| apiVersion: apiextensions.k8s.io/v1 |
| kind: CustomResourceDefinition |
| metadata: |
| annotations: |
| controller-gen.kubebuilder.io/version: v0.9.2 |
| creationTimestamp: null |
| name: sonataflowplatforms.sonataflow.org |
| spec: |
| group: sonataflow.org |
| names: |
| kind: SonataFlowPlatform |
| listKind: SonataFlowPlatformList |
| plural: sonataflowplatforms |
| shortNames: |
| - sfp |
| - sfplatform |
| - sfplatforms |
| singular: sonataflowplatform |
| scope: Namespaced |
| versions: |
| - additionalPrinterColumns: |
| - jsonPath: .status.cluster |
| name: Cluster |
| type: string |
| - jsonPath: .status.conditions[?(@.type=='Succeed')].status |
| name: Ready |
| type: string |
| - jsonPath: .status.conditions[?(@.type=='Succeed')].reason |
| name: Reason |
| type: string |
| name: v1alpha08 |
| schema: |
| openAPIV3Schema: |
| description: SonataFlowPlatform is the descriptor for the workflow platform |
| infrastructure. |
| properties: |
| apiVersion: |
| description: 'APIVersion defines the versioned schema of this representation |
| of an object. Servers should convert recognized schemas to the latest |
| internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
| type: string |
| kind: |
| description: 'Kind is a string value representing the REST resource this |
| object represents. Servers may infer this from the endpoint the client |
| submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| metadata: |
| type: object |
| spec: |
| description: SonataFlowPlatformSpec defines the desired state of SonataFlowPlatform |
| properties: |
| build: |
| description: Build Attributes for building workflows in the target |
| platform |
| properties: |
| config: |
| description: Describes the platform configuration for building |
| workflows. |
| properties: |
| baseImage: |
| description: a base image that can be used as base layer for |
| all images. It can be useful if you want to provide some |
| custom base image with further utility software |
| type: string |
| registry: |
| description: Registry the registry where to publish the built |
| image |
| properties: |
| address: |
| description: the URI to access |
| type: string |
| ca: |
| description: the configmap which stores the Certificate |
| Authority |
| type: string |
| insecure: |
| description: if the container registry is insecure (ie, |
| http only) |
| type: boolean |
| organization: |
| description: the registry organization |
| type: string |
| secret: |
| description: the secret where credentials are stored |
| type: string |
| type: object |
| strategy: |
| description: BuildStrategy to use to build workflows in the |
| platform. Usually, the operator elect the strategy based |
| on the platform. Note that this field might be read only |
| in certain scenarios. |
| type: string |
| strategyOptions: |
| additionalProperties: |
| type: string |
| description: BuildStrategyOptions additional options to add |
| to the build strategy. See https://sonataflow.org/serverlessworkflow/main/cloud/operator/build-and-deploy-workflows.html |
| type: object |
| timeout: |
| description: how much time to wait before time out the build |
| process |
| type: string |
| type: object |
| template: |
| description: Describes a build template for building workflows. |
| Base for the internal SonataFlowBuild resource. |
| properties: |
| arguments: |
| description: 'Arguments lists the command line arguments to |
| send to the internal builder command. Depending on the build |
| method you might set this attribute instead of BuildArgs. |
| For example: ".spec.arguments=verbose=3". Please see the |
| SonataFlow guides.' |
| items: |
| type: string |
| type: array |
| buildArgs: |
| description: Optional build arguments that can be set to the |
| internal build (e.g. Docker ARG) |
| items: |
| description: EnvVar represents an environment variable present |
| in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. Must |
| be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) are expanded |
| using the previously defined environment variables |
| in the container and any service environment variables. |
| If a variable cannot be resolved, the reference in |
| the input string will be unchanged. Double $$ are |
| reduced to a single $, which allows for escaping the |
| $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce |
| the string literal "$(VAR_NAME)". Escaped references |
| will never be expanded, regardless of whether the |
| variable exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's value. |
| Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. More info: |
| https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap or |
| its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| fieldRef: |
| description: 'Selects a field of the pod: supports |
| metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, |
| `metadata.annotations[''<KEY>'']`, spec.nodeName, |
| spec.serviceAccountName, status.hostIP, status.podIP, |
| status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema the FieldPath |
| is written in terms of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to select in |
| the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| x-kubernetes-map-type: atomic |
| resourceFieldRef: |
| description: 'Selects a resource of the container: |
| only resources limits and requests (limits.cpu, |
| limits.memory, limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required for volumes, |
| optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output format of |
| the exposed resources, defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to select' |
| type: string |
| required: |
| - resource |
| type: object |
| x-kubernetes-map-type: atomic |
| secretKeyRef: |
| description: Selects a key of a secret in the pod's |
| namespace |
| properties: |
| key: |
| description: The key of the secret to select |
| from. Must be a valid secret key. |
| type: string |
| name: |
| description: 'Name of the referent. More info: |
| https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret or its |
| key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envs: |
| description: Optional environment variables to add to the |
| internal build |
| items: |
| description: EnvVar represents an environment variable present |
| in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. Must |
| be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) are expanded |
| using the previously defined environment variables |
| in the container and any service environment variables. |
| If a variable cannot be resolved, the reference in |
| the input string will be unchanged. Double $$ are |
| reduced to a single $, which allows for escaping the |
| $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce |
| the string literal "$(VAR_NAME)". Escaped references |
| will never be expanded, regardless of whether the |
| variable exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's value. |
| Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. More info: |
| https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap or |
| its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| fieldRef: |
| description: 'Selects a field of the pod: supports |
| metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, |
| `metadata.annotations[''<KEY>'']`, spec.nodeName, |
| spec.serviceAccountName, status.hostIP, status.podIP, |
| status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema the FieldPath |
| is written in terms of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to select in |
| the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| x-kubernetes-map-type: atomic |
| resourceFieldRef: |
| description: 'Selects a resource of the container: |
| only resources limits and requests (limits.cpu, |
| limits.memory, limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required for volumes, |
| optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output format of |
| the exposed resources, defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to select' |
| type: string |
| required: |
| - resource |
| type: object |
| x-kubernetes-map-type: atomic |
| secretKeyRef: |
| description: Selects a key of a secret in the pod's |
| namespace |
| properties: |
| key: |
| description: The key of the secret to select |
| from. Must be a valid secret key. |
| type: string |
| name: |
| description: 'Name of the referent. More info: |
| https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret or its |
| key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| resources: |
| description: Resources optional compute resource requirements |
| for the builder |
| properties: |
| claims: |
| description: "Claims lists the names of resources, defined |
| in spec.resourceClaims, that are used by this container. |
| \n This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. \n This field |
| is immutable. It can only be set for containers." |
| items: |
| description: ResourceClaim references one entry in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: Name must match the name of one entry |
| in pod.spec.resourceClaims of the Pod where this |
| field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the maximum amount of compute |
| resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes the minimum amount of |
| compute resources required. If Requests is omitted for |
| a container, it defaults to Limits if that is explicitly |
| specified, otherwise to an implementation-defined value. |
| Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| timeout: |
| description: Timeout defines the Build maximum execution duration. |
| The Build deadline is set to the Build start time plus the |
| Timeout duration. If the Build deadline is exceeded, the |
| Build context is canceled, and its phase set to BuildPhaseFailed. |
| format: duration |
| type: string |
| type: object |
| type: object |
| devMode: |
| description: DevMode Attributes for running workflows in devmode (immutable, |
| no build required) |
| properties: |
| baseImage: |
| description: Base image to run the Workflow in dev mode instead |
| of the operator's default. |
| type: string |
| type: object |
| persistence: |
| description: Persistence defines the platform persistence configuration. |
| When this field is set, the configuration is used as the persistence |
| for platform services and SonataFlow instances that don't provide |
| one of their own. |
| maxProperties: 1 |
| properties: |
| postgresql: |
| description: Connect configured services to a postgresql database. |
| maxProperties: 2 |
