| # --------------------------------------------------------------------------- |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # --------------------------------------------------------------------------- |
| |
| apiVersion: apiextensions.k8s.io/v1 |
| kind: CustomResourceDefinition |
| metadata: |
| annotations: |
| controller-gen.kubebuilder.io/version: v0.6.1 |
| creationTimestamp: null |
| labels: |
| app: camel-k |
| name: kameletbindings.camel.apache.org |
| spec: |
| group: camel.apache.org |
| names: |
| categories: |
| - kamel |
| - camel |
| kind: KameletBinding |
| listKind: KameletBindingList |
| plural: kameletbindings |
| shortNames: |
| - klb |
| singular: kameletbinding |
| scope: Namespaced |
| versions: |
| - additionalPrinterColumns: |
| - description: The Kamelet Binding phase |
| jsonPath: .status.phase |
| name: Phase |
| type: string |
| - description: The number of pods |
| jsonPath: .status.replicas |
| name: Replicas |
| type: integer |
| name: v1alpha1 |
| schema: |
| openAPIV3Schema: |
| description: KameletBinding is the Schema for the kamelets binding API |
| properties: |
| apiVersion: |
| description: 'APIVersion defines the versioned schema of this representation |
| of an object. Servers should convert recognized schemas to the latest |
| internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
| type: string |
| kind: |
| description: 'Kind is a string value representing the REST resource this |
| object represents. Servers may infer this from the endpoint the client |
| submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| metadata: |
| type: object |
| spec: |
| description: the specification of a KameletBinding |
| properties: |
| errorHandler: |
| description: ErrorHandler is an optional handler called upon an error |
| occuring in the integration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| integration: |
| description: Integration is an optional integration used to specify |
| custom parameters |
| properties: |
| configuration: |
| description: 'Deprecated: Use camel trait (camel.properties) to |
| manage properties Use mount trait (mount.configs) to manage |
| configs Use mount trait (mount.resources) to manage resources |
| Use mount trait (mount.volumes) to manage volumes' |
| items: |
| description: ConfigurationSpec represents a generic configuration |
| specification |
| properties: |
| resourceKey: |
| description: 'Deprecated: no longer used' |
| type: string |
| resourceMountPoint: |
| description: 'Deprecated: no longer used' |
| type: string |
| resourceType: |
| description: 'Deprecated: no longer used' |
| type: string |
| type: |
| description: 'represents the type of configuration, ie: |
| property, configmap, secret, ...' |
| type: string |
| value: |
| description: the value to assign to the configuration (syntax |
| may vary depending on the `Type`) |
| type: string |
| required: |
| - type |
| - value |
| type: object |
| type: array |
| dependencies: |
| description: the list of Camel or Maven dependencies required |
| by the Integration |
| items: |
| type: string |
| type: array |
| flows: |
| description: a source in YAML DSL language which contain the routes |
| to run |
| items: |
| description: Flow is an unstructured object representing a Camel |
| Flow in YAML/JSON DSL |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| type: array |
| integrationKit: |
| description: the reference of the `IntegrationKit` which is used |
| for this Integration |
| properties: |
| apiVersion: |
| description: API version of the referent. |
| type: string |
| fieldPath: |
| description: 'If referring to a piece of an object instead |
| of an entire object, this string should contain a valid |
| JSON/Go field access statement, such as desiredState.manifest.containers[2]. |
| For example, if the object reference is to a container within |
| a pod, this would take on a value like: "spec.containers{name}" |
| (where "name" refers to the name of the container that triggered |
| the event) or if no container name is specified "spec.containers[2]" |
| (container with index 2 in this pod). This syntax is chosen |
| only to have some well-defined way of referencing a part |
| of an object. TODO: this design is not final and this field |
| is subject to change in the future.' |
| type: string |
| kind: |
| description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
| type: string |
| namespace: |
| description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' |
| type: string |
| resourceVersion: |
| description: 'Specific resourceVersion to which this reference |
| is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' |
| type: string |
| uid: |
| description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' |
| type: string |
| type: object |
| profile: |
| description: the profile needed to run this Integration |
| type: string |
| replicas: |
| description: the number of `Pods` needed for the running Integration |
| format: int32 |
| type: integer |
| repositories: |
| description: additional Maven repositories to be used |
| items: |
| type: string |
| type: array |
| resources: |
| description: 'Deprecated: Use mount trait (mount.resources) to |
| manage resources Use openapi trait (openapi.configmaps) to manage |
| OpenAPIs specifications' |
| items: |
| description: 'ResourceSpec represent an attached resource which |
| will be materialized as a file on the running `Pod` TODO: |
| we should deprecate in future releases in favour of mount, |
| openapi or camel traits' |
| properties: |
| compression: |
| description: if the content is compressed (base64 encrypted) |
| type: boolean |
| content: |
| description: the source code (plain text) |
| type: string |
| contentKey: |
| description: the confimap key holding the source content |
| type: string |
| contentRef: |
| description: the confimap reference holding the source content |
| type: string |
| contentType: |
| description: the content type (tipically text or binary) |
| type: string |
| mountPath: |
| description: the mount path on destination `Pod` |
| type: string |
| name: |
| description: the name of the specification |
| type: string |
| path: |
| description: the path where the file is stored |
| type: string |
| rawContent: |
| description: the source code (binary) |
| format: byte |
| type: string |
| type: |
| description: the kind of data to expect |
| type: string |
| type: object |
| type: array |
| serviceAccountName: |
| description: custom SA to use for the Integration |
| type: string |
| sources: |
| description: the sources which contain the Camel routes to run |
| items: |
| description: SourceSpec defines the configuration for one or |
| more routes to be executed in a certain Camel DSL language |
| properties: |
| compression: |
| description: if the content is compressed (base64 encrypted) |
| type: boolean |
| content: |
| description: the source code (plain text) |
| type: string |
| contentKey: |
| description: the confimap key holding the source content |
| type: string |
| contentRef: |
| description: the confimap reference holding the source content |
| type: string |
| contentType: |
| description: the content type (tipically text or binary) |
| type: string |
| interceptors: |
| description: Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader |
| uses to pre/post process sources |
| items: |
| type: string |
| type: array |
| language: |
| description: specify which is the language (Camel DSL) used |
| to interpret this source code |
| type: string |
| loader: |
| description: Loader is an optional id of the org.apache.camel.k.RoutesLoader |
| that will interpret this source at runtime |
| type: string |
| name: |
| description: the name of the specification |
| type: string |
| path: |
| description: the path where the file is stored |
| type: string |
| property-names: |
| description: List of property names defined in the source |
| (e.g. if type is "template") |
| items: |
| type: string |
| type: array |
| rawContent: |
| description: the source code (binary) |
| format: byte |
| type: string |
| type: |
| description: Type defines the kind of source described by |
| this object |
| type: string |
| type: object |
| type: array |
| template: |
| description: Pod template customization |
| properties: |
| spec: |
| description: the specification |
| properties: |
| activeDeadlineSeconds: |
| description: ActiveDeadlineSeconds |
| format: int64 |
| type: integer |
| containers: |
| description: Containers |
| items: |
| description: A single application container that you |
| want to run within a pod. |
| properties: |
| args: |
| description: 'Arguments to the entrypoint. The docker |
| image''s CMD is used if this is not provided. |
| Variable references $(VAR_NAME) are expanded using |
| the container''s environment. If a variable cannot |
| be resolved, the reference in the input string |
| will be unchanged. Double $$ are reduced to a |
| single $, which allows for escaping the $(VAR_NAME) |
| syntax: i.e. "$$(VAR_NAME)" will produce the string |
| literal "$(VAR_NAME)". Escaped references will |
| never be expanded, regardless of whether the variable |
| exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| command: |
| description: 'Entrypoint array. Not executed within |
| a shell. The docker image''s ENTRYPOINT is used |
| if this is not provided. Variable references $(VAR_NAME) |
| are expanded using the container''s environment. |
| If a variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows for |
| escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" |
| will produce the string literal "$(VAR_NAME)". |
| Escaped references will never be expanded, regardless |
| of whether the variable exists or not. Cannot |
| be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| env: |
| description: List of environment variables to set |
| in the container. Cannot be updated. |
| items: |
| description: EnvVar represents an environment |
| variable present in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. |
| Must be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) |
| are expanded using the previously defined |
| environment variables in the container and |
| any service environment variables. If a |
| variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. |
| "$$(VAR_NAME)" will produce the string literal |
| "$(VAR_NAME)". Escaped references will never |
| be expanded, regardless of whether the variable |
| exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's |
| value. Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| fieldRef: |
| description: 'Selects a field of the pod: |
| supports metadata.name, metadata.namespace, |
| `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, |
| spec.nodeName, spec.serviceAccountName, |
| status.hostIP, status.podIP, status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema |
| the FieldPath is written in terms |
| of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to |
| select in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and |
| requests (limits.cpu, limits.memory, |
| limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output |
| format of the exposed resources, |
| defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| secretKeyRef: |
| description: Selects a key of a secret |
| in the pod's namespace |
| properties: |
| key: |
| description: The key of the secret |
| to select from. Must be a valid |
| secret key. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envFrom: |
| description: List of sources to populate environment |
| variables in the container. The keys defined within |
| a source must be a C_IDENTIFIER. All invalid keys |
| will be reported as an event when the container |
| is starting. When a key exists in multiple sources, |
| the value associated with the last source will |
| take precedence. Values defined by an Env with |
| a duplicate key will take precedence. Cannot be |
| updated. |
| items: |
| description: EnvFromSource represents the source |
| of a set of ConfigMaps |
| properties: |
| configMapRef: |
| description: The ConfigMap to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| must be defined |
| type: boolean |
| type: object |
| prefix: |
| description: An optional identifier to prepend |
| to each key in the ConfigMap. Must be a |
| C_IDENTIFIER. |
| type: string |
| secretRef: |
| description: The Secret to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| must be defined |
| type: boolean |
| type: object |
| type: object |
| type: array |
| image: |
| description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images |
| This field is optional to allow higher level config |
| management to default or override container images |
| in workload controllers like Deployments and StatefulSets.' |
| type: string |
| imagePullPolicy: |
| description: 'Image pull policy. One of Always, |
| Never, IfNotPresent. Defaults to Always if :latest |
| tag is specified, or IfNotPresent otherwise. Cannot |
| be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' |
| type: string |
| lifecycle: |
| description: Actions that the management system |
| should take in response to container lifecycle |
| events. Cannot be updated. |
| properties: |
| postStart: |
| description: 'PostStart is called immediately |
| after a container is created. If the handler |
| fails, the container is terminated and restarted |
| according to its restart policy. Other management |
| of the container blocks until the hook completes. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| preStop: |
| description: 'PreStop is called immediately |
| before a container is terminated due to an |
| API request or management event such as liveness/startup |
| probe failure, preemption, resource contention, |
| etc. The handler is not called if the container |
| crashes or exits. The reason for termination |
| is passed to the handler. The Pod''s termination |
| grace period countdown begins before the PreStop |
| hooked is executed. Regardless of the outcome |
| of the handler, the container will eventually |
| terminate within the Pod''s termination grace |
| period. Other management of the container |
| blocks until the hook completes or until the |
| termination grace period is reached. More |
| info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| type: object |
| livenessProbe: |
| description: 'Periodic probe of container liveness. |
| Container will be restarted if the probe fails. |
| Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| name: |
| description: Name of the container specified as |
| a DNS_LABEL. Each container in a pod must have |
| a unique name (DNS_LABEL). Cannot be updated. |
| type: string |
| ports: |
| description: List of ports to expose from the container. |
| Exposing a port here gives the system additional |
| information about the network connections a container |
| uses, but is primarily informational. Not specifying |
| a port here DOES NOT prevent that port from being |
| exposed. Any port which is listening on the default |
| "0.0.0.0" address inside a container will be accessible |
| from the network. Cannot be updated. |
| items: |
| description: ContainerPort represents a network |
| port in a single container. |
| properties: |
| containerPort: |
| description: Number of port to expose on the |
| pod's IP address. This must be a valid port |
| number, 0 < x < 65536. |
| format: int32 |
| type: integer |
| hostIP: |
| description: What host IP to bind the external |
| port to. |
| type: string |
| hostPort: |
| description: Number of port to expose on the |
| host. If specified, this must be a valid |
| port number, 0 < x < 65536. If HostNetwork |
| is specified, this must match ContainerPort. |
| Most containers do not need this. |
| format: int32 |
| type: integer |
| name: |
| description: If specified, this must be an |
| IANA_SVC_NAME and unique within the pod. |
| Each named port in a pod must have a unique |
| name. Name for the port that can be referred |
| to by services. |
| type: string |
| protocol: |
| default: TCP |
| description: Protocol for port. Must be UDP, |
| TCP, or SCTP. Defaults to "TCP". |
| type: string |
| required: |
| - containerPort |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - containerPort |
| - protocol |
| x-kubernetes-list-type: map |
| readinessProbe: |
| description: 'Periodic probe of container service |
| readiness. Container will be removed from service |
| endpoints if the probe fails. Cannot be updated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| resources: |
| description: 'Compute Resources required by this |
| container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| properties: |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the maximum amount |
| of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes the minimum |
| amount of compute resources required. If Requests |
| is omitted for a container, it defaults to |
| Limits if that is explicitly specified, otherwise |
| to an implementation-defined value. More info: |
| https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| securityContext: |
| description: 'SecurityContext defines the security |
| options the container should be run with. If set, |
| the fields of SecurityContext override the equivalent |
| fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' |
| properties: |
| allowPrivilegeEscalation: |
| description: 'AllowPrivilegeEscalation controls |
| whether a process can gain more privileges |
| than its parent process. This bool directly |
| controls if the no_new_privs flag will be |
| set on the container process. AllowPrivilegeEscalation |
| is true always when the container is: 1) run |
| as Privileged 2) has CAP_SYS_ADMIN' |
| type: boolean |
| capabilities: |
| description: The capabilities to add/drop when |
| running containers. Defaults to the default |
| set of capabilities granted by the container |
| runtime. |
| properties: |
| add: |
| description: Added capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| drop: |
| description: Removed capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| type: object |
| privileged: |
| description: Run container in privileged mode. |
| Processes in privileged containers are essentially |
| equivalent to root on the host. Defaults to |
| false. |
| type: boolean |
| procMount: |
| description: procMount denotes the type of proc |
| mount to use for the containers. The default |
| is DefaultProcMount which uses the container |
| runtime defaults for readonly paths and masked |
| paths. This requires the ProcMountType feature |
| flag to be enabled. |
| type: string |
| readOnlyRootFilesystem: |
| description: Whether this container has a read-only |
| root filesystem. Default is false. |
| type: boolean |
| runAsGroup: |
| description: The GID to run the entrypoint of |
| the container process. Uses runtime default |
| if unset. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| format: int64 |
| type: integer |
| runAsNonRoot: |
| description: Indicates that the container must |
| run as a non-root user. If true, the Kubelet |
| will validate the image at runtime to ensure |
| that it does not run as UID 0 (root) and fail |
| to start the container if it does. If unset |
| or false, no such validation will be performed. |
| May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| type: boolean |
| runAsUser: |
| description: The UID to run the entrypoint of |
| the container process. Defaults to user specified |
| in image metadata if unspecified. May also |
| be set in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, the |
| value specified in SecurityContext takes precedence. |
| format: int64 |
| type: integer |
| seLinuxOptions: |
| description: The SELinux context to be applied |
| to the container. If unspecified, the container |
| runtime will allocate a random SELinux context |
| for each container. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| level: |
| description: Level is SELinux level label |
| that applies to the container. |
| type: string |
| role: |
| description: Role is a SELinux role label |
| that applies to the container. |
| type: string |
| type: |
| description: Type is a SELinux type label |
| that applies to the container. |
| type: string |
| user: |
| description: User is a SELinux user label |
| that applies to the container. |
| type: string |
| type: object |
| seccompProfile: |
| description: The seccomp options to use by this |
| container. If seccomp options are provided |
| at both the pod & container level, the container |
| options override the pod options. |
| properties: |
| localhostProfile: |
| description: localhostProfile indicates |
| a profile defined in a file on the node |
| should be used. The profile must be preconfigured |
| on the node to work. Must be a descending |
| path, relative to the kubelet's configured |
| seccomp profile location. Must only be |
| set if type is "Localhost". |
| type: string |
| type: |
| description: "type indicates which kind |
| of seccomp profile will be applied. Valid |
| options are: \n Localhost - a profile |
| defined in a file on the node should be |
| used. RuntimeDefault - the container runtime |
| default profile should be used. Unconfined |
| - no profile should be applied." |
| type: string |
| required: |
| - type |
| type: object |
| windowsOptions: |
| description: The Windows specific settings applied |
| to all containers. If unspecified, the options |
| from the PodSecurityContext will be used. |
| If set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| gmsaCredentialSpec: |
| description: GMSACredentialSpec is where |
| the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) |
| inlines the contents of the GMSA credential |
| spec named by the GMSACredentialSpecName |
| field. |
| type: string |
| gmsaCredentialSpecName: |
| description: GMSACredentialSpecName is the |
| name of the GMSA credential spec to use. |
| type: string |
| hostProcess: |
| description: HostProcess determines if a |
| container should be run as a 'Host Process' |
| container. This field is alpha-level and |
| will only be honored by components that |
| enable the WindowsHostProcessContainers |
| feature flag. Setting this field without |
| the feature flag will result in errors |
| when validating the Pod. All of a Pod's |
| containers must have the same effective |
| HostProcess value (it is not allowed to |
| have a mix of HostProcess containers and |
| non-HostProcess containers). In addition, |
| if HostProcess is true then HostNetwork |
| must also be set to true. |
| type: boolean |
| runAsUserName: |
| description: The UserName in Windows to |
| run the entrypoint of the container process. |
| Defaults to the user specified in image |
| metadata if unspecified. May also be set |
| in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext |
| takes precedence. |
