. More info: 2254 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2255 TODO: Add other useful fields. apiVersion, 2256 kind, uid?' 2257 type: string 2258 optional: 2259 description: Specify whether the Secret or 2260 its key must be defined 2261 type: boolean 2262 required: 2263 - key 2264 type: object 2265 serverName: 2266 description: Used to verify the hostname for the 2267 targets. 2268 type: string 2269 type: object 2270 type: object 2271 maxAlerts: 2272 description: Maximum number of alerts to be sent per webhook 2273 message. When 0, all alerts are included. 2274 format: int32 2275 minimum: 0 2276 type: integer 2277 sendResolved: 2278 description: Whether or not to notify about resolved alerts. 2279 type: boolean 2280 url: 2281 description: The URL to send HTTP POST requests to. `urlSecret` 2282 takes precedence over `url`. One of `urlSecret` and 2283 `url` should be defined. 2284 type: string 2285 urlSecret: 2286 description: The secret's key that contains the webhook 2287 URL to send HTTP requests to. `urlSecret` takes precedence 2288 over `url`. One of `urlSecret` and `url` should be defined. 2289 The secret needs to be in the same namespace as the 2290 AlertmanagerConfig object and accessible by the Prometheus 2291 Operator. 2292 properties: 2293 key: 2294 description: The key of the secret to select from. Must 2295 be a valid secret key. 2296 type: string 2297 name: 2298 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2299 TODO: Add other useful fields. apiVersion, kind, 2300 uid?' 2301 type: string 2302 optional: 2303 description: Specify whether the Secret or its key 2304 must be defined 2305 type: boolean 2306 required: 2307 - key 2308 type: object 2309 type: object 2310 type: array 2311 wechatConfigs: 2312 description: List of WeChat configurations. 2313 items: 2314 description: WeChatConfig configures notifications via WeChat. 2315 See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config 2316 properties: 2317 agentID: 2318 type: string 2319 apiSecret: 2320 description: The secret's key that contains the WeChat 2321 API key. The secret needs to be in the same namespace 2322 as the AlertmanagerConfig object and accessible by the 2323 Prometheus Operator. 2324 properties: 2325 key: 2326 description: The key of the secret to select from. Must 2327 be a valid secret key. 2328 type: string 2329 name: 2330 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2331 TODO: Add other useful fields. apiVersion, kind, 2332 uid?' 2333 type: string 2334 optional: 2335 description: Specify whether the Secret or its key 2336 must be defined 2337 type: boolean 2338 required: 2339 - key 2340 type: object 2341 apiURL: 2342 description: The WeChat API URL. 2343 type: string 2344 corpID: 2345 description: The corp id for authentication. 2346 type: string 2347 httpConfig: 2348 description: HTTP client configuration. 2349 properties: 2350 authorization: 2351 description: Authorization header configuration for 2352 the client. This is mutually exclusive with BasicAuth 2353 and is only available starting from Alertmanager 2354 v0.22+. 2355 properties: 2356 credentials: 2357 description: The secret's key that contains the 2358 credentials of the request 2359 properties: 2360 key: 2361 description: The key of the secret to select 2362 from. Must be a valid secret key. 2363 type: string 2364 name: 2365 description: 'Name of the referent. More info: 2366 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2367 TODO: Add other useful fields. apiVersion, 2368 kind, uid?' 2369 type: string 2370 optional: 2371 description: Specify whether the Secret or 2372 its key must be defined 2373 type: boolean 2374 required: 2375 - key 2376 type: object 2377 type: 2378 description: Set the authentication type. Defaults 2379 to Bearer, Basic will cause an error 2380 type: string 2381 type: object 2382 basicAuth: 2383 description: BasicAuth for the client. This is mutually 2384 exclusive with Authorization. If both are defined, 2385 BasicAuth takes precedence. 2386 properties: 2387 password: 2388 description: The secret in the service monitor 2389 namespace that contains the password for authentication. 2390 properties: 2391 key: 2392 description: The key of the secret to select 2393 from. Must be a valid secret key. 2394 type: string 2395 name: 2396 description: 'Name of the referent. More info: 2397 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2398 TODO: Add other useful fields. apiVersion, 2399 kind, uid?' 2400 type: string 2401 optional: 2402 description: Specify whether the Secret or 2403 its key must be defined 2404 type: boolean 2405 required: 2406 - key 2407 type: object 2408 username: 2409 description: The secret in the service monitor 2410 namespace that contains the username for authentication. 2411 properties: 2412 key: 2413 description: The key of the secret to select 2414 from. Must be a valid secret key. 2415 type: string 2416 name: 2417 description: 'Name of the referent. More info: 2418 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2419 TODO: Add other useful fields. apiVersion, 2420 kind, uid?' 2421 type: string 2422 optional: 2423 description: Specify whether the Secret or 2424 its key must be defined 2425 type: boolean 2426 required: 2427 - key 2428 type: object 2429 type: object 2430 bearerTokenSecret: 2431 description: The secret's key that contains the bearer 2432 token to be used by the client for authentication. 2433 The secret needs to be in the same namespace as 2434 the AlertmanagerConfig object and accessible by 2435 the Prometheus Operator. 2436 properties: 2437 key: 2438 description: The key of the secret to select from. Must 2439 be a valid secret key. 2440 type: string 2441 name: 2442 description: 'Name of the referent. More info: 2443 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2444 TODO: Add other useful fields. apiVersion, kind, 2445 uid?' 2446 type: string 2447 optional: 2448 description: Specify whether the Secret or its 2449 key must be defined 2450 type: boolean 2451 required: 2452 - key 2453 type: object 2454 proxyURL: 2455 description: Optional proxy URL. 2456 type: string 2457 tlsConfig: 2458 description: TLS configuration for the client. 2459 properties: 2460 ca: 2461 description: Struct containing the CA cert to 2462 use for the targets. 2463 properties: 2464 configMap: 2465 description: ConfigMap containing data to 2466 use for the targets. 2467 properties: 2468 key: 2469 description: The key to select. 2470 type: string 2471 name: 2472 description: 'Name of the referent. More 2473 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2474 TODO: Add other useful fields. apiVersion, 2475 kind, uid?' 2476 type: string 2477 optional: 2478 description: Specify whether the ConfigMap 2479 or its key must be defined 2480 type: boolean 2481 required: 2482 - key 2483 type: object 2484 secret: 2485 description: Secret containing data to use 2486 for the targets. 2487 properties: 2488 key: 2489 description: The key of the secret to 2490 select from. Must be a valid secret 2491 key. 2492 type: string 2493 name: 2494 description: 'Name of the referent. More 2495 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2496 TODO: Add other useful fields. apiVersion, 2497 kind, uid?' 2498 type: string 2499 optional: 2500 description: Specify whether the Secret 2501 or its key must be defined 2502 type: boolean 2503 required: 2504 - key 2505 type: object 2506 type: object 2507 cert: 2508 description: Struct containing the client cert 2509 file for the targets. 2510 properties: 2511 configMap: 2512 description: ConfigMap containing data to 2513 use for the targets. 2514 properties: 2515 key: 2516 description: The key to select. 2517 type: string 2518 name: 2519 description: 'Name of the referent. More 2520 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2521 TODO: Add other useful fields. apiVersion, 2522 kind, uid?' 2523 type: string 2524 optional: 2525 description: Specify whether the ConfigMap 2526 or its key must be defined 2527 type: boolean 2528 required: 2529 - key 2530 type: object 2531 secret: 2532 description: Secret containing data to use 2533 for the targets. 2534 properties: 2535 key: 2536 description: The key of the secret to 2537 select from. Must be a valid secret 2538 key. 2539 type: string 2540 name: 2541 description: 'Name of the referent. More 2542 info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2543 TODO: Add other useful fields. apiVersion, 2544 kind, uid?' 2545 type: string 2546 optional: 2547 description: Specify whether the Secret 2548 or its key must be defined 2549 type: boolean 2550 required: 2551 - key 2552 type: object 2553 type: object 2554 insecureSkipVerify: 2555 description: Disable target certificate validation. 2556 type: boolean 2557 keySecret: 2558 description: Secret containing the client key 2559 file for the targets. 2560 properties: 2561 key: 2562 description: The key of the secret to select 2563 from. Must be a valid secret key. 2564 type: string 2565 name: 2566 description: 'Name of the referent. More info: 2567 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2568 TODO: Add other useful fields. apiVersion, 2569 kind, uid?' 2570 type: string 2571 optional: 2572 description: Specify whether the Secret or 2573 its key must be defined 2574 type: boolean 2575 required: 2576 - key 2577 type: object 2578 serverName: 2579 description: Used to verify the hostname for the 2580 targets. 2581 type: string 2582 type: object 2583 type: object 2584 message: 2585 description: API request data as defined by the WeChat 2586 API. 2587 type: string 2588 messageType: 2589 type: string 2590 sendResolved: 2591 description: Whether or not to notify about resolved alerts. 2592 type: boolean 2593 toParty: 2594 type: string 2595 toTag: 2596 type: string 2597 toUser: 2598 type: string 2599 type: object 2600 type: array 2601 required: 2602 - name 2603 type: object 2604 type: array 2605 route: 2606 description: The Alertmanager route definition for alerts matching 2607 the resource’s namespace. If present, it will be added to the generated 2608 Alertmanager configuration as a first-level route. 2609 properties: 2610 continue: 2611 description: Boolean indicating whether an alert should continue 2612 matching subsequent sibling nodes. It will always be overridden 2613 to true for the first-level route by the Prometheus operator. 2614 type: boolean 2615 groupBy: 2616 description: List of labels to group by. 2617 items: 2618 type: string 2619 type: array 2620 groupInterval: 2621 description: How long to wait before sending an updated notification. 2622 Must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds 2623 seconds minutes hours). 2624 type: string 2625 groupWait: 2626 description: How long to wait before sending the initial notification. 2627 Must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds 2628 seconds minutes hours). 2629 type: string 2630 matchers: 2631 description: 'List of matchers that the alert’s labels should 2632 match. For the first level route, the operator removes any existing 2633 equality and regexp matcher on the `namespace` label and adds 2634 a `namespace: <object namespace>` matcher.' 2635 items: 2636 description: Matcher defines how to match on alert's labels. 2637 properties: 2638 name: 2639 description: Label to match. 2640 minLength: 1 2641 type: string 2642 regex: 2643 description: Whether to match on equality (false) or regular-expression 2644 (true). 2645 type: boolean 2646 value: 2647 description: Label value to match. 2648 type: string 2649 required: 2650 - name 2651 type: object 2652 type: array 2653 receiver: 2654 description: Name of the receiver for this route. If not empty, 2655 it should be listed in the `receivers` field. 2656 type: string 2657 repeatInterval: 2658 description: How long to wait before repeating the last notification. 2659 Must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds 2660 seconds minutes hours). 2661 type: string 2662 routes: 2663 description: Child routes. 2664 items: 2665 x-kubernetes-preserve-unknown-fields: true 2666 type: array 2667 type: object 2668 type: object 2669 required: 2670 - spec 2671 type: object 2672 served: true 2673 storage: true 2674 status: 2675 acceptedNames: 2676 kind: "" 2677 plural: "" 2678 conditions: [] 2679 storedVersions: [] 2680 --- 2681 2682 --- 2683 apiVersion: apiextensions.k8s.io/v1 2684 kind: CustomResourceDefinition 2685 metadata: 2686 annotations: 2687 controller-gen.kubebuilder.io/version: v0.6.2 2688 creationTimestamp: null 2689 name: alertmanagers.monitoring.coreos.com 2690 spec: 2691 group: monitoring.coreos.com 2692 names: 2693 categories: 2694 - prometheus-operator 2695 kind: Alertmanager 2696 listKind: AlertmanagerList 2697 plural: alertmanagers 2698 singular: alertmanager 2699 scope: Namespaced 2700 versions: 2701 - additionalPrinterColumns: 2702 - description: The version of Alertmanager 2703 jsonPath: .spec.version 2704 name: Version 2705 type: string 2706 - description: The desired replicas number of Alertmanagers 2707 jsonPath: .spec.replicas 2708 name: Replicas 2709 type: integer 2710 - jsonPath: .metadata.creationTimestamp 2711 name: Age 2712 type: date 2713 name: v1 2714 schema: 2715 openAPIV3Schema: 2716 description: Alertmanager describes an Alertmanager cluster. 2717 properties: 2718 apiVersion: 2719 description: 'APIVersion defines the versioned schema of this representation 2720 of an object. Servers should convert recognized schemas to the latest 2721 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 2722 type: string 2723 kind: 2724 description: 'Kind is a string value representing the REST resource this 2725 object represents. Servers may infer this from the endpoint the client 2726 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 2727 type: string 2728 metadata: 2729 type: object 2730 spec: 2731 description: 'Specification of the desired behavior of the Alertmanager 2732 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 2733 properties: 2734 additionalPeers: 2735 description: AdditionalPeers allows injecting a set of additional 2736 Alertmanagers to peer with to form a highly available cluster. 2737 items: 2738 type: string 2739 type: array 2740 affinity: 2741 description: If specified, the pod's scheduling constraints. 2742 properties: 2743 nodeAffinity: 2744 description: Describes node affinity scheduling rules for the 2745 pod. 2746 properties: 2747 preferredDuringSchedulingIgnoredDuringExecution: 2748 description: The scheduler will prefer to schedule pods to 2749 nodes that satisfy the affinity expressions specified by 2750 this field, but it may choose a node that violates one or 2751 more of the expressions. The node that is most preferred 2752 is the one with the greatest sum of weights, i.e. for each 2753 node that meets all of the scheduling requirements (resource 2754 request, requiredDuringScheduling affinity expressions, 2755 etc.), compute a sum by iterating through the elements of 2756 this field and adding "weight" to the sum if the node matches 2757 the corresponding matchExpressions; the node(s) with the 2758 highest sum are the most preferred. 2759 items: 2760 description: An empty preferred scheduling term matches 2761 all objects with implicit weight 0 (i.e. it's a no-op). 2762 A null preferred scheduling term matches no objects (i.e. 2763 is also a no-op). 2764 properties: 2765 preference: 2766 description: A node selector term, associated with the 2767 corresponding weight. 2768 properties: 2769 matchExpressions: 2770 description: A list of node selector requirements 2771 by node's labels. 2772 items: 2773 description: A node selector requirement is a 2774 selector that contains values, a key, and an 2775 operator that relates the key and values. 2776 properties: 2777 key: 2778 description: The label key that the selector 2779 applies to. 2780 type: string 2781 operator: 2782 description: Represents a key's relationship 2783 to a set of values. Valid operators are 2784 In, NotIn, Exists, DoesNotExist. Gt, and 2785 Lt. 2786 type: string 2787 values: 2788 description: An array of string values. If 2789 the operator is In or NotIn, the values 2790 array must be non-empty. If the operator 2791 is Exists or DoesNotExist, the values array 2792 must be empty. If the operator is Gt or 2793 Lt, the values array must have a single 2794 element, which will be interpreted as an 2795 integer. This array is replaced during a 2796 strategic merge patch. 2797 items: 2798 type: string 2799 type: array 2800 required: 2801 - key 2802 - operator 2803 type: object 2804 type: array 2805 matchFields: 2806 description: A list of node selector requirements 2807 by node's fields. 2808 items: 2809 description: A node selector requirement is a 2810 selector that contains values, a key, and an 2811 operator that relates the key and values. 2812 properties: 2813 key: 2814 description: The label key that the selector 2815 applies to. 2816 type: string 2817 operator: 2818 description: Represents a key's relationship 2819 to a set of values. Valid operators are 2820 In, NotIn, Exists, DoesNotExist. Gt, and 2821 Lt. 2822 type: string 2823 values: 2824 description: An array of string values. If 2825 the operator is In or NotIn, the values 2826 array must be non-empty. If the operator 2827 is Exists or DoesNotExist, the values array 2828 must be empty. If the operator is Gt or 2829 Lt, the values array must have a single 2830 element, which will be interpreted as an 2831 integer. This array is replaced during a 2832 strategic merge patch. 2833 items: 2834 type: string 2835 type: array 2836 required: 2837 - key 2838 - operator 2839 type: object 2840 type: array 2841 type: object 2842 weight: 2843 description: Weight associated with matching the corresponding 2844 nodeSelectorTerm, in the range 1-100. 2845 format: int32 2846 type: integer 2847 required: 2848 - preference 2849 - weight 2850 type: object 2851 type: array 2852 requiredDuringSchedulingIgnoredDuringExecution: 2853 description: If the affinity requirements specified by this 2854 field are not met at scheduling time, the pod will not be 2855 scheduled onto the node. If the affinity requirements specified 2856 by this field cease to be met at some point during pod execution 2857 (e.g. due to an update), the system may or may not try to 2858 eventually evict the pod from its node. 2859 properties: 2860 nodeSelectorTerms: 2861 description: Required. A list of node selector terms. 2862 The terms are ORed. 2863 items: 2864 description: A null or empty node selector term matches 2865 no objects. The requirements of them are ANDed. The 2866 TopologySelectorTerm type implements a subset of the 2867 NodeSelectorTerm. 2868 properties: 2869 matchExpressions: 2870 description: A list of node selector requirements 2871 by node's labels. 2872 items: 2873 description: A node selector requirement is a 2874 selector that contains values, a key, and an 2875 operator that relates the key and values. 2876 properties: 2877 key: 2878 description: The label key that the selector 2879 applies to. 2880 type: string 2881 operator: 2882 description: Represents a key's relationship 2883 to a set of values. Valid operators are 2884 In, NotIn, Exists, DoesNotExist. Gt, and 2885 Lt. 2886 type: string 2887 values: 2888 description: An array of string values. If 2889 the operator is In or NotIn, the values 2890 array must be non-empty. If the operator 2891 is Exists or DoesNotExist, the values array 2892 must be empty. If the operator is Gt or 2893 Lt, the values array must have a single 2894 element, which will be interpreted as an 2895 integer. This array is replaced during a 2896 strategic merge patch. 2897 items: 2898 type: string 2899 type: array 2900 required: 2901 - key 2902 - operator 2903 type: object 2904 type: array 2905 matchFields: 2906 description: A list of node selector requirements 2907 by node's fields. 2908 items: 2909 description: A node selector requirement is a 2910 selector that contains values, a key, and an 2911 operator that relates the key and values. 2912 properties: 2913 key: 2914 description: The label key that the selector 2915 applies to. 2916 type: string 2917 operator: 2918 description: Represents a key's relationship 2919 to a set of values. Valid operators are 2920 In, NotIn, Exists, DoesNotExist. Gt, and 2921 Lt. 2922 type: string 2923 values: 2924 description: An array of string values. If 2925 the operator is In or NotIn, the values 2926 array must be non-empty. If the operator 2927 is Exists or DoesNotExist, the values array 2928 must be empty. If the operator is Gt or 2929 Lt, the values array must have a single 2930 element, which will be interpreted as an 2931 integer. This array is replaced during a 2932 strategic merge patch. 2933 items: 2934 type: string 2935 type: array 2936 required: 2937 - key 2938 - operator 2939 type: object 2940 type: array 2941 type: object 2942 type: array 2943 required: 2944 - nodeSelectorTerms 2945 type: object 2946 type: object 2947 podAffinity: 2948 description: Describes pod affinity scheduling rules (e.g. co-locate 2949 this pod in the same node, zone, etc. as some other pod(s)). 2950 properties: 2951 preferredDuringSchedulingIgnoredDuringExecution: 2952 description: The scheduler will prefer to schedule pods to 2953 nodes that satisfy the affinity expressions specified by 2954 this field, but it may choose a node that violates one or 2955 more of the expressions. The node that is most preferred 2956 is the one with the greatest sum of weights, i.e. for each 2957 node that meets all of the scheduling requirements (resource 2958 request, requiredDuringScheduling affinity expressions, 2959 etc.), compute a sum by iterating through the elements of 2960 this field and adding "weight" to the sum if the node has 2961 pods which matches the corresponding podAffinityTerm; the 2962 node(s) with the highest sum are the most preferred. 2963 items: 2964 description: The weights of all of the matched WeightedPodAffinityTerm 2965 fields are added per-node to find the most preferred node(s) 2966 properties: 2967 podAffinityTerm: 2968 description: Required. A pod affinity term, associated 2969 with the corresponding weight. 2970 properties: 2971 labelSelector: 2972 description: A label query over a set of resources, 2973 in this case pods. 2974 properties: 2975 matchExpressions: 2976 description: matchExpressions is a list of label 2977 selector requirements. The requirements are 2978 ANDed. 2979 items: 2980 description: A label selector requirement 2981 is a selector that contains values, a key, 2982 and an operator that relates the key and 2983 values. 2984 properties: 2985 key: 2986 description: key is the label key that 2987 the selector applies to. 2988 type: string 2989 operator: 2990 description: operator represents a key's 2991 relationship to a set of values. Valid 2992 operators are In, NotIn, Exists and 2993 DoesNotExist. 2994 type: string 2995 values: 2996 description: values is an array of string 2997 values. If the operator is In or NotIn, 2998 the values array must be non-empty. 2999 If the operator is Exists or DoesNotExist, 3000 the values array must be empty. This 3001 array is replaced during a strategic 3002 merge patch. 3003 items: 3004 type: string 3005 type: array 3006 required: 3007 - key 3008 - operator 3009 type: object 3010 type: array 3011 matchLabels: 3012 additionalProperties: 3013 type: string 3014 description: matchLabels is a map of {key,value} 3015 pairs. A single {key,value} in the matchLabels 3016 map is equivalent to an element of matchExpressions, 3017 whose key field is "key", the operator is 3018 "In", and the values array contains only "value". 3019 The requirements are ANDed. 3020 type: object 3021 type: object 3022 namespaceSelector: 3023 description: A label query over the set of namespaces 3024 that the term applies to. The term is applied 3025 to the union of the namespaces selected by this 3026 field and the ones listed in the namespaces field. 3027 null selector and null or empty namespaces list 3028 means "this pod's namespace". An empty selector 3029 ({}) matches all namespaces. This field is beta-level 3030 and is only honored when PodAffinityNamespaceSelector 3031 feature is enabled. 3032 properties: 3033 matchExpressions: 3034 description: matchExpressions is a list of label 3035 selector requirements. The requirements are 3036 ANDed. 3037 items: 3038 description: A label selector requirement 3039 is a selector that contains values, a key, 3040 and an operator that relates the key and 3041 values. 3042 properties: 3043 key: 3044 description: key is the label key that 3045 the selector applies to. 3046 type: string 3047 operator: 3048 description: operator represents a key's 3049 relationship to a set of values. Valid 3050 operators are In, NotIn, Exists and 3051 DoesNotExist. 3052 type: string 3053 values: 3054 description: values is an array of string 3055 values. If the operator is In or NotIn, 3056 the values array must be non-empty. 3057 If the operator is Exists or DoesNotExist, 3058 the values array must be empty. This 3059 array is replaced during a strategic 3060 merge patch. 3061 items: 3062 type: string 3063 type: array 3064 required: 3065 - key 3066 - operator 3067 type: object 3068 type: array 3069 matchLabels: 3070 additionalProperties: 3071 type: string 3072 description: matchLabels is a map of {key,value} 3073 pairs. A single {key,value} in the matchLabels 3074 map is equivalent to an element of matchExpressions, 3075 whose key field is "key", the operator is 3076 "In", and the values array contains only "value". 3077 The requirements are ANDed. 3078 type: object 3079 type: object 3080 namespaces: 3081 description: namespaces specifies a static list 3082 of namespace names that the term applies to. The 3083 term is applied to the union of the namespaces 3084 listed in this field and the ones selected by 3085 namespaceSelector. null or empty namespaces list 3086 and null namespaceSelector means "this pod's namespace" 3087 items: 3088 type: string 3089 type: array 3090 topologyKey: 3091 description: This pod should be co-located (affinity) 3092 or not co-located (anti-affinity) with the pods 3093 matching the labelSelector in the specified namespaces, 3094 where co-located is defined as running on a node 3095 whose value of the label with key topologyKey 3096 matches that of any node on which any of the selected 3097 pods is running. Empty topologyKey is not allowed. 3098 type: string 3099 required: 3100 - topologyKey 3101 type: object 3102 weight: 3103 description: weight associated with matching the corresponding 3104 podAffinityTerm, in the range 1-100. 3105 format: int32 3106 type: integer 3107 required: 3108 - podAffinityTerm 3109 - weight 3110 type: object 3111 type: array 3112 requiredDuringSchedulingIgnoredDuringExecution: 3113 description: If the affinity requirements specified by this 3114 field are not met at scheduling time, the pod will not be 3115 scheduled onto the node. If the affinity requirements specified 3116 by this field cease to be met at some point during pod execution 3117 (e.g. due to a pod label update), the system may or may 3118 not try to eventually evict the pod from its node. When 3119 there are multiple elements, the lists of nodes corresponding 3120 to each podAffinityTerm are intersected, i.e. all terms 3121 must be satisfied. 3122 items: 3123 description: Defines a set of pods (namely those matching 3124 the labelSelector relative to the given namespace(s)) 3125 that this pod should be co-located (affinity) or not co-located 3126 (anti-affinity) with, where co-located is defined as running 3127 on a node whose value of the label with key <topologyKey> 3128 matches that of any node on which a pod of the set of 3129 pods is running 3130 properties: 3131 labelSelector: 3132 description: A label query over a set of resources, 3133 in this case pods. 3134 properties: 3135 matchExpressions: 3136 description: matchExpressions is a list of label 3137 selector requirements. The requirements are ANDed. 3138 items: 3139 description: A label selector requirement is a 3140 selector that contains values, a key, and an 3141 operator that relates the key and values. 3142 properties: 3143 key: 3144 description: key is the label key that the 3145 selector applies to. 3146 type: string 3147 operator: 3148 description: operator represents a key's relationship 3149 to a set of values. Valid operators are 3150 In, NotIn, Exists and DoesNotExist. 3151 type: string 3152 values: 3153 description: values is an array of string 3154 values. If the operator is In or NotIn, 3155 the values array must be non-empty. If the 3156 operator is Exists or DoesNotExist, the 3157 values array must be empty. This array is 3158 replaced during a strategic merge patch. 3159 items: 3160 type: string 3161 type: array 3162 required: 3163 - key 3164 - operator 3165 type: object 3166 type: array 3167 matchLabels: 3168 additionalProperties: 3169 type: string 3170 description: matchLabels is a map of {key,value} 3171 pairs. A single {key,value} in the matchLabels 3172 map is equivalent to an element of matchExpressions, 3173 whose key field is "key", the operator is "In", 3174 and the values array contains only "value". The 3175 requirements are ANDed. 3176 type: object 3177 type: object 3178 namespaceSelector: 3179 description: A label query over the set of namespaces 3180 that the term applies to. The term is applied to the 3181 union of the namespaces selected by this field and 3182 the ones listed in the namespaces field. null selector 3183 and null or empty namespaces list means "this pod's 3184 namespace". An empty selector ({}) matches all namespaces. 3185 This field is beta-level and is only honored when 3186 PodAffinityNamespaceSelector feature is enabled. 3187 properties: 3188 matchExpressions: 3189 description: matchExpressions is a list of label 3190 selector requirements. The requirements are ANDed. 3191 items: 3192 description: A label selector requirement is a 3193 selector that contains values, a key, and an 3194 operator that relates the key and values. 3195 properties: 3196 key: 3197 description: key is the label key that the 3198 selector applies to. 3199 type: string 3200 operator: 3201 description: operator represents a key's relationship 3202 to a set of values. Valid operators are 3203 In, NotIn, Exists and DoesNotExist. 3204 type: string 3205 values: 3206 description: values is an array of string 3207 values. If the operator is In or NotIn, 3208 the values array must be non-empty. If the 3209 operator is Exists or DoesNotExist, the 3210 values array must be empty. This array is 3211 replaced during a strategic merge patch. 3212 items: 3213 type: string 3214 type: array 3215 required: 3216 - key 3217 - operator 3218 type: object 3219 type: array 3220 matchLabels: 3221 additionalProperties: 3222 type: string 3223 description: matchLabels is a map of {key,value} 3224 pairs. A single {key,value} in the matchLabels 3225 map is equivalent to an element of matchExpressions, 3226 whose key field is "key", the operator is "In", 3227 and the values array contains only "value". The 3228 requirements are ANDed. 3229 type: object 3230 type: object 3231 namespaces: 3232 description: namespaces specifies a static list of namespace 3233 names that the term applies to. The term is applied 3234 to the union of the namespaces listed in this field 3235 and the ones selected by namespaceSelector. null or 3236 empty namespaces list and null namespaceSelector means 3237 "this pod's namespace" 3238 items: 3239 type: string 3240 type: array 3241 topologyKey: 3242 description: This pod should be co-located (affinity) 3243 or not co-located (anti-affinity) with the pods matching 3244 the labelSelector in the specified namespaces, where 3245 co-located is defined as running on a node whose value 3246 of the label with key topologyKey matches that of 3247 any node on which any of the selected pods is running. 3248 Empty topologyKey is not allowed. 3249 type: string 3250 required: 3251 - topologyKey 3252 type: object 3253 type: array 3254 type: object 3255 podAntiAffinity: 3256 description: Describes pod anti-affinity scheduling rules (e.g. 3257 avoid putting this pod in the same node, zone, etc. as some 3258 other pod(s)). 3259 properties: 3260 preferredDuringSchedulingIgnoredDuringExecution: 3261 description: The scheduler will prefer to schedule pods to 3262 nodes that satisfy the anti-affinity expressions specified 3263 by this field, but it may choose a node that violates one 3264 or more of the expressions. The node that is most preferred 3265 is the one with the greatest sum of weights, i.e. for each 3266 node that meets all of the scheduling requirements (resource 3267 request, requiredDuringScheduling anti-affinity expressions, 3268 etc.), compute a sum by iterating through the elements of 3269 this field and adding "weight" to the sum if the node has 3270 pods which matches the corresponding podAffinityTerm; the 3271 node(s) with the highest sum are the most preferred. 3272 items: 3273 description: The weights of all of the matched WeightedPodAffinityTerm 3274 fields are added per-node to find the most preferred node(s) 3275 properties: 3276 podAffinityTerm: 3277 description: Required. A pod affinity term, associated 3278 with the corresponding weight. 3279 properties: 3280 labelSelector: 3281 description: A label query over a set of resources, 3282 in this case pods. 3283 properties: 3284 matchExpressions: 3285 description: matchExpressions is a list of label 3286 selector requirements. The requirements are 3287 ANDed. 3288 items: 3289 description: A label selector requirement 3290 is a selector that contains values, a key, 3291 and an operator that relates the key and 3292 values. 3293 properties: 3294 key: 3295 description: key is the label key that 3296 the selector applies to. 3297 type: string 3298 operator: 3299 description: operator represents a key's 3300 relationship to a set of values. Valid 3301 operators are In, NotIn, Exists and 3302 DoesNotExist. 3303 type: string 3304 values: 3305 description: values is an array of string 3306 values. If the operator is In or NotIn, 3307 the values array must be non-empty. 3308 If the operator is Exists or DoesNotExist, 3309 the values array must be empty. This 3310 array is replaced during a strategic 3311 merge patch. 3312 items: 3313 type: string 3314 type: array 3315 required: 3316 - key 3317 - operator 3318 type: object 3319 type: array 3320 matchLabels: 3321 additionalProperties: 3322 type: string 3323 description: matchLabels is a map of {key,value} 3324 pairs. A single {key,value} in the matchLabels 3325 map is equivalent to an element of matchExpressions, 3326 whose key field is "key", the operator is 3327 "In", and the values array contains only "value". 3328 The requirements are ANDed. 3329 type: object 3330 type: object 3331 namespaceSelector: 3332 description: A label query over the set of namespaces 3333 that the term applies to. The term is applied 3334 to the union of the namespaces selected by this 3335 field and the ones listed in the namespaces field. 3336 null selector and null or empty namespaces list 3337 means "this pod's namespace". An empty selector 3338 ({}) matches all namespaces. This field is beta-level 3339 and is only honored when PodAffinityNamespaceSelector 3340 feature is enabled. 3341 properties: 3342 matchExpressions: 3343 description: matchExpressions is a list of label 3344 selector requirements. The requirements are 3345 ANDed. 3346 items: 3347 description: A label selector requirement 3348 is a selector that contains values, a key, 3349 and an operator that relates the key and 3350 values. 3351 properties: 3352 key: 3353 description: key is the label key that 3354 the selector applies to. 3355 type: string 3356 operator: 3357 description: operator represents a key's 3358 relationship to a set of values. Valid 3359 operators are In, NotIn, Exists and 3360 DoesNotExist. 3361 type: string 3362 values: 3363 description: values is an array of string 3364 values. If the operator is In or NotIn, 3365 the values array must be non-empty. 3366 If the operator is Exists or DoesNotExist, 3367 the values array must be empty. This 3368 array is replaced during a strategic 3369 merge patch. 3370 items: 3371 type: string 3372 type: array 3373 required: 3374 - key 3375 - operator 3376 type: object 3377 type: array 3378 matchLabels: 3379 additionalProperties: 3380 type: string 3381 description: matchLabels is a map of {key,value} 3382 pairs. A single {key,value} in the matchLabels 3383 map is equivalent to an element of matchExpressions, 3384 whose key field is "key", the operator is 3385 "In", and the values array contains only "value". 3386 The requirements are ANDed. 3387 type: object 3388 type: object 3389 namespaces: 3390 description: namespaces specifies a static list 3391 of namespace names that the term applies to. The 3392 term is applied to the union of the namespaces 3393 listed in this field and the ones selected by 3394 namespaceSelector. null or empty namespaces list 3395 and null namespaceSelector means "this pod's namespace" 3396 items: 3397 type: string 3398 type: array 3399 topologyKey: 3400 description: This pod should be co-located (affinity) 3401 or not co-located (anti-affinity) with the pods 3402 matching the labelSelector in the specified namespaces, 3403 where co-located is defined as running on a node 3404 whose value of the label with key topologyKey 3405 matches that of any node on which any of the selected 3406 pods is running. Empty topologyKey is not allowed. 3407 type: string 3408 required: 3409 - topologyKey 3410 type: object 3411 weight: 3412 description: weight associated with matching the corresponding 3413 podAffinityTerm, in the range 1-100. 3414 format: int32 3415 type: integer 3416 required: 3417 - podAffinityTerm 3418 - weight 3419 type: object 3420 type: array 3421 requiredDuringSchedulingIgnoredDuringExecution: 3422 description: If the anti-affinity requirements specified by 3423 this field are not met at scheduling time, the pod will 3424 not be scheduled onto the node. If the anti-affinity requirements 3425 specified by this field cease to be met at some point during 3426 pod execution (e.g. due to a pod label update), the system 3427 may or may not try to eventually evict the pod from its 3428 node. When there are multiple elements, the lists of nodes 3429 corresponding to each podAffinityTerm are intersected, i.e. 3430 all terms must be satisfied. 3431 items: 3432 description: Defines a set of pods (namely those matching 3433 the labelSelector relative to the given namespace(s)) 3434 that this pod should be co-located (affinity) or not co-located 3435 (anti-affinity) with, where co-located is defined as running 3436 on a node whose value of the label with key <topologyKey> 3437 matches that of any node on which a pod of the set of 3438 pods is running 3439 properties: 3440 labelSelector: 3441 description: A label query over a set of resources, 3442 in this case pods. 3443 properties: 3444 matchExpressions: 3445 description: matchExpressions is a list of label 3446 selector requirements. The requirements are ANDed. 3447 items: 3448 description: A label selector requirement is a 3449 selector that contains values, a key, and an 3450 operator that relates the key and values. 3451 properties: 3452 key: 3453 description: key is the label key that the 3454 selector applies to. 3455 type: string 3456 operator: 3457 description: operator represents a key's relationship 3458 to a set of values. Valid operators are 3459 In, NotIn, Exists and DoesNotExist. 3460 type: string 3461 values: 3462 description: values is an array of string 3463 values. If the operator is In or NotIn, 3464 the values array must be non-empty. If the 3465 operator is Exists or DoesNotExist, the 3466 values array must be empty. This array is 3467 replaced during a strategic merge patch. 3468 items: 3469 type: string 3470 type: array 3471 required: 3472 - key 3473 - operator 3474 type: object 3475 type: array 3476 matchLabels: 3477 additionalProperties: 3478 type: string 3479 description: matchLabels is a map of {key,value} 3480 pairs. A single {key,value} in the matchLabels 3481 map is equivalent to an element of matchExpressions, 3482 whose key field is "key", the operator is "In", 3483 and the values array contains only "value". The 3484 requirements are ANDed. 3485 type: object 3486 type: object 3487 namespaceSelector: 3488 description: A label query over the set of namespaces 3489 that the term applies to. The term is applied to the 3490 union of the namespaces selected by this field and 3491 the ones listed in the namespaces field. null selector 3492 and null or empty namespaces list means "this pod's 3493 namespace". An empty selector ({}) matches all namespaces. 3494 This field is beta-level and is only honored when 3495 PodAffinityNamespaceSelector feature is enabled. 3496 properties: 3497 matchExpressions: 3498 description: matchExpressions is a list of label 3499 selector requirements. The requirements are ANDed. 3500 items: 3501 description: A label selector requirement is a 3502 selector that contains values, a key, and an 3503 operator that relates the key and values. 3504 properties: 3505 key: 3506 description: key is the label key that the 3507 selector applies to. 3508 type: string 3509 operator: 3510 description: operator represents a key's relationship 3511 to a set of values. Valid operators are 3512 In, NotIn, Exists and DoesNotExist. 3513 type: string 3514 values: 3515 description: values is an array of string 3516 values. If the operator is In or NotIn, 3517 the values array must be non-empty. If the 3518 operator is Exists or DoesNotExist, the 3519 values array must be empty. This array is 3520 replaced during a strategic merge patch. 3521 items: 3522 type: string 3523 type: array 3524 required: 3525 - key 3526 - operator 3527 type: object 3528 type: array 3529 matchLabels: 3530 additionalProperties: 3531 type: string 3532 description: matchLabels is a map of {key,value} 3533 pairs. A single {key,value} in the matchLabels 3534 map is equivalent to an element of matchExpressions, 3535 whose key field is "key", the operator is "In", 3536 and the values array contains only "value". The 3537 requirements are ANDed. 3538 type: object 3539 type: object 3540 namespaces: 3541 description: namespaces specifies a static list of namespace 3542 names that the term applies to. The term is applied 3543 to the union of the namespaces listed in this field 3544 and the ones selected by namespaceSelector. null or 3545 empty namespaces list and null namespaceSelector means 3546 "this pod's namespace" 3547 items: 3548 type: string 3549 type: array 3550 topologyKey: 3551 description: This pod should be co-located (affinity) 3552 or not co-located (anti-affinity) with the pods matching 3553 the labelSelector in the specified namespaces, where 3554 co-located is defined as running on a node whose value 3555 of the label with key topologyKey matches that of 3556 any node on which any of the selected pods is running. 3557 Empty topologyKey is not allowed. 3558 type: string 3559 required: 3560 - topologyKey 3561 type: object 3562 type: array 3563 type: object 3564 type: object 3565 alertmanagerConfigNamespaceSelector: 3566 description: Namespaces to be selected for AlertmanagerConfig discovery. 3567 If nil, only check own namespace. 3568 properties: 3569 matchExpressions: 3570 description: matchExpressions is a list of label selector requirements. 3571 The requirements are ANDed. 3572 items: 3573 description: A label selector requirement is a selector that 3574 contains values, a key, and an operator that relates the key 3575 and values. 3576 properties: 3577 key: 3578 description: key is the label key that the selector applies 3579 to. 3580 type: string 3581 operator: 3582 description: operator represents a key's relationship to 3583 a set of values. Valid operators are In, NotIn, Exists 3584 and DoesNotExist. 3585 type: string 3586 values: 3587 description: values is an array of string values. If the 3588 operator is In or NotIn, the values array must be non-empty. 3589 If the operator is Exists or DoesNotExist, the values 3590 array must be empty. This array is replaced during a strategic 3591 merge patch. 3592 items: 3593 type: string 3594 type: array 3595 required: 3596 - key 3597 - operator 3598 type: object 3599 type: array 3600 matchLabels: 3601 additionalProperties: 3602 type: string 3603 description: matchLabels is a map of {key,value} pairs. A single 3604 {key,value} in the matchLabels map is equivalent to an element 3605 of matchExpressions, whose key field is "key", the operator 3606 is "In", and the values array contains only "value". The requirements 3607 are ANDed. 3608 type: object 3609 type: object 3610 alertmanagerConfigSelector: 3611 description: AlertmanagerConfigs to be selected for to merge and configure 3612 Alertmanager with. 3613 properties: 3614 matchExpressions: 3615 description: matchExpressions is a list of label selector requirements. 3616 The requirements are ANDed. 3617 items: 3618 description: A label selector requirement is a selector that 3619 contains values, a key, and an operator that relates the key 3620 and values. 3621 properties: 3622 key: 3623 description: key is the label key that the selector applies 3624 to. 3625 type: string 3626 operator: 3627 description: operator represents a key's relationship to 3628 a set of values. Valid operators are In, NotIn, Exists 3629 and DoesNotExist. 3630 type: string 3631 values: 3632 description: values is an array of string values. If the 3633 operator is In or NotIn, the values array must be non-empty. 3634 If the operator is Exists or DoesNotExist, the values 3635 array must be empty. This array is replaced during a strategic 3636 merge patch. 3637 items: 3638 type: string 3639 type: array 3640 required: 3641 - key 3642 - operator 3643 type: object 3644 type: array 3645 matchLabels: 3646 additionalProperties: 3647 type: string 3648 description: matchLabels is a map of {key,value} pairs. A single 3649 {key,value} in the matchLabels map is equivalent to an element 3650 of matchExpressions, whose key field is "key", the operator 3651 is "In", and the values array contains only "value". The requirements 3652 are ANDed. 3653 type: object 3654 type: object 3655 baseImage: 3656 description: 'Base image that is used to deploy pods, without tag. 3657 Deprecated: use ''image'' instead' 3658 type: string 3659 clusterAdvertiseAddress: 3660 description: 'ClusterAdvertiseAddress is the explicit address to advertise 3661 in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. 3662 [1] RFC1918: https://tools.ietf.org/html/rfc1918' 3663 type: string 3664 clusterGossipInterval: 3665 description: Interval between gossip attempts. 3666 type: string 3667 clusterPeerTimeout: 3668 description: Timeout for cluster peering. 3669 type: string 3670 clusterPushpullInterval: 3671 description: Interval between pushpull attempts. 3672 type: string 3673 configMaps: 3674 description: ConfigMaps is a list of ConfigMaps in the same namespace 3675 as the Alertmanager object, which shall be mounted into the Alertmanager 3676 Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/<configmap-name>. 3677 items: 3678 type: string 3679 type: array 3680 configSecret: 3681 description: ConfigSecret is the name of a Kubernetes Secret in the 3682 same namespace as the Alertmanager object, which contains configuration 3683 for this Alertmanager instance. Defaults to 'alertmanager-<alertmanager-name>' 3684 The secret is mounted into /etc/alertmanager/config. 3685 type: string 3686 containers: 3687 description: 'Containers allows injecting additional containers. This 3688 is meant to allow adding an authentication proxy to an Alertmanager 3689 pod. Containers described here modify an operator generated container 3690 if they share the same name and modifications are done via a strategic 3691 merge patch. The current container names are: `alertmanager` and 3692 `config-reloader`. Overriding containers is entirely outside the 3693 scope of what the maintainers will support and by doing so, you 3694 accept that this behaviour may break at any time without notice.' 3695 items: 3696 description: A single application container that you want to run 3697 within a pod. 3698 properties: 3699 args: 3700 description: 'Arguments to the entrypoint. The docker image''s 3701 CMD is used if this is not provided. Variable references $(VAR_NAME) 3702 are expanded using the container''s environment. If a variable 3703 cannot be resolved, the reference in the input string will 3704 be unchanged. Double $$ are reduced to a single $, which allows 3705 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 3706 produce the string literal "$(VAR_NAME)". Escaped references 3707 will never be expanded, regardless of whether the variable 3708 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3709 items: 3710 type: string 3711 type: array 3712 command: 3713 description: 'Entrypoint array. Not executed within a shell. 3714 The docker image''s ENTRYPOINT is used if this is not provided. 3715 Variable references $(VAR_NAME) are expanded using the container''s 3716 environment. If a variable cannot be resolved, the reference 3717 in the input string will be unchanged. Double $$ are reduced 3718 to a single $, which allows for escaping the $(VAR_NAME) syntax: 3719 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 3720 Escaped references will never be expanded, regardless of whether 3721 the variable exists or not. Cannot be updated. More info: 3722 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 3723 items: 3724 type: string 3725 type: array 3726 env: 3727 description: List of environment variables to set in the container. 3728 Cannot be updated. 3729 items: 3730 description: EnvVar represents an environment variable present 3731 in a Container. 3732 properties: 3733 name: 3734 description: Name of the environment variable. Must be 3735 a C_IDENTIFIER. 3736 type: string 3737 value: 3738 description: 'Variable references $(VAR_NAME) are expanded 3739 using the previously defined environment variables in 3740 the container and any service environment variables. 3741 If a variable cannot be resolved, the reference in the 3742 input string will be unchanged. Double $$ are reduced 3743 to a single $, which allows for escaping the $(VAR_NAME) 3744 syntax: i.e. "$$(VAR_NAME)" will produce the string 3745 literal "$(VAR_NAME)". Escaped references will never 3746 be expanded, regardless of whether the variable exists 3747 or not. Defaults to "".' 3748 type: string 3749 valueFrom: 3750 description: Source for the environment variable's value. 3751 Cannot be used if value is not empty. 3752 properties: 3753 configMapKeyRef: 3754 description: Selects a key of a ConfigMap. 3755 properties: 3756 key: 3757 description: The key to select. 3758 type: string 3759 name: 3760 description: 'Name of the referent. More info: 3761 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3762 TODO: Add other useful fields. apiVersion, kind, 3763 uid?' 3764 type: string 3765 optional: 3766 description: Specify whether the ConfigMap or 3767 its key must be defined 3768 type: boolean 3769 required: 3770 - key 3771 type: object 3772 fieldRef: 3773 description: 'Selects a field of the pod: supports 3774 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 3775 `metadata.annotations[''<KEY>'']`, spec.nodeName, 3776 spec.serviceAccountName, status.hostIP, status.podIP, 3777 status.podIPs.' 3778 properties: 3779 apiVersion: 3780 description: Version of the schema the FieldPath 3781 is written in terms of, defaults to "v1". 3782 type: string 3783 fieldPath: 3784 description: Path of the field to select in the 3785 specified API version. 3786 type: string 3787 required: 3788 - fieldPath 3789 type: object 3790 resourceFieldRef: 3791 description: 'Selects a resource of the container: 3792 only resources limits and requests (limits.cpu, 3793 limits.memory, limits.ephemeral-storage, requests.cpu, 3794 requests.memory and requests.ephemeral-storage) 3795 are currently supported.' 3796 properties: 3797 containerName: 3798 description: 'Container name: required for volumes, 3799 optional for env vars' 3800 type: string 3801 divisor: 3802 anyOf: 3803 - type: integer 3804 - type: string 3805 description: Specifies the output format of the 3806 exposed resources, defaults to "1" 3807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 3808 x-kubernetes-int-or-string: true 3809 resource: 3810 description: 'Required: resource to select' 3811 type: string 3812 required: 3813 - resource 3814 type: object 3815 secretKeyRef: 3816 description: Selects a key of a secret in the pod's 3817 namespace 3818 properties: 3819 key: 3820 description: The key of the secret to select from. Must 3821 be a valid secret key. 3822 type: string 3823 name: 3824 description: 'Name of the referent. More info: 3825 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3826 TODO: Add other useful fields. apiVersion, kind, 3827 uid?' 3828 type: string 3829 optional: 3830 description: Specify whether the Secret or its 3831 key must be defined 3832 type: boolean 3833 required: 3834 - key 3835 type: object 3836 type: object 3837 required: 3838 - name 3839 type: object 3840 type: array 3841 envFrom: 3842 description: List of sources to populate environment variables 3843 in the container. The keys defined within a source must be 3844 a C_IDENTIFIER. All invalid keys will be reported as an event 3845 when the container is starting. When a key exists in multiple 3846 sources, the value associated with the last source will take 3847 precedence. Values defined by an Env with a duplicate key 3848 will take precedence. Cannot be updated. 3849 items: 3850 description: EnvFromSource represents the source of a set 3851 of ConfigMaps 3852 properties: 3853 configMapRef: 3854 description: The ConfigMap to select from 3855 properties: 3856 name: 3857 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3858 TODO: Add other useful fields. apiVersion, kind, 3859 uid?' 3860 type: string 3861 optional: 3862 description: Specify whether the ConfigMap must be 3863 defined 3864 type: boolean 3865 type: object 3866 prefix: 3867 description: An optional identifier to prepend to each 3868 key in the ConfigMap. Must be a C_IDENTIFIER. 3869 type: string 3870 secretRef: 3871 description: The Secret to select from 3872 properties: 3873 name: 3874 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3875 TODO: Add other useful fields. apiVersion, kind, 3876 uid?' 3877 type: string 3878 optional: 3879 description: Specify whether the Secret must be defined 3880 type: boolean 3881 type: object 3882 type: object 3883 type: array 3884 image: 3885 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3886 This field is optional to allow higher level config management 3887 to default or override container images in workload controllers 3888 like Deployments and StatefulSets.' 3889 type: string 3890 imagePullPolicy: 3891 description: 'Image pull policy. One of Always, Never, IfNotPresent. 3892 Defaults to Always if :latest tag is specified, or IfNotPresent 3893 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 3894 type: string 3895 lifecycle: 3896 description: Actions that the management system should take 3897 in response to container lifecycle events. Cannot be updated. 3898 properties: 3899 postStart: 3900 description: 'PostStart is called immediately after a container 3901 is created. If the handler fails, the container is terminated 3902 and restarted according to its restart policy. Other management 3903 of the container blocks until the hook completes. More 3904 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 3905 properties: 3906 exec: 3907 description: One and only one of the following should 3908 be specified. Exec specifies the action to take. 3909 properties: 3910 command: 3911 description: Command is the command line to execute 3912 inside the container, the working directory for 3913 the command is root ('/') in the container's 3914 filesystem. The command is simply exec'd, it is 3915 not run inside a shell, so traditional shell instructions 3916 ('|', etc) won't work. To use a shell, you need 3917 to explicitly call out to that shell. Exit status 3918 of 0 is treated as live/healthy and non-zero is 3919 unhealthy. 3920 items: 3921 type: string 3922 type: array 3923 type: object 3924 httpGet: 3925 description: HTTPGet specifies the http request to perform. 3926 properties: 3927 host: 3928 description: Host name to connect to, defaults to 3929 the pod IP. You probably want to set "Host" in 3930 httpHeaders instead. 3931 type: string 3932 httpHeaders: 3933 description: Custom headers to set in the request. 3934 HTTP allows repeated headers. 3935 items: 3936 description: HTTPHeader describes a custom header 3937 to be used in HTTP probes 3938 properties: 3939 name: 3940 description: The header field name 3941 type: string 3942 value: 3943 description: The header field value 3944 type: string 3945 required: 3946 - name 3947 - value 3948 type: object 3949 type: array 3950 path: 3951 description: Path to access on the HTTP server. 3952 type: string 3953 port: 3954 anyOf: 3955 - type: integer 3956 - type: string 3957 description: Name or number of the port to access 3958 on the container. Number must be in the range 3959 1 to 65535. Name must be an IANA_SVC_NAME. 3960 x-kubernetes-int-or-string: true 3961 scheme: 3962 description: Scheme to use for connecting to the 3963 host. Defaults to HTTP. 3964 type: string 3965 required: 3966 - port 3967 type: object 3968 tcpSocket: 3969 description: 'TCPSocket specifies an action involving 3970 a TCP port. TCP hooks not yet supported TODO: implement 3971 a realistic TCP lifecycle hook' 3972 properties: 3973 host: 3974 description: 'Optional: Host name to connect to, 3975 defaults to the pod IP.' 3976 type: string 3977 port: 3978 anyOf: 3979 - type: integer 3980 - type: string 3981 description: Number or name of the port to access 3982 on the container. Number must be in the range 3983 1 to 65535. Name must be an IANA_SVC_NAME. 3984 x-kubernetes-int-or-string: true 3985 required: 3986 - port 3987 type: object 3988 type: object 3989 preStop: 3990 description: 'PreStop is called immediately before a container 3991 is terminated due to an API request or management event 3992 such as liveness/startup probe failure, preemption, resource 3993 contention, etc. The handler is not called if the container 3994 crashes or exits. The reason for termination is passed 3995 to the handler. The Pod''s termination grace period countdown 3996 begins before the PreStop hooked is executed. Regardless 3997 of the outcome of the handler, the container will eventually 3998 terminate within the Pod''s termination grace period. 3999 Other management of the container blocks until the hook 4000 completes or until the termination grace period is reached. 4001 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 4002 properties: 4003 exec: 4004 description: One and only one of the following should 4005 be specified. Exec specifies the action to take. 4006 properties: 4007 command: 4008 description: Command is the command line to execute 4009 inside the container, the working directory for 4010 the command is root ('/') in the container's 4011 filesystem. The command is simply exec'd, it is 4012 not run inside a shell, so traditional shell instructions 4013 ('|', etc) won't work. To use a shell, you need 4014 to explicitly call out to that shell. Exit status 4015 of 0 is treated as live/healthy and non-zero is 4016 unhealthy. 4017 items: 4018 type: string 4019 type: array 4020 type: object 4021 httpGet: 4022 description: HTTPGet specifies the http request to perform. 4023 properties: 4024 host: 4025 description: Host name to connect to, defaults to 4026 the pod IP. You probably want to set "Host" in 4027 httpHeaders instead. 4028 type: string 4029 httpHeaders: 4030 description: Custom headers to set in the request. 4031 HTTP allows repeated headers. 4032 items: 4033 description: HTTPHeader describes a custom header 4034 to be used in HTTP probes 4035 properties: 4036 name: 4037 description: The header field name 4038 type: string 4039 value: 4040 description: The header field value 4041 type: string 4042 required: 4043 - name 4044 - value 4045 type: object 4046 type: array 4047 path: 4048 description: Path to access on the HTTP server. 4049 type: string 4050 port: 4051 anyOf: 4052 - type: integer 4053 - type: string 4054 description: Name or number of the port to access 4055 on the container. Number must be in the range 4056 1 to 65535. Name must be an IANA_SVC_NAME. 4057 x-kubernetes-int-or-string: true 4058 scheme: 4059 description: Scheme to use for connecting to the 4060 host. Defaults to HTTP. 4061 type: string 4062 required: 4063 - port 4064 type: object 4065 tcpSocket: 4066 description: 'TCPSocket specifies an action involving 4067 a TCP port. TCP hooks not yet supported TODO: implement 4068 a realistic TCP lifecycle hook' 4069 properties: 4070 host: 4071 description: 'Optional: Host name to connect to, 4072 defaults to the pod IP.' 4073 type: string 4074 port: 4075 anyOf: 4076 - type: integer 4077 - type: string 4078 description: Number or name of the port to access 4079 on the container. Number must be in the range 4080 1 to 65535. Name must be an IANA_SVC_NAME. 4081 x-kubernetes-int-or-string: true 4082 required: 4083 - port 4084 type: object 4085 type: object 4086 type: object 4087 livenessProbe: 4088 description: 'Periodic probe of container liveness. Container 4089 will be restarted if the probe fails. Cannot be updated. More 4090 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4091 properties: 4092 exec: 4093 description: One and only one of the following should be 4094 specified. Exec specifies the action to take. 4095 properties: 4096 command: 4097 description: Command is the command line to execute 4098 inside the container, the working directory for the 4099 command is root ('/') in the container's filesystem. 4100 The command is simply exec'd, it is not run inside 4101 a shell, so traditional shell instructions ('|', etc) 4102 won't work. To use a shell, you need to explicitly 4103 call out to that shell. Exit status of 0 is treated 4104 as live/healthy and non-zero is unhealthy. 4105 items: 4106 type: string 4107 type: array 4108 type: object 4109 failureThreshold: 4110 description: Minimum consecutive failures for the probe 4111 to be considered failed after having succeeded. Defaults 4112 to 3. Minimum value is 1. 4113 format: int32 4114 type: integer 4115 httpGet: 4116 description: HTTPGet specifies the http request to perform. 4117 properties: 4118 host: 4119 description: Host name to connect to, defaults to the 4120 pod IP. You probably want to set "Host" in httpHeaders 4121 instead. 4122 type: string 4123 httpHeaders: 4124 description: Custom headers to set in the request. HTTP 4125 allows repeated headers. 4126 items: 4127 description: HTTPHeader describes a custom header 4128 to be used in HTTP probes 4129 properties: 4130 name: 4131 description: The header field name 4132 type: string 4133 value: 4134 description: The header field value 4135 type: string 4136 required: 4137 - name 4138 - value 4139 type: object 4140 type: array 4141 path: 4142 description: Path to access on the HTTP server. 4143 type: string 4144 port: 4145 anyOf: 4146 - type: integer 4147 - type: string 4148 description: Name or number of the port to access on 4149 the container. Number must be in the range 1 to 65535. 4150 Name must be an IANA_SVC_NAME. 4151 x-kubernetes-int-or-string: true 4152 scheme: 4153 description: Scheme to use for connecting to the host. 4154 Defaults to HTTP. 4155 type: string 4156 required: 4157 - port 4158 type: object 4159 initialDelaySeconds: 4160 description: 'Number of seconds after the container has 4161 started before liveness probes are initiated. More info: 4162 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4163 format: int32 4164 type: integer 4165 periodSeconds: 4166 description: How often (in seconds) to perform the probe. 4167 Default to 10 seconds. Minimum value is 1. 4168 format: int32 4169 type: integer 4170 successThreshold: 4171 description: Minimum consecutive successes for the probe 4172 to be considered successful after having failed. Defaults 4173 to 1. Must be 1 for liveness and startup. Minimum value 4174 is 1. 4175 format: int32 4176 type: integer 4177 tcpSocket: 4178 description: 'TCPSocket specifies an action involving a 4179 TCP port. TCP hooks not yet supported TODO: implement 4180 a realistic TCP lifecycle hook' 4181 properties: 4182 host: 4183 description: 'Optional: Host name to connect to, defaults 4184 to the pod IP.' 4185 type: string 4186 port: 4187 anyOf: 4188 - type: integer 4189 - type: string 4190 description: Number or name of the port to access on 4191 the container. Number must be in the range 1 to 65535. 4192 Name must be an IANA_SVC_NAME. 4193 x-kubernetes-int-or-string: true 4194 required: 4195 - port 4196 type: object 4197 terminationGracePeriodSeconds: 4198 description: Optional duration in seconds the pod needs 4199 to terminate gracefully upon probe failure. The grace 4200 period is the duration in seconds after the processes 4201 running in the pod are sent a termination signal and the 4202 time when the processes are forcibly halted with a kill 4203 signal. Set this value longer than the expected cleanup 4204 time for your process. If this value is nil, the pod's 4205 terminationGracePeriodSeconds will be used. Otherwise, 4206 this value overrides the value provided by the pod spec. 4207 Value must be non-negative integer. The value zero indicates 4208 stop immediately via the kill signal (no opportunity to 4209 shut down). This is a beta field and requires enabling 4210 ProbeTerminationGracePeriod feature gate. Minimum value 4211 is 1. spec.terminationGracePeriodSeconds is used if unset. 4212 format: int64 4213 type: integer 4214 timeoutSeconds: 4215 description: 'Number of seconds after which the probe times 4216 out. Defaults to 1 second. Minimum value is 1. More info: 4217 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4218 format: int32 4219 type: integer 4220 type: object 4221 name: 4222 description: Name of the container specified as a DNS_LABEL. 4223 Each container in a pod must have a unique name (DNS_LABEL). 4224 Cannot be updated. 4225 type: string 4226 ports: 4227 description: List of ports to expose from the container. Exposing 4228 a port here gives the system additional information about 4229 the network connections a container uses, but is primarily 4230 informational. Not specifying a port here DOES NOT prevent 4231 that port from being exposed. Any port which is listening 4232 on the default "0.0.0.0" address inside a container will be 4233 accessible from the network. Cannot be updated. 4234 items: 4235 description: ContainerPort represents a network port in a 4236 single container. 4237 properties: 4238 containerPort: 4239 description: Number of port to expose on the pod's IP 4240 address. This must be a valid port number, 0 < x < 65536. 4241 format: int32 4242 type: integer 4243 hostIP: 4244 description: What host IP to bind the external port to. 4245 type: string 4246 hostPort: 4247 description: Number of port to expose on the host. If 4248 specified, this must be a valid port number, 0 < x < 4249 65536. If HostNetwork is specified, this must match 4250 ContainerPort. Most containers do not need this. 4251 format: int32 4252 type: integer 4253 name: 4254 description: If specified, this must be an IANA_SVC_NAME 4255 and unique within the pod. Each named port in a pod 4256 must have a unique name. Name for the port that can 4257 be referred to by services. 4258 type: string 4259 protocol: 4260 default: TCP 4261 description: Protocol for port. Must be UDP, TCP, or SCTP. 4262 Defaults to "TCP". 4263 type: string 4264 required: 4265 - containerPort 4266 type: object 4267 type: array 4268 x-kubernetes-list-map-keys: 4269 - containerPort 4270 - protocol 4271 x-kubernetes-list-type: map 4272 readinessProbe: 4273 description: 'Periodic probe of container service readiness. 4274 Container will be removed from service endpoints if the probe 4275 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4276 properties: 4277 exec: 4278 description: One and only one of the following should be 4279 specified. Exec specifies the action to take. 4280 properties: 4281 command: 4282 description: Command is the command line to execute 4283 inside the container, the working directory for the 4284 command is root ('/') in the container's filesystem. 4285 The command is simply exec'd, it is not run inside 4286 a shell, so traditional shell instructions ('|', etc) 4287 won't work. To use a shell, you need to explicitly 4288 call out to that shell. Exit status of 0 is treated 4289 as live/healthy and non-zero is unhealthy. 4290 items: 4291 type: string 4292 type: array 4293 type: object 4294 failureThreshold: 4295 description: Minimum consecutive failures for the probe 4296 to be considered failed after having succeeded. Defaults 4297 to 3. Minimum value is 1. 4298 format: int32 4299 type: integer 4300 httpGet: 4301 description: HTTPGet specifies the http request to perform. 4302 properties: 4303 host: 4304 description: Host name to connect to, defaults to the 4305 pod IP. You probably want to set "Host" in httpHeaders 4306 instead. 4307 type: string 4308 httpHeaders: 4309 description: Custom headers to set in the request. HTTP 4310 allows repeated headers. 4311 items: 4312 description: HTTPHeader describes a custom header 4313 to be used in HTTP probes 4314 properties: 4315 name: 4316 description: The header field name 4317 type: string 4318 value: 4319 description: The header field value 4320 type: string 4321 required: 4322 - name 4323 - value 4324 type: object 4325 type: array 4326 path: 4327 description: Path to access on the HTTP server. 4328 type: string 4329 port: 4330 anyOf: 4331 - type: integer 4332 - type: string 4333 description: Name or number of the port to access on 4334 the container. Number must be in the range 1 to 65535. 4335 Name must be an IANA_SVC_NAME. 4336 x-kubernetes-int-or-string: true 4337 scheme: 4338 description: Scheme to use for connecting to the host. 4339 Defaults to HTTP. 4340 type: string 4341 required: 4342 - port 4343 type: object 4344 initialDelaySeconds: 4345 description: 'Number of seconds after the container has 4346 started before liveness probes are initiated. More info: 4347 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4348 format: int32 4349 type: integer 4350 periodSeconds: 4351 description: How often (in seconds) to perform the probe. 4352 Default to 10 seconds. Minimum value is 1. 4353 format: int32 4354 type: integer 4355 successThreshold: 4356 description: Minimum consecutive successes for the probe 4357 to be considered successful after having failed. Defaults 4358 to 1. Must be 1 for liveness and startup. Minimum value 4359 is 1. 4360 format: int32 4361 type: integer 4362 tcpSocket: 4363 description: 'TCPSocket specifies an action involving a 4364 TCP port. TCP hooks not yet supported TODO: implement 4365 a realistic TCP lifecycle hook' 4366 properties: 4367 host: 4368 description: 'Optional: Host name to connect to, defaults 4369 to the pod IP.' 4370 type: string 4371 port: 4372 anyOf: 4373 - type: integer 4374 - type: string 4375 description: Number or name of the port to access on 4376 the container. Number must be in the range 1 to 65535. 4377 Name must be an IANA_SVC_NAME. 4378 x-kubernetes-int-or-string: true 4379 required: 4380 - port 4381 type: object 4382 terminationGracePeriodSeconds: 4383 description: Optional duration in seconds the pod needs 4384 to terminate gracefully upon probe failure. The grace 4385 period is the duration in seconds after the processes 4386 running in the pod are sent a termination signal and the 4387 time when the processes are forcibly halted with a kill 4388 signal. Set this value longer than the expected cleanup 4389 time for your process. If this value is nil, the pod's 4390 terminationGracePeriodSeconds will be used. Otherwise, 4391 this value overrides the value provided by the pod spec. 4392 Value must be non-negative integer. The value zero indicates 4393 stop immediately via the kill signal (no opportunity to 4394 shut down). This is a beta field and requires enabling 4395 ProbeTerminationGracePeriod feature gate. Minimum value 4396 is 1. spec.terminationGracePeriodSeconds is used if unset. 4397 format: int64 4398 type: integer 4399 timeoutSeconds: 4400 description: 'Number of seconds after which the probe times 4401 out. Defaults to 1 second. Minimum value is 1. More info: 4402 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4403 format: int32 4404 type: integer 4405 type: object 4406 resources: 4407 description: 'Compute Resources required by this container. 4408 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4409 properties: 4410 limits: 4411 additionalProperties: 4412 anyOf: 4413 - type: integer 4414 - type: string 4415 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4416 x-kubernetes-int-or-string: true 4417 description: 'Limits describes the maximum amount of compute 4418 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4419 type: object 4420 requests: 4421 additionalProperties: 4422 anyOf: 4423 - type: integer 4424 - type: string 4425 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 4426 x-kubernetes-int-or-string: true 4427 description: 'Requests describes the minimum amount of compute 4428 resources required. If Requests is omitted for a container, 4429 it defaults to Limits if that is explicitly specified, 4430 otherwise to an implementation-defined value. More info: 4431 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 4432 type: object 4433 type: object 4434 securityContext: 4435 description: 'SecurityContext defines the security options the 4436 container should be run with. If set, the fields of SecurityContext 4437 override the equivalent fields of PodSecurityContext. More 4438 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 4439 properties: 4440 allowPrivilegeEscalation: 4441 description: 'AllowPrivilegeEscalation controls whether 4442 a process can gain more privileges than its parent process. 4443 This bool directly controls if the no_new_privs flag will 4444 be set on the container process. AllowPrivilegeEscalation 4445 is true always when the container is: 1) run as Privileged 4446 2) has CAP_SYS_ADMIN' 4447 type: boolean 4448 capabilities: 4449 description: The capabilities to add/drop when running containers. 4450 Defaults to the default set of capabilities granted by 4451 the container runtime. 4452 properties: 4453 add: 4454 description: Added capabilities 4455 items: 4456 description: Capability represent POSIX capabilities 4457 type 4458 type: string 4459 type: array 4460 drop: 4461 description: Removed capabilities 4462 items: 4463 description: Capability represent POSIX capabilities 4464 type 4465 type: string 4466 type: array 4467 type: object 4468 privileged: 4469 description: Run container in privileged mode. Processes 4470 in privileged containers are essentially equivalent to 4471 root on the host. Defaults to false. 4472 type: boolean 4473 procMount: 4474 description: procMount denotes the type of proc mount to 4475 use for the containers. The default is DefaultProcMount 4476 which uses the container runtime defaults for readonly 4477 paths and masked paths. This requires the ProcMountType 4478 feature flag to be enabled. 4479 type: string 4480 readOnlyRootFilesystem: 4481 description: Whether this container has a read-only root 4482 filesystem. Default is false. 4483 type: boolean 4484 runAsGroup: 4485 description: The GID to run the entrypoint of the container 4486 process. Uses runtime default if unset. May also be set 4487 in PodSecurityContext. If set in both SecurityContext 4488 and PodSecurityContext, the value specified in SecurityContext 4489 takes precedence. 4490 format: int64 4491 type: integer 4492 runAsNonRoot: 4493 description: Indicates that the container must run as a 4494 non-root user. If true, the Kubelet will validate the 4495 image at runtime to ensure that it does not run as UID 4496 0 (root) and fail to start the container if it does. If 4497 unset or false, no such validation will be performed. 4498 May also be set in PodSecurityContext. If set in both 4499 SecurityContext and PodSecurityContext, the value specified 4500 in SecurityContext takes precedence. 4501 type: boolean 4502 runAsUser: 4503 description: The UID to run the entrypoint of the container 4504 process. Defaults to user specified in image metadata 4505 if unspecified. May also be set in PodSecurityContext. If 4506 set in both SecurityContext and PodSecurityContext, the 4507 value specified in SecurityContext takes precedence. 4508 format: int64 4509 type: integer 4510 seLinuxOptions: 4511 description: The SELinux context to be applied to the container. 4512 If unspecified, the container runtime will allocate a 4513 random SELinux context for each container. May also be 4514 set in PodSecurityContext. If set in both SecurityContext 4515 and PodSecurityContext, the value specified in SecurityContext 4516 takes precedence. 4517 properties: 4518 level: 4519 description: Level is SELinux level label that applies 4520 to the container. 4521 type: string 4522 role: 4523 description: Role is a SELinux role label that applies 4524 to the container. 4525 type: string 4526 type: 4527 description: Type is a SELinux type label that applies 4528 to the container. 4529 type: string 4530 user: 4531 description: User is a SELinux user label that applies 4532 to the container. 4533 type: string 4534 type: object 4535 seccompProfile: 4536 description: The seccomp options to use by this container. 4537 If seccomp options are provided at both the pod & container 4538 level, the container options override the pod options. 4539 properties: 4540 localhostProfile: 4541 description: localhostProfile indicates a profile defined 4542 in a file on the node should be used. The profile 4543 must be preconfigured on the node to work. Must be 4544 a descending path, relative to the kubelet's configured 4545 seccomp profile location. Must only be set if type 4546 is "Localhost". 4547 type: string 4548 type: 4549 description: "type indicates which kind of seccomp profile 4550 will be applied. Valid options are: \n Localhost - 4551 a profile defined in a file on the node should be 4552 used. RuntimeDefault - the container runtime default 4553 profile should be used. Unconfined - no profile should 4554 be applied." 4555 type: string 4556 required: 4557 - type 4558 type: object 4559 windowsOptions: 4560 description: The Windows specific settings applied to all 4561 containers. If unspecified, the options from the PodSecurityContext 4562 will be used. If set in both SecurityContext and PodSecurityContext, 4563 the value specified in SecurityContext takes precedence. 4564 properties: 4565 gmsaCredentialSpec: 4566 description: GMSACredentialSpec is where the GMSA admission 4567 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 4568 inlines the contents of the GMSA credential spec named 4569 by the GMSACredentialSpecName field. 4570 type: string 4571 gmsaCredentialSpecName: 4572 description: GMSACredentialSpecName is the name of the 4573 GMSA credential spec to use. 4574 type: string 4575 hostProcess: 4576 description: HostProcess determines if a container should 4577 be run as a 'Host Process' container. This field is 4578 alpha-level and will only be honored by components 4579 that enable the WindowsHostProcessContainers feature 4580 flag. Setting this field without the feature flag 4581 will result in errors when validating the Pod. All 4582 of a Pod's containers must have the same effective 4583 HostProcess value (it is not allowed to have a mix 4584 of HostProcess containers and non-HostProcess containers). In 4585 addition, if HostProcess is true then HostNetwork 4586 must also be set to true. 4587 type: boolean 4588 runAsUserName: 4589 description: The UserName in Windows to run the entrypoint 4590 of the container process. Defaults to the user specified 4591 in image metadata if unspecified. May also be set 4592 in PodSecurityContext. If set in both SecurityContext 4593 and PodSecurityContext, the value specified in SecurityContext 4594 takes precedence. 4595 type: string 4596 type: object 4597 type: object 4598 startupProbe: 4599 description: 'StartupProbe indicates that the Pod has successfully 4600 initialized. If specified, no other probes are executed until 4601 this completes successfully. If this probe fails, the Pod 4602 will be restarted, just as if the livenessProbe failed. This 4603 can be used to provide different probe parameters at the beginning 4604 of a Pod''s lifecycle, when it might take a long time to load 4605 data or warm a cache, than during steady-state operation. 4606 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4607 properties: 4608 exec: 4609 description: One and only one of the following should be 4610 specified. Exec specifies the action to take. 4611 properties: 4612 command: 4613 description: Command is the command line to execute 4614 inside the container, the working directory for the 4615 command is root ('/') in the container's filesystem. 4616 The command is simply exec'd, it is not run inside 4617 a shell, so traditional shell instructions ('|', etc) 4618 won't work. To use a shell, you need to explicitly 4619 call out to that shell. Exit status of 0 is treated 4620 as live/healthy and non-zero is unhealthy. 4621 items: 4622 type: string 4623 type: array 4624 type: object 4625 failureThreshold: 4626 description: Minimum consecutive failures for the probe 4627 to be considered failed after having succeeded. Defaults 4628 to 3. Minimum value is 1. 4629 format: int32 4630 type: integer 4631 httpGet: 4632 description: HTTPGet specifies the http request to perform. 4633 properties: 4634 host: 4635 description: Host name to connect to, defaults to the 4636 pod IP. You probably want to set "Host" in httpHeaders 4637 instead. 4638 type: string 4639 httpHeaders: 4640 description: Custom headers to set in the request. HTTP 4641 allows repeated headers. 4642 items: 4643 description: HTTPHeader describes a custom header 4644 to be used in HTTP probes 4645 properties: 4646 name: 4647 description: The header field name 4648 type: string 4649 value: 4650 description: The header field value 4651 type: string 4652 required: 4653 - name 4654 - value 4655 type: object 4656 type: array 4657 path: 4658 description: Path to access on the HTTP server. 4659 type: string 4660 port: 4661 anyOf: 4662 - type: integer 4663 - type: string 4664 description: Name or number of the port to access on 4665 the container. Number must be in the range 1 to 65535. 4666 Name must be an IANA_SVC_NAME. 4667 x-kubernetes-int-or-string: true 4668 scheme: 4669 description: Scheme to use for connecting to the host. 4670 Defaults to HTTP. 4671 type: string 4672 required: 4673 - port 4674 type: object 4675 initialDelaySeconds: 4676 description: 'Number of seconds after the container has 4677 started before liveness probes are initiated. More info: 4678 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4679 format: int32 4680 type: integer 4681 periodSeconds: 4682 description: How often (in seconds) to perform the probe. 4683 Default to 10 seconds. Minimum value is 1. 4684 format: int32 4685 type: integer 4686 successThreshold: 4687 description: Minimum consecutive successes for the probe 4688 to be considered successful after having failed. Defaults 4689 to 1. Must be 1 for liveness and startup. Minimum value 4690 is 1. 4691 format: int32 4692 type: integer 4693 tcpSocket: 4694 description: 'TCPSocket specifies an action involving a 4695 TCP port. TCP hooks not yet supported TODO: implement 4696 a realistic TCP lifecycle hook' 4697 properties: 4698 host: 4699 description: 'Optional: Host name to connect to, defaults 4700 to the pod IP.' 4701 type: string 4702 port: 4703 anyOf: 4704 - type: integer 4705 - type: string 4706 description: Number or name of the port to access on 4707 the container. Number must be in the range 1 to 65535. 4708 Name must be an IANA_SVC_NAME. 4709 x-kubernetes-int-or-string: true 4710 required: 4711 - port 4712 type: object 4713 terminationGracePeriodSeconds: 4714 description: Optional duration in seconds the pod needs 4715 to terminate gracefully upon probe failure. The grace 4716 period is the duration in seconds after the processes 4717 running in the pod are sent a termination signal and the 4718 time when the processes are forcibly halted with a kill 4719 signal. Set this value longer than the expected cleanup 4720 time for your process. If this value is nil, the pod's 4721 terminationGracePeriodSeconds will be used. Otherwise, 4722 this value overrides the value provided by the pod spec. 4723 Value must be non-negative integer. The value zero indicates 4724 stop immediately via the kill signal (no opportunity to 4725 shut down). This is a beta field and requires enabling 4726 ProbeTerminationGracePeriod feature gate. Minimum value 4727 is 1. spec.terminationGracePeriodSeconds is used if unset. 4728 format: int64 4729 type: integer 4730 timeoutSeconds: 4731 description: 'Number of seconds after which the probe times 4732 out. Defaults to 1 second. Minimum value is 1. More info: 4733 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 4734 format: int32 4735 type: integer 4736 type: object 4737 stdin: 4738 description: Whether this container should allocate a buffer 4739 for stdin in the container runtime. If this is not set, reads 4740 from stdin in the container will always result in EOF. Default 4741 is false. 4742 type: boolean 4743 stdinOnce: 4744 description: Whether the container runtime should close the 4745 stdin channel after it has been opened by a single attach. 4746 When stdin is true the stdin stream will remain open across 4747 multiple attach sessions. If stdinOnce is set to true, stdin 4748 is opened on container start, is empty until the first client 4749 attaches to stdin, and then remains open and accepts data 4750 until the client disconnects, at which time stdin is closed 4751 and remains closed until the container is restarted. If this 4752 flag is false, a container processes that reads from stdin 4753 will never receive an EOF. Default is false 4754 type: boolean 4755 terminationMessagePath: 4756 description: 'Optional: Path at which the file to which the 4757 container''s termination message will be written is mounted 4758 into the container''s filesystem. Message written is intended 4759 to be brief final status, such as an assertion failure message. 4760 Will be truncated by the node if greater than 4096 bytes. 4761 The total message length across all containers will be limited 4762 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 4763 type: string 4764 terminationMessagePolicy: 4765 description: Indicate how the termination message should be 4766 populated. File will use the contents of terminationMessagePath 4767 to populate the container status message on both success and 4768 failure. FallbackToLogsOnError will use the last chunk of 4769 container log output if the termination message file is empty 4770 and the container exited with an error. The log output is 4771 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 4772 to File. Cannot be updated. 4773 type: string 4774 tty: 4775 description: Whether this container should allocate a TTY for 4776 itself, also requires 'stdin' to be true. Default is false. 4777 type: boolean 4778 volumeDevices: 4779 description: volumeDevices is the list of block devices to be 4780 used by the container. 4781 items: 4782 description: volumeDevice describes a mapping of a raw block 4783 device within a container. 4784 properties: 4785 devicePath: 4786 description: devicePath is the path inside of the container 4787 that the device will be mapped to. 4788 type: string 4789 name: 4790 description: name must match the name of a persistentVolumeClaim 4791 in the pod 4792 type: string 4793 required: 4794 - devicePath 4795 - name 4796 type: object 4797 type: array 4798 volumeMounts: 4799 description: Pod volumes to mount into the container's filesystem. 4800 Cannot be updated. 4801 items: 4802 description: VolumeMount describes a mounting of a Volume 4803 within a container. 4804 properties: 4805 mountPath: 4806 description: Path within the container at which the volume 4807 should be mounted. Must not contain ':'. 4808 type: string 4809 mountPropagation: 4810 description: mountPropagation determines how mounts are 4811 propagated from the host to container and the other 4812 way around. When not set, MountPropagationNone is used. 4813 This field is beta in 1.10. 4814 type: string 4815 name: 4816 description: This must match the Name of a Volume. 4817 type: string 4818 readOnly: 4819 description: Mounted read-only if true, read-write otherwise 4820 (false or unspecified). Defaults to false. 4821 type: boolean 4822 subPath: 4823 description: Path within the volume from which the container's 4824 volume should be mounted. Defaults to "" (volume's root). 4825 type: string 4826 subPathExpr: 4827 description: Expanded path within the volume from which 4828 the container's volume should be mounted. Behaves similarly 4829 to SubPath but environment variable references $(VAR_NAME) 4830 are expanded using the container's environment. Defaults 4831 to "" (volume's root). SubPathExpr and SubPath are mutually 4832 exclusive. 4833 type: string 4834 required: 4835 - mountPath 4836 - name 4837 type: object 4838 type: array 4839 workingDir: 4840 description: Container's working directory. If not specified, 4841 the container runtime's default will be used, which might 4842 be configured in the container image. Cannot be updated. 4843 type: string 4844 required: 4845 - name 4846 type: object 4847 type: array 4848 externalUrl: 4849 description: The external URL the Alertmanager instances will be available 4850 under. This is necessary to generate correct URLs. This is necessary 4851 if Alertmanager is not served from root of a DNS name. 4852 type: string 4853 forceEnableClusterMode: 4854 description: ForceEnableClusterMode ensures Alertmanager does not 4855 deactivate the cluster mode when running with a single replica. 4856 Use case is e.g. spanning an Alertmanager cluster across Kubernetes 4857 clusters with a single replica in each. 4858 type: boolean 4859 image: 4860 description: Image if specified has precedence over baseImage, tag 4861 and sha combinations. Specifying the version is still necessary 4862 to ensure the Prometheus Operator knows what version of Alertmanager 4863 is being configured. 4864 type: string 4865 imagePullSecrets: 4866 description: An optional list of references to secrets in the same 4867 namespace to use for pulling prometheus and alertmanager images 4868 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 4869 items: 4870 description: LocalObjectReference contains enough information to 4871 let you locate the referenced object inside the same namespace. 4872 properties: 4873 name: 4874 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4875 TODO: Add other useful fields. apiVersion, kind, uid?' 4876 type: string 4877 type: object 4878 type: array 4879 initContainers: 4880 description: 'InitContainers allows adding initContainers to the pod 4881 definition. Those can be used to e.g. fetch secrets for injection 4882 into the Alertmanager configuration from external sources. Any errors 4883 during the execution of an initContainer will lead to a restart 4884 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 4885 Using initContainers for any use case other then secret fetching 4886 is entirely outside the scope of what the maintainers will support 4887 and by doing so, you accept that this behaviour may break at any 4888 time without notice.' 4889 items: 4890 description: A single application container that you want to run 4891 within a pod. 4892 properties: 4893 args: 4894 description: 'Arguments to the entrypoint. The docker image''s 4895 CMD is used if this is not provided. Variable references $(VAR_NAME) 4896 are expanded using the container''s environment. If a variable 4897 cannot be resolved, the reference in the input string will 4898 be unchanged. Double $$ are reduced to a single $, which allows 4899 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 4900 produce the string literal "$(VAR_NAME)". Escaped references 4901 will never be expanded, regardless of whether the variable 4902 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4903 items: 4904 type: string 4905 type: array 4906 command: 4907 description: 'Entrypoint array. Not executed within a shell. 4908 The docker image''s ENTRYPOINT is used if this is not provided. 4909 Variable references $(VAR_NAME) are expanded using the container''s 4910 environment. If a variable cannot be resolved, the reference 4911 in the input string will be unchanged. Double $$ are reduced 4912 to a single $, which allows for escaping the $(VAR_NAME) syntax: 4913 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 4914 Escaped references will never be expanded, regardless of whether 4915 the variable exists or not. Cannot be updated. More info: 4916 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 4917 items: 4918 type: string 4919 type: array 4920 env: 4921 description: List of environment variables to set in the container. 4922 Cannot be updated. 4923 items: 4924 description: EnvVar represents an environment variable present 4925 in a Container. 4926 properties: 4927 name: 4928 description: Name of the environment variable. Must be 4929 a C_IDENTIFIER. 4930 type: string 4931 value: 4932 description: 'Variable references $(VAR_NAME) are expanded 4933 using the previously defined environment variables in 4934 the container and any service environment variables. 4935 If a variable cannot be resolved, the reference in the 4936 input string will be unchanged. Double $$ are reduced 4937 to a single $, which allows for escaping the $(VAR_NAME) 4938 syntax: i.e. "$$(VAR_NAME)" will produce the string 4939 literal "$(VAR_NAME)". Escaped references will never 4940 be expanded, regardless of whether the variable exists 4941 or not. Defaults to "".' 4942 type: string 4943 valueFrom: 4944 description: Source for the environment variable's value. 4945 Cannot be used if value is not empty. 4946 properties: 4947 configMapKeyRef: 4948 description: Selects a key of a ConfigMap. 4949 properties: 4950 key: 4951 description: The key to select. 4952 type: string 4953 name: 4954 description: 'Name of the referent. More info: 4955 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4956 TODO: Add other useful fields. apiVersion, kind, 4957 uid?' 4958 type: string 4959 optional: 4960 description: Specify whether the ConfigMap or 4961 its key must be defined 4962 type: boolean 4963 required: 4964 - key 4965 type: object 4966 fieldRef: 4967 description: 'Selects a field of the pod: supports 4968 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 4969 `metadata.annotations[''<KEY>'']`, spec.nodeName, 4970 spec.serviceAccountName, status.hostIP, status.podIP, 4971 status.podIPs.' 4972 properties: 4973 apiVersion: 4974 description: Version of the schema the FieldPath 4975 is written in terms of, defaults to "v1". 4976 type: string 4977 fieldPath: 4978 description: Path of the field to select in the 4979 specified API version. 4980 type: string 4981 required: 4982 - fieldPath 4983 type: object 4984 resourceFieldRef: 4985 description: 'Selects a resource of the container: 4986 only resources limits and requests (limits.cpu, 4987 limits.memory, limits.ephemeral-storage, requests.cpu, 4988 requests.memory and requests.ephemeral-storage) 4989 are currently supported.' 4990 properties: 4991 containerName: 4992 description: 'Container name: required for volumes, 4993 optional for env vars' 4994 type: string 4995 divisor: 4996 anyOf: 4997 - type: integer 4998 - type: string 4999 description: Specifies the output format of the 5000 exposed resources, defaults to "1" 5001 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5002 x-kubernetes-int-or-string: true 5003 resource: 5004 description: 'Required: resource to select' 5005 type: string 5006 required: 5007 - resource 5008 type: object 5009 secretKeyRef: 5010 description: Selects a key of a secret in the pod's 5011 namespace 5012 properties: 5013 key: 5014 description: The key of the secret to select from. Must 5015 be a valid secret key. 5016 type: string 5017 name: 5018 description: 'Name of the referent. More info: 5019 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5020 TODO: Add other useful fields. apiVersion, kind, 5021 uid?' 5022 type: string 5023 optional: 5024 description: Specify whether the Secret or its 5025 key must be defined 5026 type: boolean 5027 required: 5028 - key 5029 type: object 5030 type: object 5031 required: 5032 - name 5033 type: object 5034 type: array 5035 envFrom: 5036 description: List of sources to populate environment variables 5037 in the container. The keys defined within a source must be 5038 a C_IDENTIFIER. All invalid keys will be reported as an event 5039 when the container is starting. When a key exists in multiple 5040 sources, the value associated with the last source will take 5041 precedence. Values defined by an Env with a duplicate key 5042 will take precedence. Cannot be updated. 5043 items: 5044 description: EnvFromSource represents the source of a set 5045 of ConfigMaps 5046 properties: 5047 configMapRef: 5048 description: The ConfigMap to select from 5049 properties: 5050 name: 5051 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5052 TODO: Add other useful fields. apiVersion, kind, 5053 uid?' 5054 type: string 5055 optional: 5056 description: Specify whether the ConfigMap must be 5057 defined 5058 type: boolean 5059 type: object 5060 prefix: 5061 description: An optional identifier to prepend to each 5062 key in the ConfigMap. Must be a C_IDENTIFIER. 5063 type: string 5064 secretRef: 5065 description: The Secret to select from 5066 properties: 5067 name: 5068 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5069 TODO: Add other useful fields. apiVersion, kind, 5070 uid?' 5071 type: string 5072 optional: 5073 description: Specify whether the Secret must be defined 5074 type: boolean 5075 type: object 5076 type: object 5077 type: array 5078 image: 5079 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5080 This field is optional to allow higher level config management 5081 to default or override container images in workload controllers 5082 like Deployments and StatefulSets.' 5083 type: string 5084 imagePullPolicy: 5085 description: 'Image pull policy. One of Always, Never, IfNotPresent. 5086 Defaults to Always if :latest tag is specified, or IfNotPresent 5087 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 5088 type: string 5089 lifecycle: 5090 description: Actions that the management system should take 5091 in response to container lifecycle events. Cannot be updated. 5092 properties: 5093 postStart: 5094 description: 'PostStart is called immediately after a container 5095 is created. If the handler fails, the container is terminated 5096 and restarted according to its restart policy. Other management 5097 of the container blocks until the hook completes. More 5098 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5099 properties: 5100 exec: 5101 description: One and only one of the following should 5102 be specified. Exec specifies the action to take. 5103 properties: 5104 command: 5105 description: Command is the command line to execute 5106 inside the container, the working directory for 5107 the command is root ('/') in the container's 5108 filesystem. The command is simply exec'd, it is 5109 not run inside a shell, so traditional shell instructions 5110 ('|', etc) won't work. To use a shell, you need 5111 to explicitly call out to that shell. Exit status 5112 of 0 is treated as live/healthy and non-zero is 5113 unhealthy. 5114 items: 5115 type: string 5116 type: array 5117 type: object 5118 httpGet: 5119 description: HTTPGet specifies the http request to perform. 5120 properties: 5121 host: 5122 description: Host name to connect to, defaults to 5123 the pod IP. You probably want to set "Host" in 5124 httpHeaders instead. 5125 type: string 5126 httpHeaders: 5127 description: Custom headers to set in the request. 5128 HTTP allows repeated headers. 5129 items: 5130 description: HTTPHeader describes a custom header 5131 to be used in HTTP probes 5132 properties: 5133 name: 5134 description: The header field name 5135 type: string 5136 value: 5137 description: The header field value 5138 type: string 5139 required: 5140 - name 5141 - value 5142 type: object 5143 type: array 5144 path: 5145 description: Path to access on the HTTP server. 5146 type: string 5147 port: 5148 anyOf: 5149 - type: integer 5150 - type: string 5151 description: Name or number of the port to access 5152 on the container. Number must be in the range 5153 1 to 65535. Name must be an IANA_SVC_NAME. 5154 x-kubernetes-int-or-string: true 5155 scheme: 5156 description: Scheme to use for connecting to the 5157 host. Defaults to HTTP. 5158 type: string 5159 required: 5160 - port 5161 type: object 5162 tcpSocket: 5163 description: 'TCPSocket specifies an action involving 5164 a TCP port. TCP hooks not yet supported TODO: implement 5165 a realistic TCP lifecycle hook' 5166 properties: 5167 host: 5168 description: 'Optional: Host name to connect to, 5169 defaults to the pod IP.' 5170 type: string 5171 port: 5172 anyOf: 5173 - type: integer 5174 - type: string 5175 description: Number or name of the port to access 5176 on the container. Number must be in the range 5177 1 to 65535. Name must be an IANA_SVC_NAME. 5178 x-kubernetes-int-or-string: true 5179 required: 5180 - port 5181 type: object 5182 type: object 5183 preStop: 5184 description: 'PreStop is called immediately before a container 5185 is terminated due to an API request or management event 5186 such as liveness/startup probe failure, preemption, resource 5187 contention, etc. The handler is not called if the container 5188 crashes or exits. The reason for termination is passed 5189 to the handler. The Pod''s termination grace period countdown 5190 begins before the PreStop hooked is executed. Regardless 5191 of the outcome of the handler, the container will eventually 5192 terminate within the Pod''s termination grace period. 