| minProperties: 2 |
| properties: |
| jdbcUrl: |
| description: PostgreSql JDBC URL. Mutually exclusive to serviceRef. |
| e.g. "jdbc:postgresql://host:port/database?currentSchema=data-index-service" |
| type: string |
| secretRef: |
| description: Secret reference to the database user credentials |
| properties: |
| name: |
| description: Name of the postgresql credentials secret. |
| type: string |
| passwordKey: |
| description: Defaults to POSTGRESQL_PASSWORD |
| type: string |
| userKey: |
| description: Defaults to POSTGRESQL_USER |
| type: string |
| required: |
| - name |
| type: object |
| serviceRef: |
| description: Service reference to postgresql datasource. Mutually |
| exclusive to jdbcUrl. |
| properties: |
| databaseName: |
| description: Name of postgresql database to be used. Defaults |
| to "sonataflow" |
| type: string |
| name: |
| description: Name of the postgresql k8s service. |
| type: string |
| namespace: |
| description: Namespace of the postgresql k8s service. |
| Defaults to the SonataFlowPlatform's local namespace. |
| type: string |
| port: |
| description: Port to use when connecting to the postgresql |
| k8s service. Defaults to 5432. |
| type: integer |
| required: |
| - name |
| type: object |
| required: |
| - secretRef |
| type: object |
| type: object |
| properties: |
| description: "Properties defines the property set for a given actor |
| in the current context. For example, the workflow managed properties. |
| One can define here a set of properties for SonataFlow deployments |
| that will be reused across every workflow deployment. \n These properties |
| MAY NOT be propagated to a SonataFlowClusterPlatform since PropertyVarSource |
| can only refer local context sources." |
| properties: |
| flow: |
| description: Properties that will be added to the SonataFlow managed |
| configMaps in the current context. |
| items: |
| description: PropertyVar is the entry for a property set derived |
| from the Kubernetes API EnvVar. Note that the name doesn't |
| have to match C_IDENTIFIER. |
| properties: |
| name: |
| description: The property name |
| type: string |
| value: |
| description: Defaults to "". |
| type: string |
| valueFrom: |
| description: Source for the property's value. Cannot be |
| used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, kind, |
| uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap or its |
| key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| secretKeyRef: |
| description: Selects a key of a secret in the flow's |
| namespace |
| properties: |
| key: |
| description: The key of the secret to select from. Must |
| be a valid secret key. |
| type: string |
| name: |
| description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, kind, |
| uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret or its key |
| must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| type: object |
| services: |
| description: 'Services attributes for deploying supporting applications |
| like Data Index & Job Service. Only workflows without the `sonataflow.org/profile: |
| dev` annotation will be configured to use these service(s). Setting |
| this will override the use of any cluster-scoped services that might |
| be defined via `SonataFlowClusterPlatform`.' |
| properties: |
| dataIndex: |
| description: 'Deploys the Data Index service for use by workflows |
| without the `sonataflow.org/profile: dev` annotation.' |
| properties: |
| enabled: |
| description: 'Determines whether workflows without the `sonataflow.org/profile: |
| dev` annotation should be configured to use this service' |
| type: boolean |
| persistence: |
| description: Persists service to a datasource of choice. Ephemeral |
| by default. |
| maxProperties: 1 |
| properties: |
| postgresql: |
| description: Connect configured services to a postgresql |
| database. |
| maxProperties: 2 |
| minProperties: 2 |
| properties: |
| jdbcUrl: |
| description: PostgreSql JDBC URL. Mutually exclusive |
| to serviceRef. e.g. "jdbc:postgresql://host:port/database?currentSchema=data-index-service" |
| type: string |
| secretRef: |
| description: Secret reference to the database user |
| credentials |
| properties: |
| name: |
| description: Name of the postgresql credentials |
| secret. |
| type: string |
| passwordKey: |
| description: Defaults to POSTGRESQL_PASSWORD |
| type: string |
| userKey: |
| description: Defaults to POSTGRESQL_USER |
| type: string |
| required: |
| - name |
| type: object |
| serviceRef: |
| description: Service reference to postgresql datasource. |
| Mutually exclusive to jdbcUrl. |
| properties: |
| databaseName: |
| description: Name of postgresql database to be |
| used. Defaults to "sonataflow" |
| type: string |
| databaseSchema: |
| description: Schema of postgresql database to |
| be used. Defaults to "data-index-service" |
| type: string |
| name: |
| description: Name of the postgresql k8s service. |
| type: string |
| namespace: |
| description: Namespace of the postgresql k8s service. |
| Defaults to the SonataFlowPlatform's local namespace. |
| type: string |
| port: |
| description: Port to use when connecting to the |
| postgresql k8s service. Defaults to 5432. |
| type: integer |
| required: |
| - name |
| type: object |
| required: |
| - secretRef |
| type: object |
| type: object |
| podTemplate: |
| description: PodTemplate describes the deployment details |
| of this platform service instance. |
| properties: |
| activeDeadlineSeconds: |
| description: Optional duration in seconds the pod may |
| be active on the node relative to StartTime before the |
| system will actively try to mark it failed and kill |
| associated containers. Value must be a positive integer. |
| format: int64 |
| type: integer |
| affinity: |
| description: If specified, the pod's scheduling constraints |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules |
| for the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: The scheduler will prefer to schedule |
| pods to nodes that satisfy the affinity expressions |
| specified by this field, but it may choose a |
| node that violates one or more of the expressions. |
| The node that is most preferred is the one with |
| the greatest sum of weights, i.e. for each node |
| that meets all of the scheduling requirements |
| (resource request, requiredDuringScheduling |
| affinity expressions, etc.), compute a sum by |
| iterating through the elements of this field |
| and adding "weight" to the sum if the node matches |
| the corresponding matchExpressions; the node(s) |
| with the highest sum are the most preferred. |
| items: |
| description: An empty preferred scheduling term |
| matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling |
| term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated |
| with the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector |
| requirements by node's labels. |
| items: |
| description: A node selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: The label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: Represents a key's |
| relationship to a set of values. |
| Valid operators are In, NotIn, |
| Exists, DoesNotExist. Gt, and |
| Lt. |
| type: string |
| values: |
| description: An array of string |
| values. If the operator is In |
| or NotIn, the values array must |
| be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| If the operator is Gt or Lt, |
| the values array must have a |
| single element, which will be |
| interpreted as an integer. This |
| array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchFields: |
| description: A list of node selector |
| requirements by node's fields. |
| items: |
| description: A node selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: The label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: Represents a key's |
| relationship to a set of values. |
| Valid operators are In, NotIn, |
| Exists, DoesNotExist. Gt, and |
| Lt. |
| type: string |
| values: |
| description: An array of string |
| values. If the operator is In |
| or NotIn, the values array must |
| be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| If the operator is Gt or Lt, |
| the values array must have a |
| single element, which will be |
| interpreted as an integer. This |
| array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching |
| the corresponding nodeSelectorTerm, in |
| the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: If the affinity requirements specified |
| by this field are not met at scheduling time, |
| the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this |
| field cease to be met at some point during pod |
| execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod |
| from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector |
| terms. The terms are ORed. |
| items: |
| description: A null or empty node selector |
| term matches no objects. The requirements |
| of them are ANDed. The TopologySelectorTerm |
| type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector |
| requirements by node's labels. |
| items: |
| description: A node selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: The label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: Represents a key's |
| relationship to a set of values. |
| Valid operators are In, NotIn, |
| Exists, DoesNotExist. Gt, and |
| Lt. |
| type: string |
| values: |
| description: An array of string |
| values. If the operator is In |
| or NotIn, the values array must |
| be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| If the operator is Gt or Lt, |
| the values array must have a |
| single element, which will be |
| interpreted as an integer. This |
| array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchFields: |
| description: A list of node selector |
| requirements by node's fields. |
| items: |
| description: A node selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: The label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: Represents a key's |
| relationship to a set of values. |
| Valid operators are In, NotIn, |
| Exists, DoesNotExist. Gt, and |
| Lt. |
| type: string |
| values: |
| description: An array of string |
| values. If the operator is In |
| or NotIn, the values array must |
| be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| If the operator is Gt or Lt, |
| the values array must have a |
| single element, which will be |
| interpreted as an integer. This |
| array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules |
| (e.g. co-locate this pod in the same node, zone, |
| etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: The scheduler will prefer to schedule |
| pods to nodes that satisfy the affinity expressions |
| specified by this field, but it may choose a |
| node that violates one or more of the expressions. |
| The node that is most preferred is the one with |
| the greatest sum of weights, i.e. for each node |
| that meets all of the scheduling requirements |
| (resource request, requiredDuringScheduling |
| affinity expressions, etc.), compute a sum by |
| iterating through the elements of this field |
| and adding "weight" to the sum if the node has |
| pods which matches the corresponding podAffinityTerm; |
| the node(s) with the highest sum are the most |
| preferred. |
| items: |
| description: The weights of all of the matched |
| WeightedPodAffinityTerm fields are added per-node |
| to find the most preferred node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: A label query over a set |
| of resources, in this case pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is |
| a list of label selector requirements. |
| The requirements are ANDed. |
| items: |
| description: A label selector |
| requirement is a selector that |
| contains values, a key, and |
| an operator that relates the |
| key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to |
| a set of values. Valid operators |
| are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an |
| array of string values. |
| If the operator is In or |
| NotIn, the values array |
| must be non-empty. If the |
| operator is Exists or DoesNotExist, |
| the values array must be |
| empty. This array is replaced |
| during a strategic merge |
| patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map |
| of {key,value} pairs. A single |
| {key,value} in the matchLabels |
| map is equivalent to an element |
| of matchExpressions, whose key |
| field is "key", the operator is |
| "In", and the values array contains |
| only "value". The requirements |
| are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaceSelector: |
| description: A label query over the |
| set of namespaces that the term applies |
| to. The term is applied to the union |
| of the namespaces selected by this |
| field and the ones listed in the namespaces |
| field. null selector and null or empty |
| namespaces list means "this pod's |
| namespace". An empty selector ({}) |
| matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is |
| a list of label selector requirements. |
| The requirements are ANDed. |
| items: |
| description: A label selector |
| requirement is a selector that |
| contains values, a key, and |
| an operator that relates the |
| key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to |
| a set of values. Valid operators |
| are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an |
| array of string values. |
| If the operator is In or |
| NotIn, the values array |
| must be non-empty. If the |
| operator is Exists or DoesNotExist, |
| the values array must be |
| empty. This array is replaced |
| during a strategic merge |
| patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map |
| of {key,value} pairs. A single |
| {key,value} in the matchLabels |
| map is equivalent to an element |
| of matchExpressions, whose key |
| field is "key", the operator is |
| "In", and the values array contains |
| only "value". The requirements |
| are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: namespaces specifies a |
| static list of namespace names that |
| the term applies to. The term is applied |
| to the union of the namespaces listed |
| in this field and the ones selected |
| by namespaceSelector. null or empty |
| namespaces list and null namespaceSelector |
| means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| topologyKey: |
| description: This pod should be co-located |
| (affinity) or not co-located (anti-affinity) |
| with the pods matching the labelSelector |
| in the specified namespaces, where |
| co-located is defined as running on |
| a node whose value of the label with |
| key topologyKey matches that of any |
| node on which any of the selected |
| pods is running. Empty topologyKey |
| is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: weight associated with matching |
| the corresponding podAffinityTerm, in |
| the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: If the affinity requirements specified |
| by this field are not met at scheduling time, |
| the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this |
| field cease to be met at some point during pod |
| execution (e.g. due to a pod label update), |
| the system may or may not try to eventually |
| evict the pod from its node. When there are |
| multiple elements, the lists of nodes corresponding |
| to each podAffinityTerm are intersected, i.e. |
| all terms must be satisfied. |
| items: |
| description: Defines a set of pods (namely those |
| matching the labelSelector relative to the |
| given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) |
| with, where co-located is defined as running |
| on a node whose value of the label with key |
| <topologyKey> matches that of any node on |
| which a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: A label query over a set of |
| resources, in this case pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: A label selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to a set |
| of values. Valid operators are |
| In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: values is an array |
| of string values. If the operator |
| is In or NotIn, the values array |
| must be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| This array is replaced during |
| a strategic merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map of |
| {key,value} pairs. A single {key,value} |
| in the matchLabels map is equivalent |
| to an element of matchExpressions, |
| whose key field is "key", the operator |
| is "In", and the values array contains |
| only "value". The requirements are |
| ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaceSelector: |
| description: A label query over the set |
| of namespaces that the term applies to. |
| The term is applied to the union of the |
| namespaces selected by this field and |
| the ones listed in the namespaces field. |
| null selector and null or empty namespaces |
| list means "this pod's namespace". An |
| empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: A label selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to a set |
| of values. Valid operators are |
| In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: values is an array |
| of string values. If the operator |
| is In or NotIn, the values array |
| must be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| This array is replaced during |
| a strategic merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map of |
| {key,value} pairs. A single {key,value} |
| in the matchLabels map is equivalent |
| to an element of matchExpressions, |
| whose key field is "key", the operator |
| is "In", and the values array contains |
| only "value". The requirements are |
| ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: namespaces specifies a static |
| list of namespace names that the term |
| applies to. The term is applied to the |
| union of the namespaces listed in this |
| field and the ones selected by namespaceSelector. |
| null or empty namespaces list and null |
| namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| topologyKey: |
| description: This pod should be co-located |
| (affinity) or not co-located (anti-affinity) |
| with the pods matching the labelSelector |
| in the specified namespaces, where co-located |
| is defined as running on a node whose |
| value of the label with key topologyKey |
| matches that of any node on which any |
| of the selected pods is running. Empty |
| topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling |
| rules (e.g. avoid putting this pod in the same node, |
| zone, etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: The scheduler will prefer to schedule |
| pods to nodes that satisfy the anti-affinity |
| expressions specified by this field, but it |
| may choose a node that violates one or more |
| of the expressions. The node that is most preferred |
| is the one with the greatest sum of weights, |
| i.e. for each node that meets all of the scheduling |
| requirements (resource request, requiredDuringScheduling |
| anti-affinity expressions, etc.), compute a |
| sum by iterating through the elements of this |
| field and adding "weight" to the sum if the |
| node has pods which matches the corresponding |
| podAffinityTerm; the node(s) with the highest |
| sum are the most preferred. |
| items: |
| description: The weights of all of the matched |
| WeightedPodAffinityTerm fields are added per-node |
| to find the most preferred node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: A label query over a set |
| of resources, in this case pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is |
| a list of label selector requirements. |
| The requirements are ANDed. |
| items: |
| description: A label selector |
| requirement is a selector that |
| contains values, a key, and |
| an operator that relates the |
| key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to |
| a set of values. Valid operators |
| are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an |
| array of string values. |
| If the operator is In or |
| NotIn, the values array |
| must be non-empty. If the |
| operator is Exists or DoesNotExist, |
| the values array must be |
| empty. This array is replaced |
| during a strategic merge |
| patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map |
| of {key,value} pairs. A single |
| {key,value} in the matchLabels |
| map is equivalent to an element |
| of matchExpressions, whose key |
| field is "key", the operator is |
| "In", and the values array contains |
| only "value". The requirements |
| are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaceSelector: |
| description: A label query over the |
| set of namespaces that the term applies |
| to. The term is applied to the union |
| of the namespaces selected by this |
| field and the ones listed in the namespaces |
| field. null selector and null or empty |
| namespaces list means "this pod's |
| namespace". An empty selector ({}) |
| matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is |
| a list of label selector requirements. |
| The requirements are ANDed. |
| items: |
| description: A label selector |
| requirement is a selector that |
