this repo has no description
techaro.lol
1apiVersion: v1
2kind: Namespace
3metadata:
4 labels:
5 control-plane: controller-manager
6 name: tor-controller-system
7---
8apiVersion: apiextensions.k8s.io/v1
9kind: CustomResourceDefinition
10metadata:
11 annotations:
12 controller-gen.kubebuilder.io/version: v0.11.1
13 creationTimestamp: null
14 name: onionbalancedservices.tor.k8s.torproject.org
15spec:
16 group: tor.k8s.torproject.org
17 names:
18 kind: OnionBalancedService
19 listKind: OnionBalancedServiceList
20 plural: onionbalancedservices
21 shortNames:
22 - onionha
23 - oha
24 - obs
25 singular: onionbalancedservice
26 scope: Namespaced
27 versions:
28 - additionalPrinterColumns:
29 - jsonPath: .status.hostname
30 name: Hostname
31 type: string
32 - jsonPath: .spec.backends
33 name: Backends
34 type: string
35 - jsonPath: .metadata.creationTimestamp
36 name: Age
37 type: date
38 name: v1alpha2
39 schema:
40 openAPIV3Schema:
41 description: OnionBalancedService is the Schema for the onionbalancedservices API.
42 properties:
43 apiVersion:
44 description: APIVersion defines the versioned schema of this representation of an object.
45 type: string
46 kind:
47 description: Kind is a string value representing the REST resource this object represents.
48 type: string
49 metadata:
50 type: object
51 spec:
52 description: OnionBalancedServiceSpec defines the desired state of OnionBalancedService.
53 properties:
54 backends:
55 format: int32
56 maximum: 8
57 minimum: 1
58 type: integer
59 balancerTemplate:
60 description: Template describes the balancer daemon pods that will be created.
61 properties:
62 balancerResources:
63 description: Default resources for onionbalance containers
64 properties:
65 limits:
66 additionalProperties:
67 anyOf:
68 - type: integer
69 - type: string
70 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
71 x-kubernetes-int-or-string: true
72 description: Limits describes the maximum amount of compute resources allowed.
73 type: object
74 requests:
75 additionalProperties:
76 anyOf:
77 - type: integer
78 - type: string
79 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
80 x-kubernetes-int-or-string: true
81 description: Requests describes the minimum amount of compute resources required.
82 type: object
83 type: object
84 metadata:
85 description: Metadata of the pods created from this template.
86 type: object
87 spec:
88 description: Spec defines the behavior of a pod.
89 properties:
90 activeDeadlineSeconds:
91 description: Optional duration in seconds the pod may be active on the node relative to Start
92 format: int64
93 type: integer
94 affinity:
95 description: If specified, the pod's scheduling constraints
96 properties:
97 nodeAffinity:
98 description: Describes node affinity scheduling rules for the pod.
99 properties:
100 preferredDuringSchedulingIgnoredDuringExecution:
101 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
102 items:
103 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i
104 properties:
105 preference:
106 description: A node selector term, associated with the corresponding weight.
107 properties:
108 matchExpressions:
109 description: A list of node selector requirements by node's labels.
110 items:
111 description: A node selector requirement is a selector that contains values, a key, and an op
112 properties:
113 key:
114 description: The label key that the selector applies to.
115 type: string
116 operator:
117 description: Represents a key's relationship to a set of values.
118 type: string
119 values:
120 description: An array of string values.
121 items:
122 type: string
123 type: array
124 required:
125 - key
126 - operator
127 type: object
128 type: array
129 matchFields:
130 description: A list of node selector requirements by node's fields.
131 items:
132 description: A node selector requirement is a selector that contains values, a key, and an op
133 properties:
134 key:
135 description: The label key that the selector applies to.
136 type: string
137 operator:
138 description: Represents a key's relationship to a set of values.
139 type: string
140 values:
141 description: An array of string values.