5193 Other management of the container blocks until the hook 5194 completes or until the termination grace period is reached. 5195 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 5196 properties: 5197 exec: 5198 description: One and only one of the following should 5199 be specified. Exec specifies the action to take. 5200 properties: 5201 command: 5202 description: Command is the command line to execute 5203 inside the container, the working directory for 5204 the command is root ('/') in the container's 5205 filesystem. The command is simply exec'd, it is 5206 not run inside a shell, so traditional shell instructions 5207 ('|', etc) won't work. To use a shell, you need 5208 to explicitly call out to that shell. Exit status 5209 of 0 is treated as live/healthy and non-zero is 5210 unhealthy. 5211 items: 5212 type: string 5213 type: array 5214 type: object 5215 httpGet: 5216 description: HTTPGet specifies the http request to perform. 5217 properties: 5218 host: 5219 description: Host name to connect to, defaults to 5220 the pod IP. You probably want to set "Host" in 5221 httpHeaders instead. 5222 type: string 5223 httpHeaders: 5224 description: Custom headers to set in the request. 5225 HTTP allows repeated headers. 5226 items: 5227 description: HTTPHeader describes a custom header 5228 to be used in HTTP probes 5229 properties: 5230 name: 5231 description: The header field name 5232 type: string 5233 value: 5234 description: The header field value 5235 type: string 5236 required: 5237 - name 5238 - value 5239 type: object 5240 type: array 5241 path: 5242 description: Path to access on the HTTP server. 5243 type: string 5244 port: 5245 anyOf: 5246 - type: integer 5247 - type: string 5248 description: Name or number of the port to access 5249 on the container. Number must be in the range 5250 1 to 65535. Name must be an IANA_SVC_NAME. 5251 x-kubernetes-int-or-string: true 5252 scheme: 5253 description: Scheme to use for connecting to the 5254 host. Defaults to HTTP. 5255 type: string 5256 required: 5257 - port 5258 type: object 5259 tcpSocket: 5260 description: 'TCPSocket specifies an action involving 5261 a TCP port. TCP hooks not yet supported TODO: implement 5262 a realistic TCP lifecycle hook' 5263 properties: 5264 host: 5265 description: 'Optional: Host name to connect to, 5266 defaults to the pod IP.' 5267 type: string 5268 port: 5269 anyOf: 5270 - type: integer 5271 - type: string 5272 description: Number or name of the port to access 5273 on the container. Number must be in the range 5274 1 to 65535. Name must be an IANA_SVC_NAME. 5275 x-kubernetes-int-or-string: true 5276 required: 5277 - port 5278 type: object 5279 type: object 5280 type: object 5281 livenessProbe: 5282 description: 'Periodic probe of container liveness. Container 5283 will be restarted if the probe fails. Cannot be updated. More 5284 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5285 properties: 5286 exec: 5287 description: One and only one of the following should be 5288 specified. Exec specifies the action to take. 5289 properties: 5290 command: 5291 description: Command is the command line to execute 5292 inside the container, the working directory for the 5293 command is root ('/') in the container's filesystem. 5294 The command is simply exec'd, it is not run inside 5295 a shell, so traditional shell instructions ('|', etc) 5296 won't work. To use a shell, you need to explicitly 5297 call out to that shell. Exit status of 0 is treated 5298 as live/healthy and non-zero is unhealthy. 5299 items: 5300 type: string 5301 type: array 5302 type: object 5303 failureThreshold: 5304 description: Minimum consecutive failures for the probe 5305 to be considered failed after having succeeded. Defaults 5306 to 3. Minimum value is 1. 5307 format: int32 5308 type: integer 5309 httpGet: 5310 description: HTTPGet specifies the http request to perform. 5311 properties: 5312 host: 5313 description: Host name to connect to, defaults to the 5314 pod IP. You probably want to set "Host" in httpHeaders 5315 instead. 5316 type: string 5317 httpHeaders: 5318 description: Custom headers to set in the request. HTTP 5319 allows repeated headers. 5320 items: 5321 description: HTTPHeader describes a custom header 5322 to be used in HTTP probes 5323 properties: 5324 name: 5325 description: The header field name 5326 type: string 5327 value: 5328 description: The header field value 5329 type: string 5330 required: 5331 - name 5332 - value 5333 type: object 5334 type: array 5335 path: 5336 description: Path to access on the HTTP server. 5337 type: string 5338 port: 5339 anyOf: 5340 - type: integer 5341 - type: string 5342 description: Name or number of the port to access on 5343 the container. Number must be in the range 1 to 65535. 5344 Name must be an IANA_SVC_NAME. 5345 x-kubernetes-int-or-string: true 5346 scheme: 5347 description: Scheme to use for connecting to the host. 5348 Defaults to HTTP. 5349 type: string 5350 required: 5351 - port 5352 type: object 5353 initialDelaySeconds: 5354 description: 'Number of seconds after the container has 5355 started before liveness probes are initiated. More info: 5356 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5357 format: int32 5358 type: integer 5359 periodSeconds: 5360 description: How often (in seconds) to perform the probe. 5361 Default to 10 seconds. Minimum value is 1. 5362 format: int32 5363 type: integer 5364 successThreshold: 5365 description: Minimum consecutive successes for the probe 5366 to be considered successful after having failed. Defaults 5367 to 1. Must be 1 for liveness and startup. Minimum value 5368 is 1. 5369 format: int32 5370 type: integer 5371 tcpSocket: 5372 description: 'TCPSocket specifies an action involving a 5373 TCP port. TCP hooks not yet supported TODO: implement 5374 a realistic TCP lifecycle hook' 5375 properties: 5376 host: 5377 description: 'Optional: Host name to connect to, defaults 5378 to the pod IP.' 5379 type: string 5380 port: 5381 anyOf: 5382 - type: integer 5383 - type: string 5384 description: Number or name of the port to access on 5385 the container. Number must be in the range 1 to 65535. 5386 Name must be an IANA_SVC_NAME. 5387 x-kubernetes-int-or-string: true 5388 required: 5389 - port 5390 type: object 5391 terminationGracePeriodSeconds: 5392 description: Optional duration in seconds the pod needs 5393 to terminate gracefully upon probe failure. The grace 5394 period is the duration in seconds after the processes 5395 running in the pod are sent a termination signal and the 5396 time when the processes are forcibly halted with a kill 5397 signal. Set this value longer than the expected cleanup 5398 time for your process. If this value is nil, the pod's 5399 terminationGracePeriodSeconds will be used. Otherwise, 5400 this value overrides the value provided by the pod spec. 5401 Value must be non-negative integer. The value zero indicates 5402 stop immediately via the kill signal (no opportunity to 5403 shut down). This is a beta field and requires enabling 5404 ProbeTerminationGracePeriod feature gate. Minimum value 5405 is 1. spec.terminationGracePeriodSeconds is used if unset. 5406 format: int64 5407 type: integer 5408 timeoutSeconds: 5409 description: 'Number of seconds after which the probe times 5410 out. Defaults to 1 second. Minimum value is 1. More info: 5411 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5412 format: int32 5413 type: integer 5414 type: object 5415 name: 5416 description: Name of the container specified as a DNS_LABEL. 5417 Each container in a pod must have a unique name (DNS_LABEL). 5418 Cannot be updated. 5419 type: string 5420 ports: 5421 description: List of ports to expose from the container. Exposing 5422 a port here gives the system additional information about 5423 the network connections a container uses, but is primarily 5424 informational. Not specifying a port here DOES NOT prevent 5425 that port from being exposed. Any port which is listening 5426 on the default "0.0.0.0" address inside a container will be 5427 accessible from the network. Cannot be updated. 5428 items: 5429 description: ContainerPort represents a network port in a 5430 single container. 5431 properties: 5432 containerPort: 5433 description: Number of port to expose on the pod's IP 5434 address. This must be a valid port number, 0 < x < 65536. 5435 format: int32 5436 type: integer 5437 hostIP: 5438 description: What host IP to bind the external port to. 5439 type: string 5440 hostPort: 5441 description: Number of port to expose on the host. If 5442 specified, this must be a valid port number, 0 < x < 5443 65536. If HostNetwork is specified, this must match 5444 ContainerPort. Most containers do not need this. 5445 format: int32 5446 type: integer 5447 name: 5448 description: If specified, this must be an IANA_SVC_NAME 5449 and unique within the pod. Each named port in a pod 5450 must have a unique name. Name for the port that can 5451 be referred to by services. 5452 type: string 5453 protocol: 5454 default: TCP 5455 description: Protocol for port. Must be UDP, TCP, or SCTP. 5456 Defaults to "TCP". 5457 type: string 5458 required: 5459 - containerPort 5460 type: object 5461 type: array 5462 x-kubernetes-list-map-keys: 5463 - containerPort 5464 - protocol 5465 x-kubernetes-list-type: map 5466 readinessProbe: 5467 description: 'Periodic probe of container service readiness. 5468 Container will be removed from service endpoints if the probe 5469 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5470 properties: 5471 exec: 5472 description: One and only one of the following should be 5473 specified. Exec specifies the action to take. 5474 properties: 5475 command: 5476 description: Command is the command line to execute 5477 inside the container, the working directory for the 5478 command is root ('/') in the container's filesystem. 5479 The command is simply exec'd, it is not run inside 5480 a shell, so traditional shell instructions ('|', etc) 5481 won't work. To use a shell, you need to explicitly 5482 call out to that shell. Exit status of 0 is treated 5483 as live/healthy and non-zero is unhealthy. 5484 items: 5485 type: string 5486 type: array 5487 type: object 5488 failureThreshold: 5489 description: Minimum consecutive failures for the probe 5490 to be considered failed after having succeeded. Defaults 5491 to 3. Minimum value is 1. 5492 format: int32 5493 type: integer 5494 httpGet: 5495 description: HTTPGet specifies the http request to perform. 5496 properties: 5497 host: 5498 description: Host name to connect to, defaults to the 5499 pod IP. You probably want to set "Host" in httpHeaders 5500 instead. 5501 type: string 5502 httpHeaders: 5503 description: Custom headers to set in the request. HTTP 5504 allows repeated headers. 5505 items: 5506 description: HTTPHeader describes a custom header 5507 to be used in HTTP probes 5508 properties: 5509 name: 5510 description: The header field name 5511 type: string 5512 value: 5513 description: The header field value 5514 type: string 5515 required: 5516 - name 5517 - value 5518 type: object 5519 type: array 5520 path: 5521 description: Path to access on the HTTP server. 5522 type: string 5523 port: 5524 anyOf: 5525 - type: integer 5526 - type: string 5527 description: Name or number of the port to access on 5528 the container. Number must be in the range 1 to 65535. 5529 Name must be an IANA_SVC_NAME. 5530 x-kubernetes-int-or-string: true 5531 scheme: 5532 description: Scheme to use for connecting to the host. 5533 Defaults to HTTP. 5534 type: string 5535 required: 5536 - port 5537 type: object 5538 initialDelaySeconds: 5539 description: 'Number of seconds after the container has 5540 started before liveness probes are initiated. More info: 5541 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5542 format: int32 5543 type: integer 5544 periodSeconds: 5545 description: How often (in seconds) to perform the probe. 5546 Default to 10 seconds. Minimum value is 1. 5547 format: int32 5548 type: integer 5549 successThreshold: 5550 description: Minimum consecutive successes for the probe 5551 to be considered successful after having failed. Defaults 5552 to 1. Must be 1 for liveness and startup. Minimum value 5553 is 1. 5554 format: int32 5555 type: integer 5556 tcpSocket: 5557 description: 'TCPSocket specifies an action involving a 5558 TCP port. TCP hooks not yet supported TODO: implement 5559 a realistic TCP lifecycle hook' 5560 properties: 5561 host: 5562 description: 'Optional: Host name to connect to, defaults 5563 to the pod IP.' 5564 type: string 5565 port: 5566 anyOf: 5567 - type: integer 5568 - type: string 5569 description: Number or name of the port to access on 5570 the container. Number must be in the range 1 to 65535. 5571 Name must be an IANA_SVC_NAME. 5572 x-kubernetes-int-or-string: true 5573 required: 5574 - port 5575 type: object 5576 terminationGracePeriodSeconds: 5577 description: Optional duration in seconds the pod needs 5578 to terminate gracefully upon probe failure. The grace 5579 period is the duration in seconds after the processes 5580 running in the pod are sent a termination signal and the 5581 time when the processes are forcibly halted with a kill 5582 signal. Set this value longer than the expected cleanup 5583 time for your process. If this value is nil, the pod's 5584 terminationGracePeriodSeconds will be used. Otherwise, 5585 this value overrides the value provided by the pod spec. 5586 Value must be non-negative integer. The value zero indicates 5587 stop immediately via the kill signal (no opportunity to 5588 shut down). This is a beta field and requires enabling 5589 ProbeTerminationGracePeriod feature gate. Minimum value 5590 is 1. spec.terminationGracePeriodSeconds is used if unset. 5591 format: int64 5592 type: integer 5593 timeoutSeconds: 5594 description: 'Number of seconds after which the probe times 5595 out. Defaults to 1 second. Minimum value is 1. More info: 5596 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5597 format: int32 5598 type: integer 5599 type: object 5600 resources: 5601 description: 'Compute Resources required by this container. 5602 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5603 properties: 5604 limits: 5605 additionalProperties: 5606 anyOf: 5607 - type: integer 5608 - type: string 5609 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5610 x-kubernetes-int-or-string: true 5611 description: 'Limits describes the maximum amount of compute 5612 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5613 type: object 5614 requests: 5615 additionalProperties: 5616 anyOf: 5617 - type: integer 5618 - type: string 5619 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 5620 x-kubernetes-int-or-string: true 5621 description: 'Requests describes the minimum amount of compute 5622 resources required. If Requests is omitted for a container, 5623 it defaults to Limits if that is explicitly specified, 5624 otherwise to an implementation-defined value. More info: 5625 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 5626 type: object 5627 type: object 5628 securityContext: 5629 description: 'SecurityContext defines the security options the 5630 container should be run with. If set, the fields of SecurityContext 5631 override the equivalent fields of PodSecurityContext. More 5632 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 5633 properties: 5634 allowPrivilegeEscalation: 5635 description: 'AllowPrivilegeEscalation controls whether 5636 a process can gain more privileges than its parent process. 5637 This bool directly controls if the no_new_privs flag will 5638 be set on the container process. AllowPrivilegeEscalation 5639 is true always when the container is: 1) run as Privileged 5640 2) has CAP_SYS_ADMIN' 5641 type: boolean 5642 capabilities: 5643 description: The capabilities to add/drop when running containers. 5644 Defaults to the default set of capabilities granted by 5645 the container runtime. 5646 properties: 5647 add: 5648 description: Added capabilities 5649 items: 5650 description: Capability represent POSIX capabilities 5651 type 5652 type: string 5653 type: array 5654 drop: 5655 description: Removed capabilities 5656 items: 5657 description: Capability represent POSIX capabilities 5658 type 5659 type: string 5660 type: array 5661 type: object 5662 privileged: 5663 description: Run container in privileged mode. Processes 5664 in privileged containers are essentially equivalent to 5665 root on the host. Defaults to false. 5666 type: boolean 5667 procMount: 5668 description: procMount denotes the type of proc mount to 5669 use for the containers. The default is DefaultProcMount 5670 which uses the container runtime defaults for readonly 5671 paths and masked paths. This requires the ProcMountType 5672 feature flag to be enabled. 5673 type: string 5674 readOnlyRootFilesystem: 5675 description: Whether this container has a read-only root 5676 filesystem. Default is false. 5677 type: boolean 5678 runAsGroup: 5679 description: The GID to run the entrypoint of the container 5680 process. Uses runtime default if unset. May also be set 5681 in PodSecurityContext. If set in both SecurityContext 5682 and PodSecurityContext, the value specified in SecurityContext 5683 takes precedence. 5684 format: int64 5685 type: integer 5686 runAsNonRoot: 5687 description: Indicates that the container must run as a 5688 non-root user. If true, the Kubelet will validate the 5689 image at runtime to ensure that it does not run as UID 5690 0 (root) and fail to start the container if it does. If 5691 unset or false, no such validation will be performed. 5692 May also be set in PodSecurityContext. If set in both 5693 SecurityContext and PodSecurityContext, the value specified 5694 in SecurityContext takes precedence. 5695 type: boolean 5696 runAsUser: 5697 description: The UID to run the entrypoint of the container 5698 process. Defaults to user specified in image metadata 5699 if unspecified. May also be set in PodSecurityContext. If 5700 set in both SecurityContext and PodSecurityContext, the 5701 value specified in SecurityContext takes precedence. 5702 format: int64 5703 type: integer 5704 seLinuxOptions: 5705 description: The SELinux context to be applied to the container. 5706 If unspecified, the container runtime will allocate a 5707 random SELinux context for each container. May also be 5708 set in PodSecurityContext. If set in both SecurityContext 5709 and PodSecurityContext, the value specified in SecurityContext 5710 takes precedence. 5711 properties: 5712 level: 5713 description: Level is SELinux level label that applies 5714 to the container. 5715 type: string 5716 role: 5717 description: Role is a SELinux role label that applies 5718 to the container. 5719 type: string 5720 type: 5721 description: Type is a SELinux type label that applies 5722 to the container. 5723 type: string 5724 user: 5725 description: User is a SELinux user label that applies 5726 to the container. 5727 type: string 5728 type: object 5729 seccompProfile: 5730 description: The seccomp options to use by this container. 5731 If seccomp options are provided at both the pod & container 5732 level, the container options override the pod options. 5733 properties: 5734 localhostProfile: 5735 description: localhostProfile indicates a profile defined 5736 in a file on the node should be used. The profile 5737 must be preconfigured on the node to work. Must be 5738 a descending path, relative to the kubelet's configured 5739 seccomp profile location. Must only be set if type 5740 is "Localhost". 5741 type: string 5742 type: 5743 description: "type indicates which kind of seccomp profile 5744 will be applied. Valid options are: \n Localhost - 5745 a profile defined in a file on the node should be 5746 used. RuntimeDefault - the container runtime default 5747 profile should be used. Unconfined - no profile should 5748 be applied." 5749 type: string 5750 required: 5751 - type 5752 type: object 5753 windowsOptions: 5754 description: The Windows specific settings applied to all 5755 containers. If unspecified, the options from the PodSecurityContext 5756 will be used. If set in both SecurityContext and PodSecurityContext, 5757 the value specified in SecurityContext takes precedence. 5758 properties: 5759 gmsaCredentialSpec: 5760 description: GMSACredentialSpec is where the GMSA admission 5761 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 5762 inlines the contents of the GMSA credential spec named 5763 by the GMSACredentialSpecName field. 5764 type: string 5765 gmsaCredentialSpecName: 5766 description: GMSACredentialSpecName is the name of the 5767 GMSA credential spec to use. 5768 type: string 5769 hostProcess: 5770 description: HostProcess determines if a container should 5771 be run as a 'Host Process' container. This field is 5772 alpha-level and will only be honored by components 5773 that enable the WindowsHostProcessContainers feature 5774 flag. Setting this field without the feature flag 5775 will result in errors when validating the Pod. All 5776 of a Pod's containers must have the same effective 5777 HostProcess value (it is not allowed to have a mix 5778 of HostProcess containers and non-HostProcess containers). In 5779 addition, if HostProcess is true then HostNetwork 5780 must also be set to true. 5781 type: boolean 5782 runAsUserName: 5783 description: The UserName in Windows to run the entrypoint 5784 of the container process. Defaults to the user specified 5785 in image metadata if unspecified. May also be set 5786 in PodSecurityContext. If set in both SecurityContext 5787 and PodSecurityContext, the value specified in SecurityContext 5788 takes precedence. 5789 type: string 5790 type: object 5791 type: object 5792 startupProbe: 5793 description: 'StartupProbe indicates that the Pod has successfully 5794 initialized. If specified, no other probes are executed until 5795 this completes successfully. If this probe fails, the Pod 5796 will be restarted, just as if the livenessProbe failed. This 5797 can be used to provide different probe parameters at the beginning 5798 of a Pod''s lifecycle, when it might take a long time to load 5799 data or warm a cache, than during steady-state operation. 5800 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5801 properties: 5802 exec: 5803 description: One and only one of the following should be 5804 specified. Exec specifies the action to take. 5805 properties: 5806 command: 5807 description: Command is the command line to execute 5808 inside the container, the working directory for the 5809 command is root ('/') in the container's filesystem. 5810 The command is simply exec'd, it is not run inside 5811 a shell, so traditional shell instructions ('|', etc) 5812 won't work. To use a shell, you need to explicitly 5813 call out to that shell. Exit status of 0 is treated 5814 as live/healthy and non-zero is unhealthy. 5815 items: 5816 type: string 5817 type: array 5818 type: object 5819 failureThreshold: 5820 description: Minimum consecutive failures for the probe 5821 to be considered failed after having succeeded. Defaults 5822 to 3. Minimum value is 1. 5823 format: int32 5824 type: integer 5825 httpGet: 5826 description: HTTPGet specifies the http request to perform. 5827 properties: 5828 host: 5829 description: Host name to connect to, defaults to the 5830 pod IP. You probably want to set "Host" in httpHeaders 5831 instead. 5832 type: string 5833 httpHeaders: 5834 description: Custom headers to set in the request. HTTP 5835 allows repeated headers. 5836 items: 5837 description: HTTPHeader describes a custom header 5838 to be used in HTTP probes 5839 properties: 5840 name: 5841 description: The header field name 5842 type: string 5843 value: 5844 description: The header field value 5845 type: string 5846 required: 5847 - name 5848 - value 5849 type: object 5850 type: array 5851 path: 5852 description: Path to access on the HTTP server. 5853 type: string 5854 port: 5855 anyOf: 5856 - type: integer 5857 - type: string 5858 description: Name or number of the port to access on 5859 the container. Number must be in the range 1 to 65535. 5860 Name must be an IANA_SVC_NAME. 5861 x-kubernetes-int-or-string: true 5862 scheme: 5863 description: Scheme to use for connecting to the host. 5864 Defaults to HTTP. 5865 type: string 5866 required: 5867 - port 5868 type: object 5869 initialDelaySeconds: 5870 description: 'Number of seconds after the container has 5871 started before liveness probes are initiated. More info: 5872 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5873 format: int32 5874 type: integer 5875 periodSeconds: 5876 description: How often (in seconds) to perform the probe. 5877 Default to 10 seconds. Minimum value is 1. 5878 format: int32 5879 type: integer 5880 successThreshold: 5881 description: Minimum consecutive successes for the probe 5882 to be considered successful after having failed. Defaults 5883 to 1. Must be 1 for liveness and startup. Minimum value 5884 is 1. 5885 format: int32 5886 type: integer 5887 tcpSocket: 5888 description: 'TCPSocket specifies an action involving a 5889 TCP port. TCP hooks not yet supported TODO: implement 5890 a realistic TCP lifecycle hook' 5891 properties: 5892 host: 5893 description: 'Optional: Host name to connect to, defaults 5894 to the pod IP.' 5895 type: string 5896 port: 5897 anyOf: 5898 - type: integer 5899 - type: string 5900 description: Number or name of the port to access on 5901 the container. Number must be in the range 1 to 65535. 5902 Name must be an IANA_SVC_NAME. 5903 x-kubernetes-int-or-string: true 5904 required: 5905 - port 5906 type: object 5907 terminationGracePeriodSeconds: 5908 description: Optional duration in seconds the pod needs 5909 to terminate gracefully upon probe failure. The grace 5910 period is the duration in seconds after the processes 5911 running in the pod are sent a termination signal and the 5912 time when the processes are forcibly halted with a kill 5913 signal. Set this value longer than the expected cleanup 5914 time for your process. If this value is nil, the pod's 5915 terminationGracePeriodSeconds will be used. Otherwise, 5916 this value overrides the value provided by the pod spec. 5917 Value must be non-negative integer. The value zero indicates 5918 stop immediately via the kill signal (no opportunity to 5919 shut down). This is a beta field and requires enabling 5920 ProbeTerminationGracePeriod feature gate. Minimum value 5921 is 1. spec.terminationGracePeriodSeconds is used if unset. 5922 format: int64 5923 type: integer 5924 timeoutSeconds: 5925 description: 'Number of seconds after which the probe times 5926 out. Defaults to 1 second. Minimum value is 1. More info: 5927 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 5928 format: int32 5929 type: integer 5930 type: object 5931 stdin: 5932 description: Whether this container should allocate a buffer 5933 for stdin in the container runtime. If this is not set, reads 5934 from stdin in the container will always result in EOF. Default 5935 is false. 5936 type: boolean 5937 stdinOnce: 5938 description: Whether the container runtime should close the 5939 stdin channel after it has been opened by a single attach. 5940 When stdin is true the stdin stream will remain open across 5941 multiple attach sessions. If stdinOnce is set to true, stdin 5942 is opened on container start, is empty until the first client 5943 attaches to stdin, and then remains open and accepts data 5944 until the client disconnects, at which time stdin is closed 5945 and remains closed until the container is restarted. If this 5946 flag is false, a container processes that reads from stdin 5947 will never receive an EOF. Default is false 5948 type: boolean 5949 terminationMessagePath: 5950 description: 'Optional: Path at which the file to which the 5951 container''s termination message will be written is mounted 5952 into the container''s filesystem. Message written is intended 5953 to be brief final status, such as an assertion failure message. 5954 Will be truncated by the node if greater than 4096 bytes. 5955 The total message length across all containers will be limited 5956 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 5957 type: string 5958 terminationMessagePolicy: 5959 description: Indicate how the termination message should be 5960 populated. File will use the contents of terminationMessagePath 5961 to populate the container status message on both success and 5962 failure. FallbackToLogsOnError will use the last chunk of 5963 container log output if the termination message file is empty 5964 and the container exited with an error. The log output is 5965 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 5966 to File. Cannot be updated. 5967 type: string 5968 tty: 5969 description: Whether this container should allocate a TTY for 5970 itself, also requires 'stdin' to be true. Default is false. 5971 type: boolean 5972 volumeDevices: 5973 description: volumeDevices is the list of block devices to be 5974 used by the container. 5975 items: 5976 description: volumeDevice describes a mapping of a raw block 5977 device within a container. 5978 properties: 5979 devicePath: 5980 description: devicePath is the path inside of the container 5981 that the device will be mapped to. 5982 type: string 5983 name: 5984 description: name must match the name of a persistentVolumeClaim 5985 in the pod 5986 type: string 5987 required: 5988 - devicePath 5989 - name 5990 type: object 5991 type: array 5992 volumeMounts: 5993 description: Pod volumes to mount into the container's filesystem. 5994 Cannot be updated. 5995 items: 5996 description: VolumeMount describes a mounting of a Volume 5997 within a container. 5998 properties: 5999 mountPath: 6000 description: Path within the container at which the volume 6001 should be mounted. Must not contain ':'. 6002 type: string 6003 mountPropagation: 6004 description: mountPropagation determines how mounts are 6005 propagated from the host to container and the other 6006 way around. When not set, MountPropagationNone is used. 6007 This field is beta in 1.10. 6008 type: string 6009 name: 6010 description: This must match the Name of a Volume. 6011 type: string 6012 readOnly: 6013 description: Mounted read-only if true, read-write otherwise 6014 (false or unspecified). Defaults to false. 6015 type: boolean 6016 subPath: 6017 description: Path within the volume from which the container's 6018 volume should be mounted. Defaults to "" (volume's root). 6019 type: string 6020 subPathExpr: 6021 description: Expanded path within the volume from which 6022 the container's volume should be mounted. Behaves similarly 6023 to SubPath but environment variable references $(VAR_NAME) 6024 are expanded using the container's environment. Defaults 6025 to "" (volume's root). SubPathExpr and SubPath are mutually 6026 exclusive. 6027 type: string 6028 required: 6029 - mountPath 6030 - name 6031 type: object 6032 type: array 6033 workingDir: 6034 description: Container's working directory. If not specified, 6035 the container runtime's default will be used, which might 6036 be configured in the container image. Cannot be updated. 6037 type: string 6038 required: 6039 - name 6040 type: object 6041 type: array 6042 listenLocal: 6043 description: ListenLocal makes the Alertmanager server listen on loopback, 6044 so that it does not bind against the Pod IP. Note this is only for 6045 the Alertmanager UI, not the gossip communication. 6046 type: boolean 6047 logFormat: 6048 description: Log format for Alertmanager to be configured with. 6049 type: string 6050 logLevel: 6051 description: Log level for Alertmanager to be configured with. 6052 type: string 6053 minReadySeconds: 6054 description: Minimum number of seconds for which a newly created pod 6055 should be ready without any of its container crashing for it to 6056 be considered available. Defaults to 0 (pod will be considered available 6057 as soon as it is ready) This is an alpha field and requires enabling 6058 StatefulSetMinReadySeconds feature gate. 6059 format: int32 6060 type: integer 6061 nodeSelector: 6062 additionalProperties: 6063 type: string 6064 description: Define which Nodes the Pods are scheduled on. 6065 type: object 6066 paused: 6067 description: If set to true all actions on the underlying managed 6068 objects are not goint to be performed, except for delete actions. 6069 type: boolean 6070 podMetadata: 6071 description: PodMetadata configures Labels and Annotations which are 6072 propagated to the alertmanager pods. 6073 properties: 6074 annotations: 6075 additionalProperties: 6076 type: string 6077 description: 'Annotations is an unstructured key value map stored 6078 with a resource that may be set by external tools to store and 6079 retrieve arbitrary metadata. They are not queryable and should 6080 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 6081 type: object 6082 labels: 6083 additionalProperties: 6084 type: string 6085 description: 'Map of string keys and values that can be used to 6086 organize and categorize (scope and select) objects. May match 6087 selectors of replication controllers and services. More info: 6088 http://kubernetes.io/docs/user-guide/labels' 6089 type: object 6090 name: 6091 description: 'Name must be unique within a namespace. Is required 6092 when creating resources, although some resources may allow a 6093 client to request the generation of an appropriate name automatically. 6094 Name is primarily intended for creation idempotence and configuration 6095 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 6096 type: string 6097 type: object 6098 portName: 6099 description: Port name used for the pods and governing service. This 6100 defaults to web 6101 type: string 6102 priorityClassName: 6103 description: Priority class assigned to the Pods 6104 type: string 6105 replicas: 6106 description: Size is the expected size of the alertmanager cluster. 6107 The controller will eventually make the size of the running cluster 6108 equal to the expected size. 6109 format: int32 6110 type: integer 6111 resources: 6112 description: Define resources requests and limits for single Pods. 6113 properties: 6114 limits: 6115 additionalProperties: 6116 anyOf: 6117 - type: integer 6118 - type: string 6119 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6120 x-kubernetes-int-or-string: true 6121 description: 'Limits describes the maximum amount of compute resources 6122 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6123 type: object 6124 requests: 6125 additionalProperties: 6126 anyOf: 6127 - type: integer 6128 - type: string 6129 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6130 x-kubernetes-int-or-string: true 6131 description: 'Requests describes the minimum amount of compute 6132 resources required. If Requests is omitted for a container, 6133 it defaults to Limits if that is explicitly specified, otherwise 6134 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6135 type: object 6136 type: object 6137 retention: 6138 description: Time duration Alertmanager shall retain data for. Default 6139 is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` 6140 (milliseconds seconds minutes hours). 6141 type: string 6142 routePrefix: 6143 description: The route prefix Alertmanager registers HTTP handlers 6144 for. This is useful, if using ExternalURL and a proxy is rewriting 6145 HTTP routes of a request, and the actual ExternalURL is still true, 6146 but the server serves requests under a different route prefix. For 6147 example for use with `kubectl proxy`. 6148 type: string 6149 secrets: 6150 description: Secrets is a list of Secrets in the same namespace as 6151 the Alertmanager object, which shall be mounted into the Alertmanager 6152 Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>. 6153 items: 6154 type: string 6155 type: array 6156 securityContext: 6157 description: SecurityContext holds pod-level security attributes and 6158 common container settings. This defaults to the default PodSecurityContext. 6159 properties: 6160 fsGroup: 6161 description: "A special supplemental group that applies to all 6162 containers in a pod. Some volume types allow the Kubelet to 6163 change the ownership of that volume to be owned by the pod: 6164 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 6165 set (new files created in the volume will be owned by FSGroup) 6166 3. The permission bits are OR'd with rw-rw---- \n If unset, 6167 the Kubelet will not modify the ownership and permissions of 6168 any volume." 6169 format: int64 6170 type: integer 6171 fsGroupChangePolicy: 6172 description: 'fsGroupChangePolicy defines behavior of changing 6173 ownership and permission of the volume before being exposed 6174 inside Pod. This field will only apply to volume types which 6175 support fsGroup based ownership(and permissions). It will have 6176 no effect on ephemeral volume types such as: secret, configmaps 6177 and emptydir. Valid values are "OnRootMismatch" and "Always". 6178 If not specified, "Always" is used.' 6179 type: string 6180 runAsGroup: 6181 description: The GID to run the entrypoint of the container process. 6182 Uses runtime default if unset. May also be set in SecurityContext. If 6183 set in both SecurityContext and PodSecurityContext, the value 6184 specified in SecurityContext takes precedence for that container. 6185 format: int64 6186 type: integer 6187 runAsNonRoot: 6188 description: Indicates that the container must run as a non-root 6189 user. If true, the Kubelet will validate the image at runtime 6190 to ensure that it does not run as UID 0 (root) and fail to start 6191 the container if it does. If unset or false, no such validation 6192 will be performed. May also be set in SecurityContext. If set 6193 in both SecurityContext and PodSecurityContext, the value specified 6194 in SecurityContext takes precedence. 6195 type: boolean 6196 runAsUser: 6197 description: The UID to run the entrypoint of the container process. 6198 Defaults to user specified in image metadata if unspecified. 6199 May also be set in SecurityContext. If set in both SecurityContext 6200 and PodSecurityContext, the value specified in SecurityContext 6201 takes precedence for that container. 6202 format: int64 6203 type: integer 6204 seLinuxOptions: 6205 description: The SELinux context to be applied to all containers. 6206 If unspecified, the container runtime will allocate a random 6207 SELinux context for each container. May also be set in SecurityContext. If 6208 set in both SecurityContext and PodSecurityContext, the value 6209 specified in SecurityContext takes precedence for that container. 6210 properties: 6211 level: 6212 description: Level is SELinux level label that applies to 6213 the container. 6214 type: string 6215 role: 6216 description: Role is a SELinux role label that applies to 6217 the container. 6218 type: string 6219 type: 6220 description: Type is a SELinux type label that applies to 6221 the container. 6222 type: string 6223 user: 6224 description: User is a SELinux user label that applies to 6225 the container. 6226 type: string 6227 type: object 6228 seccompProfile: 6229 description: The seccomp options to use by the containers in this 6230 pod. 6231 properties: 6232 localhostProfile: 6233 description: localhostProfile indicates a profile defined 6234 in a file on the node should be used. The profile must be 6235 preconfigured on the node to work. Must be a descending 6236 path, relative to the kubelet's configured seccomp profile 6237 location. Must only be set if type is "Localhost". 6238 type: string 6239 type: 6240 description: "type indicates which kind of seccomp profile 6241 will be applied. Valid options are: \n Localhost - a profile 6242 defined in a file on the node should be used. RuntimeDefault 6243 - the container runtime default profile should be used. 6244 Unconfined - no profile should be applied." 6245 type: string 6246 required: 6247 - type 6248 type: object 6249 supplementalGroups: 6250 description: A list of groups applied to the first process run 6251 in each container, in addition to the container's primary GID. If 6252 unspecified, no groups will be added to any container. 6253 items: 6254 format: int64 6255 type: integer 6256 type: array 6257 sysctls: 6258 description: Sysctls hold a list of namespaced sysctls used for 6259 the pod. Pods with unsupported sysctls (by the container runtime) 6260 might fail to launch. 6261 items: 6262 description: Sysctl defines a kernel parameter to be set 6263 properties: 6264 name: 6265 description: Name of a property to set 6266 type: string 6267 value: 6268 description: Value of a property to set 6269 type: string 6270 required: 6271 - name 6272 - value 6273 type: object 6274 type: array 6275 windowsOptions: 6276 description: The Windows specific settings applied to all containers. 6277 If unspecified, the options within a container's SecurityContext 6278 will be used. If set in both SecurityContext and PodSecurityContext, 6279 the value specified in SecurityContext takes precedence. 6280 properties: 6281 gmsaCredentialSpec: 6282 description: GMSACredentialSpec is where the GMSA admission 6283 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 6284 inlines the contents of the GMSA credential spec named by 6285 the GMSACredentialSpecName field. 6286 type: string 6287 gmsaCredentialSpecName: 6288 description: GMSACredentialSpecName is the name of the GMSA 6289 credential spec to use. 6290 type: string 6291 hostProcess: 6292 description: HostProcess determines if a container should 6293 be run as a 'Host Process' container. This field is alpha-level 6294 and will only be honored by components that enable the WindowsHostProcessContainers 6295 feature flag. Setting this field without the feature flag 6296 will result in errors when validating the Pod. All of a 6297 Pod's containers must have the same effective HostProcess 6298 value (it is not allowed to have a mix of HostProcess containers 6299 and non-HostProcess containers). In addition, if HostProcess 6300 is true then HostNetwork must also be set to true. 6301 type: boolean 6302 runAsUserName: 6303 description: The UserName in Windows to run the entrypoint 6304 of the container process. Defaults to the user specified 6305 in image metadata if unspecified. May also be set in PodSecurityContext. 6306 If set in both SecurityContext and PodSecurityContext, the 6307 value specified in SecurityContext takes precedence. 6308 type: string 6309 type: object 6310 type: object 6311 serviceAccountName: 6312 description: ServiceAccountName is the name of the ServiceAccount 6313 to use to run the Prometheus Pods. 6314 type: string 6315 sha: 6316 description: 'SHA of Alertmanager container image to be deployed. 6317 Defaults to the value of `version`. Similar to a tag, but the SHA 6318 explicitly deploys an immutable container image. Version and Tag 6319 are ignored if SHA is set. Deprecated: use ''image'' instead. The 6320 image digest can be specified as part of the image URL.' 6321 type: string 6322 storage: 6323 description: Storage is the definition of how storage will be used 6324 by the Alertmanager instances. 6325 properties: 6326 disableMountSubPath: 6327 description: 'Deprecated: subPath usage will be disabled by default 6328 in a future release, this option will become unnecessary. DisableMountSubPath 6329 allows to remove any subPath usage in volume mounts.' 6330 type: boolean 6331 emptyDir: 6332 description: 'EmptyDirVolumeSource to be used by the Prometheus 6333 StatefulSets. If specified, used in place of any volumeClaimTemplate. 6334 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 6335 properties: 6336 medium: 6337 description: 'What type of storage medium should back this 6338 directory. The default is "" which means to use the node''s 6339 default medium. Must be an empty string (default) or Memory. 6340 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 6341 type: string 6342 sizeLimit: 6343 anyOf: 6344 - type: integer 6345 - type: string 6346 description: 'Total amount of local storage required for this 6347 EmptyDir volume. The size limit is also applicable for memory 6348 medium. The maximum usage on memory medium EmptyDir would 6349 be the minimum value between the SizeLimit specified here 6350 and the sum of memory limits of all containers in a pod. 6351 The default is nil which means that the limit is undefined. 6352 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 6353 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6354 x-kubernetes-int-or-string: true 6355 type: object 6356 ephemeral: 6357 description: 'EphemeralVolumeSource to be used by the Prometheus 6358 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 6359 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 6360 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 6361 properties: 6362 volumeClaimTemplate: 6363 description: "Will be used to create a stand-alone PVC to 6364 provision the volume. The pod in which this EphemeralVolumeSource 6365 is embedded will be the owner of the PVC, i.e. the PVC will 6366 be deleted together with the pod. The name of the PVC will 6367 be `<pod name>-<volume name>` where `<volume name>` is the 6368 name from the `PodSpec.Volumes` array entry. Pod validation 6369 will reject the pod if the concatenated name is not valid 6370 for a PVC (for example, too long). \n An existing PVC with 6371 that name that is not owned by the pod will *not* be used 6372 for the pod to avoid using an unrelated volume by mistake. 6373 Starting the pod is then blocked until the unrelated PVC 6374 is removed. If such a pre-created PVC is meant to be used 6375 by the pod, the PVC has to updated with an owner reference 6376 to the pod once the pod exists. Normally this should not 6377 be necessary, but it may be useful when manually reconstructing 6378 a broken cluster. \n This field is read-only and no changes 6379 will be made by Kubernetes to the PVC after it has been 6380 created. \n Required, must not be nil." 6381 properties: 6382 metadata: 6383 description: May contain labels and annotations that will 6384 be copied into the PVC when creating it. No other fields 6385 are allowed and will be rejected during validation. 6386 type: object 6387 spec: 6388 description: The specification for the PersistentVolumeClaim. 6389 The entire content is copied unchanged into the PVC 6390 that gets created from this template. The same fields 6391 as in a PersistentVolumeClaim are also valid here. 6392 properties: 6393 accessModes: 6394 description: 'AccessModes contains the desired access 6395 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6396 items: 6397 type: string 6398 type: array 6399 dataSource: 6400 description: 'This field can be used to specify either: 6401 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6402 * An existing PVC (PersistentVolumeClaim) If the 6403 provisioner or an external controller can support 6404 the specified data source, it will create a new 6405 volume based on the contents of the specified data 6406 source. If the AnyVolumeDataSource feature gate 6407 is enabled, this field will always have the same 6408 contents as the DataSourceRef field.' 6409 properties: 6410 apiGroup: 6411 description: APIGroup is the group for the resource 6412 being referenced. If APIGroup is not specified, 6413 the specified Kind must be in the core API group. 6414 For any other third-party types, APIGroup is 6415 required. 6416 type: string 6417 kind: 6418 description: Kind is the type of resource being 6419 referenced 6420 type: string 6421 name: 6422 description: Name is the name of resource being 6423 referenced 6424 type: string 6425 required: 6426 - kind 6427 - name 6428 type: object 6429 dataSourceRef: 6430 description: 'Specifies the object from which to populate 6431 the volume with data, if a non-empty volume is desired. 6432 This may be any local object from a non-empty API 6433 group (non core object) or a PersistentVolumeClaim 6434 object. When this field is specified, volume binding 6435 will only succeed if the type of the specified object 6436 matches some installed volume populator or dynamic 6437 provisioner. This field will replace the functionality 6438 of the DataSource field and as such if both fields 6439 are non-empty, they must have the same value. For 6440 backwards compatibility, both fields (DataSource 6441 and DataSourceRef) will be set to the same value 6442 automatically if one of them is empty and the other 6443 is non-empty. There are two important differences 6444 between DataSource and DataSourceRef: * While DataSource 6445 only allows two specific types of objects, DataSourceRef allows 6446 any non-core object, as well as PersistentVolumeClaim 6447 objects. * While DataSource ignores disallowed values 6448 (dropping them), DataSourceRef preserves all values, 6449 and generates an error if a disallowed value is specified. 6450 (Alpha) Using this field requires the AnyVolumeDataSource 6451 feature gate to be enabled.' 6452 properties: 6453 apiGroup: 6454 description: APIGroup is the group for the resource 6455 being referenced. If APIGroup is not specified, 6456 the specified Kind must be in the core API group. 6457 For any other third-party types, APIGroup is 6458 required. 6459 type: string 6460 kind: 6461 description: Kind is the type of resource being 6462 referenced 6463 type: string 6464 name: 6465 description: Name is the name of resource being 6466 referenced 6467 type: string 6468 required: 6469 - kind 6470 - name 6471 type: object 6472 resources: 6473 description: 'Resources represents the minimum resources 6474 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6475 properties: 6476 limits: 6477 additionalProperties: 6478 anyOf: 6479 - type: integer 6480 - type: string 6481 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6482 x-kubernetes-int-or-string: true 6483 description: 'Limits describes the maximum amount 6484 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6485 type: object 6486 requests: 6487 additionalProperties: 6488 anyOf: 6489 - type: integer 6490 - type: string 6491 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6492 x-kubernetes-int-or-string: true 6493 description: 'Requests describes the minimum amount 6494 of compute resources required. If Requests is 6495 omitted for a container, it defaults to Limits 6496 if that is explicitly specified, otherwise to 6497 an implementation-defined value. More info: 6498 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6499 type: object 6500 type: object 6501 selector: 6502 description: A label query over volumes to consider 6503 for binding. 6504 properties: 6505 matchExpressions: 6506 description: matchExpressions is a list of label 6507 selector requirements. The requirements are 6508 ANDed. 6509 items: 6510 description: A label selector requirement is 6511 a selector that contains values, a key, and 6512 an operator that relates the key and values. 6513 properties: 6514 key: 6515 description: key is the label key that the 6516 selector applies to. 6517 type: string 6518 operator: 6519 description: operator represents a key's 6520 relationship to a set of values. Valid 6521 operators are In, NotIn, Exists and DoesNotExist. 6522 type: string 6523 values: 6524 description: values is an array of string 6525 values. If the operator is In or NotIn, 6526 the values array must be non-empty. If 6527 the operator is Exists or DoesNotExist, 6528 the values array must be empty. This array 6529 is replaced during a strategic merge patch. 6530 items: 6531 type: string 6532 type: array 6533 required: 6534 - key 6535 - operator 6536 type: object 6537 type: array 6538 matchLabels: 6539 additionalProperties: 6540 type: string 6541 description: matchLabels is a map of {key,value} 6542 pairs. A single {key,value} in the matchLabels 6543 map is equivalent to an element of matchExpressions, 6544 whose key field is "key", the operator is "In", 6545 and the values array contains only "value". 6546 The requirements are ANDed. 6547 type: object 6548 type: object 6549 storageClassName: 6550 description: 'Name of the StorageClass required by 6551 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6552 type: string 6553 volumeMode: 6554 description: volumeMode defines what type of volume 6555 is required by the claim. Value of Filesystem is 6556 implied when not included in claim spec. 6557 type: string 6558 volumeName: 6559 description: VolumeName is the binding reference to 6560 the PersistentVolume backing this claim. 6561 type: string 6562 type: object 6563 required: 6564 - spec 6565 type: object 6566 type: object 6567 volumeClaimTemplate: 6568 description: A PVC spec to be used by the Prometheus StatefulSets. 6569 properties: 6570 apiVersion: 6571 description: 'APIVersion defines the versioned schema of this 6572 representation of an object. Servers should convert recognized 6573 schemas to the latest internal value, and may reject unrecognized 6574 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 6575 type: string 6576 kind: 6577 description: 'Kind is a string value representing the REST 6578 resource this object represents. Servers may infer this 6579 from the endpoint the client submits requests to. Cannot 6580 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 6581 type: string 6582 metadata: 6583 description: EmbeddedMetadata contains metadata relevant to 6584 an EmbeddedResource. 6585 properties: 6586 annotations: 6587 additionalProperties: 6588 type: string 6589 description: 'Annotations is an unstructured key value 6590 map stored with a resource that may be set by external 6591 tools to store and retrieve arbitrary metadata. They 6592 are not queryable and should be preserved when modifying 6593 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 6594 type: object 6595 labels: 6596 additionalProperties: 6597 type: string 6598 description: 'Map of string keys and values that can be 6599 used to organize and categorize (scope and select) objects. 6600 May match selectors of replication controllers and services. 6601 More info: http://kubernetes.io/docs/user-guide/labels' 6602 type: object 6603 name: 6604 description: 'Name must be unique within a namespace. 6605 Is required when creating resources, although some resources 6606 may allow a client to request the generation of an appropriate 6607 name automatically. Name is primarily intended for creation 6608 idempotence and configuration definition. Cannot be 6609 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 6610 type: string 6611 type: object 6612 spec: 6613 description: 'Spec defines the desired characteristics of 6614 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6615 properties: 6616 accessModes: 6617 description: 'AccessModes contains the desired access 6618 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6619 items: 6620 type: string 6621 type: array 6622 dataSource: 6623 description: 'This field can be used to specify either: 6624 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 6625 * An existing PVC (PersistentVolumeClaim) If the provisioner 6626 or an external controller can support the specified 6627 data source, it will create a new volume based on the 6628 contents of the specified data source. If the AnyVolumeDataSource 6629 feature gate is enabled, this field will always have 6630 the same contents as the DataSourceRef field.' 6631 properties: 6632 apiGroup: 6633 description: APIGroup is the group for the resource 6634 being referenced. If APIGroup is not specified, 6635 the specified Kind must be in the core API group. 6636 For any other third-party types, APIGroup is required. 6637 type: string 6638 kind: 6639 description: Kind is the type of resource being referenced 6640 type: string 6641 name: 6642 description: Name is the name of resource being referenced 6643 type: string 6644 required: 6645 - kind 6646 - name 6647 type: object 6648 dataSourceRef: 6649 description: 'Specifies the object from which to populate 6650 the volume with data, if a non-empty volume is desired. 6651 This may be any local object from a non-empty API group 6652 (non core object) or a PersistentVolumeClaim object. 6653 When this field is specified, volume binding will only 6654 succeed if the type of the specified object matches 6655 some installed volume populator or dynamic provisioner. 6656 This field will replace the functionality of the DataSource 6657 field and as such if both fields are non-empty, they 6658 must have the same value. For backwards compatibility, 6659 both fields (DataSource and DataSourceRef) will be set 6660 to the same value automatically if one of them is empty 6661 and the other is non-empty. There are two important 6662 differences between DataSource and DataSourceRef: * 6663 While DataSource only allows two specific types of objects, 6664 DataSourceRef allows any non-core object, as well 6665 as PersistentVolumeClaim objects. * While DataSource 6666 ignores disallowed values (dropping them), DataSourceRef preserves 6667 all values, and generates an error if a disallowed value 6668 is specified. (Alpha) Using this field requires the 6669 AnyVolumeDataSource feature gate to be enabled.' 6670 properties: 6671 apiGroup: 6672 description: APIGroup is the group for the resource 6673 being referenced. If APIGroup is not specified, 6674 the specified Kind must be in the core API group. 6675 For any other third-party types, APIGroup is required. 6676 type: string 6677 kind: 6678 description: Kind is the type of resource being referenced 6679 type: string 6680 name: 6681 description: Name is the name of resource being referenced 6682 type: string 6683 required: 6684 - kind 6685 - name 6686 type: object 6687 resources: 6688 description: 'Resources represents the minimum resources 6689 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 6690 properties: 6691 limits: 6692 additionalProperties: 6693 anyOf: 6694 - type: integer 6695 - type: string 6696 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6697 x-kubernetes-int-or-string: true 6698 description: 'Limits describes the maximum amount 6699 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6700 type: object 6701 requests: 6702 additionalProperties: 6703 anyOf: 6704 - type: integer 6705 - type: string 6706 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6707 x-kubernetes-int-or-string: true 6708 description: 'Requests describes the minimum amount 6709 of compute resources required. If Requests is omitted 6710 for a container, it defaults to Limits if that is 6711 explicitly specified, otherwise to an implementation-defined 6712 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 6713 type: object 6714 type: object 6715 selector: 6716 description: A label query over volumes to consider for 6717 binding. 6718 properties: 6719 matchExpressions: 6720 description: matchExpressions is a list of label selector 6721 requirements. The requirements are ANDed. 6722 items: 6723 description: A label selector requirement is a selector 6724 that contains values, a key, and an operator that 6725 relates the key and values. 6726 properties: 6727 key: 6728 description: key is the label key that the selector 6729 applies to. 6730 type: string 6731 operator: 6732 description: operator represents a key's relationship 6733 to a set of values. Valid operators are In, 6734 NotIn, Exists and DoesNotExist. 6735 type: string 6736 values: 6737 description: values is an array of string values. 6738 If the operator is In or NotIn, the values 6739 array must be non-empty. If the operator is 6740 Exists or DoesNotExist, the values array must 6741 be empty. This array is replaced during a 6742 strategic merge patch. 6743 items: 6744 type: string 6745 type: array 6746 required: 6747 - key 6748 - operator 6749 type: object 6750 type: array 6751 matchLabels: 6752 additionalProperties: 6753 type: string 6754 description: matchLabels is a map of {key,value} pairs. 6755 A single {key,value} in the matchLabels map is equivalent 6756 to an element of matchExpressions, whose key field 6757 is "key", the operator is "In", and the values array 6758 contains only "value". The requirements are ANDed. 6759 type: object 6760 type: object 6761 storageClassName: 6762 description: 'Name of the StorageClass required by the 6763 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 6764 type: string 6765 volumeMode: 6766 description: volumeMode defines what type of volume is 6767 required by the claim. Value of Filesystem is implied 6768 when not included in claim spec. 6769 type: string 6770 volumeName: 6771 description: VolumeName is the binding reference to the 6772 PersistentVolume backing this claim. 6773 type: string 6774 type: object 6775 status: 6776 description: 'Status represents the current information/status 6777 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 6778 properties: 6779 accessModes: 6780 description: 'AccessModes contains the actual access modes 6781 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 6782 items: 6783 type: string 6784 type: array 6785 capacity: 6786 additionalProperties: 6787 anyOf: 6788 - type: integer 6789 - type: string 6790 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 6791 x-kubernetes-int-or-string: true 6792 description: Represents the actual resources of the underlying 6793 volume. 6794 type: object 6795 conditions: 6796 description: Current Condition of persistent volume claim. 6797 If underlying persistent volume is being resized then 6798 the Condition will be set to 'ResizeStarted'. 6799 items: 6800 description: PersistentVolumeClaimCondition contails 6801 details about state of pvc 6802 properties: 6803 lastProbeTime: 6804 description: Last time we probed the condition. 6805 format: date-time 6806 type: string 6807 lastTransitionTime: 6808 description: Last time the condition transitioned 6809 from one status to another. 6810 format: date-time 6811 type: string 6812 message: 6813 description: Human-readable message indicating details 6814 about last transition. 6815 type: string 6816 reason: 6817 description: Unique, this should be a short, machine 6818 understandable string that gives the reason for 6819 condition's last transition. If it reports "ResizeStarted" 6820 that means the underlying persistent volume is 6821 being resized. 6822 type: string 6823 status: 6824 type: string 6825 type: 6826 description: PersistentVolumeClaimConditionType 6827 is a valid value of PersistentVolumeClaimCondition.Type 6828 type: string 6829 required: 6830 - status 6831 - type 6832 type: object 6833 type: array 6834 phase: 6835 description: Phase represents the current phase of PersistentVolumeClaim. 6836 type: string 6837 type: object 6838 type: object 6839 type: object 6840 tag: 6841 description: 'Tag of Alertmanager container image to be deployed. 6842 Defaults to the value of `version`. Version is ignored if Tag is 6843 set. Deprecated: use ''image'' instead. The image tag can be specified 6844 as part of the image URL.' 6845 type: string 6846 tolerations: 6847 description: If specified, the pod's tolerations. 6848 items: 6849 description: The pod this Toleration is attached to tolerates any 6850 taint that matches the triple <key,value,effect> using the matching 6851 operator <operator>. 6852 properties: 6853 effect: 6854 description: Effect indicates the taint effect to match. Empty 6855 means match all taint effects. When specified, allowed values 6856 are NoSchedule, PreferNoSchedule and NoExecute. 6857 type: string 6858 key: 6859 description: Key is the taint key that the toleration applies 6860 to. Empty means match all taint keys. If the key is empty, 6861 operator must be Exists; this combination means to match all 6862 values and all keys. 6863 type: string 6864 operator: 6865 description: Operator represents a key's relationship to the 6866 value. Valid operators are Exists and Equal. Defaults to Equal. 6867 Exists is equivalent to wildcard for value, so that a pod 6868 can tolerate all taints of a particular category. 6869 type: string 6870 tolerationSeconds: 6871 description: TolerationSeconds represents the period of time 6872 the toleration (which must be of effect NoExecute, otherwise 6873 this field is ignored) tolerates the taint. By default, it 6874 is not set, which means tolerate the taint forever (do not 6875 evict). Zero and negative values will be treated as 0 (evict 6876 immediately) by the system. 6877 format: int64 6878 type: integer 6879 value: 6880 description: Value is the taint value the toleration matches 6881 to. If the operator is Exists, the value should be empty, 6882 otherwise just a regular string. 6883 type: string 6884 type: object 6885 type: array 6886 topologySpreadConstraints: 6887 description: If specified, the pod's topology spread constraints. 6888 items: 6889 description: TopologySpreadConstraint specifies how to spread matching 6890 pods among the given topology. 6891 properties: 6892 labelSelector: 6893 description: LabelSelector is used to find matching pods. Pods 6894 that match this label selector are counted to determine the 6895 number of pods in their corresponding topology domain. 6896 properties: 6897 matchExpressions: 6898 description: matchExpressions is a list of label selector 6899 requirements. The requirements are ANDed. 6900 items: 6901 description: A label selector requirement is a selector 6902 that contains values, a key, and an operator that relates 6903 the key and values. 6904 properties: 6905 key: 6906 description: key is the label key that the selector 6907 applies to. 6908 type: string 6909 operator: 6910 description: operator represents a key's relationship 6911 to a set of values. Valid operators are In, NotIn, 6912 Exists and DoesNotExist. 6913 type: string 6914 values: 6915 description: values is an array of string values. 6916 If the operator is In or NotIn, the values array 6917 must be non-empty. If the operator is Exists or 6918 DoesNotExist, the values array must be empty. This 6919 array is replaced during a strategic merge patch. 6920 items: 6921 type: string 6922 type: array 6923 required: 6924 - key 6925 - operator 6926 type: object 6927 type: array 6928 matchLabels: 6929 additionalProperties: 6930 type: string 6931 description: matchLabels is a map of {key,value} pairs. 6932 A single {key,value} in the matchLabels map is equivalent 6933 to an element of matchExpressions, whose key field is 6934 "key", the operator is "In", and the values array contains 6935 only "value". The requirements are ANDed. 6936 type: object 6937 type: object 6938 maxSkew: 6939 description: 'MaxSkew describes the degree to which pods may 6940 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 6941 it is the maximum permitted difference between the number 6942 of matching pods in the target topology and the global minimum. 6943 For example, in a 3-zone cluster, MaxSkew is set to 1, and 6944 pods with the same labelSelector spread as 1/1/0: | zone1 6945 | zone2 | zone3 | | P | P | | - if MaxSkew is 6946 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 6947 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 6948 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 6949 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 6950 it is used to give higher precedence to topologies that satisfy 6951 it. It''s a required field. Default value is 1 and 0 is not 6952 allowed.' 6953 format: int32 6954 type: integer 6955 topologyKey: 6956 description: TopologyKey is the key of node labels. Nodes that 6957 have a label with this key and identical values are considered 6958 to be in the same topology. We consider each <key, value> 6959 as a "bucket", and try to put balanced number of pods into 6960 each bucket. It's a required field. 6961 type: string 6962 whenUnsatisfiable: 6963 description: 'WhenUnsatisfiable indicates how to deal with a 6964 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 6965 (default) tells the scheduler not to schedule it. - ScheduleAnyway 6966 tells the scheduler to schedule the pod in any location, but 6967 giving higher precedence to topologies that would help reduce 6968 the skew. A constraint is considered "Unsatisfiable" for 6969 an incoming pod if and only if every possible node assigment 6970 for that pod would violate "MaxSkew" on some topology. For 6971 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 6972 with the same labelSelector spread as 3/1/1: | zone1 | zone2 6973 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 6974 set to DoNotSchedule, incoming pod can only be scheduled to 6975 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 6976 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 6977 can still be imbalanced, but scheduler won''t make it *more* 6978 imbalanced. It''s a required field.' 6979 type: string 6980 required: 6981 - maxSkew 6982 - topologyKey 6983 - whenUnsatisfiable 6984 type: object 6985 type: array 6986 version: 6987 description: Version the cluster should be on. 6988 type: string 6989 volumeMounts: 6990 description: VolumeMounts allows configuration of additional VolumeMounts 6991 on the output StatefulSet definition. VolumeMounts specified will 6992 be appended to other VolumeMounts in the alertmanager container, 6993 that are generated as a result of StorageSpec objects. 6994 items: 6995 description: VolumeMount describes a mounting of a Volume within 6996 a container. 6997 properties: 6998 mountPath: 6999 description: Path within the container at which the volume should 7000 be mounted. Must not contain ':'. 7001 type: string 7002 mountPropagation: 7003 description: mountPropagation determines how mounts are propagated 7004 from the host to container and the other way around. When 7005 not set, MountPropagationNone is used. This field is beta 7006 in 1.10. 7007 type: string 7008 name: 7009 description: This must match the Name of a Volume. 7010 type: string 7011 readOnly: 7012 description: Mounted read-only if true, read-write otherwise 7013 (false or unspecified). Defaults to false. 7014 type: boolean 7015 subPath: 7016 description: Path within the volume from which the container's 7017 volume should be mounted. Defaults to "" (volume's root). 7018 type: string 7019 subPathExpr: 7020 description: Expanded path within the volume from which the 7021 container's volume should be mounted. Behaves similarly to 7022 SubPath but environment variable references $(VAR_NAME) are 7023 expanded using the container's environment. Defaults to "" 7024 (volume's root). SubPathExpr and SubPath are mutually exclusive. 7025 type: string 7026 required: 7027 - mountPath 7028 - name 7029 type: object 7030 type: array 7031 volumes: 7032 description: Volumes allows configuration of additional volumes on 7033 the output StatefulSet definition. Volumes specified will be appended 7034 to other volumes that are generated as a result of StorageSpec objects. 7035 items: 7036 description: Volume represents a named volume in a pod that may 7037 be accessed by any container in the pod. 7038 properties: 7039 awsElasticBlockStore: 7040 description: 'AWSElasticBlockStore represents an AWS Disk resource 7041 that is attached to a kubelet''s host machine and then exposed 7042 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7043 properties: 7044 fsType: 7045 description: 'Filesystem type of the volume that you want 7046 to mount. Tip: Ensure that the filesystem type is supported 7047 by the host operating system. Examples: "ext4", "xfs", 7048 "ntfs". Implicitly inferred to be "ext4" if unspecified. 7049 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 7050 TODO: how do we prevent errors in the filesystem from 7051 compromising the machine' 7052 type: string 7053 partition: 7054 description: 'The partition in the volume that you want 7055 to mount. If omitted, the default is to mount by volume 7056 name. Examples: For volume /dev/sda1, you specify the 7057 partition as "1". Similarly, the volume partition for 7058 /dev/sda is "0" (or you can leave the property empty).' 7059 format: int32 7060 type: integer 7061 readOnly: 7062 description: 'Specify "true" to force and set the ReadOnly 7063 property in VolumeMounts to "true". If omitted, the default 7064 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7065 type: boolean 7066 volumeID: 7067 description: 'Unique ID of the persistent disk resource 7068 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 7069 type: string 7070 required: 7071 - volumeID 7072 type: object 7073 azureDisk: 7074 description: AzureDisk represents an Azure Data Disk mount on 7075 the host and bind mount to the pod. 7076 properties: 7077 cachingMode: 7078 description: 'Host Caching mode: None, Read Only, Read Write.' 7079 type: string 7080 diskName: 7081 description: The Name of the data disk in the blob storage 7082 type: string 7083 diskURI: 7084 description: The URI the data disk in the blob storage 7085 type: string 7086 fsType: 7087 description: Filesystem type to mount. Must be a filesystem 7088 type supported by the host operating system. Ex. "ext4", 7089 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 7090 type: string 7091 kind: 7092 description: 'Expected values Shared: multiple blob disks 7093 per storage account Dedicated: single blob disk per storage 7094 account Managed: azure managed data disk (only in managed 7095 availability set). defaults to shared' 7096 type: string 7097 readOnly: 7098 description: Defaults to false (read/write). ReadOnly here 7099 will force the ReadOnly setting in VolumeMounts. 7100 type: boolean 7101 required: 7102 - diskName 7103 - diskURI 7104 type: object 7105 azureFile: 7106 description: AzureFile represents an Azure File Service mount 7107 on the host and bind mount to the pod. 7108 properties: 7109 readOnly: 7110 description: Defaults to false (read/write). ReadOnly here 7111 will force the ReadOnly setting in VolumeMounts. 7112 type: boolean 7113 secretName: 7114 description: the name of secret that contains Azure Storage 7115 Account Name and Key 7116 type: string 7117 shareName: 7118 description: Share Name 7119 type: string 7120 required: 7121 - secretName 7122 - shareName 7123 type: object 7124 cephfs: 7125 description: CephFS represents a Ceph FS mount on the host that 7126 shares a pod's lifetime 7127 properties: 7128 monitors: 7129 description: 'Required: Monitors is a collection of Ceph 7130 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7131 items: 7132 type: string 7133 type: array 7134 path: 7135 description: 'Optional: Used as the mounted root, rather 7136 than the full Ceph tree, default is /' 7137 type: string 7138 readOnly: 7139 description: 'Optional: Defaults to false (read/write). 7140 ReadOnly here will force the ReadOnly setting in VolumeMounts. 7141 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7142 type: boolean 7143 secretFile: 7144 description: 'Optional: SecretFile is the path to key ring 7145 for User, default is /etc/ceph/user.secret More info: 7146 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7147 type: string 7148 secretRef: 7149 description: 'Optional: SecretRef is reference to the authentication 7150 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7151 properties: 7152 name: 7153 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7154 TODO: Add other useful fields. apiVersion, kind, uid?' 7155 type: string 7156 type: object 7157 user: 7158 description: 'Optional: User is the rados user name, default 7159 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 7160 type: string 7161 required: 7162 - monitors 7163 type: object 7164 cinder: 7165 description: 'Cinder represents a cinder volume attached and 7166 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7167 properties: 7168 fsType: 7169 description: 'Filesystem type to mount. Must be a filesystem 7170 type supported by the host operating system. Examples: 7171 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 7172 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7173 type: string 7174 readOnly: 7175 description: 'Optional: Defaults to false (read/write). 7176 ReadOnly here will force the ReadOnly setting in VolumeMounts. 7177 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7178 type: boolean 7179 secretRef: 7180 description: 'Optional: points to a secret object containing 7181 parameters used to connect to OpenStack.' 7182 properties: 7183 name: 7184 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7185 TODO: Add other useful fields. apiVersion, kind, uid?' 7186 type: string 7187 type: object 7188 volumeID: 7189 description: 'volume id used to identify the volume in cinder. 7190 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 7191 type: string 7192 required: 7193 - volumeID 7194 type: object 7195 configMap: 7196 description: ConfigMap represents a configMap that should populate 7197 this volume 7198 properties: 7199 defaultMode: 7200 description: 'Optional: mode bits used to set permissions 7201 on created files by default. Must be an octal value between 7202 0000 and 0777 or a decimal value between 0 and 511. YAML 7203 accepts both octal and decimal values, JSON requires decimal 7204 values for mode bits. Defaults to 0644. Directories within 7205 the path are not affected by this setting. This might 7206 be in conflict with other options that affect the file 7207 mode, like fsGroup, and the result can be other mode bits 7208 set.' 7209 format: int32 7210 type: integer 7211 items: 7212 description: If unspecified, each key-value pair in the 7213 Data field of the referenced ConfigMap will be projected 7214 into the volume as a file whose name is the key and content 7215 is the value. If specified, the listed keys will be projected 7216 into the specified paths, and unlisted keys will not be 7217 present. If a key is specified which is not present in 7218 the ConfigMap, the volume setup will error unless it is 7219 marked optional. Paths must be relative and may not contain 7220 the '..' path or start with '..'. 7221 items: 7222 description: Maps a string key to a path within a volume. 7223 properties: 7224 key: 7225 description: The key to project. 7226 type: string 7227 mode: 7228 description: 'Optional: mode bits used to set permissions 7229 on this file. Must be an octal value between 0000 7230 and 0777 or a decimal value between 0 and 511. YAML 7231 accepts both octal and decimal values, JSON requires 7232 decimal values for mode bits. If not specified, 7233 the volume defaultMode will be used. This might 7234 be in conflict with other options that affect the 7235 file mode, like fsGroup, and the result can be other 7236 mode bits set.' 7237 format: int32 7238 type: integer 7239 path: 7240 description: The relative path of the file to map 7241 the key to. May not be an absolute path. May not 7242 contain the path element '..'. May not start with 7243 the string '..'. 7244 type: string 7245 required: 7246 - key 7247 - path 7248 type: object 7249 type: array 7250 name: 7251 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7252 TODO: Add other useful fields. apiVersion, kind, uid?' 7253 type: string 7254 optional: 7255 description: Specify whether the ConfigMap or its keys must 7256 be defined 7257 type: boolean 7258 type: object 7259 csi: 7260 description: CSI (Container Storage Interface) represents ephemeral 7261 storage that is handled by certain external CSI drivers (Beta 7262 feature). 7263 properties: 7264 driver: 7265 description: Driver is the name of the CSI driver that handles 7266 this volume. Consult with your admin for the correct name 7267 as registered in the cluster. 7268 type: string 7269 fsType: 7270 description: Filesystem type to mount. Ex. "ext4", "xfs", 7271 "ntfs". If not provided, the empty value is passed to 7272 the associated CSI driver which will determine the default 7273 filesystem to apply. 7274 type: string 7275 nodePublishSecretRef: 7276 description: NodePublishSecretRef is a reference to the 7277 secret object containing sensitive information to pass 7278 to the CSI driver to complete the CSI NodePublishVolume 7279 and NodeUnpublishVolume calls. This field is optional, 7280 and may be empty if no secret is required. If the secret 7281 object contains more than one secret, all secret references 7282 are passed. 7283 properties: 7284 name: 7285 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7286 TODO: Add other useful fields. apiVersion, kind, uid?' 7287 type: string 7288 type: object 7289 readOnly: 7290 description: Specifies a read-only configuration for the 7291 volume. Defaults to false (read/write). 7292 type: boolean 7293 volumeAttributes: 7294 additionalProperties: 7295 type: string 7296 description: VolumeAttributes stores driver-specific properties 7297 that are passed to the CSI driver. Consult your driver's 7298 documentation for supported values. 7299 type: object 7300 required: 7301 - driver 7302 type: object 7303 downwardAPI: 7304 description: DownwardAPI represents downward API about the pod 7305 that should populate this volume 7306 properties: 7307 defaultMode: 7308 description: 'Optional: mode bits to use on created files 7309 by default. Must be a Optional: mode bits used to set 7310 permissions on created files by default. Must be an octal 7311 value between 0000 and 0777 or a decimal value between 7312 0 and 511. YAML accepts both octal and decimal values, 7313 JSON requires decimal values for mode bits. Defaults to 7314 0644. Directories within the path are not affected by 7315 this setting. This might be in conflict with other options 7316 that affect the file mode, like fsGroup, and the result 7317 can be other mode bits set.' 7318 format: int32 7319 type: integer 7320 items: 7321 description: Items is a list of downward API volume file 7322 items: 7323 description: DownwardAPIVolumeFile represents information 7324 to create the file containing the pod field 7325 properties: 7326 fieldRef: 7327 description: 'Required: Selects a field of the pod: 7328 only annotations, labels, name and namespace are 7329 supported.' 7330 properties: 7331 apiVersion: 7332 description: Version of the schema the FieldPath 7333 is written in terms of, defaults to "v1". 7334 type: string 7335 fieldPath: 7336 description: Path of the field to select in the 7337 specified API version. 7338 type: string 7339 required: 7340 - fieldPath 7341 type: object 7342 mode: 7343 description: 'Optional: mode bits used to set permissions 7344 on this file, must be an octal value between 0000 7345 and 0777 or a decimal value between 0 and 511. YAML 7346 accepts both octal and decimal values, JSON requires 7347 decimal values for mode bits. If not specified, 7348 the volume defaultMode will be used. This might 7349 be in conflict with other options that affect the 7350 file mode, like fsGroup, and the result can be other 7351 mode bits set.' 7352 format: int32 7353 type: integer 7354 path: 7355 description: 'Required: Path is the relative path 7356 name of the file to be created. Must not be absolute 7357 or contain the ''..'' path. Must be utf-8 encoded. 7358 The first item of the relative path must not start 7359 with ''..''' 7360 type: string 7361 resourceFieldRef: 7362 description: 'Selects a resource of the container: 7363 only resources limits and requests (limits.cpu, 7364 limits.memory, requests.cpu and requests.memory) 7365 are currently supported.' 7366 properties: 7367 containerName: 7368 description: 'Container name: required for volumes, 7369 optional for env vars' 7370 type: string 7371 divisor: 7372 anyOf: 7373 - type: integer 7374 - type: string 7375 description: Specifies the output format of the 7376 exposed resources, defaults to "1" 7377 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7378 x-kubernetes-int-or-string: true 7379 resource: 7380 description: 'Required: resource to select' 7381 type: string 7382 required: 7383 - resource 7384 type: object 7385 required: 7386 - path 7387 type: object 7388 type: array 7389 type: object 7390 emptyDir: 7391 description: 'EmptyDir represents a temporary directory that 7392 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7393 properties: 7394 medium: 7395 description: 'What type of storage medium should back this 7396 directory. The default is "" which means to use the node''s 7397 default medium. Must be an empty string (default) or Memory. 7398 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 7399 type: string 7400 sizeLimit: 7401 anyOf: 7402 - type: integer 7403 - type: string 7404 description: 'Total amount of local storage required for 7405 this EmptyDir volume. The size limit is also applicable 7406 for memory medium. The maximum usage on memory medium 7407 EmptyDir would be the minimum value between the SizeLimit 7408 specified here and the sum of memory limits of all containers 7409 in a pod. The default is nil which means that the limit 7410 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 7411 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7412 x-kubernetes-int-or-string: true 7413 type: object 7414 ephemeral: 7415 description: "Ephemeral represents a volume that is handled 7416 by a cluster storage driver. The volume's lifecycle is tied 7417 to the pod that defines it - it will be created before the 7418 pod starts, and deleted when the pod is removed. \n Use this 7419 if: a) the volume is only needed while the pod runs, b) features 7420 of normal volumes like restoring from snapshot or capacity 7421 \ tracking are needed, c) the storage driver is specified 7422 through a storage class, and d) the storage driver supports 7423 dynamic volume provisioning through a PersistentVolumeClaim 7424 (see EphemeralVolumeSource for more information on the 7425 connection between this volume type and PersistentVolumeClaim). 7426 \n Use PersistentVolumeClaim or one of the vendor-specific 7427 APIs for volumes that persist for longer than the lifecycle 7428 of an individual pod. \n Use CSI for light-weight local ephemeral 7429 volumes if the CSI driver is meant to be used that way - see 7430 the documentation of the driver for more information. \n A 7431 pod can use both types of ephemeral volumes and persistent 7432 volumes at the same time. \n This is a beta feature and only 7433 available when the GenericEphemeralVolume feature gate is 7434 enabled." 7435 properties: 7436 volumeClaimTemplate: 7437 description: "Will be used to create a stand-alone PVC to 7438 provision the volume. The pod in which this EphemeralVolumeSource 7439 is embedded will be the owner of the PVC, i.e. the PVC 7440 will be deleted together with the pod. The name of the 7441 PVC will be `<pod name>-<volume name>` where `<volume 7442 name>` is the name from the `PodSpec.Volumes` array entry. 7443 Pod validation will reject the pod if the concatenated 7444 name is not valid for a PVC (for example, too long). \n 7445 An existing PVC with that name that is not owned by the 7446 pod will *not* be used for the pod to avoid using an unrelated 7447 volume by mistake. Starting the pod is then blocked until 7448 the unrelated PVC is removed. If such a pre-created PVC 7449 is meant to be used by the pod, the PVC has to updated 7450 with an owner reference to the pod once the pod exists. 7451 Normally this should not be necessary, but it may be useful 7452 when manually reconstructing a broken cluster. \n This 7453 field is read-only and no changes will be made by Kubernetes 7454 to the PVC after it has been created. \n Required, must 7455 not be nil." 7456 properties: 7457 metadata: 7458 description: May contain labels and annotations that 7459 will be copied into the PVC when creating it. No other 7460 fields are allowed and will be rejected during validation. 7461 type: object 7462 spec: 7463 description: The specification for the PersistentVolumeClaim. 7464 The entire content is copied unchanged into the PVC 7465 that gets created from this template. The same fields 7466 as in a PersistentVolumeClaim are also valid here. 7467 properties: 7468 accessModes: 7469 description: 'AccessModes contains the desired access 7470 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 7471 items: 7472 type: string 7473 type: array 7474 dataSource: 7475 description: 'This field can be used to specify 7476 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 7477 * An existing PVC (PersistentVolumeClaim) If the 7478 provisioner or an external controller can support 7479 the specified data source, it will create a new 7480 volume based on the contents of the specified 7481 data source. If the AnyVolumeDataSource feature 7482 gate is enabled, this field will always have the 7483 same contents as the DataSourceRef field.' 7484 properties: 7485 apiGroup: 7486 description: APIGroup is the group for the resource 7487 being referenced. If APIGroup is not specified, 7488 the specified Kind must be in the core API 7489 group. For any other third-party types, APIGroup 7490 is required. 7491 type: string 7492 kind: 7493 description: Kind is the type of resource being 7494 referenced 7495 type: string 7496 name: 7497 description: Name is the name of resource being 7498 referenced 7499 type: string 7500 required: 7501 - kind 7502 - name 7503 type: object 7504 dataSourceRef: 7505 description: 'Specifies the object from which to 7506 populate the volume with data, if a non-empty 7507 volume is desired. This may be any local object 7508 from a non-empty API group (non core object) or 7509 a PersistentVolumeClaim object. When this field 7510 is specified, volume binding will only succeed 7511 if the type of the specified object matches some 7512 installed volume populator or dynamic provisioner. 7513 This field will replace the functionality of the 7514 DataSource field and as such if both fields are 7515 non-empty, they must have the same value. For 7516 backwards compatibility, both fields (DataSource 7517 and DataSourceRef) will be set to the same value 7518 automatically if one of them is empty and the 7519 other is non-empty. There are two important differences 7520 between DataSource and DataSourceRef: * While 7521 DataSource only allows two specific types of objects, 7522 DataSourceRef allows any non-core object, as 7523 well as PersistentVolumeClaim objects. * While 7524 DataSource ignores disallowed values (dropping 7525 them), DataSourceRef preserves all values, and 7526 generates an error if a disallowed value is specified. 7527 (Alpha) Using this field requires the AnyVolumeDataSource 7528 feature gate to be enabled.' 7529 properties: 7530 apiGroup: 7531 description: APIGroup is the group for the resource 7532 being referenced. If APIGroup is not specified, 7533 the specified Kind must be in the core API 7534 group. For any other third-party types, APIGroup 7535 is required. 7536 type: string 7537 kind: 7538 description: Kind is the type of resource being 7539 referenced 7540 type: string 7541 name: 7542 description: Name is the name of resource being 7543 referenced 7544 type: string 7545 required: 7546 - kind 7547 - name 7548 type: object 7549 resources: 7550 description: 'Resources represents the minimum resources 7551 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 7552 properties: 7553 limits: 7554 additionalProperties: 7555 anyOf: 7556 - type: integer 7557 - type: string 7558 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7559 x-kubernetes-int-or-string: true 7560 description: 'Limits describes the maximum amount 7561 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7562 type: object 7563 requests: 7564 additionalProperties: 7565 anyOf: 7566 - type: integer 7567 - type: string 7568 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 7569 x-kubernetes-int-or-string: true 7570 description: 'Requests describes the minimum 7571 amount of compute resources required. If Requests 7572 is omitted for a container, it defaults to 7573 Limits if that is explicitly specified, otherwise 7574 to an implementation-defined value. More info: 7575 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 7576 type: object 7577 type: object 7578 selector: 7579 description: A label query over volumes to consider 7580 for binding. 7581 properties: 7582 matchExpressions: 7583 description: matchExpressions is a list of label 7584 selector requirements. The requirements are 7585 ANDed. 7586 items: 7587 description: A label selector requirement 7588 is a selector that contains values, a key, 7589 and an operator that relates the key and 7590 values. 7591 properties: 7592 key: 7593 description: key is the label key that 7594 the selector applies to. 7595 type: string 7596 operator: 7597 description: operator represents a key's 7598 relationship to a set of values. Valid 7599 operators are In, NotIn, Exists and 7600 DoesNotExist. 7601 type: string 7602 values: 7603 description: values is an array of string 7604 values. If the operator is In or NotIn, 7605 the values array must be non-empty. 7606 If the operator is Exists or DoesNotExist, 7607 the values array must be empty. This 7608 array is replaced during a strategic 7609 merge patch. 7610 items: 7611 type: string 7612 type: array 7613 required: 7614 - key 7615 - operator 7616 type: object 7617 type: array 7618 matchLabels: 7619 additionalProperties: 7620 type: string 7621 description: matchLabels is a map of {key,value} 7622 pairs. A single {key,value} in the matchLabels 7623 map is equivalent to an element of matchExpressions, 7624 whose key field is "key", the operator is 7625 "In", and the values array contains only "value". 7626 The requirements are ANDed. 7627 type: object 7628 type: object 7629 storageClassName: 7630 description: 'Name of the StorageClass required 7631 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 7632 type: string 7633 volumeMode: 7634 description: volumeMode defines what type of volume 7635 is required by the claim. Value of Filesystem 7636 is implied when not included in claim spec. 7637 type: string 7638 volumeName: 7639 description: VolumeName is the binding reference 7640 to the PersistentVolume backing this claim. 7641 type: string 7642 type: object 7643 required: 7644 - spec 7645 type: object 7646 type: object 7647 fc: 7648 description: FC represents a Fibre Channel resource that is 7649 attached to a kubelet's host machine and then exposed to the 7650 pod. 7651 properties: 7652 fsType: 7653 description: 'Filesystem type to mount. Must be a filesystem 7654 type supported by the host operating system. Ex. "ext4", 7655 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 7656 TODO: how do we prevent errors in the filesystem from 7657 compromising the machine' 7658 type: string 7659 lun: 7660 description: 'Optional: FC target lun number' 7661 format: int32 7662 type: integer 7663 readOnly: 7664 description: 'Optional: Defaults to false (read/write). 7665 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 7666 type: boolean 7667 targetWWNs: 7668 description: 'Optional: FC target worldwide names (WWNs)' 7669 items: 7670 type: string 7671 type: array 7672 wwids: 7673 description: 'Optional: FC volume world wide identifiers 7674 (wwids) Either wwids or combination of targetWWNs and 7675 lun must be set, but not both simultaneously.' 7676 items: 7677 type: string 7678 type: array 7679 type: object 7680 flexVolume: 7681 description: FlexVolume represents a generic volume resource 7682 that is provisioned/attached using an exec based plugin. 7683 properties: 7684 driver: 7685 description: Driver is the name of the driver to use for 7686 this volume. 7687 type: string 7688 fsType: 7689 description: Filesystem type to mount. Must be a filesystem 7690 type supported by the host operating system. Ex. "ext4", 7691 "xfs", "ntfs". The default filesystem depends on FlexVolume 7692 script. 7693 type: string 7694 options: 7695 additionalProperties: 7696 type: string 7697 description: 'Optional: Extra command options if any.' 7698 type: object 7699 readOnly: 7700 description: 'Optional: Defaults to false (read/write). 7701 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 7702 type: boolean 7703 secretRef: 7704 description: 'Optional: SecretRef is reference to the secret 7705 object containing sensitive information to pass to the 7706 plugin scripts. This may be empty if no secret object 7707 is specified. If the secret object contains more than 7708 one secret, all secrets are passed to the plugin scripts.' 7709 properties: 7710 name: 7711 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7712 TODO: Add other useful fields. apiVersion, kind, uid?' 7713 type: string 7714 type: object 7715 required: 7716 - driver 7717 type: object 7718 flocker: 7719 description: Flocker represents a Flocker volume attached to 7720 a kubelet's host machine. This depends on the Flocker control 7721 service being running 7722 properties: 7723 datasetName: 7724 description: Name of the dataset stored as metadata -> name 7725 on the dataset for Flocker should be considered as deprecated 7726 type: string 7727 datasetUUID: 7728 description: UUID of the dataset. This is unique identifier 7729 of a Flocker dataset 7730 type: string 7731 type: object 7732 gcePersistentDisk: 7733 description: 'GCEPersistentDisk represents a GCE Disk resource 7734 that is attached to a kubelet''s host machine and then exposed 7735 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7736 properties: 7737 fsType: 7738 description: 'Filesystem type of the volume that you want 7739 to mount. Tip: Ensure that the filesystem type is supported 7740 by the host operating system. Examples: "ext4", "xfs", 7741 "ntfs". Implicitly inferred to be "ext4" if unspecified. 7742 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 7743 TODO: how do we prevent errors in the filesystem from 7744 compromising the machine' 7745 type: string 7746 partition: 7747 description: 'The partition in the volume that you want 7748 to mount. If omitted, the default is to mount by volume 7749 name. Examples: For volume /dev/sda1, you specify the 7750 partition as "1". Similarly, the volume partition for 7751 /dev/sda is "0" (or you can leave the property empty). 7752 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7753 format: int32 7754 type: integer 7755 pdName: 7756 description: 'Unique name of the PD resource in GCE. Used 7757 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7758 type: string 7759 readOnly: 7760 description: 'ReadOnly here will force the ReadOnly setting 7761 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 7762 type: boolean 7763 required: 7764 - pdName 7765 type: object 7766 gitRepo: 7767 description: 'GitRepo represents a git repository at a particular 7768 revision. DEPRECATED: GitRepo is deprecated. To provision 7769 a container with a git repo, mount an EmptyDir into an InitContainer 7770 that clones the repo using git, then mount the EmptyDir into 7771 the Pod''s container.' 7772 properties: 7773 directory: 7774 description: Target directory name. Must not contain or 7775 start with '..'. If '.' is supplied, the volume directory 7776 will be the git repository. Otherwise, if specified, 7777 the volume will contain the git repository in the subdirectory 7778 with the given name. 7779 type: string 7780 repository: 7781 description: Repository URL 7782 type: string 7783 revision: 7784 description: Commit hash for the specified revision. 7785 type: string 7786 required: 7787 - repository 7788 type: object 7789 glusterfs: 7790 description: 'Glusterfs represents a Glusterfs mount on the 7791 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 7792 properties: 7793 endpoints: 7794 description: 'EndpointsName is the endpoint name that details 7795 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7796 type: string 7797 path: 7798 description: 'Path is the Glusterfs volume path. More info: 7799 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7800 type: string 7801 readOnly: 7802 description: 'ReadOnly here will force the Glusterfs volume 7803 to be mounted with read-only permissions. Defaults to 7804 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 7805 type: boolean 7806 required: 7807 - endpoints 7808 - path 7809 type: object 7810 hostPath: 7811 description: 'HostPath represents a pre-existing file or directory 7812 on the host machine that is directly exposed to the container. 7813 This is generally used for system agents or other privileged 7814 things that are allowed to see the host machine. Most containers 7815 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 7816 --- TODO(jonesdl) We need to restrict who can use host directory 7817 mounts and who can/can not mount host directories as read/write.' 7818 properties: 7819 path: 7820 description: 'Path of the directory on the host. If the 7821 path is a symlink, it will follow the link to the real 7822 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7823 type: string 7824 type: 7825 description: 'Type for HostPath Volume Defaults to "" More 7826 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 7827 type: string 7828 required: 7829 - path 7830 type: object 7831 iscsi: 7832 description: 'ISCSI represents an ISCSI Disk resource that is 7833 attached to a kubelet''s host machine and then exposed to 7834 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 7835 properties: 7836 chapAuthDiscovery: 7837 description: whether support iSCSI Discovery CHAP authentication 7838 type: boolean 7839 chapAuthSession: 7840 description: whether support iSCSI Session CHAP authentication 7841 type: boolean 7842 fsType: 7843 description: 'Filesystem type of the volume that you want 7844 to mount. Tip: Ensure that the filesystem type is supported 7845 by the host operating system. Examples: "ext4", "xfs", 7846 "ntfs". Implicitly inferred to be "ext4" if unspecified. 