Google Git
Sign in
apache / camel-k / bc7c2ddfaf469d02cbc87897a0e8a50c41b0594a / . / helm / camel-k / crds / camel-k-crds.yaml
blob: f2dde79ccb315cfb3669cbec14f0efb2b1482842 [file] [log] [blame]
# ---------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ---------------------------------------------------------------------------
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: builds.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: Build
listKind: BuildList
plural: builds
shortNames:
- ikb
singular: build
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The build phase
jsonPath: .status.phase
name: Phase
type: string
- description: The time at which the build was created
jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: The time at which the build was last (re-)started
jsonPath: .status.startedAt
name: Started
type: date
- description: The build last execution duration
jsonPath: .status.duration
name: Duration
type: string
- description: The number of execution attempts
jsonPath: .status.failure.recovery.attempt
name: Attempts
type: integer
name: v1
schema:
openAPIV3Schema:
description: Build is the Schema for the builds API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate
to think it as pipeline.
properties:
configuration:
description: |-
The configuration that should be used to perform the Build.
Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod. Only used
for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only used for
`pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required. Only used
for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod. Only used
for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder Pod (must
be the same of the operator in charge of this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to build a container
image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only used for
`pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required. Only used
for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the build.
type: string
type: object
maxRunningBuilds:
description: |-
the maximum amount of parallel running builds started by this operator instance
Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
format: int32
type: integer
operatorNamespace:
description: |-
The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation).
Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
type: string
tasks:
description: The sequence of tasks (pipeline) to be performed.
items:
description: Task represents the abstract task. Only one of the
task should be configured to represent the specific task chosen.
properties:
buildah:
description: |-
a BuildahTask, for Buildah strategy
Deprecated: use jib or a custom publishing strategy instead
properties:
baseImage:
description: base image layer
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
contextDir:
description: can be useful to share info with other tasks
type: string
executorImage:
description: docker image to use
type: string
image:
description: final image name
type: string
name:
description: name of the task
type: string
platform:
description: The platform of build image
type: string
registry:
description: where to publish the final image
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate
Authority
type: string
insecure:
description: if the container registry is insecure (ie,
http only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
verbose:
description: log more information
type: boolean
type: object
builder:
description: a BuilderTask, used to generate and build the project
properties:
baseImage:
description: the base image layer
type: string
buildDir:
description: workspace directory to use
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
dependencies:
description: the list of dependencies to use for this build
items:
type: string
type: array
maven:
description: the configuration required by Maven for the
application build phase
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a
Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
repositories:
description: additional repositories
items:
description: Repository defines a Maven repository.
properties:
id:
description: identifies the repository
type: string
name:
description: name of the repository
type: string
releases:
description: can use stable releases
properties:
checksumPolicy:
description: |-
When Maven deploys files to the repository, it also deploys corresponding checksum files.
Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
type: string
enabled:
description: is the policy activated or not
type: boolean
updatePolicy:
description: |-
This element specifies how often updates should attempt to occur.
Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
type: string
required:
- enabled
type: object
snapshots:
description: can use snapshot
properties:
checksumPolicy:
description: |-
When Maven deploys files to the repository, it also deploys corresponding checksum files.
Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
type: string
enabled:
description: is the policy activated or not
type: boolean
updatePolicy:
description: |-
This element specifies how often updates should attempt to occur.
Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
type: string
required:
- enabled
type: object
url:
description: location of the repository
type: string
required:
- id
- url
type: object
type: array
servers:
description: Servers (auth)
items:
description: Server see link:https://maven.apache.org/settings.html[Maven
settings].
properties:
configuration:
additionalProperties:
type: string
description: Properties -- .
type: object
id:
type: string
password:
type: string
username:
type: string
type: object
type: array
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
name:
description: name of the task
type: string
runtime:
description: the configuration required for the runtime
application
properties:
applicationClass:
description: application entry point (main) to be executed
type: string
capabilities:
additionalProperties:
description: |-
Capability is a particular feature which requires a well known set of dependencies and other properties
which are specified in the runtime catalog.
properties:
buildTimeProperties:
description: Set of required Camel build time
properties
items:
description: CamelProperty represents a Camel
property that may end up in an application.properties
file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
dependencies:
description: List of required Maven dependencies
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: Set of generic metadata
type: object
runtimeProperties:
description: Set of required Camel runtime properties
items:
description: CamelProperty represents a Camel
property that may end up in an application.properties
file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
type: object
description: features offered by this runtime
type: object
dependencies:
description: list of dependencies needed to run the
application
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: set of metadata
type: object
provider:
description: Camel main application provider, ie, Camel
Quarkus
type: string
version:
description: Camel K Runtime version
type: string
required:
- applicationClass
- dependencies
- provider
- version
type: object
sources:
description: the sources to add at build time
items:
description: SourceSpec defines the configuration for
one or more routes to be executed in a certain Camel
DSL language.
properties:
compression:
description: if the content is compressed (base64
encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source
content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a
Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel
DSL) used to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the
source (e.g. if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described
by this object
type: string
type: object
type: array
steps:
description: the list of steps to execute (see pkg/builder/)
items:
type: string
type: array
type: object
custom:
description: User customizable task execution. These are executed
after the build and before the package task.
properties:
command:
description: |-
the command to execute
Deprecated: use ContainerCommands
type: string
commands:
description: the command to execute
items:
type: string
type: array
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
image:
description: the container image to use
type: string
name:
description: name of the task
type: string
publishingImage:
description: the desired image build name
type: string
userId:
description: the user id used to run the container
format: int64
type: integer
type: object
jib:
description: a JibTask, for Jib strategy
properties:
baseImage:
description: base image layer
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
contextDir:
description: can be useful to share info with other tasks
type: string
image:
description: final image name
type: string
name:
description: name of the task
type: string
registry:
description: where to publish the final image
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate
Authority
type: string
insecure:
description: if the container registry is insecure (ie,
http only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
type: object
kaniko:
description: |-
a KanikoTask, for Kaniko strategy
Deprecated: use jib or a custom publishing strategy instead
properties:
baseImage:
description: base image layer
type: string
cache:
description: use a cache
properties:
enabled:
description: true if a cache is enabled
type: boolean
persistentVolumeClaim:
description: the PVC used to store the cache
type: string
type: object
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
contextDir:
description: can be useful to share info with other tasks
type: string
executorImage:
description: docker image to use
type: string
image:
description: final image name
type: string
name:
description: name of the task
type: string
registry:
description: where to publish the final image
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate
Authority
type: string
insecure:
description: if the container registry is insecure (ie,
http only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
verbose:
description: log more information
type: boolean
type: object
package:
description: |-
Application pre publishing
a PackageTask, used to package the project
properties:
baseImage:
description: the base image layer
type: string
buildDir:
description: workspace directory to use
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
dependencies:
description: the list of dependencies to use for this build
items:
type: string
type: array
maven:
description: the configuration required by Maven for the
application build phase
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a
Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
repositories:
description: additional repositories
items:
description: Repository defines a Maven repository.
properties:
id:
description: identifies the repository
type: string
name:
description: name of the repository
type: string
releases:
description: can use stable releases
properties:
checksumPolicy:
description: |-
When Maven deploys files to the repository, it also deploys corresponding checksum files.
Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
type: string
enabled:
description: is the policy activated or not
type: boolean
updatePolicy:
description: |-
This element specifies how often updates should attempt to occur.
Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
type: string
required:
- enabled
type: object
snapshots:
description: can use snapshot
properties:
checksumPolicy:
description: |-
When Maven deploys files to the repository, it also deploys corresponding checksum files.
Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums.
type: string
enabled:
description: is the policy activated or not
type: boolean
updatePolicy:
description: |-
This element specifies how often updates should attempt to occur.
Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.
The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`
type: string
required:
- enabled
type: object
url:
description: location of the repository
type: string
required:
- id
- url
type: object
type: array
servers:
description: Servers (auth)
items:
description: Server see link:https://maven.apache.org/settings.html[Maven
settings].
properties:
configuration:
additionalProperties:
type: string
description: Properties -- .
type: object
id:
type: string
password:
type: string
username:
type: string
type: object
type: array
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
name:
description: name of the task
type: string
runtime:
description: the configuration required for the runtime
application
properties:
applicationClass:
description: application entry point (main) to be executed
type: string
capabilities:
additionalProperties:
description: |-
Capability is a particular feature which requires a well known set of dependencies and other properties
which are specified in the runtime catalog.
properties:
buildTimeProperties:
description: Set of required Camel build time
properties
items:
description: CamelProperty represents a Camel
property that may end up in an application.properties
file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
dependencies:
description: List of required Maven dependencies
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: Set of generic metadata
type: object
runtimeProperties:
description: Set of required Camel runtime properties
items:
description: CamelProperty represents a Camel
property that may end up in an application.properties
file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
type: object
description: features offered by this runtime
type: object
dependencies:
description: list of dependencies needed to run the
application
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: set of metadata
type: object
provider:
description: Camel main application provider, ie, Camel
Quarkus
type: string
version:
description: Camel K Runtime version
type: string
required:
- applicationClass
- dependencies
- provider
- version
type: object
sources:
description: the sources to add at build time
items:
description: SourceSpec defines the configuration for
one or more routes to be executed in a certain Camel
DSL language.
properties:
compression:
description: if the content is compressed (base64
encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source
content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a
Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel
DSL) used to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the
source (e.g. if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described
by this object
type: string
type: object
type: array
steps:
description: the list of steps to execute (see pkg/builder/)
items:
type: string
type: array
type: object
s2i:
description: |-
a S2iTask, for S2I strategy
Deprecated: use jib or a custom publishing strategy instead
properties:
baseImage:
description: base image layer
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
contextDir:
description: can be useful to share info with other tasks
type: string
image:
description: final image name
type: string
name:
description: name of the task
type: string
registry:
description: where to publish the final image
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate
Authority
type: string
insecure:
description: if the container registry is insecure (ie,
http only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
tag:
description: used by the ImageStream
type: string
type: object
spectrum:
description: |-
a SpectrumTask, for Spectrum strategy
Deprecated: use jib or a custom publishing strategy instead
properties:
baseImage:
description: base image layer
type: string
configuration:
description: The configuration that should be used to perform
the Build.
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod.
Only used for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only
used for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required.
Only used for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod.
Only used for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder
Pod (must be the same of the operator in charge of
this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to
build a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only
used for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required.
Only used for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the
build.
type: string
type: object
contextDir:
description: can be useful to share info with other tasks
type: string
image:
description: final image name
type: string
name:
description: name of the task
type: string
registry:
description: where to publish the final image
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate
Authority
type: string
insecure:
description: if the container registry is insecure (ie,
http only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
type: object
type: object
type: array
timeout:
description: |-
Timeout defines the Build maximum execution duration.
The Build deadline is set to the Build start time plus the Timeout duration.
If the Build deadline is exceeded, the Build context is canceled,
and its phase set to BuildPhaseFailed.
format: duration
type: string
toolImage:
description: |-
The container image to be used to run the build.
Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility
type: string
type: object
status:
description: BuildStatus defines the observed state of Build.
properties:
artifacts:
description: a list of artifacts contained in the build
items:
description: Artifact represents a materialized artifact (a jar
dependency or in general a file used by the build).
properties:
checksum:
description: a checksum (SHA1) of the content
type: string
id:
description: the identification (GAV for maven dependencies
or file name for other file types)
type: string
location:
description: where it is located in the builder `Pod`
type: string
target:
description: the expected location in the runtime
type: string
required:
- id
type: object
type: array
baseImage:
description: the base image used for this build
type: string
conditions:
description: a list of conditions occurred during the build
items:
description: BuildCondition describes the state of a resource at
a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of integration condition.
type: string
required:
- status
- type
type: object
type: array
digest:
description: the digest from image
type: string
duration:
description: |-
how long it took for the build
Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3
https://github.com/OAI/OpenAPI-Specification/issues/845
type: string
error:
description: the error description (if any)
type: string
failure:
description: the reason of the failure (if any)
properties:
reason:
description: a short text specifying the reason
type: string
recovery:
description: the recovery attempted for this failure
properties:
attempt:
description: attempt number
type: integer
attemptMax:
description: maximum number of attempts
type: integer
attemptTime:
description: time of the attempt execution
format: date-time
type: string
required:
- attempt
- attemptMax
type: object
time:
description: the time when the failure has happened
format: date-time
type: string
required:
- reason
- recovery
- time
type: object
image:
description: the image name built
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this Build.
format: int64
type: integer
phase:
description: describes the phase
type: string
rootImage:
description: root image (the first image from which the incremental
image has started)
type: string
startedAt:
description: the time when it started
format: date-time
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: camelcatalogs.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: CamelCatalog
listKind: CamelCatalogList
plural: camelcatalogs
shortNames:
- cc
singular: camelcatalog
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The Runtime provider
jsonPath: .spec.runtime.provider
name: Runtime Provider
type: string
- description: The Runtime version
jsonPath: .spec.runtime.version
name: Runtime Version
type: string
- description: The Camel version
jsonPath: .spec.runtime.metadata.camel\.version
name: Runtime Camel Version
type: string
- description: The catalog phase
jsonPath: .status.phase
name: Phase
type: string
name: v1
schema:
openAPIV3Schema:
description: CamelCatalog represents the languages, components, data formats
and capabilities enabled on a given runtime provider. The catalog may be
statically generated.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: the desired state of the catalog
properties:
artifacts:
additionalProperties:
description: CamelArtifact represent the configuration for a feature
offered by Camel.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
dataformats:
description: accepted data formats
items:
type: string
type: array
dependencies:
description: required dependencies
items:
description: CamelArtifactDependency represent a maven's dependency.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
exclusions:
description: provide a list of artifacts to exclude for
this dependency
items:
description: CamelArtifactExclusion represents an exclusion
clause.
properties:
artifactId:
description: Maven Artifact
type: string
groupId:
description: Maven Group
type: string
required:
- artifactId
- groupId
type: object
type: array
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
exclusions:
description: provide a list of artifacts to exclude for this
dependency
items:
description: CamelArtifactExclusion represents an exclusion
clause.
properties:
artifactId:
description: Maven Artifact
type: string
groupId:
description: Maven Group
type: string
required:
- artifactId
- groupId
type: object
type: array
groupId:
description: Maven Group
type: string
javaTypes:
description: the Java types used by the artifact feature (ie,
component, data format, ...)
items:
type: string
type: array
languages:
description: accepted languages
items:
type: string
type: array
schemes:
description: accepted URI schemes
items:
description: CamelScheme represents the scheme used to identify
a component in a URI (ie, timer in a timer:xyz endpoint
URI).
properties:
consumer:
description: required scope for consumer
properties:
dependencies:
description: list of dependencies needed for this
scope
items:
description: CamelArtifactDependency represent a
maven's dependency.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
exclusions:
description: provide a list of artifacts to
exclude for this dependency
items:
description: CamelArtifactExclusion represents
an exclusion clause.
properties:
artifactId:
description: Maven Artifact
type: string
groupId:
description: Maven Group
type: string
required:
- artifactId
- groupId
type: object
type: array
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
type: object
http:
description: is a HTTP based scheme
type: boolean
id:
description: the ID (ie, timer in a timer:xyz URI)
type: string
passive:
description: is a passive scheme
type: boolean
producer:
description: required scope for producers
properties:
dependencies:
description: list of dependencies needed for this
scope
items:
description: CamelArtifactDependency represent a
maven's dependency.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
exclusions:
description: provide a list of artifacts to
exclude for this dependency
items:
description: CamelArtifactExclusion represents
an exclusion clause.
properties:
artifactId:
description: Maven Artifact
type: string
groupId:
description: Maven Group
type: string
required:
- artifactId
- groupId
type: object
type: array
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
type: object
required:
- http
- id
- passive
type: object
type: array
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
description: artifacts required by this catalog
type: object
loaders:
additionalProperties:
description: CamelLoader represents the configuration required to
load a DSL.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
dependencies:
description: a list of additional dependencies required beside
the base one
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
groupId:
description: Maven Group
type: string
languages:
description: a list of DSLs supported
items:
type: string
type: array
metadata:
additionalProperties:
type: string
description: the metadata of the loader
type: object
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
description: loaders required by this catalog
type: object
runtime:
description: the runtime targeted for the catalog
properties:
applicationClass:
description: application entry point (main) to be executed
type: string
capabilities:
additionalProperties:
description: |-
Capability is a particular feature which requires a well known set of dependencies and other properties
which are specified in the runtime catalog.
properties:
buildTimeProperties:
description: Set of required Camel build time properties
items:
description: CamelProperty represents a Camel property
that may end up in an application.properties file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
dependencies:
description: List of required Maven dependencies
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: Set of generic metadata
type: object
runtimeProperties:
description: Set of required Camel runtime properties
items:
description: CamelProperty represents a Camel property
that may end up in an application.properties file.
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
type: object
description: features offered by this runtime
type: object
dependencies:
description: list of dependencies needed to run the application
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
metadata:
additionalProperties:
type: string
description: set of metadata
type: object
provider:
description: Camel main application provider, ie, Camel Quarkus
type: string
version:
description: Camel K Runtime version
type: string
required:
- applicationClass
- dependencies
- provider
- version
type: object
required:
- artifacts
- loaders
- runtime
type: object
status:
description: the actual state of the catalog
properties:
conditions:
description: a list of events happened for the CamelCatalog
items:
description: CamelCatalogCondition describes the state of a resource
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of CamelCatalog condition.
type: string
required:
- status
- type
type: object
type: array
image:
description: the container image available for building an application
with this catalog
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this Catalog.
format: int64
type: integer
phase:
description: the actual phase
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: integrationkits.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: IntegrationKit
listKind: IntegrationKitList
plural: integrationkits
shortNames:
- ik
singular: integrationkit
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The integration kit alias
jsonPath: .metadata.labels.camel\.apache\.org\/kit\.alias
name: Alias
type: string
- description: The integration kit phase
jsonPath: .status.phase
name: Phase
type: string
- description: The integration kit type
jsonPath: .metadata.labels.camel\.apache\.org\/kit\.type
name: Type
type: string
- description: The integration kit layout
jsonPath: .metadata.labels.camel\.apache\.org\/kit\.layout
name: Layout
type: string
- description: The integration kit image
jsonPath: .status.image
name: Image
type: string
- description: The integration kit root image
jsonPath: .status.rootImage
name: Root
type: string
name: v1
schema:
openAPIV3Schema:
description: |-
IntegrationKit defines a container image and additional configuration needed to run an `Integration`.
An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it,
in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit`
may be used for other kits as a base container layer, when the `incremental` build option is enabled.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: the desired configuration
properties:
capabilities:
description: features offered by the IntegrationKit
items:
type: string
type: array
configuration:
description: |-
Deprecated:
Use camel trait (camel.properties) to manage properties
Use mount trait (mount.configs) to manage configs
Use mount trait (mount.resources) to manage resources
Use mount trait (mount.volumes) to manage volumes
configuration used by the kit
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie: property,
configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
dependencies:
description: a list of Camel dependecies used by this kit
items:
type: string
type: array
image:
description: the container image as identified in the container registry
type: string
profile:
description: the profile which is expected by this kit
type: string
repositories:
description: Maven repositories that can be used by the kit
items:
type: string
type: array
sources:
description: the sources to add at build time
items:
description: SourceSpec defines the configuration for one or more
routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL) used
to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source (e.g.
if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described by this
object
type: string
type: object
type: array
traits:
description: traits that the kit will execute
properties:
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The collection of addon trait configurations
type: object
builder:
description: The builder trait is internally used to determine
the best strategy to build and configure IntegrationKits.
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The Camel trait sets up Camel configuration.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
quarkus:
description: |-
The Quarkus trait configures the Quarkus runtime.
It's enabled by default.
NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available.