142 items:
143 type: string
144 type: array
145 required:
146 - key
147 - operator
148 type: object
149 type: array
150 type: object
151 x-kubernetes-map-type: atomic
152 weight:
153 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range
154 format: int32
155 type: integer
156 required:
157 - preference
158 - weight
159 type: object
160 type: array
161 requiredDuringSchedulingIgnoredDuringExecution:
162 description: If the affinity requirements specified by this field are not met at scheduling t
163 properties:
164 nodeSelectorTerms:
165 description: Required. A list of node selector terms. The terms are ORed.
166 items:
167 description: A null or empty node selector term matches no objects.
168 properties:
169 matchExpressions:
170 description: A list of node selector requirements by node's labels.
171 items:
172 description: A node selector requirement is a selector that contains values, a key, and an op
173 properties:
174 key:
175 description: The label key that the selector applies to.
176 type: string
177 operator:
178 description: Represents a key's relationship to a set of values.
179 type: string
180 values:
181 description: An array of string values.
182 items:
183 type: string
184 type: array
185 required:
186 - key
187 - operator
188 type: object
189 type: array
190 matchFields:
191 description: A list of node selector requirements by node's fields.
192 items:
193 description: A node selector requirement is a selector that contains values, a key, and an op
194 properties:
195 key:
196 description: The label key that the selector applies to.
197 type: string
198 operator:
199 description: Represents a key's relationship to a set of values.
200 type: string
201 values:
202 description: An array of string values.
203 items:
204 type: string
205 type: array
206 required:
207 - key
208 - operator
209 type: object
210 type: array
211 type: object
212 x-kubernetes-map-type: atomic
213 type: array
214 required:
215 - nodeSelectorTerms
216 type: object
217 x-kubernetes-map-type: atomic
218 type: object
219 podAffinity:
220 description: Describes pod affinity scheduling rules (e.g.
221 properties:
222 preferredDuringSchedulingIgnoredDuringExecution:
223 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
224 items:
225 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
226 properties:
227 podAffinityTerm:
228 description: Required. A pod affinity term, associated with the corresponding weight.
229 properties:
230 labelSelector:
231 description: A label query over a set of resources, in this case pods.
232 properties:
233 matchExpressions:
234 description: matchExpressions is a list of label selector requirements.
235 items:
236 description: A label selector requirement is a selector that contains values, a key, and an o
237 properties:
238 key:
239 description: key is the label key that the selector applies to.
240 type: string
241 operator:
242 description: operator represents a key's relationship to a set of values.
243 type: string
244 values:
245 description: values is an array of string values.
246 items:
247 type: string
248 type: array
249 required:
250 - key
251 - operator
252 type: object
253 type: array
254 matchLabels:
255 additionalProperties:
256 type: string
257 description: matchLabels is a map of {key,value} pairs.
258 type: object
259 type: object
260 x-kubernetes-map-type: atomic
261 namespaceSelector:
262 description: A label query over the set of namespaces that the term applies to.
263 properties:
264 matchExpressions:
265 description: matchExpressions is a list of label selector requirements.
266 items:
267 description: A label selector requirement is a selector that contains values, a key, and an o
268 properties:
269 key:
270 description: key is the label key that the selector applies to.
271 type: string
272 operator:
273 description: operator represents a key's relationship to a set of values.
274 type: string
275 values:
276 description: values is an array of string values.
277 items:
278 type: string
279 type: array
280 required:
281 - key
282 - operator
283 type: object
284 type: array
285 matchLabels:
286 additionalProperties:
287 type: string
288 description: matchLabels is a map of {key,value} pairs.
289 type: object
290 type: object
291 x-kubernetes-map-type: atomic
292 namespaces:
293 description: namespaces specifies a static list of namespace names that the term applies to.