7847 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 7848 TODO: how do we prevent errors in the filesystem from 7849 compromising the machine' 7850 type: string 7851 initiatorName: 7852 description: Custom iSCSI Initiator Name. If initiatorName 7853 is specified with iscsiInterface simultaneously, new iSCSI 7854 interface <target portal>:<volume name> will be created 7855 for the connection. 7856 type: string 7857 iqn: 7858 description: Target iSCSI Qualified Name. 7859 type: string 7860 iscsiInterface: 7861 description: iSCSI Interface Name that uses an iSCSI transport. 7862 Defaults to 'default' (tcp). 7863 type: string 7864 lun: 7865 description: iSCSI Target Lun number. 7866 format: int32 7867 type: integer 7868 portals: 7869 description: iSCSI Target Portal List. The portal is either 7870 an IP or ip_addr:port if the port is other than default 7871 (typically TCP ports 860 and 3260). 7872 items: 7873 type: string 7874 type: array 7875 readOnly: 7876 description: ReadOnly here will force the ReadOnly setting 7877 in VolumeMounts. Defaults to false. 7878 type: boolean 7879 secretRef: 7880 description: CHAP Secret for iSCSI target and initiator 7881 authentication 7882 properties: 7883 name: 7884 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7885 TODO: Add other useful fields. apiVersion, kind, uid?' 7886 type: string 7887 type: object 7888 targetPortal: 7889 description: iSCSI Target Portal. The Portal is either an 7890 IP or ip_addr:port if the port is other than default (typically 7891 TCP ports 860 and 3260). 7892 type: string 7893 required: 7894 - iqn 7895 - lun 7896 - targetPortal 7897 type: object 7898 name: 7899 description: 'Volume''s name. Must be a DNS_LABEL and unique 7900 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 7901 type: string 7902 nfs: 7903 description: 'NFS represents an NFS mount on the host that shares 7904 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7905 properties: 7906 path: 7907 description: 'Path that is exported by the NFS server. More 7908 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7909 type: string 7910 readOnly: 7911 description: 'ReadOnly here will force the NFS export to 7912 be mounted with read-only permissions. Defaults to false. 7913 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7914 type: boolean 7915 server: 7916 description: 'Server is the hostname or IP address of the 7917 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 7918 type: string 7919 required: 7920 - path 7921 - server 7922 type: object 7923 persistentVolumeClaim: 7924 description: 'PersistentVolumeClaimVolumeSource represents a 7925 reference to a PersistentVolumeClaim in the same namespace. 7926 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7927 properties: 7928 claimName: 7929 description: 'ClaimName is the name of a PersistentVolumeClaim 7930 in the same namespace as the pod using this volume. More 7931 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 7932 type: string 7933 readOnly: 7934 description: Will force the ReadOnly setting in VolumeMounts. 7935 Default false. 7936 type: boolean 7937 required: 7938 - claimName 7939 type: object 7940 photonPersistentDisk: 7941 description: PhotonPersistentDisk represents a PhotonController 7942 persistent disk attached and mounted on kubelets host machine 7943 properties: 7944 fsType: 7945 description: Filesystem type to mount. Must be a filesystem 7946 type supported by the host operating system. Ex. "ext4", 7947 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 7948 type: string 7949 pdID: 7950 description: ID that identifies Photon Controller persistent 7951 disk 7952 type: string 7953 required: 7954 - pdID 7955 type: object 7956 portworxVolume: 7957 description: PortworxVolume represents a portworx volume attached 7958 and mounted on kubelets host machine 7959 properties: 7960 fsType: 7961 description: FSType represents the filesystem type to mount 7962 Must be a filesystem type supported by the host operating 7963 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 7964 if unspecified. 7965 type: string 7966 readOnly: 7967 description: Defaults to false (read/write). ReadOnly here 7968 will force the ReadOnly setting in VolumeMounts. 7969 type: boolean 7970 volumeID: 7971 description: VolumeID uniquely identifies a Portworx volume 7972 type: string 7973 required: 7974 - volumeID 7975 type: object 7976 projected: 7977 description: Items for all in one resources secrets, configmaps, 7978 and downward API 7979 properties: 7980 defaultMode: 7981 description: Mode bits used to set permissions on created 7982 files by default. Must be an octal value between 0000 7983 and 0777 or a decimal value between 0 and 511. YAML accepts 7984 both octal and decimal values, JSON requires decimal values 7985 for mode bits. Directories within the path are not affected 7986 by this setting. This might be in conflict with other 7987 options that affect the file mode, like fsGroup, and the 7988 result can be other mode bits set. 7989 format: int32 7990 type: integer 7991 sources: 7992 description: list of volume projections 7993 items: 7994 description: Projection that may be projected along with 7995 other supported volume types 7996 properties: 7997 configMap: 7998 description: information about the configMap data 7999 to project 8000 properties: 8001 items: 8002 description: If unspecified, each key-value pair 8003 in the Data field of the referenced ConfigMap 8004 will be projected into the volume as a file 8005 whose name is the key and content is the value. 8006 If specified, the listed keys will be projected 8007 into the specified paths, and unlisted keys 8008 will not be present. If a key is specified which 8009 is not present in the ConfigMap, the volume 8010 setup will error unless it is marked optional. 8011 Paths must be relative and may not contain the 8012 '..' path or start with '..'. 8013 items: 8014 description: Maps a string key to a path within 8015 a volume. 8016 properties: 8017 key: 8018 description: The key to project. 8019 type: string 8020 mode: 8021 description: 'Optional: mode bits used to 8022 set permissions on this file. Must be 8023 an octal value between 0000 and 0777 or 8024 a decimal value between 0 and 511. YAML 8025 accepts both octal and decimal values, 8026 JSON requires decimal values for mode 8027 bits. If not specified, the volume defaultMode 8028 will be used. This might be in conflict 8029 with other options that affect the file 8030 mode, like fsGroup, and the result can 8031 be other mode bits set.' 8032 format: int32 8033 type: integer 8034 path: 8035 description: The relative path of the file 8036 to map the key to. May not be an absolute 8037 path. May not contain the path element 8038 '..'. May not start with the string '..'. 8039 type: string 8040 required: 8041 - key 8042 - path 8043 type: object 8044 type: array 8045 name: 8046 description: 'Name of the referent. More info: 8047 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8048 TODO: Add other useful fields. apiVersion, kind, 8049 uid?' 8050 type: string 8051 optional: 8052 description: Specify whether the ConfigMap or 8053 its keys must be defined 8054 type: boolean 8055 type: object 8056 downwardAPI: 8057 description: information about the downwardAPI data 8058 to project 8059 properties: 8060 items: 8061 description: Items is a list of DownwardAPIVolume 8062 file 8063 items: 8064 description: DownwardAPIVolumeFile represents 8065 information to create the file containing 8066 the pod field 8067 properties: 8068 fieldRef: 8069 description: 'Required: Selects a field 8070 of the pod: only annotations, labels, 8071 name and namespace are supported.' 8072 properties: 8073 apiVersion: 8074 description: Version of the schema the 8075 FieldPath is written in terms of, 8076 defaults to "v1". 8077 type: string 8078 fieldPath: 8079 description: Path of the field to select 8080 in the specified API version. 8081 type: string 8082 required: 8083 - fieldPath 8084 type: object 8085 mode: 8086 description: 'Optional: mode bits used to 8087 set permissions on this file, must be 8088 an octal value between 0000 and 0777 or 8089 a decimal value between 0 and 511. YAML 8090 accepts both octal and decimal values, 8091 JSON requires decimal values for mode 8092 bits. If not specified, the volume defaultMode 8093 will be used. This might be in conflict 8094 with other options that affect the file 8095 mode, like fsGroup, and the result can 8096 be other mode bits set.' 8097 format: int32 8098 type: integer 8099 path: 8100 description: 'Required: Path is the relative 8101 path name of the file to be created. Must 8102 not be absolute or contain the ''..'' 8103 path. Must be utf-8 encoded. The first 8104 item of the relative path must not start 8105 with ''..''' 8106 type: string 8107 resourceFieldRef: 8108 description: 'Selects a resource of the 8109 container: only resources limits and requests 8110 (limits.cpu, limits.memory, requests.cpu 8111 and requests.memory) are currently supported.' 8112 properties: 8113 containerName: 8114 description: 'Container name: required 8115 for volumes, optional for env vars' 8116 type: string 8117 divisor: 8118 anyOf: 8119 - type: integer 8120 - type: string 8121 description: Specifies the output format 8122 of the exposed resources, defaults 8123 to "1" 8124 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 8125 x-kubernetes-int-or-string: true 8126 resource: 8127 description: 'Required: resource to 8128 select' 8129 type: string 8130 required: 8131 - resource 8132 type: object 8133 required: 8134 - path 8135 type: object 8136 type: array 8137 type: object 8138 secret: 8139 description: information about the secret data to 8140 project 8141 properties: 8142 items: 8143 description: If unspecified, each key-value pair 8144 in the Data field of the referenced Secret will 8145 be projected into the volume as a file whose 8146 name is the key and content is the value. If 8147 specified, the listed keys will be projected 8148 into the specified paths, and unlisted keys 8149 will not be present. If a key is specified which 8150 is not present in the Secret, the volume setup 8151 will error unless it is marked optional. Paths 8152 must be relative and may not contain the '..' 8153 path or start with '..'. 8154 items: 8155 description: Maps a string key to a path within 8156 a volume. 8157 properties: 8158 key: 8159 description: The key to project. 8160 type: string 8161 mode: 8162 description: 'Optional: mode bits used to 8163 set permissions on this file. Must be 8164 an octal value between 0000 and 0777 or 8165 a decimal value between 0 and 511. YAML 8166 accepts both octal and decimal values, 8167 JSON requires decimal values for mode 8168 bits. If not specified, the volume defaultMode 8169 will be used. This might be in conflict 8170 with other options that affect the file 8171 mode, like fsGroup, and the result can 8172 be other mode bits set.' 8173 format: int32 8174 type: integer 8175 path: 8176 description: The relative path of the file 8177 to map the key to. May not be an absolute 8178 path. May not contain the path element 8179 '..'. May not start with the string '..'. 8180 type: string 8181 required: 8182 - key 8183 - path 8184 type: object 8185 type: array 8186 name: 8187 description: 'Name of the referent. More info: 8188 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8189 TODO: Add other useful fields. apiVersion, kind, 8190 uid?' 8191 type: string 8192 optional: 8193 description: Specify whether the Secret or its 8194 key must be defined 8195 type: boolean 8196 type: object 8197 serviceAccountToken: 8198 description: information about the serviceAccountToken 8199 data to project 8200 properties: 8201 audience: 8202 description: Audience is the intended audience 8203 of the token. A recipient of a token must identify 8204 itself with an identifier specified in the audience 8205 of the token, and otherwise should reject the 8206 token. The audience defaults to the identifier 8207 of the apiserver. 8208 type: string 8209 expirationSeconds: 8210 description: ExpirationSeconds is the requested 8211 duration of validity of the service account 8212 token. As the token approaches expiration, the 8213 kubelet volume plugin will proactively rotate 8214 the service account token. The kubelet will 8215 start trying to rotate the token if the token 8216 is older than 80 percent of its time to live 8217 or if the token is older than 24 hours.Defaults 8218 to 1 hour and must be at least 10 minutes. 8219 format: int64 8220 type: integer 8221 path: 8222 description: Path is the path relative to the 8223 mount point of the file to project the token 8224 into. 8225 type: string 8226 required: 8227 - path 8228 type: object 8229 type: object 8230 type: array 8231 type: object 8232 quobyte: 8233 description: Quobyte represents a Quobyte mount on the host 8234 that shares a pod's lifetime 8235 properties: 8236 group: 8237 description: Group to map volume access to Default is no 8238 group 8239 type: string 8240 readOnly: 8241 description: ReadOnly here will force the Quobyte volume 8242 to be mounted with read-only permissions. Defaults to 8243 false. 8244 type: boolean 8245 registry: 8246 description: Registry represents a single or multiple Quobyte 8247 Registry services specified as a string as host:port pair 8248 (multiple entries are separated with commas) which acts 8249 as the central registry for volumes 8250 type: string 8251 tenant: 8252 description: Tenant owning the given Quobyte volume in the 8253 Backend Used with dynamically provisioned Quobyte volumes, 8254 value is set by the plugin 8255 type: string 8256 user: 8257 description: User to map volume access to Defaults to serivceaccount 8258 user 8259 type: string 8260 volume: 8261 description: Volume is a string that references an already 8262 created Quobyte volume by name. 8263 type: string 8264 required: 8265 - registry 8266 - volume 8267 type: object 8268 rbd: 8269 description: 'RBD represents a Rados Block Device mount on the 8270 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 8271 properties: 8272 fsType: 8273 description: 'Filesystem type of the volume that you want 8274 to mount. Tip: Ensure that the filesystem type is supported 8275 by the host operating system. Examples: "ext4", "xfs", 8276 "ntfs". Implicitly inferred to be "ext4" if unspecified. 8277 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 8278 TODO: how do we prevent errors in the filesystem from 8279 compromising the machine' 8280 type: string 8281 image: 8282 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8283 type: string 8284 keyring: 8285 description: 'Keyring is the path to key ring for RBDUser. 8286 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8287 type: string 8288 monitors: 8289 description: 'A collection of Ceph monitors. More info: 8290 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8291 items: 8292 type: string 8293 type: array 8294 pool: 8295 description: 'The rados pool name. Default is rbd. More 8296 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8297 type: string 8298 readOnly: 8299 description: 'ReadOnly here will force the ReadOnly setting 8300 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8301 type: boolean 8302 secretRef: 8303 description: 'SecretRef is name of the authentication secret 8304 for RBDUser. If provided overrides keyring. Default is 8305 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8306 properties: 8307 name: 8308 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8309 TODO: Add other useful fields. apiVersion, kind, uid?' 8310 type: string 8311 type: object 8312 user: 8313 description: 'The rados user name. Default is admin. More 8314 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 8315 type: string 8316 required: 8317 - image 8318 - monitors 8319 type: object 8320 scaleIO: 8321 description: ScaleIO represents a ScaleIO persistent volume 8322 attached and mounted on Kubernetes nodes. 8323 properties: 8324 fsType: 8325 description: Filesystem type to mount. Must be a filesystem 8326 type supported by the host operating system. Ex. "ext4", 8327 "xfs", "ntfs". Default is "xfs". 8328 type: string 8329 gateway: 8330 description: The host address of the ScaleIO API Gateway. 8331 type: string 8332 protectionDomain: 8333 description: The name of the ScaleIO Protection Domain for 8334 the configured storage. 8335 type: string 8336 readOnly: 8337 description: Defaults to false (read/write). ReadOnly here 8338 will force the ReadOnly setting in VolumeMounts. 8339 type: boolean 8340 secretRef: 8341 description: SecretRef references to the secret for ScaleIO 8342 user and other sensitive information. If this is not provided, 8343 Login operation will fail. 8344 properties: 8345 name: 8346 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8347 TODO: Add other useful fields. apiVersion, kind, uid?' 8348 type: string 8349 type: object 8350 sslEnabled: 8351 description: Flag to enable/disable SSL communication with 8352 Gateway, default false 8353 type: boolean 8354 storageMode: 8355 description: Indicates whether the storage for a volume 8356 should be ThickProvisioned or ThinProvisioned. Default 8357 is ThinProvisioned. 8358 type: string 8359 storagePool: 8360 description: The ScaleIO Storage Pool associated with the 8361 protection domain. 8362 type: string 8363 system: 8364 description: The name of the storage system as configured 8365 in ScaleIO. 8366 type: string 8367 volumeName: 8368 description: The name of a volume already created in the 8369 ScaleIO system that is associated with this volume source. 8370 type: string 8371 required: 8372 - gateway 8373 - secretRef 8374 - system 8375 type: object 8376 secret: 8377 description: 'Secret represents a secret that should populate 8378 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8379 properties: 8380 defaultMode: 8381 description: 'Optional: mode bits used to set permissions 8382 on created files by default. Must be an octal value between 8383 0000 and 0777 or a decimal value between 0 and 511. YAML 8384 accepts both octal and decimal values, JSON requires decimal 8385 values for mode bits. Defaults to 0644. Directories within 8386 the path are not affected by this setting. This might 8387 be in conflict with other options that affect the file 8388 mode, like fsGroup, and the result can be other mode bits 8389 set.' 8390 format: int32 8391 type: integer 8392 items: 8393 description: If unspecified, each key-value pair in the 8394 Data field of the referenced Secret will be projected 8395 into the volume as a file whose name is the key and content 8396 is the value. If specified, the listed keys will be projected 8397 into the specified paths, and unlisted keys will not be 8398 present. If a key is specified which is not present in 8399 the Secret, the volume setup will error unless it is marked 8400 optional. Paths must be relative and may not contain the 8401 '..' path or start with '..'. 8402 items: 8403 description: Maps a string key to a path within a volume. 8404 properties: 8405 key: 8406 description: The key to project. 8407 type: string 8408 mode: 8409 description: 'Optional: mode bits used to set permissions 8410 on this file. Must be an octal value between 0000 8411 and 0777 or a decimal value between 0 and 511. YAML 8412 accepts both octal and decimal values, JSON requires 8413 decimal values for mode bits. If not specified, 8414 the volume defaultMode will be used. This might 8415 be in conflict with other options that affect the 8416 file mode, like fsGroup, and the result can be other 8417 mode bits set.' 8418 format: int32 8419 type: integer 8420 path: 8421 description: The relative path of the file to map 8422 the key to. May not be an absolute path. May not 8423 contain the path element '..'. May not start with 8424 the string '..'. 8425 type: string 8426 required: 8427 - key 8428 - path 8429 type: object 8430 type: array 8431 optional: 8432 description: Specify whether the Secret or its keys must 8433 be defined 8434 type: boolean 8435 secretName: 8436 description: 'Name of the secret in the pod''s namespace 8437 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 8438 type: string 8439 type: object 8440 storageos: 8441 description: StorageOS represents a StorageOS volume attached 8442 and mounted on Kubernetes nodes. 8443 properties: 8444 fsType: 8445 description: Filesystem type to mount. Must be a filesystem 8446 type supported by the host operating system. Ex. "ext4", 8447 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8448 type: string 8449 readOnly: 8450 description: Defaults to false (read/write). ReadOnly here 8451 will force the ReadOnly setting in VolumeMounts. 8452 type: boolean 8453 secretRef: 8454 description: SecretRef specifies the secret to use for obtaining 8455 the StorageOS API credentials. If not specified, default 8456 values will be attempted. 8457 properties: 8458 name: 8459 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8460 TODO: Add other useful fields. apiVersion, kind, uid?' 8461 type: string 8462 type: object 8463 volumeName: 8464 description: VolumeName is the human-readable name of the 8465 StorageOS volume. Volume names are only unique within 8466 a namespace. 8467 type: string 8468 volumeNamespace: 8469 description: VolumeNamespace specifies the scope of the 8470 volume within StorageOS. If no namespace is specified 8471 then the Pod's namespace will be used. This allows the 8472 Kubernetes name scoping to be mirrored within StorageOS 8473 for tighter integration. Set VolumeName to any name to 8474 override the default behaviour. Set to "default" if you 8475 are not using namespaces within StorageOS. Namespaces 8476 that do not pre-exist within StorageOS will be created. 8477 type: string 8478 type: object 8479 vsphereVolume: 8480 description: VsphereVolume represents a vSphere volume attached 8481 and mounted on kubelets host machine 8482 properties: 8483 fsType: 8484 description: Filesystem type to mount. Must be a filesystem 8485 type supported by the host operating system. Ex. "ext4", 8486 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 8487 type: string 8488 storagePolicyID: 8489 description: Storage Policy Based Management (SPBM) profile 8490 ID associated with the StoragePolicyName. 8491 type: string 8492 storagePolicyName: 8493 description: Storage Policy Based Management (SPBM) profile 8494 name. 8495 type: string 8496 volumePath: 8497 description: Path that identifies vSphere volume vmdk 8498 type: string 8499 required: 8500 - volumePath 8501 type: object 8502 required: 8503 - name 8504 type: object 8505 type: array 8506 type: object 8507 status: 8508 description: 'Most recent observed status of the Alertmanager cluster. 8509 Read-only. Not included when requesting from the apiserver, only from 8510 the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 8511 properties: 8512 availableReplicas: 8513 description: Total number of available pods (ready for at least minReadySeconds) 8514 targeted by this Alertmanager cluster. 8515 format: int32 8516 type: integer 8517 paused: 8518 description: Represents whether any actions on the underlying managed 8519 objects are being performed. Only delete actions will be performed. 8520 type: boolean 8521 replicas: 8522 description: Total number of non-terminated pods targeted by this 8523 Alertmanager cluster (their labels match the selector). 8524 format: int32 8525 type: integer 8526 unavailableReplicas: 8527 description: Total number of unavailable pods targeted by this Alertmanager 8528 cluster. 8529 format: int32 8530 type: integer 8531 updatedReplicas: 8532 description: Total number of non-terminated pods targeted by this 8533 Alertmanager cluster that have the desired version spec. 8534 format: int32 8535 type: integer 8536 required: 8537 - availableReplicas 8538 - paused 8539 - replicas 8540 - unavailableReplicas 8541 - updatedReplicas 8542 type: object 8543 required: 8544 - spec 8545 type: object 8546 served: true 8547 storage: true 8548 subresources: {} 8549 status: 8550 acceptedNames: 8551 kind: "" 8552 plural: "" 8553 conditions: [] 8554 storedVersions: [] 8555 --- 8556 8557 --- 8558 apiVersion: apiextensions.k8s.io/v1 8559 kind: CustomResourceDefinition 8560 metadata: 8561 annotations: 8562 controller-gen.kubebuilder.io/version: v0.6.2 8563 creationTimestamp: null 8564 name: podmonitors.monitoring.coreos.com 8565 spec: 8566 group: monitoring.coreos.com 8567 names: 8568 categories: 8569 - prometheus-operator 8570 kind: PodMonitor 8571 listKind: PodMonitorList 8572 plural: podmonitors 8573 singular: podmonitor 8574 scope: Namespaced 8575 versions: 8576 - name: v1 8577 schema: 8578 openAPIV3Schema: 8579 description: PodMonitor defines monitoring for a set of pods. 8580 properties: 8581 apiVersion: 8582 description: 'APIVersion defines the versioned schema of this representation 8583 of an object. Servers should convert recognized schemas to the latest 8584 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 8585 type: string 8586 kind: 8587 description: 'Kind is a string value representing the REST resource this 8588 object represents. Servers may infer this from the endpoint the client 8589 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 8590 type: string 8591 metadata: 8592 type: object 8593 spec: 8594 description: Specification of desired Pod selection for target discovery 8595 by Prometheus. 8596 properties: 8597 jobLabel: 8598 description: The label to use to retrieve the job name from. 8599 type: string 8600 labelLimit: 8601 description: Per-scrape limit on number of labels that will be accepted 8602 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 8603 format: int64 8604 type: integer 8605 labelNameLengthLimit: 8606 description: Per-scrape limit on length of labels name that will be 8607 accepted for a sample. Only valid in Prometheus versions 2.27.0 8608 and newer. 8609 format: int64 8610 type: integer 8611 labelValueLengthLimit: 8612 description: Per-scrape limit on length of labels value that will 8613 be accepted for a sample. Only valid in Prometheus versions 2.27.0 8614 and newer. 8615 format: int64 8616 type: integer 8617 namespaceSelector: 8618 description: Selector to select which namespaces the Endpoints objects 8619 are discovered from. 8620 properties: 8621 any: 8622 description: Boolean describing whether all namespaces are selected 8623 in contrast to a list restricting them. 8624 type: boolean 8625 matchNames: 8626 description: List of namespace names. 8627 items: 8628 type: string 8629 type: array 8630 type: object 8631 podMetricsEndpoints: 8632 description: A list of endpoints allowed as part of this PodMonitor. 8633 items: 8634 description: PodMetricsEndpoint defines a scrapeable endpoint of 8635 a Kubernetes Pod serving Prometheus metrics. 8636 properties: 8637 authorization: 8638 description: Authorization section for this endpoint 8639 properties: 8640 credentials: 8641 description: The secret's key that contains the credentials 8642 of the request 8643 properties: 8644 key: 8645 description: The key of the secret to select from. Must 8646 be a valid secret key. 8647 type: string 8648 name: 8649 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8650 TODO: Add other useful fields. apiVersion, kind, uid?' 8651 type: string 8652 optional: 8653 description: Specify whether the Secret or its key must 8654 be defined 8655 type: boolean 8656 required: 8657 - key 8658 type: object 8659 type: 8660 description: Set the authentication type. Defaults to Bearer, 8661 Basic will cause an error 8662 type: string 8663 type: object 8664 basicAuth: 8665 description: 'BasicAuth allow an endpoint to authenticate over 8666 basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' 8667 properties: 8668 password: 8669 description: The secret in the service monitor namespace 8670 that contains the password for authentication. 8671 properties: 8672 key: 8673 description: The key of the secret to select from. Must 8674 be a valid secret key. 8675 type: string 8676 name: 8677 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8678 TODO: Add other useful fields. apiVersion, kind, uid?' 8679 type: string 8680 optional: 8681 description: Specify whether the Secret or its key must 8682 be defined 8683 type: boolean 8684 required: 8685 - key 8686 type: object 8687 username: 8688 description: The secret in the service monitor namespace 8689 that contains the username for authentication. 8690 properties: 8691 key: 8692 description: The key of the secret to select from. Must 8693 be a valid secret key. 8694 type: string 8695 name: 8696 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8697 TODO: Add other useful fields. apiVersion, kind, uid?' 8698 type: string 8699 optional: 8700 description: Specify whether the Secret or its key must 8701 be defined 8702 type: boolean 8703 required: 8704 - key 8705 type: object 8706 type: object 8707 bearerTokenSecret: 8708 description: Secret to mount to read bearer token for scraping 8709 targets. The secret needs to be in the same namespace as the 8710 pod monitor and accessible by the Prometheus Operator. 8711 properties: 8712 key: 8713 description: The key of the secret to select from. Must 8714 be a valid secret key. 8715 type: string 8716 name: 8717 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8718 TODO: Add other useful fields. apiVersion, kind, uid?' 8719 type: string 8720 optional: 8721 description: Specify whether the Secret or its key must 8722 be defined 8723 type: boolean 8724 required: 8725 - key 8726 type: object 8727 honorLabels: 8728 description: HonorLabels chooses the metric's labels on collisions 8729 with target labels. 8730 type: boolean 8731 honorTimestamps: 8732 description: HonorTimestamps controls whether Prometheus respects 8733 the timestamps present in scraped data. 8734 type: boolean 8735 interval: 8736 description: Interval at which metrics should be scraped 8737 type: string 8738 metricRelabelings: 8739 description: MetricRelabelConfigs to apply to samples before 8740 ingestion. 8741 items: 8742 description: 'RelabelConfig allows dynamic rewriting of the 8743 label set, being applied to samples before ingestion. It 8744 defines `<metric_relabel_configs>`-section of Prometheus 8745 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 8746 properties: 8747 action: 8748 description: Action to perform based on regex matching. 8749 Default is 'replace' 8750 type: string 8751 modulus: 8752 description: Modulus to take of the hash of the source 8753 label values. 8754 format: int64 8755 type: integer 8756 regex: 8757 description: Regular expression against which the extracted 8758 value is matched. Default is '(.*)' 8759 type: string 8760 replacement: 8761 description: Replacement value against which a regex replace 8762 is performed if the regular expression matches. Regex 8763 capture groups are available. Default is '$1' 8764 type: string 8765 separator: 8766 description: Separator placed between concatenated source 8767 label values. default is ';'. 8768 type: string 8769 sourceLabels: 8770 description: The source labels select values from existing 8771 labels. Their content is concatenated using the configured 8772 separator and matched against the configured regular 8773 expression for the replace, keep, and drop actions. 8774 items: 8775 type: string 8776 type: array 8777 targetLabel: 8778 description: Label to which the resulting value is written 8779 in a replace action. It is mandatory for replace actions. 8780 Regex capture groups are available. 8781 type: string 8782 type: object 8783 type: array 8784 oauth2: 8785 description: OAuth2 for the URL. Only valid in Prometheus versions 8786 2.27.0 and newer. 8787 properties: 8788 clientId: 8789 description: The secret or configmap containing the OAuth2 8790 client id 8791 properties: 8792 configMap: 8793 description: ConfigMap containing data to use for the 8794 targets. 8795 properties: 8796 key: 8797 description: The key to select. 8798 type: string 8799 name: 8800 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8801 TODO: Add other useful fields. apiVersion, kind, 8802 uid?' 8803 type: string 8804 optional: 8805 description: Specify whether the ConfigMap or its 8806 key must be defined 8807 type: boolean 8808 required: 8809 - key 8810 type: object 8811 secret: 8812 description: Secret containing data to use for the targets. 8813 properties: 8814 key: 8815 description: The key of the secret to select from. Must 8816 be a valid secret key. 8817 type: string 8818 name: 8819 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8820 TODO: Add other useful fields. apiVersion, kind, 8821 uid?' 8822 type: string 8823 optional: 8824 description: Specify whether the Secret or its key 8825 must be defined 8826 type: boolean 8827 required: 8828 - key 8829 type: object 8830 type: object 8831 clientSecret: 8832 description: The secret containing the OAuth2 client secret 8833 properties: 8834 key: 8835 description: The key of the secret to select from. Must 8836 be a valid secret key. 8837 type: string 8838 name: 8839 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8840 TODO: Add other useful fields. apiVersion, kind, uid?' 8841 type: string 8842 optional: 8843 description: Specify whether the Secret or its key must 8844 be defined 8845 type: boolean 8846 required: 8847 - key 8848 type: object 8849 endpointParams: 8850 additionalProperties: 8851 type: string 8852 description: Parameters to append to the token URL 8853 type: object 8854 scopes: 8855 description: OAuth2 scopes used for the token request 8856 items: 8857 type: string 8858 type: array 8859 tokenUrl: 8860 description: The URL to fetch the token from 8861 minLength: 1 8862 type: string 8863 required: 8864 - clientId 8865 - clientSecret 8866 - tokenUrl 8867 type: object 8868 params: 8869 additionalProperties: 8870 items: 8871 type: string 8872 type: array 8873 description: Optional HTTP URL parameters 8874 type: object 8875 path: 8876 description: HTTP path to scrape for metrics. 8877 type: string 8878 port: 8879 description: Name of the pod port this endpoint refers to. Mutually 8880 exclusive with targetPort. 8881 type: string 8882 proxyUrl: 8883 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 8884 to proxy through this endpoint. 8885 type: string 8886 relabelings: 8887 description: 'RelabelConfigs to apply to samples before scraping. 8888 Prometheus Operator automatically adds relabelings for a few 8889 standard Kubernetes fields and replaces original scrape job 8890 name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 8891 items: 8892 description: 'RelabelConfig allows dynamic rewriting of the 8893 label set, being applied to samples before ingestion. It 8894 defines `<metric_relabel_configs>`-section of Prometheus 8895 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 8896 properties: 8897 action: 8898 description: Action to perform based on regex matching. 8899 Default is 'replace' 8900 type: string 8901 modulus: 8902 description: Modulus to take of the hash of the source 8903 label values. 8904 format: int64 8905 type: integer 8906 regex: 8907 description: Regular expression against which the extracted 8908 value is matched. Default is '(.*)' 8909 type: string 8910 replacement: 8911 description: Replacement value against which a regex replace 8912 is performed if the regular expression matches. Regex 8913 capture groups are available. Default is '$1' 8914 type: string 8915 separator: 8916 description: Separator placed between concatenated source 8917 label values. default is ';'. 8918 type: string 8919 sourceLabels: 8920 description: The source labels select values from existing 8921 labels. Their content is concatenated using the configured 8922 separator and matched against the configured regular 8923 expression for the replace, keep, and drop actions. 8924 items: 8925 type: string 8926 type: array 8927 targetLabel: 8928 description: Label to which the resulting value is written 8929 in a replace action. It is mandatory for replace actions. 8930 Regex capture groups are available. 8931 type: string 8932 type: object 8933 type: array 8934 scheme: 8935 description: HTTP scheme to use for scraping. 8936 type: string 8937 scrapeTimeout: 8938 description: Timeout after which the scrape is ended 8939 type: string 8940 targetPort: 8941 anyOf: 8942 - type: integer 8943 - type: string 8944 description: 'Deprecated: Use ''port'' instead.' 8945 x-kubernetes-int-or-string: true 8946 tlsConfig: 8947 description: TLS configuration to use when scraping the endpoint. 8948 properties: 8949 ca: 8950 description: Struct containing the CA cert to use for the 8951 targets. 8952 properties: 8953 configMap: 8954 description: ConfigMap containing data to use for the 8955 targets. 8956 properties: 8957 key: 8958 description: The key to select. 8959 type: string 8960 name: 8961 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8962 TODO: Add other useful fields. apiVersion, kind, 8963 uid?' 8964 type: string 8965 optional: 8966 description: Specify whether the ConfigMap or its 8967 key must be defined 8968 type: boolean 8969 required: 8970 - key 8971 type: object 8972 secret: 8973 description: Secret containing data to use for the targets. 8974 properties: 8975 key: 8976 description: The key of the secret to select from. Must 8977 be a valid secret key. 8978 type: string 8979 name: 8980 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8981 TODO: Add other useful fields. apiVersion, kind, 8982 uid?' 8983 type: string 8984 optional: 8985 description: Specify whether the Secret or its key 8986 must be defined 8987 type: boolean 8988 required: 8989 - key 8990 type: object 8991 type: object 8992 cert: 8993 description: Struct containing the client cert file for 8994 the targets. 8995 properties: 8996 configMap: 8997 description: ConfigMap containing data to use for the 8998 targets. 8999 properties: 9000 key: 9001 description: The key to select. 9002 type: string 9003 name: 9004 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9005 TODO: Add other useful fields. apiVersion, kind, 9006 uid?' 9007 type: string 9008 optional: 9009 description: Specify whether the ConfigMap or its 9010 key must be defined 9011 type: boolean 9012 required: 9013 - key 9014 type: object 9015 secret: 9016 description: Secret containing data to use for the targets. 9017 properties: 9018 key: 9019 description: The key of the secret to select from. Must 9020 be a valid secret key. 9021 type: string 9022 name: 9023 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9024 TODO: Add other useful fields. apiVersion, kind, 9025 uid?' 9026 type: string 9027 optional: 9028 description: Specify whether the Secret or its key 9029 must be defined 9030 type: boolean 9031 required: 9032 - key 9033 type: object 9034 type: object 9035 insecureSkipVerify: 9036 description: Disable target certificate validation. 9037 type: boolean 9038 keySecret: 9039 description: Secret containing the client key file for the 9040 targets. 9041 properties: 9042 key: 9043 description: The key of the secret to select from. Must 9044 be a valid secret key. 9045 type: string 9046 name: 9047 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9048 TODO: Add other useful fields. apiVersion, kind, uid?' 9049 type: string 9050 optional: 9051 description: Specify whether the Secret or its key must 9052 be defined 9053 type: boolean 9054 required: 9055 - key 9056 type: object 9057 serverName: 9058 description: Used to verify the hostname for the targets. 9059 type: string 9060 type: object 9061 type: object 9062 type: array 9063 podTargetLabels: 9064 description: PodTargetLabels transfers labels on the Kubernetes Pod 9065 onto the target. 9066 items: 9067 type: string 9068 type: array 9069 sampleLimit: 9070 description: SampleLimit defines per-scrape limit on number of scraped 9071 samples that will be accepted. 9072 format: int64 9073 type: integer 9074 selector: 9075 description: Selector to select Pod objects. 9076 properties: 9077 matchExpressions: 9078 description: matchExpressions is a list of label selector requirements. 9079 The requirements are ANDed. 9080 items: 9081 description: A label selector requirement is a selector that 9082 contains values, a key, and an operator that relates the key 9083 and values. 9084 properties: 9085 key: 9086 description: key is the label key that the selector applies 9087 to. 9088 type: string 9089 operator: 9090 description: operator represents a key's relationship to 9091 a set of values. Valid operators are In, NotIn, Exists 9092 and DoesNotExist. 9093 type: string 9094 values: 9095 description: values is an array of string values. If the 9096 operator is In or NotIn, the values array must be non-empty. 9097 If the operator is Exists or DoesNotExist, the values 9098 array must be empty. This array is replaced during a strategic 9099 merge patch. 9100 items: 9101 type: string 9102 type: array 9103 required: 9104 - key 9105 - operator 9106 type: object 9107 type: array 9108 matchLabels: 9109 additionalProperties: 9110 type: string 9111 description: matchLabels is a map of {key,value} pairs. A single 9112 {key,value} in the matchLabels map is equivalent to an element 9113 of matchExpressions, whose key field is "key", the operator 9114 is "In", and the values array contains only "value". The requirements 9115 are ANDed. 9116 type: object 9117 type: object 9118 targetLimit: 9119 description: TargetLimit defines a limit on the number of scraped 9120 targets that will be accepted. 9121 format: int64 9122 type: integer 9123 required: 9124 - podMetricsEndpoints 9125 - selector 9126 type: object 9127 required: 9128 - spec 9129 type: object 9130 served: true 9131 storage: true 9132 status: 9133 acceptedNames: 9134 kind: "" 9135 plural: "" 9136 conditions: [] 9137 storedVersions: [] 9138 --- 9139 9140 --- 9141 apiVersion: apiextensions.k8s.io/v1 9142 kind: CustomResourceDefinition 9143 metadata: 9144 annotations: 9145 controller-gen.kubebuilder.io/version: v0.6.2 9146 creationTimestamp: null 9147 name: probes.monitoring.coreos.com 9148 spec: 9149 group: monitoring.coreos.com 9150 names: 9151 categories: 9152 - prometheus-operator 9153 kind: Probe 9154 listKind: ProbeList 9155 plural: probes 9156 singular: probe 9157 scope: Namespaced 9158 versions: 9159 - name: v1 9160 schema: 9161 openAPIV3Schema: 9162 description: Probe defines monitoring for a set of static targets or ingresses. 9163 properties: 9164 apiVersion: 9165 description: 'APIVersion defines the versioned schema of this representation 9166 of an object. Servers should convert recognized schemas to the latest 9167 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9168 type: string 9169 kind: 9170 description: 'Kind is a string value representing the REST resource this 9171 object represents. Servers may infer this from the endpoint the client 9172 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9173 type: string 9174 metadata: 9175 type: object 9176 spec: 9177 description: Specification of desired Ingress selection for target discovery 9178 by Prometheus. 9179 properties: 9180 authorization: 9181 description: Authorization section for this endpoint 9182 properties: 9183 credentials: 9184 description: The secret's key that contains the credentials of 9185 the request 9186 properties: 9187 key: 9188 description: The key of the secret to select from. Must be 9189 a valid secret key. 9190 type: string 9191 name: 9192 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9193 TODO: Add other useful fields. apiVersion, kind, uid?' 9194 type: string 9195 optional: 9196 description: Specify whether the Secret or its key must be 9197 defined 9198 type: boolean 9199 required: 9200 - key 9201 type: object 9202 type: 9203 description: Set the authentication type. Defaults to Bearer, 9204 Basic will cause an error 9205 type: string 9206 type: object 9207 basicAuth: 9208 description: 'BasicAuth allow an endpoint to authenticate over basic 9209 authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' 9210 properties: 9211 password: 9212 description: The secret in the service monitor namespace that 9213 contains the password for authentication. 9214 properties: 9215 key: 9216 description: The key of the secret to select from. Must be 9217 a valid secret key. 9218 type: string 9219 name: 9220 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9221 TODO: Add other useful fields. apiVersion, kind, uid?' 9222 type: string 9223 optional: 9224 description: Specify whether the Secret or its key must be 9225 defined 9226 type: boolean 9227 required: 9228 - key 9229 type: object 9230 username: 9231 description: The secret in the service monitor namespace that 9232 contains the username for authentication. 9233 properties: 9234 key: 9235 description: The key of the secret to select from. Must be 9236 a valid secret key. 9237 type: string 9238 name: 9239 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9240 TODO: Add other useful fields. apiVersion, kind, uid?' 9241 type: string 9242 optional: 9243 description: Specify whether the Secret or its key must be 9244 defined 9245 type: boolean 9246 required: 9247 - key 9248 type: object 9249 type: object 9250 bearerTokenSecret: 9251 description: Secret to mount to read bearer token for scraping targets. 9252 The secret needs to be in the same namespace as the probe and accessible 9253 by the Prometheus Operator. 9254 properties: 9255 key: 9256 description: The key of the secret to select from. Must be a 9257 valid secret key. 9258 type: string 9259 name: 9260 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9261 TODO: Add other useful fields. apiVersion, kind, uid?' 9262 type: string 9263 optional: 9264 description: Specify whether the Secret or its key must be defined 9265 type: boolean 9266 required: 9267 - key 9268 type: object 9269 interval: 9270 description: Interval at which targets are probed using the configured 9271 prober. If not specified Prometheus' global scrape interval is used. 9272 type: string 9273 jobName: 9274 description: The job name assigned to scraped metrics by default. 9275 type: string 9276 labelLimit: 9277 description: Per-scrape limit on number of labels that will be accepted 9278 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 9279 format: int64 9280 type: integer 9281 labelNameLengthLimit: 9282 description: Per-scrape limit on length of labels name that will be 9283 accepted for a sample. Only valid in Prometheus versions 2.27.0 9284 and newer. 9285 format: int64 9286 type: integer 9287 labelValueLengthLimit: 9288 description: Per-scrape limit on length of labels value that will 9289 be accepted for a sample. Only valid in Prometheus versions 2.27.0 9290 and newer. 9291 format: int64 9292 type: integer 9293 metricRelabelings: 9294 description: MetricRelabelConfigs to apply to samples before ingestion. 9295 items: 9296 description: 'RelabelConfig allows dynamic rewriting of the label 9297 set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section 9298 of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9299 properties: 9300 action: 9301 description: Action to perform based on regex matching. Default 9302 is 'replace' 9303 type: string 9304 modulus: 9305 description: Modulus to take of the hash of the source label 9306 values. 9307 format: int64 9308 type: integer 9309 regex: 9310 description: Regular expression against which the extracted 9311 value is matched. Default is '(.*)' 9312 type: string 9313 replacement: 9314 description: Replacement value against which a regex replace 9315 is performed if the regular expression matches. Regex capture 9316 groups are available. Default is '$1' 9317 type: string 9318 separator: 9319 description: Separator placed between concatenated source label 9320 values. default is ';'. 9321 type: string 9322 sourceLabels: 9323 description: The source labels select values from existing labels. 9324 Their content is concatenated using the configured separator 9325 and matched against the configured regular expression for 9326 the replace, keep, and drop actions. 9327 items: 9328 type: string 9329 type: array 9330 targetLabel: 9331 description: Label to which the resulting value is written in 9332 a replace action. It is mandatory for replace actions. Regex 9333 capture groups are available. 9334 type: string 9335 type: object 9336 type: array 9337 module: 9338 description: 'The module to use for probing specifying how to probe 9339 the target. Example module configuring in the blackbox exporter: 9340 https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' 9341 type: string 9342 oauth2: 9343 description: OAuth2 for the URL. Only valid in Prometheus versions 9344 2.27.0 and newer. 9345 properties: 9346 clientId: 9347 description: The secret or configmap containing the OAuth2 client 9348 id 9349 properties: 9350 configMap: 9351 description: ConfigMap containing data to use for the targets. 9352 properties: 9353 key: 9354 description: The key to select. 9355 type: string 9356 name: 9357 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9358 TODO: Add other useful fields. apiVersion, kind, uid?' 9359 type: string 9360 optional: 9361 description: Specify whether the ConfigMap or its key 9362 must be defined 9363 type: boolean 9364 required: 9365 - key 9366 type: object 9367 secret: 9368 description: Secret containing data to use for the targets. 9369 properties: 9370 key: 9371 description: The key of the secret to select from. Must 9372 be a valid secret key. 9373 type: string 9374 name: 9375 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9376 TODO: Add other useful fields. apiVersion, kind, uid?' 9377 type: string 9378 optional: 9379 description: Specify whether the Secret or its key must 9380 be defined 9381 type: boolean 9382 required: 9383 - key 9384 type: object 9385 type: object 9386 clientSecret: 9387 description: The secret containing the OAuth2 client secret 9388 properties: 9389 key: 9390 description: The key of the secret to select from. Must be 9391 a valid secret key. 9392 type: string 9393 name: 9394 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9395 TODO: Add other useful fields. apiVersion, kind, uid?' 9396 type: string 9397 optional: 9398 description: Specify whether the Secret or its key must be 9399 defined 9400 type: boolean 9401 required: 9402 - key 9403 type: object 9404 endpointParams: 9405 additionalProperties: 9406 type: string 9407 description: Parameters to append to the token URL 9408 type: object 9409 scopes: 9410 description: OAuth2 scopes used for the token request 9411 items: 9412 type: string 9413 type: array 9414 tokenUrl: 9415 description: The URL to fetch the token from 9416 minLength: 1 9417 type: string 9418 required: 9419 - clientId 9420 - clientSecret 9421 - tokenUrl 9422 type: object 9423 prober: 9424 description: Specification for the prober to use for probing targets. 9425 The prober.URL parameter is required. Targets cannot be probed if 9426 left empty. 9427 properties: 9428 path: 9429 description: Path to collect metrics from. Defaults to `/probe`. 9430 type: string 9431 proxyUrl: 9432 description: Optional ProxyURL. 9433 type: string 9434 scheme: 9435 description: HTTP scheme to use for scraping. Defaults to `http`. 9436 type: string 9437 url: 9438 description: Mandatory URL of the prober. 9439 type: string 9440 required: 9441 - url 9442 type: object 9443 sampleLimit: 9444 description: SampleLimit defines per-scrape limit on number of scraped 9445 samples that will be accepted. 9446 format: int64 9447 type: integer 9448 scrapeTimeout: 9449 description: Timeout for scraping metrics from the Prometheus exporter. 9450 type: string 9451 targetLimit: 9452 description: TargetLimit defines a limit on the number of scraped 9453 targets that will be accepted. 9454 format: int64 9455 type: integer 9456 targets: 9457 description: Targets defines a set of static and/or dynamically discovered 9458 targets to be probed using the prober. 9459 properties: 9460 ingress: 9461 description: Ingress defines the set of dynamically discovered 9462 ingress objects which hosts are considered for probing. 9463 properties: 9464 namespaceSelector: 9465 description: Select Ingress objects by namespace. 9466 properties: 9467 any: 9468 description: Boolean describing whether all namespaces 9469 are selected in contrast to a list restricting them. 9470 type: boolean 9471 matchNames: 9472 description: List of namespace names. 9473 items: 9474 type: string 9475 type: array 9476 type: object 9477 relabelingConfigs: 9478 description: 'RelabelConfigs to apply to samples before ingestion. 9479 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 9480 items: 9481 description: 'RelabelConfig allows dynamic rewriting of 9482 the label set, being applied to samples before ingestion. 9483 It defines `<metric_relabel_configs>`-section of Prometheus 9484 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9485 properties: 9486 action: 9487 description: Action to perform based on regex matching. 9488 Default is 'replace' 9489 type: string 9490 modulus: 9491 description: Modulus to take of the hash of the source 9492 label values. 9493 format: int64 9494 type: integer 9495 regex: 9496 description: Regular expression against which the extracted 9497 value is matched. Default is '(.*)' 9498 type: string 9499 replacement: 9500 description: Replacement value against which a regex 9501 replace is performed if the regular expression matches. 9502 Regex capture groups are available. Default is '$1' 9503 type: string 9504 separator: 9505 description: Separator placed between concatenated source 9506 label values. default is ';'. 9507 type: string 9508 sourceLabels: 9509 description: The source labels select values from existing 9510 labels. Their content is concatenated using the configured 9511 separator and matched against the configured regular 9512 expression for the replace, keep, and drop actions. 9513 items: 9514 type: string 9515 type: array 9516 targetLabel: 9517 description: Label to which the resulting value is written 9518 in a replace action. It is mandatory for replace actions. 9519 Regex capture groups are available. 9520 type: string 9521 type: object 9522 type: array 9523 selector: 9524 description: Select Ingress objects by labels. 9525 properties: 9526 matchExpressions: 9527 description: matchExpressions is a list of label selector 9528 requirements. The requirements are ANDed. 9529 items: 9530 description: A label selector requirement is a selector 9531 that contains values, a key, and an operator that 9532 relates the key and values. 9533 properties: 9534 key: 9535 description: key is the label key that the selector 9536 applies to. 9537 type: string 9538 operator: 9539 description: operator represents a key's relationship 9540 to a set of values. Valid operators are In, NotIn, 9541 Exists and DoesNotExist. 9542 type: string 9543 values: 9544 description: values is an array of string values. 9545 If the operator is In or NotIn, the values array 9546 must be non-empty. If the operator is Exists or 9547 DoesNotExist, the values array must be empty. 9548 This array is replaced during a strategic merge 9549 patch. 9550 items: 9551 type: string 9552 type: array 9553 required: 9554 - key 9555 - operator 9556 type: object 9557 type: array 9558 matchLabels: 9559 additionalProperties: 9560 type: string 9561 description: matchLabels is a map of {key,value} pairs. 9562 A single {key,value} in the matchLabels map is equivalent 9563 to an element of matchExpressions, whose key field is 9564 "key", the operator is "In", and the values array contains 9565 only "value". The requirements are ANDed. 9566 type: object 9567 type: object 9568 type: object 9569 staticConfig: 9570 description: 'StaticConfig defines static targets which are considers 9571 for probing. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' 9572 properties: 9573 labels: 9574 additionalProperties: 9575 type: string 9576 description: Labels assigned to all metrics scraped from the 9577 targets. 9578 type: object 9579 relabelingConfigs: 9580 description: 'RelabelConfigs to apply to samples before ingestion. 9581 More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 9582 items: 9583 description: 'RelabelConfig allows dynamic rewriting of 9584 the label set, being applied to samples before ingestion. 9585 It defines `<metric_relabel_configs>`-section of Prometheus 9586 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 9587 properties: 9588 action: 9589 description: Action to perform based on regex matching. 9590 Default is 'replace' 9591 type: string 9592 modulus: 9593 description: Modulus to take of the hash of the source 9594 label values. 9595 format: int64 9596 type: integer 9597 regex: 9598 description: Regular expression against which the extracted 9599 value is matched. Default is '(.*)' 9600 type: string 9601 replacement: 9602 description: Replacement value against which a regex 9603 replace is performed if the regular expression matches. 9604 Regex capture groups are available. Default is '$1' 9605 type: string 9606 separator: 9607 description: Separator placed between concatenated source 9608 label values. default is ';'. 9609 type: string 9610 sourceLabels: 9611 description: The source labels select values from existing 9612 labels. Their content is concatenated using the configured 9613 separator and matched against the configured regular 9614 expression for the replace, keep, and drop actions. 9615 items: 9616 type: string 9617 type: array 9618 targetLabel: 9619 description: Label to which the resulting value is written 9620 in a replace action. It is mandatory for replace actions. 9621 Regex capture groups are available. 9622 type: string 9623 type: object 9624 type: array 9625 static: 9626 description: Targets is a list of URLs to probe using the 9627 configured prober. 9628 items: 9629 type: string 9630 type: array 9631 type: object 9632 type: object 9633 tlsConfig: 9634 description: TLS configuration to use when scraping the endpoint. 9635 properties: 9636 ca: 9637 description: Struct containing the CA cert to use for the targets. 9638 properties: 9639 configMap: 9640 description: ConfigMap containing data to use for the targets. 9641 properties: 9642 key: 9643 description: The key to select. 9644 type: string 9645 name: 9646 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9647 TODO: Add other useful fields. apiVersion, kind, uid?' 9648 type: string 9649 optional: 9650 description: Specify whether the ConfigMap or its key 9651 must be defined 9652 type: boolean 9653 required: 9654 - key 9655 type: object 9656 secret: 9657 description: Secret containing data to use for the targets. 9658 properties: 9659 key: 9660 description: The key of the secret to select from. Must 9661 be a valid secret key. 9662 type: string 9663 name: 9664 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9665 TODO: Add other useful fields. apiVersion, kind, uid?' 9666 type: string 9667 optional: 9668 description: Specify whether the Secret or its key must 9669 be defined 9670 type: boolean 9671 required: 9672 - key 9673 type: object 9674 type: object 9675 cert: 9676 description: Struct containing the client cert file for the targets. 9677 properties: 9678 configMap: 9679 description: ConfigMap containing data to use for the targets. 9680 properties: 9681 key: 9682 description: The key to select. 9683 type: string 9684 name: 9685 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9686 TODO: Add other useful fields. apiVersion, kind, uid?' 9687 type: string 9688 optional: 9689 description: Specify whether the ConfigMap or its key 9690 must be defined 9691 type: boolean 9692 required: 9693 - key 9694 type: object 9695 secret: 9696 description: Secret containing data to use for the targets. 9697 properties: 9698 key: 9699 description: The key of the secret to select from. Must 9700 be a valid secret key. 9701 type: string 9702 name: 9703 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9704 TODO: Add other useful fields. apiVersion, kind, uid?' 9705 type: string 9706 optional: 9707 description: Specify whether the Secret or its key must 9708 be defined 9709 type: boolean 9710 required: 9711 - key 9712 type: object 9713 type: object 9714 insecureSkipVerify: 9715 description: Disable target certificate validation. 9716 type: boolean 9717 keySecret: 9718 description: Secret containing the client key file for the targets. 9719 properties: 9720 key: 9721 description: The key of the secret to select from. Must be 9722 a valid secret key. 9723 type: string 9724 name: 9725 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9726 TODO: Add other useful fields. apiVersion, kind, uid?' 9727 type: string 9728 optional: 9729 description: Specify whether the Secret or its key must be 9730 defined 9731 type: boolean 9732 required: 9733 - key 9734 type: object 9735 serverName: 9736 description: Used to verify the hostname for the targets. 9737 type: string 9738 type: object 9739 type: object 9740 required: 9741 - spec 9742 type: object 9743 served: true 9744 storage: true 9745 status: 9746 acceptedNames: 9747 kind: "" 9748 plural: "" 9749 conditions: [] 9750 storedVersions: [] 9751 --- 9752 9753 --- 9754 apiVersion: apiextensions.k8s.io/v1 9755 kind: CustomResourceDefinition 9756 metadata: 9757 annotations: 9758 controller-gen.kubebuilder.io/version: v0.6.2 9759 creationTimestamp: null 9760 name: prometheuses.monitoring.coreos.com 9761 spec: 9762 group: monitoring.coreos.com 9763 names: 9764 categories: 9765 - prometheus-operator 9766 kind: Prometheus 9767 listKind: PrometheusList 9768 plural: prometheuses 9769 singular: prometheus 9770 scope: Namespaced 9771 versions: 9772 - additionalPrinterColumns: 9773 - description: The version of Prometheus 9774 jsonPath: .spec.version 9775 name: Version 9776 type: string 9777 - description: The desired replicas number of Prometheuses 9778 jsonPath: .spec.replicas 9779 name: Replicas 9780 type: integer 9781 - jsonPath: .metadata.creationTimestamp 9782 name: Age 9783 type: date 9784 name: v1 9785 schema: 9786 openAPIV3Schema: 9787 description: Prometheus defines a Prometheus deployment. 9788 properties: 9789 apiVersion: 9790 description: 'APIVersion defines the versioned schema of this representation 9791 of an object. Servers should convert recognized schemas to the latest 9792 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 9793 type: string 9794 kind: 9795 description: 'Kind is a string value representing the REST resource this 9796 object represents. Servers may infer this from the endpoint the client 9797 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 9798 type: string 9799 metadata: 9800 type: object 9801 spec: 9802 description: 'Specification of the desired behavior of the Prometheus 9803 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 9804 properties: 9805 additionalAlertManagerConfigs: 9806 description: 'AdditionalAlertManagerConfigs allows specifying a key 9807 of a Secret containing additional Prometheus AlertManager configurations. 9808 AlertManager configurations specified are appended to the configurations 9809 generated by the Prometheus Operator. Job configurations specified 9810 must have the form as specified in the official Prometheus documentation: 9811 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. 9812 As AlertManager configs are appended, the user is responsible to 9813 make sure it is valid. Note that using this feature may expose the 9814 possibility to break upgrades of Prometheus. It is advised to review 9815 Prometheus release notes to ensure that no incompatible AlertManager 9816 configs are going to break Prometheus after the upgrade.' 9817 properties: 9818 key: 9819 description: The key of the secret to select from. Must be a 9820 valid secret key. 9821 type: string 9822 name: 9823 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9824 TODO: Add other useful fields. apiVersion, kind, uid?' 9825 type: string 9826 optional: 9827 description: Specify whether the Secret or its key must be defined 9828 type: boolean 9829 required: 9830 - key 9831 type: object 9832 additionalAlertRelabelConfigs: 9833 description: 'AdditionalAlertRelabelConfigs allows specifying a key 9834 of a Secret containing additional Prometheus alert relabel configurations. 9835 Alert relabel configurations specified are appended to the configurations 9836 generated by the Prometheus Operator. Alert relabel configurations 9837 specified must have the form as specified in the official Prometheus 9838 documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. 9839 As alert relabel configs are appended, the user is responsible to 9840 make sure it is valid. Note that using this feature may expose the 9841 possibility to break upgrades of Prometheus. It is advised to review 9842 Prometheus release notes to ensure that no incompatible alert relabel 9843 configs are going to break Prometheus after the upgrade.' 9844 properties: 9845 key: 9846 description: The key of the secret to select from. Must be a 9847 valid secret key. 9848 type: string 9849 name: 9850 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9851 TODO: Add other useful fields. apiVersion, kind, uid?' 9852 type: string 9853 optional: 9854 description: Specify whether the Secret or its key must be defined 9855 type: boolean 9856 required: 9857 - key 9858 type: object 9859 additionalScrapeConfigs: 9860 description: 'AdditionalScrapeConfigs allows specifying a key of a 9861 Secret containing additional Prometheus scrape configurations. Scrape 9862 configurations specified are appended to the configurations generated 9863 by the Prometheus Operator. Job configurations specified must have 9864 the form as specified in the official Prometheus documentation: 9865 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. 9866 As scrape configs are appended, the user is responsible to make 9867 sure it is valid. Note that using this feature may expose the possibility 9868 to break upgrades of Prometheus. It is advised to review Prometheus 9869 release notes to ensure that no incompatible scrape configs are 9870 going to break Prometheus after the upgrade.' 9871 properties: 9872 key: 9873 description: The key of the secret to select from. Must be a 9874 valid secret key. 9875 type: string 9876 name: 9877 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9878 TODO: Add other useful fields. apiVersion, kind, uid?' 9879 type: string 9880 optional: 9881 description: Specify whether the Secret or its key must be defined 9882 type: boolean 9883 required: 9884 - key 9885 type: object 9886 affinity: 9887 description: If specified, the pod's scheduling constraints. 9888 properties: 9889 nodeAffinity: 9890 description: Describes node affinity scheduling rules for the 9891 pod. 9892 properties: 9893 preferredDuringSchedulingIgnoredDuringExecution: 9894 description: The scheduler will prefer to schedule pods to 9895 nodes that satisfy the affinity expressions specified by 9896 this field, but it may choose a node that violates one or 9897 more of the expressions. The node that is most preferred 9898 is the one with the greatest sum of weights, i.e. for each 9899 node that meets all of the scheduling requirements (resource 9900 request, requiredDuringScheduling affinity expressions, 9901 etc.), compute a sum by iterating through the elements of 9902 this field and adding "weight" to the sum if the node matches 9903 the corresponding matchExpressions; the node(s) with the 9904 highest sum are the most preferred. 9905 items: 9906 description: An empty preferred scheduling term matches 9907 all objects with implicit weight 0 (i.e. it's a no-op). 9908 A null preferred scheduling term matches no objects (i.e. 9909 is also a no-op). 9910 properties: 9911 preference: 9912 description: A node selector term, associated with the 9913 corresponding weight. 9914 properties: 9915 matchExpressions: 9916 description: A list of node selector requirements 9917 by node's labels. 9918 items: 9919 description: A node selector requirement is a 9920 selector that contains values, a key, and an 9921 operator that relates the key and values. 9922 properties: 9923 key: 9924 description: The label key that the selector 9925 applies to. 9926 type: string 9927 operator: 9928 description: Represents a key's relationship 9929 to a set of values. Valid operators are 9930 In, NotIn, Exists, DoesNotExist. Gt, and 9931 Lt. 9932 type: string 9933 values: 9934 description: An array of string values. If 9935 the operator is In or NotIn, the values 9936 array must be non-empty. If the operator 9937 is Exists or DoesNotExist, the values array 9938 must be empty. If the operator is Gt or 9939 Lt, the values array must have a single 9940 element, which will be interpreted as an 9941 integer. This array is replaced during a 9942 strategic merge patch. 9943 items: 9944 type: string 9945 type: array 9946 required: 9947 - key 9948 - operator 9949 type: object 9950 type: array 9951 matchFields: 9952 description: A list of node selector requirements 9953 by node's fields. 9954 items: 9955 description: A node selector requirement is a 9956 selector that contains values, a key, and an 9957 operator that relates the key and values. 9958 properties: 9959 key: 9960 description: The label key that the selector 9961 applies to. 9962 type: string 9963 operator: 9964 description: Represents a key's relationship 9965 to a set of values. Valid operators are 9966 In, NotIn, Exists, DoesNotExist. Gt, and 9967 Lt. 9968 type: string 9969 values: 9970 description: An array of string values. If 9971 the operator is In or NotIn, the values 9972 array must be non-empty. If the operator 9973 is Exists or DoesNotExist, the values array 9974 must be empty. If the operator is Gt or 9975 Lt, the values array must have a single 9976 element, which will be interpreted as an 9977 integer. This array is replaced during a 9978 strategic merge patch. 9979 items: 9980 type: string 9981 type: array 9982 required: 9983 - key 9984 - operator 9985 type: object 9986 type: array 9987 type: object 9988 weight: 9989 description: Weight associated with matching the corresponding 9990 nodeSelectorTerm, in the range 1-100. 9991 format: int32 9992 type: integer 9993 required: 9994 - preference 9995 - weight 9996 type: object 9997 type: array 9998 requiredDuringSchedulingIgnoredDuringExecution: 9999 description: If the affinity requirements specified by this 10000 field are not met at scheduling time, the pod will not be 10001 scheduled onto the node. If the affinity requirements specified 10002 by this field cease to be met at some point during pod execution 10003 (e.g. due to an update), the system may or may not try to 10004 eventually evict the pod from its node. 10005 properties: 10006 nodeSelectorTerms: 10007 description: Required. A list of node selector terms. 10008 The terms are ORed. 10009 items: 10010 description: A null or empty node selector term matches 10011 no objects. The requirements of them are ANDed. The 10012 TopologySelectorTerm type implements a subset of the 10013 NodeSelectorTerm. 10014 properties: 10015 matchExpressions: 10016 description: A list of node selector requirements 10017 by node's labels. 10018 items: 10019 description: A node selector requirement is a 10020 selector that contains values, a key, and an 10021 operator that relates the key and values. 10022 properties: 10023 key: 10024 description: The label key that the selector 10025 applies to. 10026 type: string 10027 operator: 10028 description: Represents a key's relationship 10029 to a set of values. Valid operators are 10030 In, NotIn, Exists, DoesNotExist. Gt, and 10031 Lt. 10032 type: string 10033 values: 10034 description: An array of string values. If 10035 the operator is In or NotIn, the values 10036 array must be non-empty. If the operator 10037 is Exists or DoesNotExist, the values array 10038 must be empty. If the operator is Gt or 10039 Lt, the values array must have a single 10040 element, which will be interpreted as an 10041 integer. This array is replaced during a 10042 strategic merge patch. 10043 items: 10044 type: string 10045 type: array 10046 required: 10047 - key 10048 - operator 10049 type: object 10050 type: array 10051 matchFields: 10052 description: A list of node selector requirements 10053 by node's fields. 10054 items: 10055 description: A node selector requirement is a 10056 selector that contains values, a key, and an 10057 operator that relates the key and values. 10058 properties: 10059 key: 10060 description: The label key that the selector 10061 applies to. 10062 type: string 10063 operator: 10064 description: Represents a key's relationship 10065 to a set of values. Valid operators are 10066 In, NotIn, Exists, DoesNotExist. Gt, and 10067 Lt. 10068 type: string 10069 values: 10070 description: An array of string values. If 10071 the operator is In or NotIn, the values 10072 array must be non-empty. If the operator 10073 is Exists or DoesNotExist, the values array 10074 must be empty. If the operator is Gt or 10075 Lt, the values array must have a single 10076 element, which will be interpreted as an 10077 integer. This array is replaced during a 10078 strategic merge patch. 10079 items: 10080 type: string 10081 type: array 10082 required: 10083 - key 10084 - operator 10085 type: object 10086 type: array 10087 type: object 10088 type: array 10089 required: 10090 - nodeSelectorTerms 10091 type: object 10092 type: object 10093 podAffinity: 10094 description: Describes pod affinity scheduling rules (e.g. co-locate 10095 this pod in the same node, zone, etc. as some other pod(s)). 10096 properties: 10097 preferredDuringSchedulingIgnoredDuringExecution: 10098 description: The scheduler will prefer to schedule pods to 10099 nodes that satisfy the affinity expressions specified by 10100 this field, but it may choose a node that violates one or 10101 more of the expressions. The node that is most preferred 10102 is the one with the greatest sum of weights, i.e. for each 10103 node that meets all of the scheduling requirements (resource 10104 request, requiredDuringScheduling affinity expressions, 10105 etc.), compute a sum by iterating through the elements of 10106 this field and adding "weight" to the sum if the node has 10107 pods which matches the corresponding podAffinityTerm; the 10108 node(s) with the highest sum are the most preferred. 10109 items: 10110 description: The weights of all of the matched WeightedPodAffinityTerm 10111 fields are added per-node to find the most preferred node(s) 10112 properties: 10113 podAffinityTerm: 10114 description: Required. A pod affinity term, associated 10115 with the corresponding weight. 10116 properties: 10117 labelSelector: 10118 description: A label query over a set of resources, 10119 in this case pods. 10120 properties: 10121 matchExpressions: 10122 description: matchExpressions is a list of label 10123 selector requirements. The requirements are 10124 ANDed. 10125 items: 10126 description: A label selector requirement 10127 is a selector that contains values, a key, 10128 and an operator that relates the key and 10129 values. 10130 properties: 10131 key: 10132 description: key is the label key that 10133 the selector applies to. 10134 type: string 10135 operator: 10136 description: operator represents a key's 10137 relationship to a set of values. Valid 10138 operators are In, NotIn, Exists and 10139 DoesNotExist. 10140 type: string 10141 values: 10142 description: values is an array of string 10143 values. If the operator is In or NotIn, 10144 the values array must be non-empty. 10145 If the operator is Exists or DoesNotExist, 10146 the values array must be empty. This 10147 array is replaced during a strategic 10148 merge patch. 10149 items: 10150 type: string 10151 type: array 10152 required: 10153 - key 10154 - operator 10155 type: object 10156 type: array 10157 matchLabels: 10158 additionalProperties: 10159 type: string 10160 description: matchLabels is a map of {key,value} 10161 pairs. A single {key,value} in the matchLabels 10162 map is equivalent to an element of matchExpressions, 10163 whose key field is "key", the operator is 10164 "In", and the values array contains only "value". 10165 The requirements are ANDed. 10166 type: object 10167 type: object 10168 namespaceSelector: 10169 description: A label query over the set of namespaces 10170 that the term applies to. The term is applied 10171 to the union of the namespaces selected by this 10172 field and the ones listed in the namespaces field. 10173 null selector and null or empty namespaces list 10174 means "this pod's namespace". An empty selector 10175 ({}) matches all namespaces. This field is beta-level 10176 and is only honored when PodAffinityNamespaceSelector 10177 feature is enabled. 10178 properties: 10179 matchExpressions: 10180 description: matchExpressions is a list of label 10181 selector requirements. The requirements are 10182 ANDed. 10183 items: 10184 description: A label selector requirement 10185 is a selector that contains values, a key, 10186 and an operator that relates the key and 10187 values. 10188 properties: 10189 key: 10190 description: key is the label key that 10191 the selector applies to. 10192 type: string 10193 operator: 10194 description: operator represents a key's 10195 relationship to a set of values. Valid 10196 operators are In, NotIn, Exists and 10197 DoesNotExist. 10198 type: string 10199 values: 10200 description: values is an array of string 10201 values. If the operator is In or NotIn, 10202 the values array must be non-empty. 10203 If the operator is Exists or DoesNotExist, 10204 the values array must be empty. This 10205 array is replaced during a strategic 10206 merge patch. 10207 items: 10208 type: string 10209 type: array 10210 required: 10211 - key 10212 - operator 10213 type: object 10214 type: array 10215 matchLabels: 10216 additionalProperties: 10217 type: string 10218 description: matchLabels is a map of {key,value} 10219 pairs. A single {key,value} in the matchLabels 10220 map is equivalent to an element of matchExpressions, 10221 whose key field is "key", the operator is 10222 "In", and the values array contains only "value". 10223 The requirements are ANDed. 10224 type: object 10225 type: object 10226 namespaces: 10227 description: namespaces specifies a static list 10228 of namespace names that the term applies to. The 10229 term is applied to the union of the namespaces 10230 listed in this field and the ones selected by 10231 namespaceSelector. null or empty namespaces list 10232 and null namespaceSelector means "this pod's namespace" 10233 items: 10234 type: string 10235 type: array 10236 topologyKey: 10237 description: This pod should be co-located (affinity) 10238 or not co-located (anti-affinity) with the pods 10239 matching the labelSelector in the specified namespaces, 10240 where co-located is defined as running on a node 10241 whose value of the label with key topologyKey 10242 matches that of any node on which any of the selected 10243 pods is running. Empty topologyKey is not allowed. 10244 type: string 10245 required: 10246 - topologyKey 10247 type: object 10248 weight: 10249 description: weight associated with matching the corresponding 10250 podAffinityTerm, in the range 1-100. 10251 format: int32 10252 type: integer 10253 required: 10254 - podAffinityTerm 10255 - weight 10256 type: object 10257 type: array 10258 requiredDuringSchedulingIgnoredDuringExecution: 10259 description: If the affinity requirements specified by this 10260 field are not met at scheduling time, the pod will not be 10261 scheduled onto the node. If the affinity requirements specified 10262 by this field cease to be met at some point during pod execution 10263 (e.g. due to a pod label update), the system may or may 10264 not try to eventually evict the pod from its node. When 10265 there are multiple elements, the lists of nodes corresponding 10266 to each podAffinityTerm are intersected, i.e. all terms 10267 must be satisfied. 10268 items: 10269 description: Defines a set of pods (namely those matching 10270 the labelSelector relative to the given namespace(s)) 10271 that this pod should be co-located (affinity) or not co-located 10272 (anti-affinity) with, where co-located is defined as running 10273 on a node whose value of the label with key <topologyKey> 10274 matches that of any node on which a pod of the set of 10275 pods is running 10276 properties: 10277 labelSelector: 10278 description: A label query over a set of resources, 10279 in this case pods. 10280 properties: 10281 matchExpressions: 10282 description: matchExpressions is a list of label 10283 selector requirements. The requirements are ANDed. 10284 items: 10285 description: A label selector requirement is a 10286 selector that contains values, a key, and an 10287 operator that relates the key and values. 10288 properties: 10289 key: 10290 description: key is the label key that the 10291 selector applies to. 10292 type: string 10293 operator: 10294 description: operator represents a key's relationship 10295 to a set of values. Valid operators are 10296 In, NotIn, Exists and DoesNotExist. 10297 type: string 10298 values: 10299 description: values is an array of string 10300 values. If the operator is In or NotIn, 10301 the values array must be non-empty. If the 10302 operator is Exists or DoesNotExist, the 10303 values array must be empty. This array is 10304 replaced during a strategic merge patch. 10305 items: 10306 type: string 10307 type: array 10308 required: 10309 - key 10310 - operator 10311 type: object 10312 type: array 10313 matchLabels: 10314 additionalProperties: 10315 type: string 10316 description: matchLabels is a map of {key,value} 10317 pairs. A single {key,value} in the matchLabels 10318 map is equivalent to an element of matchExpressions, 10319 whose key field is "key", the operator is "In", 10320 and the values array contains only "value". The 10321 requirements are ANDed. 10322 type: object 10323 type: object 10324 namespaceSelector: 10325 description: A label query over the set of namespaces 10326 that the term applies to. The term is applied to the 10327 union of the namespaces selected by this field and 10328 the ones listed in the namespaces field. null selector 10329 and null or empty namespaces list means "this pod's 10330 namespace". An empty selector ({}) matches all namespaces. 10331 This field is beta-level and is only honored when 10332 PodAffinityNamespaceSelector feature is enabled. 10333 properties: 10334 matchExpressions: 10335 description: matchExpressions is a list of label 10336 selector requirements. The requirements are ANDed. 10337 items: 10338 description: A label selector requirement is a 10339 selector that contains values, a key, and an 10340 operator that relates the key and values. 10341 properties: 10342 key: 10343 description: key is the label key that the 10344 selector applies to. 10345 type: string 10346 operator: 10347 description: operator represents a key's relationship 10348 to a set of values. Valid operators are 10349 In, NotIn, Exists and DoesNotExist. 10350 type: string 10351 values: 10352 description: values is an array of string 10353 values. If the operator is In or NotIn, 10354 the values array must be non-empty. If the 10355 operator is Exists or DoesNotExist, the 10356 values array must be empty. This array is 10357 replaced during a strategic merge patch. 10358 items: 10359 type: string 10360 type: array 10361 required: 10362 - key 10363 - operator 10364 type: object 10365 type: array 10366 matchLabels: 10367 additionalProperties: 10368 type: string 10369 description: matchLabels is a map of {key,value} 10370 pairs. A single {key,value} in the matchLabels 10371 map is equivalent to an element of matchExpressions, 10372 whose key field is "key", the operator is "In", 10373 and the values array contains only "value". The 10374 requirements are ANDed. 10375 type: object 10376 type: object 10377 namespaces: 10378 description: namespaces specifies a static list of namespace 10379 names that the term applies to. The term is applied 10380 to the union of the namespaces listed in this field 10381 and the ones selected by namespaceSelector. null or 10382 empty namespaces list and null namespaceSelector means 10383 "this pod's namespace" 10384 items: 10385 type: string 10386 type: array 10387 topologyKey: 10388 description: This pod should be co-located (affinity) 10389 or not co-located (anti-affinity) with the pods matching 10390 the labelSelector in the specified namespaces, where 10391 co-located is defined as running on a node whose value 10392 of the label with key topologyKey matches that of 10393 any node on which any of the selected pods is running. 10394 Empty topologyKey is not allowed. 10395 type: string 10396 required: 10397 - topologyKey 10398 type: object 10399 type: array 10400 type: object 10401 podAntiAffinity: 10402 description: Describes pod anti-affinity scheduling rules (e.g. 10403 avoid putting this pod in the same node, zone, etc. as some 10404 other pod(s)). 10405 properties: 10406 preferredDuringSchedulingIgnoredDuringExecution: 10407 description: The scheduler will prefer to schedule pods to 10408 nodes that satisfy the anti-affinity expressions specified 10409 by this field, but it may choose a node that violates one 10410 or more of the expressions. The node that is most preferred 10411 is the one with the greatest sum of weights, i.e. for each 10412 node that meets all of the scheduling requirements (resource 10413 request, requiredDuringScheduling anti-affinity expressions, 10414 etc.), compute a sum by iterating through the elements of 10415 this field and adding "weight" to the sum if the node has 10416 pods which matches the corresponding podAffinityTerm; the 10417 node(s) with the highest sum are the most preferred. 10418 items: 10419 description: The weights of all of the matched WeightedPodAffinityTerm 10420 fields are added per-node to find the most preferred node(s) 10421 properties: 10422 podAffinityTerm: 10423 description: Required. A pod affinity term, associated 10424 with the corresponding weight. 10425 properties: 10426 labelSelector: 10427 description: A label query over a set of resources, 10428 in this case pods. 10429 properties: 10430 matchExpressions: 10431 description: matchExpressions is a list of label 10432 selector requirements. The requirements are 10433 ANDed. 10434 items: 10435 description: A label selector requirement 10436 is a selector that contains values, a key, 10437 and an operator that relates the key and 10438 values. 10439 properties: 10440 key: 10441 description: key is the label key that 10442 the selector applies to. 10443 type: string 10444 operator: 10445 description: operator represents a key's 10446 relationship to a set of values. Valid 10447 operators are In, NotIn, Exists and 10448 DoesNotExist. 10449 type: string 10450 values: 10451 description: values is an array of string 10452 values. If the operator is In or NotIn, 10453 the values array must be non-empty. 10454 If the operator is Exists or DoesNotExist, 10455 the values array must be empty. This 10456 array is replaced during a strategic 10457 merge patch. 10458 items: 10459 type: string 10460 type: array 10461 required: 10462 - key 10463 - operator 10464 type: object 10465 type: array 10466 matchLabels: 10467 additionalProperties: 10468 type: string 10469 description: matchLabels is a map of {key,value} 10470 pairs. A single {key,value} in the matchLabels 10471 map is equivalent to an element of matchExpressions, 10472 whose key field is "key", the operator is 10473 "In", and the values array contains only "value". 10474 The requirements are ANDed. 10475 type: object 10476 type: object 10477 namespaceSelector: 10478 description: A label query over the set of namespaces 10479 that the term applies to. The term is applied 10480 to the union of the namespaces selected by this 10481 field and the ones listed in the namespaces field. 10482 null selector and null or empty namespaces list 10483 means "this pod's namespace". An empty selector 10484 ({}) matches all namespaces. This field is beta-level 10485 and is only honored when PodAffinityNamespaceSelector 10486 feature is enabled. 10487 properties: 10488 matchExpressions: 10489 description: matchExpressions is a list of label 10490 selector requirements. The requirements are 10491 ANDed. 10492 items: 10493 description: A label selector requirement 10494 is a selector that contains values, a key, 10495 and an operator that relates the key and 10496 values. 10497 properties: 10498 key: 10499 description: key is the label key that 10500 the selector applies to. 10501 type: string 10502 operator: 10503 description: operator represents a key's 10504 relationship to a set of values. Valid 10505 operators are In, NotIn, Exists and 10506 DoesNotExist. 10507 type: string 10508 values: 10509 description: values is an array of string 10510 values. If the operator is In or NotIn, 10511 the values array must be non-empty. 10512 If the operator is Exists or DoesNotExist, 10513 the values array must be empty. This 10514 array is replaced during a strategic 10515 merge patch. 10516 items: 10517 type: string 10518 type: array 10519 required: 10520 - key 10521 - operator 10522 type: object 10523 type: array 10524 matchLabels: 10525 additionalProperties: 10526 type: string 10527 description: matchLabels is a map of {key,value} 10528 pairs. A single {key,value} in the matchLabels 10529 map is equivalent to an element of matchExpressions, 10530 whose key field is "key", the operator is 10531 "In", and the values array contains only "value". 10532 The requirements are ANDed. 10533 type: object 10534 type: object 10535 namespaces: 10536 description: namespaces specifies a static list 10537 of namespace names that the term applies to. The 10538 term is applied to the union of the namespaces 10539 listed in this field and the ones selected by 10540 namespaceSelector. null or empty namespaces list 10541 and null namespaceSelector means "this pod's namespace" 10542 items: 10543 type: string 10544 type: array 10545 topologyKey: 10546 description: This pod should be co-located (affinity) 10547 or not co-located (anti-affinity) with the pods 10548 matching the labelSelector in the specified namespaces, 10549 where co-located is defined as running on a node 10550 whose value of the label with key topologyKey 10551 matches that of any node on which any of the selected 10552 pods is running. Empty topologyKey is not allowed. 10553 type: string 10554 required: 10555 - topologyKey 10556 type: object 10557 weight: 10558 description: weight associated with matching the corresponding 10559 podAffinityTerm, in the range 1-100. 10560 format: int32 10561 type: integer 10562 required: 10563 - podAffinityTerm 10564 - weight 10565 type: object 10566 type: array 10567 requiredDuringSchedulingIgnoredDuringExecution: 10568 description: If the anti-affinity requirements specified by 10569 this field are not met at scheduling time, the pod will 10570 not be scheduled onto the node. If the anti-affinity requirements 10571 specified by this field cease to be met at some point during 10572 pod execution (e.g. due to a pod label update), the system 10573 may or may not try to eventually evict the pod from its 10574 node. When there are multiple elements, the lists of nodes 10575 corresponding to each podAffinityTerm are intersected, i.e. 10576 all terms must be satisfied. 10577 items: 10578 description: Defines a set of pods (namely those matching 10579 the labelSelector relative to the given namespace(s)) 10580 that this pod should be co-located (affinity) or not co-located 10581 (anti-affinity) with, where co-located is defined as running 10582 on a node whose value of the label with key <topologyKey> 10583 matches that of any node on which a pod of the set of 10584 pods is running 10585 properties: 10586 labelSelector: 10587 description: A label query over a set of resources, 10588 in this case pods. 10589 properties: 10590 matchExpressions: 10591 description: matchExpressions is a list of label 10592 selector requirements. The requirements are ANDed. 10593 items: 10594 description: A label selector requirement is a 10595 selector that contains values, a key, and an 10596 operator that relates the key and values. 10597 properties: 10598 key: 10599 description: key is the label key that the 10600 selector applies to. 10601 type: string 10602 operator: 10603 description: operator represents a key's relationship 10604 to a set of values. Valid operators are 10605 In, NotIn, Exists and DoesNotExist. 10606 type: string 10607 values: 10608 description: values is an array of string 10609 values. If the operator is In or NotIn, 10610 the values array must be non-empty. If the 10611 operator is Exists or DoesNotExist, the 10612 values array must be empty. This array is 10613 replaced during a strategic merge patch. 10614 items: 10615 type: string 10616 type: array 10617 required: 10618 - key 10619 - operator 10620 type: object 10621 type: array 10622 matchLabels: 10623 additionalProperties: 10624 type: string 10625 description: matchLabels is a map of {key,value} 10626 pairs. A single {key,value} in the matchLabels 10627 map is equivalent to an element of matchExpressions, 10628 whose key field is "key", the operator is "In", 10629 and the values array contains only "value". The 10630 requirements are ANDed. 10631 type: object 10632 type: object 10633 namespaceSelector: 10634 description: A label query over the set of namespaces 10635 that the term applies to. The term is applied to the 10636 union of the namespaces selected by this field and 10637 the ones listed in the namespaces field. null selector 10638 and null or empty namespaces list means "this pod's 10639 namespace". An empty selector ({}) matches all namespaces. 10640 This field is beta-level and is only honored when 10641 PodAffinityNamespaceSelector feature is enabled. 10642 properties: 10643 matchExpressions: 10644 description: matchExpressions is a list of label 10645 selector requirements. The requirements are ANDed. 10646 items: 10647 description: A label selector requirement is a 10648 selector that contains values, a key, and an 10649 operator that relates the key and values. 10650 properties: 10651 key: 10652 description: key is the label key that the 10653 selector applies to. 10654 type: string 10655 operator: 10656 description: operator represents a key's relationship 10657 to a set of values. Valid operators are 10658 In, NotIn, Exists and DoesNotExist. 10659 type: string 10660 values: 10661 description: values is an array of string 10662 values. If the operator is In or NotIn, 10663 the values array must be non-empty. If the 10664 operator is Exists or DoesNotExist, the 10665 values array must be empty. This array is 10666 replaced during a strategic merge patch. 10667 items: 10668 type: string 10669 type: array 10670 required: 10671 - key 10672 - operator 10673 type: object 10674 type: array 10675 matchLabels: 10676 additionalProperties: 10677 type: string 10678 description: matchLabels is a map of {key,value} 10679 pairs. A single {key,value} in the matchLabels 10680 map is equivalent to an element of matchExpressions, 10681 whose key field is "key", the operator is "In", 10682 and the values array contains only "value". The 10683 requirements are ANDed. 10684 type: object 10685 type: object 10686 namespaces: 10687 description: namespaces specifies a static list of namespace 10688 names that the term applies to. The term is applied 10689 to the union of the namespaces listed in this field 10690 and the ones selected by namespaceSelector. null or 10691 empty namespaces list and null namespaceSelector means 10692 "this pod's namespace" 10693 items: 10694 type: string 10695 type: array 10696 topologyKey: 10697 description: This pod should be co-located (affinity) 10698 or not co-located (anti-affinity) with the pods matching 10699 the labelSelector in the specified namespaces, where 10700 co-located is defined as running on a node whose value 10701 of the label with key topologyKey matches that of 10702 any node on which any of the selected pods is running. 10703 Empty topologyKey is not allowed. 10704 type: string 10705 required: 10706 - topologyKey 10707 type: object 10708 type: array 10709 type: object 10710 type: object 10711 alerting: 10712 description: Define details regarding alerting. 10713 properties: 10714 alertmanagers: 10715 description: AlertmanagerEndpoints Prometheus should fire alerts 10716 against. 10717 items: 10718 description: AlertmanagerEndpoints defines a selection of a 10719 single Endpoints object containing alertmanager IPs to fire 10720 alerts against. 10721 properties: 10722 apiVersion: 10723 description: Version of the Alertmanager API that Prometheus 10724 uses to send alerts. It can be "v1" or "v2". 10725 type: string 10726 authorization: 10727 description: Authorization section for this alertmanager 10728 endpoint 10729 properties: 10730 credentials: 10731 description: The secret's key that contains the credentials 10732 of the request 10733 properties: 10734 key: 10735 description: The key of the secret to select from. Must 10736 be a valid secret key. 10737 type: string 10738 name: 10739 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10740 TODO: Add other useful fields. apiVersion, kind, 10741 uid?' 10742 type: string 10743 optional: 10744 description: Specify whether the Secret or its key 10745 must be defined 10746 type: boolean 10747 required: 10748 - key 10749 type: object 10750 type: 10751 description: Set the authentication type. Defaults to 10752 Bearer, Basic will cause an error 10753 type: string 10754 type: object 10755 bearerTokenFile: 10756 description: BearerTokenFile to read from filesystem to 10757 use when authenticating to Alertmanager. 10758 type: string 10759 name: 10760 description: Name of Endpoints object in Namespace. 10761 type: string 10762 namespace: 10763 description: Namespace of Endpoints object. 10764 type: string 10765 pathPrefix: 10766 description: Prefix for the HTTP path alerts are pushed 10767 to. 10768 type: string 10769 port: 10770 anyOf: 10771 - type: integer 10772 - type: string 10773 description: Port the Alertmanager API is exposed on. 10774 x-kubernetes-int-or-string: true 10775 scheme: 10776 description: Scheme to use when firing alerts. 10777 type: string 10778 timeout: 10779 description: Timeout is a per-target Alertmanager timeout 10780 when pushing alerts. 10781 type: string 10782 tlsConfig: 10783 description: TLS Config to use for alertmanager connection. 10784 properties: 10785 ca: 10786 description: Struct containing the CA cert to use for 10787 the targets. 10788 properties: 10789 configMap: 10790 description: ConfigMap containing data to use for 10791 the targets. 10792 properties: 10793 key: 10794 description: The key to select. 10795 type: string 10796 name: 10797 description: 'Name of the referent. More info: 10798 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10799 TODO: Add other useful fields. apiVersion, 10800 kind, uid?' 10801 type: string 10802 optional: 10803 description: Specify whether the ConfigMap or 10804 its key must be defined 10805 type: boolean 10806 required: 10807 - key 10808 type: object 10809 secret: 10810 description: Secret containing data to use for the 10811 targets. 10812 properties: 10813 key: 10814 description: The key of the secret to select 10815 from. Must be a valid secret key. 10816 type: string 10817 name: 10818 description: 'Name of the referent. More info: 10819 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10820 TODO: Add other useful fields. apiVersion, 10821 kind, uid?' 10822 type: string 10823 optional: 10824 description: Specify whether the Secret or its 10825 key must be defined 10826 type: boolean 10827 required: 10828 - key 10829 type: object 10830 type: object 10831 caFile: 10832 description: Path to the CA cert in the Prometheus container 10833 to use for the targets. 10834 type: string 10835 cert: 10836 description: Struct containing the client cert file 10837 for the targets. 10838 properties: 10839 configMap: 10840 description: ConfigMap containing data to use for 10841 the targets. 10842 properties: 10843 key: 10844 description: The key to select. 10845 type: string 10846 name: 10847 description: 'Name of the referent. More info: 10848 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10849 TODO: Add other useful fields. apiVersion, 10850 kind, uid?' 10851 type: string 10852 optional: 10853 description: Specify whether the ConfigMap or 10854 its key must be defined 10855 type: boolean 10856 required: 10857 - key 10858 type: object 10859 secret: 10860 description: Secret containing data to use for the 10861 targets. 10862 properties: 10863 key: 10864 description: The key of the secret to select 10865 from. Must be a valid secret key. 10866 type: string 10867 name: 10868 description: 'Name of the referent. More info: 10869 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10870 TODO: Add other useful fields. apiVersion, 10871 kind, uid?' 10872 type: string 10873 optional: 10874 description: Specify whether the Secret or its 10875 key must be defined 10876 type: boolean 10877 required: 10878 - key 10879 type: object 10880 type: object 10881 certFile: 10882 description: Path to the client cert file in the Prometheus 10883 container for the targets. 10884 type: string 10885 insecureSkipVerify: 10886 description: Disable target certificate validation. 10887 type: boolean 10888 keyFile: 10889 description: Path to the client key file in the Prometheus 10890 container for the targets. 10891 type: string 10892 keySecret: 10893 description: Secret containing the client key file for 10894 the targets. 