| contains values, a key, and |
| an operator that relates the |
| key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to |
| a set of values. Valid operators |
| are In, NotIn, Exists and |
| DoesNotExist. |
| type: string |
| values: |
| description: values is an |
| array of string values. |
| If the operator is In or |
| NotIn, the values array |
| must be non-empty. If the |
| operator is Exists or DoesNotExist, |
| the values array must be |
| empty. This array is replaced |
| during a strategic merge |
| patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map |
| of {key,value} pairs. A single |
| {key,value} in the matchLabels |
| map is equivalent to an element |
| of matchExpressions, whose key |
| field is "key", the operator is |
| "In", and the values array contains |
| only "value". The requirements |
| are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: namespaces specifies a |
| static list of namespace names that |
| the term applies to. The term is applied |
| to the union of the namespaces listed |
| in this field and the ones selected |
| by namespaceSelector. null or empty |
| namespaces list and null namespaceSelector |
| means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| topologyKey: |
| description: This pod should be co-located |
| (affinity) or not co-located (anti-affinity) |
| with the pods matching the labelSelector |
| in the specified namespaces, where |
| co-located is defined as running on |
| a node whose value of the label with |
| key topologyKey matches that of any |
| node on which any of the selected |
| pods is running. Empty topologyKey |
| is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: weight associated with matching |
| the corresponding podAffinityTerm, in |
| the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: If the anti-affinity requirements |
| specified by this field are not met at scheduling |
| time, the pod will not be scheduled onto the |
| node. If the anti-affinity requirements specified |
| by this field cease to be met at some point |
| during pod execution (e.g. due to a pod label |
| update), the system may or may not try to eventually |
| evict the pod from its node. When there are |
| multiple elements, the lists of nodes corresponding |
| to each podAffinityTerm are intersected, i.e. |
| all terms must be satisfied. |
| items: |
| description: Defines a set of pods (namely those |
| matching the labelSelector relative to the |
| given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) |
| with, where co-located is defined as running |
| on a node whose value of the label with key |
| <topologyKey> matches that of any node on |
| which a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: A label query over a set of |
| resources, in this case pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: A label selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to a set |
| of values. Valid operators are |
| In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: values is an array |
| of string values. If the operator |
| is In or NotIn, the values array |
| must be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| This array is replaced during |
| a strategic merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map of |
| {key,value} pairs. A single {key,value} |
| in the matchLabels map is equivalent |
| to an element of matchExpressions, |
| whose key field is "key", the operator |
| is "In", and the values array contains |
| only "value". The requirements are |
| ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaceSelector: |
| description: A label query over the set |
| of namespaces that the term applies to. |
| The term is applied to the union of the |
| namespaces selected by this field and |
| the ones listed in the namespaces field. |
| null selector and null or empty namespaces |
| list means "this pod's namespace". An |
| empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: A label selector requirement |
| is a selector that contains values, |
| a key, and an operator that relates |
| the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: operator represents |
| a key's relationship to a set |
| of values. Valid operators are |
| In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: values is an array |
| of string values. If the operator |
| is In or NotIn, the values array |
| must be non-empty. If the operator |
| is Exists or DoesNotExist, the |
| values array must be empty. |
| This array is replaced during |
| a strategic merge patch. |
| items: |
| type: string |
| type: array |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: matchLabels is a map of |
| {key,value} pairs. A single {key,value} |
| in the matchLabels map is equivalent |
| to an element of matchExpressions, |
| whose key field is "key", the operator |
| is "In", and the values array contains |
| only "value". The requirements are |
| ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: namespaces specifies a static |
| list of namespace names that the term |
| applies to. The term is applied to the |
| union of the namespaces listed in this |
| field and the ones selected by namespaceSelector. |
| null or empty namespaces list and null |
| namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| topologyKey: |
| description: This pod should be co-located |
| (affinity) or not co-located (anti-affinity) |
| with the pods matching the labelSelector |
| in the specified namespaces, where co-located |
| is defined as running on a node whose |
| value of the label with key topologyKey |
| matches that of any node on which any |
| of the selected pods is running. Empty |
| topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| type: object |
| type: object |
| automountServiceAccountToken: |
| description: AutomountServiceAccountToken indicates whether |
| a service account token should be automatically mounted. |
| type: boolean |
| container: |
| description: Container is the Kubernetes container where |
| the application should run. One can change this attribute |
| in order to override the defaults provided by the operator. |
| properties: |
| args: |
| description: 'Arguments to the entrypoint. The container |
| image''s CMD is used if this is not provided. Variable |
| references $(VAR_NAME) are expanded using the container''s |
| environment. If a variable cannot be resolved, the |
| reference in the input string will be unchanged. |
| Double $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" |
| will produce the string literal "$(VAR_NAME)". Escaped |
| references will never be expanded, regardless of |
| whether the variable exists or not. Cannot be updated. |
| More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| command: |
| description: 'Entrypoint array. Not executed within |
| a shell. The container image''s ENTRYPOINT is used |
| if this is not provided. Variable references $(VAR_NAME) |
| are expanded using the container''s environment. |
| If a variable cannot be resolved, the reference |
| in the input string will be unchanged. Double $$ |
| are reduced to a single $, which allows for escaping |
| the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will |
| produce the string literal "$(VAR_NAME)". Escaped |
| references will never be expanded, regardless of |
| whether the variable exists or not. Cannot be updated. |
| More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| env: |
| description: List of environment variables to set |
| in the container. Cannot be updated. |
| items: |
| description: EnvVar represents an environment variable |
| present in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. |
| Must be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) |
| are expanded using the previously defined |
| environment variables in the container and |
| any service environment variables. If a variable |
| cannot be resolved, the reference in the input |
| string will be unchanged. Double $$ are reduced |
| to a single $, which allows for escaping the |
| $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will |
| produce the string literal "$(VAR_NAME)". |
| Escaped references will never be expanded, |
| regardless of whether the variable exists |
| or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's |
| value. Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| fieldRef: |
| description: 'Selects a field of the pod: |
| supports metadata.name, metadata.namespace, |
| `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, |
| spec.nodeName, spec.serviceAccountName, |
| status.hostIP, status.podIP, status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema the |
| FieldPath is written in terms of, |
| defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to select |
| in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| x-kubernetes-map-type: atomic |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and requests |
| (limits.cpu, limits.memory, limits.ephemeral-storage, |
| requests.cpu, requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output format |
| of the exposed resources, defaults |
| to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| x-kubernetes-map-type: atomic |
| secretKeyRef: |
| description: Selects a key of a secret in |
| the pod's namespace |
| properties: |
| key: |
| description: The key of the secret to |
| select from. Must be a valid secret |
| key. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envFrom: |
| description: List of sources to populate environment |
| variables in the container. The keys defined within |
| a source must be a C_IDENTIFIER. All invalid keys |
| will be reported as an event when the container |
| is starting. When a key exists in multiple sources, |
| the value associated with the last source will take |
| precedence. Values defined by an Env with a duplicate |
| key will take precedence. Cannot be updated. |
| items: |
| description: EnvFromSource represents the source |
| of a set of ConfigMaps |
| properties: |
| configMapRef: |
| description: The ConfigMap to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| must be defined |
| type: boolean |
| type: object |
| x-kubernetes-map-type: atomic |
| prefix: |
| description: An optional identifier to prepend |
| to each key in the ConfigMap. Must be a C_IDENTIFIER. |
| type: string |
| secretRef: |
| description: The Secret to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| must be defined |
| type: boolean |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| type: array |
| image: |
| description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images |