| type: string |
| type: object |
| type: object |
| startupProbe: |
| description: 'StartupProbe indicates that the Pod |
| has successfully initialized. If specified, no |
| other probes are executed until this completes |
| successfully. If this probe fails, the Pod will |
| be restarted, just as if the livenessProbe failed. |
| This can be used to provide different probe parameters |
| at the beginning of a Pod''s lifecycle, when it |
| might take a long time to load data or warm a |
| cache, than during steady-state operation. This |
| cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| stdin: |
| description: Whether this container should allocate |
| a buffer for stdin in the container runtime. If |
| this is not set, reads from stdin in the container |
| will always result in EOF. Default is false. |
| type: boolean |
| stdinOnce: |
| description: Whether the container runtime should |
| close the stdin channel after it has been opened |
| by a single attach. When stdin is true the stdin |
| stream will remain open across multiple attach |
| sessions. If stdinOnce is set to true, stdin is |
| opened on container start, is empty until the |
| first client attaches to stdin, and then remains |
| open and accepts data until the client disconnects, |
| at which time stdin is closed and remains closed |
| until the container is restarted. If this flag |
| is false, a container processes that reads from |
| stdin will never receive an EOF. Default is false |
| type: boolean |
| terminationMessagePath: |
| description: 'Optional: Path at which the file to |
| which the container''s termination message will |
| be written is mounted into the container''s filesystem. |
| Message written is intended to be brief final |
| status, such as an assertion failure message. |
| Will be truncated by the node if greater than |
| 4096 bytes. The total message length across all |
| containers will be limited to 12kb. Defaults to |
| /dev/termination-log. Cannot be updated.' |
| type: string |
| terminationMessagePolicy: |
| description: Indicate how the termination message |
| should be populated. File will use the contents |
| of terminationMessagePath to populate the container |
| status message on both success and failure. FallbackToLogsOnError |
| will use the last chunk of container log output |
| if the termination message file is empty and the |
| container exited with an error. The log output |
| is limited to 2048 bytes or 80 lines, whichever |
| is smaller. Defaults to File. Cannot be updated. |
| type: string |
| tty: |
| description: Whether this container should allocate |
| a TTY for itself, also requires 'stdin' to be |
| true. Default is false. |
| type: boolean |
| volumeDevices: |
| description: volumeDevices is the list of block |
| devices to be used by the container. |
| items: |
| description: volumeDevice describes a mapping |
| of a raw block device within a container. |
| properties: |
| devicePath: |
| description: devicePath is the path inside |
| of the container that the device will be |
| mapped to. |
| type: string |
| name: |
| description: name must match the name of a |
| persistentVolumeClaim in the pod |
| type: string |
| required: |
| - devicePath |
| - name |
| type: object |
| type: array |
| volumeMounts: |
| description: Pod volumes to mount into the container's |
| filesystem. Cannot be updated. |
| items: |
| description: VolumeMount describes a mounting |
| of a Volume within a container. |
| properties: |
| mountPath: |
| description: Path within the container at |
| which the volume should be mounted. Must |
| not contain ':'. |
| type: string |
| mountPropagation: |
| description: mountPropagation determines how |
| mounts are propagated from the host to container |
| and the other way around. When not set, |
| MountPropagationNone is used. This field |
| is beta in 1.10. |
| type: string |
| name: |
| description: This must match the Name of a |
| Volume. |
| type: string |
| readOnly: |
| description: Mounted read-only if true, read-write |
| otherwise (false or unspecified). Defaults |
| to false. |
| type: boolean |
| subPath: |
| description: Path within the volume from which |
| the container's volume should be mounted. |
| Defaults to "" (volume's root). |
| type: string |
| subPathExpr: |
| description: Expanded path within the volume |
| from which the container's volume should |
| be mounted. Behaves similarly to SubPath |
| but environment variable references $(VAR_NAME) |
| are expanded using the container's environment. |
| Defaults to "" (volume's root). SubPathExpr |
| and SubPath are mutually exclusive. |
| type: string |
| required: |
| - mountPath |
| - name |
| type: object |
| type: array |
| workingDir: |
| description: Container's working directory. If not |
| specified, the container runtime's default will |
| be used, which might be configured in the container |
| image. Cannot be updated. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| dnsPolicy: |
| description: DNSPolicy |
| type: string |
| ephemeralContainers: |
| description: EphemeralContainers |
| items: |
| description: An EphemeralContainer is a container that |
| may be added temporarily to an existing pod for user-initiated |
| activities such as debugging. Ephemeral containers |
| have no resource or scheduling guarantees, and they |
| will not be restarted when they exit or when a pod |
| is removed or restarted. If an ephemeral container |
| causes a pod to exceed its resource allocation, the |
| pod may be evicted. Ephemeral containers may not be |
| added by directly updating the pod spec. They must |
| be added via the pod's ephemeralcontainers subresource, |
| and they will appear in the pod spec once added. This |
| is an alpha feature enabled by the EphemeralContainers |
| feature flag. |
| properties: |
| args: |
| description: 'Arguments to the entrypoint. The docker |
| image''s CMD is used if this is not provided. |
| Variable references $(VAR_NAME) are expanded using |
| the container''s environment. If a variable cannot |
| be resolved, the reference in the input string |
| will be unchanged. Double $$ are reduced to a |
| single $, which allows for escaping the $(VAR_NAME) |
| syntax: i.e. "$$(VAR_NAME)" will produce the string |
| literal "$(VAR_NAME)". Escaped references will |
| never be expanded, regardless of whether the variable |
| exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| command: |
| description: 'Entrypoint array. Not executed within |
| a shell. The docker image''s ENTRYPOINT is used |
| if this is not provided. Variable references $(VAR_NAME) |
| are expanded using the container''s environment. |
| If a variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows for |
| escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" |
| will produce the string literal "$(VAR_NAME)". |
| Escaped references will never be expanded, regardless |
| of whether the variable exists or not. Cannot |
| be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| env: |
| description: List of environment variables to set |
| in the container. Cannot be updated. |
| items: |
| description: EnvVar represents an environment |
| variable present in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. |
| Must be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) |
| are expanded using the previously defined |
| environment variables in the container and |
| any service environment variables. If a |
| variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. |
| "$$(VAR_NAME)" will produce the string literal |
| "$(VAR_NAME)". Escaped references will never |
| be expanded, regardless of whether the variable |
| exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's |
| value. Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| fieldRef: |
| description: 'Selects a field of the pod: |
| supports metadata.name, metadata.namespace, |
| `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, |
| spec.nodeName, spec.serviceAccountName, |
| status.hostIP, status.podIP, status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema |
| the FieldPath is written in terms |
| of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to |
| select in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and |
| requests (limits.cpu, limits.memory, |
| limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output |
| format of the exposed resources, |
| defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| secretKeyRef: |
| description: Selects a key of a secret |
| in the pod's namespace |
| properties: |
| key: |
| description: The key of the secret |
| to select from. Must be a valid |
| secret key. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envFrom: |
| description: List of sources to populate environment |
| variables in the container. The keys defined within |
| a source must be a C_IDENTIFIER. All invalid keys |
| will be reported as an event when the container |
| is starting. When a key exists in multiple sources, |
| the value associated with the last source will |
| take precedence. Values defined by an Env with |
| a duplicate key will take precedence. Cannot be |
| updated. |
| items: |
| description: EnvFromSource represents the source |
| of a set of ConfigMaps |
| properties: |
| configMapRef: |
| description: The ConfigMap to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| must be defined |
| type: boolean |
| type: object |
| prefix: |
| description: An optional identifier to prepend |
| to each key in the ConfigMap. Must be a |
| C_IDENTIFIER. |
| type: string |
| secretRef: |
| description: The Secret to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| must be defined |
| type: boolean |
| type: object |
| type: object |
| type: array |
| image: |
| description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' |
| type: string |
| imagePullPolicy: |
| description: 'Image pull policy. One of Always, |
| Never, IfNotPresent. Defaults to Always if :latest |
| tag is specified, or IfNotPresent otherwise. Cannot |
| be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' |
| type: string |
| lifecycle: |
| description: Lifecycle is not allowed for ephemeral |
| containers. |
| properties: |
| postStart: |
| description: 'PostStart is called immediately |
| after a container is created. If the handler |
| fails, the container is terminated and restarted |
| according to its restart policy. Other management |
| of the container blocks until the hook completes. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| preStop: |
| description: 'PreStop is called immediately |
| before a container is terminated due to an |
| API request or management event such as liveness/startup |
| probe failure, preemption, resource contention, |
| etc. The handler is not called if the container |
| crashes or exits. The reason for termination |
| is passed to the handler. The Pod''s termination |
| grace period countdown begins before the PreStop |
| hooked is executed. Regardless of the outcome |
| of the handler, the container will eventually |
| terminate within the Pod''s termination grace |
| period. Other management of the container |
| blocks until the hook completes or until the |
| termination grace period is reached. More |
| info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| type: object |
| livenessProbe: |
| description: Probes are not allowed for ephemeral |
| containers. |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| name: |
| description: Name of the ephemeral container specified |
| as a DNS_LABEL. This name must be unique among |
| all containers, init containers and ephemeral |
| containers. |
| type: string |
| ports: |
| description: Ports are not allowed for ephemeral |
| containers. |
| items: |
| description: ContainerPort represents a network |
| port in a single container. |
| properties: |
| containerPort: |
| description: Number of port to expose on the |
| pod's IP address. This must be a valid port |
| number, 0 < x < 65536. |
| format: int32 |
| type: integer |
| hostIP: |
| description: What host IP to bind the external |
| port to. |
| type: string |
| hostPort: |
| description: Number of port to expose on the |
| host. If specified, this must be a valid |
| port number, 0 < x < 65536. If HostNetwork |
| is specified, this must match ContainerPort. |
| Most containers do not need this. |
| format: int32 |
| type: integer |
| name: |
| description: If specified, this must be an |
| IANA_SVC_NAME and unique within the pod. |
| Each named port in a pod must have a unique |
| name. Name for the port that can be referred |
| to by services. |
| type: string |
| protocol: |
| default: TCP |
| description: Protocol for port. Must be UDP, |
| TCP, or SCTP. Defaults to "TCP". |
| type: string |
| required: |
| - containerPort |
| type: object |
| type: array |
| readinessProbe: |
| description: Probes are not allowed for ephemeral |
| containers. |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| resources: |
| description: Resources are not allowed for ephemeral |
| containers. Ephemeral containers use spare resources |
| already allocated to the pod. |
| properties: |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the maximum amount |
| of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes the minimum |
| amount of compute resources required. If Requests |
| is omitted for a container, it defaults to |
| Limits if that is explicitly specified, otherwise |
| to an implementation-defined value. More info: |
| https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| securityContext: |
| description: 'Optional: SecurityContext defines |
| the security options the ephemeral container should |
| be run with. If set, the fields of SecurityContext |
| override the equivalent fields of PodSecurityContext.' |
| properties: |
| allowPrivilegeEscalation: |
| description: 'AllowPrivilegeEscalation controls |
| whether a process can gain more privileges |
| than its parent process. This bool directly |
| controls if the no_new_privs flag will be |
| set on the container process. AllowPrivilegeEscalation |
| is true always when the container is: 1) run |
| as Privileged 2) has CAP_SYS_ADMIN' |
| type: boolean |
| capabilities: |
| description: The capabilities to add/drop when |
| running containers. Defaults to the default |
| set of capabilities granted by the container |
| runtime. |
| properties: |
| add: |
| description: Added capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| drop: |
| description: Removed capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| type: object |
| privileged: |
| description: Run container in privileged mode. |
| Processes in privileged containers are essentially |
| equivalent to root on the host. Defaults to |
| false. |
| type: boolean |
| procMount: |
| description: procMount denotes the type of proc |
| mount to use for the containers. The default |
| is DefaultProcMount which uses the container |
| runtime defaults for readonly paths and masked |
| paths. This requires the ProcMountType feature |
| flag to be enabled. |
| type: string |
| readOnlyRootFilesystem: |
| description: Whether this container has a read-only |
| root filesystem. Default is false. |
| type: boolean |
| runAsGroup: |
| description: The GID to run the entrypoint of |
| the container process. Uses runtime default |
| if unset. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| format: int64 |
| type: integer |
| runAsNonRoot: |
| description: Indicates that the container must |
| run as a non-root user. If true, the Kubelet |
| will validate the image at runtime to ensure |
| that it does not run as UID 0 (root) and fail |
| to start the container if it does. If unset |
| or false, no such validation will be performed. |
| May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| type: boolean |
| runAsUser: |
| description: The UID to run the entrypoint of |
| the container process. Defaults to user specified |
| in image metadata if unspecified. May also |
| be set in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, the |
| value specified in SecurityContext takes precedence. |
| format: int64 |
| type: integer |
| seLinuxOptions: |
| description: The SELinux context to be applied |
| to the container. If unspecified, the container |
| runtime will allocate a random SELinux context |
| for each container. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| level: |
| description: Level is SELinux level label |
| that applies to the container. |
| type: string |
| role: |
| description: Role is a SELinux role label |
| that applies to the container. |
| type: string |
| type: |
| description: Type is a SELinux type label |
| that applies to the container. |
| type: string |
| user: |
| description: User is a SELinux user label |
| that applies to the container. |
| type: string |
| type: object |
| seccompProfile: |
| description: The seccomp options to use by this |
| container. If seccomp options are provided |
| at both the pod & container level, the container |
| options override the pod options. |
| properties: |
| localhostProfile: |
| description: localhostProfile indicates |
| a profile defined in a file on the node |
| should be used. The profile must be preconfigured |
| on the node to work. Must be a descending |
| path, relative to the kubelet's configured |
| seccomp profile location. Must only be |
| set if type is "Localhost". |
| type: string |
| type: |
| description: "type indicates which kind |
| of seccomp profile will be applied. Valid |
| options are: \n Localhost - a profile |
| defined in a file on the node should be |
| used. RuntimeDefault - the container runtime |
| default profile should be used. Unconfined |
| - no profile should be applied." |
| type: string |
| required: |
| - type |
| type: object |
| windowsOptions: |
| description: The Windows specific settings applied |
| to all containers. If unspecified, the options |
| from the PodSecurityContext will be used. |
| If set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| gmsaCredentialSpec: |
| description: GMSACredentialSpec is where |
| the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) |
| inlines the contents of the GMSA credential |
| spec named by the GMSACredentialSpecName |
| field. |
| type: string |
| gmsaCredentialSpecName: |
| description: GMSACredentialSpecName is the |
| name of the GMSA credential spec to use. |
| type: string |
| hostProcess: |
| description: HostProcess determines if a |
| container should be run as a 'Host Process' |
| container. This field is alpha-level and |
| will only be honored by components that |
| enable the WindowsHostProcessContainers |
| feature flag. Setting this field without |
| the feature flag will result in errors |
| when validating the Pod. All of a Pod's |
| containers must have the same effective |
| HostProcess value (it is not allowed to |
| have a mix of HostProcess containers and |
| non-HostProcess containers). In addition, |
| if HostProcess is true then HostNetwork |
| must also be set to true. |
| type: boolean |
| runAsUserName: |
| description: The UserName in Windows to |
| run the entrypoint of the container process. |
| Defaults to the user specified in image |
| metadata if unspecified. May also be set |
| in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext |
| takes precedence. |
| type: string |
| type: object |
| type: object |
| startupProbe: |
| description: Probes are not allowed for ephemeral |
| containers. |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| stdin: |
| description: Whether this container should allocate |
| a buffer for stdin in the container runtime. If |
| this is not set, reads from stdin in the container |
| will always result in EOF. Default is false. |
| type: boolean |
| stdinOnce: |
| description: Whether the container runtime should |
| close the stdin channel after it has been opened |
| by a single attach. When stdin is true the stdin |
| stream will remain open across multiple attach |
| sessions. If stdinOnce is set to true, stdin is |
| opened on container start, is empty until the |
| first client attaches to stdin, and then remains |
| open and accepts data until the client disconnects, |
| at which time stdin is closed and remains closed |
| until the container is restarted. If this flag |
| is false, a container processes that reads from |
| stdin will never receive an EOF. Default is false |
| type: boolean |
| targetContainerName: |
| description: If set, the name of the container from |
| PodSpec that this ephemeral container targets. |
| The ephemeral container will be run in the namespaces |
| (IPC, PID, etc) of this container. If not set |
| then the ephemeral container is run in whatever |
| namespaces are shared for the pod. Note that the |
| container runtime must support this feature. |
| type: string |
| terminationMessagePath: |
| description: 'Optional: Path at which the file to |
| which the container''s termination message will |
| be written is mounted into the container''s filesystem. |
| Message written is intended to be brief final |
| status, such as an assertion failure message. |
| Will be truncated by the node if greater than |
| 4096 bytes. The total message length across all |
| containers will be limited to 12kb. Defaults to |
| /dev/termination-log. Cannot be updated.' |
| type: string |
| terminationMessagePolicy: |
| description: Indicate how the termination message |
| should be populated. File will use the contents |
| of terminationMessagePath to populate the container |
| status message on both success and failure. FallbackToLogsOnError |
| will use the last chunk of container log output |
| if the termination message file is empty and the |
| container exited with an error. The log output |
| is limited to 2048 bytes or 80 lines, whichever |
| is smaller. Defaults to File. Cannot be updated. |
| type: string |
| tty: |
| description: Whether this container should allocate |
| a TTY for itself, also requires 'stdin' to be |
| true. Default is false. |
| type: boolean |
| volumeDevices: |
| description: volumeDevices is the list of block |
| devices to be used by the container. |
| items: |
| description: volumeDevice describes a mapping |
| of a raw block device within a container. |
| properties: |
| devicePath: |
| description: devicePath is the path inside |
| of the container that the device will be |
| mapped to. |
| type: string |
| name: |
| description: name must match the name of a |
| persistentVolumeClaim in the pod |
| type: string |
| required: |
| - devicePath |
| - name |
| type: object |
| type: array |
| volumeMounts: |
| description: Pod volumes to mount into the container's |
| filesystem. Cannot be updated. |
| items: |
| description: VolumeMount describes a mounting |
| of a Volume within a container. |
| properties: |
| mountPath: |
| description: Path within the container at |