10895 properties: 10896 key: 10897 description: The key of the secret to select from. Must 10898 be a valid secret key. 10899 type: string 10900 name: 10901 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10902 TODO: Add other useful fields. apiVersion, kind, 10903 uid?' 10904 type: string 10905 optional: 10906 description: Specify whether the Secret or its key 10907 must be defined 10908 type: boolean 10909 required: 10910 - key 10911 type: object 10912 serverName: 10913 description: Used to verify the hostname for the targets. 10914 type: string 10915 type: object 10916 required: 10917 - name 10918 - namespace 10919 - port 10920 type: object 10921 type: array 10922 required: 10923 - alertmanagers 10924 type: object 10925 allowOverlappingBlocks: 10926 description: AllowOverlappingBlocks enables vertical compaction and 10927 vertical query merge in Prometheus. This is still experimental in 10928 Prometheus so it may change in any upcoming release. 10929 type: boolean 10930 apiserverConfig: 10931 description: APIServerConfig allows specifying a host and auth methods 10932 to access apiserver. If left empty, Prometheus is assumed to run 10933 inside of the cluster and will discover API servers automatically 10934 and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. 10935 properties: 10936 authorization: 10937 description: Authorization section for accessing apiserver 10938 properties: 10939 credentials: 10940 description: The secret's key that contains the credentials 10941 of the request 10942 properties: 10943 key: 10944 description: The key of the secret to select from. Must 10945 be a valid secret key. 10946 type: string 10947 name: 10948 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10949 TODO: Add other useful fields. apiVersion, kind, uid?' 10950 type: string 10951 optional: 10952 description: Specify whether the Secret or its key must 10953 be defined 10954 type: boolean 10955 required: 10956 - key 10957 type: object 10958 credentialsFile: 10959 description: File to read a secret from, mutually exclusive 10960 with Credentials (from SafeAuthorization) 10961 type: string 10962 type: 10963 description: Set the authentication type. Defaults to Bearer, 10964 Basic will cause an error 10965 type: string 10966 type: object 10967 basicAuth: 10968 description: BasicAuth allow an endpoint to authenticate over 10969 basic authentication 10970 properties: 10971 password: 10972 description: The secret in the service monitor namespace that 10973 contains the password for authentication. 10974 properties: 10975 key: 10976 description: The key of the secret to select from. Must 10977 be a valid secret key. 10978 type: string 10979 name: 10980 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10981 TODO: Add other useful fields. apiVersion, kind, uid?' 10982 type: string 10983 optional: 10984 description: Specify whether the Secret or its key must 10985 be defined 10986 type: boolean 10987 required: 10988 - key 10989 type: object 10990 username: 10991 description: The secret in the service monitor namespace that 10992 contains the username for authentication. 10993 properties: 10994 key: 10995 description: The key of the secret to select from. Must 10996 be a valid secret key. 10997 type: string 10998 name: 10999 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11000 TODO: Add other useful fields. apiVersion, kind, uid?' 11001 type: string 11002 optional: 11003 description: Specify whether the Secret or its key must 11004 be defined 11005 type: boolean 11006 required: 11007 - key 11008 type: object 11009 type: object 11010 bearerToken: 11011 description: Bearer token for accessing apiserver. 11012 type: string 11013 bearerTokenFile: 11014 description: File to read bearer token for accessing apiserver. 11015 type: string 11016 host: 11017 description: Host of apiserver. A valid string consisting of a 11018 hostname or IP followed by an optional port number 11019 type: string 11020 tlsConfig: 11021 description: TLS Config to use for accessing apiserver. 11022 properties: 11023 ca: 11024 description: Struct containing the CA cert to use for the 11025 targets. 11026 properties: 11027 configMap: 11028 description: ConfigMap containing data to use for the 11029 targets. 11030 properties: 11031 key: 11032 description: The key to select. 11033 type: string 11034 name: 11035 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11036 TODO: Add other useful fields. apiVersion, kind, 11037 uid?' 11038 type: string 11039 optional: 11040 description: Specify whether the ConfigMap or its 11041 key must be defined 11042 type: boolean 11043 required: 11044 - key 11045 type: object 11046 secret: 11047 description: Secret containing data to use for the targets. 11048 properties: 11049 key: 11050 description: The key of the secret to select from. Must 11051 be a valid secret key. 11052 type: string 11053 name: 11054 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11055 TODO: Add other useful fields. apiVersion, kind, 11056 uid?' 11057 type: string 11058 optional: 11059 description: Specify whether the Secret or its key 11060 must be defined 11061 type: boolean 11062 required: 11063 - key 11064 type: object 11065 type: object 11066 caFile: 11067 description: Path to the CA cert in the Prometheus container 11068 to use for the targets. 11069 type: string 11070 cert: 11071 description: Struct containing the client cert file for the 11072 targets. 11073 properties: 11074 configMap: 11075 description: ConfigMap containing data to use for the 11076 targets. 11077 properties: 11078 key: 11079 description: The key to select. 11080 type: string 11081 name: 11082 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11083 TODO: Add other useful fields. apiVersion, kind, 11084 uid?' 11085 type: string 11086 optional: 11087 description: Specify whether the ConfigMap or its 11088 key must be defined 11089 type: boolean 11090 required: 11091 - key 11092 type: object 11093 secret: 11094 description: Secret containing data to use for the targets. 11095 properties: 11096 key: 11097 description: The key of the secret to select from. Must 11098 be a valid secret key. 11099 type: string 11100 name: 11101 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11102 TODO: Add other useful fields. apiVersion, kind, 11103 uid?' 11104 type: string 11105 optional: 11106 description: Specify whether the Secret or its key 11107 must be defined 11108 type: boolean 11109 required: 11110 - key 11111 type: object 11112 type: object 11113 certFile: 11114 description: Path to the client cert file in the Prometheus 11115 container for the targets. 11116 type: string 11117 insecureSkipVerify: 11118 description: Disable target certificate validation. 11119 type: boolean 11120 keyFile: 11121 description: Path to the client key file in the Prometheus 11122 container for the targets. 11123 type: string 11124 keySecret: 11125 description: Secret containing the client key file for the 11126 targets. 11127 properties: 11128 key: 11129 description: The key of the secret to select from. Must 11130 be a valid secret key. 11131 type: string 11132 name: 11133 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11134 TODO: Add other useful fields. apiVersion, kind, uid?' 11135 type: string 11136 optional: 11137 description: Specify whether the Secret or its key must 11138 be defined 11139 type: boolean 11140 required: 11141 - key 11142 type: object 11143 serverName: 11144 description: Used to verify the hostname for the targets. 11145 type: string 11146 type: object 11147 required: 11148 - host 11149 type: object 11150 arbitraryFSAccessThroughSMs: 11151 description: ArbitraryFSAccessThroughSMs configures whether configuration 11152 based on a service monitor can access arbitrary files on the file 11153 system of the Prometheus container e.g. bearer token files. 11154 properties: 11155 deny: 11156 type: boolean 11157 type: object 11158 baseImage: 11159 description: 'Base image to use for a Prometheus deployment. Deprecated: 11160 use ''image'' instead' 11161 type: string 11162 configMaps: 11163 description: ConfigMaps is a list of ConfigMaps in the same namespace 11164 as the Prometheus object, which shall be mounted into the Prometheus 11165 Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name>. 11166 items: 11167 type: string 11168 type: array 11169 containers: 11170 description: 'Containers allows injecting additional containers or 11171 modifying operator generated containers. This can be used to allow 11172 adding an authentication proxy to a Prometheus pod or to change 11173 the behavior of an operator generated container. Containers described 11174 here modify an operator generated container if they share the same 11175 name and modifications are done via a strategic merge patch. The 11176 current container names are: `prometheus`, `config-reloader`, and 11177 `thanos-sidecar`. Overriding containers is entirely outside the 11178 scope of what the maintainers will support and by doing so, you 11179 accept that this behaviour may break at any time without notice.' 11180 items: 11181 description: A single application container that you want to run 11182 within a pod. 11183 properties: 11184 args: 11185 description: 'Arguments to the entrypoint. The docker image''s 11186 CMD is used if this is not provided. Variable references $(VAR_NAME) 11187 are expanded using the container''s environment. If a variable 11188 cannot be resolved, the reference in the input string will 11189 be unchanged. Double $$ are reduced to a single $, which allows 11190 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 11191 produce the string literal "$(VAR_NAME)". Escaped references 11192 will never be expanded, regardless of whether the variable 11193 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 11194 items: 11195 type: string 11196 type: array 11197 command: 11198 description: 'Entrypoint array. Not executed within a shell. 11199 The docker image''s ENTRYPOINT is used if this is not provided. 11200 Variable references $(VAR_NAME) are expanded using the container''s 11201 environment. If a variable cannot be resolved, the reference 11202 in the input string will be unchanged. Double $$ are reduced 11203 to a single $, which allows for escaping the $(VAR_NAME) syntax: 11204 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 11205 Escaped references will never be expanded, regardless of whether 11206 the variable exists or not. Cannot be updated. More info: 11207 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 11208 items: 11209 type: string 11210 type: array 11211 env: 11212 description: List of environment variables to set in the container. 11213 Cannot be updated. 11214 items: 11215 description: EnvVar represents an environment variable present 11216 in a Container. 11217 properties: 11218 name: 11219 description: Name of the environment variable. Must be 11220 a C_IDENTIFIER. 11221 type: string 11222 value: 11223 description: 'Variable references $(VAR_NAME) are expanded 11224 using the previously defined environment variables in 11225 the container and any service environment variables. 11226 If a variable cannot be resolved, the reference in the 11227 input string will be unchanged. Double $$ are reduced 11228 to a single $, which allows for escaping the $(VAR_NAME) 11229 syntax: i.e. "$$(VAR_NAME)" will produce the string 11230 literal "$(VAR_NAME)". Escaped references will never 11231 be expanded, regardless of whether the variable exists 11232 or not. Defaults to "".' 11233 type: string 11234 valueFrom: 11235 description: Source for the environment variable's value. 11236 Cannot be used if value is not empty. 11237 properties: 11238 configMapKeyRef: 11239 description: Selects a key of a ConfigMap. 11240 properties: 11241 key: 11242 description: The key to select. 11243 type: string 11244 name: 11245 description: 'Name of the referent. More info: 11246 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11247 TODO: Add other useful fields. apiVersion, kind, 11248 uid?' 11249 type: string 11250 optional: 11251 description: Specify whether the ConfigMap or 11252 its key must be defined 11253 type: boolean 11254 required: 11255 - key 11256 type: object 11257 fieldRef: 11258 description: 'Selects a field of the pod: supports 11259 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 11260 `metadata.annotations[''<KEY>'']`, spec.nodeName, 11261 spec.serviceAccountName, status.hostIP, status.podIP, 11262 status.podIPs.' 11263 properties: 11264 apiVersion: 11265 description: Version of the schema the FieldPath 11266 is written in terms of, defaults to "v1". 11267 type: string 11268 fieldPath: 11269 description: Path of the field to select in the 11270 specified API version. 11271 type: string 11272 required: 11273 - fieldPath 11274 type: object 11275 resourceFieldRef: 11276 description: 'Selects a resource of the container: 11277 only resources limits and requests (limits.cpu, 11278 limits.memory, limits.ephemeral-storage, requests.cpu, 11279 requests.memory and requests.ephemeral-storage) 11280 are currently supported.' 11281 properties: 11282 containerName: 11283 description: 'Container name: required for volumes, 11284 optional for env vars' 11285 type: string 11286 divisor: 11287 anyOf: 11288 - type: integer 11289 - type: string 11290 description: Specifies the output format of the 11291 exposed resources, defaults to "1" 11292 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11293 x-kubernetes-int-or-string: true 11294 resource: 11295 description: 'Required: resource to select' 11296 type: string 11297 required: 11298 - resource 11299 type: object 11300 secretKeyRef: 11301 description: Selects a key of a secret in the pod's 11302 namespace 11303 properties: 11304 key: 11305 description: The key of the secret to select from. Must 11306 be a valid secret key. 11307 type: string 11308 name: 11309 description: 'Name of the referent. More info: 11310 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11311 TODO: Add other useful fields. apiVersion, kind, 11312 uid?' 11313 type: string 11314 optional: 11315 description: Specify whether the Secret or its 11316 key must be defined 11317 type: boolean 11318 required: 11319 - key 11320 type: object 11321 type: object 11322 required: 11323 - name 11324 type: object 11325 type: array 11326 envFrom: 11327 description: List of sources to populate environment variables 11328 in the container. The keys defined within a source must be 11329 a C_IDENTIFIER. All invalid keys will be reported as an event 11330 when the container is starting. When a key exists in multiple 11331 sources, the value associated with the last source will take 11332 precedence. Values defined by an Env with a duplicate key 11333 will take precedence. Cannot be updated. 11334 items: 11335 description: EnvFromSource represents the source of a set 11336 of ConfigMaps 11337 properties: 11338 configMapRef: 11339 description: The ConfigMap to select from 11340 properties: 11341 name: 11342 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11343 TODO: Add other useful fields. apiVersion, kind, 11344 uid?' 11345 type: string 11346 optional: 11347 description: Specify whether the ConfigMap must be 11348 defined 11349 type: boolean 11350 type: object 11351 prefix: 11352 description: An optional identifier to prepend to each 11353 key in the ConfigMap. Must be a C_IDENTIFIER. 11354 type: string 11355 secretRef: 11356 description: The Secret to select from 11357 properties: 11358 name: 11359 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11360 TODO: Add other useful fields. apiVersion, kind, 11361 uid?' 11362 type: string 11363 optional: 11364 description: Specify whether the Secret must be defined 11365 type: boolean 11366 type: object 11367 type: object 11368 type: array 11369 image: 11370 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11371 This field is optional to allow higher level config management 11372 to default or override container images in workload controllers 11373 like Deployments and StatefulSets.' 11374 type: string 11375 imagePullPolicy: 11376 description: 'Image pull policy. One of Always, Never, IfNotPresent. 11377 Defaults to Always if :latest tag is specified, or IfNotPresent 11378 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 11379 type: string 11380 lifecycle: 11381 description: Actions that the management system should take 11382 in response to container lifecycle events. Cannot be updated. 11383 properties: 11384 postStart: 11385 description: 'PostStart is called immediately after a container 11386 is created. If the handler fails, the container is terminated 11387 and restarted according to its restart policy. Other management 11388 of the container blocks until the hook completes. More 11389 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 11390 properties: 11391 exec: 11392 description: One and only one of the following should 11393 be specified. Exec specifies the action to take. 11394 properties: 11395 command: 11396 description: Command is the command line to execute 11397 inside the container, the working directory for 11398 the command is root ('/') in the container's 11399 filesystem. The command is simply exec'd, it is 11400 not run inside a shell, so traditional shell instructions 11401 ('|', etc) won't work. To use a shell, you need 11402 to explicitly call out to that shell. Exit status 11403 of 0 is treated as live/healthy and non-zero is 11404 unhealthy. 11405 items: 11406 type: string 11407 type: array 11408 type: object 11409 httpGet: 11410 description: HTTPGet specifies the http request to perform. 11411 properties: 11412 host: 11413 description: Host name to connect to, defaults to 11414 the pod IP. You probably want to set "Host" in 11415 httpHeaders instead. 11416 type: string 11417 httpHeaders: 11418 description: Custom headers to set in the request. 11419 HTTP allows repeated headers. 11420 items: 11421 description: HTTPHeader describes a custom header 11422 to be used in HTTP probes 11423 properties: 11424 name: 11425 description: The header field name 11426 type: string 11427 value: 11428 description: The header field value 11429 type: string 11430 required: 11431 - name 11432 - value 11433 type: object 11434 type: array 11435 path: 11436 description: Path to access on the HTTP server. 11437 type: string 11438 port: 11439 anyOf: 11440 - type: integer 11441 - type: string 11442 description: Name or number of the port to access 11443 on the container. Number must be in the range 11444 1 to 65535. Name must be an IANA_SVC_NAME. 11445 x-kubernetes-int-or-string: true 11446 scheme: 11447 description: Scheme to use for connecting to the 11448 host. Defaults to HTTP. 11449 type: string 11450 required: 11451 - port 11452 type: object 11453 tcpSocket: 11454 description: 'TCPSocket specifies an action involving 11455 a TCP port. TCP hooks not yet supported TODO: implement 11456 a realistic TCP lifecycle hook' 11457 properties: 11458 host: 11459 description: 'Optional: Host name to connect to, 11460 defaults to the pod IP.' 11461 type: string 11462 port: 11463 anyOf: 11464 - type: integer 11465 - type: string 11466 description: Number or name of the port to access 11467 on the container. Number must be in the range 11468 1 to 65535. Name must be an IANA_SVC_NAME. 11469 x-kubernetes-int-or-string: true 11470 required: 11471 - port 11472 type: object 11473 type: object 11474 preStop: 11475 description: 'PreStop is called immediately before a container 11476 is terminated due to an API request or management event 11477 such as liveness/startup probe failure, preemption, resource 11478 contention, etc. The handler is not called if the container 11479 crashes or exits. The reason for termination is passed 11480 to the handler. The Pod''s termination grace period countdown 11481 begins before the PreStop hooked is executed. Regardless 11482 of the outcome of the handler, the container will eventually 11483 terminate within the Pod''s termination grace period. 11484 Other management of the container blocks until the hook 11485 completes or until the termination grace period is reached. 11486 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 11487 properties: 11488 exec: 11489 description: One and only one of the following should 11490 be specified. Exec specifies the action to take. 11491 properties: 11492 command: 11493 description: Command is the command line to execute 11494 inside the container, the working directory for 11495 the command is root ('/') in the container's 11496 filesystem. The command is simply exec'd, it is 11497 not run inside a shell, so traditional shell instructions 11498 ('|', etc) won't work. To use a shell, you need 11499 to explicitly call out to that shell. Exit status 11500 of 0 is treated as live/healthy and non-zero is 11501 unhealthy. 11502 items: 11503 type: string 11504 type: array 11505 type: object 11506 httpGet: 11507 description: HTTPGet specifies the http request to perform. 11508 properties: 11509 host: 11510 description: Host name to connect to, defaults to 11511 the pod IP. You probably want to set "Host" in 11512 httpHeaders instead. 11513 type: string 11514 httpHeaders: 11515 description: Custom headers to set in the request. 11516 HTTP allows repeated headers. 11517 items: 11518 description: HTTPHeader describes a custom header 11519 to be used in HTTP probes 11520 properties: 11521 name: 11522 description: The header field name 11523 type: string 11524 value: 11525 description: The header field value 11526 type: string 11527 required: 11528 - name 11529 - value 11530 type: object 11531 type: array 11532 path: 11533 description: Path to access on the HTTP server. 11534 type: string 11535 port: 11536 anyOf: 11537 - type: integer 11538 - type: string 11539 description: Name or number of the port to access 11540 on the container. Number must be in the range 11541 1 to 65535. Name must be an IANA_SVC_NAME. 11542 x-kubernetes-int-or-string: true 11543 scheme: 11544 description: Scheme to use for connecting to the 11545 host. Defaults to HTTP. 11546 type: string 11547 required: 11548 - port 11549 type: object 11550 tcpSocket: 11551 description: 'TCPSocket specifies an action involving 11552 a TCP port. TCP hooks not yet supported TODO: implement 11553 a realistic TCP lifecycle hook' 11554 properties: 11555 host: 11556 description: 'Optional: Host name to connect to, 11557 defaults to the pod IP.' 11558 type: string 11559 port: 11560 anyOf: 11561 - type: integer 11562 - type: string 11563 description: Number or name of the port to access 11564 on the container. Number must be in the range 11565 1 to 65535. Name must be an IANA_SVC_NAME. 11566 x-kubernetes-int-or-string: true 11567 required: 11568 - port 11569 type: object 11570 type: object 11571 type: object 11572 livenessProbe: 11573 description: 'Periodic probe of container liveness. Container 11574 will be restarted if the probe fails. Cannot be updated. More 11575 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11576 properties: 11577 exec: 11578 description: One and only one of the following should be 11579 specified. Exec specifies the action to take. 11580 properties: 11581 command: 11582 description: Command is the command line to execute 11583 inside the container, the working directory for the 11584 command is root ('/') in the container's filesystem. 11585 The command is simply exec'd, it is not run inside 11586 a shell, so traditional shell instructions ('|', etc) 11587 won't work. To use a shell, you need to explicitly 11588 call out to that shell. Exit status of 0 is treated 11589 as live/healthy and non-zero is unhealthy. 11590 items: 11591 type: string 11592 type: array 11593 type: object 11594 failureThreshold: 11595 description: Minimum consecutive failures for the probe 11596 to be considered failed after having succeeded. Defaults 11597 to 3. Minimum value is 1. 11598 format: int32 11599 type: integer 11600 httpGet: 11601 description: HTTPGet specifies the http request to perform. 11602 properties: 11603 host: 11604 description: Host name to connect to, defaults to the 11605 pod IP. You probably want to set "Host" in httpHeaders 11606 instead. 11607 type: string 11608 httpHeaders: 11609 description: Custom headers to set in the request. HTTP 11610 allows repeated headers. 11611 items: 11612 description: HTTPHeader describes a custom header 11613 to be used in HTTP probes 11614 properties: 11615 name: 11616 description: The header field name 11617 type: string 11618 value: 11619 description: The header field value 11620 type: string 11621 required: 11622 - name 11623 - value 11624 type: object 11625 type: array 11626 path: 11627 description: Path to access on the HTTP server. 11628 type: string 11629 port: 11630 anyOf: 11631 - type: integer 11632 - type: string 11633 description: Name or number of the port to access on 11634 the container. Number must be in the range 1 to 65535. 11635 Name must be an IANA_SVC_NAME. 11636 x-kubernetes-int-or-string: true 11637 scheme: 11638 description: Scheme to use for connecting to the host. 11639 Defaults to HTTP. 11640 type: string 11641 required: 11642 - port 11643 type: object 11644 initialDelaySeconds: 11645 description: 'Number of seconds after the container has 11646 started before liveness probes are initiated. More info: 11647 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11648 format: int32 11649 type: integer 11650 periodSeconds: 11651 description: How often (in seconds) to perform the probe. 11652 Default to 10 seconds. Minimum value is 1. 11653 format: int32 11654 type: integer 11655 successThreshold: 11656 description: Minimum consecutive successes for the probe 11657 to be considered successful after having failed. Defaults 11658 to 1. Must be 1 for liveness and startup. Minimum value 11659 is 1. 11660 format: int32 11661 type: integer 11662 tcpSocket: 11663 description: 'TCPSocket specifies an action involving a 11664 TCP port. TCP hooks not yet supported TODO: implement 11665 a realistic TCP lifecycle hook' 11666 properties: 11667 host: 11668 description: 'Optional: Host name to connect to, defaults 11669 to the pod IP.' 11670 type: string 11671 port: 11672 anyOf: 11673 - type: integer 11674 - type: string 11675 description: Number or name of the port to access on 11676 the container. Number must be in the range 1 to 65535. 11677 Name must be an IANA_SVC_NAME. 11678 x-kubernetes-int-or-string: true 11679 required: 11680 - port 11681 type: object 11682 terminationGracePeriodSeconds: 11683 description: Optional duration in seconds the pod needs 11684 to terminate gracefully upon probe failure. The grace 11685 period is the duration in seconds after the processes 11686 running in the pod are sent a termination signal and the 11687 time when the processes are forcibly halted with a kill 11688 signal. Set this value longer than the expected cleanup 11689 time for your process. If this value is nil, the pod's 11690 terminationGracePeriodSeconds will be used. Otherwise, 11691 this value overrides the value provided by the pod spec. 11692 Value must be non-negative integer. The value zero indicates 11693 stop immediately via the kill signal (no opportunity to 11694 shut down). This is a beta field and requires enabling 11695 ProbeTerminationGracePeriod feature gate. Minimum value 11696 is 1. spec.terminationGracePeriodSeconds is used if unset. 11697 format: int64 11698 type: integer 11699 timeoutSeconds: 11700 description: 'Number of seconds after which the probe times 11701 out. Defaults to 1 second. Minimum value is 1. More info: 11702 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11703 format: int32 11704 type: integer 11705 type: object 11706 name: 11707 description: Name of the container specified as a DNS_LABEL. 11708 Each container in a pod must have a unique name (DNS_LABEL). 11709 Cannot be updated. 11710 type: string 11711 ports: 11712 description: List of ports to expose from the container. Exposing 11713 a port here gives the system additional information about 11714 the network connections a container uses, but is primarily 11715 informational. Not specifying a port here DOES NOT prevent 11716 that port from being exposed. Any port which is listening 11717 on the default "0.0.0.0" address inside a container will be 11718 accessible from the network. Cannot be updated. 11719 items: 11720 description: ContainerPort represents a network port in a 11721 single container. 11722 properties: 11723 containerPort: 11724 description: Number of port to expose on the pod's IP 11725 address. This must be a valid port number, 0 < x < 65536. 11726 format: int32 11727 type: integer 11728 hostIP: 11729 description: What host IP to bind the external port to. 11730 type: string 11731 hostPort: 11732 description: Number of port to expose on the host. If 11733 specified, this must be a valid port number, 0 < x < 11734 65536. If HostNetwork is specified, this must match 11735 ContainerPort. Most containers do not need this. 11736 format: int32 11737 type: integer 11738 name: 11739 description: If specified, this must be an IANA_SVC_NAME 11740 and unique within the pod. Each named port in a pod 11741 must have a unique name. Name for the port that can 11742 be referred to by services. 11743 type: string 11744 protocol: 11745 default: TCP 11746 description: Protocol for port. Must be UDP, TCP, or SCTP. 11747 Defaults to "TCP". 11748 type: string 11749 required: 11750 - containerPort 11751 type: object 11752 type: array 11753 x-kubernetes-list-map-keys: 11754 - containerPort 11755 - protocol 11756 x-kubernetes-list-type: map 11757 readinessProbe: 11758 description: 'Periodic probe of container service readiness. 11759 Container will be removed from service endpoints if the probe 11760 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11761 properties: 11762 exec: 11763 description: One and only one of the following should be 11764 specified. Exec specifies the action to take. 11765 properties: 11766 command: 11767 description: Command is the command line to execute 11768 inside the container, the working directory for the 11769 command is root ('/') in the container's filesystem. 11770 The command is simply exec'd, it is not run inside 11771 a shell, so traditional shell instructions ('|', etc) 11772 won't work. To use a shell, you need to explicitly 11773 call out to that shell. Exit status of 0 is treated 11774 as live/healthy and non-zero is unhealthy. 11775 items: 11776 type: string 11777 type: array 11778 type: object 11779 failureThreshold: 11780 description: Minimum consecutive failures for the probe 11781 to be considered failed after having succeeded. Defaults 11782 to 3. Minimum value is 1. 11783 format: int32 11784 type: integer 11785 httpGet: 11786 description: HTTPGet specifies the http request to perform. 11787 properties: 11788 host: 11789 description: Host name to connect to, defaults to the 11790 pod IP. You probably want to set "Host" in httpHeaders 11791 instead. 11792 type: string 11793 httpHeaders: 11794 description: Custom headers to set in the request. HTTP 11795 allows repeated headers. 11796 items: 11797 description: HTTPHeader describes a custom header 11798 to be used in HTTP probes 11799 properties: 11800 name: 11801 description: The header field name 11802 type: string 11803 value: 11804 description: The header field value 11805 type: string 11806 required: 11807 - name 11808 - value 11809 type: object 11810 type: array 11811 path: 11812 description: Path to access on the HTTP server. 11813 type: string 11814 port: 11815 anyOf: 11816 - type: integer 11817 - type: string 11818 description: Name or number of the port to access on 11819 the container. Number must be in the range 1 to 65535. 11820 Name must be an IANA_SVC_NAME. 11821 x-kubernetes-int-or-string: true 11822 scheme: 11823 description: Scheme to use for connecting to the host. 11824 Defaults to HTTP. 11825 type: string 11826 required: 11827 - port 11828 type: object 11829 initialDelaySeconds: 11830 description: 'Number of seconds after the container has 11831 started before liveness probes are initiated. More info: 11832 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11833 format: int32 11834 type: integer 11835 periodSeconds: 11836 description: How often (in seconds) to perform the probe. 11837 Default to 10 seconds. Minimum value is 1. 11838 format: int32 11839 type: integer 11840 successThreshold: 11841 description: Minimum consecutive successes for the probe 11842 to be considered successful after having failed. Defaults 11843 to 1. Must be 1 for liveness and startup. Minimum value 11844 is 1. 11845 format: int32 11846 type: integer 11847 tcpSocket: 11848 description: 'TCPSocket specifies an action involving a 11849 TCP port. TCP hooks not yet supported TODO: implement 11850 a realistic TCP lifecycle hook' 11851 properties: 11852 host: 11853 description: 'Optional: Host name to connect to, defaults 11854 to the pod IP.' 11855 type: string 11856 port: 11857 anyOf: 11858 - type: integer 11859 - type: string 11860 description: Number or name of the port to access on 11861 the container. Number must be in the range 1 to 65535. 11862 Name must be an IANA_SVC_NAME. 11863 x-kubernetes-int-or-string: true 11864 required: 11865 - port 11866 type: object 11867 terminationGracePeriodSeconds: 11868 description: Optional duration in seconds the pod needs 11869 to terminate gracefully upon probe failure. The grace 11870 period is the duration in seconds after the processes 11871 running in the pod are sent a termination signal and the 11872 time when the processes are forcibly halted with a kill 11873 signal. Set this value longer than the expected cleanup 11874 time for your process. If this value is nil, the pod's 11875 terminationGracePeriodSeconds will be used. Otherwise, 11876 this value overrides the value provided by the pod spec. 11877 Value must be non-negative integer. The value zero indicates 11878 stop immediately via the kill signal (no opportunity to 11879 shut down). This is a beta field and requires enabling 11880 ProbeTerminationGracePeriod feature gate. Minimum value 11881 is 1. spec.terminationGracePeriodSeconds is used if unset. 11882 format: int64 11883 type: integer 11884 timeoutSeconds: 11885 description: 'Number of seconds after which the probe times 11886 out. Defaults to 1 second. Minimum value is 1. More info: 11887 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 11888 format: int32 11889 type: integer 11890 type: object 11891 resources: 11892 description: 'Compute Resources required by this container. 11893 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11894 properties: 11895 limits: 11896 additionalProperties: 11897 anyOf: 11898 - type: integer 11899 - type: string 11900 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11901 x-kubernetes-int-or-string: true 11902 description: 'Limits describes the maximum amount of compute 11903 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11904 type: object 11905 requests: 11906 additionalProperties: 11907 anyOf: 11908 - type: integer 11909 - type: string 11910 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 11911 x-kubernetes-int-or-string: true 11912 description: 'Requests describes the minimum amount of compute 11913 resources required. If Requests is omitted for a container, 11914 it defaults to Limits if that is explicitly specified, 11915 otherwise to an implementation-defined value. More info: 11916 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 11917 type: object 11918 type: object 11919 securityContext: 11920 description: 'SecurityContext defines the security options the 11921 container should be run with. If set, the fields of SecurityContext 11922 override the equivalent fields of PodSecurityContext. More 11923 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 11924 properties: 11925 allowPrivilegeEscalation: 11926 description: 'AllowPrivilegeEscalation controls whether 11927 a process can gain more privileges than its parent process. 11928 This bool directly controls if the no_new_privs flag will 11929 be set on the container process. AllowPrivilegeEscalation 11930 is true always when the container is: 1) run as Privileged 11931 2) has CAP_SYS_ADMIN' 11932 type: boolean 11933 capabilities: 11934 description: The capabilities to add/drop when running containers. 11935 Defaults to the default set of capabilities granted by 11936 the container runtime. 11937 properties: 11938 add: 11939 description: Added capabilities 11940 items: 11941 description: Capability represent POSIX capabilities 11942 type 11943 type: string 11944 type: array 11945 drop: 11946 description: Removed capabilities 11947 items: 11948 description: Capability represent POSIX capabilities 11949 type 11950 type: string 11951 type: array 11952 type: object 11953 privileged: 11954 description: Run container in privileged mode. Processes 11955 in privileged containers are essentially equivalent to 11956 root on the host. Defaults to false. 11957 type: boolean 11958 procMount: 11959 description: procMount denotes the type of proc mount to 11960 use for the containers. The default is DefaultProcMount 11961 which uses the container runtime defaults for readonly 11962 paths and masked paths. This requires the ProcMountType 11963 feature flag to be enabled. 11964 type: string 11965 readOnlyRootFilesystem: 11966 description: Whether this container has a read-only root 11967 filesystem. Default is false. 11968 type: boolean 11969 runAsGroup: 11970 description: The GID to run the entrypoint of the container 11971 process. Uses runtime default if unset. May also be set 11972 in PodSecurityContext. If set in both SecurityContext 11973 and PodSecurityContext, the value specified in SecurityContext 11974 takes precedence. 11975 format: int64 11976 type: integer 11977 runAsNonRoot: 11978 description: Indicates that the container must run as a 11979 non-root user. If true, the Kubelet will validate the 11980 image at runtime to ensure that it does not run as UID 11981 0 (root) and fail to start the container if it does. If 11982 unset or false, no such validation will be performed. 11983 May also be set in PodSecurityContext. If set in both 11984 SecurityContext and PodSecurityContext, the value specified 11985 in SecurityContext takes precedence. 11986 type: boolean 11987 runAsUser: 11988 description: The UID to run the entrypoint of the container 11989 process. Defaults to user specified in image metadata 11990 if unspecified. May also be set in PodSecurityContext. If 11991 set in both SecurityContext and PodSecurityContext, the 11992 value specified in SecurityContext takes precedence. 11993 format: int64 11994 type: integer 11995 seLinuxOptions: 11996 description: The SELinux context to be applied to the container. 11997 If unspecified, the container runtime will allocate a 11998 random SELinux context for each container. May also be 11999 set in PodSecurityContext. If set in both SecurityContext 12000 and PodSecurityContext, the value specified in SecurityContext 12001 takes precedence. 12002 properties: 12003 level: 12004 description: Level is SELinux level label that applies 12005 to the container. 12006 type: string 12007 role: 12008 description: Role is a SELinux role label that applies 12009 to the container. 12010 type: string 12011 type: 12012 description: Type is a SELinux type label that applies 12013 to the container. 12014 type: string 12015 user: 12016 description: User is a SELinux user label that applies 12017 to the container. 12018 type: string 12019 type: object 12020 seccompProfile: 12021 description: The seccomp options to use by this container. 12022 If seccomp options are provided at both the pod & container 12023 level, the container options override the pod options. 12024 properties: 12025 localhostProfile: 12026 description: localhostProfile indicates a profile defined 12027 in a file on the node should be used. The profile 12028 must be preconfigured on the node to work. Must be 12029 a descending path, relative to the kubelet's configured 12030 seccomp profile location. Must only be set if type 12031 is "Localhost". 12032 type: string 12033 type: 12034 description: "type indicates which kind of seccomp profile 12035 will be applied. Valid options are: \n Localhost - 12036 a profile defined in a file on the node should be 12037 used. RuntimeDefault - the container runtime default 12038 profile should be used. Unconfined - no profile should 12039 be applied." 12040 type: string 12041 required: 12042 - type 12043 type: object 12044 windowsOptions: 12045 description: The Windows specific settings applied to all 12046 containers. If unspecified, the options from the PodSecurityContext 12047 will be used. If set in both SecurityContext and PodSecurityContext, 12048 the value specified in SecurityContext takes precedence. 12049 properties: 12050 gmsaCredentialSpec: 12051 description: GMSACredentialSpec is where the GMSA admission 12052 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 12053 inlines the contents of the GMSA credential spec named 12054 by the GMSACredentialSpecName field. 12055 type: string 12056 gmsaCredentialSpecName: 12057 description: GMSACredentialSpecName is the name of the 12058 GMSA credential spec to use. 12059 type: string 12060 hostProcess: 12061 description: HostProcess determines if a container should 12062 be run as a 'Host Process' container. This field is 12063 alpha-level and will only be honored by components 12064 that enable the WindowsHostProcessContainers feature 12065 flag. Setting this field without the feature flag 12066 will result in errors when validating the Pod. All 12067 of a Pod's containers must have the same effective 12068 HostProcess value (it is not allowed to have a mix 12069 of HostProcess containers and non-HostProcess containers). In 12070 addition, if HostProcess is true then HostNetwork 12071 must also be set to true. 12072 type: boolean 12073 runAsUserName: 12074 description: The UserName in Windows to run the entrypoint 12075 of the container process. Defaults to the user specified 12076 in image metadata if unspecified. May also be set 12077 in PodSecurityContext. If set in both SecurityContext 12078 and PodSecurityContext, the value specified in SecurityContext 12079 takes precedence. 12080 type: string 12081 type: object 12082 type: object 12083 startupProbe: 12084 description: 'StartupProbe indicates that the Pod has successfully 12085 initialized. If specified, no other probes are executed until 12086 this completes successfully. If this probe fails, the Pod 12087 will be restarted, just as if the livenessProbe failed. This 12088 can be used to provide different probe parameters at the beginning 12089 of a Pod''s lifecycle, when it might take a long time to load 12090 data or warm a cache, than during steady-state operation. 12091 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12092 properties: 12093 exec: 12094 description: One and only one of the following should be 12095 specified. Exec specifies the action to take. 12096 properties: 12097 command: 12098 description: Command is the command line to execute 12099 inside the container, the working directory for the 12100 command is root ('/') in the container's filesystem. 12101 The command is simply exec'd, it is not run inside 12102 a shell, so traditional shell instructions ('|', etc) 12103 won't work. To use a shell, you need to explicitly 12104 call out to that shell. Exit status of 0 is treated 12105 as live/healthy and non-zero is unhealthy. 12106 items: 12107 type: string 12108 type: array 12109 type: object 12110 failureThreshold: 12111 description: Minimum consecutive failures for the probe 12112 to be considered failed after having succeeded. Defaults 12113 to 3. Minimum value is 1. 12114 format: int32 12115 type: integer 12116 httpGet: 12117 description: HTTPGet specifies the http request to perform. 12118 properties: 12119 host: 12120 description: Host name to connect to, defaults to the 12121 pod IP. You probably want to set "Host" in httpHeaders 12122 instead. 12123 type: string 12124 httpHeaders: 12125 description: Custom headers to set in the request. HTTP 12126 allows repeated headers. 12127 items: 12128 description: HTTPHeader describes a custom header 12129 to be used in HTTP probes 12130 properties: 12131 name: 12132 description: The header field name 12133 type: string 12134 value: 12135 description: The header field value 12136 type: string 12137 required: 12138 - name 12139 - value 12140 type: object 12141 type: array 12142 path: 12143 description: Path to access on the HTTP server. 12144 type: string 12145 port: 12146 anyOf: 12147 - type: integer 12148 - type: string 12149 description: Name or number of the port to access on 12150 the container. Number must be in the range 1 to 65535. 12151 Name must be an IANA_SVC_NAME. 12152 x-kubernetes-int-or-string: true 12153 scheme: 12154 description: Scheme to use for connecting to the host. 12155 Defaults to HTTP. 12156 type: string 12157 required: 12158 - port 12159 type: object 12160 initialDelaySeconds: 12161 description: 'Number of seconds after the container has 12162 started before liveness probes are initiated. More info: 12163 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12164 format: int32 12165 type: integer 12166 periodSeconds: 12167 description: How often (in seconds) to perform the probe. 12168 Default to 10 seconds. Minimum value is 1. 12169 format: int32 12170 type: integer 12171 successThreshold: 12172 description: Minimum consecutive successes for the probe 12173 to be considered successful after having failed. Defaults 12174 to 1. Must be 1 for liveness and startup. Minimum value 12175 is 1. 12176 format: int32 12177 type: integer 12178 tcpSocket: 12179 description: 'TCPSocket specifies an action involving a 12180 TCP port. TCP hooks not yet supported TODO: implement 12181 a realistic TCP lifecycle hook' 12182 properties: 12183 host: 12184 description: 'Optional: Host name to connect to, defaults 12185 to the pod IP.' 12186 type: string 12187 port: 12188 anyOf: 12189 - type: integer 12190 - type: string 12191 description: Number or name of the port to access on 12192 the container. Number must be in the range 1 to 65535. 12193 Name must be an IANA_SVC_NAME. 12194 x-kubernetes-int-or-string: true 12195 required: 12196 - port 12197 type: object 12198 terminationGracePeriodSeconds: 12199 description: Optional duration in seconds the pod needs 12200 to terminate gracefully upon probe failure. The grace 12201 period is the duration in seconds after the processes 12202 running in the pod are sent a termination signal and the 12203 time when the processes are forcibly halted with a kill 12204 signal. Set this value longer than the expected cleanup 12205 time for your process. If this value is nil, the pod's 12206 terminationGracePeriodSeconds will be used. Otherwise, 12207 this value overrides the value provided by the pod spec. 12208 Value must be non-negative integer. The value zero indicates 12209 stop immediately via the kill signal (no opportunity to 12210 shut down). This is a beta field and requires enabling 12211 ProbeTerminationGracePeriod feature gate. Minimum value 12212 is 1. spec.terminationGracePeriodSeconds is used if unset. 12213 format: int64 12214 type: integer 12215 timeoutSeconds: 12216 description: 'Number of seconds after which the probe times 12217 out. Defaults to 1 second. Minimum value is 1. More info: 12218 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12219 format: int32 12220 type: integer 12221 type: object 12222 stdin: 12223 description: Whether this container should allocate a buffer 12224 for stdin in the container runtime. If this is not set, reads 12225 from stdin in the container will always result in EOF. Default 12226 is false. 12227 type: boolean 12228 stdinOnce: 12229 description: Whether the container runtime should close the 12230 stdin channel after it has been opened by a single attach. 12231 When stdin is true the stdin stream will remain open across 12232 multiple attach sessions. If stdinOnce is set to true, stdin 12233 is opened on container start, is empty until the first client 12234 attaches to stdin, and then remains open and accepts data 12235 until the client disconnects, at which time stdin is closed 12236 and remains closed until the container is restarted. If this 12237 flag is false, a container processes that reads from stdin 12238 will never receive an EOF. Default is false 12239 type: boolean 12240 terminationMessagePath: 12241 description: 'Optional: Path at which the file to which the 12242 container''s termination message will be written is mounted 12243 into the container''s filesystem. Message written is intended 12244 to be brief final status, such as an assertion failure message. 12245 Will be truncated by the node if greater than 4096 bytes. 12246 The total message length across all containers will be limited 12247 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 12248 type: string 12249 terminationMessagePolicy: 12250 description: Indicate how the termination message should be 12251 populated. File will use the contents of terminationMessagePath 12252 to populate the container status message on both success and 12253 failure. FallbackToLogsOnError will use the last chunk of 12254 container log output if the termination message file is empty 12255 and the container exited with an error. The log output is 12256 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 12257 to File. Cannot be updated. 12258 type: string 12259 tty: 12260 description: Whether this container should allocate a TTY for 12261 itself, also requires 'stdin' to be true. Default is false. 12262 type: boolean 12263 volumeDevices: 12264 description: volumeDevices is the list of block devices to be 12265 used by the container. 12266 items: 12267 description: volumeDevice describes a mapping of a raw block 12268 device within a container. 12269 properties: 12270 devicePath: 12271 description: devicePath is the path inside of the container 12272 that the device will be mapped to. 12273 type: string 12274 name: 12275 description: name must match the name of a persistentVolumeClaim 12276 in the pod 12277 type: string 12278 required: 12279 - devicePath 12280 - name 12281 type: object 12282 type: array 12283 volumeMounts: 12284 description: Pod volumes to mount into the container's filesystem. 12285 Cannot be updated. 12286 items: 12287 description: VolumeMount describes a mounting of a Volume 12288 within a container. 12289 properties: 12290 mountPath: 12291 description: Path within the container at which the volume 12292 should be mounted. Must not contain ':'. 12293 type: string 12294 mountPropagation: 12295 description: mountPropagation determines how mounts are 12296 propagated from the host to container and the other 12297 way around. When not set, MountPropagationNone is used. 12298 This field is beta in 1.10. 12299 type: string 12300 name: 12301 description: This must match the Name of a Volume. 12302 type: string 12303 readOnly: 12304 description: Mounted read-only if true, read-write otherwise 12305 (false or unspecified). Defaults to false. 12306 type: boolean 12307 subPath: 12308 description: Path within the volume from which the container's 12309 volume should be mounted. Defaults to "" (volume's root). 12310 type: string 12311 subPathExpr: 12312 description: Expanded path within the volume from which 12313 the container's volume should be mounted. Behaves similarly 12314 to SubPath but environment variable references $(VAR_NAME) 12315 are expanded using the container's environment. Defaults 12316 to "" (volume's root). SubPathExpr and SubPath are mutually 12317 exclusive. 12318 type: string 12319 required: 12320 - mountPath 12321 - name 12322 type: object 12323 type: array 12324 workingDir: 12325 description: Container's working directory. If not specified, 12326 the container runtime's default will be used, which might 12327 be configured in the container image. Cannot be updated. 12328 type: string 12329 required: 12330 - name 12331 type: object 12332 type: array 12333 disableCompaction: 12334 description: Disable prometheus compaction. 12335 type: boolean 12336 enableAdminAPI: 12337 description: 'Enable access to prometheus web admin API. Defaults 12338 to the value of `false`. WARNING: Enabling the admin APIs enables 12339 mutating endpoints, to delete data, shutdown Prometheus, and more. 12340 Enabling this should be done with care and the user is advised to 12341 add additional authentication authorization via a proxy to ensure 12342 only clients authorized to perform these actions can do so. For 12343 more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' 12344 type: boolean 12345 enableFeatures: 12346 description: Enable access to Prometheus disabled features. By default, 12347 no features are enabled. Enabling disabled features is entirely 12348 outside the scope of what the maintainers will support and by doing 12349 so, you accept that this behaviour may break at any time without 12350 notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/ 12351 items: 12352 type: string 12353 type: array 12354 enforcedBodySizeLimit: 12355 description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed 12356 response body that will be accepted by Prometheus. Targets responding 12357 with a body larger than this many bytes will cause the scrape to 12358 fail. Example: 100MB. If defined, the limit will apply to all service/pod 12359 monitors and probes. This is an experimental feature, this behaviour 12360 could change or be removed in the future. Only valid in Prometheus 12361 versions 2.28.0 and newer.' 12362 type: string 12363 enforcedLabelLimit: 12364 description: Per-scrape limit on number of labels that will be accepted 12365 for a sample. If more than this number of labels are present post 12366 metric-relabeling, the entire scrape will be treated as failed. 12367 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12368 format: int64 12369 type: integer 12370 enforcedLabelNameLengthLimit: 12371 description: Per-scrape limit on length of labels name that will be 12372 accepted for a sample. If a label name is longer than this number 12373 post metric-relabeling, the entire scrape will be treated as failed. 12374 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12375 format: int64 12376 type: integer 12377 enforcedLabelValueLengthLimit: 12378 description: Per-scrape limit on length of labels value that will 12379 be accepted for a sample. If a label value is longer than this number 12380 post metric-relabeling, the entire scrape will be treated as failed. 12381 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. 12382 format: int64 12383 type: integer 12384 enforcedNamespaceLabel: 12385 description: "EnforcedNamespaceLabel If set, a label will be added 12386 to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` 12387 and `ProbeConfig` object) and 2. in all `PrometheusRule` objects 12388 (except the ones excluded in `prometheusRulesExcludedFromEnforce`) 12389 to * alerting & recording rules and * the metrics used in 12390 their expressions (`expr`). \n Label name is this field's value. 12391 Label value is the namespace of the created object (mentioned above)." 12392 type: string 12393 enforcedSampleLimit: 12394 description: EnforcedSampleLimit defines global limit on number of 12395 scraped samples that will be accepted. This overrides any SampleLimit 12396 set per ServiceMonitor or/and PodMonitor. It is meant to be used 12397 by admins to enforce the SampleLimit to keep overall number of samples/series 12398 under the desired limit. Note that if SampleLimit is lower that 12399 value will be taken instead. 12400 format: int64 12401 type: integer 12402 enforcedTargetLimit: 12403 description: EnforcedTargetLimit defines a global limit on the number 12404 of scraped targets. This overrides any TargetLimit set per ServiceMonitor 12405 or/and PodMonitor. It is meant to be used by admins to enforce 12406 the TargetLimit to keep the overall number of targets under the 12407 desired limit. Note that if TargetLimit is lower, that value will 12408 be taken instead, except if either value is zero, in which case 12409 the non-zero value will be used. If both values are zero, no limit 12410 is enforced. 12411 format: int64 12412 type: integer 12413 evaluationInterval: 12414 description: 'Interval between consecutive evaluations. Default: `1m`' 12415 type: string 12416 externalLabels: 12417 additionalProperties: 12418 type: string 12419 description: The labels to add to any time series or alerts when communicating 12420 with external systems (federation, remote storage, Alertmanager). 12421 type: object 12422 externalUrl: 12423 description: The external URL the Prometheus instances will be available 12424 under. This is necessary to generate correct URLs. This is necessary 12425 if Prometheus is not served from root of a DNS name. 12426 type: string 12427 ignoreNamespaceSelectors: 12428 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector 12429 settings from the podmonitor and servicemonitor configs, and they 12430 will only discover endpoints within their current namespace. Defaults 12431 to false. 12432 type: boolean 12433 image: 12434 description: Image if specified has precedence over baseImage, tag 12435 and sha combinations. Specifying the version is still necessary 12436 to ensure the Prometheus Operator knows what version of Prometheus 12437 is being configured. 12438 type: string 12439 imagePullSecrets: 12440 description: An optional list of references to secrets in the same 12441 namespace to use for pulling prometheus and alertmanager images 12442 from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 12443 items: 12444 description: LocalObjectReference contains enough information to 12445 let you locate the referenced object inside the same namespace. 12446 properties: 12447 name: 12448 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12449 TODO: Add other useful fields. apiVersion, kind, uid?' 12450 type: string 12451 type: object 12452 type: array 12453 initContainers: 12454 description: 'InitContainers allows adding initContainers to the pod 12455 definition. Those can be used to e.g. fetch secrets for injection 12456 into the Prometheus configuration from external sources. Any errors 12457 during the execution of an initContainer will lead to a restart 12458 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 12459 InitContainers described here modify an operator generated init 12460 containers if they share the same name and modifications are done 12461 via a strategic merge patch. The current init container name is: 12462 `init-config-reloader`. Overriding init containers is entirely outside 12463 the scope of what the maintainers will support and by doing so, 12464 you accept that this behaviour may break at any time without notice.' 12465 items: 12466 description: A single application container that you want to run 12467 within a pod. 12468 properties: 12469 args: 12470 description: 'Arguments to the entrypoint. The docker image''s 12471 CMD is used if this is not provided. Variable references $(VAR_NAME) 12472 are expanded using the container''s environment. If a variable 12473 cannot be resolved, the reference in the input string will 12474 be unchanged. Double $$ are reduced to a single $, which allows 12475 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 12476 produce the string literal "$(VAR_NAME)". Escaped references 12477 will never be expanded, regardless of whether the variable 12478 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 12479 items: 12480 type: string 12481 type: array 12482 command: 12483 description: 'Entrypoint array. Not executed within a shell. 12484 The docker image''s ENTRYPOINT is used if this is not provided. 12485 Variable references $(VAR_NAME) are expanded using the container''s 12486 environment. If a variable cannot be resolved, the reference 12487 in the input string will be unchanged. Double $$ are reduced 12488 to a single $, which allows for escaping the $(VAR_NAME) syntax: 12489 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 12490 Escaped references will never be expanded, regardless of whether 12491 the variable exists or not. Cannot be updated. More info: 12492 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 12493 items: 12494 type: string 12495 type: array 12496 env: 12497 description: List of environment variables to set in the container. 12498 Cannot be updated. 12499 items: 12500 description: EnvVar represents an environment variable present 12501 in a Container. 12502 properties: 12503 name: 12504 description: Name of the environment variable. Must be 12505 a C_IDENTIFIER. 12506 type: string 12507 value: 12508 description: 'Variable references $(VAR_NAME) are expanded 12509 using the previously defined environment variables in 12510 the container and any service environment variables. 12511 If a variable cannot be resolved, the reference in the 12512 input string will be unchanged. Double $$ are reduced 12513 to a single $, which allows for escaping the $(VAR_NAME) 12514 syntax: i.e. "$$(VAR_NAME)" will produce the string 12515 literal "$(VAR_NAME)". Escaped references will never 12516 be expanded, regardless of whether the variable exists 12517 or not. Defaults to "".' 12518 type: string 12519 valueFrom: 12520 description: Source for the environment variable's value. 12521 Cannot be used if value is not empty. 12522 properties: 12523 configMapKeyRef: 12524 description: Selects a key of a ConfigMap. 12525 properties: 12526 key: 12527 description: The key to select. 12528 type: string 12529 name: 12530 description: 'Name of the referent. More info: 12531 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12532 TODO: Add other useful fields. apiVersion, kind, 12533 uid?' 12534 type: string 12535 optional: 12536 description: Specify whether the ConfigMap or 12537 its key must be defined 12538 type: boolean 12539 required: 12540 - key 12541 type: object 12542 fieldRef: 12543 description: 'Selects a field of the pod: supports 12544 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 12545 `metadata.annotations[''<KEY>'']`, spec.nodeName, 12546 spec.serviceAccountName, status.hostIP, status.podIP, 12547 status.podIPs.' 12548 properties: 12549 apiVersion: 12550 description: Version of the schema the FieldPath 12551 is written in terms of, defaults to "v1". 12552 type: string 12553 fieldPath: 12554 description: Path of the field to select in the 12555 specified API version. 12556 type: string 12557 required: 12558 - fieldPath 12559 type: object 12560 resourceFieldRef: 12561 description: 'Selects a resource of the container: 12562 only resources limits and requests (limits.cpu, 12563 limits.memory, limits.ephemeral-storage, requests.cpu, 12564 requests.memory and requests.ephemeral-storage) 12565 are currently supported.' 12566 properties: 12567 containerName: 12568 description: 'Container name: required for volumes, 12569 optional for env vars' 12570 type: string 12571 divisor: 12572 anyOf: 12573 - type: integer 12574 - type: string 12575 description: Specifies the output format of the 12576 exposed resources, defaults to "1" 12577 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 12578 x-kubernetes-int-or-string: true 12579 resource: 12580 description: 'Required: resource to select' 12581 type: string 12582 required: 12583 - resource 12584 type: object 12585 secretKeyRef: 12586 description: Selects a key of a secret in the pod's 12587 namespace 12588 properties: 12589 key: 12590 description: The key of the secret to select from. Must 12591 be a valid secret key. 12592 type: string 12593 name: 12594 description: 'Name of the referent. More info: 12595 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12596 TODO: Add other useful fields. apiVersion, kind, 12597 uid?' 12598 type: string 12599 optional: 12600 description: Specify whether the Secret or its 12601 key must be defined 12602 type: boolean 12603 required: 12604 - key 12605 type: object 12606 type: object 12607 required: 12608 - name 12609 type: object 12610 type: array 12611 envFrom: 12612 description: List of sources to populate environment variables 12613 in the container. The keys defined within a source must be 12614 a C_IDENTIFIER. All invalid keys will be reported as an event 12615 when the container is starting. When a key exists in multiple 12616 sources, the value associated with the last source will take 12617 precedence. Values defined by an Env with a duplicate key 12618 will take precedence. Cannot be updated. 12619 items: 12620 description: EnvFromSource represents the source of a set 12621 of ConfigMaps 12622 properties: 12623 configMapRef: 12624 description: The ConfigMap to select from 12625 properties: 12626 name: 12627 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12628 TODO: Add other useful fields. apiVersion, kind, 12629 uid?' 12630 type: string 12631 optional: 12632 description: Specify whether the ConfigMap must be 12633 defined 12634 type: boolean 12635 type: object 12636 prefix: 12637 description: An optional identifier to prepend to each 12638 key in the ConfigMap. Must be a C_IDENTIFIER. 12639 type: string 12640 secretRef: 12641 description: The Secret to select from 12642 properties: 12643 name: 12644 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12645 TODO: Add other useful fields. apiVersion, kind, 12646 uid?' 12647 type: string 12648 optional: 12649 description: Specify whether the Secret must be defined 12650 type: boolean 12651 type: object 12652 type: object 12653 type: array 12654 image: 12655 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12656 This field is optional to allow higher level config management 12657 to default or override container images in workload controllers 12658 like Deployments and StatefulSets.' 12659 type: string 12660 imagePullPolicy: 12661 description: 'Image pull policy. One of Always, Never, IfNotPresent. 12662 Defaults to Always if :latest tag is specified, or IfNotPresent 12663 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 12664 type: string 12665 lifecycle: 12666 description: Actions that the management system should take 12667 in response to container lifecycle events. Cannot be updated. 12668 properties: 12669 postStart: 12670 description: 'PostStart is called immediately after a container 12671 is created. If the handler fails, the container is terminated 12672 and restarted according to its restart policy. Other management 12673 of the container blocks until the hook completes. More 12674 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 12675 properties: 12676 exec: 12677 description: One and only one of the following should 12678 be specified. Exec specifies the action to take. 12679 properties: 12680 command: 12681 description: Command is the command line to execute 12682 inside the container, the working directory for 12683 the command is root ('/') in the container's 12684 filesystem. The command is simply exec'd, it is 12685 not run inside a shell, so traditional shell instructions 12686 ('|', etc) won't work. To use a shell, you need 12687 to explicitly call out to that shell. Exit status 12688 of 0 is treated as live/healthy and non-zero is 12689 unhealthy. 12690 items: 12691 type: string 12692 type: array 12693 type: object 12694 httpGet: 12695 description: HTTPGet specifies the http request to perform. 12696 properties: 12697 host: 12698 description: Host name to connect to, defaults to 12699 the pod IP. You probably want to set "Host" in 12700 httpHeaders instead. 12701 type: string 12702 httpHeaders: 12703 description: Custom headers to set in the request. 12704 HTTP allows repeated headers. 12705 items: 12706 description: HTTPHeader describes a custom header 12707 to be used in HTTP probes 12708 properties: 12709 name: 12710 description: The header field name 12711 type: string 12712 value: 12713 description: The header field value 12714 type: string 12715 required: 12716 - name 12717 - value 12718 type: object 12719 type: array 12720 path: 12721 description: Path to access on the HTTP server. 12722 type: string 12723 port: 12724 anyOf: 12725 - type: integer 12726 - type: string 12727 description: Name or number of the port to access 12728 on the container. Number must be in the range 12729 1 to 65535. Name must be an IANA_SVC_NAME. 12730 x-kubernetes-int-or-string: true 12731 scheme: 12732 description: Scheme to use for connecting to the 12733 host. Defaults to HTTP. 12734 type: string 12735 required: 12736 - port 12737 type: object 12738 tcpSocket: 12739 description: 'TCPSocket specifies an action involving 12740 a TCP port. TCP hooks not yet supported TODO: implement 12741 a realistic TCP lifecycle hook' 12742 properties: 12743 host: 12744 description: 'Optional: Host name to connect to, 12745 defaults to the pod IP.' 12746 type: string 12747 port: 12748 anyOf: 12749 - type: integer 12750 - type: string 12751 description: Number or name of the port to access 12752 on the container. Number must be in the range 12753 1 to 65535. Name must be an IANA_SVC_NAME. 12754 x-kubernetes-int-or-string: true 12755 required: 12756 - port 12757 type: object 12758 type: object 12759 preStop: 12760 description: 'PreStop is called immediately before a container 12761 is terminated due to an API request or management event 12762 such as liveness/startup probe failure, preemption, resource 12763 contention, etc. The handler is not called if the container 12764 crashes or exits. The reason for termination is passed 12765 to the handler. The Pod''s termination grace period countdown 12766 begins before the PreStop hooked is executed. Regardless 12767 of the outcome of the handler, the container will eventually 12768 terminate within the Pod''s termination grace period. 12769 Other management of the container blocks until the hook 12770 completes or until the termination grace period is reached. 12771 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 12772 properties: 12773 exec: 12774 description: One and only one of the following should 12775 be specified. Exec specifies the action to take. 12776 properties: 12777 command: 12778 description: Command is the command line to execute 12779 inside the container, the working directory for 12780 the command is root ('/') in the container's 12781 filesystem. The command is simply exec'd, it is 12782 not run inside a shell, so traditional shell instructions 12783 ('|', etc) won't work. To use a shell, you need 12784 to explicitly call out to that shell. Exit status 12785 of 0 is treated as live/healthy and non-zero is 12786 unhealthy. 12787 items: 12788 type: string 12789 type: array 12790 type: object 12791 httpGet: 12792 description: HTTPGet specifies the http request to perform. 12793 properties: 12794 host: 12795 description: Host name to connect to, defaults to 12796 the pod IP. You probably want to set "Host" in 12797 httpHeaders instead. 12798 type: string 12799 httpHeaders: 12800 description: Custom headers to set in the request. 12801 HTTP allows repeated headers. 12802 items: 12803 description: HTTPHeader describes a custom header 12804 to be used in HTTP probes 12805 properties: 12806 name: 12807 description: The header field name 12808 type: string 12809 value: 12810 description: The header field value 12811 type: string 12812 required: 12813 - name 12814 - value 12815 type: object 12816 type: array 12817 path: 12818 description: Path to access on the HTTP server. 12819 type: string 12820 port: 12821 anyOf: 12822 - type: integer 12823 - type: string 12824 description: Name or number of the port to access 12825 on the container. Number must be in the range 12826 1 to 65535. Name must be an IANA_SVC_NAME. 12827 x-kubernetes-int-or-string: true 12828 scheme: 12829 description: Scheme to use for connecting to the 12830 host. Defaults to HTTP. 12831 type: string 12832 required: 12833 - port 12834 type: object 12835 tcpSocket: 12836 description: 'TCPSocket specifies an action involving 12837 a TCP port. TCP hooks not yet supported TODO: implement 12838 a realistic TCP lifecycle hook' 12839 properties: 12840 host: 12841 description: 'Optional: Host name to connect to, 12842 defaults to the pod IP.' 12843 type: string 12844 port: 12845 anyOf: 12846 - type: integer 12847 - type: string 12848 description: Number or name of the port to access 12849 on the container. Number must be in the range 12850 1 to 65535. Name must be an IANA_SVC_NAME. 12851 x-kubernetes-int-or-string: true 12852 required: 12853 - port 12854 type: object 12855 type: object 12856 type: object 12857 livenessProbe: 12858 description: 'Periodic probe of container liveness. Container 12859 will be restarted if the probe fails. Cannot be updated. More 12860 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12861 properties: 12862 exec: 12863 description: One and only one of the following should be 12864 specified. Exec specifies the action to take. 12865 properties: 12866 command: 12867 description: Command is the command line to execute 12868 inside the container, the working directory for the 12869 command is root ('/') in the container's filesystem. 12870 The command is simply exec'd, it is not run inside 12871 a shell, so traditional shell instructions ('|', etc) 12872 won't work. To use a shell, you need to explicitly 12873 call out to that shell. Exit status of 0 is treated 12874 as live/healthy and non-zero is unhealthy. 12875 items: 12876 type: string 12877 type: array 12878 type: object 12879 failureThreshold: 12880 description: Minimum consecutive failures for the probe 12881 to be considered failed after having succeeded. Defaults 12882 to 3. Minimum value is 1. 12883 format: int32 12884 type: integer 12885 httpGet: 12886 description: HTTPGet specifies the http request to perform. 12887 properties: 12888 host: 12889 description: Host name to connect to, defaults to the 12890 pod IP. You probably want to set "Host" in httpHeaders 12891 instead. 12892 type: string 12893 httpHeaders: 12894 description: Custom headers to set in the request. HTTP 12895 allows repeated headers. 12896 items: 12897 description: HTTPHeader describes a custom header 12898 to be used in HTTP probes 12899 properties: 12900 name: 12901 description: The header field name 12902 type: string 12903 value: 12904 description: The header field value 12905 type: string 12906 required: 12907 - name 12908 - value 12909 type: object 12910 type: array 12911 path: 12912 description: Path to access on the HTTP server. 12913 type: string 12914 port: 12915 anyOf: 12916 - type: integer 12917 - type: string 12918 description: Name or number of the port to access on 12919 the container. Number must be in the range 1 to 65535. 12920 Name must be an IANA_SVC_NAME. 12921 x-kubernetes-int-or-string: true 12922 scheme: 12923 description: Scheme to use for connecting to the host. 12924 Defaults to HTTP. 12925 type: string 12926 required: 12927 - port 12928 type: object 12929 initialDelaySeconds: 12930 description: 'Number of seconds after the container has 12931 started before liveness probes are initiated. More info: 12932 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12933 format: int32 12934 type: integer 12935 periodSeconds: 12936 description: How often (in seconds) to perform the probe. 12937 Default to 10 seconds. Minimum value is 1. 12938 format: int32 12939 type: integer 12940 successThreshold: 12941 description: Minimum consecutive successes for the probe 12942 to be considered successful after having failed. Defaults 12943 to 1. Must be 1 for liveness and startup. Minimum value 12944 is 1. 12945 format: int32 12946 type: integer 12947 tcpSocket: 12948 description: 'TCPSocket specifies an action involving a 12949 TCP port. TCP hooks not yet supported TODO: implement 12950 a realistic TCP lifecycle hook' 12951 properties: 12952 host: 12953 description: 'Optional: Host name to connect to, defaults 12954 to the pod IP.' 12955 type: string 12956 port: 12957 anyOf: 12958 - type: integer 12959 - type: string 12960 description: Number or name of the port to access on 12961 the container. Number must be in the range 1 to 65535. 12962 Name must be an IANA_SVC_NAME. 12963 x-kubernetes-int-or-string: true 12964 required: 12965 - port 12966 type: object 12967 terminationGracePeriodSeconds: 12968 description: Optional duration in seconds the pod needs 12969 to terminate gracefully upon probe failure. The grace 12970 period is the duration in seconds after the processes 12971 running in the pod are sent a termination signal and the 12972 time when the processes are forcibly halted with a kill 12973 signal. Set this value longer than the expected cleanup 12974 time for your process. If this value is nil, the pod's 12975 terminationGracePeriodSeconds will be used. Otherwise, 12976 this value overrides the value provided by the pod spec. 12977 Value must be non-negative integer. The value zero indicates 12978 stop immediately via the kill signal (no opportunity to 12979 shut down). This is a beta field and requires enabling 12980 ProbeTerminationGracePeriod feature gate. Minimum value 12981 is 1. spec.terminationGracePeriodSeconds is used if unset. 12982 format: int64 12983 type: integer 12984 timeoutSeconds: 12985 description: 'Number of seconds after which the probe times 12986 out. Defaults to 1 second. Minimum value is 1. More info: 12987 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 12988 format: int32 12989 type: integer 12990 type: object 12991 name: 12992 description: Name of the container specified as a DNS_LABEL. 12993 Each container in a pod must have a unique name (DNS_LABEL). 12994 Cannot be updated. 12995 type: string 12996 ports: 12997 description: List of ports to expose from the container. Exposing 12998 a port here gives the system additional information about 12999 the network connections a container uses, but is primarily 13000 informational. Not specifying a port here DOES NOT prevent 13001 that port from being exposed. Any port which is listening 13002 on the default "0.0.0.0" address inside a container will be 13003 accessible from the network. Cannot be updated. 13004 items: 13005 description: ContainerPort represents a network port in a 13006 single container. 13007 properties: 13008 containerPort: 13009 description: Number of port to expose on the pod's IP 13010 address. This must be a valid port number, 0 < x < 65536. 13011 format: int32 13012 type: integer 13013 hostIP: 13014 description: What host IP to bind the external port to. 13015 type: string 13016 hostPort: 13017 description: Number of port to expose on the host. If 13018 specified, this must be a valid port number, 0 < x < 13019 65536. If HostNetwork is specified, this must match 13020 ContainerPort. Most containers do not need this. 13021 format: int32 13022 type: integer 13023 name: 13024 description: If specified, this must be an IANA_SVC_NAME 13025 and unique within the pod. Each named port in a pod 13026 must have a unique name. Name for the port that can 13027 be referred to by services. 13028 type: string 13029 protocol: 13030 default: TCP 13031 description: Protocol for port. Must be UDP, TCP, or SCTP. 13032 Defaults to "TCP". 13033 type: string 13034 required: 13035 - containerPort 13036 type: object 13037 type: array 13038 x-kubernetes-list-map-keys: 13039 - containerPort 13040 - protocol 13041 x-kubernetes-list-type: map 13042 readinessProbe: 13043 description: 'Periodic probe of container service readiness. 13044 Container will be removed from service endpoints if the probe 13045 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13046 properties: 13047 exec: 13048 description: One and only one of the following should be 13049 specified. Exec specifies the action to take. 13050 properties: 13051 command: 13052 description: Command is the command line to execute 13053 inside the container, the working directory for the 13054 command is root ('/') in the container's filesystem. 13055 The command is simply exec'd, it is not run inside 13056 a shell, so traditional shell instructions ('|', etc) 13057 won't work. To use a shell, you need to explicitly 13058 call out to that shell. Exit status of 0 is treated 13059 as live/healthy and non-zero is unhealthy. 13060 items: 13061 type: string 13062 type: array 13063 type: object 13064 failureThreshold: 13065 description: Minimum consecutive failures for the probe 13066 to be considered failed after having succeeded. Defaults 13067 to 3. Minimum value is 1. 13068 format: int32 13069 type: integer 13070 httpGet: 13071 description: HTTPGet specifies the http request to perform. 13072 properties: 13073 host: 13074 description: Host name to connect to, defaults to the 13075 pod IP. You probably want to set "Host" in httpHeaders 13076 instead. 13077 type: string 13078 httpHeaders: 13079 description: Custom headers to set in the request. HTTP 13080 allows repeated headers. 13081 items: 13082 description: HTTPHeader describes a custom header 13083 to be used in HTTP probes 13084 properties: 13085 name: 13086 description: The header field name 13087 type: string 13088 value: 13089 description: The header field value 13090 type: string 13091 required: 13092 - name 13093 - value 13094 type: object 13095 type: array 13096 path: 13097 description: Path to access on the HTTP server. 13098 type: string 13099 port: 13100 anyOf: 13101 - type: integer 13102 - type: string 13103 description: Name or number of the port to access on 13104 the container. Number must be in the range 1 to 65535. 13105 Name must be an IANA_SVC_NAME. 13106 x-kubernetes-int-or-string: true 13107 scheme: 13108 description: Scheme to use for connecting to the host. 13109 Defaults to HTTP. 13110 type: string 13111 required: 13112 - port 13113 type: object 13114 initialDelaySeconds: 13115 description: 'Number of seconds after the container has 13116 started before liveness probes are initiated. More info: 13117 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13118 format: int32 13119 type: integer 13120 periodSeconds: 13121 description: How often (in seconds) to perform the probe. 13122 Default to 10 seconds. Minimum value is 1. 13123 format: int32 13124 type: integer 13125 successThreshold: 13126 description: Minimum consecutive successes for the probe 13127 to be considered successful after having failed. Defaults 13128 to 1. Must be 1 for liveness and startup. Minimum value 13129 is 1. 13130 format: int32 13131 type: integer 13132 tcpSocket: 13133 description: 'TCPSocket specifies an action involving a 13134 TCP port. TCP hooks not yet supported TODO: implement 13135 a realistic TCP lifecycle hook' 13136 properties: 13137 host: 13138 description: 'Optional: Host name to connect to, defaults 13139 to the pod IP.' 13140 type: string 13141 port: 13142 anyOf: 13143 - type: integer 13144 - type: string 13145 description: Number or name of the port to access on 13146 the container. Number must be in the range 1 to 65535. 13147 Name must be an IANA_SVC_NAME. 13148 x-kubernetes-int-or-string: true 13149 required: 13150 - port 13151 type: object 13152 terminationGracePeriodSeconds: 13153 description: Optional duration in seconds the pod needs 13154 to terminate gracefully upon probe failure. The grace 13155 period is the duration in seconds after the processes 13156 running in the pod are sent a termination signal and the 13157 time when the processes are forcibly halted with a kill 13158 signal. Set this value longer than the expected cleanup 13159 time for your process. If this value is nil, the pod's 13160 terminationGracePeriodSeconds will be used. Otherwise, 13161 this value overrides the value provided by the pod spec. 13162 Value must be non-negative integer. The value zero indicates 13163 stop immediately via the kill signal (no opportunity to 13164 shut down). This is a beta field and requires enabling 13165 ProbeTerminationGracePeriod feature gate. Minimum value 13166 is 1. spec.terminationGracePeriodSeconds is used if unset. 13167 format: int64 13168 type: integer 13169 timeoutSeconds: 13170 description: 'Number of seconds after which the probe times 13171 out. Defaults to 1 second. Minimum value is 1. More info: 13172 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13173 format: int32 13174 type: integer 13175 type: object 13176 resources: 13177 description: 'Compute Resources required by this container. 13178 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13179 properties: 13180 limits: 13181 additionalProperties: 13182 anyOf: 13183 - type: integer 13184 - type: string 13185 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13186 x-kubernetes-int-or-string: true 13187 description: 'Limits describes the maximum amount of compute 13188 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13189 type: object 13190 requests: 13191 additionalProperties: 13192 anyOf: 13193 - type: integer 13194 - type: string 13195 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 13196 x-kubernetes-int-or-string: true 13197 description: 'Requests describes the minimum amount of compute 13198 resources required. If Requests is omitted for a container, 13199 it defaults to Limits if that is explicitly specified, 13200 otherwise to an implementation-defined value. More info: 13201 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 13202 type: object 13203 type: object 13204 securityContext: 13205 description: 'SecurityContext defines the security options the 13206 container should be run with. If set, the fields of SecurityContext 13207 override the equivalent fields of PodSecurityContext. More 13208 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 13209 properties: 13210 allowPrivilegeEscalation: 13211 description: 'AllowPrivilegeEscalation controls whether 13212 a process can gain more privileges than its parent process. 13213 This bool directly controls if the no_new_privs flag will 13214 be set on the container process. AllowPrivilegeEscalation 13215 is true always when the container is: 1) run as Privileged 13216 2) has CAP_SYS_ADMIN' 13217 type: boolean 13218 capabilities: 13219 description: The capabilities to add/drop when running containers. 13220 Defaults to the default set of capabilities granted by 13221 the container runtime. 13222 properties: 13223 add: 13224 description: Added capabilities 13225 items: 13226 description: Capability represent POSIX capabilities 13227 type 13228 type: string 13229 type: array 13230 drop: 13231 description: Removed capabilities 13232 items: 13233 description: Capability represent POSIX capabilities 13234 type 13235 type: string 13236 type: array 13237 type: object 13238 privileged: 13239 description: Run container in privileged mode. Processes 13240 in privileged containers are essentially equivalent to 13241 root on the host. Defaults to false. 13242 type: boolean 13243 procMount: 13244 description: procMount denotes the type of proc mount to 13245 use for the containers. The default is DefaultProcMount 13246 which uses the container runtime defaults for readonly 13247 paths and masked paths. This requires the ProcMountType 13248 feature flag to be enabled. 13249 type: string 13250 readOnlyRootFilesystem: 13251 description: Whether this container has a read-only root 13252 filesystem. Default is false. 13253 type: boolean 13254 runAsGroup: 13255 description: The GID to run the entrypoint of the container 13256 process. Uses runtime default if unset. May also be set 13257 in PodSecurityContext. If set in both SecurityContext 13258 and PodSecurityContext, the value specified in SecurityContext 13259 takes precedence. 13260 format: int64 13261 type: integer 13262 runAsNonRoot: 13263 description: Indicates that the container must run as a 13264 non-root user. If true, the Kubelet will validate the 13265 image at runtime to ensure that it does not run as UID 13266 0 (root) and fail to start the container if it does. If 13267 unset or false, no such validation will be performed. 13268 May also be set in PodSecurityContext. If set in both 13269 SecurityContext and PodSecurityContext, the value specified 13270 in SecurityContext takes precedence. 13271 type: boolean 13272 runAsUser: 13273 description: The UID to run the entrypoint of the container 13274 process. Defaults to user specified in image metadata 13275 if unspecified. May also be set in PodSecurityContext. If 13276 set in both SecurityContext and PodSecurityContext, the 13277 value specified in SecurityContext takes precedence. 13278 format: int64 13279 type: integer 13280 seLinuxOptions: 13281 description: The SELinux context to be applied to the container. 13282 If unspecified, the container runtime will allocate a 13283 random SELinux context for each container. May also be 13284 set in PodSecurityContext. If set in both SecurityContext 13285 and PodSecurityContext, the value specified in SecurityContext 13286 takes precedence. 13287 properties: 13288 level: 13289 description: Level is SELinux level label that applies 13290 to the container. 13291 type: string 13292 role: 13293 description: Role is a SELinux role label that applies 13294 to the container. 13295 type: string 13296 type: 13297 description: Type is a SELinux type label that applies 13298 to the container. 13299 type: string 13300 user: 13301 description: User is a SELinux user label that applies 13302 to the container. 13303 type: string 13304 type: object 13305 seccompProfile: 13306 description: The seccomp options to use by this container. 13307 If seccomp options are provided at both the pod & container 13308 level, the container options override the pod options. 13309 properties: 13310 localhostProfile: 13311 description: localhostProfile indicates a profile defined 13312 in a file on the node should be used. The profile 13313 must be preconfigured on the node to work. Must be 13314 a descending path, relative to the kubelet's configured 13315 seccomp profile location. Must only be set if type 13316 is "Localhost". 13317 type: string 13318 type: 13319 description: "type indicates which kind of seccomp profile 13320 will be applied. Valid options are: \n Localhost - 13321 a profile defined in a file on the node should be 13322 used. RuntimeDefault - the container runtime default 13323 profile should be used. Unconfined - no profile should 13324 be applied." 13325 type: string 13326 required: 13327 - type 13328 type: object 13329 windowsOptions: 13330 description: The Windows specific settings applied to all 13331 containers. If unspecified, the options from the PodSecurityContext 13332 will be used. If set in both SecurityContext and PodSecurityContext, 13333 the value specified in SecurityContext takes precedence. 13334 properties: 13335 gmsaCredentialSpec: 13336 description: GMSACredentialSpec is where the GMSA admission 13337 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 13338 inlines the contents of the GMSA credential spec named 13339 by the GMSACredentialSpecName field. 13340 type: string 13341 gmsaCredentialSpecName: 13342 description: GMSACredentialSpecName is the name of the 13343 GMSA credential spec to use. 13344 type: string 13345 hostProcess: 13346 description: HostProcess determines if a container should 13347 be run as a 'Host Process' container. This field is 13348 alpha-level and will only be honored by components 13349 that enable the WindowsHostProcessContainers feature 13350 flag. Setting this field without the feature flag 13351 will result in errors when validating the Pod. All 13352 of a Pod's containers must have the same effective 13353 HostProcess value (it is not allowed to have a mix 13354 of HostProcess containers and non-HostProcess containers). In 13355 addition, if HostProcess is true then HostNetwork 13356 must also be set to true. 13357 type: boolean 13358 runAsUserName: 13359 description: The UserName in Windows to run the entrypoint 13360 of the container process. Defaults to the user specified 13361 in image metadata if unspecified. May also be set 13362 in PodSecurityContext. If set in both SecurityContext 13363 and PodSecurityContext, the value specified in SecurityContext 13364 takes precedence. 13365 type: string 13366 type: object 13367 type: object 13368 startupProbe: 13369 description: 'StartupProbe indicates that the Pod has successfully 13370 initialized. If specified, no other probes are executed until 13371 this completes successfully. If this probe fails, the Pod 13372 will be restarted, just as if the livenessProbe failed. This 13373 can be used to provide different probe parameters at the beginning 13374 of a Pod''s lifecycle, when it might take a long time to load 13375 data or warm a cache, than during steady-state operation. 13376 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13377 properties: 13378 exec: 13379 description: One and only one of the following should be 13380 specified. Exec specifies the action to take. 13381 properties: 13382 command: 13383 description: Command is the command line to execute 13384 inside the container, the working directory for the 13385 command is root ('/') in the container's filesystem. 13386 The command is simply exec'd, it is not run inside 13387 a shell, so traditional shell instructions ('|', etc) 13388 won't work. To use a shell, you need to explicitly 13389 call out to that shell. Exit status of 0 is treated 13390 as live/healthy and non-zero is unhealthy. 13391 items: 13392 type: string 13393 type: array 13394 type: object 13395 failureThreshold: 13396 description: Minimum consecutive failures for the probe 13397 to be considered failed after having succeeded. Defaults 13398 to 3. Minimum value is 1. 13399 format: int32 13400 type: integer 13401 httpGet: 13402 description: HTTPGet specifies the http request to perform. 13403 properties: 13404 host: 13405 description: Host name to connect to, defaults to the 13406 pod IP. You probably want to set "Host" in httpHeaders 13407 instead. 13408 type: string 13409 httpHeaders: 13410 description: Custom headers to set in the request. HTTP 13411 allows repeated headers. 13412 items: 13413 description: HTTPHeader describes a custom header 13414 to be used in HTTP probes 13415 properties: 13416 name: 13417 description: The header field name 13418 type: string 13419 value: 13420 description: The header field value 13421 type: string 13422 required: 13423 - name 13424 - value 13425 type: object 13426 type: array 13427 path: 13428 description: Path to access on the HTTP server. 13429 type: string 13430 port: 13431 anyOf: 13432 - type: integer 13433 - type: string 13434 description: Name or number of the port to access on 13435 the container. Number must be in the range 1 to 65535. 13436 Name must be an IANA_SVC_NAME. 13437 x-kubernetes-int-or-string: true 13438 scheme: 13439 description: Scheme to use for connecting to the host. 13440 Defaults to HTTP. 13441 type: string 13442 required: 13443 - port 13444 type: object 13445 initialDelaySeconds: 13446 description: 'Number of seconds after the container has 13447 started before liveness probes are initiated. More info: 13448 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13449 format: int32 13450 type: integer 13451 periodSeconds: 13452 description: How often (in seconds) to perform the probe. 13453 Default to 10 seconds. Minimum value is 1. 13454 format: int32 13455 type: integer 13456 successThreshold: 13457 description: Minimum consecutive successes for the probe 13458 to be considered successful after having failed. Defaults 13459 to 1. Must be 1 for liveness and startup. Minimum value 13460 is 1. 13461 format: int32 13462 type: integer 13463 tcpSocket: 13464 description: 'TCPSocket specifies an action involving a 13465 TCP port. TCP hooks not yet supported TODO: implement 13466 a realistic TCP lifecycle hook' 13467 properties: 13468 host: 13469 description: 'Optional: Host name to connect to, defaults 13470 to the pod IP.' 13471 type: string 13472 port: 13473 anyOf: 13474 - type: integer 13475 - type: string 13476 description: Number or name of the port to access on 13477 the container. Number must be in the range 1 to 65535. 13478 Name must be an IANA_SVC_NAME. 13479 x-kubernetes-int-or-string: true 13480 required: 13481 - port 13482 type: object 13483 terminationGracePeriodSeconds: 13484 description: Optional duration in seconds the pod needs 13485 to terminate gracefully upon probe failure. The grace 13486 period is the duration in seconds after the processes 13487 running in the pod are sent a termination signal and the 13488 time when the processes are forcibly halted with a kill 13489 signal. Set this value longer than the expected cleanup 13490 time for your process. If this value is nil, the pod's 13491 terminationGracePeriodSeconds will be used. Otherwise, 13492 this value overrides the value provided by the pod spec. 13493 Value must be non-negative integer. The value zero indicates 13494 stop immediately via the kill signal (no opportunity to 13495 shut down). This is a beta field and requires enabling 13496 ProbeTerminationGracePeriod feature gate. Minimum value 13497 is 1. spec.terminationGracePeriodSeconds is used if unset. 13498 format: int64 13499 type: integer 13500 timeoutSeconds: 13501 description: 'Number of seconds after which the probe times 13502 out. Defaults to 1 second. Minimum value is 1. More info: 13503 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 13504 format: int32 13505 type: integer 13506 type: object 13507 stdin: 13508 description: Whether this container should allocate a buffer 13509 for stdin in the container runtime. If this is not set, reads 13510 from stdin in the container will always result in EOF. Default 13511 is false. 13512 type: boolean 13513 stdinOnce: 13514 description: Whether the container runtime should close the 13515 stdin channel after it has been opened by a single attach. 13516 When stdin is true the stdin stream will remain open across 13517 multiple attach sessions. If stdinOnce is set to true, stdin 13518 is opened on container start, is empty until the first client 13519 attaches to stdin, and then remains open and accepts data 13520 until the client disconnects, at which time stdin is closed 13521 and remains closed until the container is restarted. If this 13522 flag is false, a container processes that reads from stdin 13523 will never receive an EOF. Default is false 13524 type: boolean 13525 terminationMessagePath: 13526 description: 'Optional: Path at which the file to which the 13527 container''s termination message will be written is mounted 13528 into the container''s filesystem. Message written is intended 13529 to be brief final status, such as an assertion failure message. 13530 Will be truncated by the node if greater than 4096 bytes. 13531 The total message length across all containers will be limited 13532 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 13533 type: string 13534 terminationMessagePolicy: 13535 description: Indicate how the termination message should be 13536 populated. File will use the contents of terminationMessagePath 13537 to populate the container status message on both success and 13538 failure. FallbackToLogsOnError will use the last chunk of 13539 container log output if the termination message file is empty 13540 and the container exited with an error. The log output is 13541 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 13542 to File. Cannot be updated. 13543 type: string 13544 tty: 13545 description: Whether this container should allocate a TTY for 13546 itself, also requires 'stdin' to be true. Default is false. 13547 type: boolean 13548 volumeDevices: 13549 description: volumeDevices is the list of block devices to be 13550 used by the container. 13551 items: 13552 description: volumeDevice describes a mapping of a raw block 13553 device within a container. 13554 properties: 13555 devicePath: 13556 description: devicePath is the path inside of the container 13557 that the device will be mapped to. 13558 type: string 13559 name: 13560 description: name must match the name of a persistentVolumeClaim 13561 in the pod 13562 type: string 13563 required: 13564 - devicePath 13565 - name 13566 type: object 13567 type: array 13568 volumeMounts: 13569 description: Pod volumes to mount into the container's filesystem. 13570 Cannot be updated. 13571 items: 13572 description: VolumeMount describes a mounting of a Volume 13573 within a container. 13574 properties: 13575 mountPath: 13576 description: Path within the container at which the volume 13577 should be mounted. Must not contain ':'. 13578 type: string 13579 mountPropagation: 13580 description: mountPropagation determines how mounts are 13581 propagated from the host to container and the other 13582 way around. When not set, MountPropagationNone is used. 13583 This field is beta in 1.10. 13584 type: string 13585 name: 13586 description: This must match the Name of a Volume. 13587 type: string 13588 readOnly: 13589 description: Mounted read-only if true, read-write otherwise 13590 (false or unspecified). Defaults to false. 13591 type: boolean 13592 subPath: 13593 description: Path within the volume from which the container's 13594 volume should be mounted. Defaults to "" (volume's root). 13595 type: string 13596 subPathExpr: 13597 description: Expanded path within the volume from which 13598 the container's volume should be mounted. Behaves similarly 13599 to SubPath but environment variable references $(VAR_NAME) 13600 are expanded using the container's environment. Defaults 13601 to "" (volume's root). SubPathExpr and SubPath are mutually 13602 exclusive. 13603 type: string 13604 required: 13605 - mountPath 13606 - name 13607 type: object 13608 type: array 13609 workingDir: 13610 description: Container's working directory. If not specified, 13611 the container runtime's default will be used, which might 13612 be configured in the container image. Cannot be updated. 