| This field is optional to allow higher level config |
| management to default or override container images |
| in workload controllers like Deployments and StatefulSets.' |
| type: string |
| imagePullPolicy: |
| description: 'Image pull policy. One of Always, Never, |
| IfNotPresent. Defaults to Always if :latest tag |
| is specified, or IfNotPresent otherwise. Cannot |
| be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' |
| type: string |
| lifecycle: |
| description: Actions that the management system should |
| take in response to container lifecycle events. |
| Cannot be updated. |
| properties: |
| postStart: |
| description: 'PostStart is called immediately |
| after a container is created. If the handler |
| fails, the container is terminated and restarted |
| according to its restart policy. Other management |
| of the container blocks until the hook completes. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: Exec specifies the action to |
| take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the |
| working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to explicitly |
| call out to that shell. Exit status |
| of 0 is treated as live/healthy and |
| non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a |
| custom header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon |
| output, so case-variant names |
| will be understood as the same |
| header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: Deprecated. TCPSocket is NOT |
| supported as a LifecycleHandler and kept |
| for the backward compatibility. There are |
| no validation of this field and lifecycle |
| hooks will fail in runtime when tcp handler |
| is specified. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| preStop: |
| description: 'PreStop is called immediately before |
| a container is terminated due to an API request |
| or management event such as liveness/startup |
| probe failure, preemption, resource contention, |
| etc. The handler is not called if the container |
| crashes or exits. The Pod''s termination grace |
| period countdown begins before the PreStop hook |
| is executed. Regardless of the outcome of the |
| handler, the container will eventually terminate |
| within the Pod''s termination grace period (unless |
| delayed by finalizers). Other management of |
| the container blocks until the hook completes |
| or until the termination grace period is reached. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: Exec specifies the action to |
| take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the |
| working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to explicitly |
| call out to that shell. Exit status |
| of 0 is treated as live/healthy and |
| non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a |
| custom header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon |
| output, so case-variant names |
| will be understood as the same |
| header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: Deprecated. TCPSocket is NOT |
| supported as a LifecycleHandler and kept |
| for the backward compatibility. There are |
| no validation of this field and lifecycle |
| hooks will fail in runtime when tcp handler |
| is specified. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| type: object |
| livenessProbe: |
| description: 'Periodic probe of container liveness. |
| Container will be restarted if the probe fails. |
| Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: Exec specifies the action to take. |
| properties: |
| command: |
| description: Command is the command line to |
| execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside a |
| shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, you |
| need to explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is 1. |
| format: int32 |
| type: integer |
| grpc: |
| description: GRPC specifies an action involving |
| a GRPC port. |
| properties: |
| port: |
| description: Port number of the gRPC service. |
| Number must be in the range 1 to 65535. |
| format: int32 |
| type: integer |
| service: |
| description: "Service is the name of the service |
| to place in the gRPC HealthCheckRequest |
| (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). |
| \n If this is not specified, the default |
| behavior is defined by gRPC." |
| type: string |
| required: |
| - port |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon output, |
| so case-variant names will be understood |
| as the same header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum value |
| is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: TCPSocket specifies an action involving |
| a TCP port. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration in |
| seconds after the processes running in the pod |
| are sent a termination signal and the time when |
| the processes are forcibly halted with a kill |
| signal. Set this value longer than the expected |
| cleanup time for your process. If this value |
| is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value must |
| be non-negative integer. The value zero indicates |
| stop immediately via the kill signal (no opportunity |
| to shut down). This is a beta field and requires |
| enabling ProbeTerminationGracePeriod feature |
| gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which the |
| probe times out. Defaults to 1 second. Minimum |
| value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| ports: |
| description: List of ports to expose from the container. |
| Not specifying a port here DOES NOT prevent that |
| port from being exposed. Any port which is listening |
| on the default "0.0.0.0" address inside a container |
| will be accessible from the network. Modifying this |
| array with strategic merge patch may corrupt the |
| data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. |
| Cannot be updated. |
| items: |
| description: ContainerPort represents a network |
| port in a single container. |
| properties: |
| containerPort: |
| description: Number of port to expose on the |
| pod's IP address. This must be a valid port |
| number, 0 < x < 65536. |
| format: int32 |
| type: integer |
| hostIP: |
| description: What host IP to bind the external |
| port to. |
| type: string |
| hostPort: |
| description: Number of port to expose on the |
| host. If specified, this must be a valid port |
| number, 0 < x < 65536. If HostNetwork is specified, |
| this must match ContainerPort. Most containers |
| do not need this. |
| format: int32 |
| type: integer |
| name: |
| description: If specified, this must be an IANA_SVC_NAME |
| and unique within the pod. Each named port |
| in a pod must have a unique name. Name for |
| the port that can be referred to by services. |
| type: string |
| protocol: |
| default: TCP |
| description: Protocol for port. Must be UDP, |
| TCP, or SCTP. Defaults to "TCP". |
| type: string |
| required: |
| - containerPort |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - containerPort |
| - protocol |
| x-kubernetes-list-type: map |
| readinessProbe: |
| description: 'Periodic probe of container service |
| readiness. Container will be removed from service |
| endpoints if the probe fails. Cannot be updated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: Exec specifies the action to take. |
| properties: |
| command: |
| description: Command is the command line to |
| execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside a |
| shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, you |
| need to explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is 1. |
| format: int32 |
| type: integer |
| grpc: |
| description: GRPC specifies an action involving |
| a GRPC port. |
| properties: |
| port: |
| description: Port number of the gRPC service. |
| Number must be in the range 1 to 65535. |
| format: int32 |
| type: integer |
| service: |
| description: "Service is the name of the service |
| to place in the gRPC HealthCheckRequest |
| (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). |
| \n If this is not specified, the default |
| behavior is defined by gRPC." |
| type: string |
| required: |
| - port |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon output, |
| so case-variant names will be understood |
| as the same header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum value |
| is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: TCPSocket specifies an action involving |
| a TCP port. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration in |
| seconds after the processes running in the pod |
| are sent a termination signal and the time when |
| the processes are forcibly halted with a kill |
| signal. Set this value longer than the expected |
| cleanup time for your process. If this value |
| is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value must |
| be non-negative integer. The value zero indicates |
| stop immediately via the kill signal (no opportunity |
| to shut down). This is a beta field and requires |
| enabling ProbeTerminationGracePeriod feature |
| gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which the |
| probe times out. Defaults to 1 second. Minimum |
| value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| resizePolicy: |
| description: Resources resize policy for the container. |
| items: |
| description: ContainerResizePolicy represents resource |
| resize policy for the container. |
| properties: |
| resourceName: |
| description: 'Name of the resource to which |
| this resource resize policy applies. Supported |
| values: cpu, memory.' |
| type: string |
| restartPolicy: |
| description: Restart policy to apply when specified |
| resource is resized. If not specified, it |
| defaults to NotRequired. |
| type: string |
| required: |
| - resourceName |
| - restartPolicy |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| resources: |
| description: 'Compute Resources required by this container. |
| Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| properties: |
| claims: |
| description: "Claims lists the names of resources, |
| defined in spec.resourceClaims, that are used |
| by this container. \n This is an alpha field |
| and requires enabling the DynamicResourceAllocation |
| feature gate. \n This field is immutable. It |
| can only be set for containers." |
| items: |
| description: ResourceClaim references one entry |
| in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: Name must match the name of |
| one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes |
| that resource available inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Limits describes the maximum amount |
| of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: 'Requests describes the minimum amount |
| of compute resources required. If Requests is |
| omitted for a container, it defaults to Limits |
| if that is explicitly specified, otherwise to |
| an implementation-defined value. Requests cannot |
| exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' |
| type: object |
| type: object |
| securityContext: |
| description: 'SecurityContext defines the security |
| options the container should be run with. If set, |
| the fields of SecurityContext override the equivalent |
| fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' |
| properties: |
| allowPrivilegeEscalation: |
| description: 'AllowPrivilegeEscalation controls |
| whether a process can gain more privileges than |
| its parent process. This bool directly controls |
| if the no_new_privs flag will be set on the |
| container process. AllowPrivilegeEscalation |
| is true always when the container is: 1) run |
| as Privileged 2) has CAP_SYS_ADMIN Note that |
| this field cannot be set when spec.os.name is |
| windows.' |
| type: boolean |
| capabilities: |
| description: The capabilities to add/drop when |
| running containers. Defaults to the default |
| set of capabilities granted by the container |
| runtime. Note that this field cannot be set |
| when spec.os.name is windows. |
| properties: |
| add: |
| description: Added capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| drop: |
| description: Removed capabilities |
| items: |
| description: Capability represent POSIX |
| capabilities type |
| type: string |
| type: array |
| type: object |
| privileged: |
| description: Run container in privileged mode. |
| Processes in privileged containers are essentially |
| equivalent to root on the host. Defaults to |
| false. Note that this field cannot be set when |
| spec.os.name is windows. |
| type: boolean |
| procMount: |
| description: procMount denotes the type of proc |
| mount to use for the containers. The default |
| is DefaultProcMount which uses the container |
| runtime defaults for readonly paths and masked |
| paths. This requires the ProcMountType feature |
| flag to be enabled. Note that this field cannot |
| be set when spec.os.name is windows. |
| type: string |
| readOnlyRootFilesystem: |
| description: Whether this container has a read-only |
| root filesystem. Default is false. Note that |
| this field cannot be set when spec.os.name is |
| windows. |
| type: boolean |
| runAsGroup: |
| description: The GID to run the entrypoint of |
| the container process. Uses runtime default |
| if unset. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. Note that this field cannot be set |
| when spec.os.name is windows. |
| format: int64 |
| type: integer |
| runAsNonRoot: |
| description: Indicates that the container must |
| run as a non-root user. If true, the Kubelet |
| will validate the image at runtime to ensure |
| that it does not run as UID 0 (root) and fail |
| to start the container if it does. If unset |
| or false, no such validation will be performed. |
| May also be set in PodSecurityContext. If set |
| in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. |
| type: boolean |
| runAsUser: |
| description: The UID to run the entrypoint of |
| the container process. Defaults to user specified |
| in image metadata if unspecified. May also be |
| set in PodSecurityContext. If set in both SecurityContext |
| and PodSecurityContext, the value specified |
| in SecurityContext takes precedence. Note that |
| this field cannot be set when spec.os.name is |
| windows. |
| format: int64 |
| type: integer |
| seLinuxOptions: |
| description: The SELinux context to be applied |
| to the container. If unspecified, the container |
| runtime will allocate a random SELinux context |
| for each container. May also be set in PodSecurityContext. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. Note that this field cannot be set |
| when spec.os.name is windows. |
| properties: |
| level: |
| description: Level is SELinux level label |
| that applies to the container. |
| type: string |
| role: |
| description: Role is a SELinux role label |
| that applies to the container. |
| type: string |
| type: |
| description: Type is a SELinux type label |
| that applies to the container. |
| type: string |
| user: |
| description: User is a SELinux user label |
| that applies to the container. |
| type: string |
| type: object |
| seccompProfile: |
| description: The seccomp options to use by this |
| container. If seccomp options are provided at |
| both the pod & container level, the container |
| options override the pod options. Note that |
| this field cannot be set when spec.os.name is |
| windows. |
| properties: |
| localhostProfile: |
| description: localhostProfile indicates a |
| profile defined in a file on the node should |
| be used. The profile must be preconfigured |
| on the node to work. Must be a descending |
| path, relative to the kubelet's configured |
| seccomp profile location. Must only be set |
| if type is "Localhost". |
| type: string |
| type: |
| description: "type indicates which kind of |
| seccomp profile will be applied. Valid options |
| are: \n Localhost - a profile defined in |
| a file on the node should be used. RuntimeDefault |
| - the container runtime default profile |
| should be used. Unconfined - no profile |
| should be applied." |
| type: string |
| required: |
| - type |
| type: object |
| windowsOptions: |
| description: The Windows specific settings applied |
| to all containers. If unspecified, the options |
| from the PodSecurityContext will be used. If |
| set in both SecurityContext and PodSecurityContext, |
| the value specified in SecurityContext takes |
| precedence. Note that this field cannot be set |
| when spec.os.name is linux. |
| properties: |
| gmsaCredentialSpec: |
| description: GMSACredentialSpec is where the |
| GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) |
| inlines the contents of the GMSA credential |
| spec named by the GMSACredentialSpecName |
| field. |
| type: string |
| gmsaCredentialSpecName: |
| description: GMSACredentialSpecName is the |
| name of the GMSA credential spec to use. |
| type: string |
| hostProcess: |
| description: HostProcess determines if a container |
| should be run as a 'Host Process' container. |
| This field is alpha-level and will only |
| be honored by components that enable the |
| WindowsHostProcessContainers feature flag. |
| Setting this field without the feature flag |
| will result in errors when validating the |
| Pod. All of a Pod's containers must have |
| the same effective HostProcess value (it |
| is not allowed to have a mix of HostProcess |
| containers and non-HostProcess containers). In |
| addition, if HostProcess is true then HostNetwork |
| must also be set to true. |
| type: boolean |
| runAsUserName: |
| description: The UserName in Windows to run |
| the entrypoint of the container process. |
| Defaults to the user specified in image |
| metadata if unspecified. May also be set |
| in PodSecurityContext. If set in both SecurityContext |
| and PodSecurityContext, the value specified |
| in SecurityContext takes precedence. |
| type: string |
| type: object |
| type: object |
| startupProbe: |
| description: 'StartupProbe indicates that the Pod |
| has successfully initialized. If specified, no other |
| probes are executed until this completes successfully. |
| If this probe fails, the Pod will be restarted, |
| just as if the livenessProbe failed. This can be |
| used to provide different probe parameters at the |
| beginning of a Pod''s lifecycle, when it might take |
| a long time to load data or warm a cache, than during |
| steady-state operation. This cannot be updated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: Exec specifies the action to take. |
| properties: |
| command: |
| description: Command is the command line to |
| execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside a |
| shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, you |
| need to explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is 1. |
| format: int32 |
| type: integer |
| grpc: |
| description: GRPC specifies an action involving |
| a GRPC port. |
| properties: |
| port: |
| description: Port number of the gRPC service. |
| Number must be in the range 1 to 65535. |
| format: int32 |
| type: integer |
| service: |
| description: "Service is the name of the service |
| to place in the gRPC HealthCheckRequest |
| (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). |
| \n If this is not specified, the default |
| behavior is defined by gRPC." |
| type: string |
| required: |
| - port |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon output, |
| so case-variant names will be understood |
| as the same header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum value |
| is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: TCPSocket specifies an action involving |
| a TCP port. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port to |
| access on the container. Number must be |
| in the range 1 to 65535. Name must be an |
| IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration in |
| seconds after the processes running in the pod |
| are sent a termination signal and the time when |
| the processes are forcibly halted with a kill |
| signal. Set this value longer than the expected |
| cleanup time for your process. If this value |
| is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value must |
| be non-negative integer. The value zero indicates |
| stop immediately via the kill signal (no opportunity |
| to shut down). This is a beta field and requires |
| enabling ProbeTerminationGracePeriod feature |
| gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which the |
| probe times out. Defaults to 1 second. Minimum |
| value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| stdin: |
| description: Whether this container should allocate |
| a buffer for stdin in the container runtime. If |
| this is not set, reads from stdin in the container |
| will always result in EOF. Default is false. |
| type: boolean |
| stdinOnce: |
| description: Whether the container runtime should |
| close the stdin channel after it has been opened |
| by a single attach. When stdin is true the stdin |
| stream will remain open across multiple attach sessions. |
| If stdinOnce is set to true, stdin is opened on |
| container start, is empty until the first client |