| which the volume should be mounted. Must |
| not contain ':'. |
| type: string |
| mountPropagation: |
| description: mountPropagation determines how |
| mounts are propagated from the host to container |
| and the other way around. When not set, |
| MountPropagationNone is used. This field |
| is beta in 1.10. |
| type: string |
| name: |
| description: This must match the Name of a |
| Volume. |
| type: string |
| readOnly: |
| description: Mounted read-only if true, read-write |
| otherwise (false or unspecified). Defaults |
| to false. |
| type: boolean |
| subPath: |
| description: Path within the volume from which |
| the container's volume should be mounted. |
| Defaults to "" (volume's root). |
| type: string |
| subPathExpr: |
| description: Expanded path within the volume |
| from which the container's volume should |
| be mounted. Behaves similarly to SubPath |
| but environment variable references $(VAR_NAME) |
| are expanded using the container's environment. |
| Defaults to "" (volume's root). SubPathExpr |
| and SubPath are mutually exclusive. |
| type: string |
| required: |
| - mountPath |
| - name |
| type: object |
| type: array |
| workingDir: |
| description: Container's working directory. If not |
| specified, the container runtime's default will |
| be used, which might be configured in the container |
| image. Cannot be updated. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| initContainers: |
| description: InitContainers |
| items: |
| description: A single application container that you |
| want to run within a pod. |
| properties: |
| args: |
| description: 'Arguments to the entrypoint. The docker |
| image''s CMD is used if this is not provided. |
| Variable references $(VAR_NAME) are expanded using |
| the container''s environment. If a variable cannot |
| be resolved, the reference in the input string |
| will be unchanged. Double $$ are reduced to a |
| single $, which allows for escaping the $(VAR_NAME) |
| syntax: i.e. "$$(VAR_NAME)" will produce the string |
| literal "$(VAR_NAME)". Escaped references will |
| never be expanded, regardless of whether the variable |
| exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| command: |
| description: 'Entrypoint array. Not executed within |
| a shell. The docker image''s ENTRYPOINT is used |
| if this is not provided. Variable references $(VAR_NAME) |
| are expanded using the container''s environment. |
| If a variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows for |
| escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" |
| will produce the string literal "$(VAR_NAME)". |
| Escaped references will never be expanded, regardless |
| of whether the variable exists or not. Cannot |
| be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| env: |
| description: List of environment variables to set |
| in the container. Cannot be updated. |
| items: |
| description: EnvVar represents an environment |
| variable present in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. |
| Must be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) |
| are expanded using the previously defined |
| environment variables in the container and |
| any service environment variables. If a |
| variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. |
| "$$(VAR_NAME)" will produce the string literal |
| "$(VAR_NAME)". Escaped references will never |
| be expanded, regardless of whether the variable |
| exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's |
| value. Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| fieldRef: |
| description: 'Selects a field of the pod: |
| supports metadata.name, metadata.namespace, |
| `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, |
| spec.nodeName, spec.serviceAccountName, |
| status.hostIP, status.podIP, status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema |
| the FieldPath is written in terms |
| of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to |
| select in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and |
| requests (limits.cpu, limits.memory, |
| limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output |
| format of the exposed resources, |
| defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| secretKeyRef: |
| description: Selects a key of a secret |
| in the pod's namespace |
| properties: |
| key: |
| description: The key of the secret |
| to select from. Must be a valid |
| secret key. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envFrom: |
| description: List of sources to populate environment |
| variables in the container. The keys defined within |
| a source must be a C_IDENTIFIER. All invalid keys |
| will be reported as an event when the container |
| is starting. When a key exists in multiple sources, |
| the value associated with the last source will |
| take precedence. Values defined by an Env with |
| a duplicate key will take precedence. Cannot be |
| updated. |
| items: |
| description: EnvFromSource represents the source |
| of a set of ConfigMaps |
| properties: |
| configMapRef: |
| description: The ConfigMap to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| must be defined |
| type: boolean |
| type: object |
| prefix: |
| description: An optional identifier to prepend |
| to each key in the ConfigMap. Must be a |
| C_IDENTIFIER. |
| type: string |
| secretRef: |
| description: The Secret to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| must be defined |
| type: boolean |
| type: object |
| type: object |
| type: array |
| image: |
| description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images |
| This field is optional to allow higher level config |
| management to default or override container images |
| in workload controllers like Deployments and StatefulSets.' |
| type: string |
| imagePullPolicy: |
| description: 'Image pull policy. One of Always, |
| Never, IfNotPresent. Defaults to Always if :latest |
| tag is specified, or IfNotPresent otherwise. Cannot |
| be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' |
| type: string |
| lifecycle: |
| description: Actions that the management system |
| should take in response to container lifecycle |
| events. Cannot be updated. |
| properties: |
| postStart: |
| description: 'PostStart is called immediately |
| after a container is created. If the handler |
| fails, the container is terminated and restarted |
| according to its restart policy. Other management |
| of the container blocks until the hook completes. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| preStop: |
| description: 'PreStop is called immediately |
| before a container is terminated due to an |
| API request or management event such as liveness/startup |
| probe failure, preemption, resource contention, |
| etc. The handler is not called if the container |
| crashes or exits. The reason for termination |
| is passed to the handler. The Pod''s termination |
| grace period countdown begins before the PreStop |
| hooked is executed. Regardless of the outcome |
| of the handler, the container will eventually |
| terminate within the Pod''s termination grace |
| period. Other management of the container |
| blocks until the hook completes or until the |
| termination grace period is reached. More |
| info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the |
| action to take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet |
| supported TODO: implement a realistic |
| TCP lifecycle hook' |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| type: object |
| livenessProbe: |
| description: 'Periodic probe of container liveness. |
| Container will be restarted if the probe fails. |
| Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| name: |
| description: Name of the container specified as |
| a DNS_LABEL. Each container in a pod must have |
| a unique name (DNS_LABEL). Cannot be updated. |
| type: string |
| ports: |
| description: List of ports to expose from the container. |
| Exposing a port here gives the system additional |
| information about the network connections a container |
| uses, but is primarily informational. Not specifying |
| a port here DOES NOT prevent that port from being |
| exposed. Any port which is listening on the default |
| "0.0.0.0" address inside a container will be accessible |
| from the network. Cannot be updated. |
| items: |
| description: ContainerPort represents a network |
| port in a single container. |
| properties: |
| containerPort: |
| description: Number of port to expose on the |
| pod's IP address. This must be a valid port |
| number, 0 < x < 65536. |
| format: int32 |
| type: integer |
| hostIP: |
| description: What host IP to bind the external |
| port to. |
| type: string |
| hostPort: |
| description: Number of port to expose on the |
| host. If specified, this must be a valid |
| port number, 0 < x < 65536. If HostNetwork |
| is specified, this must match ContainerPort. |
| Most containers do not need this. |
| format: int32 |
| type: integer |
| name: |
| description: If specified, this must be an |
| IANA_SVC_NAME and unique within the pod. |
| Each named port in a pod must have a unique |
| name. Name for the port that can be referred |
| to by services. |
| type: string |
| protocol: |
| default: TCP |
| description: Protocol for port. Must be UDP, |
| TCP, or SCTP. Defaults to "TCP". |
| type: string |
| required: |
| - containerPort |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - containerPort |
| - protocol |
| x-kubernetes-list-type: map |
| readinessProbe: |
| description: 'Periodic probe of container service |
| readiness. Container will be removed from service |
| endpoints if the probe fails. Cannot be updated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| resources: |
| description: 'Compute Resources required by this |
| container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| properties: |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the maximum amount |
| of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes the minimum |
| amount of compute resources required. If Requests |
| is omitted for a container, it defaults to |
| Limits if that is explicitly specified, otherwise |
| to an implementation-defined value. More info: |
| https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| securityContext: |
| description: 'SecurityContext defines the security |
| options the container should be run with. If set, |
| the fields of SecurityContext override the equivalent |
| fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' |
| properties: |
| allowPrivilegeEscalation: |
| description: 'AllowPrivilegeEscalation controls |
| whether a process can gain more privileges |
| than its parent process. This bool directly |
| controls if the no_new_privs flag will be |
| set on the container process. AllowPrivilegeEscalation |
| is true always when the container is: 1) run |
| as Privileged 2) has CAP_SYS_ADMIN' |
| type: boolean |
| capabilities: |
| description: The capabilities to add/drop when |
| running containers. Defaults to the default |
| set of capabilities granted by the container |
| runtime. |
| properties: |
| add: |
| description: Added capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| drop: |
| description: Removed capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| type: object |
| privileged: |
| description: Run container in privileged mode. |
| Processes in privileged containers are essentially |
| equivalent to root on the host. Defaults to |
| false. |
| type: boolean |
| procMount: |
| description: procMount denotes the type of proc |
| mount to use for the containers. The default |
| is DefaultProcMount which uses the container |
| runtime defaults for readonly paths and masked |
| paths. This requires the ProcMountType feature |
| flag to be enabled. |
| type: string |
| readOnlyRootFilesystem: |
| description: Whether this container has a read-only |
| root filesystem. Default is false. |
| type: boolean |
| runAsGroup: |
| description: The GID to run the entrypoint of |
| the container process. Uses runtime default |
| if unset. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| format: int64 |
| type: integer |
| runAsNonRoot: |
| description: Indicates that the container must |
| run as a non-root user. If true, the Kubelet |
| will validate the image at runtime to ensure |
| that it does not run as UID 0 (root) and fail |
| to start the container if it does. If unset |
| or false, no such validation will be performed. |
| May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| type: boolean |
| runAsUser: |
| description: The UID to run the entrypoint of |
| the container process. Defaults to user specified |
| in image metadata if unspecified. May also |
| be set in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, the |
| value specified in SecurityContext takes precedence. |
| format: int64 |
| type: integer |
| seLinuxOptions: |
| description: The SELinux context to be applied |
| to the container. If unspecified, the container |
| runtime will allocate a random SELinux context |
| for each container. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| level: |
| description: Level is SELinux level label |
| that applies to the container. |
| type: string |
| role: |
| description: Role is a SELinux role label |
| that applies to the container. |
| type: string |
| type: |
| description: Type is a SELinux type label |
| that applies to the container. |
| type: string |
| user: |
| description: User is a SELinux user label |
| that applies to the container. |
| type: string |
| type: object |
| seccompProfile: |
| description: The seccomp options to use by this |
| container. If seccomp options are provided |
| at both the pod & container level, the container |
| options override the pod options. |
| properties: |
| localhostProfile: |
| description: localhostProfile indicates |
| a profile defined in a file on the node |
| should be used. The profile must be preconfigured |
| on the node to work. Must be a descending |
| path, relative to the kubelet's configured |
| seccomp profile location. Must only be |
| set if type is "Localhost". |
| type: string |
| type: |
| description: "type indicates which kind |
| of seccomp profile will be applied. Valid |
| options are: \n Localhost - a profile |
| defined in a file on the node should be |
| used. RuntimeDefault - the container runtime |
| default profile should be used. Unconfined |
| - no profile should be applied." |
| type: string |
| required: |
| - type |
| type: object |
| windowsOptions: |
| description: The Windows specific settings applied |
| to all containers. If unspecified, the options |
| from the PodSecurityContext will be used. |
| If set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| properties: |
| gmsaCredentialSpec: |
| description: GMSACredentialSpec is where |
| the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) |
| inlines the contents of the GMSA credential |
| spec named by the GMSACredentialSpecName |
| field. |
| type: string |
| gmsaCredentialSpecName: |
| description: GMSACredentialSpecName is the |
| name of the GMSA credential spec to use. |
| type: string |
| hostProcess: |
| description: HostProcess determines if a |
| container should be run as a 'Host Process' |
| container. This field is alpha-level and |
| will only be honored by components that |
| enable the WindowsHostProcessContainers |
| feature flag. Setting this field without |
| the feature flag will result in errors |
| when validating the Pod. All of a Pod's |
| containers must have the same effective |
| HostProcess value (it is not allowed to |
| have a mix of HostProcess containers and |
| non-HostProcess containers). In addition, |
| if HostProcess is true then HostNetwork |
| must also be set to true. |
| type: boolean |
| runAsUserName: |
| description: The UserName in Windows to |
| run the entrypoint of the container process. |
| Defaults to the user specified in image |
| metadata if unspecified. May also be set |
| in PodSecurityContext. If set in both |
| SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext |
| takes precedence. |
| type: string |
| type: object |
| type: object |
| startupProbe: |
| description: 'StartupProbe indicates that the Pod |
| has successfully initialized. If specified, no |
| other probes are executed until this completes |
| successfully. If this probe fails, the Pod will |
| be restarted, just as if the livenessProbe failed. |
| This can be used to provide different probe parameters |
| at the beginning of a Pod''s lifecycle, when it |
| might take a long time to load data or warm a |
| cache, than during steady-state operation. This |
| cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: One and only one of the following |
| should be specified. Exec specifies the action |
| to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: 'TCPSocket specifies an action |
| involving a TCP port. TCP hooks not yet supported |
| TODO: implement a realistic TCP lifecycle |
| hook' |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| stdin: |
| description: Whether this container should allocate |
| a buffer for stdin in the container runtime. If |
| this is not set, reads from stdin in the container |
| will always result in EOF. Default is false. |
| type: boolean |
| stdinOnce: |
| description: Whether the container runtime should |
| close the stdin channel after it has been opened |
| by a single attach. When stdin is true the stdin |
| stream will remain open across multiple attach |
| sessions. If stdinOnce is set to true, stdin is |
| opened on container start, is empty until the |
| first client attaches to stdin, and then remains |
| open and accepts data until the client disconnects, |
| at which time stdin is closed and remains closed |
| until the container is restarted. If this flag |
| is false, a container processes that reads from |
| stdin will never receive an EOF. Default is false |
| type: boolean |
| terminationMessagePath: |
| description: 'Optional: Path at which the file to |
| which the container''s termination message will |
| be written is mounted into the container''s filesystem. |
| Message written is intended to be brief final |
| status, such as an assertion failure message. |
| Will be truncated by the node if greater than |
| 4096 bytes. The total message length across all |
| containers will be limited to 12kb. Defaults to |
| /dev/termination-log. Cannot be updated.' |
| type: string |
| terminationMessagePolicy: |
| description: Indicate how the termination message |
| should be populated. File will use the contents |
| of terminationMessagePath to populate the container |
| status message on both success and failure. FallbackToLogsOnError |
| will use the last chunk of container log output |
| if the termination message file is empty and the |
| container exited with an error. The log output |
| is limited to 2048 bytes or 80 lines, whichever |
| is smaller. Defaults to File. Cannot be updated. |
| type: string |
| tty: |
| description: Whether this container should allocate |
| a TTY for itself, also requires 'stdin' to be |
| true. Default is false. |
| type: boolean |
| volumeDevices: |
| description: volumeDevices is the list of block |
| devices to be used by the container. |
| items: |
| description: volumeDevice describes a mapping |
| of a raw block device within a container. |
| properties: |
| devicePath: |
| description: devicePath is the path inside |
| of the container that the device will be |
| mapped to. |
| type: string |
| name: |
| description: name must match the name of a |
| persistentVolumeClaim in the pod |
| type: string |
| required: |
| - devicePath |
| - name |
| type: object |
| type: array |
| volumeMounts: |
| description: Pod volumes to mount into the container's |
| filesystem. Cannot be updated. |
| items: |
| description: VolumeMount describes a mounting |
| of a Volume within a container. |
| properties: |
| mountPath: |
| description: Path within the container at |
| which the volume should be mounted. Must |
| not contain ':'. |
| type: string |
| mountPropagation: |
| description: mountPropagation determines how |
| mounts are propagated from the host to container |
| and the other way around. When not set, |
| MountPropagationNone is used. This field |
| is beta in 1.10. |
| type: string |
| name: |
| description: This must match the Name of a |
| Volume. |
| type: string |
| readOnly: |
| description: Mounted read-only if true, read-write |
| otherwise (false or unspecified). Defaults |
| to false. |
| type: boolean |
| subPath: |
| description: Path within the volume from which |
| the container's volume should be mounted. |
| Defaults to "" (volume's root). |
| type: string |
| subPathExpr: |
| description: Expanded path within the volume |
| from which the container's volume should |
| be mounted. Behaves similarly to SubPath |
| but environment variable references $(VAR_NAME) |
| are expanded using the container's environment. |
| Defaults to "" (volume's root). SubPathExpr |
| and SubPath are mutually exclusive. |
| type: string |
| required: |
| - mountPath |
| - name |
| type: object |
| type: array |
| workingDir: |
| description: Container's working directory. If not |
| specified, the container runtime's default will |
| be used, which might be configured in the container |
| image. Cannot be updated. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: NodeSelector |
| type: object |
| restartPolicy: |
| description: RestartPolicy |
| type: string |
| securityContext: |
| description: PodSecurityContext |
| properties: |
| fsGroup: |
| description: "A special supplemental group that applies |
| to all containers in a pod. Some volume types allow |
| the Kubelet to change the ownership of that volume |
| to be owned by the pod: \n 1. The owning GID will |
| be the FSGroup 2. The setgid bit is set (new files |
| created in the volume will be owned by FSGroup) |
| 3. The permission bits are OR'd with rw-rw---- \n |
| If unset, the Kubelet will not modify the ownership |
| and permissions of any volume." |
| format: int64 |
| type: integer |
| fsGroupChangePolicy: |
| description: 'fsGroupChangePolicy defines behavior |
| of changing ownership and permission of the volume |
| before being exposed inside Pod. This field will |
| only apply to volume types which support fsGroup |
| based ownership(and permissions). It will have no |
| effect on ephemeral volume types such as: secret, |
| configmaps and emptydir. Valid values are "OnRootMismatch" |
| and "Always". If not specified, "Always" is used.' |
| type: string |
| runAsGroup: |
| description: The GID to run the entrypoint of the |
| container process. Uses runtime default if unset. |
| May also be set in SecurityContext. If set in both |
| SecurityContext and PodSecurityContext, the value |
| specified in SecurityContext takes precedence for |
| that container. |