294 items:
295 type: string
296 type: array
297 topologyKey:
298 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
299 type: string
300 required:
301 - topologyKey
302 type: object
303 weight:
304 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
305 format: int32
306 type: integer
307 required:
308 - podAffinityTerm
309 - weight
310 type: object
311 type: array
312 requiredDuringSchedulingIgnoredDuringExecution:
313 description: If the affinity requirements specified by this field are not met at scheduling t
314 items:
315 description: Defines a set of pods (namely those matching the labelSelector relative to the g
316 properties:
317 labelSelector:
318 description: A label query over a set of resources, in this case pods.
319 properties:
320 matchExpressions:
321 description: matchExpressions is a list of label selector requirements.
322 items:
323 description: A label selector requirement is a selector that contains values, a key, and an o
324 properties:
325 key:
326 description: key is the label key that the selector applies to.
327 type: string
328 operator:
329 description: operator represents a key's relationship to a set of values.
330 type: string
331 values:
332 description: values is an array of string values.
333 items:
334 type: string
335 type: array
336 required:
337 - key
338 - operator
339 type: object
340 type: array
341 matchLabels:
342 additionalProperties:
343 type: string
344 description: matchLabels is a map of {key,value} pairs.
345 type: object
346 type: object
347 x-kubernetes-map-type: atomic
348 namespaceSelector:
349 description: A label query over the set of namespaces that the term applies to.
350 properties:
351 matchExpressions:
352 description: matchExpressions is a list of label selector requirements.
353 items:
354 description: A label selector requirement is a selector that contains values, a key, and an o
355 properties:
356 key:
357 description: key is the label key that the selector applies to.
358 type: string
359 operator:
360 description: operator represents a key's relationship to a set of values.
361 type: string
362 values:
363 description: values is an array of string values.
364 items:
365 type: string
366 type: array
367 required:
368 - key
369 - operator
370 type: object
371 type: array
372 matchLabels:
373 additionalProperties:
374 type: string
375 description: matchLabels is a map of {key,value} pairs.
376 type: object
377 type: object
378 x-kubernetes-map-type: atomic
379 namespaces:
380 description: namespaces specifies a static list of namespace names that the term applies to.
381 items:
382 type: string
383 type: array
384 topologyKey:
385 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
386 type: string
387 required:
388 - topologyKey
389 type: object
390 type: array
391 type: object
392 podAntiAffinity:
393 description: Describes pod anti-affinity scheduling rules (e.g.
394 properties:
395 preferredDuringSchedulingIgnoredDuringExecution:
396 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini
397 items:
398 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
399 properties:
400 podAffinityTerm:
401 description: Required. A pod affinity term, associated with the corresponding weight.
402 properties:
403 labelSelector:
404 description: A label query over a set of resources, in this case pods.
405 properties:
406 matchExpressions:
407 description: matchExpressions is a list of label selector requirements.
408 items:
409 description: A label selector requirement is a selector that contains values, a key, and an o
410 properties:
411 key:
412 description: key is the label key that the selector applies to.
413 type: string
414 operator:
415 description: operator represents a key's relationship to a set of values.
416 type: string
417 values:
418 description: values is an array of string values.
419 items:
420 type: string
421 type: array
422 required:
423 - key
424 - operator
425 type: object
426 type: array
427 matchLabels:
428 additionalProperties:
429 type: string
430 description: matchLabels is a map of {key,value} pairs.
431 type: object
432 type: object
433 x-kubernetes-map-type: atomic
434 namespaceSelector:
435 description: A label query over the set of namespaces that the term applies to.
436 properties:
437 matchExpressions:
438 description: matchExpressions is a list of label selector requirements.
439 items:
440 description: A label selector requirement is a selector that contains values, a key, and an o
441 properties:
442 key:
443 description: key is the label key that the selector applies to.
444 type: string
445 operator:
446 description: operator represents a key's relationship to a set of values.
447 type: string
448 values:
449 description: values is an array of string values.