13613 type: string 13614 required: 13615 - name 13616 type: object 13617 type: array 13618 listenLocal: 13619 description: ListenLocal makes the Prometheus server listen on loopback, 13620 so that it does not bind against the Pod IP. 13621 type: boolean 13622 logFormat: 13623 description: Log format for Prometheus to be configured with. 13624 type: string 13625 logLevel: 13626 description: Log level for Prometheus to be configured with. 13627 type: string 13628 minReadySeconds: 13629 description: Minimum number of seconds for which a newly created pod 13630 should be ready without any of its container crashing for it to 13631 be considered available. Defaults to 0 (pod will be considered available 13632 as soon as it is ready) This is an alpha field and requires enabling 13633 StatefulSetMinReadySeconds feature gate. 13634 format: int32 13635 type: integer 13636 nodeSelector: 13637 additionalProperties: 13638 type: string 13639 description: Define which Nodes the Pods are scheduled on. 13640 type: object 13641 overrideHonorLabels: 13642 description: OverrideHonorLabels if set to true overrides all user 13643 configured honor_labels. If HonorLabels is set in ServiceMonitor 13644 or PodMonitor to true, this overrides honor_labels to false. 13645 type: boolean 13646 overrideHonorTimestamps: 13647 description: OverrideHonorTimestamps allows to globally enforce honoring 13648 timestamps in all scrape configs. 13649 type: boolean 13650 paused: 13651 description: When a Prometheus deployment is paused, no actions except 13652 for deletion will be performed on the underlying objects. 13653 type: boolean 13654 podMetadata: 13655 description: PodMetadata configures Labels and Annotations which are 13656 propagated to the prometheus pods. 13657 properties: 13658 annotations: 13659 additionalProperties: 13660 type: string 13661 description: 'Annotations is an unstructured key value map stored 13662 with a resource that may be set by external tools to store and 13663 retrieve arbitrary metadata. They are not queryable and should 13664 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 13665 type: object 13666 labels: 13667 additionalProperties: 13668 type: string 13669 description: 'Map of string keys and values that can be used to 13670 organize and categorize (scope and select) objects. May match 13671 selectors of replication controllers and services. More info: 13672 http://kubernetes.io/docs/user-guide/labels' 13673 type: object 13674 name: 13675 description: 'Name must be unique within a namespace. Is required 13676 when creating resources, although some resources may allow a 13677 client to request the generation of an appropriate name automatically. 13678 Name is primarily intended for creation idempotence and configuration 13679 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 13680 type: string 13681 type: object 13682 podMonitorNamespaceSelector: 13683 description: Namespace's labels to match for PodMonitor discovery. 13684 If nil, only check own namespace. 13685 properties: 13686 matchExpressions: 13687 description: matchExpressions is a list of label selector requirements. 13688 The requirements are ANDed. 13689 items: 13690 description: A label selector requirement is a selector that 13691 contains values, a key, and an operator that relates the key 13692 and values. 13693 properties: 13694 key: 13695 description: key is the label key that the selector applies 13696 to. 13697 type: string 13698 operator: 13699 description: operator represents a key's relationship to 13700 a set of values. Valid operators are In, NotIn, Exists 13701 and DoesNotExist. 13702 type: string 13703 values: 13704 description: values is an array of string values. If the 13705 operator is In or NotIn, the values array must be non-empty. 13706 If the operator is Exists or DoesNotExist, the values 13707 array must be empty. This array is replaced during a strategic 13708 merge patch. 13709 items: 13710 type: string 13711 type: array 13712 required: 13713 - key 13714 - operator 13715 type: object 13716 type: array 13717 matchLabels: 13718 additionalProperties: 13719 type: string 13720 description: matchLabels is a map of {key,value} pairs. A single 13721 {key,value} in the matchLabels map is equivalent to an element 13722 of matchExpressions, whose key field is "key", the operator 13723 is "In", and the values array contains only "value". The requirements 13724 are ANDed. 13725 type: object 13726 type: object 13727 podMonitorSelector: 13728 description: '*Experimental* PodMonitors to be selected for target 13729 discovery. *Deprecated:* if neither this nor serviceMonitorSelector 13730 are specified, configuration is unmanaged.' 13731 properties: 13732 matchExpressions: 13733 description: matchExpressions is a list of label selector requirements. 13734 The requirements are ANDed. 13735 items: 13736 description: A label selector requirement is a selector that 13737 contains values, a key, and an operator that relates the key 13738 and values. 13739 properties: 13740 key: 13741 description: key is the label key that the selector applies 13742 to. 13743 type: string 13744 operator: 13745 description: operator represents a key's relationship to 13746 a set of values. Valid operators are In, NotIn, Exists 13747 and DoesNotExist. 13748 type: string 13749 values: 13750 description: values is an array of string values. If the 13751 operator is In or NotIn, the values array must be non-empty. 13752 If the operator is Exists or DoesNotExist, the values 13753 array must be empty. This array is replaced during a strategic 13754 merge patch. 13755 items: 13756 type: string 13757 type: array 13758 required: 13759 - key 13760 - operator 13761 type: object 13762 type: array 13763 matchLabels: 13764 additionalProperties: 13765 type: string 13766 description: matchLabels is a map of {key,value} pairs. A single 13767 {key,value} in the matchLabels map is equivalent to an element 13768 of matchExpressions, whose key field is "key", the operator 13769 is "In", and the values array contains only "value". The requirements 13770 are ANDed. 13771 type: object 13772 type: object 13773 portName: 13774 description: Port name used for the pods and governing service. This 13775 defaults to web 13776 type: string 13777 priorityClassName: 13778 description: Priority class assigned to the Pods 13779 type: string 13780 probeNamespaceSelector: 13781 description: '*Experimental* Namespaces to be selected for Probe discovery. 13782 If nil, only check own namespace.' 13783 properties: 13784 matchExpressions: 13785 description: matchExpressions is a list of label selector requirements. 13786 The requirements are ANDed. 13787 items: 13788 description: A label selector requirement is a selector that 13789 contains values, a key, and an operator that relates the key 13790 and values. 13791 properties: 13792 key: 13793 description: key is the label key that the selector applies 13794 to. 13795 type: string 13796 operator: 13797 description: operator represents a key's relationship to 13798 a set of values. Valid operators are In, NotIn, Exists 13799 and DoesNotExist. 13800 type: string 13801 values: 13802 description: values is an array of string values. If the 13803 operator is In or NotIn, the values array must be non-empty. 13804 If the operator is Exists or DoesNotExist, the values 13805 array must be empty. This array is replaced during a strategic 13806 merge patch. 13807 items: 13808 type: string 13809 type: array 13810 required: 13811 - key 13812 - operator 13813 type: object 13814 type: array 13815 matchLabels: 13816 additionalProperties: 13817 type: string 13818 description: matchLabels is a map of {key,value} pairs. A single 13819 {key,value} in the matchLabels map is equivalent to an element 13820 of matchExpressions, whose key field is "key", the operator 13821 is "In", and the values array contains only "value". The requirements 13822 are ANDed. 13823 type: object 13824 type: object 13825 probeSelector: 13826 description: '*Experimental* Probes to be selected for target discovery.' 13827 properties: 13828 matchExpressions: 13829 description: matchExpressions is a list of label selector requirements. 13830 The requirements are ANDed. 13831 items: 13832 description: A label selector requirement is a selector that 13833 contains values, a key, and an operator that relates the key 13834 and values. 13835 properties: 13836 key: 13837 description: key is the label key that the selector applies 13838 to. 13839 type: string 13840 operator: 13841 description: operator represents a key's relationship to 13842 a set of values. Valid operators are In, NotIn, Exists 13843 and DoesNotExist. 13844 type: string 13845 values: 13846 description: values is an array of string values. If the 13847 operator is In or NotIn, the values array must be non-empty. 13848 If the operator is Exists or DoesNotExist, the values 13849 array must be empty. This array is replaced during a strategic 13850 merge patch. 13851 items: 13852 type: string 13853 type: array 13854 required: 13855 - key 13856 - operator 13857 type: object 13858 type: array 13859 matchLabels: 13860 additionalProperties: 13861 type: string 13862 description: matchLabels is a map of {key,value} pairs. A single 13863 {key,value} in the matchLabels map is equivalent to an element 13864 of matchExpressions, whose key field is "key", the operator 13865 is "In", and the values array contains only "value". The requirements 13866 are ANDed. 13867 type: object 13868 type: object 13869 prometheusExternalLabelName: 13870 description: Name of Prometheus external label used to denote Prometheus 13871 instance name. Defaults to the value of `prometheus`. External label 13872 will _not_ be added when value is set to empty string (`""`). 13873 type: string 13874 prometheusRulesExcludedFromEnforce: 13875 description: PrometheusRulesExcludedFromEnforce - list of prometheus 13876 rules to be excluded from enforcing of adding namespace labels. 13877 Works only if enforcedNamespaceLabel set to true. Make sure both 13878 ruleNamespace and ruleName are set for each pair 13879 items: 13880 description: PrometheusRuleExcludeConfig enables users to configure 13881 excluded PrometheusRule names and their namespaces to be ignored 13882 while enforcing namespace label for alerts and metrics. 13883 properties: 13884 ruleName: 13885 description: RuleNamespace - name of excluded rule 13886 type: string 13887 ruleNamespace: 13888 description: RuleNamespace - namespace of excluded rule 13889 type: string 13890 required: 13891 - ruleName 13892 - ruleNamespace 13893 type: object 13894 type: array 13895 query: 13896 description: QuerySpec defines the query command line flags when starting 13897 Prometheus. 13898 properties: 13899 lookbackDelta: 13900 description: The delta difference allowed for retrieving metrics 13901 during expression evaluations. 13902 type: string 13903 maxConcurrency: 13904 description: Number of concurrent queries that can be run at once. 13905 format: int32 13906 type: integer 13907 maxSamples: 13908 description: Maximum number of samples a single query can load 13909 into memory. Note that queries will fail if they would load 13910 more samples than this into memory, so this also limits the 13911 number of samples a query can return. 13912 format: int32 13913 type: integer 13914 timeout: 13915 description: Maximum time a query may take before being aborted. 13916 type: string 13917 type: object 13918 queryLogFile: 13919 description: QueryLogFile specifies the file to which PromQL queries 13920 are logged. Note that this location must be writable, and can be 13921 persisted using an attached volume. Alternatively, the location 13922 can be set to a stdout location such as `/dev/stdout` to log querie 13923 information to the default Prometheus log stream. This is only available 13924 in versions of Prometheus >= 2.16.0. For more details, see the Prometheus 13925 docs (https://prometheus.io/docs/guides/query-log/) 13926 type: string 13927 remoteRead: 13928 description: If specified, the remote_read spec. This is an experimental 13929 feature, it may change in any upcoming release in a breaking way. 13930 items: 13931 description: RemoteReadSpec defines the remote_read configuration 13932 for prometheus. 13933 properties: 13934 authorization: 13935 description: Authorization section for remote read 13936 properties: 13937 credentials: 13938 description: The secret's key that contains the credentials 13939 of the request 13940 properties: 13941 key: 13942 description: The key of the secret to select from. Must 13943 be a valid secret key. 13944 type: string 13945 name: 13946 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13947 TODO: Add other useful fields. apiVersion, kind, uid?' 13948 type: string 13949 optional: 13950 description: Specify whether the Secret or its key must 13951 be defined 13952 type: boolean 13953 required: 13954 - key 13955 type: object 13956 credentialsFile: 13957 description: File to read a secret from, mutually exclusive 13958 with Credentials (from SafeAuthorization) 13959 type: string 13960 type: 13961 description: Set the authentication type. Defaults to Bearer, 13962 Basic will cause an error 13963 type: string 13964 type: object 13965 basicAuth: 13966 description: BasicAuth for the URL. 13967 properties: 13968 password: 13969 description: The secret in the service monitor namespace 13970 that contains the password for authentication. 13971 properties: 13972 key: 13973 description: The key of the secret to select from. Must 13974 be a valid secret key. 13975 type: string 13976 name: 13977 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13978 TODO: Add other useful fields. apiVersion, kind, uid?' 13979 type: string 13980 optional: 13981 description: Specify whether the Secret or its key must 13982 be defined 13983 type: boolean 13984 required: 13985 - key 13986 type: object 13987 username: 13988 description: The secret in the service monitor namespace 13989 that contains the username for authentication. 13990 properties: 13991 key: 13992 description: The key of the secret to select from. Must 13993 be a valid secret key. 13994 type: string 13995 name: 13996 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13997 TODO: Add other useful fields. apiVersion, kind, uid?' 13998 type: string 13999 optional: 14000 description: Specify whether the Secret or its key must 14001 be defined 14002 type: boolean 14003 required: 14004 - key 14005 type: object 14006 type: object 14007 bearerToken: 14008 description: Bearer token for remote read. 14009 type: string 14010 bearerTokenFile: 14011 description: File to read bearer token for remote read. 14012 type: string 14013 name: 14014 description: The name of the remote read queue, must be unique 14015 if specified. The name is used in metrics and logging in order 14016 to differentiate read configurations. Only valid in Prometheus 14017 versions 2.15.0 and newer. 14018 type: string 14019 oauth2: 14020 description: OAuth2 for the URL. Only valid in Prometheus versions 14021 2.27.0 and newer. 14022 properties: 14023 clientId: 14024 description: The secret or configmap containing the OAuth2 14025 client id 14026 properties: 14027 configMap: 14028 description: ConfigMap containing data to use for the 14029 targets. 14030 properties: 14031 key: 14032 description: The key to select. 14033 type: string 14034 name: 14035 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14036 TODO: Add other useful fields. apiVersion, kind, 14037 uid?' 14038 type: string 14039 optional: 14040 description: Specify whether the ConfigMap or its 14041 key must be defined 14042 type: boolean 14043 required: 14044 - key 14045 type: object 14046 secret: 14047 description: Secret containing data to use for the targets. 14048 properties: 14049 key: 14050 description: The key of the secret to select from. Must 14051 be a valid secret key. 14052 type: string 14053 name: 14054 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14055 TODO: Add other useful fields. apiVersion, kind, 14056 uid?' 14057 type: string 14058 optional: 14059 description: Specify whether the Secret or its key 14060 must be defined 14061 type: boolean 14062 required: 14063 - key 14064 type: object 14065 type: object 14066 clientSecret: 14067 description: The secret containing the OAuth2 client secret 14068 properties: 14069 key: 14070 description: The key of the secret to select from. Must 14071 be a valid secret key. 14072 type: string 14073 name: 14074 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14075 TODO: Add other useful fields. apiVersion, kind, uid?' 14076 type: string 14077 optional: 14078 description: Specify whether the Secret or its key must 14079 be defined 14080 type: boolean 14081 required: 14082 - key 14083 type: object 14084 endpointParams: 14085 additionalProperties: 14086 type: string 14087 description: Parameters to append to the token URL 14088 type: object 14089 scopes: 14090 description: OAuth2 scopes used for the token request 14091 items: 14092 type: string 14093 type: array 14094 tokenUrl: 14095 description: The URL to fetch the token from 14096 minLength: 1 14097 type: string 14098 required: 14099 - clientId 14100 - clientSecret 14101 - tokenUrl 14102 type: object 14103 proxyUrl: 14104 description: Optional ProxyURL 14105 type: string 14106 readRecent: 14107 description: Whether reads should be made for queries for time 14108 ranges that the local storage should have complete data for. 14109 type: boolean 14110 remoteTimeout: 14111 description: Timeout for requests to the remote read endpoint. 14112 type: string 14113 requiredMatchers: 14114 additionalProperties: 14115 type: string 14116 description: An optional list of equality matchers which have 14117 to be present in a selector to query the remote read endpoint. 14118 type: object 14119 tlsConfig: 14120 description: TLS Config to use for remote read. 14121 properties: 14122 ca: 14123 description: Struct containing the CA cert to use for the 14124 targets. 14125 properties: 14126 configMap: 14127 description: ConfigMap containing data to use for the 14128 targets. 14129 properties: 14130 key: 14131 description: The key to select. 14132 type: string 14133 name: 14134 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14135 TODO: Add other useful fields. apiVersion, kind, 14136 uid?' 14137 type: string 14138 optional: 14139 description: Specify whether the ConfigMap or its 14140 key must be defined 14141 type: boolean 14142 required: 14143 - key 14144 type: object 14145 secret: 14146 description: Secret containing data to use for the targets. 14147 properties: 14148 key: 14149 description: The key of the secret to select from. Must 14150 be a valid secret key. 14151 type: string 14152 name: 14153 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14154 TODO: Add other useful fields. apiVersion, kind, 14155 uid?' 14156 type: string 14157 optional: 14158 description: Specify whether the Secret or its key 14159 must be defined 14160 type: boolean 14161 required: 14162 - key 14163 type: object 14164 type: object 14165 caFile: 14166 description: Path to the CA cert in the Prometheus container 14167 to use for the targets. 14168 type: string 14169 cert: 14170 description: Struct containing the client cert file for 14171 the targets. 14172 properties: 14173 configMap: 14174 description: ConfigMap containing data to use for the 14175 targets. 14176 properties: 14177 key: 14178 description: The key to select. 14179 type: string 14180 name: 14181 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14182 TODO: Add other useful fields. apiVersion, kind, 14183 uid?' 14184 type: string 14185 optional: 14186 description: Specify whether the ConfigMap or its 14187 key must be defined 14188 type: boolean 14189 required: 14190 - key 14191 type: object 14192 secret: 14193 description: Secret containing data to use for the targets. 14194 properties: 14195 key: 14196 description: The key of the secret to select from. Must 14197 be a valid secret key. 14198 type: string 14199 name: 14200 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14201 TODO: Add other useful fields. apiVersion, kind, 14202 uid?' 14203 type: string 14204 optional: 14205 description: Specify whether the Secret or its key 14206 must be defined 14207 type: boolean 14208 required: 14209 - key 14210 type: object 14211 type: object 14212 certFile: 14213 description: Path to the client cert file in the Prometheus 14214 container for the targets. 14215 type: string 14216 insecureSkipVerify: 14217 description: Disable target certificate validation. 14218 type: boolean 14219 keyFile: 14220 description: Path to the client key file in the Prometheus 14221 container for the targets. 14222 type: string 14223 keySecret: 14224 description: Secret containing the client key file for the 14225 targets. 14226 properties: 14227 key: 14228 description: The key of the secret to select from. Must 14229 be a valid secret key. 14230 type: string 14231 name: 14232 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14233 TODO: Add other useful fields. apiVersion, kind, uid?' 14234 type: string 14235 optional: 14236 description: Specify whether the Secret or its key must 14237 be defined 14238 type: boolean 14239 required: 14240 - key 14241 type: object 14242 serverName: 14243 description: Used to verify the hostname for the targets. 14244 type: string 14245 type: object 14246 url: 14247 description: The URL of the endpoint to send samples to. 14248 type: string 14249 required: 14250 - url 14251 type: object 14252 type: array 14253 remoteWrite: 14254 description: If specified, the remote_write spec. This is an experimental 14255 feature, it may change in any upcoming release in a breaking way. 14256 items: 14257 description: RemoteWriteSpec defines the remote_write configuration 14258 for prometheus. 14259 properties: 14260 authorization: 14261 description: Authorization section for remote write 14262 properties: 14263 credentials: 14264 description: The secret's key that contains the credentials 14265 of the request 14266 properties: 14267 key: 14268 description: The key of the secret to select from. Must 14269 be a valid secret key. 14270 type: string 14271 name: 14272 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14273 TODO: Add other useful fields. apiVersion, kind, uid?' 14274 type: string 14275 optional: 14276 description: Specify whether the Secret or its key must 14277 be defined 14278 type: boolean 14279 required: 14280 - key 14281 type: object 14282 credentialsFile: 14283 description: File to read a secret from, mutually exclusive 14284 with Credentials (from SafeAuthorization) 14285 type: string 14286 type: 14287 description: Set the authentication type. Defaults to Bearer, 14288 Basic will cause an error 14289 type: string 14290 type: object 14291 basicAuth: 14292 description: BasicAuth for the URL. 14293 properties: 14294 password: 14295 description: The secret in the service monitor namespace 14296 that contains the password for authentication. 14297 properties: 14298 key: 14299 description: The key of the secret to select from. Must 14300 be a valid secret key. 14301 type: string 14302 name: 14303 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14304 TODO: Add other useful fields. apiVersion, kind, uid?' 14305 type: string 14306 optional: 14307 description: Specify whether the Secret or its key must 14308 be defined 14309 type: boolean 14310 required: 14311 - key 14312 type: object 14313 username: 14314 description: The secret in the service monitor namespace 14315 that contains the username for authentication. 14316 properties: 14317 key: 14318 description: The key of the secret to select from. Must 14319 be a valid secret key. 14320 type: string 14321 name: 14322 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14323 TODO: Add other useful fields. apiVersion, kind, uid?' 14324 type: string 14325 optional: 14326 description: Specify whether the Secret or its key must 14327 be defined 14328 type: boolean 14329 required: 14330 - key 14331 type: object 14332 type: object 14333 bearerToken: 14334 description: Bearer token for remote write. 14335 type: string 14336 bearerTokenFile: 14337 description: File to read bearer token for remote write. 14338 type: string 14339 headers: 14340 additionalProperties: 14341 type: string 14342 description: Custom HTTP headers to be sent along with each 14343 remote write request. Be aware that headers that are set by 14344 Prometheus itself can't be overwritten. Only valid in Prometheus 14345 versions 2.25.0 and newer. 14346 type: object 14347 metadataConfig: 14348 description: MetadataConfig configures the sending of series 14349 metadata to remote storage. 14350 properties: 14351 send: 14352 description: Whether metric metadata is sent to remote storage 14353 or not. 14354 type: boolean 14355 sendInterval: 14356 description: How frequently metric metadata is sent to remote 14357 storage. 14358 type: string 14359 type: object 14360 name: 14361 description: The name of the remote write queue, must be unique 14362 if specified. The name is used in metrics and logging in order 14363 to differentiate queues. Only valid in Prometheus versions 14364 2.15.0 and newer. 14365 type: string 14366 oauth2: 14367 description: OAuth2 for the URL. Only valid in Prometheus versions 14368 2.27.0 and newer. 14369 properties: 14370 clientId: 14371 description: The secret or configmap containing the OAuth2 14372 client id 14373 properties: 14374 configMap: 14375 description: ConfigMap containing data to use for the 14376 targets. 14377 properties: 14378 key: 14379 description: The key to select. 14380 type: string 14381 name: 14382 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14383 TODO: Add other useful fields. apiVersion, kind, 14384 uid?' 14385 type: string 14386 optional: 14387 description: Specify whether the ConfigMap or its 14388 key must be defined 14389 type: boolean 14390 required: 14391 - key 14392 type: object 14393 secret: 14394 description: Secret containing data to use for the targets. 14395 properties: 14396 key: 14397 description: The key of the secret to select from. Must 14398 be a valid secret key. 14399 type: string 14400 name: 14401 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14402 TODO: Add other useful fields. apiVersion, kind, 14403 uid?' 14404 type: string 14405 optional: 14406 description: Specify whether the Secret or its key 14407 must be defined 14408 type: boolean 14409 required: 14410 - key 14411 type: object 14412 type: object 14413 clientSecret: 14414 description: The secret containing the OAuth2 client secret 14415 properties: 14416 key: 14417 description: The key of the secret to select from. Must 14418 be a valid secret key. 14419 type: string 14420 name: 14421 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14422 TODO: Add other useful fields. apiVersion, kind, uid?' 14423 type: string 14424 optional: 14425 description: Specify whether the Secret or its key must 14426 be defined 14427 type: boolean 14428 required: 14429 - key 14430 type: object 14431 endpointParams: 14432 additionalProperties: 14433 type: string 14434 description: Parameters to append to the token URL 14435 type: object 14436 scopes: 14437 description: OAuth2 scopes used for the token request 14438 items: 14439 type: string 14440 type: array 14441 tokenUrl: 14442 description: The URL to fetch the token from 14443 minLength: 1 14444 type: string 14445 required: 14446 - clientId 14447 - clientSecret 14448 - tokenUrl 14449 type: object 14450 proxyUrl: 14451 description: Optional ProxyURL 14452 type: string 14453 queueConfig: 14454 description: QueueConfig allows tuning of the remote write queue 14455 parameters. 14456 properties: 14457 batchSendDeadline: 14458 description: BatchSendDeadline is the maximum time a sample 14459 will wait in buffer. 14460 type: string 14461 capacity: 14462 description: Capacity is the number of samples to buffer 14463 per shard before we start dropping them. 14464 type: integer 14465 maxBackoff: 14466 description: MaxBackoff is the maximum retry delay. 14467 type: string 14468 maxRetries: 14469 description: MaxRetries is the maximum number of times to 14470 retry a batch on recoverable errors. 14471 type: integer 14472 maxSamplesPerSend: 14473 description: MaxSamplesPerSend is the maximum number of 14474 samples per send. 14475 type: integer 14476 maxShards: 14477 description: MaxShards is the maximum number of shards, 14478 i.e. amount of concurrency. 14479 type: integer 14480 minBackoff: 14481 description: MinBackoff is the initial retry delay. Gets 14482 doubled for every retry. 14483 type: string 14484 minShards: 14485 description: MinShards is the minimum number of shards, 14486 i.e. amount of concurrency. 14487 type: integer 14488 type: object 14489 remoteTimeout: 14490 description: Timeout for requests to the remote write endpoint. 14491 type: string 14492 sendExemplars: 14493 description: Enables sending of exemplars over remote write. 14494 Note that exemplar-storage itself must be enabled using the 14495 enableFeature option for exemplars to be scraped in the first 14496 place. Only valid in Prometheus versions 2.27.0 and newer. 14497 type: boolean 14498 sigv4: 14499 description: Sigv4 allows to configures AWS's Signature Verification 14500 4 14501 properties: 14502 accessKey: 14503 description: AccessKey is the AWS API key. If blank, the 14504 environment variable `AWS_ACCESS_KEY_ID` is used. 14505 properties: 14506 key: 14507 description: The key of the secret to select from. Must 14508 be a valid secret key. 14509 type: string 14510 name: 14511 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14512 TODO: Add other useful fields. apiVersion, kind, uid?' 14513 type: string 14514 optional: 14515 description: Specify whether the Secret or its key must 14516 be defined 14517 type: boolean 14518 required: 14519 - key 14520 type: object 14521 profile: 14522 description: Profile is the named AWS profile used to authenticate. 14523 type: string 14524 region: 14525 description: Region is the AWS region. If blank, the region 14526 from the default credentials chain used. 14527 type: string 14528 roleArn: 14529 description: RoleArn is the named AWS profile used to authenticate. 14530 type: string 14531 secretKey: 14532 description: SecretKey is the AWS API secret. If blank, 14533 the environment variable `AWS_SECRET_ACCESS_KEY` is used. 14534 properties: 14535 key: 14536 description: The key of the secret to select from. Must 14537 be a valid secret key. 14538 type: string 14539 name: 14540 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14541 TODO: Add other useful fields. apiVersion, kind, uid?' 14542 type: string 14543 optional: 14544 description: Specify whether the Secret or its key must 14545 be defined 14546 type: boolean 14547 required: 14548 - key 14549 type: object 14550 type: object 14551 tlsConfig: 14552 description: TLS Config to use for remote write. 14553 properties: 14554 ca: 14555 description: Struct containing the CA cert to use for the 14556 targets. 14557 properties: 14558 configMap: 14559 description: ConfigMap containing data to use for the 14560 targets. 14561 properties: 14562 key: 14563 description: The key to select. 14564 type: string 14565 name: 14566 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14567 TODO: Add other useful fields. apiVersion, kind, 14568 uid?' 14569 type: string 14570 optional: 14571 description: Specify whether the ConfigMap or its 14572 key must be defined 14573 type: boolean 14574 required: 14575 - key 14576 type: object 14577 secret: 14578 description: Secret containing data to use for the targets. 14579 properties: 14580 key: 14581 description: The key of the secret to select from. Must 14582 be a valid secret key. 14583 type: string 14584 name: 14585 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14586 TODO: Add other useful fields. apiVersion, kind, 14587 uid?' 14588 type: string 14589 optional: 14590 description: Specify whether the Secret or its key 14591 must be defined 14592 type: boolean 14593 required: 14594 - key 14595 type: object 14596 type: object 14597 caFile: 14598 description: Path to the CA cert in the Prometheus container 14599 to use for the targets. 14600 type: string 14601 cert: 14602 description: Struct containing the client cert file for 14603 the targets. 14604 properties: 14605 configMap: 14606 description: ConfigMap containing data to use for the 14607 targets. 14608 properties: 14609 key: 14610 description: The key to select. 14611 type: string 14612 name: 14613 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14614 TODO: Add other useful fields. apiVersion, kind, 14615 uid?' 14616 type: string 14617 optional: 14618 description: Specify whether the ConfigMap or its 14619 key must be defined 14620 type: boolean 14621 required: 14622 - key 14623 type: object 14624 secret: 14625 description: Secret containing data to use for the targets. 14626 properties: 14627 key: 14628 description: The key of the secret to select from. Must 14629 be a valid secret key. 14630 type: string 14631 name: 14632 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14633 TODO: Add other useful fields. apiVersion, kind, 14634 uid?' 14635 type: string 14636 optional: 14637 description: Specify whether the Secret or its key 14638 must be defined 14639 type: boolean 14640 required: 14641 - key 14642 type: object 14643 type: object 14644 certFile: 14645 description: Path to the client cert file in the Prometheus 14646 container for the targets. 14647 type: string 14648 insecureSkipVerify: 14649 description: Disable target certificate validation. 14650 type: boolean 14651 keyFile: 14652 description: Path to the client key file in the Prometheus 14653 container for the targets. 14654 type: string 14655 keySecret: 14656 description: Secret containing the client key file for the 14657 targets. 14658 properties: 14659 key: 14660 description: The key of the secret to select from. Must 14661 be a valid secret key. 14662 type: string 14663 name: 14664 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14665 TODO: Add other useful fields. apiVersion, kind, uid?' 14666 type: string 14667 optional: 14668 description: Specify whether the Secret or its key must 14669 be defined 14670 type: boolean 14671 required: 14672 - key 14673 type: object 14674 serverName: 14675 description: Used to verify the hostname for the targets. 14676 type: string 14677 type: object 14678 url: 14679 description: The URL of the endpoint to send samples to. 14680 type: string 14681 writeRelabelConfigs: 14682 description: The list of remote write relabel configurations. 14683 items: 14684 description: 'RelabelConfig allows dynamic rewriting of the 14685 label set, being applied to samples before ingestion. It 14686 defines `<metric_relabel_configs>`-section of Prometheus 14687 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 14688 properties: 14689 action: 14690 description: Action to perform based on regex matching. 14691 Default is 'replace' 14692 type: string 14693 modulus: 14694 description: Modulus to take of the hash of the source 14695 label values. 14696 format: int64 14697 type: integer 14698 regex: 14699 description: Regular expression against which the extracted 14700 value is matched. Default is '(.*)' 14701 type: string 14702 replacement: 14703 description: Replacement value against which a regex replace 14704 is performed if the regular expression matches. Regex 14705 capture groups are available. Default is '$1' 14706 type: string 14707 separator: 14708 description: Separator placed between concatenated source 14709 label values. default is ';'. 14710 type: string 14711 sourceLabels: 14712 description: The source labels select values from existing 14713 labels. Their content is concatenated using the configured 14714 separator and matched against the configured regular 14715 expression for the replace, keep, and drop actions. 14716 items: 14717 type: string 14718 type: array 14719 targetLabel: 14720 description: Label to which the resulting value is written 14721 in a replace action. It is mandatory for replace actions. 14722 Regex capture groups are available. 14723 type: string 14724 type: object 14725 type: array 14726 required: 14727 - url 14728 type: object 14729 type: array 14730 replicaExternalLabelName: 14731 description: Name of Prometheus external label used to denote replica 14732 name. Defaults to the value of `prometheus_replica`. External label 14733 will _not_ be added when value is set to empty string (`""`). 14734 type: string 14735 replicas: 14736 description: Number of replicas of each shard to deploy for a Prometheus 14737 deployment. Number of replicas multiplied by shards is the total 14738 number of Pods created. 14739 format: int32 14740 type: integer 14741 resources: 14742 description: Define resources requests and limits for single Pods. 14743 properties: 14744 limits: 14745 additionalProperties: 14746 anyOf: 14747 - type: integer 14748 - type: string 14749 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 14750 x-kubernetes-int-or-string: true 14751 description: 'Limits describes the maximum amount of compute resources 14752 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 14753 type: object 14754 requests: 14755 additionalProperties: 14756 anyOf: 14757 - type: integer 14758 - type: string 14759 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 14760 x-kubernetes-int-or-string: true 14761 description: 'Requests describes the minimum amount of compute 14762 resources required. If Requests is omitted for a container, 14763 it defaults to Limits if that is explicitly specified, otherwise 14764 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 14765 type: object 14766 type: object 14767 retention: 14768 description: Time duration Prometheus shall retain data for. Default 14769 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 14770 (milliseconds seconds minutes hours days weeks years). 14771 type: string 14772 retentionSize: 14773 description: 'Maximum amount of disk space used by blocks. Supported 14774 units: B, KB, MB, GB, TB, PB, EB. Ex: `512MB`.' 14775 type: string 14776 routePrefix: 14777 description: The route prefix Prometheus registers HTTP handlers for. 14778 This is useful, if using ExternalURL and a proxy is rewriting HTTP 14779 routes of a request, and the actual ExternalURL is still true, but 14780 the server serves requests under a different route prefix. For example 14781 for use with `kubectl proxy`. 14782 type: string 14783 ruleNamespaceSelector: 14784 description: Namespaces to be selected for PrometheusRules discovery. 14785 If unspecified, only the same namespace as the Prometheus object 14786 is in is used. 14787 properties: 14788 matchExpressions: 14789 description: matchExpressions is a list of label selector requirements. 14790 The requirements are ANDed. 14791 items: 14792 description: A label selector requirement is a selector that 14793 contains values, a key, and an operator that relates the key 14794 and values. 14795 properties: 14796 key: 14797 description: key is the label key that the selector applies 14798 to. 14799 type: string 14800 operator: 14801 description: operator represents a key's relationship to 14802 a set of values. Valid operators are In, NotIn, Exists 14803 and DoesNotExist. 14804 type: string 14805 values: 14806 description: values is an array of string values. If the 14807 operator is In or NotIn, the values array must be non-empty. 14808 If the operator is Exists or DoesNotExist, the values 14809 array must be empty. This array is replaced during a strategic 14810 merge patch. 14811 items: 14812 type: string 14813 type: array 14814 required: 14815 - key 14816 - operator 14817 type: object 14818 type: array 14819 matchLabels: 14820 additionalProperties: 14821 type: string 14822 description: matchLabels is a map of {key,value} pairs. A single 14823 {key,value} in the matchLabels map is equivalent to an element 14824 of matchExpressions, whose key field is "key", the operator 14825 is "In", and the values array contains only "value". The requirements 14826 are ANDed. 14827 type: object 14828 type: object 14829 ruleSelector: 14830 description: A selector to select which PrometheusRules to mount for 14831 loading alerting/recording rules from. Until (excluding) Prometheus 14832 Operator v0.24.0 Prometheus Operator will migrate any legacy rule 14833 ConfigMaps to PrometheusRule custom resources selected by RuleSelector. 14834 Make sure it does not match any config maps that you do not want 14835 to be migrated. 14836 properties: 14837 matchExpressions: 14838 description: matchExpressions is a list of label selector requirements. 14839 The requirements are ANDed. 14840 items: 14841 description: A label selector requirement is a selector that 14842 contains values, a key, and an operator that relates the key 14843 and values. 14844 properties: 14845 key: 14846 description: key is the label key that the selector applies 14847 to. 14848 type: string 14849 operator: 14850 description: operator represents a key's relationship to 14851 a set of values. Valid operators are In, NotIn, Exists 14852 and DoesNotExist. 14853 type: string 14854 values: 14855 description: values is an array of string values. If the 14856 operator is In or NotIn, the values array must be non-empty. 14857 If the operator is Exists or DoesNotExist, the values 14858 array must be empty. This array is replaced during a strategic 14859 merge patch. 14860 items: 14861 type: string 14862 type: array 14863 required: 14864 - key 14865 - operator 14866 type: object 14867 type: array 14868 matchLabels: 14869 additionalProperties: 14870 type: string 14871 description: matchLabels is a map of {key,value} pairs. A single 14872 {key,value} in the matchLabels map is equivalent to an element 14873 of matchExpressions, whose key field is "key", the operator 14874 is "In", and the values array contains only "value". The requirements 14875 are ANDed. 14876 type: object 14877 type: object 14878 rules: 14879 description: /--rules.*/ command-line arguments. 14880 properties: 14881 alert: 14882 description: /--rules.alert.*/ command-line arguments 14883 properties: 14884 forGracePeriod: 14885 description: Minimum duration between alert and restored 'for' 14886 state. This is maintained only for alerts with configured 14887 'for' time greater than grace period. 14888 type: string 14889 forOutageTolerance: 14890 description: Max time to tolerate prometheus outage for restoring 14891 'for' state of alert. 14892 type: string 14893 resendDelay: 14894 description: Minimum amount of time to wait before resending 14895 an alert to Alertmanager. 14896 type: string 14897 type: object 14898 type: object 14899 scrapeInterval: 14900 description: 'Interval between consecutive scrapes. Default: `1m`' 14901 type: string 14902 scrapeTimeout: 14903 description: Number of seconds to wait for target to respond before 14904 erroring. 14905 type: string 14906 secrets: 14907 description: Secrets is a list of Secrets in the same namespace as 14908 the Prometheus object, which shall be mounted into the Prometheus 14909 Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>. 14910 items: 14911 type: string 14912 type: array 14913 securityContext: 14914 description: SecurityContext holds pod-level security attributes and 14915 common container settings. This defaults to the default PodSecurityContext. 14916 properties: 14917 fsGroup: 14918 description: "A special supplemental group that applies to all 14919 containers in a pod. Some volume types allow the Kubelet to 14920 change the ownership of that volume to be owned by the pod: 14921 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 14922 set (new files created in the volume will be owned by FSGroup) 14923 3. The permission bits are OR'd with rw-rw---- \n If unset, 14924 the Kubelet will not modify the ownership and permissions of 14925 any volume." 14926 format: int64 14927 type: integer 14928 fsGroupChangePolicy: 14929 description: 'fsGroupChangePolicy defines behavior of changing 14930 ownership and permission of the volume before being exposed 14931 inside Pod. This field will only apply to volume types which 14932 support fsGroup based ownership(and permissions). It will have 14933 no effect on ephemeral volume types such as: secret, configmaps 14934 and emptydir. Valid values are "OnRootMismatch" and "Always". 14935 If not specified, "Always" is used.' 14936 type: string 14937 runAsGroup: 14938 description: The GID to run the entrypoint of the container process. 14939 Uses runtime default if unset. May also be set in SecurityContext. If 14940 set in both SecurityContext and PodSecurityContext, the value 14941 specified in SecurityContext takes precedence for that container. 14942 format: int64 14943 type: integer 14944 runAsNonRoot: 14945 description: Indicates that the container must run as a non-root 14946 user. If true, the Kubelet will validate the image at runtime 14947 to ensure that it does not run as UID 0 (root) and fail to start 14948 the container if it does. If unset or false, no such validation 14949 will be performed. May also be set in SecurityContext. If set 14950 in both SecurityContext and PodSecurityContext, the value specified 14951 in SecurityContext takes precedence. 14952 type: boolean 14953 runAsUser: 14954 description: The UID to run the entrypoint of the container process. 14955 Defaults to user specified in image metadata if unspecified. 14956 May also be set in SecurityContext. If set in both SecurityContext 14957 and PodSecurityContext, the value specified in SecurityContext 14958 takes precedence for that container. 14959 format: int64 14960 type: integer 14961 seLinuxOptions: 14962 description: The SELinux context to be applied to all containers. 14963 If unspecified, the container runtime will allocate a random 14964 SELinux context for each container. May also be set in SecurityContext. If 14965 set in both SecurityContext and PodSecurityContext, the value 14966 specified in SecurityContext takes precedence for that container. 14967 properties: 14968 level: 14969 description: Level is SELinux level label that applies to 14970 the container. 14971 type: string 14972 role: 14973 description: Role is a SELinux role label that applies to 14974 the container. 14975 type: string 14976 type: 14977 description: Type is a SELinux type label that applies to 14978 the container. 14979 type: string 14980 user: 14981 description: User is a SELinux user label that applies to 14982 the container. 14983 type: string 14984 type: object 14985 seccompProfile: 14986 description: The seccomp options to use by the containers in this 14987 pod. 14988 properties: 14989 localhostProfile: 14990 description: localhostProfile indicates a profile defined 14991 in a file on the node should be used. The profile must be 14992 preconfigured on the node to work. Must be a descending 14993 path, relative to the kubelet's configured seccomp profile 14994 location. Must only be set if type is "Localhost". 14995 type: string 14996 type: 14997 description: "type indicates which kind of seccomp profile 14998 will be applied. Valid options are: \n Localhost - a profile 14999 defined in a file on the node should be used. RuntimeDefault 15000 - the container runtime default profile should be used. 15001 Unconfined - no profile should be applied." 15002 type: string 15003 required: 15004 - type 15005 type: object 15006 supplementalGroups: 15007 description: A list of groups applied to the first process run 15008 in each container, in addition to the container's primary GID. If 15009 unspecified, no groups will be added to any container. 15010 items: 15011 format: int64 15012 type: integer 15013 type: array 15014 sysctls: 15015 description: Sysctls hold a list of namespaced sysctls used for 15016 the pod. Pods with unsupported sysctls (by the container runtime) 15017 might fail to launch. 15018 items: 15019 description: Sysctl defines a kernel parameter to be set 15020 properties: 15021 name: 15022 description: Name of a property to set 15023 type: string 15024 value: 15025 description: Value of a property to set 15026 type: string 15027 required: 15028 - name 15029 - value 15030 type: object 15031 type: array 15032 windowsOptions: 15033 description: The Windows specific settings applied to all containers. 15034 If unspecified, the options within a container's SecurityContext 15035 will be used. If set in both SecurityContext and PodSecurityContext, 15036 the value specified in SecurityContext takes precedence. 15037 properties: 15038 gmsaCredentialSpec: 15039 description: GMSACredentialSpec is where the GMSA admission 15040 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 15041 inlines the contents of the GMSA credential spec named by 15042 the GMSACredentialSpecName field. 15043 type: string 15044 gmsaCredentialSpecName: 15045 description: GMSACredentialSpecName is the name of the GMSA 15046 credential spec to use. 15047 type: string 15048 hostProcess: 15049 description: HostProcess determines if a container should 15050 be run as a 'Host Process' container. This field is alpha-level 15051 and will only be honored by components that enable the WindowsHostProcessContainers 15052 feature flag. Setting this field without the feature flag 15053 will result in errors when validating the Pod. All of a 15054 Pod's containers must have the same effective HostProcess 15055 value (it is not allowed to have a mix of HostProcess containers 15056 and non-HostProcess containers). In addition, if HostProcess 15057 is true then HostNetwork must also be set to true. 15058 type: boolean 15059 runAsUserName: 15060 description: The UserName in Windows to run the entrypoint 15061 of the container process. Defaults to the user specified 15062 in image metadata if unspecified. May also be set in PodSecurityContext. 15063 If set in both SecurityContext and PodSecurityContext, the 15064 value specified in SecurityContext takes precedence. 15065 type: string 15066 type: object 15067 type: object 15068 serviceAccountName: 15069 description: ServiceAccountName is the name of the ServiceAccount 15070 to use to run the Prometheus Pods. 15071 type: string 15072 serviceMonitorNamespaceSelector: 15073 description: Namespace's labels to match for ServiceMonitor discovery. 15074 If nil, only check own namespace. 15075 properties: 15076 matchExpressions: 15077 description: matchExpressions is a list of label selector requirements. 15078 The requirements are ANDed. 15079 items: 15080 description: A label selector requirement is a selector that 15081 contains values, a key, and an operator that relates the key 15082 and values. 15083 properties: 15084 key: 15085 description: key is the label key that the selector applies 15086 to. 15087 type: string 15088 operator: 15089 description: operator represents a key's relationship to 15090 a set of values. Valid operators are In, NotIn, Exists 15091 and DoesNotExist. 15092 type: string 15093 values: 15094 description: values is an array of string values. If the 15095 operator is In or NotIn, the values array must be non-empty. 15096 If the operator is Exists or DoesNotExist, the values 15097 array must be empty. This array is replaced during a strategic 15098 merge patch. 15099 items: 15100 type: string 15101 type: array 15102 required: 15103 - key 15104 - operator 15105 type: object 15106 type: array 15107 matchLabels: 15108 additionalProperties: 15109 type: string 15110 description: matchLabels is a map of {key,value} pairs. A single 15111 {key,value} in the matchLabels map is equivalent to an element 15112 of matchExpressions, whose key field is "key", the operator 15113 is "In", and the values array contains only "value". The requirements 15114 are ANDed. 15115 type: object 15116 type: object 15117 serviceMonitorSelector: 15118 description: ServiceMonitors to be selected for target discovery. 15119 *Deprecated:* if neither this nor podMonitorSelector are specified, 15120 configuration is unmanaged. 15121 properties: 15122 matchExpressions: 15123 description: matchExpressions is a list of label selector requirements. 15124 The requirements are ANDed. 15125 items: 15126 description: A label selector requirement is a selector that 15127 contains values, a key, and an operator that relates the key 15128 and values. 15129 properties: 15130 key: 15131 description: key is the label key that the selector applies 15132 to. 15133 type: string 15134 operator: 15135 description: operator represents a key's relationship to 15136 a set of values. Valid operators are In, NotIn, Exists 15137 and DoesNotExist. 15138 type: string 15139 values: 15140 description: values is an array of string values. If the 15141 operator is In or NotIn, the values array must be non-empty. 15142 If the operator is Exists or DoesNotExist, the values 15143 array must be empty. This array is replaced during a strategic 15144 merge patch. 15145 items: 15146 type: string 15147 type: array 15148 required: 15149 - key 15150 - operator 15151 type: object 15152 type: array 15153 matchLabels: 15154 additionalProperties: 15155 type: string 15156 description: matchLabels is a map of {key,value} pairs. A single 15157 {key,value} in the matchLabels map is equivalent to an element 15158 of matchExpressions, whose key field is "key", the operator 15159 is "In", and the values array contains only "value". The requirements 15160 are ANDed. 15161 type: object 15162 type: object 15163 sha: 15164 description: 'SHA of Prometheus container image to be deployed. Defaults 15165 to the value of `version`. Similar to a tag, but the SHA explicitly 15166 deploys an immutable container image. Version and Tag are ignored 15167 if SHA is set. Deprecated: use ''image'' instead. The image digest 15168 can be specified as part of the image URL.' 15169 type: string 15170 shards: 15171 description: 'EXPERIMENTAL: Number of shards to distribute targets 15172 onto. Number of replicas multiplied by shards is the total number 15173 of Pods created. Note that scaling down shards will not reshard 15174 data onto remaining instances, it must be manually moved. Increasing 15175 shards will not reshard data either but it will continue to be available 15176 from the same instances. To query globally use Thanos sidecar and 15177 Thanos querier or remote write data to a central location. Sharding 15178 is done on the content of the `__address__` target meta-label.' 15179 format: int32 15180 type: integer 15181 storage: 15182 description: Storage spec to specify how storage shall be used. 15183 properties: 15184 disableMountSubPath: 15185 description: 'Deprecated: subPath usage will be disabled by default 15186 in a future release, this option will become unnecessary. DisableMountSubPath 15187 allows to remove any subPath usage in volume mounts.' 15188 type: boolean 15189 emptyDir: 15190 description: 'EmptyDirVolumeSource to be used by the Prometheus 15191 StatefulSets. If specified, used in place of any volumeClaimTemplate. 15192 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 15193 properties: 15194 medium: 15195 description: 'What type of storage medium should back this 15196 directory. The default is "" which means to use the node''s 15197 default medium. Must be an empty string (default) or Memory. 15198 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 15199 type: string 15200 sizeLimit: 15201 anyOf: 15202 - type: integer 15203 - type: string 15204 description: 'Total amount of local storage required for this 15205 EmptyDir volume. The size limit is also applicable for memory 15206 medium. The maximum usage on memory medium EmptyDir would 15207 be the minimum value between the SizeLimit specified here 15208 and the sum of memory limits of all containers in a pod. 15209 The default is nil which means that the limit is undefined. 15210 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 15211 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15212 x-kubernetes-int-or-string: true 15213 type: object 15214 ephemeral: 15215 description: 'EphemeralVolumeSource to be used by the Prometheus 15216 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 15217 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 15218 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 15219 properties: 15220 volumeClaimTemplate: 15221 description: "Will be used to create a stand-alone PVC to 15222 provision the volume. The pod in which this EphemeralVolumeSource 15223 is embedded will be the owner of the PVC, i.e. the PVC will 15224 be deleted together with the pod. The name of the PVC will 15225 be `<pod name>-<volume name>` where `<volume name>` is the 15226 name from the `PodSpec.Volumes` array entry. Pod validation 15227 will reject the pod if the concatenated name is not valid 15228 for a PVC (for example, too long). \n An existing PVC with 15229 that name that is not owned by the pod will *not* be used 15230 for the pod to avoid using an unrelated volume by mistake. 15231 Starting the pod is then blocked until the unrelated PVC 15232 is removed. If such a pre-created PVC is meant to be used 15233 by the pod, the PVC has to updated with an owner reference 15234 to the pod once the pod exists. Normally this should not 15235 be necessary, but it may be useful when manually reconstructing 15236 a broken cluster. \n This field is read-only and no changes 15237 will be made by Kubernetes to the PVC after it has been 15238 created. \n Required, must not be nil." 15239 properties: 15240 metadata: 15241 description: May contain labels and annotations that will 15242 be copied into the PVC when creating it. No other fields 15243 are allowed and will be rejected during validation. 15244 type: object 15245 spec: 15246 description: The specification for the PersistentVolumeClaim. 15247 The entire content is copied unchanged into the PVC 15248 that gets created from this template. The same fields 15249 as in a PersistentVolumeClaim are also valid here. 15250 properties: 15251 accessModes: 15252 description: 'AccessModes contains the desired access 15253 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 15254 items: 15255 type: string 15256 type: array 15257 dataSource: 15258 description: 'This field can be used to specify either: 15259 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 15260 * An existing PVC (PersistentVolumeClaim) If the 15261 provisioner or an external controller can support 15262 the specified data source, it will create a new 15263 volume based on the contents of the specified data 15264 source. If the AnyVolumeDataSource feature gate 15265 is enabled, this field will always have the same 15266 contents as the DataSourceRef field.' 15267 properties: 15268 apiGroup: 15269 description: APIGroup is the group for the resource 15270 being referenced. If APIGroup is not specified, 15271 the specified Kind must be in the core API group. 15272 For any other third-party types, APIGroup is 15273 required. 15274 type: string 15275 kind: 15276 description: Kind is the type of resource being 15277 referenced 15278 type: string 15279 name: 15280 description: Name is the name of resource being 15281 referenced 15282 type: string 15283 required: 15284 - kind 15285 - name 15286 type: object 15287 dataSourceRef: 15288 description: 'Specifies the object from which to populate 15289 the volume with data, if a non-empty volume is desired. 15290 This may be any local object from a non-empty API 15291 group (non core object) or a PersistentVolumeClaim 15292 object. When this field is specified, volume binding 15293 will only succeed if the type of the specified object 15294 matches some installed volume populator or dynamic 15295 provisioner. This field will replace the functionality 15296 of the DataSource field and as such if both fields 15297 are non-empty, they must have the same value. For 15298 backwards compatibility, both fields (DataSource 15299 and DataSourceRef) will be set to the same value 15300 automatically if one of them is empty and the other 15301 is non-empty. There are two important differences 15302 between DataSource and DataSourceRef: * While DataSource 15303 only allows two specific types of objects, DataSourceRef allows 15304 any non-core object, as well as PersistentVolumeClaim 15305 objects. * While DataSource ignores disallowed values 15306 (dropping them), DataSourceRef preserves all values, 15307 and generates an error if a disallowed value is specified. 15308 (Alpha) Using this field requires the AnyVolumeDataSource 15309 feature gate to be enabled.' 15310 properties: 15311 apiGroup: 15312 description: APIGroup is the group for the resource 15313 being referenced. If APIGroup is not specified, 15314 the specified Kind must be in the core API group. 15315 For any other third-party types, APIGroup is 15316 required. 15317 type: string 15318 kind: 15319 description: Kind is the type of resource being 15320 referenced 15321 type: string 15322 name: 15323 description: Name is the name of resource being 15324 referenced 15325 type: string 15326 required: 15327 - kind 15328 - name 15329 type: object 15330 resources: 15331 description: 'Resources represents the minimum resources 15332 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 15333 properties: 15334 limits: 15335 additionalProperties: 15336 anyOf: 15337 - type: integer 15338 - type: string 15339 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15340 x-kubernetes-int-or-string: true 15341 description: 'Limits describes the maximum amount 15342 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15343 type: object 15344 requests: 15345 additionalProperties: 15346 anyOf: 15347 - type: integer 15348 - type: string 15349 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15350 x-kubernetes-int-or-string: true 15351 description: 'Requests describes the minimum amount 15352 of compute resources required. If Requests is 15353 omitted for a container, it defaults to Limits 15354 if that is explicitly specified, otherwise to 15355 an implementation-defined value. More info: 15356 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15357 type: object 15358 type: object 15359 selector: 15360 description: A label query over volumes to consider 15361 for binding. 15362 properties: 15363 matchExpressions: 15364 description: matchExpressions is a list of label 15365 selector requirements. The requirements are 15366 ANDed. 15367 items: 15368 description: A label selector requirement is 15369 a selector that contains values, a key, and 15370 an operator that relates the key and values. 15371 properties: 15372 key: 15373 description: key is the label key that the 15374 selector applies to. 15375 type: string 15376 operator: 15377 description: operator represents a key's 15378 relationship to a set of values. Valid 15379 operators are In, NotIn, Exists and DoesNotExist. 15380 type: string 15381 values: 15382 description: values is an array of string 15383 values. If the operator is In or NotIn, 15384 the values array must be non-empty. If 15385 the operator is Exists or DoesNotExist, 15386 the values array must be empty. This array 15387 is replaced during a strategic merge patch. 15388 items: 15389 type: string 15390 type: array 15391 required: 15392 - key 15393 - operator 15394 type: object 15395 type: array 15396 matchLabels: 15397 additionalProperties: 15398 type: string 15399 description: matchLabels is a map of {key,value} 15400 pairs. A single {key,value} in the matchLabels 15401 map is equivalent to an element of matchExpressions, 15402 whose key field is "key", the operator is "In", 15403 and the values array contains only "value". 15404 The requirements are ANDed. 15405 type: object 15406 type: object 15407 storageClassName: 15408 description: 'Name of the StorageClass required by 15409 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 15410 type: string 15411 volumeMode: 15412 description: volumeMode defines what type of volume 15413 is required by the claim. Value of Filesystem is 15414 implied when not included in claim spec. 15415 type: string 15416 volumeName: 15417 description: VolumeName is the binding reference to 15418 the PersistentVolume backing this claim. 15419 type: string 15420 type: object 15421 required: 15422 - spec 15423 type: object 15424 type: object 15425 volumeClaimTemplate: 15426 description: A PVC spec to be used by the Prometheus StatefulSets. 15427 properties: 15428 apiVersion: 15429 description: 'APIVersion defines the versioned schema of this 15430 representation of an object. Servers should convert recognized 15431 schemas to the latest internal value, and may reject unrecognized 15432 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 15433 type: string 15434 kind: 15435 description: 'Kind is a string value representing the REST 15436 resource this object represents. Servers may infer this 15437 from the endpoint the client submits requests to. Cannot 15438 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 15439 type: string 15440 metadata: 15441 description: EmbeddedMetadata contains metadata relevant to 15442 an EmbeddedResource. 15443 properties: 15444 annotations: 15445 additionalProperties: 15446 type: string 15447 description: 'Annotations is an unstructured key value 15448 map stored with a resource that may be set by external 15449 tools to store and retrieve arbitrary metadata. They 15450 are not queryable and should be preserved when modifying 15451 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 15452 type: object 15453 labels: 15454 additionalProperties: 15455 type: string 15456 description: 'Map of string keys and values that can be 15457 used to organize and categorize (scope and select) objects. 15458 May match selectors of replication controllers and services. 15459 More info: http://kubernetes.io/docs/user-guide/labels' 15460 type: object 15461 name: 15462 description: 'Name must be unique within a namespace. 15463 Is required when creating resources, although some resources 15464 may allow a client to request the generation of an appropriate 15465 name automatically. Name is primarily intended for creation 15466 idempotence and configuration definition. Cannot be 15467 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 15468 type: string 15469 type: object 15470 spec: 15471 description: 'Spec defines the desired characteristics of 15472 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 15473 properties: 15474 accessModes: 15475 description: 'AccessModes contains the desired access 15476 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 15477 items: 15478 type: string 15479 type: array 15480 dataSource: 15481 description: 'This field can be used to specify either: 15482 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 15483 * An existing PVC (PersistentVolumeClaim) If the provisioner 15484 or an external controller can support the specified 15485 data source, it will create a new volume based on the 15486 contents of the specified data source. If the AnyVolumeDataSource 15487 feature gate is enabled, this field will always have 15488 the same contents as the DataSourceRef field.' 15489 properties: 15490 apiGroup: 15491 description: APIGroup is the group for the resource 15492 being referenced. If APIGroup is not specified, 15493 the specified Kind must be in the core API group. 15494 For any other third-party types, APIGroup is required. 15495 type: string 15496 kind: 15497 description: Kind is the type of resource being referenced 15498 type: string 15499 name: 15500 description: Name is the name of resource being referenced 15501 type: string 15502 required: 15503 - kind 15504 - name 15505 type: object 15506 dataSourceRef: 15507 description: 'Specifies the object from which to populate 15508 the volume with data, if a non-empty volume is desired. 15509 This may be any local object from a non-empty API group 15510 (non core object) or a PersistentVolumeClaim object. 15511 When this field is specified, volume binding will only 15512 succeed if the type of the specified object matches 15513 some installed volume populator or dynamic provisioner. 15514 This field will replace the functionality of the DataSource 15515 field and as such if both fields are non-empty, they 15516 must have the same value. For backwards compatibility, 15517 both fields (DataSource and DataSourceRef) will be set 15518 to the same value automatically if one of them is empty 15519 and the other is non-empty. There are two important 15520 differences between DataSource and DataSourceRef: * 15521 While DataSource only allows two specific types of objects, 15522 DataSourceRef allows any non-core object, as well 15523 as PersistentVolumeClaim objects. * While DataSource 15524 ignores disallowed values (dropping them), DataSourceRef preserves 15525 all values, and generates an error if a disallowed value 15526 is specified. (Alpha) Using this field requires the 15527 AnyVolumeDataSource feature gate to be enabled.' 15528 properties: 15529 apiGroup: 15530 description: APIGroup is the group for the resource 15531 being referenced. If APIGroup is not specified, 15532 the specified Kind must be in the core API group. 15533 For any other third-party types, APIGroup is required. 15534 type: string 15535 kind: 15536 description: Kind is the type of resource being referenced 15537 type: string 15538 name: 15539 description: Name is the name of resource being referenced 15540 type: string 15541 required: 15542 - kind 15543 - name 15544 type: object 15545 resources: 15546 description: 'Resources represents the minimum resources 15547 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 15548 properties: 15549 limits: 15550 additionalProperties: 15551 anyOf: 15552 - type: integer 15553 - type: string 15554 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15555 x-kubernetes-int-or-string: true 15556 description: 'Limits describes the maximum amount 15557 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15558 type: object 15559 requests: 15560 additionalProperties: 15561 anyOf: 15562 - type: integer 15563 - type: string 15564 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15565 x-kubernetes-int-or-string: true 15566 description: 'Requests describes the minimum amount 15567 of compute resources required. If Requests is omitted 15568 for a container, it defaults to Limits if that is 15569 explicitly specified, otherwise to an implementation-defined 15570 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15571 type: object 15572 type: object 15573 selector: 15574 description: A label query over volumes to consider for 15575 binding. 15576 properties: 15577 matchExpressions: 15578 description: matchExpressions is a list of label selector 15579 requirements. The requirements are ANDed. 15580 items: 15581 description: A label selector requirement is a selector 15582 that contains values, a key, and an operator that 15583 relates the key and values. 15584 properties: 15585 key: 15586 description: key is the label key that the selector 15587 applies to. 15588 type: string 15589 operator: 15590 description: operator represents a key's relationship 15591 to a set of values. Valid operators are In, 15592 NotIn, Exists and DoesNotExist. 15593 type: string 15594 values: 15595 description: values is an array of string values. 15596 If the operator is In or NotIn, the values 15597 array must be non-empty. If the operator is 15598 Exists or DoesNotExist, the values array must 15599 be empty. This array is replaced during a 15600 strategic merge patch. 15601 items: 15602 type: string 15603 type: array 15604 required: 15605 - key 15606 - operator 15607 type: object 15608 type: array 15609 matchLabels: 15610 additionalProperties: 15611 type: string 15612 description: matchLabels is a map of {key,value} pairs. 15613 A single {key,value} in the matchLabels map is equivalent 15614 to an element of matchExpressions, whose key field 15615 is "key", the operator is "In", and the values array 15616 contains only "value". The requirements are ANDed. 15617 type: object 15618 type: object 15619 storageClassName: 15620 description: 'Name of the StorageClass required by the 15621 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 15622 type: string 15623 volumeMode: 15624 description: volumeMode defines what type of volume is 15625 required by the claim. Value of Filesystem is implied 15626 when not included in claim spec. 15627 type: string 15628 volumeName: 15629 description: VolumeName is the binding reference to the 15630 PersistentVolume backing this claim. 15631 type: string 15632 type: object 15633 status: 15634 description: 'Status represents the current information/status 15635 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 15636 properties: 15637 accessModes: 15638 description: 'AccessModes contains the actual access modes 15639 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 15640 items: 15641 type: string 15642 type: array 15643 capacity: 15644 additionalProperties: 15645 anyOf: 15646 - type: integer 15647 - type: string 15648 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15649 x-kubernetes-int-or-string: true 15650 description: Represents the actual resources of the underlying 15651 volume. 15652 type: object 15653 conditions: 15654 description: Current Condition of persistent volume claim. 15655 If underlying persistent volume is being resized then 15656 the Condition will be set to 'ResizeStarted'. 15657 items: 15658 description: PersistentVolumeClaimCondition contails 15659 details about state of pvc 15660 properties: 15661 lastProbeTime: 15662 description: Last time we probed the condition. 15663 format: date-time 15664 type: string 15665 lastTransitionTime: 15666 description: Last time the condition transitioned 15667 from one status to another. 15668 format: date-time 15669 type: string 15670 message: 15671 description: Human-readable message indicating details 15672 about last transition. 15673 type: string 15674 reason: 15675 description: Unique, this should be a short, machine 15676 understandable string that gives the reason for 15677 condition's last transition. If it reports "ResizeStarted" 15678 that means the underlying persistent volume is 15679 being resized. 15680 type: string 15681 status: 15682 type: string 15683 type: 15684 description: PersistentVolumeClaimConditionType 15685 is a valid value of PersistentVolumeClaimCondition.Type 15686 type: string 15687 required: 15688 - status 15689 - type 15690 type: object 15691 type: array 15692 phase: 15693 description: Phase represents the current phase of PersistentVolumeClaim. 15694 type: string 15695 type: object 15696 type: object 15697 type: object 15698 tag: 15699 description: 'Tag of Prometheus container image to be deployed. Defaults 15700 to the value of `version`. Version is ignored if Tag is set. Deprecated: 15701 use ''image'' instead. The image tag can be specified as part of 15702 the image URL.' 15703 type: string 15704 thanos: 15705 description: "Thanos configuration allows configuring various aspects 15706 of a Prometheus server in a Thanos environment. \n This section 15707 is experimental, it may change significantly without deprecation 15708 notice in any release. \n This is experimental and may change significantly 15709 without backward compatibility in any release." 15710 properties: 15711 baseImage: 15712 description: 'Thanos base image if other than default. Deprecated: 15713 use ''image'' instead' 15714 type: string 15715 grpcServerTlsConfig: 15716 description: 'GRPCServerTLSConfig configures the gRPC server from 15717 which Thanos Querier reads recorded rule data. Note: Currently 15718 only the CAFile, CertFile, and KeyFile fields are supported. 15719 Maps to the ''--grpc-server-tls-*'' CLI args.' 15720 properties: 15721 ca: 15722 description: Struct containing the CA cert to use for the 15723 targets. 15724 properties: 15725 configMap: 15726 description: ConfigMap containing data to use for the 15727 targets. 15728 properties: 15729 key: 15730 description: The key to select. 15731 type: string 15732 name: 15733 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15734 TODO: Add other useful fields. apiVersion, kind, 15735 uid?' 15736 type: string 15737 optional: 15738 description: Specify whether the ConfigMap or its 15739 key must be defined 15740 type: boolean 15741 required: 15742 - key 15743 type: object 15744 secret: 15745 description: Secret containing data to use for the targets. 15746 properties: 15747 key: 15748 description: The key of the secret to select from. Must 15749 be a valid secret key. 15750 type: string 15751 name: 15752 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15753 TODO: Add other useful fields. apiVersion, kind, 15754 uid?' 15755 type: string 15756 optional: 15757 description: Specify whether the Secret or its key 15758 must be defined 15759 type: boolean 15760 required: 15761 - key 15762 type: object 15763 type: object 15764 caFile: 15765 description: Path to the CA cert in the Prometheus container 15766 to use for the targets. 15767 type: string 15768 cert: 15769 description: Struct containing the client cert file for the 15770 targets. 15771 properties: 15772 configMap: 15773 description: ConfigMap containing data to use for the 15774 targets. 15775 properties: 15776 key: 15777 description: The key to select. 15778 type: string 15779 name: 15780 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15781 TODO: Add other useful fields. apiVersion, kind, 15782 uid?' 15783 type: string 15784 optional: 15785 description: Specify whether the ConfigMap or its 15786 key must be defined 15787 type: boolean 15788 required: 15789 - key 15790 type: object 15791 secret: 15792 description: Secret containing data to use for the targets. 15793 properties: 15794 key: 15795 description: The key of the secret to select from. Must 15796 be a valid secret key. 15797 type: string 15798 name: 15799 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15800 TODO: Add other useful fields. apiVersion, kind, 15801 uid?' 15802 type: string 15803 optional: 15804 description: Specify whether the Secret or its key 15805 must be defined 15806 type: boolean 15807 required: 15808 - key 15809 type: object 15810 type: object 15811 certFile: 15812 description: Path to the client cert file in the Prometheus 15813 container for the targets. 15814 type: string 15815 insecureSkipVerify: 15816 description: Disable target certificate validation. 15817 type: boolean 15818 keyFile: 15819 description: Path to the client key file in the Prometheus 15820 container for the targets. 15821 type: string 15822 keySecret: 15823 description: Secret containing the client key file for the 15824 targets. 15825 properties: 15826 key: 15827 description: The key of the secret to select from. Must 15828 be a valid secret key. 15829 type: string 15830 name: 15831 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15832 TODO: Add other useful fields. apiVersion, kind, uid?' 15833 type: string 15834 optional: 15835 description: Specify whether the Secret or its key must 15836 be defined 15837 type: boolean 15838 required: 15839 - key 15840 type: object 15841 serverName: 15842 description: Used to verify the hostname for the targets. 15843 type: string 15844 type: object 15845 image: 15846 description: Image if specified has precedence over baseImage, 15847 tag and sha combinations. Specifying the version is still necessary 15848 to ensure the Prometheus Operator knows what version of Thanos 15849 is being configured. 15850 type: string 15851 listenLocal: 15852 description: ListenLocal makes the Thanos sidecar listen on loopback, 15853 so that it does not bind against the Pod IP. 15854 type: boolean 15855 logFormat: 15856 description: LogFormat for Thanos sidecar to be configured with. 15857 type: string 15858 logLevel: 15859 description: LogLevel for Thanos sidecar to be configured with. 15860 type: string 15861 minTime: 15862 description: MinTime for Thanos sidecar to be configured with. 15863 Option can be a constant time in RFC3339 format or time duration 15864 relative to current time, such as -1d or 2h45m. Valid duration 15865 units are ms, s, m, h, d, w, y. 15866 type: string 15867 objectStorageConfig: 15868 description: ObjectStorageConfig configures object storage in 15869 Thanos. Alternative to ObjectStorageConfigFile, and lower order 15870 priority. 15871 properties: 15872 key: 15873 description: The key of the secret to select from. Must be 15874 a valid secret key. 15875 type: string 15876 name: 15877 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15878 TODO: Add other useful fields. apiVersion, kind, uid?' 15879 type: string 15880 optional: 15881 description: Specify whether the Secret or its key must be 15882 defined 15883 type: boolean 15884 required: 15885 - key 15886 type: object 15887 objectStorageConfigFile: 15888 description: ObjectStorageConfigFile specifies the path of the 15889 object storage configuration file. When used alongside with 15890 ObjectStorageConfig, ObjectStorageConfigFile takes precedence. 15891 type: string 15892 readyTimeout: 15893 description: ReadyTimeout is the maximum time Thanos sidecar will 15894 wait for Prometheus to start. Eg 10m 15895 type: string 15896 resources: 15897 description: Resources defines the resource requirements for the 15898 Thanos sidecar. If not provided, no requests/limits will be 15899 set 15900 properties: 15901 limits: 15902 additionalProperties: 15903 anyOf: 15904 - type: integer 15905 - type: string 15906 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15907 x-kubernetes-int-or-string: true 15908 description: 'Limits describes the maximum amount of compute 15909 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15910 type: object 15911 requests: 15912 additionalProperties: 15913 anyOf: 15914 - type: integer 15915 - type: string 15916 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 15917 x-kubernetes-int-or-string: true 15918 description: 'Requests describes the minimum amount of compute 15919 resources required. If Requests is omitted for a container, 15920 it defaults to Limits if that is explicitly specified, otherwise 15921 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 15922 type: object 15923 type: object 15924 sha: 15925 description: 'SHA of Thanos container image to be deployed. Defaults 15926 to the value of `version`. Similar to a tag, but the SHA explicitly 15927 deploys an immutable container image. Version and Tag are ignored 15928 if SHA is set. Deprecated: use ''image'' instead. The image 15929 digest can be specified as part of the image URL.' 15930 type: string 15931 tag: 15932 description: 'Tag of Thanos sidecar container image to be deployed. 15933 Defaults to the value of `version`. Version is ignored if Tag 15934 is set. Deprecated: use ''image'' instead. The image tag can 15935 be specified as part of the image URL.' 15936 type: string 15937 tracingConfig: 15938 description: TracingConfig configures tracing in Thanos. This 15939 is an experimental feature, it may change in any upcoming release 15940 in a breaking way. 15941 properties: 15942 key: 15943 description: The key of the secret to select from. Must be 15944 a valid secret key. 15945 type: string 15946 name: 15947 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15948 TODO: Add other useful fields. apiVersion, kind, uid?' 15949 type: string 15950 optional: 15951 description: Specify whether the Secret or its key must be 15952 defined 15953 type: boolean 15954 required: 15955 - key 15956 type: object 15957 tracingConfigFile: 15958 description: TracingConfig specifies the path of the tracing configuration 15959 file. When used alongside with TracingConfig, TracingConfigFile 15960 takes precedence. 15961 type: string 15962 version: 15963 description: Version describes the version of Thanos to use. 15964 type: string 15965 volumeMounts: 15966 description: VolumeMounts allows configuration of additional VolumeMounts 15967 on the output StatefulSet definition. VolumeMounts specified 15968 will be appended to other VolumeMounts in the thanos-sidecar 15969 container. 15970 items: 15971 description: VolumeMount describes a mounting of a Volume within 15972 a container. 15973 properties: 15974 mountPath: 15975 description: Path within the container at which the volume 15976 should be mounted. Must not contain ':'. 15977 type: string 15978 mountPropagation: 15979 description: mountPropagation determines how mounts are 15980 propagated from the host to container and the other way 15981 around. When not set, MountPropagationNone is used. This 15982 field is beta in 1.10. 15983 type: string 15984 name: 15985 description: This must match the Name of a Volume. 15986 type: string 15987 readOnly: 15988 description: Mounted read-only if true, read-write otherwise 15989 (false or unspecified). Defaults to false. 15990 type: boolean 15991 subPath: 15992 description: Path within the volume from which the container's 15993 volume should be mounted. Defaults to "" (volume's root). 15994 type: string 15995 subPathExpr: 15996 description: Expanded path within the volume from which 15997 the container's volume should be mounted. Behaves similarly 15998 to SubPath but environment variable references $(VAR_NAME) 15999 are expanded using the container's environment. Defaults 16000 to "" (volume's root). SubPathExpr and SubPath are mutually 16001 exclusive. 16002 type: string 16003 required: 16004 - mountPath 16005 - name 16006 type: object 16007 type: array 16008 type: object 16009 tolerations: 16010 description: If specified, the pod's tolerations. 16011 items: 16012 description: The pod this Toleration is attached to tolerates any 16013 taint that matches the triple <key,value,effect> using the matching 16014 operator <operator>. 16015 properties: 16016 effect: 16017 description: Effect indicates the taint effect to match. Empty 16018 means match all taint effects. When specified, allowed values 16019 are NoSchedule, PreferNoSchedule and NoExecute. 16020 type: string 16021 key: 16022 description: Key is the taint key that the toleration applies 16023 to. Empty means match all taint keys. If the key is empty, 16024 operator must be Exists; this combination means to match all 16025 values and all keys. 16026 type: string 16027 operator: 16028 description: Operator represents a key's relationship to the 16029 value. Valid operators are Exists and Equal. Defaults to Equal. 16030 Exists is equivalent to wildcard for value, so that a pod 16031 can tolerate all taints of a particular category. 16032 type: string 16033 tolerationSeconds: 16034 description: TolerationSeconds represents the period of time 16035 the toleration (which must be of effect NoExecute, otherwise 16036 this field is ignored) tolerates the taint. By default, it 16037 is not set, which means tolerate the taint forever (do not 16038 evict). Zero and negative values will be treated as 0 (evict 16039 immediately) by the system. 16040 format: int64 16041 type: integer 16042 value: 16043 description: Value is the taint value the toleration matches 16044 to. If the operator is Exists, the value should be empty, 16045 otherwise just a regular string. 16046 type: string 16047 type: object 16048 type: array 16049 topologySpreadConstraints: 16050 description: If specified, the pod's topology spread constraints. 16051 items: 16052 description: TopologySpreadConstraint specifies how to spread matching 16053 pods among the given topology. 16054 properties: 16055 labelSelector: 16056 description: LabelSelector is used to find matching pods. Pods 16057 that match this label selector are counted to determine the 16058 number of pods in their corresponding topology domain. 16059 properties: 16060 matchExpressions: 16061 description: matchExpressions is a list of label selector 16062 requirements. The requirements are ANDed. 16063 items: 16064 description: A label selector requirement is a selector 16065 that contains values, a key, and an operator that relates 16066 the key and values. 16067 properties: 16068 key: 16069 description: key is the label key that the selector 16070 applies to. 16071 type: string 16072 operator: 16073 description: operator represents a key's relationship 16074 to a set of values. Valid operators are In, NotIn, 16075 Exists and DoesNotExist. 16076 type: string 16077 values: 16078 description: values is an array of string values. 16079 If the operator is In or NotIn, the values array 16080 must be non-empty. If the operator is Exists or 16081 DoesNotExist, the values array must be empty. This 16082 array is replaced during a strategic merge patch. 16083 items: 16084 type: string 16085 type: array 16086 required: 16087 - key 16088 - operator 16089 type: object 16090 type: array 16091 matchLabels: 16092 additionalProperties: 16093 type: string 16094 description: matchLabels is a map of {key,value} pairs. 16095 A single {key,value} in the matchLabels map is equivalent 16096 to an element of matchExpressions, whose key field is 16097 "key", the operator is "In", and the values array contains 16098 only "value". The requirements are ANDed. 16099 type: object 16100 type: object 16101 maxSkew: 16102 description: 'MaxSkew describes the degree to which pods may 16103 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 16104 it is the maximum permitted difference between the number 16105 of matching pods in the target topology and the global minimum. 16106 For example, in a 3-zone cluster, MaxSkew is set to 1, and 16107 pods with the same labelSelector spread as 1/1/0: | zone1 16108 | zone2 | zone3 | | P | P | | - if MaxSkew is 16109 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 16110 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 16111 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 16112 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 16113 it is used to give higher precedence to topologies that satisfy 16114 it. It''s a required field. Default value is 1 and 0 is not 16115 allowed.' 16116 format: int32 16117 type: integer 16118 topologyKey: 16119 description: TopologyKey is the key of node labels. Nodes that 16120 have a label with this key and identical values are considered 16121 to be in the same topology. We consider each <key, value> 16122 as a "bucket", and try to put balanced number of pods into 16123 each bucket. It's a required field. 16124 type: string 16125 whenUnsatisfiable: 16126 description: 'WhenUnsatisfiable indicates how to deal with a 16127 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 16128 (default) tells the scheduler not to schedule it. - ScheduleAnyway 16129 tells the scheduler to schedule the pod in any location, but 16130 giving higher precedence to topologies that would help reduce 16131 the skew. A constraint is considered "Unsatisfiable" for 16132 an incoming pod if and only if every possible node assigment 16133 for that pod would violate "MaxSkew" on some topology. For 16134 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 16135 with the same labelSelector spread as 3/1/1: | zone1 | zone2 16136 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 16137 set to DoNotSchedule, incoming pod can only be scheduled to 16138 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 16139 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 16140 can still be imbalanced, but scheduler won''t make it *more* 16141 imbalanced. It''s a required field.' 16142 type: string 16143 required: 16144 - maxSkew 16145 - topologyKey 16146 - whenUnsatisfiable 16147 type: object 16148 type: array 16149 version: 16150 description: Version of Prometheus to be deployed. 16151 type: string 16152 volumeMounts: 16153 description: VolumeMounts allows configuration of additional VolumeMounts 16154 on the output StatefulSet definition. VolumeMounts specified will 16155 be appended to other VolumeMounts in the prometheus container, that 16156 are generated as a result of StorageSpec objects. 16157 items: 16158 description: VolumeMount describes a mounting of a Volume within 16159 a container. 16160 properties: 16161 mountPath: 16162 description: Path within the container at which the volume should 16163 be mounted. Must not contain ':'. 16164 type: string 16165 mountPropagation: 16166 description: mountPropagation determines how mounts are propagated 16167 from the host to container and the other way around. When 16168 not set, MountPropagationNone is used. This field is beta 16169 in 1.10. 16170 type: string 16171 name: 16172 description: This must match the Name of a Volume. 16173 type: string 16174 readOnly: 16175 description: Mounted read-only if true, read-write otherwise 16176 (false or unspecified). Defaults to false. 16177 type: boolean 16178 subPath: 16179 description: Path within the volume from which the container's 16180 volume should be mounted. Defaults to "" (volume's root). 16181 type: string 16182 subPathExpr: 16183 description: Expanded path within the volume from which the 16184 container's volume should be mounted. Behaves similarly to 16185 SubPath but environment variable references $(VAR_NAME) are 16186 expanded using the container's environment. Defaults to "" 16187 (volume's root). SubPathExpr and SubPath are mutually exclusive. 16188 type: string 16189 required: 16190 - mountPath 16191 - name 16192 type: object 16193 type: array 16194 volumes: 16195 description: Volumes allows configuration of additional volumes on 16196 the output StatefulSet definition. Volumes specified will be appended 16197 to other volumes that are generated as a result of StorageSpec objects. 16198 items: 16199 description: Volume represents a named volume in a pod that may 16200 be accessed by any container in the pod. 16201 properties: 16202 awsElasticBlockStore: 16203 description: 'AWSElasticBlockStore represents an AWS Disk resource 16204 that is attached to a kubelet''s host machine and then exposed 16205 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16206 properties: 16207 fsType: 16208 description: 'Filesystem type of the volume that you want 16209 to mount. Tip: Ensure that the filesystem type is supported 16210 by the host operating system. Examples: "ext4", "xfs", 16211 "ntfs". Implicitly inferred to be "ext4" if unspecified. 16212 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 16213 TODO: how do we prevent errors in the filesystem from 16214 compromising the machine' 16215 type: string 16216 partition: 16217 description: 'The partition in the volume that you want 16218 to mount. If omitted, the default is to mount by volume 16219 name. Examples: For volume /dev/sda1, you specify the 16220 partition as "1". Similarly, the volume partition for 16221 /dev/sda is "0" (or you can leave the property empty).' 16222 format: int32 16223 type: integer 16224 readOnly: 16225 description: 'Specify "true" to force and set the ReadOnly 16226 property in VolumeMounts to "true". If omitted, the default 16227 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16228 type: boolean 16229 volumeID: 16230 description: 'Unique ID of the persistent disk resource 16231 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 16232 type: string 16233 required: 16234 - volumeID 16235 type: object 16236 azureDisk: 16237 description: AzureDisk represents an Azure Data Disk mount on 16238 the host and bind mount to the pod. 16239 properties: 16240 cachingMode: 16241 description: 'Host Caching mode: None, Read Only, Read Write.' 16242 type: string 16243 diskName: 16244 description: The Name of the data disk in the blob storage 16245 type: string 16246 diskURI: 16247 description: The URI the data disk in the blob storage 16248 type: string 16249 fsType: 16250 description: Filesystem type to mount. Must be a filesystem 16251 type supported by the host operating system. Ex. "ext4", 16252 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 16253 type: string 16254 kind: 16255 description: 'Expected values Shared: multiple blob disks 16256 per storage account Dedicated: single blob disk per storage 16257 account Managed: azure managed data disk (only in managed 16258 availability set). defaults to shared' 16259 type: string 16260 readOnly: 16261 description: Defaults to false (read/write). ReadOnly here 16262 will force the ReadOnly setting in VolumeMounts. 16263 type: boolean 16264 required: 16265 - diskName 16266 - diskURI 16267 type: object 16268 azureFile: 16269 description: AzureFile represents an Azure File Service mount 16270 on the host and bind mount to the pod. 16271 properties: 16272 readOnly: 16273 description: Defaults to false (read/write). ReadOnly here 16274 will force the ReadOnly setting in VolumeMounts. 16275 type: boolean 16276 secretName: 16277 description: the name of secret that contains Azure Storage 16278 Account Name and Key 16279 type: string 16280 shareName: 16281 description: Share Name 16282 type: string 16283 required: 16284 - secretName 16285 - shareName 16286 type: object 16287 cephfs: 16288 description: CephFS represents a Ceph FS mount on the host that 16289 shares a pod's lifetime 16290 properties: 16291 monitors: 16292 description: 'Required: Monitors is a collection of Ceph 16293 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16294 items: 16295 type: string 16296 type: array 16297 path: 16298 description: 'Optional: Used as the mounted root, rather 16299 than the full Ceph tree, default is /' 16300 type: string 16301 readOnly: 16302 description: 'Optional: Defaults to false (read/write). 16303 ReadOnly here will force the ReadOnly setting in VolumeMounts. 16304 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16305 type: boolean 16306 secretFile: 16307 description: 'Optional: SecretFile is the path to key ring 16308 for User, default is /etc/ceph/user.secret More info: 16309 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16310 type: string 16311 secretRef: 16312 description: 'Optional: SecretRef is reference to the authentication 16313 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16314 properties: 16315 name: 16316 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16317 TODO: Add other useful fields. apiVersion, kind, uid?' 16318 type: string 16319 type: object 16320 user: 16321 description: 'Optional: User is the rados user name, default 16322 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 16323 type: string 16324 required: 16325 - monitors 16326 type: object 16327 cinder: 16328 description: 'Cinder represents a cinder volume attached and 16329 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16330 properties: 16331 fsType: 16332 description: 'Filesystem type to mount. Must be a filesystem 16333 type supported by the host operating system. Examples: 16334 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 16335 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16336 type: string 16337 readOnly: 16338 description: 'Optional: Defaults to false (read/write). 16339 ReadOnly here will force the ReadOnly setting in VolumeMounts. 16340 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16341 type: boolean 16342 secretRef: 16343 description: 'Optional: points to a secret object containing 16344 parameters used to connect to OpenStack.' 16345 properties: 16346 name: 16347 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16348 TODO: Add other useful fields. apiVersion, kind, uid?' 16349 type: string 16350 type: object 16351 volumeID: 16352 description: 'volume id used to identify the volume in cinder. 16353 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 16354 type: string 16355 required: 16356 - volumeID 16357 type: object 16358 configMap: 16359 description: ConfigMap represents a configMap that should populate 16360 this volume 16361 properties: 16362 defaultMode: 16363 description: 'Optional: mode bits used to set permissions 16364 on created files by default. Must be an octal value between 16365 0000 and 0777 or a decimal value between 0 and 511. YAML 16366 accepts both octal and decimal values, JSON requires decimal 16367 values for mode bits. Defaults to 0644. Directories within 16368 the path are not affected by this setting. This might 16369 be in conflict with other options that affect the file 16370 mode, like fsGroup, and the result can be other mode bits 16371 set.' 16372 format: int32 16373 type: integer 16374 items: 16375 description: If unspecified, each key-value pair in the 16376 Data field of the referenced ConfigMap will be projected 16377 into the volume as a file whose name is the key and content 16378 is the value. If specified, the listed keys will be projected 16379 into the specified paths, and unlisted keys will not be 16380 present. If a key is specified which is not present in 16381 the ConfigMap, the volume setup will error unless it is 16382 marked optional. Paths must be relative and may not contain 16383 the '..' path or start with '..'. 16384 items: 16385 description: Maps a string key to a path within a volume. 16386 properties: 16387 key: 16388 description: The key to project. 16389 type: string 16390 mode: 16391 description: 'Optional: mode bits used to set permissions 16392 on this file. Must be an octal value between 0000 16393 and 0777 or a decimal value between 0 and 511. YAML 16394 accepts both octal and decimal values, JSON requires 16395 decimal values for mode bits. If not specified, 16396 the volume defaultMode will be used. This might 16397 be in conflict with other options that affect the 16398 file mode, like fsGroup, and the result can be other 16399 mode bits set.' 16400 format: int32 16401 type: integer 16402 path: 16403 description: The relative path of the file to map 16404 the key to. May not be an absolute path. May not 16405 contain the path element '..'. May not start with 16406 the string '..'. 16407 type: string 16408 required: 16409 - key 16410 - path 16411 type: object 16412 type: array 16413 name: 16414 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16415 TODO: Add other useful fields. apiVersion, kind, uid?' 16416 type: string 16417 optional: 16418 description: Specify whether the ConfigMap or its keys must 16419 be defined 16420 type: boolean 16421 type: object 16422 csi: 16423 description: CSI (Container Storage Interface) represents ephemeral 16424 storage that is handled by certain external CSI drivers (Beta 16425 feature). 