| format: int64 |
| type: integer |
| runAsNonRoot: |
| description: Indicates that the container must run |
| as a non-root user. If true, the Kubelet will validate |
| the image at runtime to ensure that it does not |
| run as UID 0 (root) and fail to start the container |
| if it does. If unset or false, no such validation |
| will be performed. May also be set in SecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes precedence. |
| type: boolean |
| runAsUser: |
| description: The UID to run the entrypoint of the |
| container process. Defaults to user specified in |
| image metadata if unspecified. May also be set in |
| SecurityContext. If set in both SecurityContext |
| and PodSecurityContext, the value specified in SecurityContext |
| takes precedence for that container. |
| format: int64 |
| type: integer |
| seLinuxOptions: |
| description: The SELinux context to be applied to |
| all containers. If unspecified, the container runtime |
| will allocate a random SELinux context for each |
| container. May also be set in SecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes precedence |
| for that container. |
| properties: |
| level: |
| description: Level is SELinux level label that |
| applies to the container. |
| type: string |
| role: |
| description: Role is a SELinux role label that |
| applies to the container. |
| type: string |
| type: |
| description: Type is a SELinux type label that |
| applies to the container. |
| type: string |
| user: |
| description: User is a SELinux user label that |
| applies to the container. |
| type: string |
| type: object |
| seccompProfile: |
| description: The seccomp options to use by the containers |
| in this pod. |
| properties: |
| localhostProfile: |
| description: localhostProfile indicates a profile |
| defined in a file on the node should be used. |
| The profile must be preconfigured on the node |
| to work. Must be a descending path, relative |
| to the kubelet's configured seccomp profile |
| location. Must only be set if type is "Localhost". |
| type: string |
| type: |
| description: "type indicates which kind of seccomp |
| profile will be applied. Valid options are: |
| \n Localhost - a profile defined in a file on |
| the node should be used. RuntimeDefault - the |
| container runtime default profile should be |
| used. Unconfined - no profile should be applied." |
| type: string |
| required: |
| - type |
| type: object |
| supplementalGroups: |
| description: A list of groups applied to the first |
| process run in each container, in addition to the |
| container's primary GID. If unspecified, no groups |
| will be added to any container. |
| items: |
| format: int64 |
| type: integer |
| type: array |
| sysctls: |
| description: Sysctls hold a list of namespaced sysctls |
| used for the pod. Pods with unsupported sysctls |
| (by the container runtime) might fail to launch. |
| items: |
| description: Sysctl defines a kernel parameter to |
| be set |
| properties: |
| name: |
| description: Name of a property to set |
| type: string |
| value: |
| description: Value of a property to set |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| windowsOptions: |
| description: The Windows specific settings applied |
| to all containers. If unspecified, the options within |
| a container's SecurityContext will be used. If set |
| in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes precedence. |
| properties: |
| gmsaCredentialSpec: |
| description: GMSACredentialSpec is where the GMSA |
| admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) |
| inlines the contents of the GMSA credential |
| spec named by the GMSACredentialSpecName field. |
| type: string |
| gmsaCredentialSpecName: |
| description: GMSACredentialSpecName is the name |
| of the GMSA credential spec to use. |
| type: string |
| hostProcess: |
| description: HostProcess determines if a container |
| should be run as a 'Host Process' container. |
| This field is alpha-level and will only be honored |
| by components that enable the WindowsHostProcessContainers |
| feature flag. Setting this field without the |
| feature flag will result in errors when validating |
| the Pod. All of a Pod's containers must have |
| the same effective HostProcess value (it is |
| not allowed to have a mix of HostProcess containers |
| and non-HostProcess containers). In addition, |
| if HostProcess is true then HostNetwork must |
| also be set to true. |
| type: boolean |
| runAsUserName: |
| description: The UserName in Windows to run the |
| entrypoint of the container process. Defaults |
| to the user specified in image metadata if unspecified. |
| May also be set in PodSecurityContext. If set |
| in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| type: string |
| type: object |
| type: object |
| terminationGracePeriodSeconds: |
| description: TerminationGracePeriodSeconds |
| format: int64 |
| type: integer |
| topologySpreadConstraints: |
| description: TopologySpreadConstraints |
| items: |
| description: TopologySpreadConstraint specifies how |
| to spread matching pods among the given topology. |
| properties: |
| labelSelector: |
| description: LabelSelector is used to find matching |
| pods. Pods that match this label selector are |
| counted to determine the number of pods in their |
| corresponding topology domain. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: A label selector requirement |
| is a selector that contains values, a key, |
| and an operator that relates the key and |
| values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: operator represents a key's |
| relationship to a set of values. Valid |
| operators are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an array of string |
| values. If the operator is In or NotIn, |
| the values array must be non-empty. |
| If the operator is Exists or DoesNotExist, |
| the values array must be empty. This |
| array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map of {key,value} |
| pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, |
| whose key field is "key", the operator is |
| "In", and the values array contains only "value". |
| The requirements are ANDed. |
| type: object |
| type: object |
| maxSkew: |
| description: 'MaxSkew describes the degree to which |
| pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, |
| it is the maximum permitted difference between |
| the number of matching pods in the target topology |
| and the global minimum. For example, in a 3-zone |
| cluster, MaxSkew is set to 1, and pods with the |
| same labelSelector spread as 1/1/0: | zone1 | |
| zone2 | zone3 | | P | P | | - if |
| MaxSkew is 1, incoming pod can only be scheduled |
| to zone3 to become 1/1/1; scheduling it onto zone1(zone2) |
| would make the ActualSkew(2-0) on zone1(zone2) |
| violate MaxSkew(1). - if MaxSkew is 2, incoming |
| pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, |
| it is used to give higher precedence to topologies |
| that satisfy it. It''s a required field. Default |
| value is 1 and 0 is not allowed.' |
| format: int32 |
| type: integer |
| topologyKey: |
| description: TopologyKey is the key of node labels. |
| Nodes that have a label with this key and identical |
| values are considered to be in the same topology. |
| We consider each <key, value> as a "bucket", and |
| try to put balanced number of pods into each bucket. |
| It's a required field. |
| type: string |
| whenUnsatisfiable: |
| description: 'WhenUnsatisfiable indicates how to |
| deal with a pod if it doesn''t satisfy the spread |
| constraint. - DoNotSchedule (default) tells the |
| scheduler not to schedule it. - ScheduleAnyway |
| tells the scheduler to schedule the pod in any |
| location, but giving higher precedence to topologies |
| that would help reduce the skew. A constraint |
| is considered "Unsatisfiable" for an incoming |
| pod if and only if every possible node assigment |
| for that pod would violate "MaxSkew" on some topology. |
| For example, in a 3-zone cluster, MaxSkew is set |
| to 1, and pods with the same labelSelector spread |
| as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | |
| If WhenUnsatisfiable is set to DoNotSchedule, |
| incoming pod can only be scheduled to zone2(zone3) |
| to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) |
| satisfies MaxSkew(1). In other words, the cluster |
| can still be imbalanced, but scheduler won''t |
| make it *more* imbalanced. It''s a required field.' |
| type: string |
| required: |
| - maxSkew |
| - topologyKey |
| - whenUnsatisfiable |
| type: object |
| type: array |
| volumes: |
| description: Volumes |
| items: |
| description: Volume represents a named volume in a pod |
| that may be accessed by any container in the pod. |
| properties: |
| awsElasticBlockStore: |
| description: 'AWSElasticBlockStore represents an |
| AWS Disk resource that is attached to a kubelet''s |
| host machine and then exposed to the pod. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' |
| properties: |
| fsType: |
| description: 'Filesystem type of the volume |
| that you want to mount. Tip: Ensure that the |
| filesystem type is supported by the host operating |
| system. Examples: "ext4", "xfs", "ntfs". Implicitly |
| inferred to be "ext4" if unspecified. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore |
| TODO: how do we prevent errors in the filesystem |
| from compromising the machine' |
| type: string |
| partition: |
| description: 'The partition in the volume that |
| you want to mount. If omitted, the default |
| is to mount by volume name. Examples: For |
| volume /dev/sda1, you specify the partition |
| as "1". Similarly, the volume partition for |
| /dev/sda is "0" (or you can leave the property |
| empty).' |
| format: int32 |
| type: integer |
| readOnly: |
| description: 'Specify "true" to force and set |
| the ReadOnly property in VolumeMounts to "true". |
| If omitted, the default is "false". More info: |
| https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' |
| type: boolean |
| volumeID: |
| description: 'Unique ID of the persistent disk |
| resource in AWS (Amazon EBS volume). More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' |
| type: string |
| required: |
| - volumeID |
| type: object |
| azureDisk: |
| description: AzureDisk represents an Azure Data |
| Disk mount on the host and bind mount to the pod. |
| properties: |
| cachingMode: |
| description: 'Host Caching mode: None, Read |
| Only, Read Write.' |
| type: string |
| diskName: |
| description: The Name of the data disk in the |
| blob storage |
| type: string |
| diskURI: |
| description: The URI the data disk in the blob |
| storage |
| type: string |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Implicitly inferred to be "ext4" if unspecified. |
| type: string |
| kind: |
| description: 'Expected values Shared: multiple |
| blob disks per storage account Dedicated: |
| single blob disk per storage account Managed: |
| azure managed data disk (only in managed availability |
| set). defaults to shared' |
| type: string |
| readOnly: |
| description: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. |
| type: boolean |
| required: |
| - diskName |
| - diskURI |
| type: object |
| azureFile: |
| description: AzureFile represents an Azure File |
| Service mount on the host and bind mount to the |
| pod. |
| properties: |
| readOnly: |
| description: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. |
| type: boolean |
| secretName: |
| description: the name of secret that contains |
| Azure Storage Account Name and Key |
| type: string |
| shareName: |
| description: Share Name |
| type: string |
| required: |
| - secretName |
| - shareName |
| type: object |
| cephfs: |
| description: CephFS represents a Ceph FS mount on |
| the host that shares a pod's lifetime |
| properties: |
| monitors: |
| description: 'Required: Monitors is a collection |
| of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' |
| items: |
| type: string |
| type: array |
| path: |
| description: 'Optional: Used as the mounted |
| root, rather than the full Ceph tree, default |
| is /' |
| type: string |
| readOnly: |
| description: 'Optional: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' |
| type: boolean |
| secretFile: |
| description: 'Optional: SecretFile is the path |
| to key ring for User, default is /etc/ceph/user.secret |
| More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' |
| type: string |
| secretRef: |
| description: 'Optional: SecretRef is reference |
| to the authentication secret for User, default |
| is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| user: |
| description: 'Optional: User is the rados user |
| name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' |
| type: string |
| required: |
| - monitors |
| type: object |
| cinder: |
| description: 'Cinder represents a cinder volume |
| attached and mounted on kubelets host machine. |
| More info: https://examples.k8s.io/mysql-cinder-pd/README.md' |
| properties: |
| fsType: |
| description: 'Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Examples: "ext4", "xfs", |
| "ntfs". Implicitly inferred to be "ext4" if |
| unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' |
| type: string |
| readOnly: |
| description: 'Optional: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' |
| type: boolean |
| secretRef: |
| description: 'Optional: points to a secret object |
| containing parameters used to connect to OpenStack.' |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| volumeID: |
| description: 'volume id used to identify the |
| volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' |
| type: string |
| required: |
| - volumeID |
| type: object |
| configMap: |
| description: ConfigMap represents a configMap that |
| should populate this volume |
| properties: |
| defaultMode: |
| description: 'Optional: mode bits used to set |
| permissions on created files by default. Must |
| be an octal value between 0000 and 0777 or |
| a decimal value between 0 and 511. YAML accepts |
| both octal and decimal values, JSON requires |
| decimal values for mode bits. Defaults to |
| 0644. Directories within the path are not |
| affected by this setting. This might be in |
| conflict with other options that affect the |
| file mode, like fsGroup, and the result can |
| be other mode bits set.' |
| format: int32 |
| type: integer |
| items: |
| description: If unspecified, each key-value |
| pair in the Data field of the referenced ConfigMap |
| will be projected into the volume as a file |
| whose name is the key and content is the value. |
| If specified, the listed keys will be projected |
| into the specified paths, and unlisted keys |
| will not be present. If a key is specified |
| which is not present in the ConfigMap, the |
| volume setup will error unless it is marked |
| optional. Paths must be relative and may not |
| contain the '..' path or start with '..'. |
| items: |
| description: Maps a string key to a path within |
| a volume. |
| properties: |
| key: |
| description: The key to project. |
| type: string |
| mode: |
| description: 'Optional: mode bits used |
| to set permissions on this file. Must |
| be an octal value between 0000 and 0777 |
| or a decimal value between 0 and 511. |
| YAML accepts both octal and decimal |
| values, JSON requires decimal values |
| for mode bits. If not specified, the |
| volume defaultMode will be used. This |
| might be in conflict with other options |
| that affect the file mode, like fsGroup, |
| and the result can be other mode bits |
| set.' |
| format: int32 |
| type: integer |
| path: |
| description: The relative path of the |
| file to map the key to. May not be an |
| absolute path. May not contain the path |
| element '..'. May not start with the |
| string '..'. |
| type: string |
| required: |
| - key |
| - path |
| type: object |
| type: array |
| name: |
| description: 'Name of the referent. More info: |
| https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap or |
| its keys must be defined |
| type: boolean |
| type: object |
| csi: |
| description: CSI (Container Storage Interface) represents |
| ephemeral storage that is handled by certain external |
| CSI drivers (Beta feature). |
| properties: |
| driver: |
| description: Driver is the name of the CSI driver |
| that handles this volume. Consult with your |
| admin for the correct name as registered in |
| the cluster. |
| type: string |
| fsType: |
| description: Filesystem type to mount. Ex. "ext4", |
| "xfs", "ntfs". If not provided, the empty |
| value is passed to the associated CSI driver |
| which will determine the default filesystem |
| to apply. |
| type: string |
| nodePublishSecretRef: |
| description: NodePublishSecretRef is a reference |
| to the secret object containing sensitive |
| information to pass to the CSI driver to complete |
| the CSI NodePublishVolume and NodeUnpublishVolume |
| calls. This field is optional, and may be |
| empty if no secret is required. If the secret |
| object contains more than one secret, all |
| secret references are passed. |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| readOnly: |
| description: Specifies a read-only configuration |
| for the volume. Defaults to false (read/write). |
| type: boolean |
| volumeAttributes: |
| additionalProperties: |
| type: string |
| description: VolumeAttributes stores driver-specific |
| properties that are passed to the CSI driver. |
| Consult your driver's documentation for supported |
| values. |
| type: object |
| required: |
| - driver |
| type: object |
| downwardAPI: |
| description: DownwardAPI represents downward API |
| about the pod that should populate this volume |
| properties: |
| defaultMode: |
| description: 'Optional: mode bits to use on |
| created files by default. Must be a Optional: |
| mode bits used to set permissions on created |
| files by default. Must be an octal value between |
| 0000 and 0777 or a decimal value between 0 |
| and 511. YAML accepts both octal and decimal |
| values, JSON requires decimal values for mode |
| bits. Defaults to 0644. Directories within |
| the path are not affected by this setting. |
| This might be in conflict with other options |
| that affect the file mode, like fsGroup, and |
| the result can be other mode bits set.' |
| format: int32 |
| type: integer |
| items: |
| description: Items is a list of downward API |
| volume file |
| items: |
| description: DownwardAPIVolumeFile represents |
| information to create the file containing |
| the pod field |
| properties: |
| fieldRef: |
| description: 'Required: Selects a field |
| of the pod: only annotations, labels, |
| name and namespace are supported.' |
| properties: |
| apiVersion: |
| description: Version of the schema |
| the FieldPath is written in terms |
| of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to |
| select in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| mode: |
| description: 'Optional: mode bits used |
| to set permissions on this file, must |
| be an octal value between 0000 and 0777 |
| or a decimal value between 0 and 511. |
| YAML accepts both octal and decimal |
| values, JSON requires decimal values |
| for mode bits. If not specified, the |
| volume defaultMode will be used. This |
| might be in conflict with other options |
| that affect the file mode, like fsGroup, |
| and the result can be other mode bits |
| set.' |
| format: int32 |
| type: integer |
| path: |
| description: 'Required: Path is the relative |
| path name of the file to be created. |
| Must not be absolute or contain the |
| ''..'' path. Must be utf-8 encoded. |
| The first item of the relative path |
| must not start with ''..''' |
| type: string |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and |
| requests (limits.cpu, limits.memory, |
| requests.cpu and requests.memory) are |
| currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output |
| format of the exposed resources, |
| defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| required: |
| - path |
| type: object |
| type: array |
| type: object |
| emptyDir: |
| description: 'EmptyDir represents a temporary directory |
| that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' |
| properties: |
| medium: |
| description: 'What type of storage medium should |
| back this directory. The default is "" which |
| means to use the node''s default medium. Must |
| be an empty string (default) or Memory. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' |
| type: string |
| sizeLimit: |
| anyOf: |
| - type: integer |
| - type: string |
| description: 'Total amount of local storage |
| required for this EmptyDir volume. The size |
| limit is also applicable for memory medium. |
| The maximum usage on memory medium EmptyDir |
| would be the minimum value between the SizeLimit |
| specified here and the sum of memory limits |
| of all containers in a pod. The default is |
| nil which means that the limit is undefined. |
| More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| type: object |
| ephemeral: |
| description: "Ephemeral represents a volume that |
| is handled by a cluster storage driver. The volume's |
| lifecycle is tied to the pod that defines it - |
| it will be created before the pod starts, and |
| deleted when the pod is removed. \n Use this if: |
| a) the volume is only needed while the pod runs, |
| b) features of normal volumes like restoring from |
| snapshot or capacity tracking are needed, c) |
| the storage driver is specified through a storage |
| class, and d) the storage driver supports dynamic |
| volume provisioning through a PersistentVolumeClaim |
| (see EphemeralVolumeSource for more information |
| on the connection between this volume type and |
| PersistentVolumeClaim). \n Use PersistentVolumeClaim |
| or one of the vendor-specific APIs for volumes |
| that persist for longer than the lifecycle of |
| an individual pod. \n Use CSI for light-weight |
| local ephemeral volumes if the CSI driver is meant |
| to be used that way - see the documentation of |
| the driver for more information. \n A pod can |
| use both types of ephemeral volumes and persistent |
| volumes at the same time. \n This is a beta feature |
| and only available when the GenericEphemeralVolume |
| feature gate is enabled." |
| properties: |
| volumeClaimTemplate: |
| description: "Will be used to create a stand-alone |
| PVC to provision the volume. The pod in which |
| this EphemeralVolumeSource is embedded will |
| be the owner of the PVC, i.e. the PVC will |
| be deleted together with the pod. The name |
| of the PVC will be `<pod name>-<volume name>` |
| where `<volume name>` is the name from the |
| `PodSpec.Volumes` array entry. Pod validation |
| will reject the pod if the concatenated name |
| is not valid for a PVC (for example, too long). |
| \n An existing PVC with that name that is |