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
type: object
type: object
status:
description: the actual status
properties:
artifacts:
description: list of artifacts used by the kit
items:
description: Artifact represents a materialized artifact (a jar
dependency or in general a file used by the build).
properties:
checksum:
description: a checksum (SHA1) of the content
type: string
id:
description: the identification (GAV for maven dependencies
or file name for other file types)
type: string
location:
description: where it is located in the builder `Pod`
type: string
target:
description: the expected location in the runtime
type: string
required:
- id
type: object
type: array
baseImage:
description: base image used by the kit (could be another IntegrationKit)
type: string
catalog:
description: the catalog used to build/operate the IntegrationKit.
properties:
provider:
description: RuntimeProvider is the provider chosen for the runtime.
type: string
version:
type: string
type: object
conditions:
description: a list of conditions which happened for the events related
the kit
items:
description: IntegrationKitCondition describes the state of a resource
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of integration condition.
type: string
required:
- status
- type
type: object
type: array
digest:
description: actual image digest of the kit
type: string
failure:
description: failure reason (if any)
properties:
reason:
description: a short text specifying the reason
type: string
recovery:
description: the recovery attempted for this failure
properties:
attempt:
description: attempt number
type: integer
attemptMax:
description: maximum number of attempts
type: integer
attemptTime:
description: time of the attempt execution
format: date-time
type: string
required:
- attempt
- attemptMax
type: object
time:
description: the time when the failure has happened
format: date-time
type: string
required:
- reason
- recovery
- time
type: object
image:
description: actual image name of the kit
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this IntegrationKit.
format: int64
type: integer
phase:
description: phase of the kit
type: string
platform:
description: the platform for which this kit was configured
type: string
rootImage:
description: root image used by the kit (the first image from which
the incremental image has started, typically a JDK/JRE base image)
type: string
runtimeProvider:
description: the runtime provider for which this kit was configured
type: string
runtimeVersion:
description: the runtime version for which this kit was configured
type: string
version:
description: the Camel K operator version for which this kit was configured
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: integrationplatforms.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: IntegrationPlatform
listKind: IntegrationPlatformList
plural: integrationplatforms
shortNames:
- itp
singular: integrationplatform
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The integration platform phase
jsonPath: .status.phase
name: Phase
type: string
- description: The default build strategy
jsonPath: .status.build.buildConfiguration.strategy
name: Build strategy
type: string
- description: The default publish strategy
jsonPath: .status.build.publishStrategy
name: Publish strategy
type: string
- description: The container registry address
jsonPath: .status.build.registry.address
name: Registry address
type: string
- description: The default runtime version
jsonPath: .status.build.runtimeVersion
name: Default runtime
type: string
- description: The default Camel core version
jsonPath: .status.build.runtimeCoreVersion
name: Camel version
type: string
name: v1
schema:
openAPIV3Schema:
description: |-
IntegrationPlatform is the resource used to drive the Camel K operator behavior.
It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
When the Camel K operator is installed in `global` mode,
you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: IntegrationPlatformSpec defines the desired state of IntegrationPlatform.
properties:
build:
description: specify how to build the Integration/IntegrationKits
properties:
PublishStrategyOptions:
additionalProperties:
type: string
description: 'Deprecated: no longer in use'
type: object
baseImage:
description: |-
a base image that can be used as base layer for all images.
It can be useful if you want to provide some custom base image with further utility software
type: string
buildCatalogToolTimeout:
description: |-
the timeout (in seconds) to use when creating the build tools container image
Deprecated: no longer in use
type: string
buildConfiguration:
description: the configuration required to build an Integration
container image
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod. Only used
for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only used
for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required. Only used
for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod. Only used
for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder Pod (must
be the same of the operator in charge of this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to build
a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only used
for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required. Only used
for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the build.
type: string
type: object
maven:
description: Maven configuration used to build the Camel/Camel-Quarkus
applications
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
maxRunningBuilds:
description: the maximum amount of parallel running pipelines
started by this operator instance
format: int32
type: integer
publishStrategy:
description: the strategy to adopt for publishing an Integration
container image
type: string
registry:
description: the image registry used to push/pull Integration
images
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate Authority
type: string
insecure:
description: if the container registry is insecure (ie, http
only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
runtimeCoreVersion:
description: the Camel core version used by this IntegrationPlatform
type: string
runtimeProvider:
description: the runtime used. Likely Camel Quarkus (we used to
have main runtime which has been discontinued since version
1.5)
type: string
runtimeVersion:
description: the Camel K Runtime dependency version
type: string
timeout:
description: how much time to wait before time out the pipeline
process
type: string
type: object
cluster:
description: what kind of cluster you're running (ie, plain Kubernetes
or OpenShift)
type: string
configuration:
description: |-
Deprecated:
Use camel trait (camel.properties) to manage properties
Use mount trait (mount.configs) to manage configs
Use mount trait (mount.resources) to manage resources
Use mount trait (mount.volumes) to manage volumes
list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie: property,
configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
kamelet:
description: configuration to be executed to all Kamelets controlled
by this IntegrationPlatform
properties:
repositories:
description: remote repository used to retrieve Kamelet catalog
items:
description: KameletRepositorySpec defines the location of the
Kamelet catalog to use.
properties:
uri:
description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
type: string
type: object
type: array
type: object
profile:
description: |-
the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
type: string
traits:
description: list of traits to be executed for all the Integration/IntegrationKits
built from this IntegrationPlatform
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
type: object
status:
description: IntegrationPlatformStatus defines the observed state of IntegrationPlatform.
properties:
build:
description: specify how to build the Integration/IntegrationKits
properties:
PublishStrategyOptions:
additionalProperties:
type: string
description: 'Deprecated: no longer in use'
type: object
baseImage:
description: |-
a base image that can be used as base layer for all images.
It can be useful if you want to provide some custom base image with further utility software
type: string
buildCatalogToolTimeout:
description: |-
the timeout (in seconds) to use when creating the build tools container image
Deprecated: no longer in use
type: string
buildConfiguration:
description: the configuration required to build an Integration
container image
properties:
annotations:
additionalProperties:
type: string
description: Annotation to use for the builder pod. Only used
for `pod` strategy
type: object
limitCPU:
description: The maximum amount of CPU required. Only used
for `pod` strategy
type: string
limitMemory:
description: The maximum amount of memory required. Only used
for `pod` strategy
type: string
nodeSelector:
additionalProperties:
type: string
description: The node selector for the builder pod. Only used
for `pod` strategy
type: object
operatorNamespace:
description: The namespace where to run the builder Pod (must
be the same of the operator in charge of this Build reconciliation).
type: string
orderStrategy:
description: the build order strategy to adopt
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of platforms used in order to build
a container image.
items:
type: string
type: array
requestCPU:
description: The minimum amount of CPU required. Only used
for `pod` strategy
type: string
requestMemory:
description: The minimum amount of memory required. Only used
for `pod` strategy
type: string
strategy:
description: the strategy to adopt
enum:
- routine
- pod
type: string
toolImage:
description: The container image to be used to run the build.
type: string
type: object
maven:
description: Maven configuration used to build the Camel/Camel-Quarkus
applications
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
maxRunningBuilds:
description: the maximum amount of parallel running pipelines
started by this operator instance
format: int32
type: integer
publishStrategy:
description: the strategy to adopt for publishing an Integration
container image
type: string
registry:
description: the image registry used to push/pull Integration
images
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate Authority
type: string
insecure:
description: if the container registry is insecure (ie, http
only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
runtimeCoreVersion:
description: the Camel core version used by this IntegrationPlatform
type: string
runtimeProvider:
description: the runtime used. Likely Camel Quarkus (we used to
have main runtime which has been discontinued since version
1.5)
type: string
runtimeVersion:
description: the Camel K Runtime dependency version
type: string
timeout:
description: how much time to wait before time out the pipeline
process
type: string
type: object
cluster:
description: what kind of cluster you're running (ie, plain Kubernetes
or OpenShift)
type: string
conditions:
description: which are the conditions met (particularly useful when
in ERROR phase)
items:
description: IntegrationPlatformCondition describes the state of
a resource at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of integration condition.
type: string
required:
- status
- type
type: object
type: array
configuration:
description: |-
Deprecated:
Use camel trait (camel.properties) to manage properties
Use mount trait (mount.configs) to manage configs
Use mount trait (mount.resources) to manage resources
Use mount trait (mount.volumes) to manage volumes
list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie: property,
configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
info:
additionalProperties:
type: string
description: generic information related to the build of Camel K operator
software
type: object
kamelet:
description: configuration to be executed to all Kamelets controlled
by this IntegrationPlatform
properties:
repositories:
description: remote repository used to retrieve Kamelet catalog
items:
description: KameletRepositorySpec defines the location of the
Kamelet catalog to use.
properties:
uri:
description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
type: string
type: object
type: array
type: object
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this IntegrationPlatform.
format: int64
type: integer
phase:
description: defines in what phase the IntegrationPlatform is found
type: string
profile:
description: |-
the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.
It usually relates the Cluster with the optional definition of special profiles (ie, Knative)
type: string
traits:
description: list of traits to be executed for all the Integration/IntegrationKits
built from this IntegrationPlatform
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
version:
description: the Camel K operator version controlling this IntegrationPlatform
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: integrationprofiles.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: IntegrationProfile
listKind: IntegrationProfileList
plural: integrationprofiles
shortNames:
- ipr
singular: integrationprofile
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The integration profile phase
jsonPath: .status.phase
name: Phase
type: string
- description: The default runtime version
jsonPath: .status.build.runtimeVersion
name: Default runtime
type: string
name: v1
schema:
openAPIV3Schema:
description: |-
IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior.
It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.
Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: IntegrationProfileSpec applies user defined settings to the
IntegrationProfile.
properties:
build:
description: specify how to build the Integration/IntegrationKits
properties:
baseImage:
description: |-
a base image that can be used as base layer for all images.
It can be useful if you want to provide some custom base image with further utility software
type: string
maven:
description: Maven configuration used to build the Camel/Camel-Quarkus
applications
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
registry:
description: the image registry used to push/pull Integration
images
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate Authority
type: string
insecure:
description: if the container registry is insecure (ie, http
only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
runtimeProvider:
description: the runtime used. Likely Camel Quarkus (we used to
have main runtime which has been discontinued since version
1.5)
type: string
runtimeVersion:
description: the Camel K Runtime dependency version
type: string
timeout:
description: how much time to wait before time out the pipeline
process
type: string
type: object
kamelet:
description: configuration to be executed to all Kamelets controlled
by this IntegrationProfile
properties:
repositories:
description: remote repository used to retrieve Kamelet catalog
items:
description: KameletRepositorySpec defines the location of the
Kamelet catalog to use.
properties:
uri:
description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
type: string
type: object
type: array
type: object
traits:
description: list of traits to be executed for all the Integration/IntegrationKits
built from this IntegrationProfile
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
type: object
status:
description: IntegrationProfileStatus defines the observed state of IntegrationProfile.
properties:
build:
description: specify how to build the Integration/IntegrationKits
properties:
baseImage:
description: |-
a base image that can be used as base layer for all images.
It can be useful if you want to provide some custom base image with further utility software
type: string
maven:
description: Maven configuration used to build the Camel/Camel-Quarkus
applications
properties:
caSecrets:
description: |-
The Secrets name and key, containing the CA certificate(s) used to connect
to remote Maven repositories.
It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
A JKS formatted keystore is automatically created to store the CA certificate(s),
and configured to be used as a trusted certificate(s) by the Maven commands.
Note that the root CA certificates are also imported into the created keystore.
items:
description: SecretKeySelector selects a key of a Secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: array
cliOptions:
description: |-
The CLI options that are appended to the list of arguments for Maven commands,
e.g., `-V,--no-transfer-progress,-Dstyle.color=never`.
See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html.
items:
type: string
type: array
extension:
description: |-
The Maven build extensions.
See https://maven.apache.org/guides/mini/guide-using-extensions.html.
items:
description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier)
Maven artifact.
properties:
artifactId:
description: Maven Artifact
type: string
classifier:
description: Maven Classifier
type: string
groupId:
description: Maven Group
type: string
type:
description: Maven Type
type: string
version:
description: Maven Version
type: string
required:
- artifactId
- groupId
type: object
type: array
localRepository:
description: The path of the local Maven repository.
type: string
profiles:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven profile.
items:
description: ValueSource --.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: array
properties:
additionalProperties:
type: string
description: The Maven properties.
type: object
settings:
description: |-
A reference to the ConfigMap or Secret key that contains
the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
settingsSecurity:
description: |-
A reference to the ConfigMap or Secret key that contains
the security of the Maven settings.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
type: object
registry:
description: the image registry used to push/pull Integration
images
properties:
address:
description: the URI to access
type: string
ca:
description: the configmap which stores the Certificate Authority
type: string
insecure:
description: if the container registry is insecure (ie, http
only)
type: boolean
organization:
description: the registry organization
type: string
secret:
description: the secret where credentials are stored
type: string
type: object
runtimeProvider:
description: the runtime used. Likely Camel Quarkus (we used to
have main runtime which has been discontinued since version
1.5)
type: string
runtimeVersion:
description: the Camel K Runtime dependency version
type: string
timeout:
description: how much time to wait before time out the pipeline
process
type: string
type: object
conditions:
description: which are the conditions met (particularly useful when
in ERROR phase)
items:
description: IntegrationProfileCondition describes the state of
a resource at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of integration condition.
type: string
required:
- status
- type
type: object
type: array
kamelet:
description: configuration to be executed to all Kamelets controlled
by this IntegrationProfile
properties:
repositories:
description: remote repository used to retrieve Kamelet catalog
items:
description: KameletRepositorySpec defines the location of the
Kamelet catalog to use.
properties:
uri:
description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER
type: string
type: object
type: array
type: object
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this IntegrationProfile.
format: int64
type: integer
phase:
description: defines in what phase the IntegrationProfile is found
type: string
traits:
description: list of traits to be executed for all the Integration/IntegrationKits
built from this IntegrationProfile
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: integrations.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: Integration
listKind: IntegrationList
plural: integrations
shortNames:
- it
singular: integration
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The integration phase
jsonPath: .status.phase
name: Phase
type: string
- description: The integration readiness
jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- description: The runtime version
jsonPath: .status.runtimeProvider
name: Runtime Provider
type: string
- description: The runtime provider
jsonPath: .status.runtimeVersion
name: Runtime Version
type: string
- description: The catalog version
jsonPath: .status.catalog.version
name: Catalog Version
type: string
- description: The integration kit
jsonPath: .status.integrationKit.name
name: Kit
type: string
- description: The number of pods
jsonPath: .status.replicas
name: Replicas
type: integer
name: v1
schema:
openAPIV3Schema:
description: Integration is the Schema for the integrations API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: the desired Integration specification
properties:
configuration:
description: |-
Deprecated:
Use camel trait (camel.properties) to manage properties
Use mount trait (mount.configs) to manage configs
Use mount trait (mount.resources) to manage resources
Use mount trait (mount.volumes) to manage volumes
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie: property,
configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
dependencies:
description: the list of Camel or Maven dependencies required by the
Integration
items:
type: string
type: array
flows:
description: a source in YAML DSL language which contain the routes
to run
items:
description: Flow is an unstructured object representing a Camel
Flow in YAML/JSON DSL.
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
integrationKit:
description: the reference of the `IntegrationKit` which is used for
this Integration
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
profile:
description: the profile needed to run this Integration
type: string
replicas:
description: the number of `Pods` needed for the running Integration
format: int32
type: integer
repositories:
description: additional Maven repositories to be used
items:
type: string
type: array
serviceAccountName:
description: custom SA to use for the Integration
type: string
sources:
description: the sources which contain the Camel routes to run
items:
description: SourceSpec defines the configuration for one or more
routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL) used
to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source (e.g.
if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described by this
object
type: string
type: object
type: array
template:
description: Pod template customization
properties:
spec:
description: the specification
properties:
activeDeadlineSeconds:
description: ActiveDeadlineSeconds
format: int64
type: integer
automountServiceAccountToken:
description: AutomountServiceAccountToken
type: boolean
containers:
description: Containers
items:
description: A single application container that you want
to run within a pod.
properties:
args:
description: |-
Arguments to the entrypoint.
The container image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The container image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment variable
present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema the
FieldPath is written in terms of, defaults
to "v1".
type: string
fieldPath:
description: Path of the field to select
in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format
of the exposed resources, defaults to
"1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret in
the pod's namespace
properties:
key:
description: The key of the secret to
select from. Must be a valid secret
key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source of
a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret must
be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: |-
Actions that the management system should take in response to container lifecycle events.
Cannot be updated.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: |-
Periodic probe of container liveness.
Container will be restarted if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL).
Cannot be updated.
type: string
ports:
description: |-
List of ports to expose from the container. Not specifying a port here
DOES NOT prevent that port from being exposed. Any port which is
listening on the default "0.0.0.0" address inside a container will be
accessible from the network.
Modifying this array with strategic merge patch may corrupt the data.
For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network port
in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: |-
Periodic probe of container service readiness.
Container will be removed from service endpoints if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource
resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Compute Resources required by this container.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
RestartPolicy defines the restart behavior of individual containers in a pod.
This field may only be set for init containers, and the only allowed value is "Always".
For non-init containers or when this field is not specified,
the restart behavior is defined by the Pod's restart policy and the container type.
Setting the RestartPolicy as "Always" for the init container will have the following effect:
this init container will be continually restarted on
exit until all regular containers have terminated. Once all regular
containers have completed, all init containers with restartPolicy "Always"
will be shut down. This lifecycle differs from normal init containers and
is often referred to as a "sidecar" container. Although this init
container still starts in the init container sequence, it does not wait
for the container to complete before proceeding to the next init
container. Instead, the next init container starts immediately after this
init container is started, or after any startupProbe has successfully
completed.
type: string
securityContext:
description: |-
SecurityContext defines the security options the container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label that
applies to the container.
type: string
role:
description: Role is a SELinux role label that
applies to the container.
type: string
type:
description: Type is a SELinux type label that
applies to the container.
type: string
user:
description: User is a SELinux user label that
applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the name
of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: |-
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully.
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
when it might take a long time to load data or warm a cache, than during steady-state operation.
This cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block devices
to be used by the container.
items:
description: volumeDevice describes a mapping of a
raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside of
the container that the device will be mapped
to.
type: string
name:
description: name must match the name of a persistentVolumeClaim
in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem.
Cannot be updated.
items:
description: VolumeMount describes a mounting of a
Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
dnsPolicy:
description: DNSPolicy
type: string
ephemeralContainers:
description: EphemeralContainers
items:
description: |-
An EphemeralContainer is a temporary container that you may add to an existing Pod for
user-initiated activities such as debugging. Ephemeral containers have no resource or
scheduling guarantees, and they will not be restarted when they exit or when a Pod is
removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
Pod to exceed its resource allocation.
To add an ephemeral container, use the ephemeralcontainers subresource of an existing
Pod. Ephemeral containers may not be removed or restarted.
properties:
args:
description: |-
Arguments to the entrypoint.
The image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment variable
present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema the
FieldPath is written in terms of, defaults
to "v1".
type: string
fieldPath:
description: Path of the field to select
in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format
of the exposed resources, defaults to
"1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret in
the pod's namespace
properties:
key:
description: The key of the secret to
select from. Must be a valid secret
key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source of
a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret must
be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: Lifecycle is not allowed for ephemeral
containers.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: Probes are not allowed for ephemeral containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the ephemeral container specified as a DNS_LABEL.
This name must be unique among all containers, init containers and ephemeral containers.
type: string
ports:
description: Ports are not allowed for ephemeral containers.
items:
description: ContainerPort represents a network port
in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: Probes are not allowed for ephemeral containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource
resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
already allocated to the pod.
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
Restart policy for the container to manage the restart behavior of each
container within a pod.
This may only be set for init containers. You cannot set this field on
ephemeral containers.
type: string
securityContext:
description: |-
Optional: SecurityContext defines the security options the ephemeral container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label that
applies to the container.
type: string
role:
description: Role is a SELinux role label that
applies to the container.
type: string
type:
description: Type is a SELinux type label that
applies to the container.
type: string
user:
description: User is a SELinux user label that
applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the name
of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: Probes are not allowed for ephemeral containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
targetContainerName:
description: |-
If set, the name of the container from PodSpec that this ephemeral container targets.