16426 properties: 16427 driver: 16428 description: Driver is the name of the CSI driver that handles 16429 this volume. Consult with your admin for the correct name 16430 as registered in the cluster. 16431 type: string 16432 fsType: 16433 description: Filesystem type to mount. Ex. "ext4", "xfs", 16434 "ntfs". If not provided, the empty value is passed to 16435 the associated CSI driver which will determine the default 16436 filesystem to apply. 16437 type: string 16438 nodePublishSecretRef: 16439 description: NodePublishSecretRef is a reference to the 16440 secret object containing sensitive information to pass 16441 to the CSI driver to complete the CSI NodePublishVolume 16442 and NodeUnpublishVolume calls. This field is optional, 16443 and may be empty if no secret is required. If the secret 16444 object contains more than one secret, all secret references 16445 are passed. 16446 properties: 16447 name: 16448 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16449 TODO: Add other useful fields. apiVersion, kind, uid?' 16450 type: string 16451 type: object 16452 readOnly: 16453 description: Specifies a read-only configuration for the 16454 volume. Defaults to false (read/write). 16455 type: boolean 16456 volumeAttributes: 16457 additionalProperties: 16458 type: string 16459 description: VolumeAttributes stores driver-specific properties 16460 that are passed to the CSI driver. Consult your driver's 16461 documentation for supported values. 16462 type: object 16463 required: 16464 - driver 16465 type: object 16466 downwardAPI: 16467 description: DownwardAPI represents downward API about the pod 16468 that should populate this volume 16469 properties: 16470 defaultMode: 16471 description: 'Optional: mode bits to use on created files 16472 by default. Must be a Optional: mode bits used to set 16473 permissions on created files by default. Must be an octal 16474 value between 0000 and 0777 or a decimal value between 16475 0 and 511. YAML accepts both octal and decimal values, 16476 JSON requires decimal values for mode bits. Defaults to 16477 0644. Directories within the path are not affected by 16478 this setting. This might be in conflict with other options 16479 that affect the file mode, like fsGroup, and the result 16480 can be other mode bits set.' 16481 format: int32 16482 type: integer 16483 items: 16484 description: Items is a list of downward API volume file 16485 items: 16486 description: DownwardAPIVolumeFile represents information 16487 to create the file containing the pod field 16488 properties: 16489 fieldRef: 16490 description: 'Required: Selects a field of the pod: 16491 only annotations, labels, name and namespace are 16492 supported.' 16493 properties: 16494 apiVersion: 16495 description: Version of the schema the FieldPath 16496 is written in terms of, defaults to "v1". 16497 type: string 16498 fieldPath: 16499 description: Path of the field to select in the 16500 specified API version. 16501 type: string 16502 required: 16503 - fieldPath 16504 type: object 16505 mode: 16506 description: 'Optional: mode bits used to set permissions 16507 on this file, must be an octal value between 0000 16508 and 0777 or a decimal value between 0 and 511. YAML 16509 accepts both octal and decimal values, JSON requires 16510 decimal values for mode bits. If not specified, 16511 the volume defaultMode will be used. This might 16512 be in conflict with other options that affect the 16513 file mode, like fsGroup, and the result can be other 16514 mode bits set.' 16515 format: int32 16516 type: integer 16517 path: 16518 description: 'Required: Path is the relative path 16519 name of the file to be created. Must not be absolute 16520 or contain the ''..'' path. Must be utf-8 encoded. 16521 The first item of the relative path must not start 16522 with ''..''' 16523 type: string 16524 resourceFieldRef: 16525 description: 'Selects a resource of the container: 16526 only resources limits and requests (limits.cpu, 16527 limits.memory, requests.cpu and requests.memory) 16528 are currently supported.' 16529 properties: 16530 containerName: 16531 description: 'Container name: required for volumes, 16532 optional for env vars' 16533 type: string 16534 divisor: 16535 anyOf: 16536 - type: integer 16537 - type: string 16538 description: Specifies the output format of the 16539 exposed resources, defaults to "1" 16540 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16541 x-kubernetes-int-or-string: true 16542 resource: 16543 description: 'Required: resource to select' 16544 type: string 16545 required: 16546 - resource 16547 type: object 16548 required: 16549 - path 16550 type: object 16551 type: array 16552 type: object 16553 emptyDir: 16554 description: 'EmptyDir represents a temporary directory that 16555 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 16556 properties: 16557 medium: 16558 description: 'What type of storage medium should back this 16559 directory. The default is "" which means to use the node''s 16560 default medium. Must be an empty string (default) or Memory. 16561 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 16562 type: string 16563 sizeLimit: 16564 anyOf: 16565 - type: integer 16566 - type: string 16567 description: 'Total amount of local storage required for 16568 this EmptyDir volume. The size limit is also applicable 16569 for memory medium. The maximum usage on memory medium 16570 EmptyDir would be the minimum value between the SizeLimit 16571 specified here and the sum of memory limits of all containers 16572 in a pod. The default is nil which means that the limit 16573 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 16574 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16575 x-kubernetes-int-or-string: true 16576 type: object 16577 ephemeral: 16578 description: "Ephemeral represents a volume that is handled 16579 by a cluster storage driver. The volume's lifecycle is tied 16580 to the pod that defines it - it will be created before the 16581 pod starts, and deleted when the pod is removed. \n Use this 16582 if: a) the volume is only needed while the pod runs, b) features 16583 of normal volumes like restoring from snapshot or capacity 16584 \ tracking are needed, c) the storage driver is specified 16585 through a storage class, and d) the storage driver supports 16586 dynamic volume provisioning through a PersistentVolumeClaim 16587 (see EphemeralVolumeSource for more information on the 16588 connection between this volume type and PersistentVolumeClaim). 16589 \n Use PersistentVolumeClaim or one of the vendor-specific 16590 APIs for volumes that persist for longer than the lifecycle 16591 of an individual pod. \n Use CSI for light-weight local ephemeral 16592 volumes if the CSI driver is meant to be used that way - see 16593 the documentation of the driver for more information. \n A 16594 pod can use both types of ephemeral volumes and persistent 16595 volumes at the same time. \n This is a beta feature and only 16596 available when the GenericEphemeralVolume feature gate is 16597 enabled." 16598 properties: 16599 volumeClaimTemplate: 16600 description: "Will be used to create a stand-alone PVC to 16601 provision the volume. The pod in which this EphemeralVolumeSource 16602 is embedded will be the owner of the PVC, i.e. the PVC 16603 will be deleted together with the pod. The name of the 16604 PVC will be `<pod name>-<volume name>` where `<volume 16605 name>` is the name from the `PodSpec.Volumes` array entry. 16606 Pod validation will reject the pod if the concatenated 16607 name is not valid for a PVC (for example, too long). \n 16608 An existing PVC with that name that is not owned by the 16609 pod will *not* be used for the pod to avoid using an unrelated 16610 volume by mistake. Starting the pod is then blocked until 16611 the unrelated PVC is removed. If such a pre-created PVC 16612 is meant to be used by the pod, the PVC has to updated 16613 with an owner reference to the pod once the pod exists. 16614 Normally this should not be necessary, but it may be useful 16615 when manually reconstructing a broken cluster. \n This 16616 field is read-only and no changes will be made by Kubernetes 16617 to the PVC after it has been created. \n Required, must 16618 not be nil." 16619 properties: 16620 metadata: 16621 description: May contain labels and annotations that 16622 will be copied into the PVC when creating it. No other 16623 fields are allowed and will be rejected during validation. 16624 type: object 16625 spec: 16626 description: The specification for the PersistentVolumeClaim. 16627 The entire content is copied unchanged into the PVC 16628 that gets created from this template. The same fields 16629 as in a PersistentVolumeClaim are also valid here. 16630 properties: 16631 accessModes: 16632 description: 'AccessModes contains the desired access 16633 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 16634 items: 16635 type: string 16636 type: array 16637 dataSource: 16638 description: 'This field can be used to specify 16639 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 16640 * An existing PVC (PersistentVolumeClaim) If the 16641 provisioner or an external controller can support 16642 the specified data source, it will create a new 16643 volume based on the contents of the specified 16644 data source. If the AnyVolumeDataSource feature 16645 gate is enabled, this field will always have the 16646 same contents as the DataSourceRef field.' 16647 properties: 16648 apiGroup: 16649 description: APIGroup is the group for the resource 16650 being referenced. If APIGroup is not specified, 16651 the specified Kind must be in the core API 16652 group. For any other third-party types, APIGroup 16653 is required. 16654 type: string 16655 kind: 16656 description: Kind is the type of resource being 16657 referenced 16658 type: string 16659 name: 16660 description: Name is the name of resource being 16661 referenced 16662 type: string 16663 required: 16664 - kind 16665 - name 16666 type: object 16667 dataSourceRef: 16668 description: 'Specifies the object from which to 16669 populate the volume with data, if a non-empty 16670 volume is desired. This may be any local object 16671 from a non-empty API group (non core object) or 16672 a PersistentVolumeClaim object. When this field 16673 is specified, volume binding will only succeed 16674 if the type of the specified object matches some 16675 installed volume populator or dynamic provisioner. 16676 This field will replace the functionality of the 16677 DataSource field and as such if both fields are 16678 non-empty, they must have the same value. For 16679 backwards compatibility, both fields (DataSource 16680 and DataSourceRef) will be set to the same value 16681 automatically if one of them is empty and the 16682 other is non-empty. There are two important differences 16683 between DataSource and DataSourceRef: * While 16684 DataSource only allows two specific types of objects, 16685 DataSourceRef allows any non-core object, as 16686 well as PersistentVolumeClaim objects. * While 16687 DataSource ignores disallowed values (dropping 16688 them), DataSourceRef preserves all values, and 16689 generates an error if a disallowed value is specified. 16690 (Alpha) Using this field requires the AnyVolumeDataSource 16691 feature gate to be enabled.' 16692 properties: 16693 apiGroup: 16694 description: APIGroup is the group for the resource 16695 being referenced. If APIGroup is not specified, 16696 the specified Kind must be in the core API 16697 group. For any other third-party types, APIGroup 16698 is required. 16699 type: string 16700 kind: 16701 description: Kind is the type of resource being 16702 referenced 16703 type: string 16704 name: 16705 description: Name is the name of resource being 16706 referenced 16707 type: string 16708 required: 16709 - kind 16710 - name 16711 type: object 16712 resources: 16713 description: 'Resources represents the minimum resources 16714 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 16715 properties: 16716 limits: 16717 additionalProperties: 16718 anyOf: 16719 - type: integer 16720 - type: string 16721 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16722 x-kubernetes-int-or-string: true 16723 description: 'Limits describes the maximum amount 16724 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16725 type: object 16726 requests: 16727 additionalProperties: 16728 anyOf: 16729 - type: integer 16730 - type: string 16731 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 16732 x-kubernetes-int-or-string: true 16733 description: 'Requests describes the minimum 16734 amount of compute resources required. If Requests 16735 is omitted for a container, it defaults to 16736 Limits if that is explicitly specified, otherwise 16737 to an implementation-defined value. More info: 16738 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 16739 type: object 16740 type: object 16741 selector: 16742 description: A label query over volumes to consider 16743 for binding. 16744 properties: 16745 matchExpressions: 16746 description: matchExpressions is a list of label 16747 selector requirements. The requirements are 16748 ANDed. 16749 items: 16750 description: A label selector requirement 16751 is a selector that contains values, a key, 16752 and an operator that relates the key and 16753 values. 16754 properties: 16755 key: 16756 description: key is the label key that 16757 the selector applies to. 16758 type: string 16759 operator: 16760 description: operator represents a key's 16761 relationship to a set of values. Valid 16762 operators are In, NotIn, Exists and 16763 DoesNotExist. 16764 type: string 16765 values: 16766 description: values is an array of string 16767 values. If the operator is In or NotIn, 16768 the values array must be non-empty. 16769 If the operator is Exists or DoesNotExist, 16770 the values array must be empty. This 16771 array is replaced during a strategic 16772 merge patch. 16773 items: 16774 type: string 16775 type: array 16776 required: 16777 - key 16778 - operator 16779 type: object 16780 type: array 16781 matchLabels: 16782 additionalProperties: 16783 type: string 16784 description: matchLabels is a map of {key,value} 16785 pairs. A single {key,value} in the matchLabels 16786 map is equivalent to an element of matchExpressions, 16787 whose key field is "key", the operator is 16788 "In", and the values array contains only "value". 16789 The requirements are ANDed. 16790 type: object 16791 type: object 16792 storageClassName: 16793 description: 'Name of the StorageClass required 16794 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 16795 type: string 16796 volumeMode: 16797 description: volumeMode defines what type of volume 16798 is required by the claim. Value of Filesystem 16799 is implied when not included in claim spec. 16800 type: string 16801 volumeName: 16802 description: VolumeName is the binding reference 16803 to the PersistentVolume backing this claim. 16804 type: string 16805 type: object 16806 required: 16807 - spec 16808 type: object 16809 type: object 16810 fc: 16811 description: FC represents a Fibre Channel resource that is 16812 attached to a kubelet's host machine and then exposed to the 16813 pod. 16814 properties: 16815 fsType: 16816 description: 'Filesystem type to mount. Must be a filesystem 16817 type supported by the host operating system. Ex. "ext4", 16818 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 16819 TODO: how do we prevent errors in the filesystem from 16820 compromising the machine' 16821 type: string 16822 lun: 16823 description: 'Optional: FC target lun number' 16824 format: int32 16825 type: integer 16826 readOnly: 16827 description: 'Optional: Defaults to false (read/write). 16828 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 16829 type: boolean 16830 targetWWNs: 16831 description: 'Optional: FC target worldwide names (WWNs)' 16832 items: 16833 type: string 16834 type: array 16835 wwids: 16836 description: 'Optional: FC volume world wide identifiers 16837 (wwids) Either wwids or combination of targetWWNs and 16838 lun must be set, but not both simultaneously.' 16839 items: 16840 type: string 16841 type: array 16842 type: object 16843 flexVolume: 16844 description: FlexVolume represents a generic volume resource 16845 that is provisioned/attached using an exec based plugin. 16846 properties: 16847 driver: 16848 description: Driver is the name of the driver to use for 16849 this volume. 16850 type: string 16851 fsType: 16852 description: Filesystem type to mount. Must be a filesystem 16853 type supported by the host operating system. Ex. "ext4", 16854 "xfs", "ntfs". The default filesystem depends on FlexVolume 16855 script. 16856 type: string 16857 options: 16858 additionalProperties: 16859 type: string 16860 description: 'Optional: Extra command options if any.' 16861 type: object 16862 readOnly: 16863 description: 'Optional: Defaults to false (read/write). 16864 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 16865 type: boolean 16866 secretRef: 16867 description: 'Optional: SecretRef is reference to the secret 16868 object containing sensitive information to pass to the 16869 plugin scripts. This may be empty if no secret object 16870 is specified. If the secret object contains more than 16871 one secret, all secrets are passed to the plugin scripts.' 16872 properties: 16873 name: 16874 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16875 TODO: Add other useful fields. apiVersion, kind, uid?' 16876 type: string 16877 type: object 16878 required: 16879 - driver 16880 type: object 16881 flocker: 16882 description: Flocker represents a Flocker volume attached to 16883 a kubelet's host machine. This depends on the Flocker control 16884 service being running 16885 properties: 16886 datasetName: 16887 description: Name of the dataset stored as metadata -> name 16888 on the dataset for Flocker should be considered as deprecated 16889 type: string 16890 datasetUUID: 16891 description: UUID of the dataset. This is unique identifier 16892 of a Flocker dataset 16893 type: string 16894 type: object 16895 gcePersistentDisk: 16896 description: 'GCEPersistentDisk represents a GCE Disk resource 16897 that is attached to a kubelet''s host machine and then exposed 16898 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 16899 properties: 16900 fsType: 16901 description: 'Filesystem type of the volume that you want 16902 to mount. Tip: Ensure that the filesystem type is supported 16903 by the host operating system. Examples: "ext4", "xfs", 16904 "ntfs". Implicitly inferred to be "ext4" if unspecified. 16905 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 16906 TODO: how do we prevent errors in the filesystem from 16907 compromising the machine' 16908 type: string 16909 partition: 16910 description: 'The partition in the volume that you want 16911 to mount. If omitted, the default is to mount by volume 16912 name. Examples: For volume /dev/sda1, you specify the 16913 partition as "1". Similarly, the volume partition for 16914 /dev/sda is "0" (or you can leave the property empty). 16915 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 16916 format: int32 16917 type: integer 16918 pdName: 16919 description: 'Unique name of the PD resource in GCE. Used 16920 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 16921 type: string 16922 readOnly: 16923 description: 'ReadOnly here will force the ReadOnly setting 16924 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 16925 type: boolean 16926 required: 16927 - pdName 16928 type: object 16929 gitRepo: 16930 description: 'GitRepo represents a git repository at a particular 16931 revision. DEPRECATED: GitRepo is deprecated. To provision 16932 a container with a git repo, mount an EmptyDir into an InitContainer 16933 that clones the repo using git, then mount the EmptyDir into 16934 the Pod''s container.' 16935 properties: 16936 directory: 16937 description: Target directory name. Must not contain or 16938 start with '..'. If '.' is supplied, the volume directory 16939 will be the git repository. Otherwise, if specified, 16940 the volume will contain the git repository in the subdirectory 16941 with the given name. 16942 type: string 16943 repository: 16944 description: Repository URL 16945 type: string 16946 revision: 16947 description: Commit hash for the specified revision. 16948 type: string 16949 required: 16950 - repository 16951 type: object 16952 glusterfs: 16953 description: 'Glusterfs represents a Glusterfs mount on the 16954 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 16955 properties: 16956 endpoints: 16957 description: 'EndpointsName is the endpoint name that details 16958 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 16959 type: string 16960 path: 16961 description: 'Path is the Glusterfs volume path. More info: 16962 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 16963 type: string 16964 readOnly: 16965 description: 'ReadOnly here will force the Glusterfs volume 16966 to be mounted with read-only permissions. Defaults to 16967 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 16968 type: boolean 16969 required: 16970 - endpoints 16971 - path 16972 type: object 16973 hostPath: 16974 description: 'HostPath represents a pre-existing file or directory 16975 on the host machine that is directly exposed to the container. 16976 This is generally used for system agents or other privileged 16977 things that are allowed to see the host machine. Most containers 16978 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 16979 --- TODO(jonesdl) We need to restrict who can use host directory 16980 mounts and who can/can not mount host directories as read/write.' 16981 properties: 16982 path: 16983 description: 'Path of the directory on the host. If the 16984 path is a symlink, it will follow the link to the real 16985 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 16986 type: string 16987 type: 16988 description: 'Type for HostPath Volume Defaults to "" More 16989 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 16990 type: string 16991 required: 16992 - path 16993 type: object 16994 iscsi: 16995 description: 'ISCSI represents an ISCSI Disk resource that is 16996 attached to a kubelet''s host machine and then exposed to 16997 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 16998 properties: 16999 chapAuthDiscovery: 17000 description: whether support iSCSI Discovery CHAP authentication 17001 type: boolean 17002 chapAuthSession: 17003 description: whether support iSCSI Session CHAP authentication 17004 type: boolean 17005 fsType: 17006 description: 'Filesystem type of the volume that you want 17007 to mount. Tip: Ensure that the filesystem type is supported 17008 by the host operating system. Examples: "ext4", "xfs", 17009 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17010 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 17011 TODO: how do we prevent errors in the filesystem from 17012 compromising the machine' 17013 type: string 17014 initiatorName: 17015 description: Custom iSCSI Initiator Name. If initiatorName 17016 is specified with iscsiInterface simultaneously, new iSCSI 17017 interface <target portal>:<volume name> will be created 17018 for the connection. 17019 type: string 17020 iqn: 17021 description: Target iSCSI Qualified Name. 17022 type: string 17023 iscsiInterface: 17024 description: iSCSI Interface Name that uses an iSCSI transport. 17025 Defaults to 'default' (tcp). 17026 type: string 17027 lun: 17028 description: iSCSI Target Lun number. 17029 format: int32 17030 type: integer 17031 portals: 17032 description: iSCSI Target Portal List. The portal is either 17033 an IP or ip_addr:port if the port is other than default 17034 (typically TCP ports 860 and 3260). 17035 items: 17036 type: string 17037 type: array 17038 readOnly: 17039 description: ReadOnly here will force the ReadOnly setting 17040 in VolumeMounts. Defaults to false. 17041 type: boolean 17042 secretRef: 17043 description: CHAP Secret for iSCSI target and initiator 17044 authentication 17045 properties: 17046 name: 17047 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17048 TODO: Add other useful fields. apiVersion, kind, uid?' 17049 type: string 17050 type: object 17051 targetPortal: 17052 description: iSCSI Target Portal. The Portal is either an 17053 IP or ip_addr:port if the port is other than default (typically 17054 TCP ports 860 and 3260). 17055 type: string 17056 required: 17057 - iqn 17058 - lun 17059 - targetPortal 17060 type: object 17061 name: 17062 description: 'Volume''s name. Must be a DNS_LABEL and unique 17063 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 17064 type: string 17065 nfs: 17066 description: 'NFS represents an NFS mount on the host that shares 17067 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17068 properties: 17069 path: 17070 description: 'Path that is exported by the NFS server. More 17071 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17072 type: string 17073 readOnly: 17074 description: 'ReadOnly here will force the NFS export to 17075 be mounted with read-only permissions. Defaults to false. 17076 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17077 type: boolean 17078 server: 17079 description: 'Server is the hostname or IP address of the 17080 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 17081 type: string 17082 required: 17083 - path 17084 - server 17085 type: object 17086 persistentVolumeClaim: 17087 description: 'PersistentVolumeClaimVolumeSource represents a 17088 reference to a PersistentVolumeClaim in the same namespace. 17089 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17090 properties: 17091 claimName: 17092 description: 'ClaimName is the name of a PersistentVolumeClaim 17093 in the same namespace as the pod using this volume. More 17094 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 17095 type: string 17096 readOnly: 17097 description: Will force the ReadOnly setting in VolumeMounts. 17098 Default false. 17099 type: boolean 17100 required: 17101 - claimName 17102 type: object 17103 photonPersistentDisk: 17104 description: PhotonPersistentDisk represents a PhotonController 17105 persistent disk attached and mounted on kubelets host machine 17106 properties: 17107 fsType: 17108 description: Filesystem type to mount. Must be a filesystem 17109 type supported by the host operating system. Ex. "ext4", 17110 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17111 type: string 17112 pdID: 17113 description: ID that identifies Photon Controller persistent 17114 disk 17115 type: string 17116 required: 17117 - pdID 17118 type: object 17119 portworxVolume: 17120 description: PortworxVolume represents a portworx volume attached 17121 and mounted on kubelets host machine 17122 properties: 17123 fsType: 17124 description: FSType represents the filesystem type to mount 17125 Must be a filesystem type supported by the host operating 17126 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 17127 if unspecified. 17128 type: string 17129 readOnly: 17130 description: Defaults to false (read/write). ReadOnly here 17131 will force the ReadOnly setting in VolumeMounts. 17132 type: boolean 17133 volumeID: 17134 description: VolumeID uniquely identifies a Portworx volume 17135 type: string 17136 required: 17137 - volumeID 17138 type: object 17139 projected: 17140 description: Items for all in one resources secrets, configmaps, 17141 and downward API 17142 properties: 17143 defaultMode: 17144 description: Mode bits used to set permissions on created 17145 files by default. Must be an octal value between 0000 17146 and 0777 or a decimal value between 0 and 511. YAML accepts 17147 both octal and decimal values, JSON requires decimal values 17148 for mode bits. Directories within the path are not affected 17149 by this setting. This might be in conflict with other 17150 options that affect the file mode, like fsGroup, and the 17151 result can be other mode bits set. 17152 format: int32 17153 type: integer 17154 sources: 17155 description: list of volume projections 17156 items: 17157 description: Projection that may be projected along with 17158 other supported volume types 17159 properties: 17160 configMap: 17161 description: information about the configMap data 17162 to project 17163 properties: 17164 items: 17165 description: If unspecified, each key-value pair 17166 in the Data field of the referenced ConfigMap 17167 will be projected into the volume as a file 17168 whose name is the key and content is the value. 17169 If specified, the listed keys will be projected 17170 into the specified paths, and unlisted keys 17171 will not be present. If a key is specified which 17172 is not present in the ConfigMap, the volume 17173 setup will error unless it is marked optional. 17174 Paths must be relative and may not contain the 17175 '..' path or start with '..'. 17176 items: 17177 description: Maps a string key to a path within 17178 a volume. 17179 properties: 17180 key: 17181 description: The key to project. 17182 type: string 17183 mode: 17184 description: 'Optional: mode bits used to 17185 set permissions on this file. Must be 17186 an octal value between 0000 and 0777 or 17187 a decimal value between 0 and 511. YAML 17188 accepts both octal and decimal values, 17189 JSON requires decimal values for mode 17190 bits. If not specified, the volume defaultMode 17191 will be used. This might be in conflict 17192 with other options that affect the file 17193 mode, like fsGroup, and the result can 17194 be other mode bits set.' 17195 format: int32 17196 type: integer 17197 path: 17198 description: The relative path of the file 17199 to map the key to. May not be an absolute 17200 path. May not contain the path element 17201 '..'. May not start with the string '..'. 17202 type: string 17203 required: 17204 - key 17205 - path 17206 type: object 17207 type: array 17208 name: 17209 description: 'Name of the referent. More info: 17210 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17211 TODO: Add other useful fields. apiVersion, kind, 17212 uid?' 17213 type: string 17214 optional: 17215 description: Specify whether the ConfigMap or 17216 its keys must be defined 17217 type: boolean 17218 type: object 17219 downwardAPI: 17220 description: information about the downwardAPI data 17221 to project 17222 properties: 17223 items: 17224 description: Items is a list of DownwardAPIVolume 17225 file 17226 items: 17227 description: DownwardAPIVolumeFile represents 17228 information to create the file containing 17229 the pod field 17230 properties: 17231 fieldRef: 17232 description: 'Required: Selects a field 17233 of the pod: only annotations, labels, 17234 name and namespace are supported.' 17235 properties: 17236 apiVersion: 17237 description: Version of the schema the 17238 FieldPath is written in terms of, 17239 defaults to "v1". 17240 type: string 17241 fieldPath: 17242 description: Path of the field to select 17243 in the specified API version. 17244 type: string 17245 required: 17246 - fieldPath 17247 type: object 17248 mode: 17249 description: 'Optional: mode bits used to 17250 set permissions on this file, must be 17251 an octal value between 0000 and 0777 or 17252 a decimal value between 0 and 511. YAML 17253 accepts both octal and decimal values, 17254 JSON requires decimal values for mode 17255 bits. If not specified, the volume defaultMode 17256 will be used. This might be in conflict 17257 with other options that affect the file 17258 mode, like fsGroup, and the result can 17259 be other mode bits set.' 17260 format: int32 17261 type: integer 17262 path: 17263 description: 'Required: Path is the relative 17264 path name of the file to be created. Must 17265 not be absolute or contain the ''..'' 17266 path. Must be utf-8 encoded. The first 17267 item of the relative path must not start 17268 with ''..''' 17269 type: string 17270 resourceFieldRef: 17271 description: 'Selects a resource of the 17272 container: only resources limits and requests 17273 (limits.cpu, limits.memory, requests.cpu 17274 and requests.memory) are currently supported.' 17275 properties: 17276 containerName: 17277 description: 'Container name: required 17278 for volumes, optional for env vars' 17279 type: string 17280 divisor: 17281 anyOf: 17282 - type: integer 17283 - type: string 17284 description: Specifies the output format 17285 of the exposed resources, defaults 17286 to "1" 17287 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 17288 x-kubernetes-int-or-string: true 17289 resource: 17290 description: 'Required: resource to 17291 select' 17292 type: string 17293 required: 17294 - resource 17295 type: object 17296 required: 17297 - path 17298 type: object 17299 type: array 17300 type: object 17301 secret: 17302 description: information about the secret data to 17303 project 17304 properties: 17305 items: 17306 description: If unspecified, each key-value pair 17307 in the Data field of the referenced Secret will 17308 be projected into the volume as a file whose 17309 name is the key and content is the value. If 17310 specified, the listed keys will be projected 17311 into the specified paths, and unlisted keys 17312 will not be present. If a key is specified which 17313 is not present in the Secret, the volume setup 17314 will error unless it is marked optional. Paths 17315 must be relative and may not contain the '..' 17316 path or start with '..'. 17317 items: 17318 description: Maps a string key to a path within 17319 a volume. 17320 properties: 17321 key: 17322 description: The key to project. 17323 type: string 17324 mode: 17325 description: 'Optional: mode bits used to 17326 set permissions on this file. Must be 17327 an octal value between 0000 and 0777 or 17328 a decimal value between 0 and 511. YAML 17329 accepts both octal and decimal values, 17330 JSON requires decimal values for mode 17331 bits. If not specified, the volume defaultMode 17332 will be used. This might be in conflict 17333 with other options that affect the file 17334 mode, like fsGroup, and the result can 17335 be other mode bits set.' 17336 format: int32 17337 type: integer 17338 path: 17339 description: The relative path of the file 17340 to map the key to. May not be an absolute 17341 path. May not contain the path element 17342 '..'. May not start with the string '..'. 17343 type: string 17344 required: 17345 - key 17346 - path 17347 type: object 17348 type: array 17349 name: 17350 description: 'Name of the referent. More info: 17351 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17352 TODO: Add other useful fields. apiVersion, kind, 17353 uid?' 17354 type: string 17355 optional: 17356 description: Specify whether the Secret or its 17357 key must be defined 17358 type: boolean 17359 type: object 17360 serviceAccountToken: 17361 description: information about the serviceAccountToken 17362 data to project 17363 properties: 17364 audience: 17365 description: Audience is the intended audience 17366 of the token. A recipient of a token must identify 17367 itself with an identifier specified in the audience 17368 of the token, and otherwise should reject the 17369 token. The audience defaults to the identifier 17370 of the apiserver. 17371 type: string 17372 expirationSeconds: 17373 description: ExpirationSeconds is the requested 17374 duration of validity of the service account 17375 token. As the token approaches expiration, the 17376 kubelet volume plugin will proactively rotate 17377 the service account token. The kubelet will 17378 start trying to rotate the token if the token 17379 is older than 80 percent of its time to live 17380 or if the token is older than 24 hours.Defaults 17381 to 1 hour and must be at least 10 minutes. 17382 format: int64 17383 type: integer 17384 path: 17385 description: Path is the path relative to the 17386 mount point of the file to project the token 17387 into. 17388 type: string 17389 required: 17390 - path 17391 type: object 17392 type: object 17393 type: array 17394 type: object 17395 quobyte: 17396 description: Quobyte represents a Quobyte mount on the host 17397 that shares a pod's lifetime 17398 properties: 17399 group: 17400 description: Group to map volume access to Default is no 17401 group 17402 type: string 17403 readOnly: 17404 description: ReadOnly here will force the Quobyte volume 17405 to be mounted with read-only permissions. Defaults to 17406 false. 17407 type: boolean 17408 registry: 17409 description: Registry represents a single or multiple Quobyte 17410 Registry services specified as a string as host:port pair 17411 (multiple entries are separated with commas) which acts 17412 as the central registry for volumes 17413 type: string 17414 tenant: 17415 description: Tenant owning the given Quobyte volume in the 17416 Backend Used with dynamically provisioned Quobyte volumes, 17417 value is set by the plugin 17418 type: string 17419 user: 17420 description: User to map volume access to Defaults to serivceaccount 17421 user 17422 type: string 17423 volume: 17424 description: Volume is a string that references an already 17425 created Quobyte volume by name. 17426 type: string 17427 required: 17428 - registry 17429 - volume 17430 type: object 17431 rbd: 17432 description: 'RBD represents a Rados Block Device mount on the 17433 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 17434 properties: 17435 fsType: 17436 description: 'Filesystem type of the volume that you want 17437 to mount. Tip: Ensure that the filesystem type is supported 17438 by the host operating system. Examples: "ext4", "xfs", 17439 "ntfs". Implicitly inferred to be "ext4" if unspecified. 17440 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 17441 TODO: how do we prevent errors in the filesystem from 17442 compromising the machine' 17443 type: string 17444 image: 17445 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17446 type: string 17447 keyring: 17448 description: 'Keyring is the path to key ring for RBDUser. 17449 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17450 type: string 17451 monitors: 17452 description: 'A collection of Ceph monitors. More info: 17453 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17454 items: 17455 type: string 17456 type: array 17457 pool: 17458 description: 'The rados pool name. Default is rbd. More 17459 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17460 type: string 17461 readOnly: 17462 description: 'ReadOnly here will force the ReadOnly setting 17463 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17464 type: boolean 17465 secretRef: 17466 description: 'SecretRef is name of the authentication secret 17467 for RBDUser. If provided overrides keyring. Default is 17468 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17469 properties: 17470 name: 17471 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17472 TODO: Add other useful fields. apiVersion, kind, uid?' 17473 type: string 17474 type: object 17475 user: 17476 description: 'The rados user name. Default is admin. More 17477 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 17478 type: string 17479 required: 17480 - image 17481 - monitors 17482 type: object 17483 scaleIO: 17484 description: ScaleIO represents a ScaleIO persistent volume 17485 attached and mounted on Kubernetes nodes. 17486 properties: 17487 fsType: 17488 description: Filesystem type to mount. Must be a filesystem 17489 type supported by the host operating system. Ex. "ext4", 17490 "xfs", "ntfs". Default is "xfs". 17491 type: string 17492 gateway: 17493 description: The host address of the ScaleIO API Gateway. 17494 type: string 17495 protectionDomain: 17496 description: The name of the ScaleIO Protection Domain for 17497 the configured storage. 17498 type: string 17499 readOnly: 17500 description: Defaults to false (read/write). ReadOnly here 17501 will force the ReadOnly setting in VolumeMounts. 17502 type: boolean 17503 secretRef: 17504 description: SecretRef references to the secret for ScaleIO 17505 user and other sensitive information. If this is not provided, 17506 Login operation will fail. 17507 properties: 17508 name: 17509 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17510 TODO: Add other useful fields. apiVersion, kind, uid?' 17511 type: string 17512 type: object 17513 sslEnabled: 17514 description: Flag to enable/disable SSL communication with 17515 Gateway, default false 17516 type: boolean 17517 storageMode: 17518 description: Indicates whether the storage for a volume 17519 should be ThickProvisioned or ThinProvisioned. Default 17520 is ThinProvisioned. 17521 type: string 17522 storagePool: 17523 description: The ScaleIO Storage Pool associated with the 17524 protection domain. 17525 type: string 17526 system: 17527 description: The name of the storage system as configured 17528 in ScaleIO. 17529 type: string 17530 volumeName: 17531 description: The name of a volume already created in the 17532 ScaleIO system that is associated with this volume source. 17533 type: string 17534 required: 17535 - gateway 17536 - secretRef 17537 - system 17538 type: object 17539 secret: 17540 description: 'Secret represents a secret that should populate 17541 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 17542 properties: 17543 defaultMode: 17544 description: 'Optional: mode bits used to set permissions 17545 on created files by default. Must be an octal value between 17546 0000 and 0777 or a decimal value between 0 and 511. YAML 17547 accepts both octal and decimal values, JSON requires decimal 17548 values for mode bits. Defaults to 0644. Directories within 17549 the path are not affected by this setting. This might 17550 be in conflict with other options that affect the file 17551 mode, like fsGroup, and the result can be other mode bits 17552 set.' 17553 format: int32 17554 type: integer 17555 items: 17556 description: If unspecified, each key-value pair in the 17557 Data field of the referenced Secret will be projected 17558 into the volume as a file whose name is the key and content 17559 is the value. If specified, the listed keys will be projected 17560 into the specified paths, and unlisted keys will not be 17561 present. If a key is specified which is not present in 17562 the Secret, the volume setup will error unless it is marked 17563 optional. Paths must be relative and may not contain the 17564 '..' path or start with '..'. 17565 items: 17566 description: Maps a string key to a path within a volume. 17567 properties: 17568 key: 17569 description: The key to project. 17570 type: string 17571 mode: 17572 description: 'Optional: mode bits used to set permissions 17573 on this file. Must be an octal value between 0000 17574 and 0777 or a decimal value between 0 and 511. YAML 17575 accepts both octal and decimal values, JSON requires 17576 decimal values for mode bits. If not specified, 17577 the volume defaultMode will be used. This might 17578 be in conflict with other options that affect the 17579 file mode, like fsGroup, and the result can be other 17580 mode bits set.' 17581 format: int32 17582 type: integer 17583 path: 17584 description: The relative path of the file to map 17585 the key to. May not be an absolute path. May not 17586 contain the path element '..'. May not start with 17587 the string '..'. 17588 type: string 17589 required: 17590 - key 17591 - path 17592 type: object 17593 type: array 17594 optional: 17595 description: Specify whether the Secret or its keys must 17596 be defined 17597 type: boolean 17598 secretName: 17599 description: 'Name of the secret in the pod''s namespace 17600 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 17601 type: string 17602 type: object 17603 storageos: 17604 description: StorageOS represents a StorageOS volume attached 17605 and mounted on Kubernetes nodes. 17606 properties: 17607 fsType: 17608 description: Filesystem type to mount. Must be a filesystem 17609 type supported by the host operating system. Ex. "ext4", 17610 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17611 type: string 17612 readOnly: 17613 description: Defaults to false (read/write). ReadOnly here 17614 will force the ReadOnly setting in VolumeMounts. 17615 type: boolean 17616 secretRef: 17617 description: SecretRef specifies the secret to use for obtaining 17618 the StorageOS API credentials. If not specified, default 17619 values will be attempted. 17620 properties: 17621 name: 17622 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17623 TODO: Add other useful fields. apiVersion, kind, uid?' 17624 type: string 17625 type: object 17626 volumeName: 17627 description: VolumeName is the human-readable name of the 17628 StorageOS volume. Volume names are only unique within 17629 a namespace. 17630 type: string 17631 volumeNamespace: 17632 description: VolumeNamespace specifies the scope of the 17633 volume within StorageOS. If no namespace is specified 17634 then the Pod's namespace will be used. This allows the 17635 Kubernetes name scoping to be mirrored within StorageOS 17636 for tighter integration. Set VolumeName to any name to 17637 override the default behaviour. Set to "default" if you 17638 are not using namespaces within StorageOS. Namespaces 17639 that do not pre-exist within StorageOS will be created. 17640 type: string 17641 type: object 17642 vsphereVolume: 17643 description: VsphereVolume represents a vSphere volume attached 17644 and mounted on kubelets host machine 17645 properties: 17646 fsType: 17647 description: Filesystem type to mount. Must be a filesystem 17648 type supported by the host operating system. Ex. "ext4", 17649 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 17650 type: string 17651 storagePolicyID: 17652 description: Storage Policy Based Management (SPBM) profile 17653 ID associated with the StoragePolicyName. 17654 type: string 17655 storagePolicyName: 17656 description: Storage Policy Based Management (SPBM) profile 17657 name. 17658 type: string 17659 volumePath: 17660 description: Path that identifies vSphere volume vmdk 17661 type: string 17662 required: 17663 - volumePath 17664 type: object 17665 required: 17666 - name 17667 type: object 17668 type: array 17669 walCompression: 17670 description: Enable compression of the write-ahead log using Snappy. 17671 This flag is only available in versions of Prometheus >= 2.11.0. 17672 type: boolean 17673 web: 17674 description: WebSpec defines the web command line flags when starting 17675 Prometheus. 17676 properties: 17677 pageTitle: 17678 description: The prometheus web page title 17679 type: string 17680 tlsConfig: 17681 description: WebTLSConfig defines the TLS parameters for HTTPS. 17682 properties: 17683 cert: 17684 description: Contains the TLS certificate for the server. 17685 properties: 17686 configMap: 17687 description: ConfigMap containing data to use for the 17688 targets. 17689 properties: 17690 key: 17691 description: The key to select. 17692 type: string 17693 name: 17694 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17695 TODO: Add other useful fields. apiVersion, kind, 17696 uid?' 17697 type: string 17698 optional: 17699 description: Specify whether the ConfigMap or its 17700 key must be defined 17701 type: boolean 17702 required: 17703 - key 17704 type: object 17705 secret: 17706 description: Secret containing data to use for the targets. 17707 properties: 17708 key: 17709 description: The key of the secret to select from. Must 17710 be a valid secret key. 17711 type: string 17712 name: 17713 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17714 TODO: Add other useful fields. apiVersion, kind, 17715 uid?' 17716 type: string 17717 optional: 17718 description: Specify whether the Secret or its key 17719 must be defined 17720 type: boolean 17721 required: 17722 - key 17723 type: object 17724 type: object 17725 cipherSuites: 17726 description: 'List of supported cipher suites for TLS versions 17727 up to TLS 1.2. If empty, Go default cipher suites are used. 17728 Available cipher suites are documented in the go documentation: 17729 https://golang.org/pkg/crypto/tls/#pkg-constants' 17730 items: 17731 type: string 17732 type: array 17733 client_ca: 17734 description: Contains the CA certificate for client certificate 17735 authentication to the server. 17736 properties: 17737 configMap: 17738 description: ConfigMap containing data to use for the 17739 targets. 17740 properties: 17741 key: 17742 description: The key to select. 17743 type: string 17744 name: 17745 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17746 TODO: Add other useful fields. apiVersion, kind, 17747 uid?' 17748 type: string 17749 optional: 17750 description: Specify whether the ConfigMap or its 17751 key must be defined 17752 type: boolean 17753 required: 17754 - key 17755 type: object 17756 secret: 17757 description: Secret containing data to use for the targets. 17758 properties: 17759 key: 17760 description: The key of the secret to select from. Must 17761 be a valid secret key. 17762 type: string 17763 name: 17764 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17765 TODO: Add other useful fields. apiVersion, kind, 17766 uid?' 17767 type: string 17768 optional: 17769 description: Specify whether the Secret or its key 17770 must be defined 17771 type: boolean 17772 required: 17773 - key 17774 type: object 17775 type: object 17776 clientAuthType: 17777 description: 'Server policy for client authentication. Maps 17778 to ClientAuth Policies. For more detail on clientAuth options: 17779 https://golang.org/pkg/crypto/tls/#ClientAuthType' 17780 type: string 17781 curvePreferences: 17782 description: 'Elliptic curves that will be used in an ECDHE 17783 handshake, in preference order. Available curves are documented 17784 in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' 17785 items: 17786 type: string 17787 type: array 17788 keySecret: 17789 description: Secret containing the TLS key for the server. 17790 properties: 17791 key: 17792 description: The key of the secret to select from. Must 17793 be a valid secret key. 17794 type: string 17795 name: 17796 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17797 TODO: Add other useful fields. apiVersion, kind, uid?' 17798 type: string 17799 optional: 17800 description: Specify whether the Secret or its key must 17801 be defined 17802 type: boolean 17803 required: 17804 - key 17805 type: object 17806 maxVersion: 17807 description: Maximum TLS version that is acceptable. Defaults 17808 to TLS13. 17809 type: string 17810 minVersion: 17811 description: Minimum TLS version that is acceptable. Defaults 17812 to TLS12. 17813 type: string 17814 preferServerCipherSuites: 17815 description: Controls whether the server selects the client's 17816 most preferred cipher suite, or the server's most preferred 17817 cipher suite. If true then the server's preference, as expressed 17818 in the order of elements in cipherSuites, is used. 17819 type: boolean 17820 required: 17821 - cert 17822 - keySecret 17823 type: object 17824 type: object 17825 type: object 17826 status: 17827 description: 'Most recent observed status of the Prometheus cluster. Read-only. 17828 Not included when requesting from the apiserver, only from the Prometheus 17829 Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 17830 properties: 17831 availableReplicas: 17832 description: Total number of available pods (ready for at least minReadySeconds) 17833 targeted by this Prometheus deployment. 17834 format: int32 17835 type: integer 17836 paused: 17837 description: Represents whether any actions on the underlying managed 17838 objects are being performed. Only delete actions will be performed. 17839 type: boolean 17840 replicas: 17841 description: Total number of non-terminated pods targeted by this 17842 Prometheus deployment (their labels match the selector). 17843 format: int32 17844 type: integer 17845 unavailableReplicas: 17846 description: Total number of unavailable pods targeted by this Prometheus 17847 deployment. 17848 format: int32 17849 type: integer 17850 updatedReplicas: 17851 description: Total number of non-terminated pods targeted by this 17852 Prometheus deployment that have the desired version spec. 17853 format: int32 17854 type: integer 17855 required: 17856 - availableReplicas 17857 - paused 17858 - replicas 17859 - unavailableReplicas 17860 - updatedReplicas 17861 type: object 17862 required: 17863 - spec 17864 type: object 17865 served: true 17866 storage: true 17867 subresources: {} 17868 status: 17869 acceptedNames: 17870 kind: "" 17871 plural: "" 17872 conditions: [] 17873 storedVersions: [] 17874 --- 17875 17876 --- 17877 apiVersion: apiextensions.k8s.io/v1 17878 kind: CustomResourceDefinition 17879 metadata: 17880 annotations: 17881 controller-gen.kubebuilder.io/version: v0.6.2 17882 creationTimestamp: null 17883 name: prometheusrules.monitoring.coreos.com 17884 spec: 17885 group: monitoring.coreos.com 17886 names: 17887 categories: 17888 - prometheus-operator 17889 kind: PrometheusRule 17890 listKind: PrometheusRuleList 17891 plural: prometheusrules 17892 singular: prometheusrule 17893 scope: Namespaced 17894 versions: 17895 - name: v1 17896 schema: 17897 openAPIV3Schema: 17898 description: PrometheusRule defines recording and alerting rules for a Prometheus 17899 instance 17900 properties: 17901 apiVersion: 17902 description: 'APIVersion defines the versioned schema of this representation 17903 of an object. Servers should convert recognized schemas to the latest 17904 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 17905 type: string 17906 kind: 17907 description: 'Kind is a string value representing the REST resource this 17908 object represents. Servers may infer this from the endpoint the client 17909 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 17910 type: string 17911 metadata: 17912 type: object 17913 spec: 17914 description: Specification of desired alerting rule definitions for Prometheus. 17915 properties: 17916 groups: 17917 description: Content of Prometheus rule file 17918 items: 17919 description: 'RuleGroup is a list of sequentially evaluated recording 17920 and alerting rules. Note: PartialResponseStrategy is only used 17921 by ThanosRuler and will be ignored by Prometheus instances. Valid 17922 values for this field are ''warn'' or ''abort''. More info: https://github.com/thanos-io/thanos/blob/master/docs/components/rule.md#partial-response' 17923 properties: 17924 interval: 17925 type: string 17926 name: 17927 type: string 17928 partial_response_strategy: 17929 type: string 17930 rules: 17931 items: 17932 description: 'Rule describes an alerting or recording rule 17933 See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) 17934 or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules) 17935 rule' 17936 properties: 17937 alert: 17938 type: string 17939 annotations: 17940 additionalProperties: 17941 type: string 17942 type: object 17943 expr: 17944 anyOf: 17945 - type: integer 17946 - type: string 17947 x-kubernetes-int-or-string: true 17948 for: 17949 type: string 17950 labels: 17951 additionalProperties: 17952 type: string 17953 type: object 17954 record: 17955 type: string 17956 required: 17957 - expr 17958 type: object 17959 type: array 17960 required: 17961 - name 17962 - rules 17963 type: object 17964 type: array 17965 type: object 17966 required: 17967 - spec 17968 type: object 17969 served: true 17970 storage: true 17971 status: 17972 acceptedNames: 17973 kind: "" 17974 plural: "" 17975 conditions: [] 17976 storedVersions: [] 17977 --- 17978 17979 --- 17980 apiVersion: apiextensions.k8s.io/v1 17981 kind: CustomResourceDefinition 17982 metadata: 17983 annotations: 17984 controller-gen.kubebuilder.io/version: v0.6.2 17985 creationTimestamp: null 17986 name: servicemonitors.monitoring.coreos.com 17987 spec: 17988 group: monitoring.coreos.com 17989 names: 17990 categories: 17991 - prometheus-operator 17992 kind: ServiceMonitor 17993 listKind: ServiceMonitorList 17994 plural: servicemonitors 17995 singular: servicemonitor 17996 scope: Namespaced 17997 versions: 17998 - name: v1 17999 schema: 18000 openAPIV3Schema: 18001 description: ServiceMonitor defines monitoring for a set of services. 18002 properties: 18003 apiVersion: 18004 description: 'APIVersion defines the versioned schema of this representation 18005 of an object. Servers should convert recognized schemas to the latest 18006 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 18007 type: string 18008 kind: 18009 description: 'Kind is a string value representing the REST resource this 18010 object represents. Servers may infer this from the endpoint the client 18011 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 18012 type: string 18013 metadata: 18014 type: object 18015 spec: 18016 description: Specification of desired Service selection for target discovery 18017 by Prometheus. 18018 properties: 18019 endpoints: 18020 description: A list of endpoints allowed as part of this ServiceMonitor. 18021 items: 18022 description: Endpoint defines a scrapeable endpoint serving Prometheus 18023 metrics. 18024 properties: 18025 authorization: 18026 description: Authorization section for this endpoint 18027 properties: 18028 credentials: 18029 description: The secret's key that contains the credentials 18030 of the request 18031 properties: 18032 key: 18033 description: The key of the secret to select from. Must 18034 be a valid secret key. 18035 type: string 18036 name: 18037 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18038 TODO: Add other useful fields. apiVersion, kind, uid?' 18039 type: string 18040 optional: 18041 description: Specify whether the Secret or its key must 18042 be defined 18043 type: boolean 18044 required: 18045 - key 18046 type: object 18047 type: 18048 description: Set the authentication type. Defaults to Bearer, 18049 Basic will cause an error 18050 type: string 18051 type: object 18052 basicAuth: 18053 description: 'BasicAuth allow an endpoint to authenticate over 18054 basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' 18055 properties: 18056 password: 18057 description: The secret in the service monitor namespace 18058 that contains the password for authentication. 18059 properties: 18060 key: 18061 description: The key of the secret to select from. Must 18062 be a valid secret key. 18063 type: string 18064 name: 18065 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18066 TODO: Add other useful fields. apiVersion, kind, uid?' 18067 type: string 18068 optional: 18069 description: Specify whether the Secret or its key must 18070 be defined 18071 type: boolean 18072 required: 18073 - key 18074 type: object 18075 username: 18076 description: The secret in the service monitor namespace 18077 that contains the username for authentication. 18078 properties: 18079 key: 18080 description: The key of the secret to select from. Must 18081 be a valid secret key. 18082 type: string 18083 name: 18084 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18085 TODO: Add other useful fields. apiVersion, kind, uid?' 18086 type: string 18087 optional: 18088 description: Specify whether the Secret or its key must 18089 be defined 18090 type: boolean 18091 required: 18092 - key 18093 type: object 18094 type: object 18095 bearerTokenFile: 18096 description: File to read bearer token for scraping targets. 18097 type: string 18098 bearerTokenSecret: 18099 description: Secret to mount to read bearer token for scraping 18100 targets. The secret needs to be in the same namespace as the 18101 service monitor and accessible by the Prometheus Operator. 18102 properties: 18103 key: 18104 description: The key of the secret to select from. Must 18105 be a valid secret key. 18106 type: string 18107 name: 18108 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18109 TODO: Add other useful fields. apiVersion, kind, uid?' 18110 type: string 18111 optional: 18112 description: Specify whether the Secret or its key must 18113 be defined 18114 type: boolean 18115 required: 18116 - key 18117 type: object 18118 honorLabels: 18119 description: HonorLabels chooses the metric's labels on collisions 18120 with target labels. 18121 type: boolean 18122 honorTimestamps: 18123 description: HonorTimestamps controls whether Prometheus respects 18124 the timestamps present in scraped data. 18125 type: boolean 18126 interval: 18127 description: Interval at which metrics should be scraped 18128 type: string 18129 metricRelabelings: 18130 description: MetricRelabelConfigs to apply to samples before 18131 ingestion. 18132 items: 18133 description: 'RelabelConfig allows dynamic rewriting of the 18134 label set, being applied to samples before ingestion. It 18135 defines `<metric_relabel_configs>`-section of Prometheus 18136 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 18137 properties: 18138 action: 18139 description: Action to perform based on regex matching. 18140 Default is 'replace' 18141 type: string 18142 modulus: 18143 description: Modulus to take of the hash of the source 18144 label values. 18145 format: int64 18146 type: integer 18147 regex: 18148 description: Regular expression against which the extracted 18149 value is matched. Default is '(.*)' 18150 type: string 18151 replacement: 18152 description: Replacement value against which a regex replace 18153 is performed if the regular expression matches. Regex 18154 capture groups are available. Default is '$1' 18155 type: string 18156 separator: 18157 description: Separator placed between concatenated source 18158 label values. default is ';'. 18159 type: string 18160 sourceLabels: 18161 description: The source labels select values from existing 18162 labels. Their content is concatenated using the configured 18163 separator and matched against the configured regular 18164 expression for the replace, keep, and drop actions. 18165 items: 18166 type: string 18167 type: array 18168 targetLabel: 18169 description: Label to which the resulting value is written 18170 in a replace action. It is mandatory for replace actions. 18171 Regex capture groups are available. 18172 type: string 18173 type: object 18174 type: array 18175 oauth2: 18176 description: OAuth2 for the URL. Only valid in Prometheus versions 18177 2.27.0 and newer. 18178 properties: 18179 clientId: 18180 description: The secret or configmap containing the OAuth2 18181 client id 18182 properties: 18183 configMap: 18184 description: ConfigMap containing data to use for the 18185 targets. 18186 properties: 18187 key: 18188 description: The key to select. 18189 type: string 18190 name: 18191 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18192 TODO: Add other useful fields. apiVersion, kind, 18193 uid?' 18194 type: string 18195 optional: 18196 description: Specify whether the ConfigMap or its 18197 key must be defined 18198 type: boolean 18199 required: 18200 - key 18201 type: object 18202 secret: 18203 description: Secret containing data to use for the targets. 18204 properties: 18205 key: 18206 description: The key of the secret to select from. Must 18207 be a valid secret key. 18208 type: string 18209 name: 18210 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18211 TODO: Add other useful fields. apiVersion, kind, 18212 uid?' 18213 type: string 18214 optional: 18215 description: Specify whether the Secret or its key 18216 must be defined 18217 type: boolean 18218 required: 18219 - key 18220 type: object 18221 type: object 18222 clientSecret: 18223 description: The secret containing the OAuth2 client secret 18224 properties: 18225 key: 18226 description: The key of the secret to select from. Must 18227 be a valid secret key. 18228 type: string 18229 name: 18230 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18231 TODO: Add other useful fields. apiVersion, kind, uid?' 18232 type: string 18233 optional: 18234 description: Specify whether the Secret or its key must 18235 be defined 18236 type: boolean 18237 required: 18238 - key 18239 type: object 18240 endpointParams: 18241 additionalProperties: 18242 type: string 18243 description: Parameters to append to the token URL 18244 type: object 18245 scopes: 18246 description: OAuth2 scopes used for the token request 18247 items: 18248 type: string 18249 type: array 18250 tokenUrl: 18251 description: The URL to fetch the token from 18252 minLength: 1 18253 type: string 18254 required: 18255 - clientId 18256 - clientSecret 18257 - tokenUrl 18258 type: object 18259 params: 18260 additionalProperties: 18261 items: 18262 type: string 18263 type: array 18264 description: Optional HTTP URL parameters 18265 type: object 18266 path: 18267 description: HTTP path to scrape for metrics. 18268 type: string 18269 port: 18270 description: Name of the service port this endpoint refers to. 18271 Mutually exclusive with targetPort. 18272 type: string 18273 proxyUrl: 18274 description: ProxyURL eg http://proxyserver:2195 Directs scrapes 18275 to proxy through this endpoint. 18276 type: string 18277 relabelings: 18278 description: 'RelabelConfigs to apply to samples before scraping. 18279 Prometheus Operator automatically adds relabelings for a few 18280 standard Kubernetes fields and replaces original scrape job 18281 name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' 18282 items: 18283 description: 'RelabelConfig allows dynamic rewriting of the 18284 label set, being applied to samples before ingestion. It 18285 defines `<metric_relabel_configs>`-section of Prometheus 18286 configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' 18287 properties: 18288 action: 18289 description: Action to perform based on regex matching. 18290 Default is 'replace' 18291 type: string 18292 modulus: 18293 description: Modulus to take of the hash of the source 18294 label values. 18295 format: int64 18296 type: integer 18297 regex: 18298 description: Regular expression against which the extracted 18299 value is matched. Default is '(.*)' 18300 type: string 18301 replacement: 18302 description: Replacement value against which a regex replace 18303 is performed if the regular expression matches. Regex 18304 capture groups are available. Default is '$1' 18305 type: string 18306 separator: 18307 description: Separator placed between concatenated source 18308 label values. default is ';'. 18309 type: string 18310 sourceLabels: 18311 description: The source labels select values from existing 18312 labels. Their content is concatenated using the configured 18313 separator and matched against the configured regular 18314 expression for the replace, keep, and drop actions. 18315 items: 18316 type: string 18317 type: array 18318 targetLabel: 18319 description: Label to which the resulting value is written 18320 in a replace action. It is mandatory for replace actions. 18321 Regex capture groups are available. 18322 type: string 18323 type: object 18324 type: array 18325 scheme: 18326 description: HTTP scheme to use for scraping. 18327 type: string 18328 scrapeTimeout: 18329 description: Timeout after which the scrape is ended 18330 type: string 18331 targetPort: 18332 anyOf: 18333 - type: integer 18334 - type: string 18335 description: Name or number of the target port of the Pod behind 18336 the Service, the port must be specified with container port 18337 property. Mutually exclusive with port. 18338 x-kubernetes-int-or-string: true 18339 tlsConfig: 18340 description: TLS configuration to use when scraping the endpoint 18341 properties: 18342 ca: 18343 description: Struct containing the CA cert to use for the 18344 targets. 18345 properties: 18346 configMap: 18347 description: ConfigMap containing data to use for the 18348 targets. 18349 properties: 18350 key: 18351 description: The key to select. 18352 type: string 18353 name: 18354 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18355 TODO: Add other useful fields. apiVersion, kind, 18356 uid?' 18357 type: string 18358 optional: 18359 description: Specify whether the ConfigMap or its 18360 key must be defined 18361 type: boolean 18362 required: 18363 - key 18364 type: object 18365 secret: 18366 description: Secret containing data to use for the targets. 18367 properties: 18368 key: 18369 description: The key of the secret to select from. Must 18370 be a valid secret key. 18371 type: string 18372 name: 18373 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18374 TODO: Add other useful fields. apiVersion, kind, 18375 uid?' 18376 type: string 18377 optional: 18378 description: Specify whether the Secret or its key 18379 must be defined 18380 type: boolean 18381 required: 18382 - key 18383 type: object 18384 type: object 18385 caFile: 18386 description: Path to the CA cert in the Prometheus container 18387 to use for the targets. 18388 type: string 18389 cert: 18390 description: Struct containing the client cert file for 18391 the targets. 18392 properties: 18393 configMap: 18394 description: ConfigMap containing data to use for the 18395 targets. 18396 properties: 18397 key: 18398 description: The key to select. 18399 type: string 18400 name: 18401 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18402 TODO: Add other useful fields. apiVersion, kind, 18403 uid?' 18404 type: string 18405 optional: 18406 description: Specify whether the ConfigMap or its 18407 key must be defined 18408 type: boolean 18409 required: 18410 - key 18411 type: object 18412 secret: 18413 description: Secret containing data to use for the targets. 18414 properties: 18415 key: 18416 description: The key of the secret to select from. Must 18417 be a valid secret key. 18418 type: string 18419 name: 18420 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18421 TODO: Add other useful fields. apiVersion, kind, 18422 uid?' 18423 type: string 18424 optional: 18425 description: Specify whether the Secret or its key 18426 must be defined 18427 type: boolean 18428 required: 18429 - key 18430 type: object 18431 type: object 18432 certFile: 18433 description: Path to the client cert file in the Prometheus 18434 container for the targets. 18435 type: string 18436 insecureSkipVerify: 18437 description: Disable target certificate validation. 18438 type: boolean 18439 keyFile: 18440 description: Path to the client key file in the Prometheus 18441 container for the targets. 18442 type: string 18443 keySecret: 18444 description: Secret containing the client key file for the 18445 targets. 18446 properties: 18447 key: 18448 description: The key of the secret to select from. Must 18449 be a valid secret key. 18450 type: string 18451 name: 18452 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18453 TODO: Add other useful fields. apiVersion, kind, uid?' 18454 type: string 18455 optional: 18456 description: Specify whether the Secret or its key must 18457 be defined 18458 type: boolean 18459 required: 18460 - key 18461 type: object 18462 serverName: 18463 description: Used to verify the hostname for the targets. 18464 type: string 18465 type: object 18466 type: object 18467 type: array 18468 jobLabel: 18469 description: "Chooses the label of the Kubernetes `Endpoints`. Its 18470 value will be used for the `job`-label's value of the created metrics. 18471 \n Default & fallback value: the name of the respective Kubernetes 18472 `Endpoint`." 18473 type: string 18474 labelLimit: 18475 description: Per-scrape limit on number of labels that will be accepted 18476 for a sample. Only valid in Prometheus versions 2.27.0 and newer. 18477 format: int64 18478 type: integer 18479 labelNameLengthLimit: 18480 description: Per-scrape limit on length of labels name that will be 18481 accepted for a sample. Only valid in Prometheus versions 2.27.0 18482 and newer. 18483 format: int64 18484 type: integer 18485 labelValueLengthLimit: 18486 description: Per-scrape limit on length of labels value that will 18487 be accepted for a sample. Only valid in Prometheus versions 2.27.0 18488 and newer. 18489 format: int64 18490 type: integer 18491 namespaceSelector: 18492 description: Selector to select which namespaces the Kubernetes Endpoints 18493 objects are discovered from. 18494 properties: 18495 any: 18496 description: Boolean describing whether all namespaces are selected 18497 in contrast to a list restricting them. 18498 type: boolean 18499 matchNames: 18500 description: List of namespace names. 18501 items: 18502 type: string 18503 type: array 18504 type: object 18505 podTargetLabels: 18506 description: PodTargetLabels transfers labels on the Kubernetes `Pod` 18507 onto the created metrics. 18508 items: 18509 type: string 18510 type: array 18511 sampleLimit: 18512 description: SampleLimit defines per-scrape limit on number of scraped 18513 samples that will be accepted. 18514 format: int64 18515 type: integer 18516 selector: 18517 description: Selector to select Endpoints objects. 18518 properties: 18519 matchExpressions: 18520 description: matchExpressions is a list of label selector requirements. 18521 The requirements are ANDed. 18522 items: 18523 description: A label selector requirement is a selector that 18524 contains values, a key, and an operator that relates the key 18525 and values. 18526 properties: 18527 key: 18528 description: key is the label key that the selector applies 18529 to. 18530 type: string 18531 operator: 18532 description: operator represents a key's relationship to 18533 a set of values. Valid operators are In, NotIn, Exists 18534 and DoesNotExist. 18535 type: string 18536 values: 18537 description: values is an array of string values. If the 18538 operator is In or NotIn, the values array must be non-empty. 18539 If the operator is Exists or DoesNotExist, the values 18540 array must be empty. This array is replaced during a strategic 18541 merge patch. 18542 items: 18543 type: string 18544 type: array 18545 required: 18546 - key 18547 - operator 18548 type: object 18549 type: array 18550 matchLabels: 18551 additionalProperties: 18552 type: string 18553 description: matchLabels is a map of {key,value} pairs. A single 18554 {key,value} in the matchLabels map is equivalent to an element 18555 of matchExpressions, whose key field is "key", the operator 18556 is "In", and the values array contains only "value". The requirements 18557 are ANDed. 18558 type: object 18559 type: object 18560 targetLabels: 18561 description: TargetLabels transfers labels from the Kubernetes `Service` 18562 onto the created metrics. All labels set in `selector.matchLabels` 18563 are automatically transferred. 18564 items: 18565 type: string 18566 type: array 18567 targetLimit: 18568 description: TargetLimit defines a limit on the number of scraped 18569 targets that will be accepted. 18570 format: int64 18571 type: integer 18572 required: 18573 - endpoints 18574 - selector 18575 type: object 18576 required: 18577 - spec 18578 type: object 18579 served: true 18580 storage: true 18581 status: 18582 acceptedNames: 18583 kind: "" 18584 plural: "" 18585 conditions: [] 18586 storedVersions: [] 18587 --- 18588 18589 --- 18590 apiVersion: apiextensions.k8s.io/v1 18591 kind: CustomResourceDefinition 18592 metadata: 18593 annotations: 18594 controller-gen.kubebuilder.io/version: v0.6.2 18595 creationTimestamp: null 18596 name: thanosrulers.monitoring.coreos.com 18597 spec: 18598 group: monitoring.coreos.com 18599 names: 18600 categories: 18601 - prometheus-operator 18602 kind: ThanosRuler 18603 listKind: ThanosRulerList 18604 plural: thanosrulers 18605 singular: thanosruler 18606 scope: Namespaced 18607 versions: 18608 - name: v1 18609 schema: 18610 openAPIV3Schema: 18611 description: ThanosRuler defines a ThanosRuler deployment. 18612 properties: 18613 apiVersion: 18614 description: 'APIVersion defines the versioned schema of this representation 18615 of an object. Servers should convert recognized schemas to the latest 18616 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 18617 type: string 18618 kind: 18619 description: 'Kind is a string value representing the REST resource this 18620 object represents. Servers may infer this from the endpoint the client 18621 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 18622 type: string 18623 metadata: 18624 type: object 18625 spec: 18626 description: 'Specification of the desired behavior of the ThanosRuler 18627 cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 18628 properties: 18629 affinity: 18630 description: If specified, the pod's scheduling constraints. 18631 properties: 18632 nodeAffinity: 18633 description: Describes node affinity scheduling rules for the 18634 pod. 18635 properties: 18636 preferredDuringSchedulingIgnoredDuringExecution: 18637 description: The scheduler will prefer to schedule pods to 18638 nodes that satisfy the affinity expressions specified by 18639 this field, but it may choose a node that violates one or 18640 more of the expressions. The node that is most preferred 18641 is the one with the greatest sum of weights, i.e. for each 18642 node that meets all of the scheduling requirements (resource 18643 request, requiredDuringScheduling affinity expressions, 18644 etc.), compute a sum by iterating through the elements of 18645 this field and adding "weight" to the sum if the node matches 18646 the corresponding matchExpressions; the node(s) with the 18647 highest sum are the most preferred. 18648 items: 18649 description: An empty preferred scheduling term matches 18650 all objects with implicit weight 0 (i.e. it's a no-op). 18651 A null preferred scheduling term matches no objects (i.e. 18652 is also a no-op). 18653 properties: 18654 preference: 18655 description: A node selector term, associated with the 18656 corresponding weight. 18657 properties: 18658 matchExpressions: 18659 description: A list of node selector requirements 18660 by node's labels. 18661 items: 18662 description: A node selector requirement is a 18663 selector that contains values, a key, and an 18664 operator that relates the key and values. 18665 properties: 18666 key: 18667 description: The label key that the selector 18668 applies to. 18669 type: string 18670 operator: 18671 description: Represents a key's relationship 18672 to a set of values. Valid operators are 18673 In, NotIn, Exists, DoesNotExist. Gt, and 18674 Lt. 18675 type: string 18676 values: 18677 description: An array of string values. If 18678 the operator is In or NotIn, the values 18679 array must be non-empty. If the operator 18680 is Exists or DoesNotExist, the values array 18681 must be empty. If the operator is Gt or 18682 Lt, the values array must have a single 18683 element, which will be interpreted as an 18684 integer. This array is replaced during a 18685 strategic merge patch. 18686 items: 18687 type: string 18688 type: array 18689 required: 18690 - key 18691 - operator 18692 type: object 18693 type: array 18694 matchFields: 18695 description: A list of node selector requirements 18696 by node's fields. 18697 items: 18698 description: A node selector requirement is a 18699 selector that contains values, a key, and an 18700 operator that relates the key and values. 18701 properties: 18702 key: 18703 description: The label key that the selector 18704 applies to. 18705 type: string 18706 operator: 18707 description: Represents a key's relationship 18708 to a set of values. Valid operators are 18709 In, NotIn, Exists, DoesNotExist. Gt, and 18710 Lt. 18711 type: string 18712 values: 18713 description: An array of string values. If 18714 the operator is In or NotIn, the values 18715 array must be non-empty. If the operator 18716 is Exists or DoesNotExist, the values array 18717 must be empty. If the operator is Gt or 18718 Lt, the values array must have a single 18719 element, which will be interpreted as an 18720 integer. This array is replaced during a 18721 strategic merge patch. 18722 items: 18723 type: string 18724 type: array 18725 required: 18726 - key 18727 - operator 18728 type: object 18729 type: array 18730 type: object 18731 weight: 18732 description: Weight associated with matching the corresponding 18733 nodeSelectorTerm, in the range 1-100. 18734 format: int32 18735 type: integer 18736 required: 18737 - preference 18738 - weight 18739 type: object 18740 type: array 18741 requiredDuringSchedulingIgnoredDuringExecution: 18742 description: If the affinity requirements specified by this 18743 field are not met at scheduling time, the pod will not be 18744 scheduled onto the node. If the affinity requirements specified 18745 by this field cease to be met at some point during pod execution 18746 (e.g. due to an update), the system may or may not try to 18747 eventually evict the pod from its node. 18748 properties: 18749 nodeSelectorTerms: 18750 description: Required. A list of node selector terms. 18751 The terms are ORed. 18752 items: 18753 description: A null or empty node selector term matches 18754 no objects. The requirements of them are ANDed. The 18755 TopologySelectorTerm type implements a subset of the 18756 NodeSelectorTerm. 18757 properties: 18758 matchExpressions: 18759 description: A list of node selector requirements 18760 by node's labels. 18761 items: 18762 description: A node selector requirement is a 18763 selector that contains values, a key, and an 18764 operator that relates the key and values. 18765 properties: 18766 key: 18767 description: The label key that the selector 18768 applies to. 18769 type: string 18770 operator: 18771 description: Represents a key's relationship 18772 to a set of values. Valid operators are 18773 In, NotIn, Exists, DoesNotExist. Gt, and 18774 Lt. 18775 type: string 18776 values: 18777 description: An array of string values. If 18778 the operator is In or NotIn, the values 18779 array must be non-empty. If the operator 18780 is Exists or DoesNotExist, the values array 18781 must be empty. If the operator is Gt or 18782 Lt, the values array must have a single 18783 element, which will be interpreted as an 18784 integer. This array is replaced during a 18785 strategic merge patch. 18786 items: 18787 type: string 18788 type: array 18789 required: 18790 - key 18791 - operator 18792 type: object 18793 type: array 18794 matchFields: 18795 description: A list of node selector requirements 18796 by node's fields. 18797 items: 18798 description: A node selector requirement is a 18799 selector that contains values, a key, and an 18800 operator that relates the key and values. 18801 properties: 18802 key: 18803 description: The label key that the selector 18804 applies to. 18805 type: string 18806 operator: 18807 description: Represents a key's relationship 18808 to a set of values. Valid operators are 18809 In, NotIn, Exists, DoesNotExist. Gt, and 18810 Lt. 18811 type: string 18812 values: 18813 description: An array of string values. If 18814 the operator is In or NotIn, the values 18815 array must be non-empty. If the operator 18816 is Exists or DoesNotExist, the values array 18817 must be empty. If the operator is Gt or 18818 Lt, the values array must have a single 18819 element, which will be interpreted as an 18820 integer. This array is replaced during a 18821 strategic merge patch. 18822 items: 18823 type: string 18824 type: array 18825 required: 18826 - key 18827 - operator 18828 type: object 18829 type: array 18830 type: object 18831 type: array 18832 required: 18833 - nodeSelectorTerms 18834 type: object 18835 type: object 18836 podAffinity: 18837 description: Describes pod affinity scheduling rules (e.g. co-locate 18838 this pod in the same node, zone, etc. as some other pod(s)). 18839 properties: 18840 preferredDuringSchedulingIgnoredDuringExecution: 18841 description: The scheduler will prefer to schedule pods to 18842 nodes that satisfy the affinity expressions specified by 18843 this field, but it may choose a node that violates one or 18844 more of the expressions. The node that is most preferred 18845 is the one with the greatest sum of weights, i.e. for each 18846 node that meets all of the scheduling requirements (resource 18847 request, requiredDuringScheduling affinity expressions, 18848 etc.), compute a sum by iterating through the elements of 18849 this field and adding "weight" to the sum if the node has 18850 pods which matches the corresponding podAffinityTerm; the 18851 node(s) with the highest sum are the most preferred. 18852 items: 18853 description: The weights of all of the matched WeightedPodAffinityTerm 18854 fields are added per-node to find the most preferred node(s) 18855 properties: 18856 podAffinityTerm: 18857 description: Required. A pod affinity term, associated 18858 with the corresponding weight. 18859 properties: 18860 labelSelector: 18861 description: A label query over a set of resources, 18862 in this case pods. 18863 properties: 18864 matchExpressions: 18865 description: matchExpressions is a list of label 18866 selector requirements. The requirements are 18867 ANDed. 18868 items: 18869 description: A label selector requirement 18870 is a selector that contains values, a key, 18871 and an operator that relates the key and 18872 values. 18873 properties: 18874 key: 18875 description: key is the label key that 18876 the selector applies to. 18877 type: string 18878 operator: 18879 description: operator represents a key's 18880 relationship to a set of values. Valid 18881 operators are In, NotIn, Exists and 18882 DoesNotExist. 18883 type: string 18884 values: 18885 description: values is an array of string 18886 values. If the operator is In or NotIn, 18887 the values array must be non-empty. 18888 If the operator is Exists or DoesNotExist, 18889 the values array must be empty. This 18890 array is replaced during a strategic 18891 merge patch. 18892 items: 18893 type: string 18894 type: array 18895 required: 18896 - key 18897 - operator 18898 type: object 18899 type: array 18900 matchLabels: 18901 additionalProperties: 18902 type: string 18903 description: matchLabels is a map of {key,value} 18904 pairs. A single {key,value} in the matchLabels 18905 map is equivalent to an element of matchExpressions, 18906 whose key field is "key", the operator is 18907 "In", and the values array contains only "value". 18908 The requirements are ANDed. 18909 type: object 18910 type: object 18911 namespaceSelector: 18912 description: A label query over the set of namespaces 18913 that the term applies to. The term is applied 18914 to the union of the namespaces selected by this 18915 field and the ones listed in the namespaces field. 18916 null selector and null or empty namespaces list 18917 means "this pod's namespace". An empty selector 18918 ({}) matches all namespaces. This field is beta-level 18919 and is only honored when PodAffinityNamespaceSelector 18920 feature is enabled. 18921 properties: 18922 matchExpressions: 18923 description: matchExpressions is a list of label 18924 selector requirements. The requirements are 18925 ANDed. 18926 items: 18927 description: A label selector requirement 18928 is a selector that contains values, a key, 18929 and an operator that relates the key and 18930 values. 18931 properties: 18932 key: 18933 description: key is the label key that 18934 the selector applies to. 18935 type: string 18936 operator: 18937 description: operator represents a key's 18938 relationship to a set of values. Valid 18939 operators are In, NotIn, Exists and 18940 DoesNotExist. 18941 type: string 18942 values: 18943 description: values is an array of string 18944 values. If the operator is In or NotIn, 18945 the values array must be non-empty. 18946 If the operator is Exists or DoesNotExist, 18947 the values array must be empty. This 18948 array is replaced during a strategic 18949 merge patch. 18950 items: 18951 type: string 18952 type: array 18953 required: 18954 - key 18955 - operator 18956 type: object 18957 type: array 18958 matchLabels: 18959 additionalProperties: 18960 type: string 18961 description: matchLabels is a map of {key,value} 18962 pairs. A single {key,value} in the matchLabels 18963 map is equivalent to an element of matchExpressions, 18964 whose key field is "key", the operator is 18965 "In", and the values array contains only "value". 18966 The requirements are ANDed. 18967 type: object 18968 type: object 18969 namespaces: 18970 description: namespaces specifies a static list 18971 of namespace names that the term applies to. The 18972 term is applied to the union of the namespaces 18973 listed in this field and the ones selected by 18974 namespaceSelector. null or empty namespaces list 18975 and null namespaceSelector means "this pod's namespace" 18976 items: 18977 type: string 18978 type: array 18979 topologyKey: 18980 description: This pod should be co-located (affinity) 18981 or not co-located (anti-affinity) with the pods 18982 matching the labelSelector in the specified namespaces, 18983 where co-located is defined as running on a node 18984 whose value of the label with key topologyKey 18985 matches that of any node on which any of the selected 18986 pods is running. Empty topologyKey is not allowed. 18987 type: string 18988 required: 18989 - topologyKey 18990 type: object 18991 weight: 18992 description: weight associated with matching the corresponding 18993 podAffinityTerm, in the range 1-100. 18994 format: int32 18995 type: integer 18996 required: 18997 - podAffinityTerm 18998 - weight 18999 type: object 19000 type: array 19001 requiredDuringSchedulingIgnoredDuringExecution: 19002 description: If the affinity requirements specified by this 19003 field are not met at scheduling time, the pod will not be 19004 scheduled onto the node. If the affinity requirements specified 19005 by this field cease to be met at some point during pod execution 19006 (e.g. due to a pod label update), the system may or may 19007 not try to eventually evict the pod from its node. When 19008 there are multiple elements, the lists of nodes corresponding 19009 to each podAffinityTerm are intersected, i.e. all terms 19010 must be satisfied. 19011 items: 19012 description: Defines a set of pods (namely those matching 19013 the labelSelector relative to the given namespace(s)) 19014 that this pod should be co-located (affinity) or not co-located 19015 (anti-affinity) with, where co-located is defined as running 19016 on a node whose value of the label with key <topologyKey> 19017 matches that of any node on which a pod of the set of 19018 pods is running 19019 properties: 19020 labelSelector: 19021 description: A label query over a set of resources, 19022 in this case pods. 19023 properties: 19024 matchExpressions: 19025 description: matchExpressions is a list of label 19026 selector requirements. The requirements are ANDed. 19027 items: 19028 description: A label selector requirement is a 19029 selector that contains values, a key, and an 19030 operator that relates the key and values. 19031 properties: 19032 key: 19033 description: key is the label key that the 19034 selector applies to. 19035 type: string 19036 operator: 19037 description: operator represents a key's relationship 19038 to a set of values. Valid operators are 19039 In, NotIn, Exists and DoesNotExist. 19040 type: string 19041 values: 19042 description: values is an array of string 19043 values. If the operator is In or NotIn, 19044 the values array must be non-empty. If the 19045 operator is Exists or DoesNotExist, the 19046 values array must be empty. This array is 19047 replaced during a strategic merge patch. 19048 items: 19049 type: string 19050 type: array 19051 required: 19052 - key 19053 - operator 19054 type: object 19055 type: array 19056 matchLabels: 19057 additionalProperties: 19058 type: string 19059 description: matchLabels is a map of {key,value} 19060 pairs. A single {key,value} in the matchLabels 19061 map is equivalent to an element of matchExpressions, 19062 whose key field is "key", the operator is "In", 19063 and the values array contains only "value". The 19064 requirements are ANDed. 19065 type: object 19066 type: object 19067 namespaceSelector: 19068 description: A label query over the set of namespaces 19069 that the term applies to. The term is applied to the 19070 union of the namespaces selected by this field and 19071 the ones listed in the namespaces field. null selector 19072 and null or empty namespaces list means "this pod's 19073 namespace". An empty selector ({}) matches all namespaces. 19074 This field is beta-level and is only honored when 19075 PodAffinityNamespaceSelector feature is enabled. 19076 properties: 19077 matchExpressions: 19078 description: matchExpressions is a list of label 19079 selector requirements. The requirements are ANDed. 19080 items: 19081 description: A label selector requirement is a 19082 selector that contains values, a key, and an 19083 operator that relates the key and values. 19084 properties: 19085 key: 19086 description: key is the label key that the 19087 selector applies to. 19088 type: string 19089 operator: 19090 description: operator represents a key's relationship 19091 to a set of values. Valid operators are 19092 In, NotIn, Exists and DoesNotExist. 19093 type: string 19094 values: 19095 description: values is an array of string 19096 values. If the operator is In or NotIn, 19097 the values array must be non-empty. If the 19098 operator is Exists or DoesNotExist, the 19099 values array must be empty. This array is 19100 replaced during a strategic merge patch. 19101 items: 19102 type: string 19103 type: array 19104 required: 19105 - key 19106 - operator 19107 type: object 19108 type: array 19109 matchLabels: 19110 additionalProperties: 19111 type: string 19112 description: matchLabels is a map of {key,value} 19113 pairs. A single {key,value} in the matchLabels 19114 map is equivalent to an element of matchExpressions, 19115 whose key field is "key", the operator is "In", 19116 and the values array contains only "value". The 19117 requirements are ANDed. 19118 type: object 19119 type: object 19120 namespaces: 19121 description: namespaces specifies a static list of namespace 19122 names that the term applies to. The term is applied 19123 to the union of the namespaces listed in this field 19124 and the ones selected by namespaceSelector. null or 19125 empty namespaces list and null namespaceSelector means 19126 "this pod's namespace" 19127 items: 19128 type: string 19129 type: array 19130 topologyKey: 19131 description: This pod should be co-located (affinity) 19132 or not co-located (anti-affinity) with the pods matching 19133 the labelSelector in the specified namespaces, where 19134 co-located is defined as running on a node whose value 19135 of the label with key topologyKey matches that of 19136 any node on which any of the selected pods is running. 19137 Empty topologyKey is not allowed. 19138 type: string 19139 required: 19140 - topologyKey 19141 type: object 19142 type: array 19143 type: object 19144 podAntiAffinity: 19145 description: Describes pod anti-affinity scheduling rules (e.g. 19146 avoid putting this pod in the same node, zone, etc. as some 19147 other pod(s)). 19148 properties: 19149 preferredDuringSchedulingIgnoredDuringExecution: 19150 description: The scheduler will prefer to schedule pods to 19151 nodes that satisfy the anti-affinity expressions specified 19152 by this field, but it may choose a node that violates one 19153 or more of the expressions. The node that is most preferred 19154 is the one with the greatest sum of weights, i.e. for each 19155 node that meets all of the scheduling requirements (resource 19156 request, requiredDuringScheduling anti-affinity expressions, 19157 etc.), compute a sum by iterating through the elements of 19158 this field and adding "weight" to the sum if the node has 19159 pods which matches the corresponding podAffinityTerm; the 19160 node(s) with the highest sum are the most preferred. 19161 items: 19162 description: The weights of all of the matched WeightedPodAffinityTerm 19163 fields are added per-node to find the most preferred node(s) 19164 properties: 19165 podAffinityTerm: 19166 description: Required. A pod affinity term, associated 19167 with the corresponding weight. 19168 properties: 19169 labelSelector: 19170 description: A label query over a set of resources, 19171 in this case pods. 19172 properties: 19173 matchExpressions: 19174 description: matchExpressions is a list of label 19175 selector requirements. The requirements are 19176 ANDed. 19177 items: 19178 description: A label selector requirement 19179 is a selector that contains values, a key, 19180 and an operator that relates the key and 19181 values. 19182 properties: 19183 key: 19184 description: key is the label key that 19185 the selector applies to. 19186 type: string 19187 operator: 19188 description: operator represents a key's 19189 relationship to a set of values. Valid 19190 operators are In, NotIn, Exists and 19191 DoesNotExist. 19192 type: string 19193 values: 19194 description: values is an array of string 19195 values. If the operator is In or NotIn, 19196 the values array must be non-empty. 19197 If the operator is Exists or DoesNotExist, 19198 the values array must be empty. This 19199 array is replaced during a strategic 19200 merge patch. 19201 items: 19202 type: string 19203 type: array 19204 required: 19205 - key 19206 - operator 19207 type: object 19208 type: array 19209 matchLabels: 19210 additionalProperties: 19211 type: string 19212 description: matchLabels is a map of {key,value} 19213 pairs. A single {key,value} in the matchLabels 19214 map is equivalent to an element of matchExpressions, 19215 whose key field is "key", the operator is 19216 "In", and the values array contains only "value". 19217 The requirements are ANDed. 19218 type: object 19219 type: object 19220 namespaceSelector: 19221 description: A label query over the set of namespaces 19222 that the term applies to. The term is applied 19223 to the union of the namespaces selected by this 19224 field and the ones listed in the namespaces field. 19225 null selector and null or empty namespaces list 19226 means "this pod's namespace". An empty selector 19227 ({}) matches all namespaces. This field is beta-level 19228 and is only honored when PodAffinityNamespaceSelector 19229 feature is enabled. 19230 properties: 19231 matchExpressions: 19232 description: matchExpressions is a list of label 19233 selector requirements. The requirements are 19234 ANDed. 19235 items: 19236 description: A label selector requirement 19237 is a selector that contains values, a key, 19238 and an operator that relates the key and 19239 values. 19240 properties: 19241 key: 19242 description: key is the label key that 19243 the selector applies to. 19244 type: string 19245 operator: 19246 description: operator represents a key's 19247 relationship to a set of values. Valid 19248 operators are In, NotIn, Exists and 19249 DoesNotExist. 19250 type: string 19251 values: 19252 description: values is an array of string 19253 values. If the operator is In or NotIn, 19254 the values array must be non-empty. 19255 If the operator is Exists or DoesNotExist, 19256 the values array must be empty. This 19257 array is replaced during a strategic 19258 merge patch. 19259 items: 19260 type: string 19261 type: array 19262 required: 19263 - key 19264 - operator 19265 type: object 19266 type: array 19267 matchLabels: 19268 additionalProperties: 19269 type: string 19270 description: matchLabels is a map of {key,value} 19271 pairs. A single {key,value} in the matchLabels 19272 map is equivalent to an element of matchExpressions, 19273 whose key field is "key", the operator is 19274 "In", and the values array contains only "value". 19275 The requirements are ANDed. 19276 type: object 19277 type: object 19278 namespaces: 19279 description: namespaces specifies a static list 19280 of namespace names that the term applies to. The 19281 term is applied to the union of the namespaces 19282 listed in this field and the ones selected by 19283 namespaceSelector. null or empty namespaces list 19284 and null namespaceSelector means "this pod's namespace" 19285 items: 19286 type: string 19287 type: array 19288 topologyKey: 19289 description: This pod should be co-located (affinity) 19290 or not co-located (anti-affinity) with the pods 19291 matching the labelSelector in the specified namespaces, 19292 where co-located is defined as running on a node 19293 whose value of the label with key topologyKey 19294 matches that of any node on which any of the selected 19295 pods is running. Empty topologyKey is not allowed. 19296 type: string 19297 required: 19298 - topologyKey 19299 type: object 19300 weight: 19301 description: weight associated with matching the corresponding 19302 podAffinityTerm, in the range 1-100. 19303 format: int32 19304 type: integer 19305 required: 19306 - podAffinityTerm 19307 - weight 19308 type: object 19309 type: array 19310 requiredDuringSchedulingIgnoredDuringExecution: 19311 description: If the anti-affinity requirements specified by 19312 this field are not met at scheduling time, the pod will 19313 not be scheduled onto the node. If the anti-affinity requirements 19314 specified by this field cease to be met at some point during 19315 pod execution (e.g. due to a pod label update), the system 19316 may or may not try to eventually evict the pod from its 19317 node. When there are multiple elements, the lists of nodes 19318 corresponding to each podAffinityTerm are intersected, i.e. 19319 all terms must be satisfied. 19320 items: 19321 description: Defines a set of pods (namely those matching 19322 the labelSelector relative to the given namespace(s)) 19323 that this pod should be co-located (affinity) or not co-located 19324 (anti-affinity) with, where co-located is defined as running 19325 on a node whose value of the label with key <topologyKey> 19326 matches that of any node on which a pod of the set of 19327 pods is running 19328 properties: 19329 labelSelector: 19330 description: A label query over a set of resources, 19331 in this case pods. 19332 properties: 19333 matchExpressions: 19334 description: matchExpressions is a list of label 19335 selector requirements. The requirements are ANDed. 19336 items: 19337 description: A label selector requirement is a 19338 selector that contains values, a key, and an 19339 operator that relates the key and values. 