| not owned by the pod will *not* be used for |
| the pod to avoid using an unrelated volume |
| by mistake. Starting the pod is then blocked |
| until the unrelated PVC is removed. If such |
| a pre-created PVC is meant to be used by the |
| pod, the PVC has to updated with an owner |
| reference to the pod once the pod exists. |
| Normally this should not be necessary, but |
| it may be useful when manually reconstructing |
| a broken cluster. \n This field is read-only |
| and no changes will be made by Kubernetes |
| to the PVC after it has been created. \n Required, |
| must not be nil." |
| properties: |
| metadata: |
| description: May contain labels and annotations |
| that will be copied into the PVC when |
| creating it. No other fields are allowed |
| and will be rejected during validation. |
| type: object |
| spec: |
| description: The specification for the PersistentVolumeClaim. |
| The entire content is copied unchanged |
| into the PVC that gets created from this |
| template. The same fields as in a PersistentVolumeClaim |
| are also valid here. |
| properties: |
| accessModes: |
| description: 'AccessModes contains the |
| desired access modes the volume should |
| have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' |
| items: |
| type: string |
| type: array |
| dataSource: |
| description: 'This field can be used |
| to specify either: * An existing VolumeSnapshot |
| object (snapshot.storage.k8s.io/VolumeSnapshot) |
| * An existing PVC (PersistentVolumeClaim) |
| If the provisioner or an external |
| controller can support the specified |
| data source, it will create a new |
| volume based on the contents of the |
| specified data source. If the AnyVolumeDataSource |
| feature gate is enabled, this field |
| will always have the same contents |
| as the DataSourceRef field.' |
| properties: |
| apiGroup: |
| description: APIGroup is the group |
| for the resource being referenced. |
| If APIGroup is not specified, |
| the specified Kind must be in |
| the core API group. For any other |
| third-party types, APIGroup is |
| required. |
| type: string |
| kind: |
| description: Kind is the type of |
| resource being referenced |
| type: string |
| name: |
| description: Name is the name of |
| resource being referenced |
| type: string |
| required: |
| - kind |
| - name |
| type: object |
| dataSourceRef: |
| description: 'Specifies the object from |
| which to populate the volume with |
| data, if a non-empty volume is desired. |
| This may be any local object from |
| a non-empty API group (non core object) |
| or a PersistentVolumeClaim object. |
| When this field is specified, volume |
| binding will only succeed if the type |
| of the specified object matches some |
| installed volume populator or dynamic |
| provisioner. This field will replace |
| the functionality of the DataSource |
| field and as such if both fields are |
| non-empty, they must have the same |
| value. For backwards compatibility, |
| both fields (DataSource and DataSourceRef) |
| will be set to the same value automatically |
| if one of them is empty and the other |
| is non-empty. There are two important |
| differences between DataSource and |
| DataSourceRef: * While DataSource |
| only allows two specific types of |
| objects, DataSourceRef allows any |
| non-core object, as well as PersistentVolumeClaim |
| objects. * While DataSource ignores |
| disallowed values (dropping them), |
| DataSourceRef preserves all values, |
| and generates an error if a disallowed |
| value is specified. (Alpha) Using |
| this field requires the AnyVolumeDataSource |
| feature gate to be enabled.' |
| properties: |
| apiGroup: |
| description: APIGroup is the group |
| for the resource being referenced. |
| If APIGroup is not specified, |
| the specified Kind must be in |
| the core API group. For any other |
| third-party types, APIGroup is |
| required. |
| type: string |
| kind: |
| description: Kind is the type of |
| resource being referenced |
| type: string |
| name: |
| description: Name is the name of |
| resource being referenced |
| type: string |
| required: |
| - kind |
| - name |
| type: object |
| resources: |
| description: 'Resources represents the |
| minimum resources the volume should |
| have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' |
| properties: |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the |
| maximum amount of compute resources |
| allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes |
| the minimum amount of compute |
| resources required. If Requests |
| is omitted for a container, it |
| defaults to Limits if that is |
| explicitly specified, otherwise |
| to an implementation-defined value. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| selector: |
| description: A label query over volumes |
| to consider for binding. |
| properties: |
| matchExpressions: |
| description: matchExpressions is |
| a list of label selector requirements. |
| The requirements are ANDed. |
| items: |
| description: A label selector |
| requirement is a selector that |
| contains values, a key, and |
| an operator that relates the |
| key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to |
| a set of values. Valid operators |
| are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an |
| array of string values. |
| If the operator is In or |
| NotIn, the values array |
| must be non-empty. If the |
| operator is Exists or DoesNotExist, |
| the values array must be |
| empty. This array is replaced |
| during a strategic merge |
| patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map |
| of {key,value} pairs. A single |
| {key,value} in the matchLabels |
| map is equivalent to an element |
| of matchExpressions, whose key |
| field is "key", the operator is |
| "In", and the values array contains |
| only "value". The requirements |
| are ANDed. |
| type: object |
| type: object |
| storageClassName: |
| description: 'Name of the StorageClass |
| required by the claim. More info: |
| https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' |
| type: string |
| volumeMode: |
| description: volumeMode defines what |
| type of volume is required by the |
| claim. Value of Filesystem is implied |
| when not included in claim spec. |
| type: string |
| volumeName: |
| description: VolumeName is the binding |
| reference to the PersistentVolume |
| backing this claim. |
| type: string |
| type: object |
| required: |
| - spec |
| type: object |
| type: object |
| fc: |
| description: FC represents a Fibre Channel resource |
| that is attached to a kubelet's host machine and |
| then exposed to the pod. |
| properties: |
| fsType: |
| description: 'Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Implicitly inferred to be "ext4" if unspecified. |
| TODO: how do we prevent errors in the filesystem |
| from compromising the machine' |
| type: string |
| lun: |
| description: 'Optional: FC target lun number' |
| format: int32 |
| type: integer |
| readOnly: |
| description: 'Optional: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts.' |
| type: boolean |
| targetWWNs: |
| description: 'Optional: FC target worldwide |
| names (WWNs)' |
| items: |
| type: string |
| type: array |
| wwids: |
| description: 'Optional: FC volume world wide |
| identifiers (wwids) Either wwids or combination |
| of targetWWNs and lun must be set, but not |
| both simultaneously.' |
| items: |
| type: string |
| type: array |
| type: object |
| flexVolume: |
| description: FlexVolume represents a generic volume |
| resource that is provisioned/attached using an |
| exec based plugin. |
| properties: |
| driver: |
| description: Driver is the name of the driver |
| to use for this volume. |
| type: string |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| The default filesystem depends on FlexVolume |
| script. |
| type: string |
| options: |
| additionalProperties: |
| type: string |
| description: 'Optional: Extra command options |
| if any.' |
| type: object |
| readOnly: |
| description: 'Optional: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts.' |
| type: boolean |
| secretRef: |
| description: 'Optional: SecretRef is reference |
| to the secret object containing sensitive |
| information to pass to the plugin scripts. |
| This may be empty if no secret object is specified. |
| If the secret object contains more than one |
| secret, all secrets are passed to the plugin |
| scripts.' |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| required: |
| - driver |
| type: object |
| flocker: |
| description: Flocker represents a Flocker volume |
| attached to a kubelet's host machine. This depends |
| on the Flocker control service being running |
| properties: |
| datasetName: |
| description: Name of the dataset stored as metadata |
| -> name on the dataset for Flocker should |
| be considered as deprecated |
| type: string |
| datasetUUID: |
| description: UUID of the dataset. This is unique |
| identifier of a Flocker dataset |
| type: string |
| type: object |
| gcePersistentDisk: |
| description: 'GCEPersistentDisk represents a GCE |
| Disk resource that is attached to a kubelet''s |
| host machine and then exposed to the pod. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' |
| properties: |
| fsType: |
| description: 'Filesystem type of the volume |
| that you want to mount. Tip: Ensure that the |
| filesystem type is supported by the host operating |
| system. Examples: "ext4", "xfs", "ntfs". Implicitly |
| inferred to be "ext4" if unspecified. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk |
| TODO: how do we prevent errors in the filesystem |
| from compromising the machine' |
| type: string |
| partition: |
| description: 'The partition in the volume that |
| you want to mount. If omitted, the default |
| is to mount by volume name. Examples: For |
| volume /dev/sda1, you specify the partition |
| as "1". Similarly, the volume partition for |
| /dev/sda is "0" (or you can leave the property |
| empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' |
| format: int32 |
| type: integer |
| pdName: |
| description: 'Unique name of the PD resource |
| in GCE. Used to identify the disk in GCE. |
| More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' |
| type: string |
| readOnly: |
| description: 'ReadOnly here will force the ReadOnly |
| setting in VolumeMounts. Defaults to false. |
| More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' |
| type: boolean |
| required: |
| - pdName |
| type: object |
| gitRepo: |
| description: 'GitRepo represents a git repository |
| at a particular revision. DEPRECATED: GitRepo |
| is deprecated. To provision a container with a |
| git repo, mount an EmptyDir into an InitContainer |
| that clones the repo using git, then mount the |
| EmptyDir into the Pod''s container.' |
| properties: |
| directory: |
| description: Target directory name. Must not |
| contain or start with '..'. If '.' is supplied, |
| the volume directory will be the git repository. Otherwise, |
| if specified, the volume will contain the |
| git repository in the subdirectory with the |
| given name. |
| type: string |
| repository: |
| description: Repository URL |
| type: string |
| revision: |
| description: Commit hash for the specified revision. |
| type: string |
| required: |
| - repository |
| type: object |
| glusterfs: |
| description: 'Glusterfs represents a Glusterfs mount |
| on the host that shares a pod''s lifetime. More |
| info: https://examples.k8s.io/volumes/glusterfs/README.md' |
| properties: |
| endpoints: |
| description: 'EndpointsName is the endpoint |
| name that details Glusterfs topology. More |
| info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' |
| type: string |
| path: |
| description: 'Path is the Glusterfs volume path. |
| More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' |
| type: string |
| readOnly: |
| description: 'ReadOnly here will force the Glusterfs |
| volume to be mounted with read-only permissions. |
| Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' |
| type: boolean |
| required: |
| - endpoints |
| - path |
| type: object |
| hostPath: |
| description: 'HostPath represents a pre-existing |
| file or directory on the host machine that is |
| directly exposed to the container. This is generally |
| used for system agents or other privileged things |
| that are allowed to see the host machine. Most |
| containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath |
| --- TODO(jonesdl) We need to restrict who can |
| use host directory mounts and who can/can not |
| mount host directories as read/write.' |
| properties: |
| path: |
| description: 'Path of the directory on the host. |
| If the path is a symlink, it will follow the |
| link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' |
| type: string |
| type: |
| description: 'Type for HostPath Volume Defaults |
| to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' |
| type: string |
| required: |
| - path |
| type: object |
| iscsi: |
| description: 'ISCSI represents an ISCSI Disk resource |
| that is attached to a kubelet''s host machine |
| and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' |
| properties: |
| chapAuthDiscovery: |
| description: whether support iSCSI Discovery |
| CHAP authentication |
| type: boolean |
| chapAuthSession: |
| description: whether support iSCSI Session CHAP |
| authentication |
| type: boolean |
| fsType: |
| description: 'Filesystem type of the volume |
| that you want to mount. Tip: Ensure that the |
| filesystem type is supported by the host operating |
| system. Examples: "ext4", "xfs", "ntfs". Implicitly |
| inferred to be "ext4" if unspecified. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi |
| TODO: how do we prevent errors in the filesystem |
| from compromising the machine' |
| type: string |
| initiatorName: |
| description: Custom iSCSI Initiator Name. If |
| initiatorName is specified with iscsiInterface |
| simultaneously, new iSCSI interface <target |
| portal>:<volume name> will be created for |
| the connection. |
| type: string |
| iqn: |
| description: Target iSCSI Qualified Name. |
| type: string |
| iscsiInterface: |
| description: iSCSI Interface Name that uses |
| an iSCSI transport. Defaults to 'default' |
| (tcp). |
| type: string |
| lun: |
| description: iSCSI Target Lun number. |
| format: int32 |
| type: integer |
| portals: |
| description: iSCSI Target Portal List. The portal |
| is either an IP or ip_addr:port if the port |
| is other than default (typically TCP ports |
| 860 and 3260). |
| items: |
| type: string |
| type: array |
| readOnly: |
| description: ReadOnly here will force the ReadOnly |
| setting in VolumeMounts. Defaults to false. |
| type: boolean |
| secretRef: |
| description: CHAP Secret for iSCSI target and |
| initiator authentication |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| targetPortal: |
| description: iSCSI Target Portal. The Portal |
| is either an IP or ip_addr:port if the port |
| is other than default (typically TCP ports |
| 860 and 3260). |
| type: string |
| required: |
| - iqn |
| - lun |
| - targetPortal |
| type: object |
| name: |
| description: 'Volume''s name. Must be a DNS_LABEL |
| and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
| type: string |
| nfs: |
| description: 'NFS represents an NFS mount on the |
| host that shares a pod''s lifetime More info: |
| https://kubernetes.io/docs/concepts/storage/volumes#nfs' |
| properties: |
| path: |
| description: 'Path that is exported by the NFS |
| server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' |
| type: string |
| readOnly: |
| description: 'ReadOnly here will force the NFS |
| export to be mounted with read-only permissions. |
| Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' |
| type: boolean |
| server: |
| description: 'Server is the hostname or IP address |
| of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' |
| type: string |
| required: |
| - path |
| - server |
| type: object |
| persistentVolumeClaim: |
| description: 'PersistentVolumeClaimVolumeSource |
| represents a reference to a PersistentVolumeClaim |
| in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' |
| properties: |
| claimName: |
| description: 'ClaimName is the name of a PersistentVolumeClaim |
| in the same namespace as the pod using this |
| volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' |
| type: string |
| readOnly: |
| description: Will force the ReadOnly setting |
| in VolumeMounts. Default false. |
| type: boolean |
| required: |
| - claimName |
| type: object |
| photonPersistentDisk: |
| description: PhotonPersistentDisk represents a PhotonController |
| persistent disk attached and mounted on kubelets |
| host machine |
| properties: |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Implicitly inferred to be "ext4" if unspecified. |
| type: string |
| pdID: |
| description: ID that identifies Photon Controller |
| persistent disk |
| type: string |
| required: |
| - pdID |
| type: object |
| portworxVolume: |
| description: PortworxVolume represents a portworx |
| volume attached and mounted on kubelets host machine |
| properties: |
| fsType: |
| description: FSType represents the filesystem |
| type to mount Must be a filesystem type supported |
| by the host operating system. Ex. "ext4", |
| "xfs". Implicitly inferred to be "ext4" if |
| unspecified. |
| type: string |
| readOnly: |
| description: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. |
| type: boolean |
| volumeID: |
| description: VolumeID uniquely identifies a |
| Portworx volume |
| type: string |
| required: |
| - volumeID |
| type: object |
| projected: |
| description: Items for all in one resources secrets, |
| configmaps, and downward API |
| properties: |
| defaultMode: |
| description: Mode bits used to set permissions |
| on created files by default. Must be an octal |
| value between 0000 and 0777 or a decimal value |
| between 0 and 511. YAML accepts both octal |
| and decimal values, JSON requires decimal |
| values for mode bits. Directories within the |
| path are not affected by this setting. This |
| might be in conflict with other options that |
| affect the file mode, like fsGroup, and the |
| result can be other mode bits set. |
| format: int32 |
| type: integer |
| sources: |
| description: list of volume projections |
| items: |
| description: Projection that may be projected |
| along with other supported volume types |
| properties: |
| configMap: |
| description: information about the configMap |
| data to project |
| properties: |
| items: |
| description: If unspecified, each |
| key-value pair in the Data field |
| of the referenced ConfigMap will |
| be projected into the volume as |
| a file whose name is the key and |
| content is the value. If specified, |
| the listed keys will be projected |
| into the specified paths, and unlisted |
| keys will not be present. If a key |
| is specified which is not present |
| in the ConfigMap, the volume setup |
| will error unless it is marked optional. |
| Paths must be relative and may not |
| contain the '..' path or start with |
| '..'. |
| items: |
| description: Maps a string key to |
| a path within a volume. |
| properties: |
| key: |
| description: The key to project. |
| type: string |
| mode: |
| description: 'Optional: mode |
| bits used to set permissions |
| on this file. Must be an octal |
| value between 0000 and 0777 |
| or a decimal value between |
| 0 and 511. YAML accepts both |
| octal and decimal values, |
| JSON requires decimal values |
| for mode bits. If not specified, |
| the volume defaultMode will |
| be used. This might be in |
| conflict with other options |
| that affect the file mode, |
| like fsGroup, and the result |
| can be other mode bits set.' |
| format: int32 |
| type: integer |
| path: |
| description: The relative path |
| of the file to map the key |
| to. May not be an absolute |
| path. May not contain the |
| path element '..'. May not |
| start with the string '..'. |
| type: string |
| required: |
| - key |
| - path |
| type: object |
| type: array |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its keys must be defined |
| type: boolean |
| type: object |
| downwardAPI: |
| description: information about the downwardAPI |
| data to project |
| properties: |
| items: |
| description: Items is a list of DownwardAPIVolume |
| file |
| items: |
| description: DownwardAPIVolumeFile |
| represents information to create |
| the file containing the pod field |
| properties: |
| fieldRef: |
| description: 'Required: Selects |
| a field of the pod: only annotations, |
| labels, name and namespace |
| are supported.' |
| properties: |
| apiVersion: |
| description: Version of |
| the schema the FieldPath |
| is written in terms of, |
| defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the |
| field to select in the |
| specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| mode: |
| description: 'Optional: mode |
| bits used to set permissions |
| on this file, must be an octal |
| value between 0000 and 0777 |
| or a decimal value between |
| 0 and 511. YAML accepts both |
| octal and decimal values, |
| JSON requires decimal values |
| for mode bits. If not specified, |
| the volume defaultMode will |
| be used. This might be in |
| conflict with other options |
| that affect the file mode, |
| like fsGroup, and the result |
| can be other mode bits set.' |
| format: int32 |
| type: integer |
| path: |
| description: 'Required: Path |
| is the relative path name |
| of the file to be created. |
| Must not be absolute or contain |
| the ''..'' path. Must be utf-8 |
| encoded. The first item of |
| the relative path must not |
| start with ''..''' |
| type: string |
| resourceFieldRef: |
| description: 'Selects a resource |
| of the container: only resources |
| limits and requests (limits.cpu, |
| limits.memory, requests.cpu |
| and requests.memory) are currently |
| supported.' |
| properties: |
| containerName: |
| description: 'Container |
| name: required for volumes, |
| optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the |
| output format of the exposed |
| resources, defaults to |
| "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: |
| resource to select' |
| type: string |
| required: |
| - resource |
| type: object |
| required: |
| - path |
| type: object |
| type: array |
| type: object |
| secret: |
| description: information about the secret |
| data to project |
| properties: |
| items: |
| description: If unspecified, each |
| key-value pair in the Data field |
| of the referenced Secret will be |
| projected into the volume as a file |
| whose name is the key and content |
| is the value. If specified, the |
| listed keys will be projected into |
| the specified paths, and unlisted |
| keys will not be present. If a key |
| is specified which is not present |