The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
If not set then the ephemeral container uses the namespaces configured in the Pod spec.
The container runtime must implement support for this feature. If the runtime does not
support namespace targeting then the result of setting this field is undefined.
type: string
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block devices
to be used by the container.
items:
description: volumeDevice describes a mapping of a
raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside of
the container that the device will be mapped
to.
type: string
name:
description: name must match the name of a persistentVolumeClaim
in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
Cannot be updated.
items:
description: VolumeMount describes a mounting of a
Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
initContainers:
description: InitContainers
items:
description: A single application container that you want
to run within a pod.
properties:
args:
description: |-
Arguments to the entrypoint.
The container image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The container image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment variable
present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema the
FieldPath is written in terms of, defaults
to "v1".
type: string
fieldPath:
description: Path of the field to select
in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format
of the exposed resources, defaults to
"1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret in
the pod's namespace
properties:
key:
description: The key of the secret to
select from. Must be a valid secret
key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source of
a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret must
be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: |-
Actions that the management system should take in response to container lifecycle events.
Cannot be updated.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration that
the container should sleep before being terminated.
properties:
seconds:
description: Seconds is the number of seconds
to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: |-
Periodic probe of container liveness.
Container will be restarted if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL).
Cannot be updated.
type: string
ports:
description: |-
List of ports to expose from the container. Not specifying a port here
DOES NOT prevent that port from being exposed. Any port which is
listening on the default "0.0.0.0" address inside a container will be
accessible from the network.
Modifying this array with strategic merge patch may corrupt the data.
For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network port
in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: |-
Periodic probe of container service readiness.
Container will be removed from service endpoints if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents resource
resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Compute Resources required by this container.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
RestartPolicy defines the restart behavior of individual containers in a pod.
This field may only be set for init containers, and the only allowed value is "Always".
For non-init containers or when this field is not specified,
the restart behavior is defined by the Pod's restart policy and the container type.
Setting the RestartPolicy as "Always" for the init container will have the following effect:
this init container will be continually restarted on
exit until all regular containers have terminated. Once all regular
containers have completed, all init containers with restartPolicy "Always"
will be shut down. This lifecycle differs from normal init containers and
is often referred to as a "sidecar" container. Although this init
container still starts in the init container sequence, it does not wait
for the container to complete before proceeding to the next init
container. Instead, the next init container starts immediately after this
init container is started, or after any startupProbe has successfully
completed.
type: string
securityContext:
description: |-
SecurityContext defines the security options the container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label that
applies to the container.
type: string
role:
description: Role is a SELinux role label that
applies to the container.
type: string
type:
description: Type is a SELinux type label that
applies to the container.
type: string
user:
description: User is a SELinux user label that
applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the name
of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: |-
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully.
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
when it might take a long time to load data or warm a cache, than during steady-state operation.
This cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block devices
to be used by the container.
items:
description: volumeDevice describes a mapping of a
raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside of
the container that the device will be mapped
to.
type: string
name:
description: name must match the name of a persistentVolumeClaim
in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem.
Cannot be updated.
items:
description: VolumeMount describes a mounting of a
Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
nodeSelector:
additionalProperties:
type: string
description: NodeSelector
type: object
restartPolicy:
description: RestartPolicy
type: string
securityContext:
description: PodSecurityContext
properties:
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by the containers in this pod.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
description: |-
A special supplemental group that applies to all containers in a pod.
Some volume types allow the Kubelet to change the ownership of that volume
to be owned by the pod:
1. The owning GID will be the FSGroup
2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw----
If unset, the Kubelet will not modify the ownership and permissions of any volume.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
fsGroupChangePolicy:
description: |-
fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
before being exposed inside Pod. This field will only apply to
volume types which support fsGroup based ownership(and permissions).
It will have no effect on ephemeral volume types such as: secret, configmaps
and emptydir.
Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
Note that this field cannot be set when spec.os.name is windows.
type: string
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to all containers.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in SecurityContext. If set in
both SecurityContext and PodSecurityContext, the value specified in SecurityContext
takes precedence for that container.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label that applies
to the container.
type: string
role:
description: Role is a SELinux role label that applies
to the container.
type: string
type:
description: Type is a SELinux type label that applies
to the container.
type: string
user:
description: User is a SELinux user label that applies
to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by the containers in this pod.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
description: |-
A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
Note that this field cannot be set when spec.os.name is windows.
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
sysctls:
description: |-
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
sysctls (by the container runtime) might fail to launch.
Note that this field cannot be set when spec.os.name is windows.
items:
description: Sysctl defines a kernel parameter to be
set
properties:
name:
description: Name of a property to set
type: string
value:
description: Value of a property to set
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options within a container's SecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the name of
the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
terminationGracePeriodSeconds:
description: TerminationGracePeriodSeconds
format: int64
type: integer
topologySpreadConstraints:
description: TopologySpreadConstraints
items:
description: TopologySpreadConstraint specifies how to spread
matching pods among the given topology.
properties:
labelSelector:
description: |-
LabelSelector is used to find matching pods.
Pods that match this label selector are counted to determine the number of pods
in their corresponding topology domain.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: |-
MatchLabelKeys is a set of pod label keys to select the pods over which
spreading will be calculated. The keys are used to lookup values from the
incoming pod labels, those key-value labels are ANDed with labelSelector
to select the group of existing pods over which spreading will be calculated
for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
MatchLabelKeys cannot be set when LabelSelector isn't set.
Keys that don't exist in the incoming pod labels will
be ignored. A null or empty list means only match against labelSelector.
This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
items:
type: string
type: array
x-kubernetes-list-type: atomic
maxSkew:
description: |-
MaxSkew describes the degree to which pods may be unevenly distributed.
When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
between the number of matching pods in the target topology and the global minimum.
The global minimum is the minimum number of matching pods in an eligible domain
or zero if the number of eligible domains is less than MinDomains.
For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
labelSelector spread as 2/2/1:
In this case, the global minimum is 1.
| zone1 | zone2 | zone3 |
| P P | P P | P |
- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
violate MaxSkew(1).
- if MaxSkew is 2, incoming pod can be scheduled onto any zone.
When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
to topologies that satisfy it.
It's a required field. Default value is 1 and 0 is not allowed.
format: int32
type: integer
minDomains:
description: |-
MinDomains indicates a minimum number of eligible domains.
When the number of eligible domains with matching topology keys is less than minDomains,
Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
And when the number of eligible domains with matching topology keys equals or greater than minDomains,
this value has no effect on scheduling.
As a result, when the number of eligible domains is less than minDomains,
scheduler won't schedule more than maxSkew Pods to those domains.
If value is nil, the constraint behaves as if MinDomains is equal to 1.
Valid values are integers greater than 0.
When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
labelSelector spread as 2/2/2:
| zone1 | zone2 | zone3 |
| P P | P P | P P |
The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
In this situation, new pod with the same labelSelector cannot be scheduled,
because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
it will violate MaxSkew.
format: int32
type: integer
nodeAffinityPolicy:
description: |-
NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
when calculating pod topology spread skew. Options are:
- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
If this value is nil, the behavior is equivalent to the Honor policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
type: string
nodeTaintsPolicy:
description: |-
NodeTaintsPolicy indicates how we will treat node taints when calculating
pod topology spread skew. Options are:
- Honor: nodes without taints, along with tainted nodes for which the incoming pod
has a toleration, are included.
- Ignore: node taints are ignored. All nodes are included.
If this value is nil, the behavior is equivalent to the Ignore policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
type: string
topologyKey:
description: |-
TopologyKey is the key of node labels. Nodes that have a label with this key
and identical values are considered to be in the same topology.
We consider each <key, value> as a "bucket", and try to put balanced number
of pods into each bucket.
We define a domain as a particular instance of a topology.
Also, we define an eligible domain as a domain whose nodes meet the requirements of
nodeAffinityPolicy and nodeTaintsPolicy.
e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
It's a required field.
type: string
whenUnsatisfiable:
description: |-
WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
the spread constraint.
- DoNotSchedule (default) tells the scheduler not to schedule it.
- ScheduleAnyway tells the scheduler to schedule the pod in any location,
but giving higher precedence to topologies that would help reduce the
skew.
A constraint is considered "Unsatisfiable" for an incoming pod
if and only if every possible node assignment for that pod would violate
"MaxSkew" on some topology.
For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
labelSelector spread as 3/1/1:
| zone1 | zone2 | zone3 |
| P P P | P | P |
If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
won't make it *more* imbalanced.
It's a required field.
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
volumes:
description: Volumes
items:
description: Volume represents a named volume in a pod that
may be accessed by any container in the pod.
properties:
awsElasticBlockStore:
description: |-
awsElasticBlockStore represents an AWS Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
properties:
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
partition is the partition in the volume that you want to mount.
If omitted, the default is to mount by volume name.
Examples: For volume /dev/sda1, you specify the partition as "1".
Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
format: int32
type: integer
readOnly:
description: |-
readOnly value true will force the readOnly setting in VolumeMounts.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
type: boolean
volumeID:
description: |-
volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
type: string
required:
- volumeID
type: object
azureDisk:
description: azureDisk represents an Azure Data Disk
mount on the host and bind mount to the pod.
properties:
cachingMode:
description: 'cachingMode is the Host Caching mode:
None, Read Only, Read Write.'
type: string
diskName:
description: diskName is the Name of the data disk
in the blob storage
type: string
diskURI:
description: diskURI is the URI of data disk in
the blob storage
type: string
fsType:
description: |-
fsType is Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
description: 'kind expected values are Shared: multiple
blob disks per storage account Dedicated: single
blob disk per storage account Managed: azure
managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
description: |-
readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
description: azureFile represents an Azure File Service
mount on the host and bind mount to the pod.
properties:
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretName:
description: secretName is the name of secret that
contains Azure Storage Account Name and Key
type: string
shareName:
description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
description: cephFS represents a Ceph FS mount on the
host that shares a pod's lifetime
properties:
monitors:
description: |-
monitors is Required: Monitors is a collection of Ceph monitors
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
items:
type: string
type: array
x-kubernetes-list-type: atomic
path:
description: 'path is Optional: Used as the mounted
root, rather than the full Ceph tree, default
is /'
type: string
readOnly:
description: |-
readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: boolean
secretFile:
description: |-
secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: string
secretRef:
description: |-
secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
user:
description: |-
user is optional: User is the rados user name, default is admin
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: string
required:
- monitors
type: object
cinder:
description: |-
cinder represents a cinder volume attached and mounted on kubelets host machine.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: boolean
secretRef:
description: |-
secretRef is optional: points to a secret object containing parameters used to connect
to OpenStack.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
volumeID:
description: |-
volumeID used to identify the volume in cinder.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: string
required:
- volumeID
type: object
configMap:
description: configMap represents a configMap that should
populate this volume
properties:
defaultMode:
description: |-
defaultMode is optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
ConfigMap will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the ConfigMap,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a path within
a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional specify whether the ConfigMap
or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
downwardAPI:
description: downwardAPI represents downward API about
the pod that should populate this volume
properties:
defaultMode:
description: |-
Optional: mode bits to use on created files by default. Must be a
Optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: Items is a list of downward API volume
file
items:
description: DownwardAPIVolumeFile represents
information to create the file containing the
pod field
properties:
fieldRef:
description: 'Required: Selects a field of
the pod: only annotations, labels, name,
namespace and uid are supported.'
properties:
apiVersion:
description: Version of the schema the
FieldPath is written in terms of, defaults
to "v1".
type: string
fieldPath:
description: Path of the field to select
in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
description: |-
Optional: mode bits used to set permissions on this file, must be an octal value
between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: 'Required: Path is the relative
path name of the file to be created. Must
not be absolute or contain the ''..'' path.
Must be utf-8 encoded. The first item of
the relative path must not start with ''..'''
type: string
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format
of the exposed resources, defaults to
"1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
x-kubernetes-list-type: atomic
type: object
emptyDir:
description: |-
emptyDir represents a temporary directory that shares a pod's lifetime.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
properties:
medium:
description: |-
medium represents what type of storage medium should back this directory.
The default is "" which means to use the node's default medium.
Must be an empty string (default) or Memory.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
description: |-
sizeLimit is the total amount of local storage required for this EmptyDir volume.
The size limit is also applicable for memory medium.
The maximum usage on memory medium EmptyDir would be the minimum value between
the SizeLimit specified here and the sum of memory limits of all containers in a pod.
The default is nil which means that the limit is undefined.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
description: |-
ephemeral represents a volume that is handled by a cluster storage driver.
The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
and deleted when the pod is removed.
Use this if:
a) the volume is only needed while the pod runs,
b) features of normal volumes like restoring from snapshot or capacity
tracking are needed,
c) the storage driver is specified through a storage class, and
d) the storage driver supports dynamic volume provisioning through
a PersistentVolumeClaim (see EphemeralVolumeSource for more
information on the connection between this volume type
and PersistentVolumeClaim).
Use PersistentVolumeClaim or one of the vendor-specific
APIs for volumes that persist for longer than the lifecycle
of an individual pod.
Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
be used that way - see the documentation of the driver for
more information.
A pod can use both types of ephemeral volumes and
persistent volumes at the same time.
properties:
volumeClaimTemplate:
description: |-
Will be used to create a stand-alone PVC to provision the volume.
The pod in which this EphemeralVolumeSource is embedded will be the
owner of the PVC, i.e. the PVC will be deleted together with the
pod. The name of the PVC will be `<pod name>-<volume name>` where
`<volume name>` is the name from the `PodSpec.Volumes` array
entry. Pod validation will reject the pod if the concatenated name
is not valid for a PVC (for example, too long).
An existing PVC with that name that is not owned by the pod
will *not* be used for the pod to avoid using an unrelated
volume by mistake. Starting the pod is then blocked until
the unrelated PVC is removed. If such a pre-created PVC is
meant to be used by the pod, the PVC has to updated with an
owner reference to the pod once the pod exists. Normally
this should not be necessary, but it may be useful when
manually reconstructing a broken cluster.
This field is read-only and no changes will be made by Kubernetes
to the PVC after it has been created.
Required, must not be nil.
properties:
metadata:
description: |-
May contain labels and annotations that will be copied into the PVC
when creating it. No other fields are allowed and will be rejected during
validation.
type: object
spec:
description: |-
The specification for the PersistentVolumeClaim. The entire content is
copied unchanged into the PVC that gets created from this
template. The same fields as in a PersistentVolumeClaim
are also valid here.
properties:
accessModes:
description: |-
accessModes contains the desired access modes the volume should have.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller can support the specified data source,
it will create a new volume based on the contents of the specified data source.
When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
If the namespace is specified, then dataSourceRef will not be copied to dataSource.
properties:
apiGroup:
description: |-
APIGroup is the group for the resource being referenced.
If APIGroup is not specified, the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource
being referenced
type: string
name:
description: Name is the name of resource
being referenced
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
description: |-
dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
volume is desired. This may be any object from a non-empty API group (non
core object) or a PersistentVolumeClaim object.
When this field is specified, volume binding will only succeed if the type of
the specified object matches some installed volume populator or dynamic
provisioner.
This field will replace the functionality of the dataSource field and as such
if both fields are non-empty, they must have the same value. For backwards
compatibility, when namespace isn't specified in dataSourceRef,
both fields (dataSource and dataSourceRef) will be set to the same
value automatically if one of them is empty and the other is non-empty.
When namespace is specified in dataSourceRef,
dataSource isn't set to the same value and must be empty.
There are three important differences between dataSource and dataSourceRef:
* While dataSource only allows two specific types of objects, dataSourceRef
allows any non-core object, as well as PersistentVolumeClaim objects.
* While dataSource ignores disallowed values (dropping them), dataSourceRef
preserves all values, and generates an error if a disallowed value is
specified.
* While dataSource only allows local objects, dataSourceRef allows objects
in any namespaces.
(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
properties:
apiGroup:
description: |-
APIGroup is the group for the resource being referenced.
If APIGroup is not specified, the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource
being referenced
type: string
name:
description: Name is the name of resource
being referenced
type: string
namespace:
description: |-
Namespace is the namespace of resource being referenced
Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
type: string
required:
- kind
- name
type: object
resources:
description: |-
resources represents the minimum resources the volume should have.
If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
that are lower than previous value but must still be higher than capacity recorded in the
status field of the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: selector is a label query over
volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list
of label selector requirements. The
requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label
key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
description: |-
storageClassName is the name of the StorageClass required by the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
type: string
volumeAttributesClassName:
description: |-
volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
description: |-
volumeMode defines what type of volume is required by the claim.
Value of Filesystem is implied when not included in claim spec.
type: string
volumeName:
description: volumeName is the binding reference
to the PersistentVolume backing this claim.
type: string
type: object
required:
- spec
type: object
type: object
fc:
description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and then
exposed to the pod.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
lun:
description: 'lun is Optional: FC target lun number'
format: int32
type: integer
readOnly:
description: |-
readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
targetWWNs:
description: 'targetWWNs is Optional: FC target
worldwide names (WWNs)'
items:
type: string
type: array
x-kubernetes-list-type: atomic
wwids:
description: |-
wwids Optional: FC volume world wide identifiers (wwids)
Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
flexVolume:
description: |-
flexVolume represents a generic volume resource that is
provisioned/attached using an exec based plugin.
properties:
driver:
description: driver is the name of the driver to
use for this volume.
type: string
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
description: 'options is Optional: this field holds
extra command options if any.'
type: object
readOnly:
description: |-
readOnly is Optional: defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef is Optional: secretRef is reference to the secret object containing
sensitive information to pass to the plugin scripts. This may be
empty if no secret object is specified. If the secret object
contains more than one secret, all secrets are passed to the plugin
scripts.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
required:
- driver
type: object
flocker:
description: flocker represents a Flocker volume attached
to a kubelet's host machine. This depends on the Flocker
control service being running
properties:
datasetName:
description: |-
datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
should be considered as deprecated
type: string
datasetUUID:
description: datasetUUID is the UUID of the dataset.
This is unique identifier of a Flocker dataset
type: string
type: object
gcePersistentDisk:
description: |-
gcePersistentDisk represents a GCE Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
properties:
fsType:
description: |-
fsType is filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
partition is the partition in the volume that you want to mount.
If omitted, the default is to mount by volume name.
Examples: For volume /dev/sda1, you specify the partition as "1".
Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
format: int32
type: integer
pdName:
description: |-
pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
type: string
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
type: boolean
required:
- pdName
type: object
gitRepo:
description: |-
gitRepo represents a git repository at a particular revision.
DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
into the Pod's container.
properties:
directory:
description: |-
directory is the target directory name.
Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
git repository. Otherwise, if specified, the volume will contain the git repository in
the subdirectory with the given name.
type: string
repository:
description: repository is the URL
type: string
revision:
description: revision is the commit hash for the
specified revision.
type: string
required:
- repository
type: object
glusterfs:
description: |-
glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
More info: https://examples.k8s.io/volumes/glusterfs/README.md
properties:
endpoints:
description: |-
endpoints is the endpoint name that details Glusterfs topology.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: string
path:
description: |-
path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: string
readOnly:
description: |-
readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
Defaults to false.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: boolean
required:
- endpoints
- path
type: object
hostPath:
description: |-
hostPath represents a pre-existing file or directory on the host
machine that is directly exposed to the container. This is generally
used for system agents or other privileged things that are allowed
to see the host machine. Most containers will NOT need this.
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
---
TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
mount host directories as read/write.
properties:
path:
description: |-
path of the directory on the host.
If the path is a symlink, it will follow the link to the real path.
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
type: string
type:
description: |-
type for HostPath Volume
Defaults to ""
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
type: string
required:
- path
type: object
iscsi:
description: |-
iscsi represents an ISCSI Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://examples.k8s.io/volumes/iscsi/README.md
properties:
chapAuthDiscovery:
description: chapAuthDiscovery defines whether support
iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
description: chapAuthSession defines whether support
iSCSI Session CHAP authentication
type: boolean
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
initiatorName:
description: |-
initiatorName is the custom iSCSI Initiator Name.