19340 properties: 19341 key: 19342 description: key is the label key that the 19343 selector applies to. 19344 type: string 19345 operator: 19346 description: operator represents a key's relationship 19347 to a set of values. Valid operators are 19348 In, NotIn, Exists and DoesNotExist. 19349 type: string 19350 values: 19351 description: values is an array of string 19352 values. If the operator is In or NotIn, 19353 the values array must be non-empty. If the 19354 operator is Exists or DoesNotExist, the 19355 values array must be empty. This array is 19356 replaced during a strategic merge patch. 19357 items: 19358 type: string 19359 type: array 19360 required: 19361 - key 19362 - operator 19363 type: object 19364 type: array 19365 matchLabels: 19366 additionalProperties: 19367 type: string 19368 description: matchLabels is a map of {key,value} 19369 pairs. A single {key,value} in the matchLabels 19370 map is equivalent to an element of matchExpressions, 19371 whose key field is "key", the operator is "In", 19372 and the values array contains only "value". The 19373 requirements are ANDed. 19374 type: object 19375 type: object 19376 namespaceSelector: 19377 description: A label query over the set of namespaces 19378 that the term applies to. The term is applied to the 19379 union of the namespaces selected by this field and 19380 the ones listed in the namespaces field. null selector 19381 and null or empty namespaces list means "this pod's 19382 namespace". An empty selector ({}) matches all namespaces. 19383 This field is beta-level and is only honored when 19384 PodAffinityNamespaceSelector feature is enabled. 19385 properties: 19386 matchExpressions: 19387 description: matchExpressions is a list of label 19388 selector requirements. The requirements are ANDed. 19389 items: 19390 description: A label selector requirement is a 19391 selector that contains values, a key, and an 19392 operator that relates the key and values. 19393 properties: 19394 key: 19395 description: key is the label key that the 19396 selector applies to. 19397 type: string 19398 operator: 19399 description: operator represents a key's relationship 19400 to a set of values. Valid operators are 19401 In, NotIn, Exists and DoesNotExist. 19402 type: string 19403 values: 19404 description: values is an array of string 19405 values. If the operator is In or NotIn, 19406 the values array must be non-empty. If the 19407 operator is Exists or DoesNotExist, the 19408 values array must be empty. This array is 19409 replaced during a strategic merge patch. 19410 items: 19411 type: string 19412 type: array 19413 required: 19414 - key 19415 - operator 19416 type: object 19417 type: array 19418 matchLabels: 19419 additionalProperties: 19420 type: string 19421 description: matchLabels is a map of {key,value} 19422 pairs. A single {key,value} in the matchLabels 19423 map is equivalent to an element of matchExpressions, 19424 whose key field is "key", the operator is "In", 19425 and the values array contains only "value". The 19426 requirements are ANDed. 19427 type: object 19428 type: object 19429 namespaces: 19430 description: namespaces specifies a static list of namespace 19431 names that the term applies to. The term is applied 19432 to the union of the namespaces listed in this field 19433 and the ones selected by namespaceSelector. null or 19434 empty namespaces list and null namespaceSelector means 19435 "this pod's namespace" 19436 items: 19437 type: string 19438 type: array 19439 topologyKey: 19440 description: This pod should be co-located (affinity) 19441 or not co-located (anti-affinity) with the pods matching 19442 the labelSelector in the specified namespaces, where 19443 co-located is defined as running on a node whose value 19444 of the label with key topologyKey matches that of 19445 any node on which any of the selected pods is running. 19446 Empty topologyKey is not allowed. 19447 type: string 19448 required: 19449 - topologyKey 19450 type: object 19451 type: array 19452 type: object 19453 type: object 19454 alertDropLabels: 19455 description: AlertDropLabels configure the label names which should 19456 be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica` 19457 will always be dropped in alerts. 19458 items: 19459 type: string 19460 type: array 19461 alertQueryUrl: 19462 description: The external Query URL the Thanos Ruler will set in the 19463 'Source' field of all alerts. Maps to the '--alert.query-url' CLI 19464 arg. 19465 type: string 19466 alertRelabelConfigFile: 19467 description: AlertRelabelConfigFile specifies the path of the alert 19468 relabeling configuration file. When used alongside with AlertRelabelConfigs, 19469 alertRelabelConfigFile takes precedence. 19470 type: string 19471 alertRelabelConfigs: 19472 description: 'AlertRelabelConfigs configures alert relabeling in ThanosRuler. 19473 Alert relabel configurations must have the form as specified in 19474 the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs 19475 Alternative to AlertRelabelConfigFile, and lower order priority.' 19476 properties: 19477 key: 19478 description: The key of the secret to select from. Must be a 19479 valid secret key. 19480 type: string 19481 name: 19482 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19483 TODO: Add other useful fields. apiVersion, kind, uid?' 19484 type: string 19485 optional: 19486 description: Specify whether the Secret or its key must be defined 19487 type: boolean 19488 required: 19489 - key 19490 type: object 19491 alertmanagersConfig: 19492 description: Define configuration for connecting to alertmanager. Only 19493 available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` 19494 arg. 19495 properties: 19496 key: 19497 description: The key of the secret to select from. Must be a 19498 valid secret key. 19499 type: string 19500 name: 19501 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19502 TODO: Add other useful fields. apiVersion, kind, uid?' 19503 type: string 19504 optional: 19505 description: Specify whether the Secret or its key must be defined 19506 type: boolean 19507 required: 19508 - key 19509 type: object 19510 alertmanagersUrl: 19511 description: 'Define URLs to send alerts to Alertmanager. For Thanos 19512 v0.10.0 and higher, AlertManagersConfig should be used instead. Note: 19513 this field will be ignored if AlertManagersConfig is specified. 19514 Maps to the `alertmanagers.url` arg.' 19515 items: 19516 type: string 19517 type: array 19518 containers: 19519 description: 'Containers allows injecting additional containers or 19520 modifying operator generated containers. This can be used to allow 19521 adding an authentication proxy to a ThanosRuler pod or to change 19522 the behavior of an operator generated container. Containers described 19523 here modify an operator generated container if they share the same 19524 name and modifications are done via a strategic merge patch. The 19525 current container names are: `thanos-ruler` and `config-reloader`. 19526 Overriding containers is entirely outside the scope of what the 19527 maintainers will support and by doing so, you accept that this behaviour 19528 may break at any time without notice.' 19529 items: 19530 description: A single application container that you want to run 19531 within a pod. 19532 properties: 19533 args: 19534 description: 'Arguments to the entrypoint. The docker image''s 19535 CMD is used if this is not provided. Variable references $(VAR_NAME) 19536 are expanded using the container''s environment. If a variable 19537 cannot be resolved, the reference in the input string will 19538 be unchanged. Double $$ are reduced to a single $, which allows 19539 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 19540 produce the string literal "$(VAR_NAME)". Escaped references 19541 will never be expanded, regardless of whether the variable 19542 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 19543 items: 19544 type: string 19545 type: array 19546 command: 19547 description: 'Entrypoint array. Not executed within a shell. 19548 The docker image''s ENTRYPOINT is used if this is not provided. 19549 Variable references $(VAR_NAME) are expanded using the container''s 19550 environment. If a variable cannot be resolved, the reference 19551 in the input string will be unchanged. Double $$ are reduced 19552 to a single $, which allows for escaping the $(VAR_NAME) syntax: 19553 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 19554 Escaped references will never be expanded, regardless of whether 19555 the variable exists or not. Cannot be updated. More info: 19556 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 19557 items: 19558 type: string 19559 type: array 19560 env: 19561 description: List of environment variables to set in the container. 19562 Cannot be updated. 19563 items: 19564 description: EnvVar represents an environment variable present 19565 in a Container. 19566 properties: 19567 name: 19568 description: Name of the environment variable. Must be 19569 a C_IDENTIFIER. 19570 type: string 19571 value: 19572 description: 'Variable references $(VAR_NAME) are expanded 19573 using the previously defined environment variables in 19574 the container and any service environment variables. 19575 If a variable cannot be resolved, the reference in the 19576 input string will be unchanged. Double $$ are reduced 19577 to a single $, which allows for escaping the $(VAR_NAME) 19578 syntax: i.e. "$$(VAR_NAME)" will produce the string 19579 literal "$(VAR_NAME)". Escaped references will never 19580 be expanded, regardless of whether the variable exists 19581 or not. Defaults to "".' 19582 type: string 19583 valueFrom: 19584 description: Source for the environment variable's value. 19585 Cannot be used if value is not empty. 19586 properties: 19587 configMapKeyRef: 19588 description: Selects a key of a ConfigMap. 19589 properties: 19590 key: 19591 description: The key to select. 19592 type: string 19593 name: 19594 description: 'Name of the referent. More info: 19595 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19596 TODO: Add other useful fields. apiVersion, kind, 19597 uid?' 19598 type: string 19599 optional: 19600 description: Specify whether the ConfigMap or 19601 its key must be defined 19602 type: boolean 19603 required: 19604 - key 19605 type: object 19606 fieldRef: 19607 description: 'Selects a field of the pod: supports 19608 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 19609 `metadata.annotations[''<KEY>'']`, spec.nodeName, 19610 spec.serviceAccountName, status.hostIP, status.podIP, 19611 status.podIPs.' 19612 properties: 19613 apiVersion: 19614 description: Version of the schema the FieldPath 19615 is written in terms of, defaults to "v1". 19616 type: string 19617 fieldPath: 19618 description: Path of the field to select in the 19619 specified API version. 19620 type: string 19621 required: 19622 - fieldPath 19623 type: object 19624 resourceFieldRef: 19625 description: 'Selects a resource of the container: 19626 only resources limits and requests (limits.cpu, 19627 limits.memory, limits.ephemeral-storage, requests.cpu, 19628 requests.memory and requests.ephemeral-storage) 19629 are currently supported.' 19630 properties: 19631 containerName: 19632 description: 'Container name: required for volumes, 19633 optional for env vars' 19634 type: string 19635 divisor: 19636 anyOf: 19637 - type: integer 19638 - type: string 19639 description: Specifies the output format of the 19640 exposed resources, defaults to "1" 19641 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 19642 x-kubernetes-int-or-string: true 19643 resource: 19644 description: 'Required: resource to select' 19645 type: string 19646 required: 19647 - resource 19648 type: object 19649 secretKeyRef: 19650 description: Selects a key of a secret in the pod's 19651 namespace 19652 properties: 19653 key: 19654 description: The key of the secret to select from. Must 19655 be a valid secret key. 19656 type: string 19657 name: 19658 description: 'Name of the referent. More info: 19659 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19660 TODO: Add other useful fields. apiVersion, kind, 19661 uid?' 19662 type: string 19663 optional: 19664 description: Specify whether the Secret or its 19665 key must be defined 19666 type: boolean 19667 required: 19668 - key 19669 type: object 19670 type: object 19671 required: 19672 - name 19673 type: object 19674 type: array 19675 envFrom: 19676 description: List of sources to populate environment variables 19677 in the container. The keys defined within a source must be 19678 a C_IDENTIFIER. All invalid keys will be reported as an event 19679 when the container is starting. When a key exists in multiple 19680 sources, the value associated with the last source will take 19681 precedence. Values defined by an Env with a duplicate key 19682 will take precedence. Cannot be updated. 19683 items: 19684 description: EnvFromSource represents the source of a set 19685 of ConfigMaps 19686 properties: 19687 configMapRef: 19688 description: The ConfigMap to select from 19689 properties: 19690 name: 19691 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19692 TODO: Add other useful fields. apiVersion, kind, 19693 uid?' 19694 type: string 19695 optional: 19696 description: Specify whether the ConfigMap must be 19697 defined 19698 type: boolean 19699 type: object 19700 prefix: 19701 description: An optional identifier to prepend to each 19702 key in the ConfigMap. Must be a C_IDENTIFIER. 19703 type: string 19704 secretRef: 19705 description: The Secret to select from 19706 properties: 19707 name: 19708 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19709 TODO: Add other useful fields. apiVersion, kind, 19710 uid?' 19711 type: string 19712 optional: 19713 description: Specify whether the Secret must be defined 19714 type: boolean 19715 type: object 19716 type: object 19717 type: array 19718 image: 19719 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19720 This field is optional to allow higher level config management 19721 to default or override container images in workload controllers 19722 like Deployments and StatefulSets.' 19723 type: string 19724 imagePullPolicy: 19725 description: 'Image pull policy. One of Always, Never, IfNotPresent. 19726 Defaults to Always if :latest tag is specified, or IfNotPresent 19727 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 19728 type: string 19729 lifecycle: 19730 description: Actions that the management system should take 19731 in response to container lifecycle events. Cannot be updated. 19732 properties: 19733 postStart: 19734 description: 'PostStart is called immediately after a container 19735 is created. If the handler fails, the container is terminated 19736 and restarted according to its restart policy. Other management 19737 of the container blocks until the hook completes. More 19738 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 19739 properties: 19740 exec: 19741 description: One and only one of the following should 19742 be specified. Exec specifies the action to take. 19743 properties: 19744 command: 19745 description: Command is the command line to execute 19746 inside the container, the working directory for 19747 the command is root ('/') in the container's 19748 filesystem. The command is simply exec'd, it is 19749 not run inside a shell, so traditional shell instructions 19750 ('|', etc) won't work. To use a shell, you need 19751 to explicitly call out to that shell. Exit status 19752 of 0 is treated as live/healthy and non-zero is 19753 unhealthy. 19754 items: 19755 type: string 19756 type: array 19757 type: object 19758 httpGet: 19759 description: HTTPGet specifies the http request to perform. 19760 properties: 19761 host: 19762 description: Host name to connect to, defaults to 19763 the pod IP. You probably want to set "Host" in 19764 httpHeaders instead. 19765 type: string 19766 httpHeaders: 19767 description: Custom headers to set in the request. 19768 HTTP allows repeated headers. 19769 items: 19770 description: HTTPHeader describes a custom header 19771 to be used in HTTP probes 19772 properties: 19773 name: 19774 description: The header field name 19775 type: string 19776 value: 19777 description: The header field value 19778 type: string 19779 required: 19780 - name 19781 - value 19782 type: object 19783 type: array 19784 path: 19785 description: Path to access on the HTTP server. 19786 type: string 19787 port: 19788 anyOf: 19789 - type: integer 19790 - type: string 19791 description: Name or number of the port to access 19792 on the container. Number must be in the range 19793 1 to 65535. Name must be an IANA_SVC_NAME. 19794 x-kubernetes-int-or-string: true 19795 scheme: 19796 description: Scheme to use for connecting to the 19797 host. Defaults to HTTP. 19798 type: string 19799 required: 19800 - port 19801 type: object 19802 tcpSocket: 19803 description: 'TCPSocket specifies an action involving 19804 a TCP port. TCP hooks not yet supported TODO: implement 19805 a realistic TCP lifecycle hook' 19806 properties: 19807 host: 19808 description: 'Optional: Host name to connect to, 19809 defaults to the pod IP.' 19810 type: string 19811 port: 19812 anyOf: 19813 - type: integer 19814 - type: string 19815 description: Number or name of the port to access 19816 on the container. Number must be in the range 19817 1 to 65535. Name must be an IANA_SVC_NAME. 19818 x-kubernetes-int-or-string: true 19819 required: 19820 - port 19821 type: object 19822 type: object 19823 preStop: 19824 description: 'PreStop is called immediately before a container 19825 is terminated due to an API request or management event 19826 such as liveness/startup probe failure, preemption, resource 19827 contention, etc. The handler is not called if the container 19828 crashes or exits. The reason for termination is passed 19829 to the handler. The Pod''s termination grace period countdown 19830 begins before the PreStop hooked is executed. Regardless 19831 of the outcome of the handler, the container will eventually 19832 terminate within the Pod''s termination grace period. 19833 Other management of the container blocks until the hook 19834 completes or until the termination grace period is reached. 19835 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 19836 properties: 19837 exec: 19838 description: One and only one of the following should 19839 be specified. Exec specifies the action to take. 19840 properties: 19841 command: 19842 description: Command is the command line to execute 19843 inside the container, the working directory for 19844 the command is root ('/') in the container's 19845 filesystem. The command is simply exec'd, it is 19846 not run inside a shell, so traditional shell instructions 19847 ('|', etc) won't work. To use a shell, you need 19848 to explicitly call out to that shell. Exit status 19849 of 0 is treated as live/healthy and non-zero is 19850 unhealthy. 19851 items: 19852 type: string 19853 type: array 19854 type: object 19855 httpGet: 19856 description: HTTPGet specifies the http request to perform. 19857 properties: 19858 host: 19859 description: Host name to connect to, defaults to 19860 the pod IP. You probably want to set "Host" in 19861 httpHeaders instead. 19862 type: string 19863 httpHeaders: 19864 description: Custom headers to set in the request. 19865 HTTP allows repeated headers. 19866 items: 19867 description: HTTPHeader describes a custom header 19868 to be used in HTTP probes 19869 properties: 19870 name: 19871 description: The header field name 19872 type: string 19873 value: 19874 description: The header field value 19875 type: string 19876 required: 19877 - name 19878 - value 19879 type: object 19880 type: array 19881 path: 19882 description: Path to access on the HTTP server. 19883 type: string 19884 port: 19885 anyOf: 19886 - type: integer 19887 - type: string 19888 description: Name or number of the port to access 19889 on the container. Number must be in the range 19890 1 to 65535. Name must be an IANA_SVC_NAME. 19891 x-kubernetes-int-or-string: true 19892 scheme: 19893 description: Scheme to use for connecting to the 19894 host. Defaults to HTTP. 19895 type: string 19896 required: 19897 - port 19898 type: object 19899 tcpSocket: 19900 description: 'TCPSocket specifies an action involving 19901 a TCP port. TCP hooks not yet supported TODO: implement 19902 a realistic TCP lifecycle hook' 19903 properties: 19904 host: 19905 description: 'Optional: Host name to connect to, 19906 defaults to the pod IP.' 19907 type: string 19908 port: 19909 anyOf: 19910 - type: integer 19911 - type: string 19912 description: Number or name of the port to access 19913 on the container. Number must be in the range 19914 1 to 65535. Name must be an IANA_SVC_NAME. 19915 x-kubernetes-int-or-string: true 19916 required: 19917 - port 19918 type: object 19919 type: object 19920 type: object 19921 livenessProbe: 19922 description: 'Periodic probe of container liveness. Container 19923 will be restarted if the probe fails. Cannot be updated. More 19924 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 19925 properties: 19926 exec: 19927 description: One and only one of the following should be 19928 specified. Exec specifies the action to take. 19929 properties: 19930 command: 19931 description: Command is the command line to execute 19932 inside the container, the working directory for the 19933 command is root ('/') in the container's filesystem. 19934 The command is simply exec'd, it is not run inside 19935 a shell, so traditional shell instructions ('|', etc) 19936 won't work. To use a shell, you need to explicitly 19937 call out to that shell. Exit status of 0 is treated 19938 as live/healthy and non-zero is unhealthy. 19939 items: 19940 type: string 19941 type: array 19942 type: object 19943 failureThreshold: 19944 description: Minimum consecutive failures for the probe 19945 to be considered failed after having succeeded. Defaults 19946 to 3. Minimum value is 1. 19947 format: int32 19948 type: integer 19949 httpGet: 19950 description: HTTPGet specifies the http request to perform. 19951 properties: 19952 host: 19953 description: Host name to connect to, defaults to the 19954 pod IP. You probably want to set "Host" in httpHeaders 19955 instead. 19956 type: string 19957 httpHeaders: 19958 description: Custom headers to set in the request. HTTP 19959 allows repeated headers. 19960 items: 19961 description: HTTPHeader describes a custom header 19962 to be used in HTTP probes 19963 properties: 19964 name: 19965 description: The header field name 19966 type: string 19967 value: 19968 description: The header field value 19969 type: string 19970 required: 19971 - name 19972 - value 19973 type: object 19974 type: array 19975 path: 19976 description: Path to access on the HTTP server. 19977 type: string 19978 port: 19979 anyOf: 19980 - type: integer 19981 - type: string 19982 description: Name or number of the port to access on 19983 the container. Number must be in the range 1 to 65535. 19984 Name must be an IANA_SVC_NAME. 19985 x-kubernetes-int-or-string: true 19986 scheme: 19987 description: Scheme to use for connecting to the host. 19988 Defaults to HTTP. 19989 type: string 19990 required: 19991 - port 19992 type: object 19993 initialDelaySeconds: 19994 description: 'Number of seconds after the container has 19995 started before liveness probes are initiated. More info: 19996 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 19997 format: int32 19998 type: integer 19999 periodSeconds: 20000 description: How often (in seconds) to perform the probe. 20001 Default to 10 seconds. Minimum value is 1. 20002 format: int32 20003 type: integer 20004 successThreshold: 20005 description: Minimum consecutive successes for the probe 20006 to be considered successful after having failed. Defaults 20007 to 1. Must be 1 for liveness and startup. Minimum value 20008 is 1. 20009 format: int32 20010 type: integer 20011 tcpSocket: 20012 description: 'TCPSocket specifies an action involving a 20013 TCP port. TCP hooks not yet supported TODO: implement 20014 a realistic TCP lifecycle hook' 20015 properties: 20016 host: 20017 description: 'Optional: Host name to connect to, defaults 20018 to the pod IP.' 20019 type: string 20020 port: 20021 anyOf: 20022 - type: integer 20023 - type: string 20024 description: Number or name of the port to access on 20025 the container. Number must be in the range 1 to 65535. 20026 Name must be an IANA_SVC_NAME. 20027 x-kubernetes-int-or-string: true 20028 required: 20029 - port 20030 type: object 20031 terminationGracePeriodSeconds: 20032 description: Optional duration in seconds the pod needs 20033 to terminate gracefully upon probe failure. The grace 20034 period is the duration in seconds after the processes 20035 running in the pod are sent a termination signal and the 20036 time when the processes are forcibly halted with a kill 20037 signal. Set this value longer than the expected cleanup 20038 time for your process. If this value is nil, the pod's 20039 terminationGracePeriodSeconds will be used. Otherwise, 20040 this value overrides the value provided by the pod spec. 20041 Value must be non-negative integer. The value zero indicates 20042 stop immediately via the kill signal (no opportunity to 20043 shut down). This is a beta field and requires enabling 20044 ProbeTerminationGracePeriod feature gate. Minimum value 20045 is 1. spec.terminationGracePeriodSeconds is used if unset. 20046 format: int64 20047 type: integer 20048 timeoutSeconds: 20049 description: 'Number of seconds after which the probe times 20050 out. Defaults to 1 second. Minimum value is 1. More info: 20051 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20052 format: int32 20053 type: integer 20054 type: object 20055 name: 20056 description: Name of the container specified as a DNS_LABEL. 20057 Each container in a pod must have a unique name (DNS_LABEL). 20058 Cannot be updated. 20059 type: string 20060 ports: 20061 description: List of ports to expose from the container. Exposing 20062 a port here gives the system additional information about 20063 the network connections a container uses, but is primarily 20064 informational. Not specifying a port here DOES NOT prevent 20065 that port from being exposed. Any port which is listening 20066 on the default "0.0.0.0" address inside a container will be 20067 accessible from the network. Cannot be updated. 20068 items: 20069 description: ContainerPort represents a network port in a 20070 single container. 20071 properties: 20072 containerPort: 20073 description: Number of port to expose on the pod's IP 20074 address. This must be a valid port number, 0 < x < 65536. 20075 format: int32 20076 type: integer 20077 hostIP: 20078 description: What host IP to bind the external port to. 20079 type: string 20080 hostPort: 20081 description: Number of port to expose on the host. If 20082 specified, this must be a valid port number, 0 < x < 20083 65536. If HostNetwork is specified, this must match 20084 ContainerPort. Most containers do not need this. 20085 format: int32 20086 type: integer 20087 name: 20088 description: If specified, this must be an IANA_SVC_NAME 20089 and unique within the pod. Each named port in a pod 20090 must have a unique name. Name for the port that can 20091 be referred to by services. 20092 type: string 20093 protocol: 20094 default: TCP 20095 description: Protocol for port. Must be UDP, TCP, or SCTP. 20096 Defaults to "TCP". 20097 type: string 20098 required: 20099 - containerPort 20100 type: object 20101 type: array 20102 x-kubernetes-list-map-keys: 20103 - containerPort 20104 - protocol 20105 x-kubernetes-list-type: map 20106 readinessProbe: 20107 description: 'Periodic probe of container service readiness. 20108 Container will be removed from service endpoints if the probe 20109 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20110 properties: 20111 exec: 20112 description: One and only one of the following should be 20113 specified. Exec specifies the action to take. 20114 properties: 20115 command: 20116 description: Command is the command line to execute 20117 inside the container, the working directory for the 20118 command is root ('/') in the container's filesystem. 20119 The command is simply exec'd, it is not run inside 20120 a shell, so traditional shell instructions ('|', etc) 20121 won't work. To use a shell, you need to explicitly 20122 call out to that shell. Exit status of 0 is treated 20123 as live/healthy and non-zero is unhealthy. 20124 items: 20125 type: string 20126 type: array 20127 type: object 20128 failureThreshold: 20129 description: Minimum consecutive failures for the probe 20130 to be considered failed after having succeeded. Defaults 20131 to 3. Minimum value is 1. 20132 format: int32 20133 type: integer 20134 httpGet: 20135 description: HTTPGet specifies the http request to perform. 20136 properties: 20137 host: 20138 description: Host name to connect to, defaults to the 20139 pod IP. You probably want to set "Host" in httpHeaders 20140 instead. 20141 type: string 20142 httpHeaders: 20143 description: Custom headers to set in the request. HTTP 20144 allows repeated headers. 20145 items: 20146 description: HTTPHeader describes a custom header 20147 to be used in HTTP probes 20148 properties: 20149 name: 20150 description: The header field name 20151 type: string 20152 value: 20153 description: The header field value 20154 type: string 20155 required: 20156 - name 20157 - value 20158 type: object 20159 type: array 20160 path: 20161 description: Path to access on the HTTP server. 20162 type: string 20163 port: 20164 anyOf: 20165 - type: integer 20166 - type: string 20167 description: Name or number of the port to access on 20168 the container. Number must be in the range 1 to 65535. 20169 Name must be an IANA_SVC_NAME. 20170 x-kubernetes-int-or-string: true 20171 scheme: 20172 description: Scheme to use for connecting to the host. 20173 Defaults to HTTP. 20174 type: string 20175 required: 20176 - port 20177 type: object 20178 initialDelaySeconds: 20179 description: 'Number of seconds after the container has 20180 started before liveness probes are initiated. More info: 20181 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20182 format: int32 20183 type: integer 20184 periodSeconds: 20185 description: How often (in seconds) to perform the probe. 20186 Default to 10 seconds. Minimum value is 1. 20187 format: int32 20188 type: integer 20189 successThreshold: 20190 description: Minimum consecutive successes for the probe 20191 to be considered successful after having failed. Defaults 20192 to 1. Must be 1 for liveness and startup. Minimum value 20193 is 1. 20194 format: int32 20195 type: integer 20196 tcpSocket: 20197 description: 'TCPSocket specifies an action involving a 20198 TCP port. TCP hooks not yet supported TODO: implement 20199 a realistic TCP lifecycle hook' 20200 properties: 20201 host: 20202 description: 'Optional: Host name to connect to, defaults 20203 to the pod IP.' 20204 type: string 20205 port: 20206 anyOf: 20207 - type: integer 20208 - type: string 20209 description: Number or name of the port to access on 20210 the container. Number must be in the range 1 to 65535. 20211 Name must be an IANA_SVC_NAME. 20212 x-kubernetes-int-or-string: true 20213 required: 20214 - port 20215 type: object 20216 terminationGracePeriodSeconds: 20217 description: Optional duration in seconds the pod needs 20218 to terminate gracefully upon probe failure. The grace 20219 period is the duration in seconds after the processes 20220 running in the pod are sent a termination signal and the 20221 time when the processes are forcibly halted with a kill 20222 signal. Set this value longer than the expected cleanup 20223 time for your process. If this value is nil, the pod's 20224 terminationGracePeriodSeconds will be used. Otherwise, 20225 this value overrides the value provided by the pod spec. 20226 Value must be non-negative integer. The value zero indicates 20227 stop immediately via the kill signal (no opportunity to 20228 shut down). This is a beta field and requires enabling 20229 ProbeTerminationGracePeriod feature gate. Minimum value 20230 is 1. spec.terminationGracePeriodSeconds is used if unset. 20231 format: int64 20232 type: integer 20233 timeoutSeconds: 20234 description: 'Number of seconds after which the probe times 20235 out. Defaults to 1 second. Minimum value is 1. More info: 20236 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20237 format: int32 20238 type: integer 20239 type: object 20240 resources: 20241 description: 'Compute Resources required by this container. 20242 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20243 properties: 20244 limits: 20245 additionalProperties: 20246 anyOf: 20247 - type: integer 20248 - type: string 20249 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20250 x-kubernetes-int-or-string: true 20251 description: 'Limits describes the maximum amount of compute 20252 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20253 type: object 20254 requests: 20255 additionalProperties: 20256 anyOf: 20257 - type: integer 20258 - type: string 20259 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20260 x-kubernetes-int-or-string: true 20261 description: 'Requests describes the minimum amount of compute 20262 resources required. If Requests is omitted for a container, 20263 it defaults to Limits if that is explicitly specified, 20264 otherwise to an implementation-defined value. More info: 20265 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 20266 type: object 20267 type: object 20268 securityContext: 20269 description: 'SecurityContext defines the security options the 20270 container should be run with. If set, the fields of SecurityContext 20271 override the equivalent fields of PodSecurityContext. More 20272 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 20273 properties: 20274 allowPrivilegeEscalation: 20275 description: 'AllowPrivilegeEscalation controls whether 20276 a process can gain more privileges than its parent process. 20277 This bool directly controls if the no_new_privs flag will 20278 be set on the container process. AllowPrivilegeEscalation 20279 is true always when the container is: 1) run as Privileged 20280 2) has CAP_SYS_ADMIN' 20281 type: boolean 20282 capabilities: 20283 description: The capabilities to add/drop when running containers. 20284 Defaults to the default set of capabilities granted by 20285 the container runtime. 20286 properties: 20287 add: 20288 description: Added capabilities 20289 items: 20290 description: Capability represent POSIX capabilities 20291 type 20292 type: string 20293 type: array 20294 drop: 20295 description: Removed capabilities 20296 items: 20297 description: Capability represent POSIX capabilities 20298 type 20299 type: string 20300 type: array 20301 type: object 20302 privileged: 20303 description: Run container in privileged mode. Processes 20304 in privileged containers are essentially equivalent to 20305 root on the host. Defaults to false. 20306 type: boolean 20307 procMount: 20308 description: procMount denotes the type of proc mount to 20309 use for the containers. The default is DefaultProcMount 20310 which uses the container runtime defaults for readonly 20311 paths and masked paths. This requires the ProcMountType 20312 feature flag to be enabled. 20313 type: string 20314 readOnlyRootFilesystem: 20315 description: Whether this container has a read-only root 20316 filesystem. Default is false. 20317 type: boolean 20318 runAsGroup: 20319 description: The GID to run the entrypoint of the container 20320 process. Uses runtime default if unset. May also be set 20321 in PodSecurityContext. If set in both SecurityContext 20322 and PodSecurityContext, the value specified in SecurityContext 20323 takes precedence. 20324 format: int64 20325 type: integer 20326 runAsNonRoot: 20327 description: Indicates that the container must run as a 20328 non-root user. If true, the Kubelet will validate the 20329 image at runtime to ensure that it does not run as UID 20330 0 (root) and fail to start the container if it does. If 20331 unset or false, no such validation will be performed. 20332 May also be set in PodSecurityContext. If set in both 20333 SecurityContext and PodSecurityContext, the value specified 20334 in SecurityContext takes precedence. 20335 type: boolean 20336 runAsUser: 20337 description: The UID to run the entrypoint of the container 20338 process. Defaults to user specified in image metadata 20339 if unspecified. May also be set in PodSecurityContext. If 20340 set in both SecurityContext and PodSecurityContext, the 20341 value specified in SecurityContext takes precedence. 20342 format: int64 20343 type: integer 20344 seLinuxOptions: 20345 description: The SELinux context to be applied to the container. 20346 If unspecified, the container runtime will allocate a 20347 random SELinux context for each container. May also be 20348 set in PodSecurityContext. If set in both SecurityContext 20349 and PodSecurityContext, the value specified in SecurityContext 20350 takes precedence. 20351 properties: 20352 level: 20353 description: Level is SELinux level label that applies 20354 to the container. 20355 type: string 20356 role: 20357 description: Role is a SELinux role label that applies 20358 to the container. 20359 type: string 20360 type: 20361 description: Type is a SELinux type label that applies 20362 to the container. 20363 type: string 20364 user: 20365 description: User is a SELinux user label that applies 20366 to the container. 20367 type: string 20368 type: object 20369 seccompProfile: 20370 description: The seccomp options to use by this container. 20371 If seccomp options are provided at both the pod & container 20372 level, the container options override the pod options. 20373 properties: 20374 localhostProfile: 20375 description: localhostProfile indicates a profile defined 20376 in a file on the node should be used. The profile 20377 must be preconfigured on the node to work. Must be 20378 a descending path, relative to the kubelet's configured 20379 seccomp profile location. Must only be set if type 20380 is "Localhost". 20381 type: string 20382 type: 20383 description: "type indicates which kind of seccomp profile 20384 will be applied. Valid options are: \n Localhost - 20385 a profile defined in a file on the node should be 20386 used. RuntimeDefault - the container runtime default 20387 profile should be used. Unconfined - no profile should 20388 be applied." 20389 type: string 20390 required: 20391 - type 20392 type: object 20393 windowsOptions: 20394 description: The Windows specific settings applied to all 20395 containers. If unspecified, the options from the PodSecurityContext 20396 will be used. If set in both SecurityContext and PodSecurityContext, 20397 the value specified in SecurityContext takes precedence. 20398 properties: 20399 gmsaCredentialSpec: 20400 description: GMSACredentialSpec is where the GMSA admission 20401 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 20402 inlines the contents of the GMSA credential spec named 20403 by the GMSACredentialSpecName field. 20404 type: string 20405 gmsaCredentialSpecName: 20406 description: GMSACredentialSpecName is the name of the 20407 GMSA credential spec to use. 20408 type: string 20409 hostProcess: 20410 description: HostProcess determines if a container should 20411 be run as a 'Host Process' container. This field is 20412 alpha-level and will only be honored by components 20413 that enable the WindowsHostProcessContainers feature 20414 flag. Setting this field without the feature flag 20415 will result in errors when validating the Pod. All 20416 of a Pod's containers must have the same effective 20417 HostProcess value (it is not allowed to have a mix 20418 of HostProcess containers and non-HostProcess containers). In 20419 addition, if HostProcess is true then HostNetwork 20420 must also be set to true. 20421 type: boolean 20422 runAsUserName: 20423 description: The UserName in Windows to run the entrypoint 20424 of the container process. Defaults to the user specified 20425 in image metadata if unspecified. May also be set 20426 in PodSecurityContext. If set in both SecurityContext 20427 and PodSecurityContext, the value specified in SecurityContext 20428 takes precedence. 20429 type: string 20430 type: object 20431 type: object 20432 startupProbe: 20433 description: 'StartupProbe indicates that the Pod has successfully 20434 initialized. If specified, no other probes are executed until 20435 this completes successfully. If this probe fails, the Pod 20436 will be restarted, just as if the livenessProbe failed. This 20437 can be used to provide different probe parameters at the beginning 20438 of a Pod''s lifecycle, when it might take a long time to load 20439 data or warm a cache, than during steady-state operation. 20440 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20441 properties: 20442 exec: 20443 description: One and only one of the following should be 20444 specified. Exec specifies the action to take. 20445 properties: 20446 command: 20447 description: Command is the command line to execute 20448 inside the container, the working directory for the 20449 command is root ('/') in the container's filesystem. 20450 The command is simply exec'd, it is not run inside 20451 a shell, so traditional shell instructions ('|', etc) 20452 won't work. To use a shell, you need to explicitly 20453 call out to that shell. Exit status of 0 is treated 20454 as live/healthy and non-zero is unhealthy. 20455 items: 20456 type: string 20457 type: array 20458 type: object 20459 failureThreshold: 20460 description: Minimum consecutive failures for the probe 20461 to be considered failed after having succeeded. Defaults 20462 to 3. Minimum value is 1. 20463 format: int32 20464 type: integer 20465 httpGet: 20466 description: HTTPGet specifies the http request to perform. 20467 properties: 20468 host: 20469 description: Host name to connect to, defaults to the 20470 pod IP. You probably want to set "Host" in httpHeaders 20471 instead. 20472 type: string 20473 httpHeaders: 20474 description: Custom headers to set in the request. HTTP 20475 allows repeated headers. 20476 items: 20477 description: HTTPHeader describes a custom header 20478 to be used in HTTP probes 20479 properties: 20480 name: 20481 description: The header field name 20482 type: string 20483 value: 20484 description: The header field value 20485 type: string 20486 required: 20487 - name 20488 - value 20489 type: object 20490 type: array 20491 path: 20492 description: Path to access on the HTTP server. 20493 type: string 20494 port: 20495 anyOf: 20496 - type: integer 20497 - type: string 20498 description: Name or number of the port to access on 20499 the container. Number must be in the range 1 to 65535. 20500 Name must be an IANA_SVC_NAME. 20501 x-kubernetes-int-or-string: true 20502 scheme: 20503 description: Scheme to use for connecting to the host. 20504 Defaults to HTTP. 20505 type: string 20506 required: 20507 - port 20508 type: object 20509 initialDelaySeconds: 20510 description: 'Number of seconds after the container has 20511 started before liveness probes are initiated. More info: 20512 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20513 format: int32 20514 type: integer 20515 periodSeconds: 20516 description: How often (in seconds) to perform the probe. 20517 Default to 10 seconds. Minimum value is 1. 20518 format: int32 20519 type: integer 20520 successThreshold: 20521 description: Minimum consecutive successes for the probe 20522 to be considered successful after having failed. Defaults 20523 to 1. Must be 1 for liveness and startup. Minimum value 20524 is 1. 20525 format: int32 20526 type: integer 20527 tcpSocket: 20528 description: 'TCPSocket specifies an action involving a 20529 TCP port. TCP hooks not yet supported TODO: implement 20530 a realistic TCP lifecycle hook' 20531 properties: 20532 host: 20533 description: 'Optional: Host name to connect to, defaults 20534 to the pod IP.' 20535 type: string 20536 port: 20537 anyOf: 20538 - type: integer 20539 - type: string 20540 description: Number or name of the port to access on 20541 the container. Number must be in the range 1 to 65535. 20542 Name must be an IANA_SVC_NAME. 20543 x-kubernetes-int-or-string: true 20544 required: 20545 - port 20546 type: object 20547 terminationGracePeriodSeconds: 20548 description: Optional duration in seconds the pod needs 20549 to terminate gracefully upon probe failure. The grace 20550 period is the duration in seconds after the processes 20551 running in the pod are sent a termination signal and the 20552 time when the processes are forcibly halted with a kill 20553 signal. Set this value longer than the expected cleanup 20554 time for your process. If this value is nil, the pod's 20555 terminationGracePeriodSeconds will be used. Otherwise, 20556 this value overrides the value provided by the pod spec. 20557 Value must be non-negative integer. The value zero indicates 20558 stop immediately via the kill signal (no opportunity to 20559 shut down). This is a beta field and requires enabling 20560 ProbeTerminationGracePeriod feature gate. Minimum value 20561 is 1. spec.terminationGracePeriodSeconds is used if unset. 20562 format: int64 20563 type: integer 20564 timeoutSeconds: 20565 description: 'Number of seconds after which the probe times 20566 out. Defaults to 1 second. Minimum value is 1. More info: 20567 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 20568 format: int32 20569 type: integer 20570 type: object 20571 stdin: 20572 description: Whether this container should allocate a buffer 20573 for stdin in the container runtime. If this is not set, reads 20574 from stdin in the container will always result in EOF. Default 20575 is false. 20576 type: boolean 20577 stdinOnce: 20578 description: Whether the container runtime should close the 20579 stdin channel after it has been opened by a single attach. 20580 When stdin is true the stdin stream will remain open across 20581 multiple attach sessions. If stdinOnce is set to true, stdin 20582 is opened on container start, is empty until the first client 20583 attaches to stdin, and then remains open and accepts data 20584 until the client disconnects, at which time stdin is closed 20585 and remains closed until the container is restarted. If this 20586 flag is false, a container processes that reads from stdin 20587 will never receive an EOF. Default is false 20588 type: boolean 20589 terminationMessagePath: 20590 description: 'Optional: Path at which the file to which the 20591 container''s termination message will be written is mounted 20592 into the container''s filesystem. Message written is intended 20593 to be brief final status, such as an assertion failure message. 20594 Will be truncated by the node if greater than 4096 bytes. 20595 The total message length across all containers will be limited 20596 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 20597 type: string 20598 terminationMessagePolicy: 20599 description: Indicate how the termination message should be 20600 populated. File will use the contents of terminationMessagePath 20601 to populate the container status message on both success and 20602 failure. FallbackToLogsOnError will use the last chunk of 20603 container log output if the termination message file is empty 20604 and the container exited with an error. The log output is 20605 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 20606 to File. Cannot be updated. 20607 type: string 20608 tty: 20609 description: Whether this container should allocate a TTY for 20610 itself, also requires 'stdin' to be true. Default is false. 20611 type: boolean 20612 volumeDevices: 20613 description: volumeDevices is the list of block devices to be 20614 used by the container. 20615 items: 20616 description: volumeDevice describes a mapping of a raw block 20617 device within a container. 20618 properties: 20619 devicePath: 20620 description: devicePath is the path inside of the container 20621 that the device will be mapped to. 20622 type: string 20623 name: 20624 description: name must match the name of a persistentVolumeClaim 20625 in the pod 20626 type: string 20627 required: 20628 - devicePath 20629 - name 20630 type: object 20631 type: array 20632 volumeMounts: 20633 description: Pod volumes to mount into the container's filesystem. 20634 Cannot be updated. 20635 items: 20636 description: VolumeMount describes a mounting of a Volume 20637 within a container. 20638 properties: 20639 mountPath: 20640 description: Path within the container at which the volume 20641 should be mounted. Must not contain ':'. 20642 type: string 20643 mountPropagation: 20644 description: mountPropagation determines how mounts are 20645 propagated from the host to container and the other 20646 way around. When not set, MountPropagationNone is used. 20647 This field is beta in 1.10. 20648 type: string 20649 name: 20650 description: This must match the Name of a Volume. 20651 type: string 20652 readOnly: 20653 description: Mounted read-only if true, read-write otherwise 20654 (false or unspecified). Defaults to false. 20655 type: boolean 20656 subPath: 20657 description: Path within the volume from which the container's 20658 volume should be mounted. Defaults to "" (volume's root). 20659 type: string 20660 subPathExpr: 20661 description: Expanded path within the volume from which 20662 the container's volume should be mounted. Behaves similarly 20663 to SubPath but environment variable references $(VAR_NAME) 20664 are expanded using the container's environment. Defaults 20665 to "" (volume's root). SubPathExpr and SubPath are mutually 20666 exclusive. 20667 type: string 20668 required: 20669 - mountPath 20670 - name 20671 type: object 20672 type: array 20673 workingDir: 20674 description: Container's working directory. If not specified, 20675 the container runtime's default will be used, which might 20676 be configured in the container image. Cannot be updated. 20677 type: string 20678 required: 20679 - name 20680 type: object 20681 type: array 20682 enforcedNamespaceLabel: 20683 description: EnforcedNamespaceLabel enforces adding a namespace label 20684 of origin for each alert and metric that is user created. The label 20685 value will always be the namespace of the object that is being created. 20686 type: string 20687 evaluationInterval: 20688 description: Interval between consecutive evaluations. 20689 type: string 20690 externalPrefix: 20691 description: The external URL the Thanos Ruler instances will be available 20692 under. This is necessary to generate correct URLs. This is necessary 20693 if Thanos Ruler is not served from root of a DNS name. 20694 type: string 20695 grpcServerTlsConfig: 20696 description: 'GRPCServerTLSConfig configures the gRPC server from 20697 which Thanos Querier reads recorded rule data. Note: Currently only 20698 the CAFile, CertFile, and KeyFile fields are supported. Maps to 20699 the ''--grpc-server-tls-*'' CLI args.' 20700 properties: 20701 ca: 20702 description: Struct containing the CA cert to use for the targets. 20703 properties: 20704 configMap: 20705 description: ConfigMap containing data to use for the targets. 20706 properties: 20707 key: 20708 description: The key to select. 20709 type: string 20710 name: 20711 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20712 TODO: Add other useful fields. apiVersion, kind, uid?' 20713 type: string 20714 optional: 20715 description: Specify whether the ConfigMap or its key 20716 must be defined 20717 type: boolean 20718 required: 20719 - key 20720 type: object 20721 secret: 20722 description: Secret containing data to use for the targets. 20723 properties: 20724 key: 20725 description: The key of the secret to select from. Must 20726 be a valid secret key. 20727 type: string 20728 name: 20729 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20730 TODO: Add other useful fields. apiVersion, kind, uid?' 20731 type: string 20732 optional: 20733 description: Specify whether the Secret or its key must 20734 be defined 20735 type: boolean 20736 required: 20737 - key 20738 type: object 20739 type: object 20740 caFile: 20741 description: Path to the CA cert in the Prometheus container to 20742 use for the targets. 20743 type: string 20744 cert: 20745 description: Struct containing the client cert file for the targets. 20746 properties: 20747 configMap: 20748 description: ConfigMap containing data to use for the targets. 20749 properties: 20750 key: 20751 description: The key to select. 20752 type: string 20753 name: 20754 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20755 TODO: Add other useful fields. apiVersion, kind, uid?' 20756 type: string 20757 optional: 20758 description: Specify whether the ConfigMap or its key 20759 must be defined 20760 type: boolean 20761 required: 20762 - key 20763 type: object 20764 secret: 20765 description: Secret containing data to use for the targets. 20766 properties: 20767 key: 20768 description: The key of the secret to select from. Must 20769 be a valid secret key. 20770 type: string 20771 name: 20772 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20773 TODO: Add other useful fields. apiVersion, kind, uid?' 20774 type: string 20775 optional: 20776 description: Specify whether the Secret or its key must 20777 be defined 20778 type: boolean 20779 required: 20780 - key 20781 type: object 20782 type: object 20783 certFile: 20784 description: Path to the client cert file in the Prometheus container 20785 for the targets. 20786 type: string 20787 insecureSkipVerify: 20788 description: Disable target certificate validation. 20789 type: boolean 20790 keyFile: 20791 description: Path to the client key file in the Prometheus container 20792 for the targets. 20793 type: string 20794 keySecret: 20795 description: Secret containing the client key file for the targets. 20796 properties: 20797 key: 20798 description: The key of the secret to select from. Must be 20799 a valid secret key. 20800 type: string 20801 name: 20802 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20803 TODO: Add other useful fields. apiVersion, kind, uid?' 20804 type: string 20805 optional: 20806 description: Specify whether the Secret or its key must be 20807 defined 20808 type: boolean 20809 required: 20810 - key 20811 type: object 20812 serverName: 20813 description: Used to verify the hostname for the targets. 20814 type: string 20815 type: object 20816 image: 20817 description: Thanos container image URL. 20818 type: string 20819 imagePullSecrets: 20820 description: An optional list of references to secrets in the same 20821 namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod 20822 items: 20823 description: LocalObjectReference contains enough information to 20824 let you locate the referenced object inside the same namespace. 20825 properties: 20826 name: 20827 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20828 TODO: Add other useful fields. apiVersion, kind, uid?' 20829 type: string 20830 type: object 20831 type: array 20832 initContainers: 20833 description: 'InitContainers allows adding initContainers to the pod 20834 definition. Those can be used to e.g. fetch secrets for injection 20835 into the ThanosRuler configuration from external sources. Any errors 20836 during the execution of an initContainer will lead to a restart 20837 of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ 20838 Using initContainers for any use case other then secret fetching 20839 is entirely outside the scope of what the maintainers will support 20840 and by doing so, you accept that this behaviour may break at any 20841 time without notice.' 20842 items: 20843 description: A single application container that you want to run 20844 within a pod. 20845 properties: 20846 args: 20847 description: 'Arguments to the entrypoint. The docker image''s 20848 CMD is used if this is not provided. Variable references $(VAR_NAME) 20849 are expanded using the container''s environment. If a variable 20850 cannot be resolved, the reference in the input string will 20851 be unchanged. Double $$ are reduced to a single $, which allows 20852 for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will 20853 produce the string literal "$(VAR_NAME)". Escaped references 20854 will never be expanded, regardless of whether the variable 20855 exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 20856 items: 20857 type: string 20858 type: array 20859 command: 20860 description: 'Entrypoint array. Not executed within a shell. 20861 The docker image''s ENTRYPOINT is used if this is not provided. 20862 Variable references $(VAR_NAME) are expanded using the container''s 20863 environment. If a variable cannot be resolved, the reference 20864 in the input string will be unchanged. Double $$ are reduced 20865 to a single $, which allows for escaping the $(VAR_NAME) syntax: 20866 i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". 20867 Escaped references will never be expanded, regardless of whether 20868 the variable exists or not. Cannot be updated. More info: 20869 https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' 20870 items: 20871 type: string 20872 type: array 20873 env: 20874 description: List of environment variables to set in the container. 20875 Cannot be updated. 20876 items: 20877 description: EnvVar represents an environment variable present 20878 in a Container. 20879 properties: 20880 name: 20881 description: Name of the environment variable. Must be 20882 a C_IDENTIFIER. 20883 type: string 20884 value: 20885 description: 'Variable references $(VAR_NAME) are expanded 20886 using the previously defined environment variables in 20887 the container and any service environment variables. 20888 If a variable cannot be resolved, the reference in the 20889 input string will be unchanged. Double $$ are reduced 20890 to a single $, which allows for escaping the $(VAR_NAME) 20891 syntax: i.e. "$$(VAR_NAME)" will produce the string 20892 literal "$(VAR_NAME)". Escaped references will never 20893 be expanded, regardless of whether the variable exists 20894 or not. Defaults to "".' 20895 type: string 20896 valueFrom: 20897 description: Source for the environment variable's value. 20898 Cannot be used if value is not empty. 20899 properties: 20900 configMapKeyRef: 20901 description: Selects a key of a ConfigMap. 20902 properties: 20903 key: 20904 description: The key to select. 20905 type: string 20906 name: 20907 description: 'Name of the referent. More info: 20908 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20909 TODO: Add other useful fields. apiVersion, kind, 20910 uid?' 20911 type: string 20912 optional: 20913 description: Specify whether the ConfigMap or 20914 its key must be defined 20915 type: boolean 20916 required: 20917 - key 20918 type: object 20919 fieldRef: 20920 description: 'Selects a field of the pod: supports 20921 metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, 20922 `metadata.annotations[''<KEY>'']`, spec.nodeName, 20923 spec.serviceAccountName, status.hostIP, status.podIP, 20924 status.podIPs.' 20925 properties: 20926 apiVersion: 20927 description: Version of the schema the FieldPath 20928 is written in terms of, defaults to "v1". 20929 type: string 20930 fieldPath: 20931 description: Path of the field to select in the 20932 specified API version. 20933 type: string 20934 required: 20935 - fieldPath 20936 type: object 20937 resourceFieldRef: 20938 description: 'Selects a resource of the container: 20939 only resources limits and requests (limits.cpu, 20940 limits.memory, limits.ephemeral-storage, requests.cpu, 20941 requests.memory and requests.ephemeral-storage) 20942 are currently supported.' 20943 properties: 20944 containerName: 20945 description: 'Container name: required for volumes, 20946 optional for env vars' 20947 type: string 20948 divisor: 20949 anyOf: 20950 - type: integer 20951 - type: string 20952 description: Specifies the output format of the 20953 exposed resources, defaults to "1" 20954 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 20955 x-kubernetes-int-or-string: true 20956 resource: 20957 description: 'Required: resource to select' 20958 type: string 20959 required: 20960 - resource 20961 type: object 20962 secretKeyRef: 20963 description: Selects a key of a secret in the pod's 20964 namespace 20965 properties: 20966 key: 20967 description: The key of the secret to select from. Must 20968 be a valid secret key. 20969 type: string 20970 name: 20971 description: 'Name of the referent. More info: 20972 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20973 TODO: Add other useful fields. apiVersion, kind, 20974 uid?' 20975 type: string 20976 optional: 20977 description: Specify whether the Secret or its 20978 key must be defined 20979 type: boolean 20980 required: 20981 - key 20982 type: object 20983 type: object 20984 required: 20985 - name 20986 type: object 20987 type: array 20988 envFrom: 20989 description: List of sources to populate environment variables 20990 in the container. The keys defined within a source must be 20991 a C_IDENTIFIER. All invalid keys will be reported as an event 20992 when the container is starting. When a key exists in multiple 20993 sources, the value associated with the last source will take 20994 precedence. Values defined by an Env with a duplicate key 20995 will take precedence. Cannot be updated. 20996 items: 20997 description: EnvFromSource represents the source of a set 20998 of ConfigMaps 20999 properties: 21000 configMapRef: 21001 description: The ConfigMap to select from 21002 properties: 21003 name: 21004 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21005 TODO: Add other useful fields. apiVersion, kind, 21006 uid?' 21007 type: string 21008 optional: 21009 description: Specify whether the ConfigMap must be 21010 defined 21011 type: boolean 21012 type: object 21013 prefix: 21014 description: An optional identifier to prepend to each 21015 key in the ConfigMap. Must be a C_IDENTIFIER. 21016 type: string 21017 secretRef: 21018 description: The Secret to select from 21019 properties: 21020 name: 21021 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21022 TODO: Add other useful fields. apiVersion, kind, 21023 uid?' 21024 type: string 21025 optional: 21026 description: Specify whether the Secret must be defined 21027 type: boolean 21028 type: object 21029 type: object 21030 type: array 21031 image: 21032 description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21033 This field is optional to allow higher level config management 21034 to default or override container images in workload controllers 21035 like Deployments and StatefulSets.' 21036 type: string 21037 imagePullPolicy: 21038 description: 'Image pull policy. One of Always, Never, IfNotPresent. 21039 Defaults to Always if :latest tag is specified, or IfNotPresent 21040 otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' 21041 type: string 21042 lifecycle: 21043 description: Actions that the management system should take 21044 in response to container lifecycle events. Cannot be updated. 21045 properties: 21046 postStart: 21047 description: 'PostStart is called immediately after a container 21048 is created. If the handler fails, the container is terminated 21049 and restarted according to its restart policy. Other management 21050 of the container blocks until the hook completes. More 21051 info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 21052 properties: 21053 exec: 21054 description: One and only one of the following should 21055 be specified. Exec specifies the action to take. 21056 properties: 21057 command: 21058 description: Command is the command line to execute 21059 inside the container, the working directory for 21060 the command is root ('/') in the container's 21061 filesystem. The command is simply exec'd, it is 21062 not run inside a shell, so traditional shell instructions 21063 ('|', etc) won't work. To use a shell, you need 21064 to explicitly call out to that shell. Exit status 21065 of 0 is treated as live/healthy and non-zero is 21066 unhealthy. 21067 items: 21068 type: string 21069 type: array 21070 type: object 21071 httpGet: 21072 description: HTTPGet specifies the http request to perform. 21073 properties: 21074 host: 21075 description: Host name to connect to, defaults to 21076 the pod IP. You probably want to set "Host" in 21077 httpHeaders instead. 21078 type: string 21079 httpHeaders: 21080 description: Custom headers to set in the request. 21081 HTTP allows repeated headers. 21082 items: 21083 description: HTTPHeader describes a custom header 21084 to be used in HTTP probes 21085 properties: 21086 name: 21087 description: The header field name 21088 type: string 21089 value: 21090 description: The header field value 21091 type: string 21092 required: 21093 - name 21094 - value 21095 type: object 21096 type: array 21097 path: 21098 description: Path to access on the HTTP server. 21099 type: string 21100 port: 21101 anyOf: 21102 - type: integer 21103 - type: string 21104 description: Name or number of the port to access 21105 on the container. Number must be in the range 21106 1 to 65535. Name must be an IANA_SVC_NAME. 21107 x-kubernetes-int-or-string: true 21108 scheme: 21109 description: Scheme to use for connecting to the 21110 host. Defaults to HTTP. 21111 type: string 21112 required: 21113 - port 21114 type: object 21115 tcpSocket: 21116 description: 'TCPSocket specifies an action involving 21117 a TCP port. TCP hooks not yet supported TODO: implement 21118 a realistic TCP lifecycle hook' 21119 properties: 21120 host: 21121 description: 'Optional: Host name to connect to, 21122 defaults to the pod IP.' 21123 type: string 21124 port: 21125 anyOf: 21126 - type: integer 21127 - type: string 21128 description: Number or name of the port to access 21129 on the container. Number must be in the range 21130 1 to 65535. Name must be an IANA_SVC_NAME. 21131 x-kubernetes-int-or-string: true 21132 required: 21133 - port 21134 type: object 21135 type: object 21136 preStop: 21137 description: 'PreStop is called immediately before a container 21138 is terminated due to an API request or management event 21139 such as liveness/startup probe failure, preemption, resource 21140 contention, etc. The handler is not called if the container 21141 crashes or exits. The reason for termination is passed 21142 to the handler. The Pod''s termination grace period countdown 21143 begins before the PreStop hooked is executed. Regardless 21144 of the outcome of the handler, the container will eventually 21145 terminate within the Pod''s termination grace period. 21146 Other management of the container blocks until the hook 21147 completes or until the termination grace period is reached. 21148 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' 21149 properties: 21150 exec: 21151 description: One and only one of the following should 21152 be specified. Exec specifies the action to take. 21153 properties: 21154 command: 21155 description: Command is the command line to execute 21156 inside the container, the working directory for 21157 the command is root ('/') in the container's 21158 filesystem. The command is simply exec'd, it is 21159 not run inside a shell, so traditional shell instructions 21160 ('|', etc) won't work. To use a shell, you need 21161 to explicitly call out to that shell. Exit status 21162 of 0 is treated as live/healthy and non-zero is 21163 unhealthy. 21164 items: 21165 type: string 21166 type: array 21167 type: object 21168 httpGet: 21169 description: HTTPGet specifies the http request to perform. 21170 properties: 21171 host: 21172 description: Host name to connect to, defaults to 21173 the pod IP. You probably want to set "Host" in 21174 httpHeaders instead. 21175 type: string 21176 httpHeaders: 21177 description: Custom headers to set in the request. 21178 HTTP allows repeated headers. 21179 items: 21180 description: HTTPHeader describes a custom header 21181 to be used in HTTP probes 21182 properties: 21183 name: 21184 description: The header field name 21185 type: string 21186 value: 21187 description: The header field value 21188 type: string 21189 required: 21190 - name 21191 - value 21192 type: object 21193 type: array 21194 path: 21195 description: Path to access on the HTTP server. 21196 type: string 21197 port: 21198 anyOf: 21199 - type: integer 21200 - type: string 21201 description: Name or number of the port to access 21202 on the container. Number must be in the range 21203 1 to 65535. Name must be an IANA_SVC_NAME. 21204 x-kubernetes-int-or-string: true 21205 scheme: 21206 description: Scheme to use for connecting to the 21207 host. Defaults to HTTP. 21208 type: string 21209 required: 21210 - port 21211 type: object 21212 tcpSocket: 21213 description: 'TCPSocket specifies an action involving 21214 a TCP port. TCP hooks not yet supported TODO: implement 21215 a realistic TCP lifecycle hook' 21216 properties: 21217 host: 21218 description: 'Optional: Host name to connect to, 21219 defaults to the pod IP.' 21220 type: string 21221 port: 21222 anyOf: 21223 - type: integer 21224 - type: string 21225 description: Number or name of the port to access 21226 on the container. Number must be in the range 21227 1 to 65535. Name must be an IANA_SVC_NAME. 21228 x-kubernetes-int-or-string: true 21229 required: 21230 - port 21231 type: object 21232 type: object 21233 type: object 21234 livenessProbe: 21235 description: 'Periodic probe of container liveness. Container 21236 will be restarted if the probe fails. Cannot be updated. More 21237 info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21238 properties: 21239 exec: 21240 description: One and only one of the following should be 21241 specified. Exec specifies the action to take. 21242 properties: 21243 command: 21244 description: Command is the command line to execute 21245 inside the container, the working directory for the 21246 command is root ('/') in the container's filesystem. 21247 The command is simply exec'd, it is not run inside 21248 a shell, so traditional shell instructions ('|', etc) 21249 won't work. To use a shell, you need to explicitly 21250 call out to that shell. Exit status of 0 is treated 21251 as live/healthy and non-zero is unhealthy. 21252 items: 21253 type: string 21254 type: array 21255 type: object 21256 failureThreshold: 21257 description: Minimum consecutive failures for the probe 21258 to be considered failed after having succeeded. Defaults 21259 to 3. Minimum value is 1. 21260 format: int32 21261 type: integer 21262 httpGet: 21263 description: HTTPGet specifies the http request to perform. 21264 properties: 21265 host: 21266 description: Host name to connect to, defaults to the 21267 pod IP. You probably want to set "Host" in httpHeaders 21268 instead. 21269 type: string 21270 httpHeaders: 21271 description: Custom headers to set in the request. HTTP 21272 allows repeated headers. 21273 items: 21274 description: HTTPHeader describes a custom header 21275 to be used in HTTP probes 21276 properties: 21277 name: 21278 description: The header field name 21279 type: string 21280 value: 21281 description: The header field value 21282 type: string 21283 required: 21284 - name 21285 - value 21286 type: object 21287 type: array 21288 path: 21289 description: Path to access on the HTTP server. 21290 type: string 21291 port: 21292 anyOf: 21293 - type: integer 21294 - type: string 21295 description: Name or number of the port to access on 21296 the container. Number must be in the range 1 to 65535. 21297 Name must be an IANA_SVC_NAME. 21298 x-kubernetes-int-or-string: true 21299 scheme: 21300 description: Scheme to use for connecting to the host. 21301 Defaults to HTTP. 21302 type: string 21303 required: 21304 - port 21305 type: object 21306 initialDelaySeconds: 21307 description: 'Number of seconds after the container has 21308 started before liveness probes are initiated. More info: 21309 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21310 format: int32 21311 type: integer 21312 periodSeconds: 21313 description: How often (in seconds) to perform the probe. 21314 Default to 10 seconds. Minimum value is 1. 21315 format: int32 21316 type: integer 21317 successThreshold: 21318 description: Minimum consecutive successes for the probe 21319 to be considered successful after having failed. Defaults 21320 to 1. Must be 1 for liveness and startup. Minimum value 21321 is 1. 21322 format: int32 21323 type: integer 21324 tcpSocket: 21325 description: 'TCPSocket specifies an action involving a 21326 TCP port. TCP hooks not yet supported TODO: implement 21327 a realistic TCP lifecycle hook' 21328 properties: 21329 host: 21330 description: 'Optional: Host name to connect to, defaults 21331 to the pod IP.' 21332 type: string 21333 port: 21334 anyOf: 21335 - type: integer 21336 - type: string 21337 description: Number or name of the port to access on 21338 the container. Number must be in the range 1 to 65535. 21339 Name must be an IANA_SVC_NAME. 21340 x-kubernetes-int-or-string: true 21341 required: 21342 - port 21343 type: object 21344 terminationGracePeriodSeconds: 21345 description: Optional duration in seconds the pod needs 21346 to terminate gracefully upon probe failure. The grace 21347 period is the duration in seconds after the processes 21348 running in the pod are sent a termination signal and the 21349 time when the processes are forcibly halted with a kill 21350 signal. Set this value longer than the expected cleanup 21351 time for your process. If this value is nil, the pod's 21352 terminationGracePeriodSeconds will be used. Otherwise, 21353 this value overrides the value provided by the pod spec. 21354 Value must be non-negative integer. The value zero indicates 21355 stop immediately via the kill signal (no opportunity to 21356 shut down). This is a beta field and requires enabling 21357 ProbeTerminationGracePeriod feature gate. Minimum value 21358 is 1. spec.terminationGracePeriodSeconds is used if unset. 21359 format: int64 21360 type: integer 21361 timeoutSeconds: 21362 description: 'Number of seconds after which the probe times 21363 out. Defaults to 1 second. Minimum value is 1. More info: 21364 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21365 format: int32 21366 type: integer 21367 type: object 21368 name: 21369 description: Name of the container specified as a DNS_LABEL. 21370 Each container in a pod must have a unique name (DNS_LABEL). 21371 Cannot be updated. 21372 type: string 21373 ports: 21374 description: List of ports to expose from the container. Exposing 21375 a port here gives the system additional information about 21376 the network connections a container uses, but is primarily 21377 informational. Not specifying a port here DOES NOT prevent 21378 that port from being exposed. Any port which is listening 21379 on the default "0.0.0.0" address inside a container will be 21380 accessible from the network. Cannot be updated. 21381 items: 21382 description: ContainerPort represents a network port in a 21383 single container. 21384 properties: 21385 containerPort: 21386 description: Number of port to expose on the pod's IP 21387 address. This must be a valid port number, 0 < x < 65536. 21388 format: int32 21389 type: integer 21390 hostIP: 21391 description: What host IP to bind the external port to. 21392 type: string 21393 hostPort: 21394 description: Number of port to expose on the host. If 21395 specified, this must be a valid port number, 0 < x < 21396 65536. If HostNetwork is specified, this must match 21397 ContainerPort. Most containers do not need this. 21398 format: int32 21399 type: integer 21400 name: 21401 description: If specified, this must be an IANA_SVC_NAME 21402 and unique within the pod. Each named port in a pod 21403 must have a unique name. Name for the port that can 21404 be referred to by services. 21405 type: string 21406 protocol: 21407 default: TCP 21408 description: Protocol for port. Must be UDP, TCP, or SCTP. 21409 Defaults to "TCP". 21410 type: string 21411 required: 21412 - containerPort 21413 type: object 21414 type: array 21415 x-kubernetes-list-map-keys: 21416 - containerPort 21417 - protocol 21418 x-kubernetes-list-type: map 21419 readinessProbe: 21420 description: 'Periodic probe of container service readiness. 21421 Container will be removed from service endpoints if the probe 21422 fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21423 properties: 21424 exec: 21425 description: One and only one of the following should be 21426 specified. Exec specifies the action to take. 21427 properties: 21428 command: 21429 description: Command is the command line to execute 21430 inside the container, the working directory for the 21431 command is root ('/') in the container's filesystem. 21432 The command is simply exec'd, it is not run inside 21433 a shell, so traditional shell instructions ('|', etc) 21434 won't work. To use a shell, you need to explicitly 21435 call out to that shell. Exit status of 0 is treated 21436 as live/healthy and non-zero is unhealthy. 21437 items: 21438 type: string 21439 type: array 21440 type: object 21441 failureThreshold: 21442 description: Minimum consecutive failures for the probe 21443 to be considered failed after having succeeded. Defaults 21444 to 3. Minimum value is 1. 21445 format: int32 21446 type: integer 21447 httpGet: 21448 description: HTTPGet specifies the http request to perform. 21449 properties: 21450 host: 21451 description: Host name to connect to, defaults to the 21452 pod IP. You probably want to set "Host" in httpHeaders 21453 instead. 21454 type: string 21455 httpHeaders: 21456 description: Custom headers to set in the request. HTTP 21457 allows repeated headers. 21458 items: 21459 description: HTTPHeader describes a custom header 21460 to be used in HTTP probes 21461 properties: 21462 name: 21463 description: The header field name 21464 type: string 21465 value: 21466 description: The header field value 21467 type: string 21468 required: 21469 - name 21470 - value 21471 type: object 21472 type: array 21473 path: 21474 description: Path to access on the HTTP server. 21475 type: string 21476 port: 21477 anyOf: 21478 - type: integer 21479 - type: string 21480 description: Name or number of the port to access on 21481 the container. Number must be in the range 1 to 65535. 21482 Name must be an IANA_SVC_NAME. 21483 x-kubernetes-int-or-string: true 21484 scheme: 21485 description: Scheme to use for connecting to the host. 21486 Defaults to HTTP. 21487 type: string 21488 required: 21489 - port 21490 type: object 21491 initialDelaySeconds: 21492 description: 'Number of seconds after the container has 21493 started before liveness probes are initiated. More info: 21494 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21495 format: int32 21496 type: integer 21497 periodSeconds: 21498 description: How often (in seconds) to perform the probe. 21499 Default to 10 seconds. Minimum value is 1. 21500 format: int32 21501 type: integer 21502 successThreshold: 21503 description: Minimum consecutive successes for the probe 21504 to be considered successful after having failed. Defaults 21505 to 1. Must be 1 for liveness and startup. Minimum value 21506 is 1. 21507 format: int32 21508 type: integer 21509 tcpSocket: 21510 description: 'TCPSocket specifies an action involving a 21511 TCP port. TCP hooks not yet supported TODO: implement 21512 a realistic TCP lifecycle hook' 21513 properties: 21514 host: 21515 description: 'Optional: Host name to connect to, defaults 21516 to the pod IP.' 21517 type: string 21518 port: 21519 anyOf: 21520 - type: integer 21521 - type: string 21522 description: Number or name of the port to access on 21523 the container. Number must be in the range 1 to 65535. 21524 Name must be an IANA_SVC_NAME. 21525 x-kubernetes-int-or-string: true 21526 required: 21527 - port 21528 type: object 21529 terminationGracePeriodSeconds: 21530 description: Optional duration in seconds the pod needs 21531 to terminate gracefully upon probe failure. The grace 21532 period is the duration in seconds after the processes 21533 running in the pod are sent a termination signal and the 21534 time when the processes are forcibly halted with a kill 21535 signal. Set this value longer than the expected cleanup 21536 time for your process. If this value is nil, the pod's 21537 terminationGracePeriodSeconds will be used. Otherwise, 21538 this value overrides the value provided by the pod spec. 21539 Value must be non-negative integer. The value zero indicates 21540 stop immediately via the kill signal (no opportunity to 21541 shut down). This is a beta field and requires enabling 21542 ProbeTerminationGracePeriod feature gate. Minimum value 21543 is 1. spec.terminationGracePeriodSeconds is used if unset. 21544 format: int64 21545 type: integer 21546 timeoutSeconds: 21547 description: 'Number of seconds after which the probe times 21548 out. Defaults to 1 second. Minimum value is 1. More info: 21549 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21550 format: int32 21551 type: integer 21552 type: object 21553 resources: 21554 description: 'Compute Resources required by this container. 21555 Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 21556 properties: 21557 limits: 21558 additionalProperties: 21559 anyOf: 21560 - type: integer 21561 - type: string 21562 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 21563 x-kubernetes-int-or-string: true 21564 description: 'Limits describes the maximum amount of compute 21565 resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 21566 type: object 21567 requests: 21568 additionalProperties: 21569 anyOf: 21570 - type: integer 21571 - type: string 21572 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 21573 x-kubernetes-int-or-string: true 21574 description: 'Requests describes the minimum amount of compute 21575 resources required. If Requests is omitted for a container, 21576 it defaults to Limits if that is explicitly specified, 21577 otherwise to an implementation-defined value. More info: 21578 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 21579 type: object 21580 type: object 21581 securityContext: 21582 description: 'SecurityContext defines the security options the 21583 container should be run with. If set, the fields of SecurityContext 21584 override the equivalent fields of PodSecurityContext. More 21585 info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' 21586 properties: 21587 allowPrivilegeEscalation: 21588 description: 'AllowPrivilegeEscalation controls whether 21589 a process can gain more privileges than its parent process. 21590 This bool directly controls if the no_new_privs flag will 21591 be set on the container process. AllowPrivilegeEscalation 21592 is true always when the container is: 1) run as Privileged 21593 2) has CAP_SYS_ADMIN' 21594 type: boolean 21595 capabilities: 21596 description: The capabilities to add/drop when running containers. 21597 Defaults to the default set of capabilities granted by 21598 the container runtime. 21599 properties: 21600 add: 21601 description: Added capabilities 21602 items: 21603 description: Capability represent POSIX capabilities 21604 type 21605 type: string 21606 type: array 21607 drop: 21608 description: Removed capabilities 21609 items: 21610 description: Capability represent POSIX capabilities 21611 type 21612 type: string 21613 type: array 21614 type: object 21615 privileged: 21616 description: Run container in privileged mode. Processes 21617 in privileged containers are essentially equivalent to 21618 root on the host. Defaults to false. 21619 type: boolean 21620 procMount: 21621 description: procMount denotes the type of proc mount to 21622 use for the containers. The default is DefaultProcMount 21623 which uses the container runtime defaults for readonly 21624 paths and masked paths. This requires the ProcMountType 21625 feature flag to be enabled. 21626 type: string 21627 readOnlyRootFilesystem: 21628 description: Whether this container has a read-only root 21629 filesystem. Default is false. 21630 type: boolean 21631 runAsGroup: 21632 description: The GID to run the entrypoint of the container 21633 process. Uses runtime default if unset. May also be set 21634 in PodSecurityContext. If set in both SecurityContext 21635 and PodSecurityContext, the value specified in SecurityContext 21636 takes precedence. 21637 format: int64 21638 type: integer 21639 runAsNonRoot: 21640 description: Indicates that the container must run as a 21641 non-root user. If true, the Kubelet will validate the 21642 image at runtime to ensure that it does not run as UID 21643 0 (root) and fail to start the container if it does. If 21644 unset or false, no such validation will be performed. 21645 May also be set in PodSecurityContext. If set in both 21646 SecurityContext and PodSecurityContext, the value specified 21647 in SecurityContext takes precedence. 21648 type: boolean 21649 runAsUser: 21650 description: The UID to run the entrypoint of the container 21651 process. Defaults to user specified in image metadata 21652 if unspecified. May also be set in PodSecurityContext. If 21653 set in both SecurityContext and PodSecurityContext, the 21654 value specified in SecurityContext takes precedence. 21655 format: int64 21656 type: integer 21657 seLinuxOptions: 21658 description: The SELinux context to be applied to the container. 21659 If unspecified, the container runtime will allocate a 21660 random SELinux context for each container. May also be 21661 set in PodSecurityContext. If set in both SecurityContext 21662 and PodSecurityContext, the value specified in SecurityContext 21663 takes precedence. 21664 properties: 21665 level: 21666 description: Level is SELinux level label that applies 21667 to the container. 21668 type: string 21669 role: 21670 description: Role is a SELinux role label that applies 21671 to the container. 21672 type: string 21673 type: 21674 description: Type is a SELinux type label that applies 21675 to the container. 21676 type: string 21677 user: 21678 description: User is a SELinux user label that applies 21679 to the container. 21680 type: string 21681 type: object 21682 seccompProfile: 21683 description: The seccomp options to use by this container. 21684 If seccomp options are provided at both the pod & container 21685 level, the container options override the pod options. 21686 properties: 21687 localhostProfile: 21688 description: localhostProfile indicates a profile defined 21689 in a file on the node should be used. The profile 21690 must be preconfigured on the node to work. Must be 21691 a descending path, relative to the kubelet's configured 21692 seccomp profile location. Must only be set if type 21693 is "Localhost". 21694 type: string 21695 type: 21696 description: "type indicates which kind of seccomp profile 21697 will be applied. Valid options are: \n Localhost - 21698 a profile defined in a file on the node should be 21699 used. RuntimeDefault - the container runtime default 21700 profile should be used. Unconfined - no profile should 21701 be applied." 21702 type: string 21703 required: 21704 - type 21705 type: object 21706 windowsOptions: 21707 description: The Windows specific settings applied to all 21708 containers. If unspecified, the options from the PodSecurityContext 21709 will be used. If set in both SecurityContext and PodSecurityContext, 21710 the value specified in SecurityContext takes precedence. 21711 properties: 21712 gmsaCredentialSpec: 21713 description: GMSACredentialSpec is where the GMSA admission 21714 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 21715 inlines the contents of the GMSA credential spec named 21716 by the GMSACredentialSpecName field. 21717 type: string 21718 gmsaCredentialSpecName: 21719 description: GMSACredentialSpecName is the name of the 21720 GMSA credential spec to use. 21721 type: string 21722 hostProcess: 21723 description: HostProcess determines if a container should 21724 be run as a 'Host Process' container. This field is 21725 alpha-level and will only be honored by components 21726 that enable the WindowsHostProcessContainers feature 21727 flag. Setting this field without the feature flag 21728 will result in errors when validating the Pod. All 21729 of a Pod's containers must have the same effective 21730 HostProcess value (it is not allowed to have a mix 21731 of HostProcess containers and non-HostProcess containers). In 21732 addition, if HostProcess is true then HostNetwork 21733 must also be set to true. 21734 type: boolean 21735 runAsUserName: 21736 description: The UserName in Windows to run the entrypoint 21737 of the container process. Defaults to the user specified 21738 in image metadata if unspecified. May also be set 21739 in PodSecurityContext. If set in both SecurityContext 21740 and PodSecurityContext, the value specified in SecurityContext 21741 takes precedence. 21742 type: string 21743 type: object 21744 type: object 21745 startupProbe: 21746 description: 'StartupProbe indicates that the Pod has successfully 21747 initialized. If specified, no other probes are executed until 21748 this completes successfully. If this probe fails, the Pod 21749 will be restarted, just as if the livenessProbe failed. This 21750 can be used to provide different probe parameters at the beginning 21751 of a Pod''s lifecycle, when it might take a long time to load 21752 data or warm a cache, than during steady-state operation. 21753 This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21754 properties: 21755 exec: 21756 description: One and only one of the following should be 21757 specified. Exec specifies the action to take. 21758 properties: 21759 command: 21760 description: Command is the command line to execute 21761 inside the container, the working directory for the 21762 command is root ('/') in the container's filesystem. 21763 The command is simply exec'd, it is not run inside 21764 a shell, so traditional shell instructions ('|', etc) 21765 won't work. To use a shell, you need to explicitly 21766 call out to that shell. Exit status of 0 is treated 21767 as live/healthy and non-zero is unhealthy. 21768 items: 21769 type: string 21770 type: array 21771 type: object 21772 failureThreshold: 21773 description: Minimum consecutive failures for the probe 21774 to be considered failed after having succeeded. Defaults 21775 to 3. Minimum value is 1. 21776 format: int32 21777 type: integer 21778 httpGet: 21779 description: HTTPGet specifies the http request to perform. 21780 properties: 21781 host: 21782 description: Host name to connect to, defaults to the 21783 pod IP. You probably want to set "Host" in httpHeaders 21784 instead. 21785 type: string 21786 httpHeaders: 21787 description: Custom headers to set in the request. HTTP 21788 allows repeated headers. 21789 items: 21790 description: HTTPHeader describes a custom header 21791 to be used in HTTP probes 21792 properties: 21793 name: 21794 description: The header field name 21795 type: string 21796 value: 21797 description: The header field value 21798 type: string 21799 required: 21800 - name 21801 - value 21802 type: object 21803 type: array 21804 path: 21805 description: Path to access on the HTTP server. 21806 type: string 21807 port: 21808 anyOf: 21809 - type: integer 21810 - type: string 21811 description: Name or number of the port to access on 21812 the container. Number must be in the range 1 to 65535. 21813 Name must be an IANA_SVC_NAME. 21814 x-kubernetes-int-or-string: true 21815 scheme: 21816 description: Scheme to use for connecting to the host. 21817 Defaults to HTTP. 21818 type: string 21819 required: 21820 - port 21821 type: object 21822 initialDelaySeconds: 21823 description: 'Number of seconds after the container has 21824 started before liveness probes are initiated. More info: 21825 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21826 format: int32 21827 type: integer 21828 periodSeconds: 21829 description: How often (in seconds) to perform the probe. 21830 Default to 10 seconds. Minimum value is 1. 21831 format: int32 21832 type: integer 21833 successThreshold: 21834 description: Minimum consecutive successes for the probe 21835 to be considered successful after having failed. Defaults 21836 to 1. Must be 1 for liveness and startup. Minimum value 21837 is 1. 21838 format: int32 21839 type: integer 21840 tcpSocket: 21841 description: 'TCPSocket specifies an action involving a 21842 TCP port. TCP hooks not yet supported TODO: implement 21843 a realistic TCP lifecycle hook' 21844 properties: 21845 host: 21846 description: 'Optional: Host name to connect to, defaults 21847 to the pod IP.' 21848 type: string 21849 port: 21850 anyOf: 21851 - type: integer 21852 - type: string 21853 description: Number or name of the port to access on 21854 the container. Number must be in the range 1 to 65535. 21855 Name must be an IANA_SVC_NAME. 21856 x-kubernetes-int-or-string: true 21857 required: 21858 - port 21859 type: object 21860 terminationGracePeriodSeconds: 21861 description: Optional duration in seconds the pod needs 21862 to terminate gracefully upon probe failure. The grace 21863 period is the duration in seconds after the processes 21864 running in the pod are sent a termination signal and the 21865 time when the processes are forcibly halted with a kill 21866 signal. Set this value longer than the expected cleanup 21867 time for your process. If this value is nil, the pod's 21868 terminationGracePeriodSeconds will be used. Otherwise, 21869 this value overrides the value provided by the pod spec. 21870 Value must be non-negative integer. The value zero indicates 21871 stop immediately via the kill signal (no opportunity to 21872 shut down). This is a beta field and requires enabling 21873 ProbeTerminationGracePeriod feature gate. Minimum value 21874 is 1. spec.terminationGracePeriodSeconds is used if unset. 21875 format: int64 21876 type: integer 21877 timeoutSeconds: 21878 description: 'Number of seconds after which the probe times 21879 out. Defaults to 1 second. Minimum value is 1. More info: 21880 https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' 21881 format: int32 21882 type: integer 21883 type: object 21884 stdin: 21885 description: Whether this container should allocate a buffer 21886 for stdin in the container runtime. If this is not set, reads 21887 from stdin in the container will always result in EOF. Default 21888 is false. 21889 type: boolean 21890 stdinOnce: 21891 description: Whether the container runtime should close the 21892 stdin channel after it has been opened by a single attach. 21893 When stdin is true the stdin stream will remain open across 21894 multiple attach sessions. If stdinOnce is set to true, stdin 21895 is opened on container start, is empty until the first client 21896 attaches to stdin, and then remains open and accepts data 21897 until the client disconnects, at which time stdin is closed 21898 and remains closed until the container is restarted. If this 21899 flag is false, a container processes that reads from stdin 21900 will never receive an EOF. Default is false 21901 type: boolean 21902 terminationMessagePath: 21903 description: 'Optional: Path at which the file to which the 21904 container''s termination message will be written is mounted 21905 into the container''s filesystem. Message written is intended 21906 to be brief final status, such as an assertion failure message. 21907 Will be truncated by the node if greater than 4096 bytes. 21908 The total message length across all containers will be limited 21909 to 12kb. Defaults to /dev/termination-log. Cannot be updated.' 21910 type: string 21911 terminationMessagePolicy: 21912 description: Indicate how the termination message should be 21913 populated. File will use the contents of terminationMessagePath 21914 to populate the container status message on both success and 21915 failure. FallbackToLogsOnError will use the last chunk of 21916 container log output if the termination message file is empty 21917 and the container exited with an error. The log output is 21918 limited to 2048 bytes or 80 lines, whichever is smaller. Defaults 21919 to File. Cannot be updated. 21920 type: string 21921 tty: 21922 description: Whether this container should allocate a TTY for 21923 itself, also requires 'stdin' to be true. Default is false. 21924 type: boolean 21925 volumeDevices: 21926 description: volumeDevices is the list of block devices to be 21927 used by the container. 21928 items: 21929 description: volumeDevice describes a mapping of a raw block 21930 device within a container. 21931 properties: 21932 devicePath: 21933 description: devicePath is the path inside of the container 21934 that the device will be mapped to. 21935 type: string 21936 name: 21937 description: name must match the name of a persistentVolumeClaim 21938 in the pod 21939 type: string 21940 required: 21941 - devicePath 21942 - name 21943 type: object 21944 type: array 21945 volumeMounts: 21946 description: Pod volumes to mount into the container's filesystem. 21947 Cannot be updated. 21948 items: 21949 description: VolumeMount describes a mounting of a Volume 21950 within a container. 21951 properties: 21952 mountPath: 21953 description: Path within the container at which the volume 21954 should be mounted. Must not contain ':'. 21955 type: string 21956 mountPropagation: 21957 description: mountPropagation determines how mounts are 21958 propagated from the host to container and the other 21959 way around. When not set, MountPropagationNone is used. 21960 This field is beta in 1.10. 21961 type: string 21962 name: 21963 description: This must match the Name of a Volume. 21964 type: string 21965 readOnly: 21966 description: Mounted read-only if true, read-write otherwise 21967 (false or unspecified). Defaults to false. 21968 type: boolean 21969 subPath: 21970 description: Path within the volume from which the container's 21971 volume should be mounted. Defaults to "" (volume's root). 21972 type: string 21973 subPathExpr: 21974 description: Expanded path within the volume from which 21975 the container's volume should be mounted. Behaves similarly 21976 to SubPath but environment variable references $(VAR_NAME) 21977 are expanded using the container's environment. Defaults 21978 to "" (volume's root). SubPathExpr and SubPath are mutually 21979 exclusive. 21980 type: string 21981 required: 21982 - mountPath 21983 - name 21984 type: object 21985 type: array 21986 workingDir: 21987 description: Container's working directory. If not specified, 21988 the container runtime's default will be used, which might 21989 be configured in the container image. Cannot be updated. 21990 type: string 21991 required: 21992 - name 21993 type: object 21994 type: array 21995 labels: 21996 additionalProperties: 21997 type: string 21998 description: Labels configure the external label pairs to ThanosRuler. 21999 A default replica label `thanos_ruler_replica` will be always added as 22000 a label with the value of the pod's name and it will be dropped 22001 in the alerts. 22002 type: object 22003 listenLocal: 22004 description: ListenLocal makes the Thanos ruler listen on loopback, 22005 so that it does not bind against the Pod IP. 22006 type: boolean 22007 logFormat: 22008 description: Log format for ThanosRuler to be configured with. 22009 type: string 22010 logLevel: 22011 description: Log level for ThanosRuler to be configured with. 22012 type: string 22013 minReadySeconds: 22014 description: Minimum number of seconds for which a newly created pod 22015 should be ready without any of its container crashing for it to 22016 be considered available. Defaults to 0 (pod will be considered available 22017 as soon as it is ready) This is an alpha field and requires enabling 22018 StatefulSetMinReadySeconds feature gate. 22019 format: int32 22020 type: integer 22021 nodeSelector: 22022 additionalProperties: 22023 type: string 22024 description: Define which Nodes the Pods are scheduled on. 22025 type: object 22026 objectStorageConfig: 22027 description: ObjectStorageConfig configures object storage in Thanos. 22028 Alternative to ObjectStorageConfigFile, and lower order priority. 22029 properties: 22030 key: 22031 description: The key of the secret to select from. Must be a 22032 valid secret key. 22033 type: string 22034 name: 22035 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22036 TODO: Add other useful fields. apiVersion, kind, uid?' 22037 type: string 22038 optional: 22039 description: Specify whether the Secret or its key must be defined 22040 type: boolean 22041 required: 22042 - key 22043 type: object 22044 objectStorageConfigFile: 22045 description: ObjectStorageConfigFile specifies the path of the object 22046 storage configuration file. When used alongside with ObjectStorageConfig, 22047 ObjectStorageConfigFile takes precedence. 22048 type: string 22049 paused: 22050 description: When a ThanosRuler deployment is paused, no actions except 22051 for deletion will be performed on the underlying objects. 22052 type: boolean 22053 podMetadata: 22054 description: PodMetadata contains Labels and Annotations gets propagated 22055 to the thanos ruler pods. 22056 properties: 22057 annotations: 22058 additionalProperties: 22059 type: string 22060 description: 'Annotations is an unstructured key value map stored 22061 with a resource that may be set by external tools to store and 22062 retrieve arbitrary metadata. They are not queryable and should 22063 be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' 22064 type: object 22065 labels: 22066 additionalProperties: 22067 type: string 22068 description: 'Map of string keys and values that can be used to 22069 organize and categorize (scope and select) objects. May match 22070 selectors of replication controllers and services. More info: 22071 http://kubernetes.io/docs/user-guide/labels' 22072 type: object 22073 name: 22074 description: 'Name must be unique within a namespace. Is required 22075 when creating resources, although some resources may allow a 22076 client to request the generation of an appropriate name automatically. 