| in the Secret, the volume setup |
| will error unless it is marked optional. |
| Paths must be relative and may not |
| contain the '..' path or start with |
| '..'. |
| items: |
| description: Maps a string key to |
| a path within a volume. |
| properties: |
| key: |
| description: The key to project. |
| type: string |
| mode: |
| description: 'Optional: mode |
| bits used to set permissions |
| on this file. Must be an octal |
| value between 0000 and 0777 |
| or a decimal value between |
| 0 and 511. YAML accepts both |
| octal and decimal values, |
| JSON requires decimal values |
| for mode bits. If not specified, |
| the volume defaultMode will |
| be used. This might be in |
| conflict with other options |
| that affect the file mode, |
| like fsGroup, and the result |
| can be other mode bits set.' |
| format: int32 |
| type: integer |
| path: |
| description: The relative path |
| of the file to map the key |
| to. May not be an absolute |
| path. May not contain the |
| path element '..'. May not |
| start with the string '..'. |
| type: string |
| required: |
| - key |
| - path |
| type: object |
| type: array |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| type: object |
| serviceAccountToken: |
| description: information about the serviceAccountToken |
| data to project |
| properties: |
| audience: |
| description: Audience is the intended |
| audience of the token. A recipient |
| of a token must identify itself |
| with an identifier specified in |
| the audience of the token, and otherwise |
| should reject the token. The audience |
| defaults to the identifier of the |
| apiserver. |
| type: string |
| expirationSeconds: |
| description: ExpirationSeconds is |
| the requested duration of validity |
| of the service account token. As |
| the token approaches expiration, |
| the kubelet volume plugin will proactively |
| rotate the service account token. |
| The kubelet will start trying to |
| rotate the token if the token is |
| older than 80 percent of its time |
| to live or if the token is older |
| than 24 hours.Defaults to 1 hour |
| and must be at least 10 minutes. |
| format: int64 |
| type: integer |
| path: |
| description: Path is the path relative |
| to the mount point of the file to |
| project the token into. |
| type: string |
| required: |
| - path |
| type: object |
| type: object |
| type: array |
| type: object |
| quobyte: |
| description: Quobyte represents a Quobyte mount |
| on the host that shares a pod's lifetime |
| properties: |
| group: |
| description: Group to map volume access to Default |
| is no group |
| type: string |
| readOnly: |
| description: ReadOnly here will force the Quobyte |
| volume to be mounted with read-only permissions. |
| Defaults to false. |
| type: boolean |
| registry: |
| description: Registry represents a single or |
| multiple Quobyte Registry services specified |
| as a string as host:port pair (multiple entries |
| are separated with commas) which acts as the |
| central registry for volumes |
| type: string |
| tenant: |
| description: Tenant owning the given Quobyte |
| volume in the Backend Used with dynamically |
| provisioned Quobyte volumes, value is set |
| by the plugin |
| type: string |
| user: |
| description: User to map volume access to Defaults |
| to serivceaccount user |
| type: string |
| volume: |
| description: Volume is a string that references |
| an already created Quobyte volume by name. |
| type: string |
| required: |
| - registry |
| - volume |
| type: object |
| rbd: |
| description: 'RBD represents a Rados Block Device |
| mount on the host that shares a pod''s lifetime. |
| More info: https://examples.k8s.io/volumes/rbd/README.md' |
| properties: |
| fsType: |
| description: 'Filesystem type of the volume |
| that you want to mount. Tip: Ensure that the |
| filesystem type is supported by the host operating |
| system. Examples: "ext4", "xfs", "ntfs". Implicitly |
| inferred to be "ext4" if unspecified. More |
| info: https://kubernetes.io/docs/concepts/storage/volumes#rbd |
| TODO: how do we prevent errors in the filesystem |
| from compromising the machine' |
| type: string |
| image: |
| description: 'The rados image name. More info: |
| https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| type: string |
| keyring: |
| description: 'Keyring is the path to key ring |
| for RBDUser. Default is /etc/ceph/keyring. |
| More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| type: string |
| monitors: |
| description: 'A collection of Ceph monitors. |
| More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| items: |
| type: string |
| type: array |
| pool: |
| description: 'The rados pool name. Default is |
| rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| type: string |
| readOnly: |
| description: 'ReadOnly here will force the ReadOnly |
| setting in VolumeMounts. Defaults to false. |
| More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| type: boolean |
| secretRef: |
| description: 'SecretRef is name of the authentication |
| secret for RBDUser. If provided overrides |
| keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| user: |
| description: 'The rados user name. Default is |
| admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' |
| type: string |
| required: |
| - image |
| - monitors |
| type: object |
| scaleIO: |
| description: ScaleIO represents a ScaleIO persistent |
| volume attached and mounted on Kubernetes nodes. |
| properties: |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Default is "xfs". |
| type: string |
| gateway: |
| description: The host address of the ScaleIO |
| API Gateway. |
| type: string |
| protectionDomain: |
| description: The name of the ScaleIO Protection |
| Domain for the configured storage. |
| type: string |
| readOnly: |
| description: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. |
| type: boolean |
| secretRef: |
| description: SecretRef references to the secret |
| for ScaleIO user and other sensitive information. |
| If this is not provided, Login operation will |
| fail. |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| sslEnabled: |
| description: Flag to enable/disable SSL communication |
| with Gateway, default false |
| type: boolean |
| storageMode: |
| description: Indicates whether the storage for |
| a volume should be ThickProvisioned or ThinProvisioned. |
| Default is ThinProvisioned. |
| type: string |
| storagePool: |
| description: The ScaleIO Storage Pool associated |
| with the protection domain. |
| type: string |
| system: |
| description: The name of the storage system |
| as configured in ScaleIO. |
| type: string |
| volumeName: |
| description: The name of a volume already created |
| in the ScaleIO system that is associated with |
| this volume source. |
| type: string |
| required: |
| - gateway |
| - secretRef |
| - system |
| type: object |
| secret: |
| description: 'Secret represents a secret that should |
| populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' |
| properties: |
| defaultMode: |
| description: 'Optional: mode bits used to set |
| permissions on created files by default. Must |
| be an octal value between 0000 and 0777 or |
| a decimal value between 0 and 511. YAML accepts |
| both octal and decimal values, JSON requires |
| decimal values for mode bits. Defaults to |
| 0644. Directories within the path are not |
| affected by this setting. This might be in |
| conflict with other options that affect the |
| file mode, like fsGroup, and the result can |
| be other mode bits set.' |
| format: int32 |
| type: integer |
| items: |
| description: If unspecified, each key-value |
| pair in the Data field of the referenced Secret |
| will be projected into the volume as a file |
| whose name is the key and content is the value. |
| If specified, the listed keys will be projected |
| into the specified paths, and unlisted keys |
| will not be present. If a key is specified |
| which is not present in the Secret, the volume |
| setup will error unless it is marked optional. |
| Paths must be relative and may not contain |
| the '..' path or start with '..'. |
| items: |
| description: Maps a string key to a path within |
| a volume. |
| properties: |
| key: |
| description: The key to project. |
| type: string |
| mode: |
| description: 'Optional: mode bits used |
| to set permissions on this file. Must |
| be an octal value between 0000 and 0777 |
| or a decimal value between 0 and 511. |
| YAML accepts both octal and decimal |
| values, JSON requires decimal values |
| for mode bits. If not specified, the |
| volume defaultMode will be used. This |
| might be in conflict with other options |
| that affect the file mode, like fsGroup, |
| and the result can be other mode bits |
| set.' |
| format: int32 |
| type: integer |
| path: |
| description: The relative path of the |
| file to map the key to. May not be an |
| absolute path. May not contain the path |
| element '..'. May not start with the |
| string '..'. |
| type: string |
| required: |
| - key |
| - path |
| type: object |
| type: array |
| optional: |
| description: Specify whether the Secret or its |
| keys must be defined |
| type: boolean |
| secretName: |
| description: 'Name of the secret in the pod''s |
| namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' |
| type: string |
| type: object |
| storageos: |
| description: StorageOS represents a StorageOS volume |
| attached and mounted on Kubernetes nodes. |
| properties: |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Implicitly inferred to be "ext4" if unspecified. |
| type: string |
| readOnly: |
| description: Defaults to false (read/write). |
| ReadOnly here will force the ReadOnly setting |
| in VolumeMounts. |
| type: boolean |
| secretRef: |
| description: SecretRef specifies the secret |
| to use for obtaining the StorageOS API credentials. If |
| not specified, default values will be attempted. |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| type: object |
| volumeName: |
| description: VolumeName is the human-readable |
| name of the StorageOS volume. Volume names |
| are only unique within a namespace. |
| type: string |
| volumeNamespace: |
| description: VolumeNamespace specifies the scope |
| of the volume within StorageOS. If no namespace |
| is specified then the Pod's namespace will |
| be used. This allows the Kubernetes name |
| scoping to be mirrored within StorageOS for |
| tighter integration. Set VolumeName to any |
| name to override the default behaviour. Set |
| to "default" if you are not using namespaces |
| within StorageOS. Namespaces that do not pre-exist |
| within StorageOS will be created. |
| type: string |
| type: object |
| vsphereVolume: |
| description: VsphereVolume represents a vSphere |
| volume attached and mounted on kubelets host machine |
| properties: |
| fsType: |
| description: Filesystem type to mount. Must |
| be a filesystem type supported by the host |
| operating system. Ex. "ext4", "xfs", "ntfs". |
| Implicitly inferred to be "ext4" if unspecified. |
| type: string |
| storagePolicyID: |
| description: Storage Policy Based Management |
| (SPBM) profile ID associated with the StoragePolicyName. |
| type: string |
| storagePolicyName: |
| description: Storage Policy Based Management |
| (SPBM) profile name. |
| type: string |
| volumePath: |
| description: Path that identifies vSphere volume |
| vmdk |
| type: string |
| required: |
| - volumePath |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| required: |
| - containers |
| type: object |
| type: object |
| traits: |
| description: the traits needed to run this Integration |
| properties: |
| 3scale: |
| description: 'Deprecated: for backward compatibility.' |
| properties: |
| configuration: |
| description: TraitConfiguration parameters configuration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| required: |
| - configuration |
| type: object |
| addons: |
| additionalProperties: |
| description: AddonTrait represents the configuration of |
| an addon trait |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| description: The extension point with addon traits |
| type: object |
| affinity: |
| description: The configuration of Affinity trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| nodeAffinityLabels: |
| description: Defines a set of nodes the integration pod(s) |
| are eligible to be scheduled on, based on labels on |
| the node. |
| items: |
| type: string |
| type: array |
| podAffinity: |
| description: Always co-locates multiple replicas of the |
| integration in the same node (default *false*). |
| type: boolean |
| podAffinityLabels: |
| description: Defines a set of pods (namely those matching |
| the label selector, relative to the given namespace) |
| that the integration pod(s) should be co-located with. |
| items: |
| type: string |
| type: array |
| podAntiAffinity: |
| description: Never co-locates multiple replicas of the |
| integration in the same node (default *false*). |
| type: boolean |
| podAntiAffinityLabels: |
| description: Defines a set of pods (namely those matching |
| the label selector, relative to the given namespace) |
| that the integration pod(s) should not be co-located |
| with. |
| items: |
| type: string |
| type: array |
| type: object |
| builder: |
| description: The configuration of Builder trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| properties: |
| description: A list of properties to be provided to the |
| build task |
| items: |
| type: string |
| type: array |
| verbose: |
| description: Enable verbose logging on build components |
| that support it (e.g. Kaniko build pod). |
| type: boolean |
| type: object |
| camel: |
| description: The configuration of Camel trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| properties: |
| description: A list of properties to be provided to the |
| Integration runtime |
| items: |
| type: string |
| type: array |
| runtimeVersion: |
| description: The camel-k-runtime version to use for the |
| integration. It overrides the default version set in |
| the Integration Platform. |
| type: string |
| type: object |
| container: |
| description: The configuration of Container trait |
| properties: |
| auto: |
| description: To automatically enable the trait |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| expose: |
| description: Can be used to enable/disable exposure via |
| kubernetes Service. |
| type: boolean |
| image: |
| description: The main container image |
| type: string |
| imagePullPolicy: |
| description: 'The pull policy: Always|Never|IfNotPresent' |
| type: string |
| limitCPU: |
| description: The maximum amount of CPU required. |
| type: string |
| limitMemory: |
| description: The maximum amount of memory required. |
| type: string |
| livenessFailureThreshold: |
| description: 'Minimum consecutive failures for the probe |
| to be considered failed after having succeeded. Applies |
| to the liveness probe. Deprecated: replaced by the health |
| trait.' |
| format: int32 |
| type: integer |
| livenessInitialDelay: |
| description: 'Number of seconds after the container has |
| started before liveness probes are initiated. Deprecated: |
| replaced by the health trait.' |
| format: int32 |
| type: integer |
| livenessPeriod: |
| description: 'How often to perform the probe. Applies |
| to the liveness probe. Deprecated: replaced by the health |
| trait.' |
| format: int32 |
| type: integer |
| livenessScheme: |
| description: 'Scheme to use when connecting. Defaults |
| to HTTP. Applies to the liveness probe. Deprecated: |
| replaced by the health trait.' |
| type: string |
| livenessSuccessThreshold: |
| description: 'Minimum consecutive successes for the probe |
| to be considered successful after having failed. Applies |
| to the liveness probe. Deprecated: replaced by the health |
| trait.' |
| format: int32 |
| type: integer |
| livenessTimeout: |
| description: 'Number of seconds after which the probe |
| times out. Applies to the liveness probe. Deprecated: |
| replaced by the health trait.' |
| format: int32 |
| type: integer |
| name: |
| description: The main container name. It's named `integration` |
| by default. |
| type: string |
| port: |
| description: To configure a different port exposed by |
| the container (default `8080`). |
| type: integer |
| portName: |
| description: To configure a different port name for the |
| port exposed by the container. It defaults to `http` |
| only when the `expose` parameter is true. |
| type: string |
| probesEnabled: |
| description: 'DeprecatedProbesEnabled enable/disable probes |
| on the container (default `false`). Deprecated: replaced |
| by the health trait.' |
| type: boolean |
| readinessFailureThreshold: |
| description: 'Minimum consecutive failures for the probe |
| to be considered failed after having succeeded. Applies |
| to the readiness probe. Deprecated: replaced by the |
| health trait.' |
| format: int32 |
| type: integer |
| readinessInitialDelay: |
| description: 'Number of seconds after the container has |
| started before readiness probes are initiated. Deprecated: |
| replaced by the health trait.' |
| format: int32 |
| type: integer |
| readinessPeriod: |
| description: 'How often to perform the probe. Applies |
| to the readiness probe. Deprecated: replaced by the |
| health trait.' |
| format: int32 |
| type: integer |
| readinessScheme: |
| description: 'Scheme to use when connecting. Defaults |
| to HTTP. Applies to the readiness probe. Deprecated: |
| replaced by the health trait.' |
| type: string |
| readinessSuccessThreshold: |
| description: 'Minimum consecutive successes for the probe |
| to be considered successful after having failed. Applies |
| to the readiness probe. Deprecated: replaced by the |
| health trait.' |
| format: int32 |
| type: integer |
| readinessTimeout: |
| description: 'Number of seconds after which the probe |
| times out. Applies to the readiness probe. Deprecated: |
| replaced by the health trait.' |
| format: int32 |
| type: integer |
| requestCPU: |
| description: The minimum amount of CPU required. |
| type: string |
| requestMemory: |
| description: The minimum amount of memory required. |
| type: string |
| servicePort: |
| description: To configure under which service port the |
| container port is to be exposed (default `80`). |
| type: integer |
| servicePortName: |
| description: To configure under which service port name |
| the container port is to be exposed (default `http`). |
| type: string |
| type: object |
| cron: |
| description: The configuration of Cron trait |
| properties: |
| activeDeadlineSeconds: |
| description: Specifies the duration in seconds, relative |
| to the start time, that the job may be continuously |
| active before it is considered to be failed. It defaults |
| to 60s. |
| format: int64 |
| type: integer |
| auto: |
| description: "Automatically deploy the integration as |
| CronJob when all routes are either starting from a periodic |
| consumer (only `cron`, `timer` and `quartz` are supported) |
| or a passive consumer (e.g. `direct` is a passive consumer). |
| \n It's required that all periodic consumers have the |
| same period and it can be expressed as cron schedule |
| (e.g. `1m` can be expressed as `0/1 * * * *`, while |
| `35m` or `50s` cannot)." |
| type: boolean |
| backoffLimit: |
| description: Specifies the number of retries before marking |
| the job failed. It defaults to 2. |
| format: int32 |
| type: integer |
| components: |
| description: "A comma separated list of the Camel components |
| that need to be customized in order for them to work |
| when the schedule is triggered externally by Kubernetes. |
| A specific customizer is activated for each specified |
| component. E.g. for the `timer` component, the `cron-timer` |
| customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` |
| library). \n Supported components are currently: `cron`, |
| `timer` and `quartz`." |
| type: string |
| concurrencyPolicy: |
| description: 'Specifies how to treat concurrent executions |
| of a Job. Valid values are: - "Allow": allows CronJobs |
| to run concurrently; - "Forbid" (default): forbids concurrent |
| runs, skipping next run if previous run hasn''t finished |
| yet; - "Replace": cancels currently running job and |
| replaces it with a new one' |
| type: string |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| fallback: |
| description: Use the default Camel implementation of the |
| `cron` endpoint (`quartz`) instead of trying to materialize |
| the integration as Kubernetes CronJob. |
| type: boolean |
| schedule: |
| description: The CronJob schedule for the whole integration. |
| If multiple routes are declared, they must have the |
| same schedule for this mechanism to work correctly. |
| type: string |
| startingDeadlineSeconds: |
| description: Optional deadline in seconds for starting |
| the job if it misses scheduled time for any reason. Missed |
| jobs executions will be counted as failed ones. |
| format: int64 |
| type: integer |
| type: object |
| dependencies: |
| description: The configuration of Dependencies trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| type: object |
| deployer: |
| description: The configuration of Deployer trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| kind: |
| description: Allows to explicitly select the desired deployment |
| kind between `deployment`, `cron-job` or `knative-service` |
| when creating the resources for running the integration. |
| type: string |
| useSSA: |
| description: Use server-side apply to update the owned |
| resources (default `true`). Note that it automatically |
| falls back to client-side patching, if SSA is not available, |
| e.g., on old Kubernetes clusters. |
| type: boolean |
| type: object |
| deployment: |
| description: The configuration of Deployment trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| progressDeadlineSeconds: |
| description: The maximum time in seconds for the deployment |
| to make progress before it is considered to be failed. |
| It defaults to 60s. |
| format: int32 |
| type: integer |
| rollingUpdateMaxSurge: |
| description: 'The maximum number of pods that can be scheduled |
| above the desired number of pods. Value can be an absolute |
| number (ex: 5) or a percentage of desired pods (ex: |
| 10%). This can not be 0 if MaxUnavailable is 0. Absolute |
| number is calculated from percentage by rounding up. |
| Defaults to 25%.' |
| type: integer |
| rollingUpdateMaxUnavailable: |
| description: 'The maximum number of pods that can be unavailable |
| during the update. Value can be an absolute number (ex: |
| 5) or a percentage of desired pods (ex: 10%). Absolute |
| number is calculated from percentage by rounding down. |
| This can not be 0 if MaxSurge is 0. Defaults to 25%.' |
| type: integer |
| strategy: |
| description: The deployment strategy to use to replace |