If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
<target portal>:<volume name> will be created for the connection.
type: string
iqn:
description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
description: |-
iscsiInterface is the interface Name that uses an iSCSI transport.
Defaults to 'default' (tcp).
type: string
lun:
description: lun represents iSCSI Target Lun number.
format: int32
type: integer
portals:
description: |-
portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
is other than default (typically TCP ports 860 and 3260).
items:
type: string
type: array
x-kubernetes-list-type: atomic
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
type: boolean
secretRef:
description: secretRef is the CHAP Secret for iSCSI
target and initiator authentication
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
targetPortal:
description: |-
targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
is other than default (typically TCP ports 860 and 3260).
type: string
required:
- iqn
- lun
- targetPortal
type: object
name:
description: |-
name of the volume.
Must be a DNS_LABEL and unique within the pod.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
nfs:
description: |-
nfs represents an NFS mount on the host that shares a pod's lifetime
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
properties:
path:
description: |-
path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: string
readOnly:
description: |-
readOnly here will force the NFS export to be mounted with read-only permissions.
Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: boolean
server:
description: |-
server is the hostname or IP address of the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: |-
persistentVolumeClaimVolumeSource represents a reference to a
PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
properties:
claimName:
description: |-
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
type: string
readOnly:
description: |-
readOnly Will force the ReadOnly setting in VolumeMounts.
Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets host
machine
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
pdID:
description: pdID is the ID that identifies Photon
Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
description: portworxVolume represents a portworx volume
attached and mounted on kubelets host machine
properties:
fsType:
description: |-
fSType represents the filesystem type to mount
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
volumeID:
description: volumeID uniquely identifies a Portworx
volume
type: string
required:
- volumeID
type: object
projected:
description: projected items for all in one resources
secrets, configmaps, and downward API
properties:
defaultMode:
description: |-
defaultMode are the mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
clusterTrustBundle:
description: |-
ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
of ClusterTrustBundle objects in an auto-updating file.
Alpha, gated by the ClusterTrustBundleProjection feature gate.
ClusterTrustBundle objects can either be selected by name, or by the
combination of signer name and a label selector.
Kubelet performs aggressive normalization of the PEM contents written
into the pod filesystem. Esoteric PEM features such as inter-block
comments and block headers are stripped. Certificates are deduplicated.
The ordering of certificates within the file is arbitrary, and Kubelet
may change the order over time.
properties:
labelSelector:
description: |-
Select all ClusterTrustBundles that match this label selector. Only has
effect if signerName is set. Mutually-exclusive with name. If unset,
interpreted as "match nothing". If set but empty, interpreted as "match
everything".
properties:
matchExpressions:
description: matchExpressions is a
list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label
key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
name:
description: |-
Select a single ClusterTrustBundle by object name. Mutually-exclusive
with signerName and labelSelector.
type: string
optional:
description: |-
If true, don't block pod startup if the referenced ClusterTrustBundle(s)
aren't available. If using name, then the named ClusterTrustBundle is
allowed not to exist. If using signerName, then the combination of
signerName and labelSelector is allowed to match zero
ClusterTrustBundles.
type: boolean
path:
description: Relative path from the volume
root to write the bundle.
type: string
signerName:
description: |-
Select all ClusterTrustBundles that match this signer name.
Mutually-exclusive with name. The contents of all selected
ClusterTrustBundles will be unified and deduplicated.
type: string
required:
- path
type: object
configMap:
description: configMap information about the
configMap data to project
properties:
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
ConfigMap will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the ConfigMap,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional specify whether
the ConfigMap or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
description: downwardAPI information about
the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
file
items:
description: DownwardAPIVolumeFile represents
information to create the file containing
the pod field
properties:
fieldRef:
description: 'Required: Selects
a field of the pod: only annotations,
labels, name, namespace and uid
are supported.'
properties:
apiVersion:
description: Version of the
schema the FieldPath is written
in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field
to select in the specified
API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
description: |-
Optional: mode bits used to set permissions on this file, must be an octal value
between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: 'Required: Path is the
relative path name of the file
to be created. Must not be absolute
or contain the ''..'' path. Must
be utf-8 encoded. The first item
of the relative path must not
start with ''..'''
type: string
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
properties:
containerName:
description: 'Container name:
required for volumes, optional
for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output
format of the exposed resources,
defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource
to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
x-kubernetes-list-type: atomic
type: object
secret:
description: secret information about the
secret data to project
properties:
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
Secret will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the Secret,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a
path within a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional field specify whether
the Secret or its key must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
description: serviceAccountToken is information
about the serviceAccountToken data to project
properties:
audience:
description: |-
audience is the intended audience of the token. A recipient of a token
must identify itself with an identifier specified in the audience of the
token, and otherwise should reject the token. The audience defaults to the
identifier of the apiserver.
type: string
expirationSeconds:
description: |-
expirationSeconds is the requested duration of validity of the service
account token. As the token approaches expiration, the kubelet volume
plugin will proactively rotate the service account token. The kubelet will
start trying to rotate the token if the token is older than 80 percent of
its time to live or if the token is older than 24 hours.Defaults to 1 hour
and must be at least 10 minutes.
format: int64
type: integer
path:
description: |-
path is the path relative to the mount point of the file to project the
token into.
type: string
required:
- path
type: object
type: object
type: array
x-kubernetes-list-type: atomic
type: object
quobyte:
description: quobyte represents a Quobyte mount on the
host that shares a pod's lifetime
properties:
group:
description: |-
group to map volume access to
Default is no group
type: string
readOnly:
description: |-
readOnly here will force the Quobyte volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
description: |-
registry represents a single or multiple Quobyte Registry services
specified as a string as host:port pair (multiple entries are separated with commas)
which acts as the central registry for volumes
type: string
tenant:
description: |-
tenant owning the given Quobyte volume in the Backend
Used with dynamically provisioned Quobyte volumes, value is set by the plugin
type: string
user:
description: |-
user to map volume access to
Defaults to serivceaccount user
type: string
volume:
description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
- registry
- volume
type: object
rbd:
description: |-
rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md
properties:
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
image:
description: |-
image is the rados image name.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
keyring:
description: |-
keyring is the path to key ring for RBDUser.
Default is /etc/ceph/keyring.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
monitors:
description: |-
monitors is a collection of Ceph monitors.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
items:
type: string
type: array
x-kubernetes-list-type: atomic
pool:
description: |-
pool is the rados pool name.
Default is rbd.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: boolean
secretRef:
description: |-
secretRef is name of the authentication secret for RBDUser. If provided
overrides keyring.
Default is nil.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
user:
description: |-
user is the rados user name.
Default is admin.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
required:
- image
- monitors
type: object
scaleIO:
description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs".
Default is "xfs".
type: string
gateway:
description: gateway is the host address of the
ScaleIO API Gateway.
type: string
protectionDomain:
description: protectionDomain is the name of the
ScaleIO Protection Domain for the configured storage.
type: string
readOnly:
description: |-
readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef references to the secret for ScaleIO user and other
sensitive information. If this is not provided, Login operation will fail.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
sslEnabled:
description: sslEnabled Flag enable/disable SSL
communication with Gateway, default false
type: boolean
storageMode:
description: |-
storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
description: storagePool is the ScaleIO Storage
Pool associated with the protection domain.
type: string
system:
description: system is the name of the storage system
as configured in ScaleIO.
type: string
volumeName:
description: |-
volumeName is the name of a volume already created in the ScaleIO system
that is associated with this volume source.
type: string
required:
- gateway
- secretRef
- system
type: object
secret:
description: |-
secret represents a secret that should populate this volume.
More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
properties:
defaultMode:
description: |-
defaultMode is Optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values
for mode bits. Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: |-
items If unspecified, each key-value pair in the Data field of the referenced
Secret will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the Secret,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a path within
a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
optional:
description: optional field specify whether the
Secret or its keys must be defined
type: boolean
secretName:
description: |-
secretName is the name of the secret in the pod's namespace to use.
More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
type: string
type: object
storageos:
description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef specifies the secret to use for obtaining the StorageOS API
credentials. If not specified, default values will be attempted.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
volumeName:
description: |-
volumeName is the human-readable name of the StorageOS volume. Volume
names are only unique within a namespace.
type: string
volumeNamespace:
description: |-
volumeNamespace specifies the scope of the volume within StorageOS. If no
namespace is specified then the Pod's namespace will be used. This allows the
Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
Set VolumeName to any name to override the default behaviour.
Set to "default" if you are not using namespaces within StorageOS.
Namespaces that do not pre-exist within StorageOS will be created.
type: string
type: object
vsphereVolume:
description: vsphereVolume represents a vSphere volume
attached and mounted on kubelets host machine
properties:
fsType:
description: |-
fsType is filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
description: storagePolicyID is the storage Policy
Based Management (SPBM) profile ID associated
with the StoragePolicyName.
type: string
storagePolicyName:
description: storagePolicyName is the storage Policy
Based Management (SPBM) profile name.
type: string
volumePath:
description: volumePath is the path that identifies
vSphere volume vmdk
type: string
required:
- volumePath
type: object
required:
- name
type: object
type: array
required:
- containers
type: object
type: object
traits:
description: the traits needed to run this Integration
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
type: object
status:
description: the status of the Integration
properties:
capabilities:
description: features offered by the Integration
items:
type: string
type: array
catalog:
description: the catalog used to build/operate the Integration.
properties:
provider:
description: RuntimeProvider is the provider chosen for the runtime.
type: string
version:
type: string
type: object
conditions:
description: a list of events happened for the Integration
items:
description: IntegrationCondition describes the state of a resource
at a certain point.
properties:
firstTruthyTime:
description: First time the condition status transitioned to
True.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
pods:
description: Pods collect health and conditions information
from the owned PODs
items:
properties:
condition:
description: PodCondition contains details for the current
condition of this pod.
properties:
lastProbeTime:
description: Last time we probed the condition.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned
from one status to another.
format: date-time
type: string
message:
description: Human-readable message indicating details
about last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for
the condition's last transition.
type: string
status:
description: |-
Status is the status of the condition.
Can be True, False, Unknown.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
type: string
type:
description: |-
Type is the type of the condition.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
type: string
required:
- status
- type
type: object
health:
items:
properties:
data:
description: |-
RawMessage is a raw encoded JSON value.
It implements Marshaler and Unmarshaler and can
be used to delay JSON decoding or precompute a JSON encoding.
x-kubernetes-preserve-unknown-fields: true
name:
type: string
status:
type: string
type: object
type: array
name:
type: string
required:
- condition
type: object
type: array
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of integration condition.
type: string
required:
- status
- type
type: object
type: array
configuration:
description: |-
Deprecated:
a list of configuration specification
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie: property,
configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
dependencies:
description: a list of dependencies needed by the application
items:
type: string
type: array
digest:
description: the digest calculated for this Integration
type: string
generatedSources:
description: a list of sources generated for this Integration
items:
description: SourceSpec defines the configuration for one or more
routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL) used
to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source (e.g.
if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described by this
object
type: string
type: object
type: array
image:
description: the container image used
type: string
integrationKit:
description: the reference of the `IntegrationKit` which is used for
this Integration
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
lastInitTimestamp:
description: the timestamp representing the last time when this integration
was initialized.
format: date-time
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this Integration.
format: int64
type: integer
phase:
description: the actual phase
type: string
platform:
description: The IntegrationPlatform watching this Integration
type: string
profile:
description: the profile needed to run this Integration
type: string
replicas:
description: the number of replicas
format: int32
type: integer
runtimeProvider:
description: the runtime provider targeted for this Integration
type: string
runtimeVersion:
description: the runtime version targeted for this Integration
type: string
selector:
description: label selector
type: string
traits:
description: the traits executed for the Integration
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of an addon
trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on the
node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the integration
in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to use
for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to reuse
existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is eligible
to be scheduled on, based on labels on the node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to build
a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the build
task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available only
when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the specific
task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for the
specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the specific
task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for the
specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the Integration
runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation configuration
(default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via kubernetes
Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided (default
500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided (default
512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by the
container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the port
exposed by the container. It defaults to `http` only when
the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default 125
millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the container
port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name the
container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace existing
pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and
`NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has started
before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness probe
times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has started
before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default provided
by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness probe
times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has started
before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup probe
times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever the
integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR subnets
that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16`
by default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment and
not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used for
authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for the
newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before the
main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to load
into the current integration
type: string
mountPoint:
description: The directory where the application mounts and
reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete configuration
in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created (default
`true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared platform,
this enables delegation of the `system:image-puller` cluster
role on the operator namespace to the integration service
account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If left
empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native build
(default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required for
a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration (default
false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration (default
none): this value is automatically retrieved in Openshift
clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if a Service
needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait. All
traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
version:
description: the operator version
type: string
type: object
type: object
served: true
storage: true
subresources:
scale:
labelSelectorPath: .status.selector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: kamelets.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: Kamelet
listKind: KameletList
plural: kamelets
shortNames:
- kl
singular: kamelet
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The Kamelet type
jsonPath: .metadata.labels.camel\.apache\.org\/kamelet\.type
name: Type
type: string
- description: The Kamelet provider
jsonPath: .metadata.annotations.camel\.apache\.org\/provider
name: Provider
type: string
- description: The Kamelet bundled
jsonPath: .metadata.labels.camel\.apache\.org\/kamelet\.bundled
name: Bundled
type: string
- description: The Camel compatible version
jsonPath: .metadata.annotations.camel\.apache\.org\/catalog\.version
name: Camel Version
type: string
name: v1
schema:
openAPIV3Schema:
description: Kamelet is the Schema for the kamelets API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: the desired specification
properties:
dataTypes:
additionalProperties:
description: DataTypesSpec represents the specification for a set
of data types.
properties:
default:
description: the default data type for this Kamelet
type: string
headers:
additionalProperties:
description: HeaderSpec represents the specification for a
header used in the Kamelet.
properties:
default:
type: string
description:
type: string
required:
type: boolean
title:
type: string
type:
type: string
type: object
description: one to many header specifications
type: object
types:
additionalProperties:
description: DataTypeSpec represents the specification for
a data type.
properties:
dependencies:
description: the list of Camel or Maven dependencies required
by the data type
items:
type: string
type: array
description:
description: optional description
type: string
format:
description: the data type format name
type: string
headers:
additionalProperties:
description: HeaderSpec represents the specification
for a header used in the Kamelet.
properties:
default:
type: string
description:
type: string
required:
type: boolean
title:
type: string
type:
type: string
type: object
description: one to many header specifications
type: object
mediaType:
description: media type as expected for HTTP media types
(ie, application/json)
type: string
schema:
description: the expected schema for the data type
properties:
$schema:
description: JSONSchemaURL represents a schema url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing
an external resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value for
undefined object fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON number
literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON number
literal.
type: string
multipleOf:
description: A Number represents a JSON number
literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of extended
properties that trigger a custom behavior
in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
scheme:
description: the data type component scheme
type: string
type: object
description: one to many data type specifications
type: object
type: object
description: data specification types for the events consumed/produced
by the Kamelet
type: object
definition:
description: defines the formal configuration of the Kamelet
properties:
$schema:
description: JSONSchemaURL represents a schema url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing an external
resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value for undefined object
fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON number literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON number literal.
type: string
multipleOf:
description: A Number represents a JSON number literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of extended properties
that trigger a custom behavior in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
dependencies:
description: Camel dependencies needed by the Kamelet
items:
type: string
type: array
sources:
description: sources in any Camel DSL supported
items:
description: SourceSpec defines the configuration for one or more
routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL) used
to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source (e.g.
if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described by this
object
type: string
type: object
type: array
template:
description: the main source in YAML DSL
type: object
x-kubernetes-preserve-unknown-fields: true
types:
additionalProperties:
description: |-
EventTypeSpec represents a specification for an event type.
Deprecated: In favor of using DataTypeSpec.
properties:
mediaType:
description: media type as expected for HTTP media types (ie,
application/json)
type: string
schema:
description: the expected schema for the event
properties:
$schema:
description: JSONSchemaURL represents a schema url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing an
external resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value for undefined
object fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON number literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON number literal.
type: string
multipleOf:
description: A Number represents a JSON number literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of extended properties
that trigger a custom behavior in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
type: object
description: |-
data specification types for the events consumed/produced by the Kamelet
Deprecated: In favor of using DataTypes
type: object
versions:
additionalProperties:
description: KameletSpecBase specifies the base configuration of
a Kamelet.
properties:
dataTypes:
additionalProperties:
description: DataTypesSpec represents the specification for
a set of data types.
properties:
default:
description: the default data type for this Kamelet
type: string
headers:
additionalProperties:
description: HeaderSpec represents the specification
for a header used in the Kamelet.
properties:
default:
type: string
description:
type: string
required:
type: boolean
title:
type: string
type:
type: string
type: object
description: one to many header specifications
type: object
types:
additionalProperties:
description: DataTypeSpec represents the specification
for a data type.
properties:
dependencies:
description: the list of Camel or Maven dependencies
required by the data type
items:
type: string
type: array
description:
description: optional description
type: string
format:
description: the data type format name
type: string
headers:
additionalProperties:
description: HeaderSpec represents the specification
for a header used in the Kamelet.
properties:
default:
type: string
description:
type: string
required:
type: boolean
title:
type: string
type:
type: string
type: object
description: one to many header specifications
type: object
mediaType:
description: media type as expected for HTTP media
types (ie, application/json)
type: string
schema:
description: the expected schema for the data type
properties:
$schema:
description: JSONSchemaURL represents a schema
url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing
an external resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value
for undefined object fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON
number literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON
number literal.
type: string
multipleOf:
description: A Number represents a JSON
number literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of
extended properties that trigger a custom
behavior in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
scheme:
description: the data type component scheme
type: string
type: object
description: one to many data type specifications
type: object
type: object
description: data specification types for the events consumed/produced
by the Kamelet
type: object
definition:
description: defines the formal configuration of the Kamelet
properties:
$schema:
description: JSONSchemaURL represents a schema url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing an
external resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value for undefined
object fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON number literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON number literal.
type: string
multipleOf:
description: A Number represents a JSON number literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of extended properties
that trigger a custom behavior in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
dependencies:
description: Camel dependencies needed by the Kamelet
items:
type: string
type: array
sources:
description: sources in any Camel DSL supported
items:
description: SourceSpec defines the configuration for one
or more routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source
content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL)
used to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source
(e.g. if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described
by this object
type: string
type: object
type: array
template:
description: the main source in YAML DSL
type: object
x-kubernetes-preserve-unknown-fields: true
types:
additionalProperties:
description: |-
EventTypeSpec represents a specification for an event type.
Deprecated: In favor of using DataTypeSpec.
properties:
mediaType:
description: media type as expected for HTTP media types
(ie, application/json)
type: string
schema:
description: the expected schema for the event
properties:
$schema:
description: JSONSchemaURL represents a schema url.
type: string
description:
type: string
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
externalDocs:
description: ExternalDocumentation allows referencing
an external resource for extended documentation.
properties:
description:
type: string
url:
type: string
type: object
id:
type: string
properties:
additionalProperties:
properties:
default:
description: default is a default value for
undefined object fields.
x-kubernetes-preserve-unknown-fields: true
deprecated:
type: boolean
description:
type: string
enum:
items:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
type: array
example:
description: |-
JSON represents any valid JSON value.
These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
x-kubernetes-preserve-unknown-fields: true
exclusiveMaximum:
type: boolean
exclusiveMinimum:
type: boolean
format:
description: |-
format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:
- bsonobjectid: a bson object ID, i.e. a 24 characters hex string
- uri: an URI as parsed by Golang net/url.ParseRequestURI
- email: an email address as parsed by Golang net/mail.ParseAddress
- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].