| attaches to stdin, and then remains open and accepts |
| data until the client disconnects, at which time |
| stdin is closed and remains closed until the container |
| is restarted. If this flag is false, a container |
| processes that reads from stdin will never receive |
| an EOF. Default is false |
| type: boolean |
| terminationMessagePath: |
| description: 'Optional: Path at which the file to |
| which the container''s termination message will |
| be written is mounted into the container''s filesystem. |
| Message written is intended to be brief final status, |
| such as an assertion failure message. Will be truncated |
| by the node if greater than 4096 bytes. The total |
| message length across all containers will be limited |
| to 12kb. Defaults to /dev/termination-log. Cannot |
| be updated.' |
| type: string |
| terminationMessagePolicy: |
| description: Indicate how the termination message |
| should be populated. File will use the contents |
| of terminationMessagePath to populate the container |
| status message on both success and failure. FallbackToLogsOnError |
| will use the last chunk of container log output |
| if the termination message file is empty and the |
| container exited with an error. The log output is |
| limited to 2048 bytes or 80 lines, whichever is |
| smaller. Defaults to File. Cannot be updated. |
| type: string |
| tty: |
| description: Whether this container should allocate |
| a TTY for itself, also requires 'stdin' to be true. |
| Default is false. |
| type: boolean |
| volumeDevices: |
| description: volumeDevices is the list of block devices |
| to be used by the container. |
| items: |
| description: volumeDevice describes a mapping of |
| a raw block device within a container. |
| properties: |
| devicePath: |
| description: devicePath is the path inside of |
| the container that the device will be mapped |
| to. |
| type: string |
| name: |
| description: name must match the name of a persistentVolumeClaim |
| in the pod |
| type: string |
| required: |
| - devicePath |
| - name |
| type: object |
| type: array |
| volumeMounts: |
| description: Pod volumes to mount into the container's |
| filesystem. Cannot be updated. |
| items: |
| description: VolumeMount describes a mounting of |
| a Volume within a container. |
| properties: |
| mountPath: |
| description: Path within the container at which |
| the volume should be mounted. Must not contain |
| ':'. |
| type: string |
| mountPropagation: |
| description: mountPropagation determines how |
| mounts are propagated from the host to container |
| and the other way around. When not set, MountPropagationNone |
| is used. This field is beta in 1.10. |
| type: string |
| name: |
| description: This must match the Name of a Volume. |
| type: string |
| readOnly: |
| description: Mounted read-only if true, read-write |
| otherwise (false or unspecified). Defaults |
| to false. |
| type: boolean |
| subPath: |
| description: Path within the volume from which |
| the container's volume should be mounted. |
| Defaults to "" (volume's root). |
| type: string |
| subPathExpr: |
| description: Expanded path within the volume |
| from which the container's volume should be |
| mounted. Behaves similarly to SubPath but |
| environment variable references $(VAR_NAME) |
| are expanded using the container's environment. |
| Defaults to "" (volume's root). SubPathExpr |
| and SubPath are mutually exclusive. |
| type: string |
| required: |
| - mountPath |
| - name |
| type: object |
| type: array |
| type: object |
| containers: |
| description: List of containers belonging to the pod. |
| Containers cannot currently be added or removed. There |
| must be at least one container in a Pod. Cannot be updated. |
| items: |
| description: A single application container that you |
| want to run within a pod. |
| properties: |
| args: |
| description: 'Arguments to the entrypoint. The container |
| image''s CMD is used if this is not provided. |
| Variable references $(VAR_NAME) are expanded using |
| the container''s environment. If a variable cannot |
| be resolved, the reference in the input string |
| will be unchanged. Double $$ are reduced to a |
| single $, which allows for escaping the $(VAR_NAME) |
| syntax: i.e. "$$(VAR_NAME)" will produce the string |
| literal "$(VAR_NAME)". Escaped references will |
| never be expanded, regardless of whether the variable |
| exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| command: |
| description: 'Entrypoint array. Not executed within |
| a shell. The container image''s ENTRYPOINT is |
| used if this is not provided. Variable references |
| $(VAR_NAME) are expanded using the container''s |
| environment. If a variable cannot be resolved, |
| the reference in the input string will be unchanged. |
| Double $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" |
| will produce the string literal "$(VAR_NAME)". |
| Escaped references will never be expanded, regardless |
| of whether the variable exists or not. Cannot |
| be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' |
| items: |
| type: string |
| type: array |
| env: |
| description: List of environment variables to set |
| in the container. Cannot be updated. |
| items: |
| description: EnvVar represents an environment |
| variable present in a Container. |
| properties: |
| name: |
| description: Name of the environment variable. |
| Must be a C_IDENTIFIER. |
| type: string |
| value: |
| description: 'Variable references $(VAR_NAME) |
| are expanded using the previously defined |
| environment variables in the container and |
| any service environment variables. If a |
| variable cannot be resolved, the reference |
| in the input string will be unchanged. Double |
| $$ are reduced to a single $, which allows |
| for escaping the $(VAR_NAME) syntax: i.e. |
| "$$(VAR_NAME)" will produce the string literal |
| "$(VAR_NAME)". Escaped references will never |
| be expanded, regardless of whether the variable |
| exists or not. Defaults to "".' |
| type: string |
| valueFrom: |
| description: Source for the environment variable's |
| value. Cannot be used if value is not empty. |
| properties: |
| configMapKeyRef: |
| description: Selects a key of a ConfigMap. |
| properties: |
| key: |
| description: The key to select. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| fieldRef: |
| description: 'Selects a field of the pod: |
| supports metadata.name, metadata.namespace, |
| `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, |
| spec.nodeName, spec.serviceAccountName, |
| status.hostIP, status.podIP, status.podIPs.' |
| properties: |
| apiVersion: |
| description: Version of the schema |
| the FieldPath is written in terms |
| of, defaults to "v1". |
| type: string |
| fieldPath: |
| description: Path of the field to |
| select in the specified API version. |
| type: string |
| required: |
| - fieldPath |
| type: object |
| x-kubernetes-map-type: atomic |
| resourceFieldRef: |
| description: 'Selects a resource of the |
| container: only resources limits and |
| requests (limits.cpu, limits.memory, |
| limits.ephemeral-storage, requests.cpu, |
| requests.memory and requests.ephemeral-storage) |
| are currently supported.' |
| properties: |
| containerName: |
| description: 'Container name: required |
| for volumes, optional for env vars' |
| type: string |
| divisor: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Specifies the output |
| format of the exposed resources, |
| defaults to "1" |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| resource: |
| description: 'Required: resource to |
| select' |
| type: string |
| required: |
| - resource |
| type: object |
| x-kubernetes-map-type: atomic |
| secretKeyRef: |
| description: Selects a key of a secret |
| in the pod's namespace |
| properties: |
| key: |
| description: The key of the secret |
| to select from. Must be a valid |
| secret key. |
| type: string |
| name: |
| description: 'Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| or its key must be defined |
| type: boolean |
| required: |
| - key |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| required: |
| - name |
| type: object |
| type: array |
| envFrom: |
| description: List of sources to populate environment |
| variables in the container. The keys defined within |
| a source must be a C_IDENTIFIER. All invalid keys |
| will be reported as an event when the container |
| is starting. When a key exists in multiple sources, |
| the value associated with the last source will |
| take precedence. Values defined by an Env with |
| a duplicate key will take precedence. Cannot be |
| updated. |
| items: |
| description: EnvFromSource represents the source |
| of a set of ConfigMaps |
| properties: |
| configMapRef: |
| description: The ConfigMap to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the ConfigMap |
| must be defined |
| type: boolean |
| type: object |
| x-kubernetes-map-type: atomic |
| prefix: |
| description: An optional identifier to prepend |
| to each key in the ConfigMap. Must be a |
| C_IDENTIFIER. |
| type: string |
| secretRef: |
| description: The Secret to select from |
| properties: |
| name: |
| description: 'Name of the referent. More |
| info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, |
| kind, uid?' |
| type: string |
| optional: |
| description: Specify whether the Secret |
| must be defined |
| type: boolean |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| type: array |
| image: |
| description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images |
| This field is optional to allow higher level config |
| management to default or override container images |
| in workload controllers like Deployments and StatefulSets.' |
| type: string |
| imagePullPolicy: |
| description: 'Image pull policy. One of Always, |
| Never, IfNotPresent. Defaults to Always if :latest |
| tag is specified, or IfNotPresent otherwise. Cannot |
| be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' |
| type: string |
| lifecycle: |
| description: Actions that the management system |
| should take in response to container lifecycle |
| events. Cannot be updated. |
| properties: |
| postStart: |
| description: 'PostStart is called immediately |
| after a container is created. If the handler |
| fails, the container is terminated and restarted |
| according to its restart policy. Other management |
| of the container blocks until the hook completes. |
| More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: Exec specifies the action to |
| take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name. This will be canonicalized |