| existing pods with new ones. |
| enum: |
| - Recreate |
| - RollingUpdate |
| type: string |
| type: object |
| environment: |
| description: The configuration of Environment trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| containerMeta: |
| description: Enables injection of `NAMESPACE` and `POD_NAME` |
| environment variables (default `true`) |
| type: boolean |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| httpProxy: |
| description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` |
| and `NO_PROXY` environment variables (default `true`) |
| type: boolean |
| vars: |
| description: A list of environment variables to be added |
| to the integration container. The syntax is KEY=VALUE, |
| e.g., `MY_VAR="my value"`. These take precedence over |
| the previously defined environment variables. |
| items: |
| type: string |
| type: array |
| type: object |
| error-handler: |
| description: The configuration of Error Handler trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| ref: |
| description: The error handler ref name provided or found |
| in application properties |
| type: string |
| type: object |
| gc: |
| description: The configuration of GC trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| discoveryCache: |
| description: Discovery client cache to be used, either |
| `disabled`, `disk` or `memory` (default `memory`) |
| type: string |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| type: object |
| health: |
| description: The configuration of Health trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| livenessFailureThreshold: |
| description: Minimum consecutive failures for the liveness |
| probe to be considered failed after having succeeded. |
| format: int32 |
| type: integer |
| livenessInitialDelay: |
| description: Number of seconds after the container has |
| started before the liveness probe is initiated. |
| format: int32 |
| type: integer |
| livenessPeriod: |
| description: How often to perform the liveness probe. |
| format: int32 |
| type: integer |
| livenessProbeEnabled: |
| description: Configures the liveness probe for the integration |
| container (default `false`). |
| type: boolean |
| livenessScheme: |
| description: Scheme to use when connecting to the liveness |
| probe (default `HTTP`). |
| type: string |
| livenessSuccessThreshold: |
| description: Minimum consecutive successes for the liveness |
| probe to be considered successful after having failed. |
| format: int32 |
| type: integer |
| livenessTimeout: |
| description: Number of seconds after which the liveness |
| probe times out. |
| format: int32 |
| type: integer |
| readinessFailureThreshold: |
| description: Minimum consecutive failures for the readiness |
| probe to be considered failed after having succeeded. |
| format: int32 |
| type: integer |
| readinessInitialDelay: |
| description: Number of seconds after the container has |
| started before the readiness probe is initiated. |
| format: int32 |
| type: integer |
| readinessPeriod: |
| description: How often to perform the readiness probe. |
| format: int32 |
| type: integer |
| readinessProbeEnabled: |
| description: Configures the readiness probe for the integration |
| container (default `true`). |
| type: boolean |
| readinessScheme: |
| description: Scheme to use when connecting to the readiness |
| probe (default `HTTP`). |
| type: string |
| readinessSuccessThreshold: |
| description: Minimum consecutive successes for the readiness |
| probe to be considered successful after having failed. |
| format: int32 |
| type: integer |
| readinessTimeout: |
| description: Number of seconds after which the readiness |
| probe times out. |
| format: int32 |
| type: integer |
| type: object |
| ingress: |
| description: The configuration of Ingress trait |
| properties: |
| auto: |
| description: To automatically add an ingress whenever |
| the integration uses a HTTP endpoint consumer. |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| host: |
| description: '**Required**. To configure the host exposed |
| by the ingress.' |
| type: string |
| type: object |
| istio: |
| description: The configuration of Istio trait |
| properties: |
| allow: |
| description: Configures a (comma-separated) list of CIDR |
| subnets that should not be intercepted by the Istio |
| proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by |
| default). |
| type: string |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| inject: |
| description: Forces the value for labels `sidecar.istio.io/inject`. |
| By default the label is set to `true` on deployment |
| and not set on Knative Service. |
| type: boolean |
| type: object |
| jolokia: |
| description: The configuration of Jolokia trait |
| properties: |
| CACert: |
| description: The PEM encoded CA certification file path, |
| used to verify client certificates, applicable when |
| `protocol` is `https` and `use-ssl-client-authentication` |
| is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` |
| for OpenShift). |
| type: string |
| clientPrincipal: |
| description: The principal(s) which must be given in a |
| client certificate to allow access to the Jolokia endpoint, |
| applicable when `protocol` is `https` and `use-ssl-client-authentication` |
| is `true` (default `clientPrincipal=cn=system:master-proxy`, |
| `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` |
| for OpenShift). |
| items: |
| type: string |
| type: array |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| discoveryEnabled: |
| description: Listen for multicast requests (default `false`) |
| type: boolean |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| extendedClientCheck: |
| description: Mandate the client certificate contains a |
| client flag in the extended key usage section, applicable |
| when `protocol` is `https` and `use-ssl-client-authentication` |
| is `true` (default `true` for OpenShift). |
| type: boolean |
| host: |
| description: The Host address to which the Jolokia agent |
| should bind to. If `"\*"` or `"0.0.0.0"` is given, the |
| servers binds to every network interface (default `"*"`). |
| type: string |
| options: |
| description: A list of additional Jolokia options as defined |
| in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM |
| agent configuration options] |
| items: |
| type: string |
| type: array |
| password: |
| description: The password used for authentication, applicable |
| when the `user` option is set. |
| type: string |
| port: |
| description: The Jolokia endpoint port (default `8778`). |
| type: integer |
| protocol: |
| description: The protocol to use, either `http` or `https` |
| (default `https` for OpenShift) |
| type: string |
| useSSLClientAuthentication: |
| description: Whether client certificates should be used |
| for authentication (default `true` for OpenShift). |
| type: boolean |
| user: |
| description: The user to be used for authentication |
| type: string |
| type: object |
| jvm: |
| description: The configuration of JVM trait |
| properties: |
| classpath: |
| description: Additional JVM classpath (use `Linux` classpath |
| separator) |
| type: string |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| debug: |
| description: Activates remote debugging, so that a debugger |
| can be attached to the JVM, e.g., using port-forwarding |
| type: boolean |
| debugAddress: |
| description: Transport address at which to listen for |
| the newly launched JVM (default `*:5005`) |
| type: string |
| debugSuspend: |
| description: Suspends the target JVM immediately before |
| the main class is loaded |
| type: boolean |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| options: |
| description: A list of JVM options |
| items: |
| type: string |
| type: array |
| printCommand: |
| description: Prints the command used the start the JVM |
| in the container logs (default `true`) |
| type: boolean |
| type: object |
| kamelets: |
| description: The configuration of Kamelets trait |
| properties: |
| auto: |
| description: Automatically inject all referenced Kamelets |
| and their default configuration (enabled by default) |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| list: |
| description: Comma separated list of Kamelet names to |
| load into the current integration |
| type: string |
| type: object |
| keda: |
| description: 'Deprecated: for backward compatibility.' |
| properties: |
| configuration: |
| description: TraitConfiguration parameters configuration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| required: |
| - configuration |
| type: object |
| knative: |
| description: The configuration of Knative trait |
| properties: |
| auto: |
| description: Enable automatic discovery of all trait properties. |
| type: boolean |
| channelSinks: |
| description: List of channels used as destination of integration |
| routes. Can contain simple channel names or full Camel |
| URIs. |
| items: |
| type: string |
| type: array |
| channelSources: |
| description: List of channels used as source of integration |
| routes. Can contain simple channel names or full Camel |
| URIs. |
| items: |
| type: string |
| type: array |
| config: |
| description: Can be used to inject a Knative complete |
| configuration in JSON format. |
| type: string |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| endpointSinks: |
| description: List of endpoints used as destination of |
| integration routes. Can contain simple endpoint names |
| or full Camel URIs. |
| items: |
| type: string |
| type: array |
| endpointSources: |
| description: List of channels used as source of integration |
| routes. |
| items: |
| type: string |
| type: array |
| eventSinks: |
| description: List of event types that the integration |
| will produce. Can contain simple event types or full |
| Camel URIs (to use a specific broker). |
| items: |
| type: string |
| type: array |
| eventSources: |
| description: List of event types that the integration |
| will be subscribed to. Can contain simple event types |
| or full Camel URIs (to use a specific broker different |
| from "default"). |
| items: |
| type: string |
| type: array |
| filterSourceChannels: |
| description: Enables filtering on events based on the |
| header "ce-knativehistory". Since this header has been |
| removed in newer versions of Knative, filtering is disabled |
| by default. |
| type: boolean |
| sinkBinding: |
| description: Allows binding the integration to a sink |
| via a Knative SinkBinding resource. This can be used |
| when the integration targets a single sink. It's enabled |
| by default when the integration targets a single sink |
| (except when the integration is owned by a Knative source). |
| type: boolean |
| type: object |
| knative-service: |
| description: The configuration of Knative Service trait |
| properties: |
| auto: |
| description: "Automatically deploy the integration as |
| Knative service when all conditions hold: \n * Integration |
| is using the Knative profile * All routes are either |
| starting from a HTTP based consumer or a passive consumer |
| (e.g. `direct` is a passive consumer)" |
| type: boolean |
| autoscalingMetric: |
| description: "Configures the Knative autoscaling metric |
| property (e.g. to set `concurrency` based or `cpu` based |
| autoscaling). \n Refer to the Knative documentation |
| for more information." |
| type: string |
| autoscalingTarget: |
| description: "Sets the allowed concurrency level or CPU |
| percentage (depending on the autoscaling metric) for |
| each Pod. \n Refer to the Knative documentation for |
| more information." |
| type: integer |
| class: |
| description: "Configures the Knative autoscaling class |
| property (e.g. to set `hpa.autoscaling.knative.dev` |
| or `kpa.autoscaling.knative.dev` autoscaling). \n Refer |
| to the Knative documentation for more information." |
| type: string |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| maxScale: |
| description: "An upper bound for the number of Pods that |
| can be running in parallel for the integration. Knative |
| has its own cap value that depends on the installation. |
| \n Refer to the Knative documentation for more information." |
| type: integer |
| minScale: |
| description: "The minimum number of Pods that should be |
| running at any time for the integration. It's **zero** |
| by default, meaning that the integration is scaled down |
| to zero when not used for a configured amount of time. |
| \n Refer to the Knative documentation for more information." |
| type: integer |
| rolloutDuration: |
| description: Enables to gradually shift traffic to the |
| latest Revision and sets the rollout duration. It's |
| disabled by default and must be expressed as a Golang |
| `time.Duration` string representation, rounded to a |
| second precision. |
| type: string |
| type: object |
| logging: |
| description: The configuration of Logging trait |
| properties: |
| color: |
| description: Colorize the log output |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| format: |
| description: Logs message format |
| type: string |
| json: |
| description: Output the logs in JSON |
| type: boolean |
| jsonPrettyPrint: |
| description: Enable "pretty printing" of the JSON logs |
| type: boolean |
| level: |
| description: Adjust the logging level (defaults to INFO) |
| type: string |
| type: object |
| master: |
| description: 'Deprecated: for backward compatibility.' |
| properties: |
| configuration: |
| description: TraitConfiguration parameters configuration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| required: |
| - configuration |
| type: object |
| mount: |
| description: The configuration of Mount trait |
| properties: |
| configs: |
| description: 'A list of configuration pointing to configmap/secret. |
| The configuration are expected to be UTF-8 resources |
| as they are processed by runtime Camel Context and tried |
| to be parsed as property files. They are also made available |
| on the classpath in order to ease their usage directly |
| from the Route. Syntax: [configmap|secret]:name[/key], |
| where name represents the resource name and key optionally |
| represents the resource key to be filtered' |
| items: |
| type: string |
| type: array |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| resources: |
| description: 'A list of resources (text or binary content) |
| pointing to configmap/secret. The resources are expected |
| to be any resource type (text or binary content). The |
| destination path can be either a default location or |
| any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], |
| where name represents the resource name, key optionally |
| represents the resource key to be filtered and path |
| represents the destination path' |
| items: |
| type: string |
| type: array |
| volumes: |
| description: 'A list of Persistent Volume Claims to be |
| mounted. Syntax: [pvcname:/container/path]' |
| items: |
| type: string |
| type: array |
| type: object |
| openapi: |
| description: The configuration of OpenAPI trait |
| properties: |
| configmaps: |
| description: The configmaps holding the spec of the OpenAPI |
| items: |
| type: string |
| type: array |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| type: object |
| owner: |
| description: The configuration of Owner trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| targetAnnotations: |
| description: The set of annotations to be transferred |
| items: |
| type: string |
| type: array |
| targetLabels: |
| description: The set of labels to be transferred |
| items: |
| type: string |
| type: array |
| type: object |
| pdb: |
| description: The configuration of PDB trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| maxUnavailable: |
| description: The number of pods for the Integration that |
| can be unavailable after an eviction. It can be either |
| an absolute number or a percentage (default `1` if `min-available` |
| is also not set). Only one of `max-unavailable` and |
| `min-available` can be specified. |
| type: string |
| minAvailable: |
| description: The number of pods for the Integration that |
| must still be available after an eviction. It can be |
| either an absolute number or a percentage. Only one |
| of `min-available` and `max-unavailable` can be specified. |
| type: string |
| type: object |
| platform: |
| description: The configuration of Platform trait |
| properties: |
| auto: |
| description: To automatically detect from the environment |
| if a default platform can be created (it will be created |
| on OpenShift only). |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| createDefault: |
| description: To create a default (empty) platform when |
| the platform is missing. |
| type: boolean |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| global: |
| description: Indicates if the platform should be created |
| globally in the case of global operator (default true). |
| type: boolean |
| type: object |
| pod: |
| description: The configuration of Pod trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| type: object |
| prometheus: |
| description: The configuration of Prometheus trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| podMonitor: |
| description: Whether a `PodMonitor` resource is created |
| (default `true`). |
| type: boolean |
| podMonitorLabels: |
| description: The `PodMonitor` resource labels, applicable |
| when `pod-monitor` is `true`. |
| items: |
| type: string |
| type: array |
| type: object |
| pull-secret: |
| description: The configuration of Pull Secret trait |
| properties: |
| auto: |
| description: Automatically configures the platform registry |
| secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| imagePullerDelegation: |
| description: When using a global operator with a shared |
| platform, this enables delegation of the `system:image-puller` |
| cluster role on the operator namespace to the integration |
| service account. |
| type: boolean |
| secretName: |
| description: The pull secret name to set on the Pod. If |
| left empty this is automatically taken from the `IntegrationPlatform` |
| registry configuration. |
| type: string |
| type: object |
| quarkus: |
| description: The configuration of Quarkus trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| packageTypes: |
| description: The Quarkus package types, either `fast-jar` |
| or `native` (default `fast-jar`). In case both `fast-jar` |
| and `native` are specified, two `IntegrationKit` resources |
| are created, with the `native` kit having precedence |
| over the `fast-jar` one once ready. The order influences |
| the resolution of the current kit for the integration. |
| The kit corresponding to the first package type will |
| be assigned to the integration in case no existing kit |
| that matches the integration exists. |
| items: |
| description: Quarkus package type. |
| type: string |
| type: array |
| type: object |
| registry: |
| description: The configuration of Registry trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| type: object |
| route: |
| description: The configuration of Route trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| host: |
| description: To configure the host exposed by the route. |
| type: string |
| tlsCACertificate: |
| description: "The TLS CA certificate contents. \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsCACertificateSecret: |
| description: "The secret name and key reference to the |
| TLS CA certificate. The format is \"secret-name[/key-name]\", |
| the value represents the secret name, if there is only |
| one key in the secret it will be read, otherwise you |
| can set a key name separated with a \"/\". \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsCertificate: |
| description: "The TLS certificate contents. \n Refer to |
| the OpenShift route documentation for additional information." |
| type: string |
| tlsCertificateSecret: |
| description: "The secret name and key reference to the |
| TLS certificate. The format is \"secret-name[/key-name]\", |
| the value represents the secret name, if there is only |
| one key in the secret it will be read, otherwise you |
| can set a key name separated with a \"/\". \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsDestinationCACertificate: |
| description: "The destination CA certificate provides |
| the contents of the ca certificate of the final destination. |
| \ When using reencrypt termination this file should |
| be provided in order to have routers use it for health |
| checks on the secure connection. If this field is not |
| specified, the router may provide its own destination |
| CA and perform hostname validation using the short service |
| name (service.namespace.svc), which allows infrastructure |
| generated certificates to automatically verify. \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsDestinationCACertificateSecret: |
| description: "The secret name and key reference to the |
| destination CA certificate. The format is \"secret-name[/key-name]\", |
| the value represents the secret name, if there is only |
| one key in the secret it will be read, otherwise you |
| can set a key name separated with a \"/\". \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsInsecureEdgeTerminationPolicy: |
| description: "To configure how to deal with insecure traffic, |
| e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsKey: |
| description: "The TLS certificate key contents. \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsKeySecret: |
| description: "The secret name and key reference to the |
| TLS certificate key. The format is \"secret-name[/key-name]\", |
| the value represents the secret name, if there is only |
| one key in the secret it will be read, otherwise you |
| can set a key name separated with a \"/\". \n Refer |
| to the OpenShift route documentation for additional |
| information." |
| type: string |
| tlsTermination: |
| description: "The TLS termination type, like `edge`, `passthrough` |
| or `reencrypt`. \n Refer to the OpenShift route documentation |
| for additional information." |
| type: string |
| type: object |
| service: |
| description: The configuration of Service trait |
| properties: |
| auto: |
| description: To automatically detect from the code if |
| a Service needs to be created. |
| type: boolean |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| nodePort: |
| description: Enable Service to be exposed as NodePort |
| (default `false`). |
| type: boolean |
| type: object |
| service-binding: |
| description: The configuration of Service Binding trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| services: |
| description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name |
| items: |
| type: string |
| type: array |
| type: object |
| strimzi: |
| description: 'Deprecated: for backward compatibility.' |
| properties: |
| configuration: |