- ipv4: an IPv4 IP as parsed by Golang net.ParseIP
- ipv6: an IPv6 IP as parsed by Golang net.ParseIP
- cidr: a CIDR as parsed by Golang net.ParseCIDR
- mac: a MAC address as parsed by Golang net.ParseMAC
- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$
- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$
- isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041"
- isbn10: an ISBN10 number string like "0321751043"
- isbn13: an ISBN13 number string like "978-0321751041"
- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in
- ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$
- hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$
- rgbcolor: an RGB color code like rgb like "rgb(255,255,255)"
- byte: base64 encoded binary data
- password: any kind of string
- date: a date string like "2006-01-02" as defined by full-date in RFC3339
- duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format
- datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
type: string
id:
type: string
maxItems:
format: int64
type: integer
maxLength:
format: int64
type: integer
maxProperties:
format: int64
type: integer
maximum:
description: A Number represents a JSON number
literal.
type: string
minItems:
format: int64
type: integer
minLength:
format: int64
type: integer
minProperties:
format: int64
type: integer
minimum:
description: A Number represents a JSON number
literal.
type: string
multipleOf:
description: A Number represents a JSON number
literal.
type: string
nullable:
type: boolean
pattern:
type: string
title:
type: string
type:
type: string
uniqueItems:
type: boolean
x-descriptors:
description: XDescriptors is a list of extended
properties that trigger a custom behavior
in external systems
items:
type: string
type: array
type: object
type: object
required:
items:
type: string
type: array
title:
type: string
type:
type: string
type: object
type: object
description: |-
data specification types for the events consumed/produced by the Kamelet
Deprecated: In favor of using DataTypes
type: object
type: object
description: |-
the optional versions available for this Kamelet. This field may not be taken in account by Camel core and is meant to support
any user defined versioning model on cluster only. If the user wants to use any given version, she must materialize a file with the given version spec
as the `main` Kamelet spec on the runtime.
type: object
type: object
status:
default:
phase: Ready
description: |-
the actual status of the resource
Deprecated no longer in use
properties:
conditions:
description: Conditions --
items:
description: KameletCondition describes the state of a resource
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of kamelet condition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this Kamelet.
format: int64
type: integer
phase:
description: Phase --
type: string
properties:
description: Properties --
items:
description: KameletProperty specify the behavior of a property
in a Kamelet.
properties:
default:
description: the default value of the property (if any)
type: string
name:
description: the name of the property
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
labels:
app: camel-k
name: pipes.camel.apache.org
spec:
group: camel.apache.org
names:
categories:
- kamel
- camel
kind: Pipe
listKind: PipeList
plural: pipes
shortNames:
- pp
singular: pipe
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The Pipe phase
jsonPath: .status.phase
name: Phase
type: string
- description: The number of pods
jsonPath: .status.replicas
name: Replicas
type: integer
name: v1
schema:
openAPIV3Schema:
description: Pipe is the Schema for the Pipe API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: the specification of a Pipe
properties:
errorHandler:
description: ErrorHandler is an optional handler called upon an error
occurring in the integration
type: object
x-kubernetes-preserve-unknown-fields: true
integration:
description: |-
Integration is an optional integration used to specify custom parameters
Deprecated don't use this. Use trait annotations if you need to change any cluster configuration.
properties:
configuration:
description: |-
Deprecated:
Use camel trait (camel.properties) to manage properties
Use mount trait (mount.configs) to manage configs
Use mount trait (mount.resources) to manage resources
Use mount trait (mount.volumes) to manage volumes
items:
description: ConfigurationSpec represents a generic configuration
specification.
properties:
type:
description: 'represents the type of configuration, ie:
property, configmap, secret, ...'
type: string
value:
description: the value to assign to the configuration (syntax
may vary depending on the `Type`)
type: string
required:
- type
- value
type: object
type: array
dependencies:
description: the list of Camel or Maven dependencies required
by the Integration
items:
type: string
type: array
flows:
description: a source in YAML DSL language which contain the routes
to run
items:
description: Flow is an unstructured object representing a Camel
Flow in YAML/JSON DSL.
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
integrationKit:
description: the reference of the `IntegrationKit` which is used
for this Integration
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
profile:
description: the profile needed to run this Integration
type: string
replicas:
description: the number of `Pods` needed for the running Integration
format: int32
type: integer
repositories:
description: additional Maven repositories to be used
items:
type: string
type: array
serviceAccountName:
description: custom SA to use for the Integration
type: string
sources:
description: the sources which contain the Camel routes to run
items:
description: SourceSpec defines the configuration for one or
more routes to be executed in a certain Camel DSL language.
properties:
compression:
description: if the content is compressed (base64 encrypted)
type: boolean
content:
description: the source code (plain text)
type: string
contentKey:
description: the confimap key holding the source content
type: string
contentRef:
description: the confimap reference holding the source content
type: string
contentType:
description: the content type (tipically text or binary)
type: string
from-kamelet:
description: True if the spec is generated from a Kamelet
type: boolean
interceptors:
description: |-
Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader
uses to pre/post process sources
Deprecated: no longer in use.
items:
type: string
type: array
language:
description: specify which is the language (Camel DSL) used
to interpret this source code
type: string
loader:
description: |-
Loader is an optional id of the org.apache.camel.k.RoutesLoader that will
interpret this source at runtime
type: string
name:
description: the name of the specification
type: string
path:
description: the path where the file is stored
type: string
property-names:
description: List of property names defined in the source
(e.g. if type is "template")
items:
type: string
type: array
rawContent:
description: the source code (binary)
format: byte
type: string
type:
description: Type defines the kind of source described by
this object
type: string
type: object
type: array
template:
description: Pod template customization
properties:
spec:
description: the specification
properties:
activeDeadlineSeconds:
description: ActiveDeadlineSeconds
format: int64
type: integer
automountServiceAccountToken:
description: AutomountServiceAccountToken
type: boolean
containers:
description: Containers
items:
description: A single application container that you
want to run within a pod.
properties:
args:
description: |-
Arguments to the entrypoint.
The container image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The container image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment
variable present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema
the FieldPath is written in terms
of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to
select in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output
format of the exposed resources,
defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to
select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret
in the pod's namespace
properties:
key:
description: The key of the secret
to select from. Must be a valid
secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source
of a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a
C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: |-
Actions that the management system should take in response to container lifecycle events.
Cannot be updated.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: |-
Periodic probe of container liveness.
Container will be restarted if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL).
Cannot be updated.
type: string
ports:
description: |-
List of ports to expose from the container. Not specifying a port here
DOES NOT prevent that port from being exposed. Any port which is
listening on the default "0.0.0.0" address inside a container will be
accessible from the network.
Modifying this array with strategic merge patch may corrupt the data.
For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network
port in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: |-
Periodic probe of container service readiness.
Container will be removed from service endpoints if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents
resource resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Compute Resources required by this container.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
RestartPolicy defines the restart behavior of individual containers in a pod.
This field may only be set for init containers, and the only allowed value is "Always".
For non-init containers or when this field is not specified,
the restart behavior is defined by the Pod's restart policy and the container type.
Setting the RestartPolicy as "Always" for the init container will have the following effect:
this init container will be continually restarted on
exit until all regular containers have terminated. Once all regular
containers have completed, all init containers with restartPolicy "Always"
will be shut down. This lifecycle differs from normal init containers and
is often referred to as a "sidecar" container. Although this init
container still starts in the init container sequence, it does not wait
for the container to complete before proceeding to the next init
container. Instead, the next init container starts immediately after this
init container is started, or after any startupProbe has successfully
completed.
type: string
securityContext:
description: |-
SecurityContext defines the security options the container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label
that applies to the container.
type: string
role:
description: Role is a SELinux role label
that applies to the container.
type: string
type:
description: Type is a SELinux type label
that applies to the container.
type: string
user:
description: User is a SELinux user label
that applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the
name of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: |-
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully.
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
when it might take a long time to load data or warm a cache, than during steady-state operation.
This cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block
devices to be used by the container.
items:
description: volumeDevice describes a mapping
of a raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside
of the container that the device will be
mapped to.
type: string
name:
description: name must match the name of a
persistentVolumeClaim in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem.
Cannot be updated.
items:
description: VolumeMount describes a mounting
of a Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a
Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
dnsPolicy:
description: DNSPolicy
type: string
ephemeralContainers:
description: EphemeralContainers
items:
description: |-
An EphemeralContainer is a temporary container that you may add to an existing Pod for
user-initiated activities such as debugging. Ephemeral containers have no resource or
scheduling guarantees, and they will not be restarted when they exit or when a Pod is
removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
Pod to exceed its resource allocation.
To add an ephemeral container, use the ephemeralcontainers subresource of an existing
Pod. Ephemeral containers may not be removed or restarted.
properties:
args:
description: |-
Arguments to the entrypoint.
The image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment
variable present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema
the FieldPath is written in terms
of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to
select in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output
format of the exposed resources,
defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to
select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret
in the pod's namespace
properties:
key:
description: The key of the secret
to select from. Must be a valid
secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source
of a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a
C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: Lifecycle is not allowed for ephemeral
containers.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: Probes are not allowed for ephemeral
containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the ephemeral container specified as a DNS_LABEL.
This name must be unique among all containers, init containers and ephemeral containers.
type: string
ports:
description: Ports are not allowed for ephemeral
containers.
items:
description: ContainerPort represents a network
port in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: Probes are not allowed for ephemeral
containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents
resource resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
already allocated to the pod.
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
Restart policy for the container to manage the restart behavior of each
container within a pod.
This may only be set for init containers. You cannot set this field on
ephemeral containers.
type: string
securityContext:
description: |-
Optional: SecurityContext defines the security options the ephemeral container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label
that applies to the container.
type: string
role:
description: Role is a SELinux role label
that applies to the container.
type: string
type:
description: Type is a SELinux type label
that applies to the container.
type: string
user:
description: User is a SELinux user label
that applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the
name of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: Probes are not allowed for ephemeral
containers.
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
targetContainerName:
description: |-
If set, the name of the container from PodSpec that this ephemeral container targets.
The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
If not set then the ephemeral container uses the namespaces configured in the Pod spec.
The container runtime must implement support for this feature. If the runtime does not
support namespace targeting then the result of setting this field is undefined.
type: string
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block
devices to be used by the container.
items:
description: volumeDevice describes a mapping
of a raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside
of the container that the device will be
mapped to.
type: string
name:
description: name must match the name of a
persistentVolumeClaim in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
Cannot be updated.
items:
description: VolumeMount describes a mounting
of a Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a
Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
initContainers:
description: InitContainers
items:
description: A single application container that you
want to run within a pod.
properties:
args:
description: |-
Arguments to the entrypoint.
The container image's CMD is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
command:
description: |-
Entrypoint array. Not executed within a shell.
The container image's ENTRYPOINT is used if this is not provided.
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
of whether the variable exists or not. Cannot be updated.
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
items:
type: string
type: array
x-kubernetes-list-type: atomic
env:
description: |-
List of environment variables to set in the container.
Cannot be updated.
items:
description: EnvVar represents an environment
variable present in a Container.
properties:
name:
description: Name of the environment variable.
Must be a C_IDENTIFIER.
type: string
value:
description: |-
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "".
type: string
valueFrom:
description: Source for the environment variable's
value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
description: |-
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
properties:
apiVersion:
description: Version of the schema
the FieldPath is written in terms
of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to
select in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output
format of the exposed resources,
defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to
select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
description: Selects a key of a secret
in the pod's namespace
properties:
key:
description: The key of the secret
to select from. Must be a valid
secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
envFrom:
description: |-
List of sources to populate environment variables in the container.
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
will be reported as an event when the container is starting. When a key exists in multiple
sources, the value associated with the last source will take precedence.
Values defined by an Env with a duplicate key will take precedence.
Cannot be updated.
items:
description: EnvFromSource represents the source
of a set of ConfigMaps
properties:
configMapRef:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
prefix:
description: An optional identifier to prepend
to each key in the ConfigMap. Must be a
C_IDENTIFIER.
type: string
secretRef:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret
must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
type: object
type: array
x-kubernetes-list-type: atomic
image:
description: |-
Container image name.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, Never, IfNotPresent.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
type: string
lifecycle:
description: |-
Actions that the management system should take in response to container lifecycle events.
Cannot be updated.
properties:
postStart:
description: |-
PostStart is called immediately after a container is created. If the handler fails,
the container is terminated and restarted according to its restart policy.
Other management of the container blocks until the hook completes.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
preStop:
description: |-
PreStop is called immediately before a container is terminated due to an
API request or management event such as liveness/startup probe failure,
preemption, resource contention, etc. The handler is not called if the
container crashes or exits. The Pod's termination grace period countdown begins before the
PreStop hook is executed. Regardless of the outcome of the handler, the
container will eventually terminate within the Pod's termination grace
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
or until the termination grace period is reached.
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
properties:
exec:
description: Exec specifies the action to
take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
httpGet:
description: HTTPGet specifies the http
request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in
the request. HTTP allows repeated
headers.
items:
description: HTTPHeader describes
a custom header to be used in HTTP
probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field
value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
sleep:
description: Sleep represents the duration
that the container should sleep before
being terminated.
properties:
seconds:
description: Seconds is the number of
seconds to sleep.
format: int64
type: integer
required:
- seconds
type: object
tcpSocket:
description: |-
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
for the backward compatibility. There are no validation of this field and
lifecycle hooks will fail in runtime when tcp handler is specified.
properties:
host:
description: 'Optional: Host name to
connect to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
type: object
livenessProbe:
description: |-
Periodic probe of container liveness.
Container will be restarted if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
name:
description: |-
Name of the container specified as a DNS_LABEL.
Each container in a pod must have a unique name (DNS_LABEL).
Cannot be updated.
type: string
ports:
description: |-
List of ports to expose from the container. Not specifying a port here
DOES NOT prevent that port from being exposed. Any port which is
listening on the default "0.0.0.0" address inside a container will be
accessible from the network.
Modifying this array with strategic merge patch may corrupt the data.
For more information See https://github.com/kubernetes/kubernetes/issues/108255.
Cannot be updated.
items:
description: ContainerPort represents a network
port in a single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external
port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
x-kubernetes-list-map-keys:
- containerPort
- protocol
x-kubernetes-list-type: map
readinessProbe:
description: |-
Periodic probe of container service readiness.
Container will be removed from service endpoints if the probe fails.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
resizePolicy:
description: Resources resize policy for the container.
items:
description: ContainerResizePolicy represents
resource resize policy for the container.
properties:
resourceName:
description: |-
Name of the resource to which this resource resize policy applies.
Supported values: cpu, memory.
type: string
restartPolicy:
description: |-
Restart policy to apply when specified resource is resized.
If not specified, it defaults to NotRequired.
type: string
required:
- resourceName
- restartPolicy
type: object
type: array
x-kubernetes-list-type: atomic
resources:
description: |-
Compute Resources required by this container.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one
entry in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
restartPolicy:
description: |-
RestartPolicy defines the restart behavior of individual containers in a pod.
This field may only be set for init containers, and the only allowed value is "Always".
For non-init containers or when this field is not specified,
the restart behavior is defined by the Pod's restart policy and the container type.
Setting the RestartPolicy as "Always" for the init container will have the following effect:
this init container will be continually restarted on
exit until all regular containers have terminated. Once all regular
containers have completed, all init containers with restartPolicy "Always"
will be shut down. This lifecycle differs from normal init containers and
is often referred to as a "sidecar" container. Although this init
container still starts in the init container sequence, it does not wait
for the container to complete before proceeding to the next init
container. Instead, the next init container starts immediately after this
init container is started, or after any startupProbe has successfully
completed.
type: string
securityContext:
description: |-
SecurityContext defines the security options the container should be run with.
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
properties:
allowPrivilegeEscalation:
description: |-
AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.
type: boolean
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by this container. If set, this profile
overrides the pod's appArmorProfile.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
capabilities:
description: |-
The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows.
properties:
add:
description: Added capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
drop:
description: Removed capabilities
items:
description: Capability represent POSIX
capabilities type
type: string
type: array
x-kubernetes-list-type: atomic
type: object
privileged:
description: |-
Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
type: string
readOnlyRootFilesystem:
description: |-
Whether this container has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows.
type: boolean
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to the container.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label
that applies to the container.
type: string
role:
description: Role is a SELinux role label
that applies to the container.
type: string
type:
description: Type is a SELinux type label
that applies to the container.
type: string
user:
description: User is a SELinux user label
that applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by this container. If seccomp options are
provided at both the pod & container level, the container options
override the pod options.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options from the PodSecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the
name of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
startupProbe:
description: |-
StartupProbe indicates that the Pod has successfully initialized.
If specified, no other probes are executed until this completes successfully.
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
when it might take a long time to load data or warm a cache, than during steady-state operation.
This cannot be updated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving
a GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request
to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the
request. HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom
header to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
path:
description: Path to access on the HTTP
server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect
to, defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
stdin:
description: |-
Whether this container should allocate a buffer for stdin in the container runtime. If this
is not set, reads from stdin in the container will always result in EOF.
Default is false.
type: boolean
stdinOnce:
description: |-
Whether the container runtime should close the stdin channel after it has been opened by
a single attach. When stdin is true the stdin stream will remain open across multiple attach
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
at which time stdin is closed and remains closed until the container is restarted. If this
flag is false, a container processes that reads from stdin will never receive an EOF.
Default is false
type: boolean
terminationMessagePath:
description: |-
Optional: Path at which the file to which the container's termination message
will be written is mounted into the container's filesystem.
Message written is intended to be brief final status, such as an assertion failure message.
Will be truncated by the node if greater than 4096 bytes. The total message length across
all containers will be limited to 12kb.
Defaults to /dev/termination-log.
Cannot be updated.
type: string
terminationMessagePolicy:
description: |-
Indicate how the termination message should be populated. File will use the contents of
terminationMessagePath to populate the container status message on both success and failure.
FallbackToLogsOnError will use the last chunk of container log output if the termination
message file is empty and the container exited with an error.
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
Defaults to File.
Cannot be updated.
type: string
tty:
description: |-
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
Default is false.
type: boolean
volumeDevices:
description: volumeDevices is the list of block
devices to be used by the container.
items:
description: volumeDevice describes a mapping
of a raw block device within a container.
properties:
devicePath:
description: devicePath is the path inside
of the container that the device will be
mapped to.
type: string
name:
description: name must match the name of a
persistentVolumeClaim in the pod
type: string
required:
- devicePath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- devicePath
x-kubernetes-list-type: map
volumeMounts:
description: |-
Pod volumes to mount into the container's filesystem.
Cannot be updated.
items:
description: VolumeMount describes a mounting
of a Volume within a container.
properties:
mountPath:
description: |-
Path within the container at which the volume should be mounted. Must
not contain ':'.
type: string
mountPropagation:
description: |-
mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).
type: string
name:
description: This must match the Name of a
Volume.
type: string
readOnly:
description: |-
Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.
type: boolean
recursiveReadOnly:
description: |-
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
description: |-
Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).
type: string
subPathExpr:
description: |-
Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.
type: string
required:
- mountPath
- name
type: object
type: array
x-kubernetes-list-map-keys:
- mountPath
x-kubernetes-list-type: map
workingDir:
description: |-
Container's working directory.
If not specified, the container runtime's default will be used, which
might be configured in the container image.
Cannot be updated.
type: string
required:
- name
type: object
type: array
nodeSelector:
additionalProperties:
type: string
description: NodeSelector
type: object
restartPolicy:
description: RestartPolicy
type: string
securityContext:
description: PodSecurityContext
properties:
appArmorProfile:
description: |-
appArmorProfile is the AppArmor options to use by the containers in this pod.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".
type: string
type:
description: |-
type indicates which kind of AppArmor profile will be applied.
Valid options are:
Localhost - a profile pre-loaded on the node.
RuntimeDefault - the container runtime's default profile.
Unconfined - no AppArmor enforcement.
type: string
required:
- type
type: object
fsGroup:
description: |-
A special supplemental group that applies to all containers in a pod.
Some volume types allow the Kubelet to change the ownership of that volume
to be owned by the pod:
1. The owning GID will be the FSGroup
2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw----
If unset, the Kubelet will not modify the ownership and permissions of any volume.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
fsGroupChangePolicy:
description: |-
fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
before being exposed inside Pod. This field will only apply to
volume types which support fsGroup based ownership(and permissions).