22077 Name is primarily intended for creation idempotence and configuration 22078 definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 22079 type: string 22080 type: object 22081 portName: 22082 description: Port name used for the pods and governing service. This 22083 defaults to web 22084 type: string 22085 priorityClassName: 22086 description: Priority class assigned to the Pods 22087 type: string 22088 prometheusRulesExcludedFromEnforce: 22089 description: PrometheusRulesExcludedFromEnforce - list of Prometheus 22090 rules to be excluded from enforcing of adding namespace labels. 22091 Works only if enforcedNamespaceLabel set to true. Make sure both 22092 ruleNamespace and ruleName are set for each pair 22093 items: 22094 description: PrometheusRuleExcludeConfig enables users to configure 22095 excluded PrometheusRule names and their namespaces to be ignored 22096 while enforcing namespace label for alerts and metrics. 22097 properties: 22098 ruleName: 22099 description: RuleNamespace - name of excluded rule 22100 type: string 22101 ruleNamespace: 22102 description: RuleNamespace - namespace of excluded rule 22103 type: string 22104 required: 22105 - ruleName 22106 - ruleNamespace 22107 type: object 22108 type: array 22109 queryConfig: 22110 description: Define configuration for connecting to thanos query instances. 22111 If this is defined, the QueryEndpoints field will be ignored. Maps 22112 to the `query.config` CLI argument. Only available with thanos v0.11.0 22113 and higher. 22114 properties: 22115 key: 22116 description: The key of the secret to select from. Must be a 22117 valid secret key. 22118 type: string 22119 name: 22120 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22121 TODO: Add other useful fields. apiVersion, kind, uid?' 22122 type: string 22123 optional: 22124 description: Specify whether the Secret or its key must be defined 22125 type: boolean 22126 required: 22127 - key 22128 type: object 22129 queryEndpoints: 22130 description: QueryEndpoints defines Thanos querier endpoints from 22131 which to query metrics. Maps to the --query flag of thanos ruler. 22132 items: 22133 type: string 22134 type: array 22135 replicas: 22136 description: Number of thanos ruler instances to deploy. 22137 format: int32 22138 type: integer 22139 resources: 22140 description: Resources defines the resource requirements for single 22141 Pods. If not provided, no requests/limits will be set 22142 properties: 22143 limits: 22144 additionalProperties: 22145 anyOf: 22146 - type: integer 22147 - type: string 22148 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22149 x-kubernetes-int-or-string: true 22150 description: 'Limits describes the maximum amount of compute resources 22151 allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22152 type: object 22153 requests: 22154 additionalProperties: 22155 anyOf: 22156 - type: integer 22157 - type: string 22158 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22159 x-kubernetes-int-or-string: true 22160 description: 'Requests describes the minimum amount of compute 22161 resources required. If Requests is omitted for a container, 22162 it defaults to Limits if that is explicitly specified, otherwise 22163 to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22164 type: object 22165 type: object 22166 retention: 22167 description: Time duration ThanosRuler shall retain data for. Default 22168 is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` 22169 (milliseconds seconds minutes hours days weeks years). 22170 type: string 22171 routePrefix: 22172 description: The route prefix ThanosRuler registers HTTP handlers 22173 for. This allows thanos UI to be served on a sub-path. 22174 type: string 22175 ruleNamespaceSelector: 22176 description: Namespaces to be selected for Rules discovery. If unspecified, 22177 only the same namespace as the ThanosRuler object is in is used. 22178 properties: 22179 matchExpressions: 22180 description: matchExpressions is a list of label selector requirements. 22181 The requirements are ANDed. 22182 items: 22183 description: A label selector requirement is a selector that 22184 contains values, a key, and an operator that relates the key 22185 and values. 22186 properties: 22187 key: 22188 description: key is the label key that the selector applies 22189 to. 22190 type: string 22191 operator: 22192 description: operator represents a key's relationship to 22193 a set of values. Valid operators are In, NotIn, Exists 22194 and DoesNotExist. 22195 type: string 22196 values: 22197 description: values is an array of string values. If the 22198 operator is In or NotIn, the values array must be non-empty. 22199 If the operator is Exists or DoesNotExist, the values 22200 array must be empty. This array is replaced during a strategic 22201 merge patch. 22202 items: 22203 type: string 22204 type: array 22205 required: 22206 - key 22207 - operator 22208 type: object 22209 type: array 22210 matchLabels: 22211 additionalProperties: 22212 type: string 22213 description: matchLabels is a map of {key,value} pairs. A single 22214 {key,value} in the matchLabels map is equivalent to an element 22215 of matchExpressions, whose key field is "key", the operator 22216 is "In", and the values array contains only "value". The requirements 22217 are ANDed. 22218 type: object 22219 type: object 22220 ruleSelector: 22221 description: A label selector to select which PrometheusRules to mount 22222 for alerting and recording. 22223 properties: 22224 matchExpressions: 22225 description: matchExpressions is a list of label selector requirements. 22226 The requirements are ANDed. 22227 items: 22228 description: A label selector requirement is a selector that 22229 contains values, a key, and an operator that relates the key 22230 and values. 22231 properties: 22232 key: 22233 description: key is the label key that the selector applies 22234 to. 22235 type: string 22236 operator: 22237 description: operator represents a key's relationship to 22238 a set of values. Valid operators are In, NotIn, Exists 22239 and DoesNotExist. 22240 type: string 22241 values: 22242 description: values is an array of string values. If the 22243 operator is In or NotIn, the values array must be non-empty. 22244 If the operator is Exists or DoesNotExist, the values 22245 array must be empty. This array is replaced during a strategic 22246 merge patch. 22247 items: 22248 type: string 22249 type: array 22250 required: 22251 - key 22252 - operator 22253 type: object 22254 type: array 22255 matchLabels: 22256 additionalProperties: 22257 type: string 22258 description: matchLabels is a map of {key,value} pairs. A single 22259 {key,value} in the matchLabels map is equivalent to an element 22260 of matchExpressions, whose key field is "key", the operator 22261 is "In", and the values array contains only "value". The requirements 22262 are ANDed. 22263 type: object 22264 type: object 22265 securityContext: 22266 description: SecurityContext holds pod-level security attributes and 22267 common container settings. This defaults to the default PodSecurityContext. 22268 properties: 22269 fsGroup: 22270 description: "A special supplemental group that applies to all 22271 containers in a pod. Some volume types allow the Kubelet to 22272 change the ownership of that volume to be owned by the pod: 22273 \n 1. The owning GID will be the FSGroup 2. The setgid bit is 22274 set (new files created in the volume will be owned by FSGroup) 22275 3. The permission bits are OR'd with rw-rw---- \n If unset, 22276 the Kubelet will not modify the ownership and permissions of 22277 any volume." 22278 format: int64 22279 type: integer 22280 fsGroupChangePolicy: 22281 description: 'fsGroupChangePolicy defines behavior of changing 22282 ownership and permission of the volume before being exposed 22283 inside Pod. This field will only apply to volume types which 22284 support fsGroup based ownership(and permissions). It will have 22285 no effect on ephemeral volume types such as: secret, configmaps 22286 and emptydir. Valid values are "OnRootMismatch" and "Always". 22287 If not specified, "Always" is used.' 22288 type: string 22289 runAsGroup: 22290 description: The GID to run the entrypoint of the container process. 22291 Uses runtime default if unset. May also be set in SecurityContext. If 22292 set in both SecurityContext and PodSecurityContext, the value 22293 specified in SecurityContext takes precedence for that container. 22294 format: int64 22295 type: integer 22296 runAsNonRoot: 22297 description: Indicates that the container must run as a non-root 22298 user. If true, the Kubelet will validate the image at runtime 22299 to ensure that it does not run as UID 0 (root) and fail to start 22300 the container if it does. If unset or false, no such validation 22301 will be performed. May also be set in SecurityContext. If set 22302 in both SecurityContext and PodSecurityContext, the value specified 22303 in SecurityContext takes precedence. 22304 type: boolean 22305 runAsUser: 22306 description: The UID to run the entrypoint of the container process. 22307 Defaults to user specified in image metadata if unspecified. 22308 May also be set in SecurityContext. If set in both SecurityContext 22309 and PodSecurityContext, the value specified in SecurityContext 22310 takes precedence for that container. 22311 format: int64 22312 type: integer 22313 seLinuxOptions: 22314 description: The SELinux context to be applied to all containers. 22315 If unspecified, the container runtime will allocate a random 22316 SELinux context for each container. May also be set in SecurityContext. If 22317 set in both SecurityContext and PodSecurityContext, the value 22318 specified in SecurityContext takes precedence for that container. 22319 properties: 22320 level: 22321 description: Level is SELinux level label that applies to 22322 the container. 22323 type: string 22324 role: 22325 description: Role is a SELinux role label that applies to 22326 the container. 22327 type: string 22328 type: 22329 description: Type is a SELinux type label that applies to 22330 the container. 22331 type: string 22332 user: 22333 description: User is a SELinux user label that applies to 22334 the container. 22335 type: string 22336 type: object 22337 seccompProfile: 22338 description: The seccomp options to use by the containers in this 22339 pod. 22340 properties: 22341 localhostProfile: 22342 description: localhostProfile indicates a profile defined 22343 in a file on the node should be used. The profile must be 22344 preconfigured on the node to work. Must be a descending 22345 path, relative to the kubelet's configured seccomp profile 22346 location. Must only be set if type is "Localhost". 22347 type: string 22348 type: 22349 description: "type indicates which kind of seccomp profile 22350 will be applied. Valid options are: \n Localhost - a profile 22351 defined in a file on the node should be used. RuntimeDefault 22352 - the container runtime default profile should be used. 22353 Unconfined - no profile should be applied." 22354 type: string 22355 required: 22356 - type 22357 type: object 22358 supplementalGroups: 22359 description: A list of groups applied to the first process run 22360 in each container, in addition to the container's primary GID. If 22361 unspecified, no groups will be added to any container. 22362 items: 22363 format: int64 22364 type: integer 22365 type: array 22366 sysctls: 22367 description: Sysctls hold a list of namespaced sysctls used for 22368 the pod. Pods with unsupported sysctls (by the container runtime) 22369 might fail to launch. 22370 items: 22371 description: Sysctl defines a kernel parameter to be set 22372 properties: 22373 name: 22374 description: Name of a property to set 22375 type: string 22376 value: 22377 description: Value of a property to set 22378 type: string 22379 required: 22380 - name 22381 - value 22382 type: object 22383 type: array 22384 windowsOptions: 22385 description: The Windows specific settings applied to all containers. 22386 If unspecified, the options within a container's SecurityContext 22387 will be used. If set in both SecurityContext and PodSecurityContext, 22388 the value specified in SecurityContext takes precedence. 22389 properties: 22390 gmsaCredentialSpec: 22391 description: GMSACredentialSpec is where the GMSA admission 22392 webhook (https://github.com/kubernetes-sigs/windows-gmsa) 22393 inlines the contents of the GMSA credential spec named by 22394 the GMSACredentialSpecName field. 22395 type: string 22396 gmsaCredentialSpecName: 22397 description: GMSACredentialSpecName is the name of the GMSA 22398 credential spec to use. 22399 type: string 22400 hostProcess: 22401 description: HostProcess determines if a container should 22402 be run as a 'Host Process' container. This field is alpha-level 22403 and will only be honored by components that enable the WindowsHostProcessContainers 22404 feature flag. Setting this field without the feature flag 22405 will result in errors when validating the Pod. All of a 22406 Pod's containers must have the same effective HostProcess 22407 value (it is not allowed to have a mix of HostProcess containers 22408 and non-HostProcess containers). In addition, if HostProcess 22409 is true then HostNetwork must also be set to true. 22410 type: boolean 22411 runAsUserName: 22412 description: The UserName in Windows to run the entrypoint 22413 of the container process. Defaults to the user specified 22414 in image metadata if unspecified. May also be set in PodSecurityContext. 22415 If set in both SecurityContext and PodSecurityContext, the 22416 value specified in SecurityContext takes precedence. 22417 type: string 22418 type: object 22419 type: object 22420 serviceAccountName: 22421 description: ServiceAccountName is the name of the ServiceAccount 22422 to use to run the Thanos Ruler Pods. 22423 type: string 22424 storage: 22425 description: Storage spec to specify how storage shall be used. 22426 properties: 22427 disableMountSubPath: 22428 description: 'Deprecated: subPath usage will be disabled by default 22429 in a future release, this option will become unnecessary. DisableMountSubPath 22430 allows to remove any subPath usage in volume mounts.' 22431 type: boolean 22432 emptyDir: 22433 description: 'EmptyDirVolumeSource to be used by the Prometheus 22434 StatefulSets. If specified, used in place of any volumeClaimTemplate. 22435 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' 22436 properties: 22437 medium: 22438 description: 'What type of storage medium should back this 22439 directory. The default is "" which means to use the node''s 22440 default medium. Must be an empty string (default) or Memory. 22441 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 22442 type: string 22443 sizeLimit: 22444 anyOf: 22445 - type: integer 22446 - type: string 22447 description: 'Total amount of local storage required for this 22448 EmptyDir volume. The size limit is also applicable for memory 22449 medium. The maximum usage on memory medium EmptyDir would 22450 be the minimum value between the SizeLimit specified here 22451 and the sum of memory limits of all containers in a pod. 22452 The default is nil which means that the limit is undefined. 22453 More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 22454 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22455 x-kubernetes-int-or-string: true 22456 type: object 22457 ephemeral: 22458 description: 'EphemeralVolumeSource to be used by the Prometheus 22459 StatefulSets. This is a beta field in k8s 1.21, for lower versions, 22460 starting with k8s 1.19, it requires enabling the GenericEphemeralVolume 22461 feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' 22462 properties: 22463 volumeClaimTemplate: 22464 description: "Will be used to create a stand-alone PVC to 22465 provision the volume. The pod in which this EphemeralVolumeSource 22466 is embedded will be the owner of the PVC, i.e. the PVC will 22467 be deleted together with the pod. The name of the PVC will 22468 be `<pod name>-<volume name>` where `<volume name>` is the 22469 name from the `PodSpec.Volumes` array entry. Pod validation 22470 will reject the pod if the concatenated name is not valid 22471 for a PVC (for example, too long). \n An existing PVC with 22472 that name that is not owned by the pod will *not* be used 22473 for the pod to avoid using an unrelated volume by mistake. 22474 Starting the pod is then blocked until the unrelated PVC 22475 is removed. If such a pre-created PVC is meant to be used 22476 by the pod, the PVC has to updated with an owner reference 22477 to the pod once the pod exists. Normally this should not 22478 be necessary, but it may be useful when manually reconstructing 22479 a broken cluster. \n This field is read-only and no changes 22480 will be made by Kubernetes to the PVC after it has been 22481 created. \n Required, must not be nil." 22482 properties: 22483 metadata: 22484 description: May contain labels and annotations that will 22485 be copied into the PVC when creating it. No other fields 22486 are allowed and will be rejected during validation. 22487 type: object 22488 spec: 22489 description: The specification for the PersistentVolumeClaim. 22490 The entire content is copied unchanged into the PVC 22491 that gets created from this template. The same fields 22492 as in a PersistentVolumeClaim are also valid here. 22493 properties: 22494 accessModes: 22495 description: 'AccessModes contains the desired access 22496 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 22497 items: 22498 type: string 22499 type: array 22500 dataSource: 22501 description: 'This field can be used to specify either: 22502 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 22503 * An existing PVC (PersistentVolumeClaim) If the 22504 provisioner or an external controller can support 22505 the specified data source, it will create a new 22506 volume based on the contents of the specified data 22507 source. If the AnyVolumeDataSource feature gate 22508 is enabled, this field will always have the same 22509 contents as the DataSourceRef field.' 22510 properties: 22511 apiGroup: 22512 description: APIGroup is the group for the resource 22513 being referenced. If APIGroup is not specified, 22514 the specified Kind must be in the core API group. 22515 For any other third-party types, APIGroup is 22516 required. 22517 type: string 22518 kind: 22519 description: Kind is the type of resource being 22520 referenced 22521 type: string 22522 name: 22523 description: Name is the name of resource being 22524 referenced 22525 type: string 22526 required: 22527 - kind 22528 - name 22529 type: object 22530 dataSourceRef: 22531 description: 'Specifies the object from which to populate 22532 the volume with data, if a non-empty volume is desired. 22533 This may be any local object from a non-empty API 22534 group (non core object) or a PersistentVolumeClaim 22535 object. When this field is specified, volume binding 22536 will only succeed if the type of the specified object 22537 matches some installed volume populator or dynamic 22538 provisioner. This field will replace the functionality 22539 of the DataSource field and as such if both fields 22540 are non-empty, they must have the same value. For 22541 backwards compatibility, both fields (DataSource 22542 and DataSourceRef) will be set to the same value 22543 automatically if one of them is empty and the other 22544 is non-empty. There are two important differences 22545 between DataSource and DataSourceRef: * While DataSource 22546 only allows two specific types of objects, DataSourceRef allows 22547 any non-core object, as well as PersistentVolumeClaim 22548 objects. * While DataSource ignores disallowed values 22549 (dropping them), DataSourceRef preserves all values, 22550 and generates an error if a disallowed value is specified. 22551 (Alpha) Using this field requires the AnyVolumeDataSource 22552 feature gate to be enabled.' 22553 properties: 22554 apiGroup: 22555 description: APIGroup is the group for the resource 22556 being referenced. If APIGroup is not specified, 22557 the specified Kind must be in the core API group. 22558 For any other third-party types, APIGroup is 22559 required. 22560 type: string 22561 kind: 22562 description: Kind is the type of resource being 22563 referenced 22564 type: string 22565 name: 22566 description: Name is the name of resource being 22567 referenced 22568 type: string 22569 required: 22570 - kind 22571 - name 22572 type: object 22573 resources: 22574 description: 'Resources represents the minimum resources 22575 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 22576 properties: 22577 limits: 22578 additionalProperties: 22579 anyOf: 22580 - type: integer 22581 - type: string 22582 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22583 x-kubernetes-int-or-string: true 22584 description: 'Limits describes the maximum amount 22585 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22586 type: object 22587 requests: 22588 additionalProperties: 22589 anyOf: 22590 - type: integer 22591 - type: string 22592 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22593 x-kubernetes-int-or-string: true 22594 description: 'Requests describes the minimum amount 22595 of compute resources required. If Requests is 22596 omitted for a container, it defaults to Limits 22597 if that is explicitly specified, otherwise to 22598 an implementation-defined value. More info: 22599 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22600 type: object 22601 type: object 22602 selector: 22603 description: A label query over volumes to consider 22604 for binding. 22605 properties: 22606 matchExpressions: 22607 description: matchExpressions is a list of label 22608 selector requirements. The requirements are 22609 ANDed. 22610 items: 22611 description: A label selector requirement is 22612 a selector that contains values, a key, and 22613 an operator that relates the key and values. 22614 properties: 22615 key: 22616 description: key is the label key that the 22617 selector applies to. 22618 type: string 22619 operator: 22620 description: operator represents a key's 22621 relationship to a set of values. Valid 22622 operators are In, NotIn, Exists and DoesNotExist. 22623 type: string 22624 values: 22625 description: values is an array of string 22626 values. If the operator is In or NotIn, 22627 the values array must be non-empty. If 22628 the operator is Exists or DoesNotExist, 22629 the values array must be empty. This array 22630 is replaced during a strategic merge patch. 22631 items: 22632 type: string 22633 type: array 22634 required: 22635 - key 22636 - operator 22637 type: object 22638 type: array 22639 matchLabels: 22640 additionalProperties: 22641 type: string 22642 description: matchLabels is a map of {key,value} 22643 pairs. A single {key,value} in the matchLabels 22644 map is equivalent to an element of matchExpressions, 22645 whose key field is "key", the operator is "In", 22646 and the values array contains only "value". 22647 The requirements are ANDed. 22648 type: object 22649 type: object 22650 storageClassName: 22651 description: 'Name of the StorageClass required by 22652 the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 22653 type: string 22654 volumeMode: 22655 description: volumeMode defines what type of volume 22656 is required by the claim. Value of Filesystem is 22657 implied when not included in claim spec. 22658 type: string 22659 volumeName: 22660 description: VolumeName is the binding reference to 22661 the PersistentVolume backing this claim. 22662 type: string 22663 type: object 22664 required: 22665 - spec 22666 type: object 22667 type: object 22668 volumeClaimTemplate: 22669 description: A PVC spec to be used by the Prometheus StatefulSets. 22670 properties: 22671 apiVersion: 22672 description: 'APIVersion defines the versioned schema of this 22673 representation of an object. Servers should convert recognized 22674 schemas to the latest internal value, and may reject unrecognized 22675 values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 22676 type: string 22677 kind: 22678 description: 'Kind is a string value representing the REST 22679 resource this object represents. Servers may infer this 22680 from the endpoint the client submits requests to. Cannot 22681 be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 22682 type: string 22683 metadata: 22684 description: EmbeddedMetadata contains metadata relevant to 22685 an EmbeddedResource. 22686 properties: 22687 annotations: 22688 additionalProperties: 22689 type: string 22690 description: 'Annotations is an unstructured key value 22691 map stored with a resource that may be set by external 22692 tools to store and retrieve arbitrary metadata. They 22693 are not queryable and should be preserved when modifying 22694 objects. More info: http://kubernetes.io/docs/user-guide/annotations' 22695 type: object 22696 labels: 22697 additionalProperties: 22698 type: string 22699 description: 'Map of string keys and values that can be 22700 used to organize and categorize (scope and select) objects. 22701 May match selectors of replication controllers and services. 22702 More info: http://kubernetes.io/docs/user-guide/labels' 22703 type: object 22704 name: 22705 description: 'Name must be unique within a namespace. 22706 Is required when creating resources, although some resources 22707 may allow a client to request the generation of an appropriate 22708 name automatically. Name is primarily intended for creation 22709 idempotence and configuration definition. Cannot be 22710 updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' 22711 type: string 22712 type: object 22713 spec: 22714 description: 'Spec defines the desired characteristics of 22715 a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 22716 properties: 22717 accessModes: 22718 description: 'AccessModes contains the desired access 22719 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 22720 items: 22721 type: string 22722 type: array 22723 dataSource: 22724 description: 'This field can be used to specify either: 22725 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 22726 * An existing PVC (PersistentVolumeClaim) If the provisioner 22727 or an external controller can support the specified 22728 data source, it will create a new volume based on the 22729 contents of the specified data source. If the AnyVolumeDataSource 22730 feature gate is enabled, this field will always have 22731 the same contents as the DataSourceRef field.' 22732 properties: 22733 apiGroup: 22734 description: APIGroup is the group for the resource 22735 being referenced. If APIGroup is not specified, 22736 the specified Kind must be in the core API group. 22737 For any other third-party types, APIGroup is required. 22738 type: string 22739 kind: 22740 description: Kind is the type of resource being referenced 22741 type: string 22742 name: 22743 description: Name is the name of resource being referenced 22744 type: string 22745 required: 22746 - kind 22747 - name 22748 type: object 22749 dataSourceRef: 22750 description: 'Specifies the object from which to populate 22751 the volume with data, if a non-empty volume is desired. 22752 This may be any local object from a non-empty API group 22753 (non core object) or a PersistentVolumeClaim object. 22754 When this field is specified, volume binding will only 22755 succeed if the type of the specified object matches 22756 some installed volume populator or dynamic provisioner. 22757 This field will replace the functionality of the DataSource 22758 field and as such if both fields are non-empty, they 22759 must have the same value. For backwards compatibility, 22760 both fields (DataSource and DataSourceRef) will be set 22761 to the same value automatically if one of them is empty 22762 and the other is non-empty. There are two important 22763 differences between DataSource and DataSourceRef: * 22764 While DataSource only allows two specific types of objects, 22765 DataSourceRef allows any non-core object, as well 22766 as PersistentVolumeClaim objects. * While DataSource 22767 ignores disallowed values (dropping them), DataSourceRef preserves 22768 all values, and generates an error if a disallowed value 22769 is specified. (Alpha) Using this field requires the 22770 AnyVolumeDataSource feature gate to be enabled.' 22771 properties: 22772 apiGroup: 22773 description: APIGroup is the group for the resource 22774 being referenced. If APIGroup is not specified, 22775 the specified Kind must be in the core API group. 22776 For any other third-party types, APIGroup is required. 22777 type: string 22778 kind: 22779 description: Kind is the type of resource being referenced 22780 type: string 22781 name: 22782 description: Name is the name of resource being referenced 22783 type: string 22784 required: 22785 - kind 22786 - name 22787 type: object 22788 resources: 22789 description: 'Resources represents the minimum resources 22790 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 22791 properties: 22792 limits: 22793 additionalProperties: 22794 anyOf: 22795 - type: integer 22796 - type: string 22797 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22798 x-kubernetes-int-or-string: true 22799 description: 'Limits describes the maximum amount 22800 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22801 type: object 22802 requests: 22803 additionalProperties: 22804 anyOf: 22805 - type: integer 22806 - type: string 22807 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22808 x-kubernetes-int-or-string: true 22809 description: 'Requests describes the minimum amount 22810 of compute resources required. If Requests is omitted 22811 for a container, it defaults to Limits if that is 22812 explicitly specified, otherwise to an implementation-defined 22813 value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 22814 type: object 22815 type: object 22816 selector: 22817 description: A label query over volumes to consider for 22818 binding. 22819 properties: 22820 matchExpressions: 22821 description: matchExpressions is a list of label selector 22822 requirements. The requirements are ANDed. 22823 items: 22824 description: A label selector requirement is a selector 22825 that contains values, a key, and an operator that 22826 relates the key and values. 22827 properties: 22828 key: 22829 description: key is the label key that the selector 22830 applies to. 22831 type: string 22832 operator: 22833 description: operator represents a key's relationship 22834 to a set of values. Valid operators are In, 22835 NotIn, Exists and DoesNotExist. 22836 type: string 22837 values: 22838 description: values is an array of string values. 22839 If the operator is In or NotIn, the values 22840 array must be non-empty. If the operator is 22841 Exists or DoesNotExist, the values array must 22842 be empty. This array is replaced during a 22843 strategic merge patch. 22844 items: 22845 type: string 22846 type: array 22847 required: 22848 - key 22849 - operator 22850 type: object 22851 type: array 22852 matchLabels: 22853 additionalProperties: 22854 type: string 22855 description: matchLabels is a map of {key,value} pairs. 22856 A single {key,value} in the matchLabels map is equivalent 22857 to an element of matchExpressions, whose key field 22858 is "key", the operator is "In", and the values array 22859 contains only "value". The requirements are ANDed. 22860 type: object 22861 type: object 22862 storageClassName: 22863 description: 'Name of the StorageClass required by the 22864 claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 22865 type: string 22866 volumeMode: 22867 description: volumeMode defines what type of volume is 22868 required by the claim. Value of Filesystem is implied 22869 when not included in claim spec. 22870 type: string 22871 volumeName: 22872 description: VolumeName is the binding reference to the 22873 PersistentVolume backing this claim. 22874 type: string 22875 type: object 22876 status: 22877 description: 'Status represents the current information/status 22878 of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 22879 properties: 22880 accessModes: 22881 description: 'AccessModes contains the actual access modes 22882 the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 22883 items: 22884 type: string 22885 type: array 22886 capacity: 22887 additionalProperties: 22888 anyOf: 22889 - type: integer 22890 - type: string 22891 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 22892 x-kubernetes-int-or-string: true 22893 description: Represents the actual resources of the underlying 22894 volume. 22895 type: object 22896 conditions: 22897 description: Current Condition of persistent volume claim. 22898 If underlying persistent volume is being resized then 22899 the Condition will be set to 'ResizeStarted'. 22900 items: 22901 description: PersistentVolumeClaimCondition contails 22902 details about state of pvc 22903 properties: 22904 lastProbeTime: 22905 description: Last time we probed the condition. 22906 format: date-time 22907 type: string 22908 lastTransitionTime: 22909 description: Last time the condition transitioned 22910 from one status to another. 22911 format: date-time 22912 type: string 22913 message: 22914 description: Human-readable message indicating details 22915 about last transition. 22916 type: string 22917 reason: 22918 description: Unique, this should be a short, machine 22919 understandable string that gives the reason for 22920 condition's last transition. If it reports "ResizeStarted" 22921 that means the underlying persistent volume is 22922 being resized. 22923 type: string 22924 status: 22925 type: string 22926 type: 22927 description: PersistentVolumeClaimConditionType 22928 is a valid value of PersistentVolumeClaimCondition.Type 22929 type: string 22930 required: 22931 - status 22932 - type 22933 type: object 22934 type: array 22935 phase: 22936 description: Phase represents the current phase of PersistentVolumeClaim. 22937 type: string 22938 type: object 22939 type: object 22940 type: object 22941 tolerations: 22942 description: If specified, the pod's tolerations. 22943 items: 22944 description: The pod this Toleration is attached to tolerates any 22945 taint that matches the triple <key,value,effect> using the matching 22946 operator <operator>. 22947 properties: 22948 effect: 22949 description: Effect indicates the taint effect to match. Empty 22950 means match all taint effects. When specified, allowed values 22951 are NoSchedule, PreferNoSchedule and NoExecute. 22952 type: string 22953 key: 22954 description: Key is the taint key that the toleration applies 22955 to. Empty means match all taint keys. If the key is empty, 22956 operator must be Exists; this combination means to match all 22957 values and all keys. 22958 type: string 22959 operator: 22960 description: Operator represents a key's relationship to the 22961 value. Valid operators are Exists and Equal. Defaults to Equal. 22962 Exists is equivalent to wildcard for value, so that a pod 22963 can tolerate all taints of a particular category. 22964 type: string 22965 tolerationSeconds: 22966 description: TolerationSeconds represents the period of time 22967 the toleration (which must be of effect NoExecute, otherwise 22968 this field is ignored) tolerates the taint. By default, it 22969 is not set, which means tolerate the taint forever (do not 22970 evict). Zero and negative values will be treated as 0 (evict 22971 immediately) by the system. 22972 format: int64 22973 type: integer 22974 value: 22975 description: Value is the taint value the toleration matches 22976 to. If the operator is Exists, the value should be empty, 22977 otherwise just a regular string. 22978 type: string 22979 type: object 22980 type: array 22981 topologySpreadConstraints: 22982 description: If specified, the pod's topology spread constraints. 22983 items: 22984 description: TopologySpreadConstraint specifies how to spread matching 22985 pods among the given topology. 22986 properties: 22987 labelSelector: 22988 description: LabelSelector is used to find matching pods. Pods 22989 that match this label selector are counted to determine the 22990 number of pods in their corresponding topology domain. 22991 properties: 22992 matchExpressions: 22993 description: matchExpressions is a list of label selector 22994 requirements. The requirements are ANDed. 22995 items: 22996 description: A label selector requirement is a selector 22997 that contains values, a key, and an operator that relates 22998 the key and values. 22999 properties: 23000 key: 23001 description: key is the label key that the selector 23002 applies to. 23003 type: string 23004 operator: 23005 description: operator represents a key's relationship 23006 to a set of values. Valid operators are In, NotIn, 23007 Exists and DoesNotExist. 23008 type: string 23009 values: 23010 description: values is an array of string values. 23011 If the operator is In or NotIn, the values array 23012 must be non-empty. If the operator is Exists or 23013 DoesNotExist, the values array must be empty. This 23014 array is replaced during a strategic merge patch. 23015 items: 23016 type: string 23017 type: array 23018 required: 23019 - key 23020 - operator 23021 type: object 23022 type: array 23023 matchLabels: 23024 additionalProperties: 23025 type: string 23026 description: matchLabels is a map of {key,value} pairs. 23027 A single {key,value} in the matchLabels map is equivalent 23028 to an element of matchExpressions, whose key field is 23029 "key", the operator is "In", and the values array contains 23030 only "value". The requirements are ANDed. 23031 type: object 23032 type: object 23033 maxSkew: 23034 description: 'MaxSkew describes the degree to which pods may 23035 be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, 23036 it is the maximum permitted difference between the number 23037 of matching pods in the target topology and the global minimum. 23038 For example, in a 3-zone cluster, MaxSkew is set to 1, and 23039 pods with the same labelSelector spread as 1/1/0: | zone1 23040 | zone2 | zone3 | | P | P | | - if MaxSkew is 23041 1, incoming pod can only be scheduled to zone3 to become 1/1/1; 23042 scheduling it onto zone1(zone2) would make the ActualSkew(2-0) 23043 on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming 23044 pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, 23045 it is used to give higher precedence to topologies that satisfy 23046 it. It''s a required field. Default value is 1 and 0 is not 23047 allowed.' 23048 format: int32 23049 type: integer 23050 topologyKey: 23051 description: TopologyKey is the key of node labels. Nodes that 23052 have a label with this key and identical values are considered 23053 to be in the same topology. We consider each <key, value> 23054 as a "bucket", and try to put balanced number of pods into 23055 each bucket. It's a required field. 23056 type: string 23057 whenUnsatisfiable: 23058 description: 'WhenUnsatisfiable indicates how to deal with a 23059 pod if it doesn''t satisfy the spread constraint. - DoNotSchedule 23060 (default) tells the scheduler not to schedule it. - ScheduleAnyway 23061 tells the scheduler to schedule the pod in any location, but 23062 giving higher precedence to topologies that would help reduce 23063 the skew. A constraint is considered "Unsatisfiable" for 23064 an incoming pod if and only if every possible node assigment 23065 for that pod would violate "MaxSkew" on some topology. For 23066 example, in a 3-zone cluster, MaxSkew is set to 1, and pods 23067 with the same labelSelector spread as 3/1/1: | zone1 | zone2 23068 | zone3 | | P P P | P | P | If WhenUnsatisfiable is 23069 set to DoNotSchedule, incoming pod can only be scheduled to 23070 zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on 23071 zone2(zone3) satisfies MaxSkew(1). In other words, the cluster 23072 can still be imbalanced, but scheduler won''t make it *more* 23073 imbalanced. It''s a required field.' 23074 type: string 23075 required: 23076 - maxSkew 23077 - topologyKey 23078 - whenUnsatisfiable 23079 type: object 23080 type: array 23081 tracingConfig: 23082 description: TracingConfig configures tracing in Thanos. This is an 23083 experimental feature, it may change in any upcoming release in a 23084 breaking way. 23085 properties: 23086 key: 23087 description: The key of the secret to select from. Must be a 23088 valid secret key. 23089 type: string 23090 name: 23091 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23092 TODO: Add other useful fields. apiVersion, kind, uid?' 23093 type: string 23094 optional: 23095 description: Specify whether the Secret or its key must be defined 23096 type: boolean 23097 required: 23098 - key 23099 type: object 23100 volumes: 23101 description: Volumes allows configuration of additional volumes on 23102 the output StatefulSet definition. Volumes specified will be appended 23103 to other volumes that are generated as a result of StorageSpec objects. 23104 items: 23105 description: Volume represents a named volume in a pod that may 23106 be accessed by any container in the pod. 23107 properties: 23108 awsElasticBlockStore: 23109 description: 'AWSElasticBlockStore represents an AWS Disk resource 23110 that is attached to a kubelet''s host machine and then exposed 23111 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23112 properties: 23113 fsType: 23114 description: 'Filesystem type of the volume that you want 23115 to mount. Tip: Ensure that the filesystem type is supported 23116 by the host operating system. Examples: "ext4", "xfs", 23117 "ntfs". Implicitly inferred to be "ext4" if unspecified. 23118 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore 23119 TODO: how do we prevent errors in the filesystem from 23120 compromising the machine' 23121 type: string 23122 partition: 23123 description: 'The partition in the volume that you want 23124 to mount. If omitted, the default is to mount by volume 23125 name. Examples: For volume /dev/sda1, you specify the 23126 partition as "1". Similarly, the volume partition for 23127 /dev/sda is "0" (or you can leave the property empty).' 23128 format: int32 23129 type: integer 23130 readOnly: 23131 description: 'Specify "true" to force and set the ReadOnly 23132 property in VolumeMounts to "true". If omitted, the default 23133 is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23134 type: boolean 23135 volumeID: 23136 description: 'Unique ID of the persistent disk resource 23137 in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' 23138 type: string 23139 required: 23140 - volumeID 23141 type: object 23142 azureDisk: 23143 description: AzureDisk represents an Azure Data Disk mount on 23144 the host and bind mount to the pod. 23145 properties: 23146 cachingMode: 23147 description: 'Host Caching mode: None, Read Only, Read Write.' 23148 type: string 23149 diskName: 23150 description: The Name of the data disk in the blob storage 23151 type: string 23152 diskURI: 23153 description: The URI the data disk in the blob storage 23154 type: string 23155 fsType: 23156 description: Filesystem type to mount. Must be a filesystem 23157 type supported by the host operating system. Ex. "ext4", 23158 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 23159 type: string 23160 kind: 23161 description: 'Expected values Shared: multiple blob disks 23162 per storage account Dedicated: single blob disk per storage 23163 account Managed: azure managed data disk (only in managed 23164 availability set). defaults to shared' 23165 type: string 23166 readOnly: 23167 description: Defaults to false (read/write). ReadOnly here 23168 will force the ReadOnly setting in VolumeMounts. 23169 type: boolean 23170 required: 23171 - diskName 23172 - diskURI 23173 type: object 23174 azureFile: 23175 description: AzureFile represents an Azure File Service mount 23176 on the host and bind mount to the pod. 23177 properties: 23178 readOnly: 23179 description: Defaults to false (read/write). ReadOnly here 23180 will force the ReadOnly setting in VolumeMounts. 23181 type: boolean 23182 secretName: 23183 description: the name of secret that contains Azure Storage 23184 Account Name and Key 23185 type: string 23186 shareName: 23187 description: Share Name 23188 type: string 23189 required: 23190 - secretName 23191 - shareName 23192 type: object 23193 cephfs: 23194 description: CephFS represents a Ceph FS mount on the host that 23195 shares a pod's lifetime 23196 properties: 23197 monitors: 23198 description: 'Required: Monitors is a collection of Ceph 23199 monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23200 items: 23201 type: string 23202 type: array 23203 path: 23204 description: 'Optional: Used as the mounted root, rather 23205 than the full Ceph tree, default is /' 23206 type: string 23207 readOnly: 23208 description: 'Optional: Defaults to false (read/write). 23209 ReadOnly here will force the ReadOnly setting in VolumeMounts. 23210 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23211 type: boolean 23212 secretFile: 23213 description: 'Optional: SecretFile is the path to key ring 23214 for User, default is /etc/ceph/user.secret More info: 23215 https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23216 type: string 23217 secretRef: 23218 description: 'Optional: SecretRef is reference to the authentication 23219 secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23220 properties: 23221 name: 23222 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23223 TODO: Add other useful fields. apiVersion, kind, uid?' 23224 type: string 23225 type: object 23226 user: 23227 description: 'Optional: User is the rados user name, default 23228 is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' 23229 type: string 23230 required: 23231 - monitors 23232 type: object 23233 cinder: 23234 description: 'Cinder represents a cinder volume attached and 23235 mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23236 properties: 23237 fsType: 23238 description: 'Filesystem type to mount. Must be a filesystem 23239 type supported by the host operating system. Examples: 23240 "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" 23241 if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23242 type: string 23243 readOnly: 23244 description: 'Optional: Defaults to false (read/write). 23245 ReadOnly here will force the ReadOnly setting in VolumeMounts. 23246 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23247 type: boolean 23248 secretRef: 23249 description: 'Optional: points to a secret object containing 23250 parameters used to connect to OpenStack.' 23251 properties: 23252 name: 23253 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23254 TODO: Add other useful fields. apiVersion, kind, uid?' 23255 type: string 23256 type: object 23257 volumeID: 23258 description: 'volume id used to identify the volume in cinder. 23259 More info: https://examples.k8s.io/mysql-cinder-pd/README.md' 23260 type: string 23261 required: 23262 - volumeID 23263 type: object 23264 configMap: 23265 description: ConfigMap represents a configMap that should populate 23266 this volume 23267 properties: 23268 defaultMode: 23269 description: 'Optional: mode bits used to set permissions 23270 on created files by default. Must be an octal value between 23271 0000 and 0777 or a decimal value between 0 and 511. YAML 23272 accepts both octal and decimal values, JSON requires decimal 23273 values for mode bits. Defaults to 0644. Directories within 23274 the path are not affected by this setting. This might 23275 be in conflict with other options that affect the file 23276 mode, like fsGroup, and the result can be other mode bits 23277 set.' 23278 format: int32 23279 type: integer 23280 items: 23281 description: If unspecified, each key-value pair in the 23282 Data field of the referenced ConfigMap will be projected 23283 into the volume as a file whose name is the key and content 23284 is the value. If specified, the listed keys will be projected 23285 into the specified paths, and unlisted keys will not be 23286 present. If a key is specified which is not present in 23287 the ConfigMap, the volume setup will error unless it is 23288 marked optional. Paths must be relative and may not contain 23289 the '..' path or start with '..'. 23290 items: 23291 description: Maps a string key to a path within a volume. 23292 properties: 23293 key: 23294 description: The key to project. 23295 type: string 23296 mode: 23297 description: 'Optional: mode bits used to set permissions 23298 on this file. Must be an octal value between 0000 23299 and 0777 or a decimal value between 0 and 511. YAML 23300 accepts both octal and decimal values, JSON requires 23301 decimal values for mode bits. If not specified, 23302 the volume defaultMode will be used. This might 23303 be in conflict with other options that affect the 23304 file mode, like fsGroup, and the result can be other 23305 mode bits set.' 23306 format: int32 23307 type: integer 23308 path: 23309 description: The relative path of the file to map 23310 the key to. May not be an absolute path. May not 23311 contain the path element '..'. May not start with 23312 the string '..'. 23313 type: string 23314 required: 23315 - key 23316 - path 23317 type: object 23318 type: array 23319 name: 23320 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23321 TODO: Add other useful fields. apiVersion, kind, uid?' 23322 type: string 23323 optional: 23324 description: Specify whether the ConfigMap or its keys must 23325 be defined 23326 type: boolean 23327 type: object 23328 csi: 23329 description: CSI (Container Storage Interface) represents ephemeral 23330 storage that is handled by certain external CSI drivers (Beta 23331 feature). 23332 properties: 23333 driver: 23334 description: Driver is the name of the CSI driver that handles 23335 this volume. Consult with your admin for the correct name 23336 as registered in the cluster. 23337 type: string 23338 fsType: 23339 description: Filesystem type to mount. Ex. "ext4", "xfs", 23340 "ntfs". If not provided, the empty value is passed to 23341 the associated CSI driver which will determine the default 23342 filesystem to apply. 23343 type: string 23344 nodePublishSecretRef: 23345 description: NodePublishSecretRef is a reference to the 23346 secret object containing sensitive information to pass 23347 to the CSI driver to complete the CSI NodePublishVolume 23348 and NodeUnpublishVolume calls. This field is optional, 23349 and may be empty if no secret is required. If the secret 23350 object contains more than one secret, all secret references 23351 are passed. 23352 properties: 23353 name: 23354 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23355 TODO: Add other useful fields. apiVersion, kind, uid?' 23356 type: string 23357 type: object 23358 readOnly: 23359 description: Specifies a read-only configuration for the 23360 volume. Defaults to false (read/write). 23361 type: boolean 23362 volumeAttributes: 23363 additionalProperties: 23364 type: string 23365 description: VolumeAttributes stores driver-specific properties 23366 that are passed to the CSI driver. Consult your driver's 23367 documentation for supported values. 23368 type: object 23369 required: 23370 - driver 23371 type: object 23372 downwardAPI: 23373 description: DownwardAPI represents downward API about the pod 23374 that should populate this volume 23375 properties: 23376 defaultMode: 23377 description: 'Optional: mode bits to use on created files 23378 by default. Must be a Optional: mode bits used to set 23379 permissions on created files by default. Must be an octal 23380 value between 0000 and 0777 or a decimal value between 23381 0 and 511. YAML accepts both octal and decimal values, 23382 JSON requires decimal values for mode bits. Defaults to 23383 0644. Directories within the path are not affected by 23384 this setting. This might be in conflict with other options 23385 that affect the file mode, like fsGroup, and the result 23386 can be other mode bits set.' 23387 format: int32 23388 type: integer 23389 items: 23390 description: Items is a list of downward API volume file 23391 items: 23392 description: DownwardAPIVolumeFile represents information 23393 to create the file containing the pod field 23394 properties: 23395 fieldRef: 23396 description: 'Required: Selects a field of the pod: 23397 only annotations, labels, name and namespace are 23398 supported.' 23399 properties: 23400 apiVersion: 23401 description: Version of the schema the FieldPath 23402 is written in terms of, defaults to "v1". 23403 type: string 23404 fieldPath: 23405 description: Path of the field to select in the 23406 specified API version. 23407 type: string 23408 required: 23409 - fieldPath 23410 type: object 23411 mode: 23412 description: 'Optional: mode bits used to set permissions 23413 on this file, must be an octal value between 0000 23414 and 0777 or a decimal value between 0 and 511. YAML 23415 accepts both octal and decimal values, JSON requires 23416 decimal values for mode bits. If not specified, 23417 the volume defaultMode will be used. This might 23418 be in conflict with other options that affect the 23419 file mode, like fsGroup, and the result can be other 23420 mode bits set.' 23421 format: int32 23422 type: integer 23423 path: 23424 description: 'Required: Path is the relative path 23425 name of the file to be created. Must not be absolute 23426 or contain the ''..'' path. Must be utf-8 encoded. 23427 The first item of the relative path must not start 23428 with ''..''' 23429 type: string 23430 resourceFieldRef: 23431 description: 'Selects a resource of the container: 23432 only resources limits and requests (limits.cpu, 23433 limits.memory, requests.cpu and requests.memory) 23434 are currently supported.' 23435 properties: 23436 containerName: 23437 description: 'Container name: required for volumes, 23438 optional for env vars' 23439 type: string 23440 divisor: 23441 anyOf: 23442 - type: integer 23443 - type: string 23444 description: Specifies the output format of the 23445 exposed resources, defaults to "1" 23446 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23447 x-kubernetes-int-or-string: true 23448 resource: 23449 description: 'Required: resource to select' 23450 type: string 23451 required: 23452 - resource 23453 type: object 23454 required: 23455 - path 23456 type: object 23457 type: array 23458 type: object 23459 emptyDir: 23460 description: 'EmptyDir represents a temporary directory that 23461 shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 23462 properties: 23463 medium: 23464 description: 'What type of storage medium should back this 23465 directory. The default is "" which means to use the node''s 23466 default medium. Must be an empty string (default) or Memory. 23467 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' 23468 type: string 23469 sizeLimit: 23470 anyOf: 23471 - type: integer 23472 - type: string 23473 description: 'Total amount of local storage required for 23474 this EmptyDir volume. The size limit is also applicable 23475 for memory medium. The maximum usage on memory medium 23476 EmptyDir would be the minimum value between the SizeLimit 23477 specified here and the sum of memory limits of all containers 23478 in a pod. The default is nil which means that the limit 23479 is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' 23480 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23481 x-kubernetes-int-or-string: true 23482 type: object 23483 ephemeral: 23484 description: "Ephemeral represents a volume that is handled 23485 by a cluster storage driver. The volume's lifecycle is tied 23486 to the pod that defines it - it will be created before the 23487 pod starts, and deleted when the pod is removed. \n Use this 23488 if: a) the volume is only needed while the pod runs, b) features 23489 of normal volumes like restoring from snapshot or capacity 23490 \ tracking are needed, c) the storage driver is specified 23491 through a storage class, and d) the storage driver supports 23492 dynamic volume provisioning through a PersistentVolumeClaim 23493 (see EphemeralVolumeSource for more information on the 23494 connection between this volume type and PersistentVolumeClaim). 23495 \n Use PersistentVolumeClaim or one of the vendor-specific 23496 APIs for volumes that persist for longer than the lifecycle 23497 of an individual pod. \n Use CSI for light-weight local ephemeral 23498 volumes if the CSI driver is meant to be used that way - see 23499 the documentation of the driver for more information. \n A 23500 pod can use both types of ephemeral volumes and persistent 23501 volumes at the same time. \n This is a beta feature and only 23502 available when the GenericEphemeralVolume feature gate is 23503 enabled." 23504 properties: 23505 volumeClaimTemplate: 23506 description: "Will be used to create a stand-alone PVC to 23507 provision the volume. The pod in which this EphemeralVolumeSource 23508 is embedded will be the owner of the PVC, i.e. the PVC 23509 will be deleted together with the pod. The name of the 23510 PVC will be `<pod name>-<volume name>` where `<volume 23511 name>` is the name from the `PodSpec.Volumes` array entry. 23512 Pod validation will reject the pod if the concatenated 23513 name is not valid for a PVC (for example, too long). \n 23514 An existing PVC with that name that is not owned by the 23515 pod will *not* be used for the pod to avoid using an unrelated 23516 volume by mistake. Starting the pod is then blocked until 23517 the unrelated PVC is removed. If such a pre-created PVC 23518 is meant to be used by the pod, the PVC has to updated 23519 with an owner reference to the pod once the pod exists. 23520 Normally this should not be necessary, but it may be useful 23521 when manually reconstructing a broken cluster. \n This 23522 field is read-only and no changes will be made by Kubernetes 23523 to the PVC after it has been created. \n Required, must 23524 not be nil." 23525 properties: 23526 metadata: 23527 description: May contain labels and annotations that 23528 will be copied into the PVC when creating it. No other 23529 fields are allowed and will be rejected during validation. 23530 type: object 23531 spec: 23532 description: The specification for the PersistentVolumeClaim. 23533 The entire content is copied unchanged into the PVC 23534 that gets created from this template. The same fields 23535 as in a PersistentVolumeClaim are also valid here. 23536 properties: 23537 accessModes: 23538 description: 'AccessModes contains the desired access 23539 modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' 23540 items: 23541 type: string 23542 type: array 23543 dataSource: 23544 description: 'This field can be used to specify 23545 either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) 23546 * An existing PVC (PersistentVolumeClaim) If the 23547 provisioner or an external controller can support 23548 the specified data source, it will create a new 23549 volume based on the contents of the specified 23550 data source. If the AnyVolumeDataSource feature 23551 gate is enabled, this field will always have the 23552 same contents as the DataSourceRef field.' 23553 properties: 23554 apiGroup: 23555 description: APIGroup is the group for the resource 23556 being referenced. If APIGroup is not specified, 23557 the specified Kind must be in the core API 23558 group. For any other third-party types, APIGroup 23559 is required. 23560 type: string 23561 kind: 23562 description: Kind is the type of resource being 23563 referenced 23564 type: string 23565 name: 23566 description: Name is the name of resource being 23567 referenced 23568 type: string 23569 required: 23570 - kind 23571 - name 23572 type: object 23573 dataSourceRef: 23574 description: 'Specifies the object from which to 23575 populate the volume with data, if a non-empty 23576 volume is desired. This may be any local object 23577 from a non-empty API group (non core object) or 23578 a PersistentVolumeClaim object. When this field 23579 is specified, volume binding will only succeed 23580 if the type of the specified object matches some 23581 installed volume populator or dynamic provisioner. 23582 This field will replace the functionality of the 23583 DataSource field and as such if both fields are 23584 non-empty, they must have the same value. For 23585 backwards compatibility, both fields (DataSource 23586 and DataSourceRef) will be set to the same value 23587 automatically if one of them is empty and the 23588 other is non-empty. There are two important differences 23589 between DataSource and DataSourceRef: * While 23590 DataSource only allows two specific types of objects, 23591 DataSourceRef allows any non-core object, as 23592 well as PersistentVolumeClaim objects. * While 23593 DataSource ignores disallowed values (dropping 23594 them), DataSourceRef preserves all values, and 23595 generates an error if a disallowed value is specified. 23596 (Alpha) Using this field requires the AnyVolumeDataSource 23597 feature gate to be enabled.' 23598 properties: 23599 apiGroup: 23600 description: APIGroup is the group for the resource 23601 being referenced. If APIGroup is not specified, 23602 the specified Kind must be in the core API 23603 group. For any other third-party types, APIGroup 23604 is required. 23605 type: string 23606 kind: 23607 description: Kind is the type of resource being 23608 referenced 23609 type: string 23610 name: 23611 description: Name is the name of resource being 23612 referenced 23613 type: string 23614 required: 23615 - kind 23616 - name 23617 type: object 23618 resources: 23619 description: 'Resources represents the minimum resources 23620 the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' 23621 properties: 23622 limits: 23623 additionalProperties: 23624 anyOf: 23625 - type: integer 23626 - type: string 23627 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23628 x-kubernetes-int-or-string: true 23629 description: 'Limits describes the maximum amount 23630 of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23631 type: object 23632 requests: 23633 additionalProperties: 23634 anyOf: 23635 - type: integer 23636 - type: string 23637 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 23638 x-kubernetes-int-or-string: true 23639 description: 'Requests describes the minimum 23640 amount of compute resources required. If Requests 23641 is omitted for a container, it defaults to 23642 Limits if that is explicitly specified, otherwise 23643 to an implementation-defined value. More info: 23644 https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' 23645 type: object 23646 type: object 23647 selector: 23648 description: A label query over volumes to consider 23649 for binding. 23650 properties: 23651 matchExpressions: 23652 description: matchExpressions is a list of label 23653 selector requirements. The requirements are 23654 ANDed. 23655 items: 23656 description: A label selector requirement 23657 is a selector that contains values, a key, 23658 and an operator that relates the key and 23659 values. 23660 properties: 23661 key: 23662 description: key is the label key that 23663 the selector applies to. 23664 type: string 23665 operator: 23666 description: operator represents a key's 23667 relationship to a set of values. Valid 23668 operators are In, NotIn, Exists and 23669 DoesNotExist. 23670 type: string 23671 values: 23672 description: values is an array of string 23673 values. If the operator is In or NotIn, 23674 the values array must be non-empty. 23675 If the operator is Exists or DoesNotExist, 23676 the values array must be empty. This 23677 array is replaced during a strategic 23678 merge patch. 23679 items: 23680 type: string 23681 type: array 23682 required: 23683 - key 23684 - operator 23685 type: object 23686 type: array 23687 matchLabels: 23688 additionalProperties: 23689 type: string 23690 description: matchLabels is a map of {key,value} 23691 pairs. A single {key,value} in the matchLabels 23692 map is equivalent to an element of matchExpressions, 23693 whose key field is "key", the operator is 23694 "In", and the values array contains only "value". 23695 The requirements are ANDed. 23696 type: object 23697 type: object 23698 storageClassName: 23699 description: 'Name of the StorageClass required 23700 by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' 23701 type: string 23702 volumeMode: 23703 description: volumeMode defines what type of volume 23704 is required by the claim. Value of Filesystem 23705 is implied when not included in claim spec. 23706 type: string 23707 volumeName: 23708 description: VolumeName is the binding reference 23709 to the PersistentVolume backing this claim. 23710 type: string 23711 type: object 23712 required: 23713 - spec 23714 type: object 23715 type: object 23716 fc: 23717 description: FC represents a Fibre Channel resource that is 23718 attached to a kubelet's host machine and then exposed to the 23719 pod. 23720 properties: 23721 fsType: 23722 description: 'Filesystem type to mount. Must be a filesystem 23723 type supported by the host operating system. Ex. "ext4", 23724 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 23725 TODO: how do we prevent errors in the filesystem from 23726 compromising the machine' 23727 type: string 23728 lun: 23729 description: 'Optional: FC target lun number' 23730 format: int32 23731 type: integer 23732 readOnly: 23733 description: 'Optional: Defaults to false (read/write). 23734 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 23735 type: boolean 23736 targetWWNs: 23737 description: 'Optional: FC target worldwide names (WWNs)' 23738 items: 23739 type: string 23740 type: array 23741 wwids: 23742 description: 'Optional: FC volume world wide identifiers 23743 (wwids) Either wwids or combination of targetWWNs and 23744 lun must be set, but not both simultaneously.' 23745 items: 23746 type: string 23747 type: array 23748 type: object 23749 flexVolume: 23750 description: FlexVolume represents a generic volume resource 23751 that is provisioned/attached using an exec based plugin. 23752 properties: 23753 driver: 23754 description: Driver is the name of the driver to use for 23755 this volume. 23756 type: string 23757 fsType: 23758 description: Filesystem type to mount. Must be a filesystem 23759 type supported by the host operating system. Ex. "ext4", 23760 "xfs", "ntfs". The default filesystem depends on FlexVolume 23761 script. 23762 type: string 23763 options: 23764 additionalProperties: 23765 type: string 23766 description: 'Optional: Extra command options if any.' 23767 type: object 23768 readOnly: 23769 description: 'Optional: Defaults to false (read/write). 23770 ReadOnly here will force the ReadOnly setting in VolumeMounts.' 23771 type: boolean 23772 secretRef: 23773 description: 'Optional: SecretRef is reference to the secret 23774 object containing sensitive information to pass to the 23775 plugin scripts. This may be empty if no secret object 23776 is specified. If the secret object contains more than 23777 one secret, all secrets are passed to the plugin scripts.' 23778 properties: 23779 name: 23780 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23781 TODO: Add other useful fields. apiVersion, kind, uid?' 23782 type: string 23783 type: object 23784 required: 23785 - driver 23786 type: object 23787 flocker: 23788 description: Flocker represents a Flocker volume attached to 23789 a kubelet's host machine. This depends on the Flocker control 23790 service being running 23791 properties: 23792 datasetName: 23793 description: Name of the dataset stored as metadata -> name 23794 on the dataset for Flocker should be considered as deprecated 23795 type: string 23796 datasetUUID: 23797 description: UUID of the dataset. This is unique identifier 23798 of a Flocker dataset 23799 type: string 23800 type: object 23801 gcePersistentDisk: 23802 description: 'GCEPersistentDisk represents a GCE Disk resource 23803 that is attached to a kubelet''s host machine and then exposed 23804 to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 23805 properties: 23806 fsType: 23807 description: 'Filesystem type of the volume that you want 23808 to mount. Tip: Ensure that the filesystem type is supported 23809 by the host operating system. Examples: "ext4", "xfs", 23810 "ntfs". Implicitly inferred to be "ext4" if unspecified. 23811 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk 23812 TODO: how do we prevent errors in the filesystem from 23813 compromising the machine' 23814 type: string 23815 partition: 23816 description: 'The partition in the volume that you want 23817 to mount. If omitted, the default is to mount by volume 23818 name. Examples: For volume /dev/sda1, you specify the 23819 partition as "1". Similarly, the volume partition for 23820 /dev/sda is "0" (or you can leave the property empty). 23821 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 23822 format: int32 23823 type: integer 23824 pdName: 23825 description: 'Unique name of the PD resource in GCE. Used 23826 to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 23827 type: string 23828 readOnly: 23829 description: 'ReadOnly here will force the ReadOnly setting 23830 in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' 23831 type: boolean 23832 required: 23833 - pdName 23834 type: object 23835 gitRepo: 23836 description: 'GitRepo represents a git repository at a particular 23837 revision. DEPRECATED: GitRepo is deprecated. To provision 23838 a container with a git repo, mount an EmptyDir into an InitContainer 23839 that clones the repo using git, then mount the EmptyDir into 23840 the Pod''s container.' 23841 properties: 23842 directory: 23843 description: Target directory name. Must not contain or 23844 start with '..'. If '.' is supplied, the volume directory 23845 will be the git repository. Otherwise, if specified, 23846 the volume will contain the git repository in the subdirectory 23847 with the given name. 23848 type: string 23849 repository: 23850 description: Repository URL 23851 type: string 23852 revision: 23853 description: Commit hash for the specified revision. 23854 type: string 23855 required: 23856 - repository 23857 type: object 23858 glusterfs: 23859 description: 'Glusterfs represents a Glusterfs mount on the 23860 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' 23861 properties: 23862 endpoints: 23863 description: 'EndpointsName is the endpoint name that details 23864 Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 23865 type: string 23866 path: 23867 description: 'Path is the Glusterfs volume path. More info: 23868 https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 23869 type: string 23870 readOnly: 23871 description: 'ReadOnly here will force the Glusterfs volume 23872 to be mounted with read-only permissions. Defaults to 23873 false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' 23874 type: boolean 23875 required: 23876 - endpoints 23877 - path 23878 type: object 23879 hostPath: 23880 description: 'HostPath represents a pre-existing file or directory 23881 on the host machine that is directly exposed to the container. 23882 This is generally used for system agents or other privileged 23883 things that are allowed to see the host machine. Most containers 23884 will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath 23885 --- TODO(jonesdl) We need to restrict who can use host directory 23886 mounts and who can/can not mount host directories as read/write.' 23887 properties: 23888 path: 23889 description: 'Path of the directory on the host. If the 23890 path is a symlink, it will follow the link to the real 23891 path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 23892 type: string 23893 type: 23894 description: 'Type for HostPath Volume Defaults to "" More 23895 info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' 23896 type: string 23897 required: 23898 - path 23899 type: object 23900 iscsi: 23901 description: 'ISCSI represents an ISCSI Disk resource that is 23902 attached to a kubelet''s host machine and then exposed to 23903 the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' 23904 properties: 23905 chapAuthDiscovery: 23906 description: whether support iSCSI Discovery CHAP authentication 23907 type: boolean 23908 chapAuthSession: 23909 description: whether support iSCSI Session CHAP authentication 23910 type: boolean 23911 fsType: 23912 description: 'Filesystem type of the volume that you want 23913 to mount. Tip: Ensure that the filesystem type is supported 23914 by the host operating system. Examples: "ext4", "xfs", 23915 "ntfs". Implicitly inferred to be "ext4" if unspecified. 23916 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi 23917 TODO: how do we prevent errors in the filesystem from 23918 compromising the machine' 23919 type: string 23920 initiatorName: 23921 description: Custom iSCSI Initiator Name. If initiatorName 23922 is specified with iscsiInterface simultaneously, new iSCSI 23923 interface <target portal>:<volume name> will be created 23924 for the connection. 23925 type: string 23926 iqn: 23927 description: Target iSCSI Qualified Name. 23928 type: string 23929 iscsiInterface: 23930 description: iSCSI Interface Name that uses an iSCSI transport. 23931 Defaults to 'default' (tcp). 23932 type: string 23933 lun: 23934 description: iSCSI Target Lun number. 23935 format: int32 23936 type: integer 23937 portals: 23938 description: iSCSI Target Portal List. The portal is either 23939 an IP or ip_addr:port if the port is other than default 23940 (typically TCP ports 860 and 3260). 23941 items: 23942 type: string 23943 type: array 23944 readOnly: 23945 description: ReadOnly here will force the ReadOnly setting 23946 in VolumeMounts. Defaults to false. 23947 type: boolean 23948 secretRef: 23949 description: CHAP Secret for iSCSI target and initiator 23950 authentication 23951 properties: 23952 name: 23953 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23954 TODO: Add other useful fields. apiVersion, kind, uid?' 23955 type: string 23956 type: object 23957 targetPortal: 23958 description: iSCSI Target Portal. The Portal is either an 23959 IP or ip_addr:port if the port is other than default (typically 23960 TCP ports 860 and 3260). 23961 type: string 23962 required: 23963 - iqn 23964 - lun 23965 - targetPortal 23966 type: object 23967 name: 23968 description: 'Volume''s name. Must be a DNS_LABEL and unique 23969 within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 23970 type: string 23971 nfs: 23972 description: 'NFS represents an NFS mount on the host that shares 23973 a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 23974 properties: 23975 path: 23976 description: 'Path that is exported by the NFS server. More 23977 info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 23978 type: string 23979 readOnly: 23980 description: 'ReadOnly here will force the NFS export to 23981 be mounted with read-only permissions. Defaults to false. 23982 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 23983 type: boolean 23984 server: 23985 description: 'Server is the hostname or IP address of the 23986 NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' 23987 type: string 23988 required: 23989 - path 23990 - server 23991 type: object 23992 persistentVolumeClaim: 23993 description: 'PersistentVolumeClaimVolumeSource represents a 23994 reference to a PersistentVolumeClaim in the same namespace. 23995 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 23996 properties: 23997 claimName: 23998 description: 'ClaimName is the name of a PersistentVolumeClaim 23999 in the same namespace as the pod using this volume. More 24000 info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' 24001 type: string 24002 readOnly: 24003 description: Will force the ReadOnly setting in VolumeMounts. 24004 Default false. 24005 type: boolean 24006 required: 24007 - claimName 24008 type: object 24009 photonPersistentDisk: 24010 description: PhotonPersistentDisk represents a PhotonController 24011 persistent disk attached and mounted on kubelets host machine 24012 properties: 24013 fsType: 24014 description: Filesystem type to mount. Must be a filesystem 24015 type supported by the host operating system. Ex. "ext4", 24016 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 24017 type: string 24018 pdID: 24019 description: ID that identifies Photon Controller persistent 24020 disk 24021 type: string 24022 required: 24023 - pdID 24024 type: object 24025 portworxVolume: 24026 description: PortworxVolume represents a portworx volume attached 24027 and mounted on kubelets host machine 24028 properties: 24029 fsType: 24030 description: FSType represents the filesystem type to mount 24031 Must be a filesystem type supported by the host operating 24032 system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" 24033 if unspecified. 24034 type: string 24035 readOnly: 24036 description: Defaults to false (read/write). ReadOnly here 24037 will force the ReadOnly setting in VolumeMounts. 24038 type: boolean 24039 volumeID: 24040 description: VolumeID uniquely identifies a Portworx volume 24041 type: string 24042 required: 24043 - volumeID 24044 type: object 24045 projected: 24046 description: Items for all in one resources secrets, configmaps, 24047 and downward API 24048 properties: 24049 defaultMode: 24050 description: Mode bits used to set permissions on created 24051 files by default. Must be an octal value between 0000 24052 and 0777 or a decimal value between 0 and 511. YAML accepts 24053 both octal and decimal values, JSON requires decimal values 24054 for mode bits. Directories within the path are not affected 24055 by this setting. This might be in conflict with other 24056 options that affect the file mode, like fsGroup, and the 24057 result can be other mode bits set. 24058 format: int32 24059 type: integer 24060 sources: 24061 description: list of volume projections 24062 items: 24063 description: Projection that may be projected along with 24064 other supported volume types 24065 properties: 24066 configMap: 24067 description: information about the configMap data 24068 to project 24069 properties: 24070 items: 24071 description: If unspecified, each key-value pair 24072 in the Data field of the referenced ConfigMap 24073 will be projected into the volume as a file 24074 whose name is the key and content is the value. 24075 If specified, the listed keys will be projected 24076 into the specified paths, and unlisted keys 24077 will not be present. If a key is specified which 24078 is not present in the ConfigMap, the volume 24079 setup will error unless it is marked optional. 24080 Paths must be relative and may not contain the 24081 '..' path or start with '..'. 24082 items: 24083 description: Maps a string key to a path within 24084 a volume. 24085 properties: 24086 key: 24087 description: The key to project. 24088 type: string 24089 mode: 24090 description: 'Optional: mode bits used to 24091 set permissions on this file. Must be 24092 an octal value between 0000 and 0777 or 24093 a decimal value between 0 and 511. YAML 24094 accepts both octal and decimal values, 24095 JSON requires decimal values for mode 24096 bits. If not specified, the volume defaultMode 24097 will be used. This might be in conflict 24098 with other options that affect the file 24099 mode, like fsGroup, and the result can 24100 be other mode bits set.' 24101 format: int32 24102 type: integer 24103 path: 24104 description: The relative path of the file 24105 to map the key to. May not be an absolute 24106 path. May not contain the path element 24107 '..'. May not start with the string '..'. 24108 type: string 24109 required: 24110 - key 24111 - path 24112 type: object 24113 type: array 24114 name: 24115 description: 'Name of the referent. More info: 24116 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24117 TODO: Add other useful fields. apiVersion, kind, 24118 uid?' 24119 type: string 24120 optional: 24121 description: Specify whether the ConfigMap or 24122 its keys must be defined 24123 type: boolean 24124 type: object 24125 downwardAPI: 24126 description: information about the downwardAPI data 24127 to project 24128 properties: 24129 items: 24130 description: Items is a list of DownwardAPIVolume 24131 file 24132 items: 24133 description: DownwardAPIVolumeFile represents 24134 information to create the file containing 24135 the pod field 24136 properties: 24137 fieldRef: 24138 description: 'Required: Selects a field 24139 of the pod: only annotations, labels, 24140 name and namespace are supported.' 24141 properties: 24142 apiVersion: 24143 description: Version of the schema the 24144 FieldPath is written in terms of, 24145 defaults to "v1". 24146 type: string 24147 fieldPath: 24148 description: Path of the field to select 24149 in the specified API version. 24150 type: string 24151 required: 24152 - fieldPath 24153 type: object 24154 mode: 24155 description: 'Optional: mode bits used to 24156 set permissions on this file, must be 24157 an octal value between 0000 and 0777 or 24158 a decimal value between 0 and 511. YAML 24159 accepts both octal and decimal values, 24160 JSON requires decimal values for mode 24161 bits. If not specified, the volume defaultMode 24162 will be used. This might be in conflict 24163 with other options that affect the file 24164 mode, like fsGroup, and the result can 24165 be other mode bits set.' 24166 format: int32 24167 type: integer 24168 path: 24169 description: 'Required: Path is the relative 24170 path name of the file to be created. Must 24171 not be absolute or contain the ''..'' 24172 path. Must be utf-8 encoded. The first 24173 item of the relative path must not start 24174 with ''..''' 24175 type: string 24176 resourceFieldRef: 24177 description: 'Selects a resource of the 24178 container: only resources limits and requests 24179 (limits.cpu, limits.memory, requests.cpu 24180 and requests.memory) are currently supported.' 24181 properties: 24182 containerName: 24183 description: 'Container name: required 24184 for volumes, optional for env vars' 24185 type: string 24186 divisor: 24187 anyOf: 24188 - type: integer 24189 - type: string 24190 description: Specifies the output format 24191 of the exposed resources, defaults 24192 to "1" 24193 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 24194 x-kubernetes-int-or-string: true 24195 resource: 24196 description: 'Required: resource to 24197 select' 24198 type: string 24199 required: 24200 - resource 24201 type: object 24202 required: 24203 - path 24204 type: object 24205 type: array 24206 type: object 24207 secret: 24208 description: information about the secret data to 24209 project 24210 properties: 24211 items: 24212 description: If unspecified, each key-value pair 24213 in the Data field of the referenced Secret will 24214 be projected into the volume as a file whose 24215 name is the key and content is the value. If 24216 specified, the listed keys will be projected 24217 into the specified paths, and unlisted keys 24218 will not be present. If a key is specified which 24219 is not present in the Secret, the volume setup 24220 will error unless it is marked optional. Paths 24221 must be relative and may not contain the '..' 24222 path or start with '..'. 24223 items: 24224 description: Maps a string key to a path within 24225 a volume. 24226 properties: 24227 key: 24228 description: The key to project. 24229 type: string 24230 mode: 24231 description: 'Optional: mode bits used to 24232 set permissions on this file. Must be 24233 an octal value between 0000 and 0777 or 24234 a decimal value between 0 and 511. YAML 24235 accepts both octal and decimal values, 24236 JSON requires decimal values for mode 24237 bits. If not specified, the volume defaultMode 24238 will be used. This might be in conflict 24239 with other options that affect the file 24240 mode, like fsGroup, and the result can 24241 be other mode bits set.' 24242 format: int32 24243 type: integer 24244 path: 24245 description: The relative path of the file 24246 to map the key to. May not be an absolute 24247 path. May not contain the path element 24248 '..'. May not start with the string '..'. 24249 type: string 24250 required: 24251 - key 24252 - path 24253 type: object 24254 type: array 24255 name: 24256 description: 'Name of the referent. More info: 24257 https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24258 TODO: Add other useful fields. apiVersion, kind, 24259 uid?' 24260 type: string 24261 optional: 24262 description: Specify whether the Secret or its 24263 key must be defined 24264 type: boolean 24265 type: object 24266 serviceAccountToken: 24267 description: information about the serviceAccountToken 24268 data to project 24269 properties: 24270 audience: 24271 description: Audience is the intended audience 24272 of the token. A recipient of a token must identify 24273 itself with an identifier specified in the audience 24274 of the token, and otherwise should reject the 24275 token. The audience defaults to the identifier 24276 of the apiserver. 24277 type: string 24278 expirationSeconds: 24279 description: ExpirationSeconds is the requested 24280 duration of validity of the service account 24281 token. As the token approaches expiration, the 24282 kubelet volume plugin will proactively rotate 24283 the service account token. The kubelet will 24284 start trying to rotate the token if the token 24285 is older than 80 percent of its time to live 24286 or if the token is older than 24 hours.Defaults 24287 to 1 hour and must be at least 10 minutes. 24288 format: int64 24289 type: integer 24290 path: 24291 description: Path is the path relative to the 24292 mount point of the file to project the token 24293 into. 24294 type: string 24295 required: 24296 - path 24297 type: object 24298 type: object 24299 type: array 24300 type: object 24301 quobyte: 24302 description: Quobyte represents a Quobyte mount on the host 24303 that shares a pod's lifetime 24304 properties: 24305 group: 24306 description: Group to map volume access to Default is no 24307 group 24308 type: string 24309 readOnly: 24310 description: ReadOnly here will force the Quobyte volume 24311 to be mounted with read-only permissions. Defaults to 24312 false. 24313 type: boolean 24314 registry: 24315 description: Registry represents a single or multiple Quobyte 24316 Registry services specified as a string as host:port pair 24317 (multiple entries are separated with commas) which acts 24318 as the central registry for volumes 24319 type: string 24320 tenant: 24321 description: Tenant owning the given Quobyte volume in the 24322 Backend Used with dynamically provisioned Quobyte volumes, 24323 value is set by the plugin 24324 type: string 24325 user: 24326 description: User to map volume access to Defaults to serivceaccount 24327 user 24328 type: string 24329 volume: 24330 description: Volume is a string that references an already 24331 created Quobyte volume by name. 24332 type: string 24333 required: 24334 - registry 24335 - volume 24336 type: object 24337 rbd: 24338 description: 'RBD represents a Rados Block Device mount on the 24339 host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' 24340 properties: 24341 fsType: 24342 description: 'Filesystem type of the volume that you want 24343 to mount. Tip: Ensure that the filesystem type is supported 24344 by the host operating system. Examples: "ext4", "xfs", 24345 "ntfs". Implicitly inferred to be "ext4" if unspecified. 24346 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd 24347 TODO: how do we prevent errors in the filesystem from 24348 compromising the machine' 24349 type: string 24350 image: 24351 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24352 type: string 24353 keyring: 24354 description: 'Keyring is the path to key ring for RBDUser. 24355 Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24356 type: string 24357 monitors: 24358 description: 'A collection of Ceph monitors. More info: 24359 https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24360 items: 24361 type: string 24362 type: array 24363 pool: 24364 description: 'The rados pool name. Default is rbd. More 24365 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24366 type: string 24367 readOnly: 24368 description: 'ReadOnly here will force the ReadOnly setting 24369 in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24370 type: boolean 24371 secretRef: 24372 description: 'SecretRef is name of the authentication secret 24373 for RBDUser. If provided overrides keyring. Default is 24374 nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24375 properties: 24376 name: 24377 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24378 TODO: Add other useful fields. apiVersion, kind, uid?' 24379 type: string 24380 type: object 24381 user: 24382 description: 'The rados user name. Default is admin. More 24383 info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' 24384 type: string 24385 required: 24386 - image 24387 - monitors 24388 type: object 24389 scaleIO: 24390 description: ScaleIO represents a ScaleIO persistent volume 24391 attached and mounted on Kubernetes nodes. 24392 properties: 24393 fsType: 24394 description: Filesystem type to mount. Must be a filesystem 24395 type supported by the host operating system. Ex. "ext4", 24396 "xfs", "ntfs". Default is "xfs". 24397 type: string 24398 gateway: 24399 description: The host address of the ScaleIO API Gateway. 24400 type: string 24401 protectionDomain: 24402 description: The name of the ScaleIO Protection Domain for 24403 the configured storage. 24404 type: string 24405 readOnly: 24406 description: Defaults to false (read/write). ReadOnly here 24407 will force the ReadOnly setting in VolumeMounts. 24408 type: boolean 24409 secretRef: 24410 description: SecretRef references to the secret for ScaleIO 24411 user and other sensitive information. If this is not provided, 24412 Login operation will fail. 24413 properties: 24414 name: 24415 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24416 TODO: Add other useful fields. apiVersion, kind, uid?' 24417 type: string 24418 type: object 24419 sslEnabled: 24420 description: Flag to enable/disable SSL communication with 24421 Gateway, default false 24422 type: boolean 24423 storageMode: 24424 description: Indicates whether the storage for a volume 24425 should be ThickProvisioned or ThinProvisioned. Default 24426 is ThinProvisioned. 24427 type: string 24428 storagePool: 24429 description: The ScaleIO Storage Pool associated with the 24430 protection domain. 24431 type: string 24432 system: 24433 description: The name of the storage system as configured 24434 in ScaleIO. 24435 type: string 24436 volumeName: 24437 description: The name of a volume already created in the 24438 ScaleIO system that is associated with this volume source. 24439 type: string 24440 required: 24441 - gateway 24442 - secretRef 24443 - system 24444 type: object 24445 secret: 24446 description: 'Secret represents a secret that should populate 24447 this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 24448 properties: 24449 defaultMode: 24450 description: 'Optional: mode bits used to set permissions 24451 on created files by default. Must be an octal value between 24452 0000 and 0777 or a decimal value between 0 and 511. YAML 24453 accepts both octal and decimal values, JSON requires decimal 24454 values for mode bits. Defaults to 0644. Directories within 24455 the path are not affected by this setting. This might 24456 be in conflict with other options that affect the file 24457 mode, like fsGroup, and the result can be other mode bits 24458 set.' 24459 format: int32 24460 type: integer 24461 items: 24462 description: If unspecified, each key-value pair in the 24463 Data field of the referenced Secret will be projected 24464 into the volume as a file whose name is the key and content 24465 is the value. If specified, the listed keys will be projected 24466 into the specified paths, and unlisted keys will not be 24467 present. If a key is specified which is not present in 24468 the Secret, the volume setup will error unless it is marked 24469 optional. Paths must be relative and may not contain the 24470 '..' path or start with '..'. 24471 items: 24472 description: Maps a string key to a path within a volume. 24473 properties: 24474 key: 24475 description: The key to project. 24476 type: string 24477 mode: 24478 description: 'Optional: mode bits used to set permissions 24479 on this file. Must be an octal value between 0000 24480 and 0777 or a decimal value between 0 and 511. YAML 24481 accepts both octal and decimal values, JSON requires 24482 decimal values for mode bits. If not specified, 24483 the volume defaultMode will be used. This might 24484 be in conflict with other options that affect the 24485 file mode, like fsGroup, and the result can be other 24486 mode bits set.' 24487 format: int32 24488 type: integer 24489 path: 24490 description: The relative path of the file to map 24491 the key to. May not be an absolute path. May not 24492 contain the path element '..'. May not start with 24493 the string '..'. 24494 type: string 24495 required: 24496 - key 24497 - path 24498 type: object 24499 type: array 24500 optional: 24501 description: Specify whether the Secret or its keys must 24502 be defined 24503 type: boolean 24504 secretName: 24505 description: 'Name of the secret in the pod''s namespace 24506 to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' 24507 type: string 24508 type: object 24509 storageos: 24510 description: StorageOS represents a StorageOS volume attached 24511 and mounted on Kubernetes nodes. 24512 properties: 24513 fsType: 24514 description: Filesystem type to mount. Must be a filesystem 24515 type supported by the host operating system. Ex. "ext4", 24516 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 24517 type: string 24518 readOnly: 24519 description: Defaults to false (read/write). ReadOnly here 24520 will force the ReadOnly setting in VolumeMounts. 24521 type: boolean 24522 secretRef: 24523 description: SecretRef specifies the secret to use for obtaining 24524 the StorageOS API credentials. If not specified, default 24525 values will be attempted. 24526 properties: 24527 name: 24528 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24529 TODO: Add other useful fields. apiVersion, kind, uid?' 24530 type: string 24531 type: object 24532 volumeName: 24533 description: VolumeName is the human-readable name of the 24534 StorageOS volume. Volume names are only unique within 24535 a namespace. 24536 type: string 24537 volumeNamespace: 24538 description: VolumeNamespace specifies the scope of the 24539 volume within StorageOS. If no namespace is specified 24540 then the Pod's namespace will be used. This allows the 24541 Kubernetes name scoping to be mirrored within StorageOS 24542 for tighter integration. Set VolumeName to any name to 24543 override the default behaviour. Set to "default" if you 24544 are not using namespaces within StorageOS. Namespaces 24545 that do not pre-exist within StorageOS will be created. 24546 type: string 24547 type: object 24548 vsphereVolume: 24549 description: VsphereVolume represents a vSphere volume attached 24550 and mounted on kubelets host machine 24551 properties: 24552 fsType: 24553 description: Filesystem type to mount. Must be a filesystem 24554 type supported by the host operating system. Ex. "ext4", 24555 "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. 24556 type: string 24557 storagePolicyID: 24558 description: Storage Policy Based Management (SPBM) profile 24559 ID associated with the StoragePolicyName. 24560 type: string 24561 storagePolicyName: 24562 description: Storage Policy Based Management (SPBM) profile 24563 name. 24564 type: string 24565 volumePath: 24566 description: Path that identifies vSphere volume vmdk 24567 type: string 24568 required: 24569 - volumePath 24570 type: object 24571 required: 24572 - name 24573 type: object 24574 type: array 24575 type: object 24576 status: 24577 description: 'Most recent observed status of the ThanosRuler cluster. 24578 Read-only. Not included when requesting from the apiserver, only from 24579 the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' 24580 properties: 24581 availableReplicas: 24582 description: Total number of available pods (ready for at least minReadySeconds) 24583 targeted by this ThanosRuler deployment. 24584 format: int32 24585 type: integer 24586 paused: 24587 description: Represents whether any actions on the underlying managed 24588 objects are being performed. Only delete actions will be performed. 24589 type: boolean 24590 replicas: 24591 description: Total number of non-terminated pods targeted by this 24592 ThanosRuler deployment (their labels match the selector). 24593 format: int32 24594 type: integer 24595 unavailableReplicas: 24596 description: Total number of unavailable pods targeted by this ThanosRuler 24597 deployment. 24598 format: int32 24599 type: integer 24600 updatedReplicas: 24601 description: Total number of non-terminated pods targeted by this 24602 ThanosRuler deployment that have the desired version spec. 24603 format: int32 24604 type: integer 24605 required: 24606 - availableReplicas 24607 - paused 24608 - replicas 24609 - unavailableReplicas 24610 - updatedReplicas 24611 type: object 24612 required: 24613 - spec 24614 type: object 24615 served: true 24616 storage: true 24617 status: 24618 acceptedNames: 24619 kind: "" 24620 plural: "" 24621 conditions: [] 24622 storedVersions: [] 24623 --- 24624 apiVersion: rbac.authorization.k8s.io/v1 24625 kind: ClusterRoleBinding 24626 metadata: 24627 labels: 24628 app.kubernetes.io/component: controller 24629 app.kubernetes.io/name: prometheus-operator 24630 app.kubernetes.io/version: 0.52.0 24631 name: prometheus-operator 24632 roleRef: 24633 apiGroup: rbac.authorization.k8s.io 24634 kind: ClusterRole 24635 name: prometheus-operator 24636 subjects: 24637 - kind: ServiceAccount 24638 name: prometheus-operator 24639 namespace: default 24640 --- 24641 apiVersion: rbac.authorization.k8s.io/v1 24642 kind: ClusterRole 24643 metadata: 24644 labels: 24645 app.kubernetes.io/component: controller 24646 app.kubernetes.io/name: prometheus-operator 24647 app.kubernetes.io/version: 0.52.0 24648 name: prometheus-operator 24649 rules: 24650 - apiGroups: 24651 - monitoring.coreos.com 24652 resources: 24653 - alertmanagers 24654 - alertmanagers/finalizers 24655 - alertmanagerconfigs 24656 - prometheuses 24657 - prometheuses/finalizers 24658 - thanosrulers 24659 - thanosrulers/finalizers 24660 - servicemonitors 24661 - podmonitors 24662 - probes 24663 - prometheusrules 24664 verbs: 24665 - '*' 24666 - apiGroups: 24667 - apps 24668 resources: 24669 - statefulsets 24670 verbs: 24671 - '*' 24672 - apiGroups: 24673 - "" 24674 resources: 24675 - configmaps 24676 - secrets 24677 verbs: 24678 - '*' 24679 - apiGroups: 24680 - "" 24681 resources: 24682 - pods 24683 verbs: 24684 - list 24685 - delete 24686 - apiGroups: 24687 - "" 24688 resources: 24689 - services 24690 - services/finalizers 24691 - endpoints 24692 verbs: 24693 - get 24694 - create 24695 - update 24696 - delete 24697 - apiGroups: 24698 - "" 24699 resources: 24700 - nodes 24701 verbs: 24702 - list 24703 - watch 24704 - apiGroups: 24705 - "" 24706 resources: 24707 - namespaces 24708 verbs: 24709 - get 24710 - list 24711 - watch 24712 - apiGroups: 24713 - networking.k8s.io 24714 resources: 24715 - ingresses 24716 verbs: 24717 - get 24718 - list 24719 - watch 24720 --- 24721 apiVersion: apps/v1 24722 kind: Deployment 24723 metadata: 24724 labels: 24725 app.kubernetes.io/component: controller 24726 app.kubernetes.io/name: prometheus-operator 24727 app.kubernetes.io/version: 0.52.0 24728 name: prometheus-operator 24729 namespace: default 24730 spec: 24731 replicas: 1 24732 selector: 24733 matchLabels: 24734 app.kubernetes.io/component: controller 24735 app.kubernetes.io/name: prometheus-operator 24736 template: 24737 metadata: 24738 annotations: 24739 kubectl.kubernetes.io/default-container: prometheus-operator 24740 labels: 24741 app.kubernetes.io/component: controller 24742 app.kubernetes.io/name: prometheus-operator 24743 app.kubernetes.io/version: 0.52.0 24744 spec: 24745 containers: 24746 - args: 24747 - --kubelet-service=kube-system/kubelet 24748 - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.51.2 24749 image: quay.io/prometheus-operator/prometheus-operator:v0.51.2 24750 name: prometheus-operator 24751 ports: 24752 - containerPort: 8080 24753 name: http 24754 resources: 24755 limits: 24756 cpu: 200m 24757 memory: 200Mi 24758 requests: 24759 cpu: 100m 24760 memory: 100Mi 24761 securityContext: 24762 allowPrivilegeEscalation: false 24763 nodeSelector: 24764 kubernetes.io/os: linux 24765 securityContext: 24766 runAsNonRoot: true 24767 runAsUser: 65534 24768 serviceAccountName: prometheus-operator 24769 --- 24770 apiVersion: v1 24771 kind: ServiceAccount 24772 metadata: 24773 labels: 24774 app.kubernetes.io/component: controller 24775 app.kubernetes.io/name: prometheus-operator 24776 app.kubernetes.io/version: 0.52.0 24777 name: prometheus-operator 24778 namespace: default 24779 --- 24780 apiVersion: v1 24781 kind: Service 24782 metadata: 24783 labels: 24784 app.kubernetes.io/component: controller 24785 app.kubernetes.io/name: prometheus-operator 24786 app.kubernetes.io/version: 0.52.0 24787 name: prometheus-operator 24788 namespace: default 24789 spec: 24790 clusterIP: None 24791 ports: 24792 - name: http 24793 port: 8080 24794 targetPort: http 24795 selector: 24796 app.kubernetes.io/component: controller 24797 app.kubernetes.io/name: prometheus-operator