| description: TraitConfiguration parameters configuration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| required: |
| - configuration |
| type: object |
| toleration: |
| description: The configuration of Toleration trait |
| properties: |
| configuration: |
| description: 'Legacy trait configuration parameters. Deprecated: |
| for backward compatibility.' |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| enabled: |
| description: Can be used to enable or disable a trait. |
| All traits share this common property. |
| type: boolean |
| taints: |
| description: The list of taints to tolerate, in the form |
| `Key[=Value]:Effect[:Seconds]` |
| items: |
| type: string |
| type: array |
| type: object |
| tracing: |
| description: 'Deprecated: for backward compatibility.' |
| properties: |
| configuration: |
| description: TraitConfiguration parameters configuration |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| required: |
| - configuration |
| type: object |
| type: object |
| type: object |
| replicas: |
| description: Replicas is the number of desired replicas for the binding |
| format: int32 |
| type: integer |
| sink: |
| description: Sink is the destination of the integration defined by |
| this binding |
| properties: |
| properties: |
| description: Properties are a key value representation of endpoint |
| properties |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| ref: |
| description: Ref can be used to declare a Kubernetes resource |
| as source/sink endpoint |
| properties: |
| apiVersion: |
| description: API version of the referent. |
| type: string |
| fieldPath: |
| description: 'If referring to a piece of an object instead |
| of an entire object, this string should contain a valid |
| JSON/Go field access statement, such as desiredState.manifest.containers[2]. |
| For example, if the object reference is to a container within |
| a pod, this would take on a value like: "spec.containers{name}" |
| (where "name" refers to the name of the container that triggered |
| the event) or if no container name is specified "spec.containers[2]" |
| (container with index 2 in this pod). This syntax is chosen |
| only to have some well-defined way of referencing a part |
| of an object. TODO: this design is not final and this field |
| is subject to change in the future.' |
| type: string |
| kind: |
| description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
| type: string |
| namespace: |
| description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' |
| type: string |
| resourceVersion: |
| description: 'Specific resourceVersion to which this reference |
| is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' |
| type: string |
| uid: |
| description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' |
| type: string |
| type: object |
| types: |
| additionalProperties: |
| description: EventTypeSpec represents a specification for an |
| event type |
| properties: |
| mediaType: |
| description: media type as expected for HTTP media types |
| (ie, application/json) |
| type: string |
| schema: |
| description: the expected schema for the event |
| properties: |
| $schema: |
| description: JSONSchemaURL represents a schema url. |
| type: string |
| description: |
| type: string |
| example: |
| description: 'JSON represents any valid JSON value. |
| These types are supported: bool, int64, float64, string, |
| []interface{}, map[string]interface{} and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| externalDocs: |
| description: ExternalDocumentation allows referencing |
| an external resource for extended documentation. |
| properties: |
| description: |
| type: string |
| url: |
| type: string |
| type: object |
| id: |
| type: string |
| properties: |
| additionalProperties: |
| properties: |
| default: |
| description: default is a default value for undefined |
| object fields. |
| x-kubernetes-preserve-unknown-fields: true |
| description: |
| type: string |
| enum: |
| items: |
| description: 'JSON represents any valid JSON |
| value. These types are supported: bool, int64, |
| float64, string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| type: array |
| example: |
| description: 'JSON represents any valid JSON value. |
| These types are supported: bool, int64, float64, |
| string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| exclusiveMaximum: |
| type: boolean |
| exclusiveMinimum: |
| type: boolean |
| format: |
| description: "format is an OpenAPI v3 format string. |
| Unknown formats are ignored. The following formats |
| are validated: \n - bsonobjectid: a bson object |
| ID, i.e. a 24 characters hex string - uri: an |
| URI as parsed by Golang net/url.ParseRequestURI |
| - email: an email address as parsed by Golang |
| net/mail.ParseAddress - hostname: a valid representation |
| for an Internet host name, as defined by RFC |
| 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 |
| IP as parsed by Golang net.ParseIP - ipv6: an |
| IPv6 IP as parsed by Golang net.ParseIP - cidr: |
| a CIDR as parsed by Golang net.ParseCIDR - mac: |
| a MAC address as parsed by Golang net.ParseMAC |
| - uuid: an UUID that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid3: an UUID3 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid4: an UUID4 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - uuid5: an UUID5 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - isbn: an ISBN10 or ISBN13 number string like |
| \"0321751043\" or \"978-0321751041\" - isbn10: |
| an ISBN10 number string like \"0321751043\" |
| - isbn13: an ISBN13 number string like \"978-0321751041\" |
| - creditcard: a credit card number defined by |
| the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ |
| with any non digit characters mixed in - ssn: |
| a U.S. social security number following the |
| regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - |
| hexcolor: an hexadecimal color code like \"#FFFFFF\" |
| following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ |
| - rgbcolor: an RGB color code like rgb like |
| \"rgb(255,255,255)\" - byte: base64 encoded |
| binary data - password: any kind of string - |
| date: a date string like \"2006-01-02\" as defined |
| by full-date in RFC3339 - duration: a duration |
| string like \"22 ns\" as parsed by Golang time.ParseDuration |
| or compatible with Scala duration format - datetime: |
| a date time string like \"2014-12-15T19:30:20.000Z\" |
| as defined by date-time in RFC3339." |
| type: string |
| id: |
| type: string |
| maxItems: |
| format: int64 |
| type: integer |
| maxLength: |
| format: int64 |
| type: integer |
| maxProperties: |
| format: int64 |
| type: integer |
| maximum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| minItems: |
| format: int64 |
| type: integer |
| minLength: |
| format: int64 |
| type: integer |
| minProperties: |
| format: int64 |
| type: integer |
| minimum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| multipleOf: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| nullable: |
| type: boolean |
| pattern: |
| type: string |
| title: |
| type: string |
| type: |
| type: string |
| uniqueItems: |
| type: boolean |
| x-descriptors: |
| description: XDescriptors is a list of extended |
| properties that trigger a custom behavior in |
| external systems |
| items: |
| type: string |
| type: array |
| type: object |
| type: object |
| required: |
| items: |
| type: string |
| type: array |
| title: |
| type: string |
| type: |
| type: string |
| type: object |
| type: object |
| description: Types defines the schema of the data produced/consumed |
| by the endpoint |
| type: object |
| uri: |
| description: URI can be used to specify the (Camel) endpoint explicitly |
| type: string |
| type: object |
| source: |
| description: Source is the starting point of the integration defined |
| by this binding |
| properties: |
| properties: |
| description: Properties are a key value representation of endpoint |
| properties |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| ref: |
| description: Ref can be used to declare a Kubernetes resource |
| as source/sink endpoint |
| properties: |
| apiVersion: |
| description: API version of the referent. |
| type: string |
| fieldPath: |
| description: 'If referring to a piece of an object instead |
| of an entire object, this string should contain a valid |
| JSON/Go field access statement, such as desiredState.manifest.containers[2]. |
| For example, if the object reference is to a container within |
| a pod, this would take on a value like: "spec.containers{name}" |
| (where "name" refers to the name of the container that triggered |
| the event) or if no container name is specified "spec.containers[2]" |
| (container with index 2 in this pod). This syntax is chosen |
| only to have some well-defined way of referencing a part |
| of an object. TODO: this design is not final and this field |
| is subject to change in the future.' |
| type: string |
| kind: |
| description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
| type: string |
| namespace: |
| description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' |
| type: string |
| resourceVersion: |
| description: 'Specific resourceVersion to which this reference |
| is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' |
| type: string |
| uid: |
| description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' |
| type: string |
| type: object |
| types: |
| additionalProperties: |
| description: EventTypeSpec represents a specification for an |
| event type |
| properties: |
| mediaType: |
| description: media type as expected for HTTP media types |
| (ie, application/json) |
| type: string |
| schema: |
| description: the expected schema for the event |
| properties: |
| $schema: |
| description: JSONSchemaURL represents a schema url. |
| type: string |
| description: |
| type: string |
| example: |
| description: 'JSON represents any valid JSON value. |
| These types are supported: bool, int64, float64, string, |
| []interface{}, map[string]interface{} and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| externalDocs: |
| description: ExternalDocumentation allows referencing |
| an external resource for extended documentation. |
| properties: |
| description: |
| type: string |
| url: |
| type: string |
| type: object |
| id: |
| type: string |
| properties: |
| additionalProperties: |
| properties: |
| default: |
| description: default is a default value for undefined |
| object fields. |
| x-kubernetes-preserve-unknown-fields: true |
| description: |
| type: string |
| enum: |
| items: |
| description: 'JSON represents any valid JSON |
| value. These types are supported: bool, int64, |
| float64, string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| type: array |
| example: |
| description: 'JSON represents any valid JSON value. |
| These types are supported: bool, int64, float64, |
| string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| exclusiveMaximum: |
| type: boolean |
| exclusiveMinimum: |
| type: boolean |
| format: |
| description: "format is an OpenAPI v3 format string. |
| Unknown formats are ignored. The following formats |
| are validated: \n - bsonobjectid: a bson object |
| ID, i.e. a 24 characters hex string - uri: an |
| URI as parsed by Golang net/url.ParseRequestURI |
| - email: an email address as parsed by Golang |
| net/mail.ParseAddress - hostname: a valid representation |
| for an Internet host name, as defined by RFC |
| 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 |
| IP as parsed by Golang net.ParseIP - ipv6: an |
| IPv6 IP as parsed by Golang net.ParseIP - cidr: |
| a CIDR as parsed by Golang net.ParseCIDR - mac: |
| a MAC address as parsed by Golang net.ParseMAC |
| - uuid: an UUID that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid3: an UUID3 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid4: an UUID4 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - uuid5: an UUID5 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - isbn: an ISBN10 or ISBN13 number string like |
| \"0321751043\" or \"978-0321751041\" - isbn10: |
| an ISBN10 number string like \"0321751043\" |
| - isbn13: an ISBN13 number string like \"978-0321751041\" |
| - creditcard: a credit card number defined by |
| the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ |
| with any non digit characters mixed in - ssn: |
| a U.S. social security number following the |
| regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - |
| hexcolor: an hexadecimal color code like \"#FFFFFF\" |
| following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ |
| - rgbcolor: an RGB color code like rgb like |
| \"rgb(255,255,255)\" - byte: base64 encoded |
| binary data - password: any kind of string - |
| date: a date string like \"2006-01-02\" as defined |
| by full-date in RFC3339 - duration: a duration |
| string like \"22 ns\" as parsed by Golang time.ParseDuration |
| or compatible with Scala duration format - datetime: |
| a date time string like \"2014-12-15T19:30:20.000Z\" |
| as defined by date-time in RFC3339." |
| type: string |
| id: |
| type: string |
| maxItems: |
| format: int64 |
| type: integer |
| maxLength: |
| format: int64 |
| type: integer |
| maxProperties: |
| format: int64 |
| type: integer |
| maximum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| minItems: |
| format: int64 |
| type: integer |
| minLength: |
| format: int64 |
| type: integer |
| minProperties: |
| format: int64 |
| type: integer |
| minimum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| multipleOf: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| nullable: |
| type: boolean |
| pattern: |
| type: string |
| title: |
| type: string |
| type: |
| type: string |
| uniqueItems: |
| type: boolean |
| x-descriptors: |
| description: XDescriptors is a list of extended |
| properties that trigger a custom behavior in |
| external systems |
| items: |
| type: string |
| type: array |
| type: object |
| type: object |
| required: |
| items: |
| type: string |
| type: array |
| title: |
| type: string |
| type: |
| type: string |
| type: object |
| type: object |
| description: Types defines the schema of the data produced/consumed |
| by the endpoint |
| type: object |
| uri: |
| description: URI can be used to specify the (Camel) endpoint explicitly |
| type: string |
| type: object |
| steps: |
| description: Steps contains an optional list of intermediate steps |
| that are executed between the Source and the Sink |
| items: |
| description: Endpoint represents a source/sink external entity (could |
| be any Kubernetes resource or Camel URI) |
| properties: |
| properties: |
| description: Properties are a key value representation of endpoint |
| properties |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| ref: |
| description: Ref can be used to declare a Kubernetes resource |
| as source/sink endpoint |
| properties: |
| apiVersion: |
| description: API version of the referent. |
| type: string |
| fieldPath: |
| description: 'If referring to a piece of an object instead |
| of an entire object, this string should contain a valid |
| JSON/Go field access statement, such as desiredState.manifest.containers[2]. |
| For example, if the object reference is to a container |
| within a pod, this would take on a value like: "spec.containers{name}" |
| (where "name" refers to the name of the container that |
| triggered the event) or if no container name is specified |
| "spec.containers[2]" (container with index 2 in this pod). |
| This syntax is chosen only to have some well-defined way |
| of referencing a part of an object. TODO: this design |
| is not final and this field is subject to change in the |
| future.' |
| type: string |
| kind: |
| description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
| type: string |
| namespace: |
| description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' |
| type: string |
| resourceVersion: |
| description: 'Specific resourceVersion to which this reference |
| is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' |
| type: string |
| uid: |
| description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' |
| type: string |
| type: object |
| types: |
| additionalProperties: |
| description: EventTypeSpec represents a specification for |
| an event type |
| properties: |
| mediaType: |
| description: media type as expected for HTTP media types |
| (ie, application/json) |
| type: string |
| schema: |
| description: the expected schema for the event |
| properties: |
| $schema: |
| description: JSONSchemaURL represents a schema url. |
| type: string |
| description: |
| type: string |
| example: |
| description: 'JSON represents any valid JSON value. |
| These types are supported: bool, int64, float64, |
| string, []interface{}, map[string]interface{} and |
| nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| externalDocs: |
| description: ExternalDocumentation allows referencing |
| an external resource for extended documentation. |
| properties: |
| description: |
| type: string |
| url: |
| type: string |
| type: object |
| id: |
| type: string |
| properties: |
| additionalProperties: |
| properties: |
| default: |
| description: default is a default value for |
| undefined object fields. |
| x-kubernetes-preserve-unknown-fields: true |
| description: |
| type: string |
| enum: |
| items: |
| description: 'JSON represents any valid JSON |
| value. These types are supported: bool, |
| int64, float64, string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| type: array |
| example: |
| description: 'JSON represents any valid JSON |
| value. These types are supported: bool, int64, |
| float64, string, []interface{}, map[string]interface{} |
| and nil.' |
| x-kubernetes-preserve-unknown-fields: true |
| exclusiveMaximum: |
| type: boolean |
| exclusiveMinimum: |
| type: boolean |
| format: |
| description: "format is an OpenAPI v3 format |
| string. Unknown formats are ignored. The following |
| formats are validated: \n - bsonobjectid: |
| a bson object ID, i.e. a 24 characters hex |
| string - uri: an URI as parsed by Golang net/url.ParseRequestURI |
| - email: an email address as parsed by Golang |
| net/mail.ParseAddress - hostname: a valid |
| representation for an Internet host name, |
| as defined by RFC 1034, section 3.1 [RFC1034]. |
| - ipv4: an IPv4 IP as parsed by Golang net.ParseIP |
| - ipv6: an IPv6 IP as parsed by Golang net.ParseIP |
| - cidr: a CIDR as parsed by Golang net.ParseCIDR |
| - mac: a MAC address as parsed by Golang net.ParseMAC |
| - uuid: an UUID that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid3: an UUID3 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ |
| - uuid4: an UUID4 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - uuid5: an UUID5 that allows uppercase defined |
| by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ |
| - isbn: an ISBN10 or ISBN13 number string |
| like \"0321751043\" or \"978-0321751041\" |
| - isbn10: an ISBN10 number string like \"0321751043\" |
| - isbn13: an ISBN13 number string like \"978-0321751041\" |
| - creditcard: a credit card number defined |
| by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ |
| with any non digit characters mixed in - ssn: |
| a U.S. social security number following the |
| regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ |
| - hexcolor: an hexadecimal color code like |
| \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ |
| - rgbcolor: an RGB color code like rgb like |
| \"rgb(255,255,255)\" - byte: base64 encoded |
| binary data - password: any kind of string |
| - date: a date string like \"2006-01-02\" |
| as defined by full-date in RFC3339 - duration: |
| a duration string like \"22 ns\" as parsed |
| by Golang time.ParseDuration or compatible |
| with Scala duration format - datetime: a date |
| time string like \"2014-12-15T19:30:20.000Z\" |
| as defined by date-time in RFC3339." |
| type: string |
| id: |
| type: string |
| maxItems: |
| format: int64 |
| type: integer |
| maxLength: |
| format: int64 |
| type: integer |
| maxProperties: |
| format: int64 |
| type: integer |
| maximum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| minItems: |
| format: int64 |
| type: integer |
| minLength: |
| format: int64 |
| type: integer |
| minProperties: |
| format: int64 |
| type: integer |
| minimum: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| multipleOf: |
| description: A Number represents a JSON number |
| literal. |
| type: string |
| nullable: |
| type: boolean |
| pattern: |
| type: string |
| title: |
| type: string |
| type: |
| type: string |
| uniqueItems: |
| type: boolean |
| x-descriptors: |
| description: XDescriptors is a list of extended |
| properties that trigger a custom behavior |
| in external systems |
| items: |
| type: string |
| type: array |
| type: object |
| type: object |
| required: |
| items: |
| type: string |
| type: array |
| title: |
| type: string |
| type: |
| type: string |
| type: object |
| type: object |
| description: Types defines the schema of the data produced/consumed |
| by the endpoint |
| type: object |
| uri: |
| description: URI can be used to specify the (Camel) endpoint |
| explicitly |
| type: string |
| type: object |
| type: array |
| type: object |
| status: |
| description: the status of a KameletBinding |
| properties: |
| conditions: |
| description: Conditions -- |
| items: |
| description: KameletBindingCondition describes the state of a resource |
| at a certain point. |
| properties: |
| lastTransitionTime: |
| description: Last time the condition transitioned from one status |
| to another. |
| format: date-time |
| type: string |
| lastUpdateTime: |
| description: The last time this condition was updated. |
| format: date-time |
| type: string |
| message: |
| description: A human readable message indicating details about |
| the transition. |
| type: string |
| reason: |
| description: The reason for the condition's last transition. |
| type: string |
| status: |
| description: Status of the condition, one of True, False, Unknown. |
| type: string |
| type: |
| description: Type of kameletBinding condition. |
| type: string |
| required: |
| - status |
| - type |
| type: object |
| type: array |
| observedGeneration: |
| description: ObservedGeneration is the most recent generation observed |
| for this KameletBinding. |
| format: int64 |
| type: integer |
| phase: |
| description: Phase -- |
| type: string |
| replicas: |
| description: Replicas is the number of actual replicas of the binding |
| format: int32 |
| type: integer |
| selector: |
| description: Selector allows to identify pods belonging to the binding |
| type: string |
| type: object |
| type: object |
| served: true |
| storage: true |
| subresources: |
| scale: |
| labelSelectorPath: .status.selector |
| specReplicasPath: .spec.replicas |
| statusReplicasPath: .status.replicas |
| status: {} |