It will have no effect on ephemeral volume types such as: secret, configmaps
and emptydir.
Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
Note that this field cannot be set when spec.os.name is windows.
type: string
runAsGroup:
description: |-
The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
runAsNonRoot:
description: |-
Indicates that the container must run as a non-root user.
If true, the Kubelet will validate the image at runtime to ensure that it
does not run as UID 0 (root) and fail to start the container if it does.
If unset or false, no such validation will be performed.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: boolean
runAsUser:
description: |-
The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.
format: int64
type: integer
seLinuxOptions:
description: |-
The SELinux context to be applied to all containers.
If unspecified, the container runtime will allocate a random SELinux context for each
container. May also be set in SecurityContext. If set in
both SecurityContext and PodSecurityContext, the value specified in SecurityContext
takes precedence for that container.
Note that this field cannot be set when spec.os.name is windows.
properties:
level:
description: Level is SELinux level label that
applies to the container.
type: string
role:
description: Role is a SELinux role label that
applies to the container.
type: string
type:
description: Type is a SELinux type label that
applies to the container.
type: string
user:
description: User is a SELinux user label that
applies to the container.
type: string
type: object
seccompProfile:
description: |-
The seccomp options to use by the containers in this pod.
Note that this field cannot be set when spec.os.name is windows.
properties:
localhostProfile:
description: |-
localhostProfile indicates a profile defined in a file on the node should be used.
The profile must be preconfigured on the node to work.
Must be a descending path, relative to the kubelet's configured seccomp profile location.
Must be set if type is "Localhost". Must NOT be set for any other type.
type: string
type:
description: |-
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
type: string
required:
- type
type: object
supplementalGroups:
description: |-
A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
Note that this field cannot be set when spec.os.name is windows.
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
sysctls:
description: |-
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
sysctls (by the container runtime) might fail to launch.
Note that this field cannot be set when spec.os.name is windows.
items:
description: Sysctl defines a kernel parameter to
be set
properties:
name:
description: Name of a property to set
type: string
value:
description: Value of a property to set
type: string
required:
- name
- value
type: object
type: array
x-kubernetes-list-type: atomic
windowsOptions:
description: |-
The Windows specific settings applied to all containers.
If unspecified, the options within a container's SecurityContext will be used.
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
Note that this field cannot be set when spec.os.name is linux.
properties:
gmsaCredentialSpec:
description: |-
GMSACredentialSpec is where the GMSA admission webhook
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
GMSA credential spec named by the GMSACredentialSpecName field.
type: string
gmsaCredentialSpecName:
description: GMSACredentialSpecName is the name
of the GMSA credential spec to use.
type: string
hostProcess:
description: |-
HostProcess determines if a container should be run as a 'Host Process' container.
All of a Pod's containers must have the same effective HostProcess value
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
In addition, if HostProcess is true then HostNetwork must also be set to true.
type: boolean
runAsUserName:
description: |-
The UserName in Windows to run the entrypoint of the container process.
Defaults to the user specified in image metadata if unspecified.
May also be set in PodSecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence.
type: string
type: object
type: object
terminationGracePeriodSeconds:
description: TerminationGracePeriodSeconds
format: int64
type: integer
topologySpreadConstraints:
description: TopologySpreadConstraints
items:
description: TopologySpreadConstraint specifies how
to spread matching pods among the given topology.
properties:
labelSelector:
description: |-
LabelSelector is used to find matching pods.
Pods that match this label selector are counted to determine the number of pods
in their corresponding topology domain.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are
ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that
the selector applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
matchLabelKeys:
description: |-
MatchLabelKeys is a set of pod label keys to select the pods over which
spreading will be calculated. The keys are used to lookup values from the
incoming pod labels, those key-value labels are ANDed with labelSelector
to select the group of existing pods over which spreading will be calculated
for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
MatchLabelKeys cannot be set when LabelSelector isn't set.
Keys that don't exist in the incoming pod labels will
be ignored. A null or empty list means only match against labelSelector.
This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
items:
type: string
type: array
x-kubernetes-list-type: atomic
maxSkew:
description: |-
MaxSkew describes the degree to which pods may be unevenly distributed.
When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
between the number of matching pods in the target topology and the global minimum.
The global minimum is the minimum number of matching pods in an eligible domain
or zero if the number of eligible domains is less than MinDomains.
For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
labelSelector spread as 2/2/1:
In this case, the global minimum is 1.
| zone1 | zone2 | zone3 |
| P P | P P | P |
- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
violate MaxSkew(1).
- if MaxSkew is 2, incoming pod can be scheduled onto any zone.
When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
to topologies that satisfy it.
It's a required field. Default value is 1 and 0 is not allowed.
format: int32
type: integer
minDomains:
description: |-
MinDomains indicates a minimum number of eligible domains.
When the number of eligible domains with matching topology keys is less than minDomains,
Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
And when the number of eligible domains with matching topology keys equals or greater than minDomains,
this value has no effect on scheduling.
As a result, when the number of eligible domains is less than minDomains,
scheduler won't schedule more than maxSkew Pods to those domains.
If value is nil, the constraint behaves as if MinDomains is equal to 1.
Valid values are integers greater than 0.
When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
labelSelector spread as 2/2/2:
| zone1 | zone2 | zone3 |
| P P | P P | P P |
The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
In this situation, new pod with the same labelSelector cannot be scheduled,
because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
it will violate MaxSkew.
format: int32
type: integer
nodeAffinityPolicy:
description: |-
NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
when calculating pod topology spread skew. Options are:
- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
If this value is nil, the behavior is equivalent to the Honor policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
type: string
nodeTaintsPolicy:
description: |-
NodeTaintsPolicy indicates how we will treat node taints when calculating
pod topology spread skew. Options are:
- Honor: nodes without taints, along with tainted nodes for which the incoming pod
has a toleration, are included.
- Ignore: node taints are ignored. All nodes are included.
If this value is nil, the behavior is equivalent to the Ignore policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
type: string
topologyKey:
description: |-
TopologyKey is the key of node labels. Nodes that have a label with this key
and identical values are considered to be in the same topology.
We consider each <key, value> as a "bucket", and try to put balanced number
of pods into each bucket.
We define a domain as a particular instance of a topology.
Also, we define an eligible domain as a domain whose nodes meet the requirements of
nodeAffinityPolicy and nodeTaintsPolicy.
e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
It's a required field.
type: string
whenUnsatisfiable:
description: |-
WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
the spread constraint.
- DoNotSchedule (default) tells the scheduler not to schedule it.
- ScheduleAnyway tells the scheduler to schedule the pod in any location,
but giving higher precedence to topologies that would help reduce the
skew.
A constraint is considered "Unsatisfiable" for an incoming pod
if and only if every possible node assignment for that pod would violate
"MaxSkew" on some topology.
For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
labelSelector spread as 3/1/1:
| zone1 | zone2 | zone3 |
| P P P | P | P |
If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
won't make it *more* imbalanced.
It's a required field.
type: string
required:
- maxSkew
- topologyKey
- whenUnsatisfiable
type: object
type: array
volumes:
description: Volumes
items:
description: Volume represents a named volume in a pod
that may be accessed by any container in the pod.
properties:
awsElasticBlockStore:
description: |-
awsElasticBlockStore represents an AWS Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
properties:
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
partition is the partition in the volume that you want to mount.
If omitted, the default is to mount by volume name.
Examples: For volume /dev/sda1, you specify the partition as "1".
Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
format: int32
type: integer
readOnly:
description: |-
readOnly value true will force the readOnly setting in VolumeMounts.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
type: boolean
volumeID:
description: |-
volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
type: string
required:
- volumeID
type: object
azureDisk:
description: azureDisk represents an Azure Data
Disk mount on the host and bind mount to the pod.
properties:
cachingMode:
description: 'cachingMode is the Host Caching
mode: None, Read Only, Read Write.'
type: string
diskName:
description: diskName is the Name of the data
disk in the blob storage
type: string
diskURI:
description: diskURI is the URI of data disk
in the blob storage
type: string
fsType:
description: |-
fsType is Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
kind:
description: 'kind expected values are Shared:
multiple blob disks per storage account Dedicated:
single blob disk per storage account Managed:
azure managed data disk (only in managed availability
set). defaults to shared'
type: string
readOnly:
description: |-
readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
description: azureFile represents an Azure File
Service mount on the host and bind mount to the
pod.
properties:
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretName:
description: secretName is the name of secret
that contains Azure Storage Account Name and
Key
type: string
shareName:
description: shareName is the azure share Name
type: string
required:
- secretName
- shareName
type: object
cephfs:
description: cephFS represents a Ceph FS mount on
the host that shares a pod's lifetime
properties:
monitors:
description: |-
monitors is Required: Monitors is a collection of Ceph monitors
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
items:
type: string
type: array
x-kubernetes-list-type: atomic
path:
description: 'path is Optional: Used as the
mounted root, rather than the full Ceph tree,
default is /'
type: string
readOnly:
description: |-
readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: boolean
secretFile:
description: |-
secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: string
secretRef:
description: |-
secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
user:
description: |-
user is optional: User is the rados user name, default is admin
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
type: string
required:
- monitors
type: object
cinder:
description: |-
cinder represents a cinder volume attached and mounted on kubelets host machine.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: boolean
secretRef:
description: |-
secretRef is optional: points to a secret object containing parameters used to connect
to OpenStack.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
volumeID:
description: |-
volumeID used to identify the volume in cinder.
More info: https://examples.k8s.io/mysql-cinder-pd/README.md
type: string
required:
- volumeID
type: object
configMap:
description: configMap represents a configMap that
should populate this volume
properties:
defaultMode:
description: |-
defaultMode is optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
ConfigMap will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the ConfigMap,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a path within
a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional specify whether the ConfigMap
or its keys must be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: csi (Container Storage Interface) represents
ephemeral storage that is handled by certain external
CSI drivers (Beta feature).
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
downwardAPI:
description: downwardAPI represents downward API
about the pod that should populate this volume
properties:
defaultMode:
description: |-
Optional: mode bits to use on created files by default. Must be a
Optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: Items is a list of downward API
volume file
items:
description: DownwardAPIVolumeFile represents
information to create the file containing
the pod field
properties:
fieldRef:
description: 'Required: Selects a field
of the pod: only annotations, labels,
name, namespace and uid are supported.'
properties:
apiVersion:
description: Version of the schema
the FieldPath is written in terms
of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to
select in the specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
description: |-
Optional: mode bits used to set permissions on this file, must be an octal value
between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: 'Required: Path is the relative
path name of the file to be created.
Must not be absolute or contain the
''..'' path. Must be utf-8 encoded.
The first item of the relative path
must not start with ''..'''
type: string
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
properties:
containerName:
description: 'Container name: required
for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output
format of the exposed resources,
defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to
select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
x-kubernetes-list-type: atomic
type: object
emptyDir:
description: |-
emptyDir represents a temporary directory that shares a pod's lifetime.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
properties:
medium:
description: |-
medium represents what type of storage medium should back this directory.
The default is "" which means to use the node's default medium.
Must be an empty string (default) or Memory.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
description: |-
sizeLimit is the total amount of local storage required for this EmptyDir volume.
The size limit is also applicable for memory medium.
The maximum usage on memory medium EmptyDir would be the minimum value between
the SizeLimit specified here and the sum of memory limits of all containers in a pod.
The default is nil which means that the limit is undefined.
More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
description: |-
ephemeral represents a volume that is handled by a cluster storage driver.
The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
and deleted when the pod is removed.
Use this if:
a) the volume is only needed while the pod runs,
b) features of normal volumes like restoring from snapshot or capacity
tracking are needed,
c) the storage driver is specified through a storage class, and
d) the storage driver supports dynamic volume provisioning through
a PersistentVolumeClaim (see EphemeralVolumeSource for more
information on the connection between this volume type
and PersistentVolumeClaim).
Use PersistentVolumeClaim or one of the vendor-specific
APIs for volumes that persist for longer than the lifecycle
of an individual pod.
Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
be used that way - see the documentation of the driver for
more information.
A pod can use both types of ephemeral volumes and
persistent volumes at the same time.
properties:
volumeClaimTemplate:
description: |-
Will be used to create a stand-alone PVC to provision the volume.
The pod in which this EphemeralVolumeSource is embedded will be the
owner of the PVC, i.e. the PVC will be deleted together with the
pod. The name of the PVC will be `<pod name>-<volume name>` where
`<volume name>` is the name from the `PodSpec.Volumes` array
entry. Pod validation will reject the pod if the concatenated name
is not valid for a PVC (for example, too long).
An existing PVC with that name that is not owned by the pod
will *not* be used for the pod to avoid using an unrelated
volume by mistake. Starting the pod is then blocked until
the unrelated PVC is removed. If such a pre-created PVC is
meant to be used by the pod, the PVC has to updated with an
owner reference to the pod once the pod exists. Normally
this should not be necessary, but it may be useful when
manually reconstructing a broken cluster.
This field is read-only and no changes will be made by Kubernetes
to the PVC after it has been created.
Required, must not be nil.
properties:
metadata:
description: |-
May contain labels and annotations that will be copied into the PVC
when creating it. No other fields are allowed and will be rejected during
validation.
type: object
spec:
description: |-
The specification for the PersistentVolumeClaim. The entire content is
copied unchanged into the PVC that gets created from this
template. The same fields as in a PersistentVolumeClaim
are also valid here.
properties:
accessModes:
description: |-
accessModes contains the desired access modes the volume should have.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim)
If the provisioner or an external controller can support the specified data source,
it will create a new volume based on the contents of the specified data source.
When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
If the namespace is specified, then dataSourceRef will not be copied to dataSource.
properties:
apiGroup:
description: |-
APIGroup is the group for the resource being referenced.
If APIGroup is not specified, the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of
resource being referenced
type: string
name:
description: Name is the name of
resource being referenced
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
description: |-
dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
volume is desired. This may be any object from a non-empty API group (non
core object) or a PersistentVolumeClaim object.
When this field is specified, volume binding will only succeed if the type of
the specified object matches some installed volume populator or dynamic
provisioner.
This field will replace the functionality of the dataSource field and as such
if both fields are non-empty, they must have the same value. For backwards
compatibility, when namespace isn't specified in dataSourceRef,
both fields (dataSource and dataSourceRef) will be set to the same
value automatically if one of them is empty and the other is non-empty.
When namespace is specified in dataSourceRef,
dataSource isn't set to the same value and must be empty.
There are three important differences between dataSource and dataSourceRef:
* While dataSource only allows two specific types of objects, dataSourceRef
allows any non-core object, as well as PersistentVolumeClaim objects.
* While dataSource ignores disallowed values (dropping them), dataSourceRef
preserves all values, and generates an error if a disallowed value is
specified.
* While dataSource only allows local objects, dataSourceRef allows objects
in any namespaces.
(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
properties:
apiGroup:
description: |-
APIGroup is the group for the resource being referenced.
If APIGroup is not specified, the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of
resource being referenced
type: string
name:
description: Name is the name of
resource being referenced
type: string
namespace:
description: |-
Namespace is the namespace of resource being referenced
Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
type: string
required:
- kind
- name
type: object
resources:
description: |-
resources represents the minimum resources the volume should have.
If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
that are lower than previous value but must still be higher than capacity recorded in the
status field of the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
selector:
description: selector is a label query
over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is
a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label
key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
description: |-
storageClassName is the name of the StorageClass required by the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
type: string
volumeAttributesClassName:
description: |-
volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
description: |-
volumeMode defines what type of volume is required by the claim.
Value of Filesystem is implied when not included in claim spec.
type: string
volumeName:
description: volumeName is the binding
reference to the PersistentVolume
backing this claim.
type: string
type: object
required:
- spec
type: object
type: object
fc:
description: fc represents a Fibre Channel resource
that is attached to a kubelet's host machine and
then exposed to the pod.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
lun:
description: 'lun is Optional: FC target lun
number'
format: int32
type: integer
readOnly:
description: |-
readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
targetWWNs:
description: 'targetWWNs is Optional: FC target
worldwide names (WWNs)'
items:
type: string
type: array
x-kubernetes-list-type: atomic
wwids:
description: |-
wwids Optional: FC volume world wide identifiers (wwids)
Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
flexVolume:
description: |-
flexVolume represents a generic volume resource that is
provisioned/attached using an exec based plugin.
properties:
driver:
description: driver is the name of the driver
to use for this volume.
type: string
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
type: string
options:
additionalProperties:
type: string
description: 'options is Optional: this field
holds extra command options if any.'
type: object
readOnly:
description: |-
readOnly is Optional: defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef is Optional: secretRef is reference to the secret object containing
sensitive information to pass to the plugin scripts. This may be
empty if no secret object is specified. If the secret object
contains more than one secret, all secrets are passed to the plugin
scripts.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
required:
- driver
type: object
flocker:
description: flocker represents a Flocker volume
attached to a kubelet's host machine. This depends
on the Flocker control service being running
properties:
datasetName:
description: |-
datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
should be considered as deprecated
type: string
datasetUUID:
description: datasetUUID is the UUID of the
dataset. This is unique identifier of a Flocker
dataset
type: string
type: object
gcePersistentDisk:
description: |-
gcePersistentDisk represents a GCE Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
properties:
fsType:
description: |-
fsType is filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
partition is the partition in the volume that you want to mount.
If omitted, the default is to mount by volume name.
Examples: For volume /dev/sda1, you specify the partition as "1".
Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
format: int32
type: integer
pdName:
description: |-
pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
type: string
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
type: boolean
required:
- pdName
type: object
gitRepo:
description: |-
gitRepo represents a git repository at a particular revision.
DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
into the Pod's container.
properties:
directory:
description: |-
directory is the target directory name.
Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
git repository. Otherwise, if specified, the volume will contain the git repository in
the subdirectory with the given name.
type: string
repository:
description: repository is the URL
type: string
revision:
description: revision is the commit hash for
the specified revision.
type: string
required:
- repository
type: object
glusterfs:
description: |-
glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
More info: https://examples.k8s.io/volumes/glusterfs/README.md
properties:
endpoints:
description: |-
endpoints is the endpoint name that details Glusterfs topology.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: string
path:
description: |-
path is the Glusterfs volume path.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: string
readOnly:
description: |-
readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
Defaults to false.
More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
type: boolean
required:
- endpoints
- path
type: object
hostPath:
description: |-
hostPath represents a pre-existing file or directory on the host
machine that is directly exposed to the container. This is generally
used for system agents or other privileged things that are allowed
to see the host machine. Most containers will NOT need this.
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
---
TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
mount host directories as read/write.
properties:
path:
description: |-
path of the directory on the host.
If the path is a symlink, it will follow the link to the real path.
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
type: string
type:
description: |-
type for HostPath Volume
Defaults to ""
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
type: string
required:
- path
type: object
iscsi:
description: |-
iscsi represents an ISCSI Disk resource that is attached to a
kubelet's host machine and then exposed to the pod.
More info: https://examples.k8s.io/volumes/iscsi/README.md
properties:
chapAuthDiscovery:
description: chapAuthDiscovery defines whether
support iSCSI Discovery CHAP authentication
type: boolean
chapAuthSession:
description: chapAuthSession defines whether
support iSCSI Session CHAP authentication
type: boolean
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
initiatorName:
description: |-
initiatorName is the custom iSCSI Initiator Name.
If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
<target portal>:<volume name> will be created for the connection.
type: string
iqn:
description: iqn is the target iSCSI Qualified
Name.
type: string
iscsiInterface:
description: |-
iscsiInterface is the interface Name that uses an iSCSI transport.
Defaults to 'default' (tcp).
type: string
lun:
description: lun represents iSCSI Target Lun
number.
format: int32
type: integer
portals:
description: |-
portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
is other than default (typically TCP ports 860 and 3260).
items:
type: string
type: array
x-kubernetes-list-type: atomic
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
type: boolean
secretRef:
description: secretRef is the CHAP Secret for
iSCSI target and initiator authentication
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
targetPortal:
description: |-
targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
is other than default (typically TCP ports 860 and 3260).
type: string
required:
- iqn
- lun
- targetPortal
type: object
name:
description: |-
name of the volume.