| upon output, so case-variant |
| names will be understood as |
| the same header. |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: Deprecated. TCPSocket is NOT |
| supported as a LifecycleHandler and kept |
| for the backward compatibility. There |
| are no validation of this field and lifecycle |
| hooks will fail in runtime when tcp handler |
| is specified. |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| preStop: |
| description: 'PreStop is called immediately |
| before a container is terminated due to an |
| API request or management event such as liveness/startup |
| probe failure, preemption, resource contention, |
| etc. The handler is not called if the container |
| crashes or exits. The Pod''s termination grace |
| period countdown begins before the PreStop |
| hook is executed. Regardless of the outcome |
| of the handler, the container will eventually |
| terminate within the Pod''s termination grace |
| period (unless delayed by finalizers). Other |
| management of the container blocks until the |
| hook completes or until the termination grace |
| period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' |
| properties: |
| exec: |
| description: Exec specifies the action to |
| take. |
| properties: |
| command: |
| description: Command is the command |
| line to execute inside the container, |
| the working directory for the command is |
| root ('/') in the container's filesystem. |
| The command is simply exec'd, it is |
| not run inside a shell, so traditional |
| shell instructions ('|', etc) won't |
| work. To use a shell, you need to |
| explicitly call out to that shell. |
| Exit status of 0 is treated as live/healthy |
| and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http |
| request to perform. |
| properties: |
| host: |
| description: Host name to connect to, |
| defaults to the pod IP. You probably |
| want to set "Host" in httpHeaders |
| instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in |
| the request. HTTP allows repeated |
| headers. |
| items: |
| description: HTTPHeader describes |
| a custom header to be used in HTTP |
| probes |
| properties: |
| name: |
| description: The header field |
| name. This will be canonicalized |
| upon output, so case-variant |
| names will be understood as |
| the same header. |
| type: string |
| value: |
| description: The header field |
| value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| tcpSocket: |
| description: Deprecated. TCPSocket is NOT |
| supported as a LifecycleHandler and kept |
| for the backward compatibility. There |
| are no validation of this field and lifecycle |
| hooks will fail in runtime when tcp handler |
| is specified. |
| properties: |
| host: |
| description: 'Optional: Host name to |
| connect to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number |
| must be in the range 1 to 65535. Name |
| must be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| type: object |
| type: object |
| livenessProbe: |
| description: 'Periodic probe of container liveness. |
| Container will be restarted if the probe fails. |
| Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: Exec specifies the action to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| grpc: |
| description: GRPC specifies an action involving |
| a GRPC port. |
| properties: |
| port: |
| description: Port number of the gRPC service. |
| Number must be in the range 1 to 65535. |
| format: int32 |
| type: integer |
| service: |
| description: "Service is the name of the |
| service to place in the gRPC HealthCheckRequest |
| (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). |
| \n If this is not specified, the default |
| behavior is defined by gRPC." |
| type: string |
| required: |
| - port |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in httpHeaders instead. |
| type: string |
| httpHeaders: |
| description: Custom headers to set in the |
| request. HTTP allows repeated headers. |
| items: |
| description: HTTPHeader describes a custom |
| header to be used in HTTP probes |
| properties: |
| name: |
| description: The header field name. |
| This will be canonicalized upon |
| output, so case-variant names will |
| be understood as the same header. |
| type: string |
| value: |
| description: The header field value |
| type: string |
| required: |
| - name |
| - value |
| type: object |
| type: array |
| path: |
| description: Path to access on the HTTP |
| server. |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Name or number of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| scheme: |
| description: Scheme to use for connecting |
| to the host. Defaults to HTTP. |
| type: string |
| required: |
| - port |
| type: object |
| initialDelaySeconds: |
| description: 'Number of seconds after the container |
| has started before liveness probes are initiated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| periodSeconds: |
| description: How often (in seconds) to perform |
| the probe. Default to 10 seconds. Minimum |
| value is 1. |
| format: int32 |
| type: integer |
| successThreshold: |
| description: Minimum consecutive successes for |
| the probe to be considered successful after |
| having failed. Defaults to 1. Must be 1 for |
| liveness and startup. Minimum value is 1. |
| format: int32 |
| type: integer |
| tcpSocket: |
| description: TCPSocket specifies an action involving |
| a TCP port. |
| properties: |
| host: |
| description: 'Optional: Host name to connect |
| to, defaults to the pod IP.' |
| type: string |
| port: |
| anyOf: |
| - type: integer |
| - type: string |
| description: Number or name of the port |
| to access on the container. Number must |
| be in the range 1 to 65535. Name must |
| be an IANA_SVC_NAME. |
| x-kubernetes-int-or-string: true |
| required: |
| - port |
| type: object |
| terminationGracePeriodSeconds: |
| description: Optional duration in seconds the |
| pod needs to terminate gracefully upon probe |
| failure. The grace period is the duration |
| in seconds after the processes running in |
| the pod are sent a termination signal and |
| the time when the processes are forcibly halted |
| with a kill signal. Set this value longer |
| than the expected cleanup time for your process. |
| If this value is nil, the pod's terminationGracePeriodSeconds |
| will be used. Otherwise, this value overrides |
| the value provided by the pod spec. Value |
| must be non-negative integer. The value zero |
| indicates stop immediately via the kill signal |
| (no opportunity to shut down). This is a beta |
| field and requires enabling ProbeTerminationGracePeriod |
| feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds |
| is used if unset. |
| format: int64 |
| type: integer |
| timeoutSeconds: |
| description: 'Number of seconds after which |
| the probe times out. Defaults to 1 second. |
| Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| format: int32 |
| type: integer |
| type: object |
| name: |
| description: Name of the container specified as |
| a DNS_LABEL. Each container in a pod must have |
| a unique name (DNS_LABEL). Cannot be updated. |
| type: string |
| ports: |
| description: List of ports to expose from the container. |
| Not specifying a port here DOES NOT prevent that |
| port from being exposed. Any port which is listening |
| on the default "0.0.0.0" address inside a container |
| will be accessible from the network. Modifying |
| this array with strategic merge patch may corrupt |
| the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. |
| Cannot be updated. |
| items: |
| description: ContainerPort represents a network |
| port in a single container. |
| properties: |
| containerPort: |
| description: Number of port to expose on the |
| pod's IP address. This must be a valid port |
| number, 0 < x < 65536. |
| format: int32 |
| type: integer |
| hostIP: |
| description: What host IP to bind the external |
| port to. |
| type: string |
| hostPort: |
| description: Number of port to expose on the |
| host. If specified, this must be a valid |
| port number, 0 < x < 65536. If HostNetwork |
| is specified, this must match ContainerPort. |
| Most containers do not need this. |
| format: int32 |
| type: integer |
| name: |
| description: If specified, this must be an |
| IANA_SVC_NAME and unique within the pod. |
| Each named port in a pod must have a unique |
| name. Name for the port that can be referred |
| to by services. |
| type: string |
| protocol: |
| default: TCP |
| description: Protocol for port. Must be UDP, |
| TCP, or SCTP. Defaults to "TCP". |
| type: string |
| required: |
| - containerPort |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - containerPort |
| - protocol |
| x-kubernetes-list-type: map |
| readinessProbe: |
| description: 'Periodic probe of container service |
| readiness. Container will be removed from service |
| endpoints if the probe fails. Cannot be updated. |
| More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' |
| properties: |
| exec: |
| description: Exec specifies the action to take. |
| properties: |
| command: |
| description: Command is the command line |
| to execute inside the container, the working |
| directory for the command is root ('/') |
| in the container's filesystem. The command |
| is simply exec'd, it is not run inside |
| a shell, so traditional shell instructions |
| ('|', etc) won't work. To use a shell, |
| you need to explicitly call out to that |
| shell. Exit status of 0 is treated as |
| live/healthy and non-zero is unhealthy. |
| items: |
| type: string |
| type: array |
| type: object |
| failureThreshold: |
| description: Minimum consecutive failures for |
| the probe to be considered failed after having |
| succeeded. Defaults to 3. Minimum value is |
| 1. |
| format: int32 |
| type: integer |
| grpc: |
| description: GRPC specifies an action involving |
| a GRPC port. |
| properties: |
| port: |
| description: Port number of the gRPC service. |
| Number must be in the range 1 to 65535. |
| format: int32 |
| type: integer |
| service: |
| description: "Service is the name of the |
| service to place in the gRPC HealthCheckRequest |
| (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). |
| \n If this is not specified, the default |
| behavior is defined by gRPC." |
| type: string |
| required: |
| - port |
| type: object |
| httpGet: |
| description: HTTPGet specifies the http request |
| to perform. |
| properties: |
| host: |
| description: Host name to connect to, defaults |
| to the pod IP. You probably want to set |
| "Host" in ht
|