Must be a DNS_LABEL and unique within the pod.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
nfs:
description: |-
nfs represents an NFS mount on the host that shares a pod's lifetime
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
properties:
path:
description: |-
path that is exported by the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: string
readOnly:
description: |-
readOnly here will force the NFS export to be mounted with read-only permissions.
Defaults to false.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: boolean
server:
description: |-
server is the hostname or IP address of the NFS server.
More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
description: |-
persistentVolumeClaimVolumeSource represents a reference to a
PersistentVolumeClaim in the same namespace.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
properties:
claimName:
description: |-
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
type: string
readOnly:
description: |-
readOnly Will force the ReadOnly setting in VolumeMounts.
Default false.
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
description: photonPersistentDisk represents a PhotonController
persistent disk attached and mounted on kubelets
host machine
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
pdID:
description: pdID is the ID that identifies
Photon Controller persistent disk
type: string
required:
- pdID
type: object
portworxVolume:
description: portworxVolume represents a portworx
volume attached and mounted on kubelets host machine
properties:
fsType:
description: |-
fSType represents the filesystem type to mount
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
volumeID:
description: volumeID uniquely identifies a
Portworx volume
type: string
required:
- volumeID
type: object
projected:
description: projected items for all in one resources
secrets, configmaps, and downward API
properties:
defaultMode:
description: |-
defaultMode are the mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
sources:
description: sources is the list of volume projections
items:
description: Projection that may be projected
along with other supported volume types
properties:
clusterTrustBundle:
description: |-
ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
of ClusterTrustBundle objects in an auto-updating file.
Alpha, gated by the ClusterTrustBundleProjection feature gate.
ClusterTrustBundle objects can either be selected by name, or by the
combination of signer name and a label selector.
Kubelet performs aggressive normalization of the PEM contents written
into the pod filesystem. Esoteric PEM features such as inter-block
comments and block headers are stripped. Certificates are deduplicated.
The ordering of certificates within the file is arbitrary, and Kubelet
may change the order over time.
properties:
labelSelector:
description: |-
Select all ClusterTrustBundles that match this label selector. Only has
effect if signerName is set. Mutually-exclusive with name. If unset,
interpreted as "match nothing". If set but empty, interpreted as "match
everything".
properties:
matchExpressions:
description: matchExpressions
is a list of label selector
requirements. The requirements
are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the
label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
name:
description: |-
Select a single ClusterTrustBundle by object name. Mutually-exclusive
with signerName and labelSelector.
type: string
optional:
description: |-
If true, don't block pod startup if the referenced ClusterTrustBundle(s)
aren't available. If using name, then the named ClusterTrustBundle is
allowed not to exist. If using signerName, then the combination of
signerName and labelSelector is allowed to match zero
ClusterTrustBundles.
type: boolean
path:
description: Relative path from the
volume root to write the bundle.
type: string
signerName:
description: |-
Select all ClusterTrustBundles that match this signer name.
Mutually-exclusive with name. The contents of all selected
ClusterTrustBundles will be unified and deduplicated.
type: string
required:
- path
type: object
configMap:
description: configMap information about
the configMap data to project
properties:
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
ConfigMap will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the ConfigMap,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
description: key is the key
to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional specify whether
the ConfigMap or its keys must be
defined
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
description: downwardAPI information about
the downwardAPI data to project
properties:
items:
description: Items is a list of DownwardAPIVolume
file
items:
description: DownwardAPIVolumeFile
represents information to create
the file containing the pod field
properties:
fieldRef:
description: 'Required: Selects
a field of the pod: only annotations,
labels, name, namespace and
uid are supported.'
properties:
apiVersion:
description: Version of
the schema the FieldPath
is written in terms of,
defaults to "v1".
type: string
fieldPath:
description: Path of the
field to select in the
specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
description: |-
Optional: mode bits used to set permissions on this file, must be an octal value
between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: 'Required: Path
is the relative path name
of the file to be created.
Must not be absolute or contain
the ''..'' path. Must be utf-8
encoded. The first item of
the relative path must not
start with ''..'''
type: string
resourceFieldRef:
description: |-
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
properties:
containerName:
description: 'Container
name: required for volumes,
optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the
output format of the exposed
resources, defaults to
"1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required:
resource to select'
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
x-kubernetes-list-type: atomic
type: object
secret:
description: secret information about
the secret data to project
properties:
items:
description: |-
items if unspecified, each key-value pair in the Data field of the referenced
Secret will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the Secret,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to
a path within a volume.
properties:
key:
description: key is the key
to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: optional field specify
whether the Secret or its key must
be defined
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
description: serviceAccountToken is information
about the serviceAccountToken data to
project
properties:
audience:
description: |-
audience is the intended audience of the token. A recipient of a token
must identify itself with an identifier specified in the audience of the
token, and otherwise should reject the token. The audience defaults to the
identifier of the apiserver.
type: string
expirationSeconds:
description: |-
expirationSeconds is the requested duration of validity of the service
account token. As the token approaches expiration, the kubelet volume
plugin will proactively rotate the service account token. The kubelet will
start trying to rotate the token if the token is older than 80 percent of
its time to live or if the token is older than 24 hours.Defaults to 1 hour
and must be at least 10 minutes.
format: int64
type: integer
path:
description: |-
path is the path relative to the mount point of the file to project the
token into.
type: string
required:
- path
type: object
type: object
type: array
x-kubernetes-list-type: atomic
type: object
quobyte:
description: quobyte represents a Quobyte mount
on the host that shares a pod's lifetime
properties:
group:
description: |-
group to map volume access to
Default is no group
type: string
readOnly:
description: |-
readOnly here will force the Quobyte volume to be mounted with read-only permissions.
Defaults to false.
type: boolean
registry:
description: |-
registry represents a single or multiple Quobyte Registry services
specified as a string as host:port pair (multiple entries are separated with commas)
which acts as the central registry for volumes
type: string
tenant:
description: |-
tenant owning the given Quobyte volume in the Backend
Used with dynamically provisioned Quobyte volumes, value is set by the plugin
type: string
user:
description: |-
user to map volume access to
Defaults to serivceaccount user
type: string
volume:
description: volume is a string that references
an already created Quobyte volume by name.
type: string
required:
- registry
- volume
type: object
rbd:
description: |-
rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
More info: https://examples.k8s.io/volumes/rbd/README.md
properties:
fsType:
description: |-
fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
image:
description: |-
image is the rados image name.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
keyring:
description: |-
keyring is the path to key ring for RBDUser.
Default is /etc/ceph/keyring.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
monitors:
description: |-
monitors is a collection of Ceph monitors.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
items:
type: string
type: array
x-kubernetes-list-type: atomic
pool:
description: |-
pool is the rados pool name.
Default is rbd.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
readOnly:
description: |-
readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: boolean
secretRef:
description: |-
secretRef is name of the authentication secret for RBDUser. If provided
overrides keyring.
Default is nil.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
user:
description: |-
user is the rados user name.
Default is admin.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
required:
- image
- monitors
type: object
scaleIO:
description: scaleIO represents a ScaleIO persistent
volume attached and mounted on Kubernetes nodes.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs".
Default is "xfs".
type: string
gateway:
description: gateway is the host address of
the ScaleIO API Gateway.
type: string
protectionDomain:
description: protectionDomain is the name of
the ScaleIO Protection Domain for the configured
storage.
type: string
readOnly:
description: |-
readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef references to the secret for ScaleIO user and other
sensitive information. If this is not provided, Login operation will fail.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
sslEnabled:
description: sslEnabled Flag enable/disable
SSL communication with Gateway, default false
type: boolean
storageMode:
description: |-
storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
type: string
storagePool:
description: storagePool is the ScaleIO Storage
Pool associated with the protection domain.
type: string
system:
description: system is the name of the storage
system as configured in ScaleIO.
type: string
volumeName:
description: |-
volumeName is the name of a volume already created in the ScaleIO system
that is associated with this volume source.
type: string
required:
- gateway
- secretRef
- system
type: object
secret:
description: |-
secret represents a secret that should populate this volume.
More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
properties:
defaultMode:
description: |-
defaultMode is Optional: mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values
for mode bits. Defaults to 0644.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
items:
description: |-
items If unspecified, each key-value pair in the Data field of the referenced
Secret will be projected into the volume as a file whose name is the
key and content is the value. If specified, the listed keys will be
projected into the specified paths, and unlisted keys will not be
present. If a key is specified which is not present in the Secret,
the volume setup will error unless it is marked optional. Paths must be
relative and may not contain the '..' path or start with '..'.
items:
description: Maps a string key to a path within
a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
x-kubernetes-list-type: atomic
optional:
description: optional field specify whether
the Secret or its keys must be defined
type: boolean
secretName:
description: |-
secretName is the name of the secret in the pod's namespace to use.
More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
type: string
type: object
storageos:
description: storageOS represents a StorageOS volume
attached and mounted on Kubernetes nodes.
properties:
fsType:
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
readOnly:
description: |-
readOnly defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
type: boolean
secretRef:
description: |-
secretRef specifies the secret to use for obtaining the StorageOS API
credentials. If not specified, default values will be attempted.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
type: object
x-kubernetes-map-type: atomic
volumeName:
description: |-
volumeName is the human-readable name of the StorageOS volume. Volume
names are only unique within a namespace.
type: string
volumeNamespace:
description: |-
volumeNamespace specifies the scope of the volume within StorageOS. If no
namespace is specified then the Pod's namespace will be used. This allows the
Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
Set VolumeName to any name to override the default behaviour.
Set to "default" if you are not using namespaces within StorageOS.
Namespaces that do not pre-exist within StorageOS will be created.
type: string
type: object
vsphereVolume:
description: vsphereVolume represents a vSphere
volume attached and mounted on kubelets host machine
properties:
fsType:
description: |-
fsType is filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
type: string
storagePolicyID:
description: storagePolicyID is the storage
Policy Based Management (SPBM) profile ID
associated with the StoragePolicyName.
type: string
storagePolicyName:
description: storagePolicyName is the storage
Policy Based Management (SPBM) profile name.
type: string
volumePath:
description: volumePath is the path that identifies
vSphere volume vmdk
type: string
required:
- volumePath
type: object
required:
- name
type: object
type: array
required:
- containers
type: object
type: object
traits:
description: the traits needed to run this Integration
properties:
3scale:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
addons:
additionalProperties:
description: AddonTrait represents the configuration of
an addon trait.
type: object
x-kubernetes-preserve-unknown-fields: true
description: The extension point with addon traits
type: object
affinity:
description: The configuration of Affinity trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
nodeAffinityLabels:
description: Defines a set of nodes the integration pod(s)
are eligible to be scheduled on, based on labels on
the node.
items:
type: string
type: array
podAffinity:
description: Always co-locates multiple replicas of the
integration in the same node (default `false`).
type: boolean
podAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should be co-located with.
items:
type: string
type: array
podAntiAffinity:
description: Never co-locates multiple replicas of the
integration in the same node (default `false`).
type: boolean
podAntiAffinityLabels:
description: |-
Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the
integration pod(s) should not be co-located with.
items:
type: string
type: array
type: object
builder:
description: The configuration of Builder trait
properties:
annotations:
additionalProperties:
type: string
description: When using `pod` strategy, annotation to
use for the builder pod.
type: object
baseImage:
description: |-
Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK
installed and ready to use on path (ie `/usr/bin/java`).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
incrementalImageBuild:
description: Use the incremental image build option, to
reuse existing containers (default `true`)
type: boolean
limitCPU:
description: |-
When using `pod` strategy, the maximum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
limitMemory:
description: |-
When using `pod` strategy, the maximum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
mavenProfiles:
description: |-
A list of references pointing to configmaps/secrets that contains a maven profile.
This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.
The content of the maven profile is expected to be a text containing a valid maven profile starting with `<profile>` and ending with `</profile>` that will be integrated as an inline profile in the POM.
Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml).
items:
type: string
type: array
nodeSelector:
additionalProperties:
type: string
description: Defines a set of nodes the builder pod is
eligible to be scheduled on, based on labels on the
node.
type: object
orderStrategy:
description: The build order strategy to use, either `dependencies`,
`fifo` or `sequential` (default is the platform default)
enum:
- dependencies
- fifo
- sequential
type: string
platforms:
description: The list of manifest platforms to use to
build a container image (default `linux/amd64`).
items:
type: string
type: array
properties:
description: A list of properties to be provided to the
build task
items:
type: string
type: array
requestCPU:
description: |-
When using `pod` strategy, the minimum amount of CPU required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
requestMemory:
description: |-
When using `pod` strategy, the minimum amount of memory required by the pod builder.
Deprecated: use TasksRequestCPU instead with task name `builder`.
type: string
strategy:
description: The strategy to use, either `pod` or `routine`
(default `routine`)
enum:
- pod
- routine
type: string
tasks:
description: A list of tasks to be executed (available
only when using `pod` strategy) with format `<name>;<container-image>;<container-command>`.
items:
type: string
type: array
tasksFilter:
description: |-
A list of tasks sorted by the order of execution in a csv format, ie, `<taskName1>,<taskName2>,...`.
Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)
if you need to execute them. Useful only with `pod` strategy.
type: string
tasksLimitCPU:
description: A list of limit cpu configuration for the
specific task with format `<task-name>:<limit-cpu-conf>`.
items:
type: string
type: array
tasksLimitMemory:
description: A list of limit memory configuration for
the specific task with format `<task-name>:<limit-memory-conf>`.
items:
type: string
type: array
tasksRequestCPU:
description: A list of request cpu configuration for the
specific task with format `<task-name>:<request-cpu-conf>`.
items:
type: string
type: array
tasksRequestMemory:
description: A list of request memory configuration for
the specific task with format `<task-name>:<request-memory-conf>`.
items:
type: string
type: array
verbose:
description: |-
Enable verbose logging on build components that support it (e.g. Kaniko build pod).
Deprecated no longer in use
type: boolean
type: object
camel:
description: The configuration of Camel trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
properties:
description: A list of properties to be provided to the
Integration runtime
items:
type: string
type: array
runtimeVersion:
description: |-
The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.
You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve
to the best matching Catalog existing on the cluster.
type: string
type: object
container:
description: The configuration of Container trait
properties:
allowPrivilegeEscalation:
description: Security Context AllowPrivilegeEscalation
configuration (default false).
type: boolean
auto:
description: To automatically enable the trait
type: boolean
capabilitiesAdd:
description: Security Context Capabilities Add configuration
(default none).
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
capabilitiesDrop:
description: Security Context Capabilities Drop configuration
(default ALL).
items:
description: Capability represent POSIX capabilities
type
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
expose:
description: Can be used to enable/disable exposure via
kubernetes Service.
type: boolean
image:
description: |-
The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which
won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead
Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit.
type: string
imagePullPolicy:
description: 'The pull policy: Always|Never|IfNotPresent'
enum:
- Always
- Never
- IfNotPresent
type: string
limitCPU:
description: The maximum amount of CPU to be provided
(default 500 millicores).
type: string
limitMemory:
description: The maximum amount of memory to be provided
(default 512 Mi).
type: string
name:
description: The main container name. It's named `integration`
by default.
type: string
port:
description: To configure a different port exposed by
the container (default `8080`).
format: int32
type: integer
portName:
description: To configure a different port name for the
port exposed by the container. It defaults to `http`
only when the `expose` parameter is true.
type: string
requestCPU:
description: The minimum amount of CPU required (default
125 millicores).
type: string
requestMemory:
description: The minimum amount of memory required (default
128 Mi).
type: string
runAsNonRoot:
description: Security Context RunAsNonRoot configuration
(default false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration
(default none): this value is automatically retrieved
in Openshift clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
servicePort:
description: To configure under which service port the
container port is to be exposed (default `80`).
format: int32
type: integer
servicePortName:
description: To configure under which service port name
the container port is to be exposed (default `http`).
type: string
type: object
cron:
description: The configuration of Cron trait
properties:
activeDeadlineSeconds:
description: |-
Specifies the duration in seconds, relative to the start time, that the job
may be continuously active before it is considered to be failed.
It defaults to 60s.
format: int64
type: integer
auto:
description: |-
Automatically deploy the integration as CronJob when all routes are
either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).
It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,
while `35m` or `50s` cannot).
type: boolean
backoffLimit:
description: |-
Specifies the number of retries before marking the job failed.
It defaults to 2.
format: int32
type: integer
components:
description: |-
A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.
Supported components are currently: `cron`, `timer` and `quartz`.
type: string
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow": allows CronJobs to run concurrently;
- "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
fallback:
description: |-
Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration
as Kubernetes CronJob.
type: boolean
schedule:
description: |-
The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this
mechanism to work correctly.
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
timeZone:
description: The timezone that the CronJob will run on
type: string
type: object
dependencies:
description: The configuration of Dependencies trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
deployer:
description: The configuration of Deployer trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
kind:
description: Allows to explicitly select the desired deployment
kind between `deployment`, `cron-job` or `knative-service`
when creating the resources for running the integration.
enum:
- deployment
- cron-job
- knative-service
type: string
useSSA:
description: |-
Deprecated: won't be able to enforce client side update in the future.
Use server-side apply to update the owned resources (default `true`).
Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters.
type: boolean
type: object
deployment:
description: The configuration of Deployment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
progressDeadlineSeconds:
description: |-
The maximum time in seconds for the deployment to make progress before it
is considered to be failed. It defaults to `60s`.
format: int32
type: integer
rollingUpdateMaxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired number of
pods.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up.
Defaults to `25%`.
x-kubernetes-int-or-string: true
rollingUpdateMaxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during the update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding down.
This can not be 0 if MaxSurge is 0.
Defaults to `25%`.
x-kubernetes-int-or-string: true
strategy:
description: The deployment strategy to use to replace
existing pods with new ones.
enum:
- Recreate
- RollingUpdate
type: string
type: object
environment:
description: The configuration of Environment trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
containerMeta:
description: Enables injection of `NAMESPACE` and `POD_NAME`
environment variables (default `true`)
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
httpProxy:
description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY`
and `NO_PROXY` environment variables (default `true`)
type: boolean
vars:
description: |-
A list of environment variables to be added to the integration container.
The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name,
and key represents the resource key to be mapped as and environment variable.
These take precedence over any previously defined environment variables.
items:
type: string
type: array
type: object
error-handler:
description: The configuration of Error Handler trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
ref:
description: The error handler ref name provided or found
in application properties
type: string
type: object
gc:
description: The configuration of GC trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryCache:
description: |-
Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).
Deprecated: no longer in use.
enum:
- disabled
- disk
- memory
type: string
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
type: object
health:
description: The configuration of Health trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
livenessFailureThreshold:
description: Minimum consecutive failures for the liveness
probe to be considered failed after having succeeded.
format: int32
type: integer
livenessInitialDelay:
description: Number of seconds after the container has
started before the liveness probe is initiated.
format: int32
type: integer
livenessPeriod:
description: How often to perform the liveness probe.
format: int32
type: integer
livenessProbe:
description: The liveness probe path to use (default provided
by the Catalog runtime used).
type: string
livenessProbeEnabled:
description: Configures the liveness probe for the integration
container (default `false`).
type: boolean
livenessScheme:
description: Scheme to use when connecting to the liveness
probe (default `HTTP`).
type: string
livenessSuccessThreshold:
description: Minimum consecutive successes for the liveness
probe to be considered successful after having failed.
format: int32
type: integer
livenessTimeout:
description: Number of seconds after which the liveness
probe times out.
format: int32
type: integer
readinessFailureThreshold:
description: Minimum consecutive failures for the readiness
probe to be considered failed after having succeeded.
format: int32
type: integer
readinessInitialDelay:
description: Number of seconds after the container has
started before the readiness probe is initiated.
format: int32
type: integer
readinessPeriod:
description: How often to perform the readiness probe.
format: int32
type: integer
readinessProbe:
description: The readiness probe path to use (default
provided by the Catalog runtime used).
type: string
readinessProbeEnabled:
description: Configures the readiness probe for the integration
container (default `true`).
type: boolean
readinessScheme:
description: Scheme to use when connecting to the readiness
probe (default `HTTP`).
type: string
readinessSuccessThreshold:
description: Minimum consecutive successes for the readiness
probe to be considered successful after having failed.
format: int32
type: integer
readinessTimeout:
description: Number of seconds after which the readiness
probe times out.
format: int32
type: integer
startupFailureThreshold:
description: Minimum consecutive failures for the startup
probe to be considered failed after having succeeded.
format: int32
type: integer
startupInitialDelay:
description: Number of seconds after the container has
started before the startup probe is initiated.
format: int32
type: integer
startupPeriod:
description: How often to perform the startup probe.
format: int32
type: integer
startupProbe:
description: The startup probe path to use (default provided
by the Catalog runtime used).
type: string
startupProbeEnabled:
description: Configures the startup probe for the integration
container (default `false`).
type: boolean
startupScheme:
description: Scheme to use when connecting to the startup
probe (default `HTTP`).
type: string
startupSuccessThreshold:
description: Minimum consecutive successes for the startup
probe to be considered successful after having failed.
format: int32
type: integer
startupTimeout:
description: Number of seconds after which the startup
probe times out.
format: int32
type: integer
type: object
ingress:
description: The configuration of Ingress trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to the ingress.
This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:
See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
type: object
auto:
description: To automatically add an ingress whenever
the integration uses an HTTP endpoint consumer.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
host:
description: To configure the host exposed by the ingress.
type: string
ingressClassName:
description: |-
The Ingress class name as defined by the Ingress spec
See https://kubernetes.io/docs/concepts/services-networking/ingress/
type: string
path:
description: To configure the path exposed by the ingress
(default `/`).
type: string
pathType:
description: |-
To configure the path type exposed by the ingress.
One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`).
enum:
- Exact
- Prefix
- ImplementationSpecific
type: string
tlsHosts:
description: To configure tls hosts
items:
type: string
type: array
tlsSecretName:
description: To configure tls secret name
type: string
type: object
istio:
description: The configuration of Istio trait
properties:
allow:
description: Configures a (comma-separated) list of CIDR
subnets that should not be intercepted by the Istio
proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by
default).
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
inject:
description: Forces the value for labels `sidecar.istio.io/inject`.
By default the label is set to `true` on deployment
and not set on Knative Service.
type: boolean
type: object
jolokia:
description: The configuration of Jolokia trait
properties:
CACert:
description: |-
The PEM encoded CA certification file path, used to verify client certificates,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift).
type: string
clientPrincipal:
description: |-
The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
discoveryEnabled:
description: Listen for multicast requests (default `false`)
type: boolean
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
extendedClientCheck:
description: |-
Mandate the client certificate contains a client flag in the extended key usage section,
applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`
(default `true` for OpenShift).
type: boolean
host:
description: |-
The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given,
the servers binds to every network interface (default `"*"`).
type: string
options:
description: |-
A list of additional Jolokia options as defined
in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]
items:
type: string
type: array
password:
description: The password used for authentication, applicable
when the `user` option is set.
type: string
port:
description: The Jolokia endpoint port (default `8778`).
format: int32
type: integer
protocol:
description: The protocol to use, either `http` or `https`
(default `https` for OpenShift)
type: string
useSSLClientAuthentication:
description: Whether client certificates should be used
for authentication (default `true` for OpenShift).
type: boolean
user:
description: The user to be used for authentication
type: string
type: object
jvm:
description: The configuration of JVM trait
properties:
classpath:
description: Additional JVM classpath (use `Linux` classpath
separator)
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
debug:
description: Activates remote debugging, so that a debugger
can be attached to the JVM, e.g., using port-forwarding
type: boolean
debugAddress:
description: Transport address at which to listen for
the newly launched JVM (default `*:5005`)
type: string
debugSuspend:
description: Suspends the target JVM immediately before
the main class is loaded
type: boolean
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
jar:
description: The Jar dependency which will run the application.
Leave it empty for managed Integrations.
type: string
options:
description: A list of JVM options
items:
type: string
type: array
printCommand:
description: |-
Prints the command used the start the JVM in the container logs (default `true`)
Deprecated: no longer in use.
type: boolean
type: object
kamelets:
description: The configuration of Kamelets trait
properties:
auto:
description: Automatically inject all referenced Kamelets
and their default configuration (enabled by default)
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
list:
description: Comma separated list of Kamelet names to
load into the current integration
type: string
mountPoint:
description: The directory where the application mounts
and reads Kamelet spec (default `/etc/camel/kamelets`)
type: string
type: object
keda:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
knative:
description: The configuration of Knative trait
properties:
auto:
description: Enable automatic discovery of all trait properties.
type: boolean
channelSinks:
description: |-
List of channels used as destination of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
channelSources:
description: |-
List of channels used as source of integration routes.
Can contain simple channel names or full Camel URIs.
items:
type: string
type: array
config:
description: Can be used to inject a Knative complete
configuration in JSON format.
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
endpointSinks:
description: |-
List of endpoints used as destination of integration routes.
Can contain simple endpoint names or full Camel URIs.
items:
type: string
type: array
endpointSources:
description: List of channels used as source of integration
routes.
items:
type: string
type: array
eventSinks:
description: |-
List of event types that the integration will produce.
Can contain simple event types or full Camel URIs (to use a specific broker).
items:
type: string
type: array
eventSources:
description: |-
List of event types that the integration will be subscribed to.
Can contain simple event types or full Camel URIs (to use a specific broker different from "default").
items:
type: string
type: array
filterEventType:
description: |-
Enables the default filtering for the Knative trigger using the event type
If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)
type: boolean
filterSourceChannels:
description: |-
Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of
Knative, filtering is disabled by default.
type: boolean
filters:
description: |-
Sets filter attributes on the event stream (such as event type, source, subject and so on).
A list of key-value pairs that represent filter attributes and its values.
The syntax is KEY=VALUE, e.g., `source="my.source"`.
Filter attributes get set on the Knative trigger that is being created as part of this integration.
items:
type: string
type: array
namespaceLabel:
description: |-
Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace
As Knative requires this label to perform injection of K_SINK URL into the service.
If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)
type: boolean
sinkBinding:
description: |-
Allows binding the integration to a sink via a Knative SinkBinding resource.
This can be used when the integration targets a single sink.
It's enabled by default when the integration targets a single sink
(except when the integration is owned by a Knative source).
type: boolean
type: object
knative-service:
description: The configuration of Knative Service trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set knative service specific annotations
CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
auto:
description: |-
Automatically deploy the integration as Knative service when all conditions hold:
* Integration is using the Knative profile
* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)
type: boolean
autoscalingMetric:
description: |-
Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).
Refer to the Knative documentation for more information.
type: string
autoscalingTarget:
description: |-
Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.
Refer to the Knative documentation for more information.
type: integer
class:
description: |-
Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).
Refer to the Knative documentation for more information.
enum:
- kpa.autoscaling.knative.dev
- hpa.autoscaling.knative.dev
type: string
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
maxScale:
description: |-
An upper bound for the number of Pods that can be running in parallel for the integration.
Knative has its own cap value that depends on the installation.
Refer to the Knative documentation for more information.
type: integer
minScale:
description: |-
The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that
the integration is scaled down to zero when not used for a configured amount of time.
Refer to the Knative documentation for more information.
type: integer
rolloutDuration:
description: |-
Enables to gradually shift traffic to the latest Revision and sets the rollout duration.
It's disabled by default and must be expressed as a Golang `time.Duration` string representation,
rounded to a second precision.
type: string
timeoutSeconds:
description: |-
The maximum duration in seconds that the request instance is allowed to respond to a request.
This field propagates to the integration pod's terminationGracePeriodSeconds
Refer to the Knative documentation for more information.
format: int64
type: integer
visibility:
description: |-
Setting `cluster-local`, Knative service becomes a private service.
Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service.
Refer to the Knative documentation for more information.
enum:
- cluster-local
type: string
type: object
logging:
description: The configuration of Logging trait
properties:
color:
description: Colorize the log output
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
format:
description: Logs message format
type: string
json:
description: Output the logs in JSON
type: boolean
jsonPrettyPrint:
description: Enable "pretty printing" of the JSON logs
type: boolean
level:
description: Adjust the logging level (defaults to `INFO`)
enum:
- FATAL
- WARN
- INFO
- DEBUG
- TRACE
type: string
type: object
master:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
mount:
description: The configuration of Mount trait
properties:
configs:
description: |-
A list of configuration pointing to configmap/secret.
The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.
They are also made available on the classpath in order to ease their usage directly from the Route.
Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
emptyDirs:
description: |-
A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi).
Syntax: name:/container/path[:sizeLimit]
items:
type: string
type: array
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
hotReload:
description: |-
Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be
marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for
changes in metadata.
type: boolean
resources:
description: |-
A list of resources (text or binary content) pointing to configmap/secret.
The resources are expected to be any resource type (text or binary content).
The destination path can be either a default location or any path specified by the user.
Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path
items:
type: string
type: array
scanKameletsImplicitLabelSecrets:
description: 'Deprecated: no longer available since version
2.5.'
type: boolean
volumes:
description: |-
A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails.
You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided
or the default cluster Storage Class. However, if the PVC exists, the operator would mount it.
items:
type: string
type: array
type: object
openapi:
description: The configuration of OpenAPI trait
properties:
configmaps:
description: The configmaps holding the spec of the OpenAPI
(compatible with > 3.0 spec only).
items:
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
type: object
owner:
description: The configuration of Owner trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
targetAnnotations:
description: The set of annotations to be transferred
items:
type: string
type: array
targetLabels:
description: The set of labels to be transferred
items:
type: string
type: array
type: object
pdb:
description: The configuration of PDB trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
maxUnavailable:
description: |-
The number of pods for the Integration that can be unavailable after an eviction.
It can be either an absolute number or a percentage (default `1` if `min-available` is also not set).
Only one of `max-unavailable` and `min-available` can be specified.
type: string
minAvailable:
description: |-
The number of pods for the Integration that must still be available after an eviction.
It can be either an absolute number or a percentage.
Only one of `min-available` and `max-unavailable` can be specified.
type: string
type: object
platform:
description: The configuration of Platform trait
properties:
auto:
description: |-
To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
createDefault:
description: |-
To create a default (empty) platform when the platform is missing.
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
global:
description: |-
Indicates if the platform should be created globally in the case of global operator (default true).
Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility
type: boolean
type: object
pod:
description: The configuration of Pod trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
type: object
prometheus:
description: The configuration of Prometheus trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
podMonitor:
description: Whether a `PodMonitor` resource is created
(default `true`).
type: boolean
podMonitorLabels:
description: The `PodMonitor` resource labels, applicable
when `pod-monitor` is `true`.
items:
type: string
type: array
type: object
pull-secret:
description: The configuration of Pull Secret trait
properties:
auto:
description: Automatically configures the platform registry
secret on the pod if it is of type `kubernetes.io/dockerconfigjson`.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
imagePullerDelegation:
description: When using a global operator with a shared
platform, this enables delegation of the `system:image-puller`
cluster role on the operator namespace to the integration
service account.
type: boolean
secretName:
description: The pull secret name to set on the Pod. If
left empty this is automatically taken from the `IntegrationPlatform`
registry configuration.
type: string
type: object
quarkus:
description: The configuration of Quarkus trait
properties:
buildMode:
description: |-
The Quarkus mode to run: either `jvm` or `native` (default `jvm`).
In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,
with the `native` kit having precedence over the `jvm` one once ready.
items:
description: QuarkusMode is the type of Quarkus build
packaging.
enum:
- jvm
- native
type: string
type: array
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
nativeBaseImage:
description: The base image to use when running a native
build (default `quay.io/quarkus/quarkus-micro-image:2.0`)
type: string
nativeBuilderImage:
description: The image containing the tooling required
for a native build (by default it will use the one provided
in the runtime catalog)
type: string
packageTypes:
description: |-
The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).
In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,
with the native kit having precedence over the `fast-jar` one once ready.
The order influences the resolution of the current kit for the integration.
The kit corresponding to the first package type will be assigned to the
integration in case no existing kit that matches the integration exists.
Deprecated: use `build-mode` instead.
items:
description: |-
QuarkusPackageType is the type of Quarkus build packaging.
Deprecated: use `QuarkusMode` instead.
enum:
- fast-jar
- native
type: string
type: array
type: object
registry:
description: |-
The configuration of Registry trait (support removed since version 2.5.0).
Deprecated: use jvm trait or read documentation.
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
type: object
route:
description: The configuration of Route trait
properties:
annotations:
additionalProperties:
type: string
description: |-
The annotations added to route.
This can be used to set route specific annotations
For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations
CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true"
type: object
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
host:
description: To configure the host exposed by the route.
type: string
tlsCACertificate:
description: |-
The TLS CA certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCACertificateSecret:
description: |-
The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificate:
description: |-
The TLS certificate contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsCertificateSecret:
description: |-
The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificate:
description: |-
The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt
termination this file should be provided in order to have routers use it for health checks on the secure connection.
If this field is not specified, the router may provide its own destination CA and perform hostname validation using
the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically
verify.
Refer to the OpenShift route documentation for additional information.
type: string
tlsDestinationCACertificateSecret:
description: |-
The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsInsecureEdgeTerminationPolicy:
description: |-
To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.
Refer to the OpenShift route documentation for additional information.
enum:
- None
- Allow
- Redirect
type: string
tlsKey:
description: |-
The TLS certificate key contents.
Refer to the OpenShift route documentation for additional information.
type: string
tlsKeySecret:
description: |-
The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/".
Refer to the OpenShift route documentation for additional information.
type: string
tlsTermination:
description: |-
The TLS termination type, like `edge`, `passthrough` or `reencrypt`.
Refer to the OpenShift route documentation for additional information.
enum:
- edge
- reencrypt
- passthrough
type: string
type: object
security-context:
description: The configuration of Security Context trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: 'Deprecated: no longer in use.'
type: boolean
runAsNonRoot:
description: Security Context RunAsNonRoot configuration
(default false).
type: boolean
runAsUser:
description: 'Security Context RunAsUser configuration
(default none): this value is automatically retrieved
in Openshift clusters when not explicitly set.'
format: int64
type: integer
seccompProfileType:
description: Security Context SeccompProfileType configuration
(default RuntimeDefault).
enum:
- Unconfined
- RuntimeDefault
type: string
type: object
service:
description: The configuration of Service trait
properties:
annotations:
additionalProperties:
type: string
description: The annotations added to the Service object.
type: object
auto:
description: To automatically detect from the code if
a Service needs to be created.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
labels:
additionalProperties:
type: string
description: The labels added to the Service object.
type: object
nodePort:
description: |-
Enable Service to be exposed as NodePort (default `false`).
Deprecated: Use service type instead.
type: boolean
type:
description: The type of service to be used, either 'ClusterIP',
'NodePort' or 'LoadBalancer'.
enum:
- ClusterIP
- NodePort
- LoadBalancer
type: string
type: object
service-binding:
description: The configuration of Service Binding trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
services:
description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name
items:
type: string
type: array
type: object
strimzi:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
telemetry:
description: The configuration of Telemetry trait
properties:
auto:
description: Enables automatic configuration of the trait,
including automatic discovery of the telemetry endpoint.
type: boolean
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
endpoint:
description: The target endpoint of the Telemetry service
(automatically discovered by default)
type: string
sampler:
description: The sampler of the telemetry used for tracing
(default "on")
type: string
sampler-parent-based:
description: The sampler of the telemetry used for tracing
is parent based (default "true")
type: boolean
sampler-ratio:
description: The sampler ratio of the telemetry used for
tracing
type: string
serviceName:
description: The name of the service that publishes telemetry
data (defaults to the integration name)
type: string
type: object
toleration:
description: The configuration of Toleration trait
properties:
configuration:
description: |-
Legacy trait configuration parameters.
Deprecated: for backward compatibility.
type: object
x-kubernetes-preserve-unknown-fields: true
enabled:
description: Can be used to enable or disable a trait.
All traits share this common property.
type: boolean
taints:
description: The list of taints to tolerate, in the form
`Key[=Value]:Effect[:Seconds]`
items:
type: string
type: array
type: object
tracing:
description: 'Deprecated: for backward compatibility.'
properties:
configuration:
description: TraitConfiguration parameters configuration
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- configuration
type: object
type: object
type: object
replicas:
description: Replicas is the number of desired replicas for the Pipe
format: int32
type: integer
serviceAccountName:
description: Custom SA to use for the Pipe
type: string
sink:
description: Sink is the destination of the integration defined by
this Pipe
properties:
dataTypes:
additionalProperties:
description: DataTypeReference references to the specification
of a data type by its scheme and format name.
properties:
format:
description: the data type format name
type: string
scheme:
description: the data type component scheme
type: string
type: object
description: DataTypes defines the data type of the data produced/consumed
by the endpoint and references a given data type specification.
type: object
properties:
description: Properties are a key value representation of endpoint
properties
type: object
x-kubernetes-preserve-unknown-fields: true
ref:
description: Ref can be used to declare a Kubernetes resource
as source/sink endpoint
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
uri:
description: URI can be used to specify the (Camel) endpoint explicitly
type: string
type: object
source:
description: Source is the starting point of the integration defined
by this Pipe
properties:
dataTypes:
additionalProperties:
description: DataTypeReference references to the specification
of a data type by its scheme and format name.
properties:
format:
description: the data type format name
type: string
scheme:
description: the data type component scheme
type: string
type: object
description: DataTypes defines the data type of the data produced/consumed
by the endpoint and references a given data type specification.
type: object
properties:
description: Properties are a key value representation of endpoint
properties
type: object
x-kubernetes-preserve-unknown-fields: true
ref:
description: Ref can be used to declare a Kubernetes resource
as source/sink endpoint
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
uri:
description: URI can be used to specify the (Camel) endpoint explicitly
type: string
type: object
steps:
description: Steps contains an optional list of intermediate steps
that are executed between the Source and the Sink
items:
description: Endpoint represents a source/sink external entity (could
be any Kubernetes resource or Camel URI).
properties:
dataTypes:
additionalProperties:
description: DataTypeReference references to the specification
of a data type by its scheme and format name.
properties:
format:
description: the data type format name
type: string
scheme:
description: the data type component scheme
type: string
type: object
description: DataTypes defines the data type of the data produced/consumed
by the endpoint and references a given data type specification.
type: object
properties:
description: Properties are a key value representation of endpoint
properties
type: object
x-kubernetes-preserve-unknown-fields: true
ref:
description: Ref can be used to declare a Kubernetes resource
as source/sink endpoint
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
uri:
description: URI can be used to specify the (Camel) endpoint
explicitly
type: string
type: object
type: array
type: object
status:
description: the status of a Pipe
properties:
conditions:
description: Conditions --
items:
description: PipeCondition describes the state of a resource at
a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
pods:
description: Pods collect health and conditions information
from the owned PODs
items:
properties:
condition:
description: PodCondition contains details for the current
condition of this pod.
properties:
lastProbeTime:
description: Last time we probed the condition.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned
from one status to another.
format: date-time
type: string
message:
description: Human-readable message indicating details
about last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for
the condition's last transition.
type: string
status:
description: |-
Status is the status of the condition.
Can be True, False, Unknown.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
type: string
type:
description: |-
Type is the type of the condition.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
type: string
required:
- status
- type
type: object
health:
items:
properties:
data:
description: |-
RawMessage is a raw encoded JSON value.
It implements Marshaler and Unmarshaler and can
be used to delay JSON decoding or precompute a JSON encoding.
x-kubernetes-preserve-unknown-fields: true
name:
type: string
status:
type: string
type: object
type: array
name:
type: string
required:
- condition
type: object
type: array
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of pipe condition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this Pipe.
format: int64
type: integer
phase:
description: Phase --
type: string
replicas:
description: Replicas is the number of actual replicas of the pipe
format: int32
type: integer
selector:
description: Selector allows to identify pods belonging to the pipe
type: string
type: object
type: object
served: true
storage: true
subresources:
scale:
labelSelectorPath: .status.selector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}