450 items:
451 type: string
452 type: array
453 required:
454 - key
455 - operator
456 type: object
457 type: array
458 matchLabels:
459 additionalProperties:
460 type: string
461 description: matchLabels is a map of {key,value} pairs.
462 type: object
463 type: object
464 x-kubernetes-map-type: atomic
465 namespaces:
466 description: namespaces specifies a static list of namespace names that the term applies to.
467 items:
468 type: string
469 type: array
470 topologyKey:
471 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
472 type: string
473 required:
474 - topologyKey
475 type: object
476 weight:
477 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
478 format: int32
479 type: integer
480 required:
481 - podAffinityTerm
482 - weight
483 type: object
484 type: array
485 requiredDuringSchedulingIgnoredDuringExecution:
486 description: If the anti-affinity requirements specified by this field are not met at schedul
487 items:
488 description: Defines a set of pods (namely those matching the labelSelector relative to the g
489 properties:
490 labelSelector:
491 description: A label query over a set of resources, in this case pods.
492 properties:
493 matchExpressions:
494 description: matchExpressions is a list of label selector requirements.
495 items:
496 description: A label selector requirement is a selector that contains values, a key, and an o
497 properties:
498 key:
499 description: key is the label key that the selector applies to.
500 type: string
501 operator:
502 description: operator represents a key's relationship to a set of values.
503 type: string
504 values:
505 description: values is an array of string values.
506 items:
507 type: string
508 type: array
509 required:
510 - key
511 - operator
512 type: object
513 type: array
514 matchLabels:
515 additionalProperties:
516 type: string
517 description: matchLabels is a map of {key,value} pairs.
518 type: object
519 type: object
520 x-kubernetes-map-type: atomic
521 namespaceSelector:
522 description: A label query over the set of namespaces that the term applies to.
523 properties:
524 matchExpressions:
525 description: matchExpressions is a list of label selector requirements.
526 items:
527 description: A label selector requirement is a selector that contains values, a key, and an o
528 properties:
529 key:
530 description: key is the label key that the selector applies to.
531 type: string
532 operator:
533 description: operator represents a key's relationship to a set of values.
534 type: string
535 values:
536 description: values is an array of string values.
537 items:
538 type: string
539 type: array
540 required:
541 - key
542 - operator
543 type: object
544 type: array
545 matchLabels:
546 additionalProperties:
547 type: string
548 description: matchLabels is a map of {key,value} pairs.
549 type: object
550 type: object
551 x-kubernetes-map-type: atomic
552 namespaces:
553 description: namespaces specifies a static list of namespace names that the term applies to.
554 items:
555 type: string
556 type: array
557 topologyKey:
558 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
559 type: string
560 required:
561 - topologyKey
562 type: object
563 type: array
564 type: object
565 type: object
566 automountServiceAccountToken:
567 description: AutomountServiceAccountToken indicates whether a service account token should be
568 type: boolean
569 containers:
570 description: List of containers belonging to the pod.
571 items:
572 description: A single application container that you want to run within a pod.
573 properties:
574 args:
575 description: Arguments to the entrypoint.
576 items:
577 type: string
578 type: array
579 command:
580 description: Entrypoint array. Not executed within a shell.
581 items:
582 type: string
583 type: array
584 env:
585 description: List of environment variables to set in the container. Cannot be updated.
586 items:
587 description: EnvVar represents an environment variable present in a Container.
588 properties:
589 name:
590 description: Name of the environment variable. Must be a C_IDENTIFIER.
591 type: string
592 value:
593 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
594 type: string
595 valueFrom:
596 description: Source for the environment variable's value.
597 properties:
598 configMapKeyRef:
599 description: Selects a key of a ConfigMap.
600 properties:
601 key:
602 description: The key to select.
603 type: string
604 name:
605 description: 'Name of the referent. More info: https://kubernetes.'
606 type: string
607 optional:
608 description: Specify whether the ConfigMap or its key must be defined
609 type: boolean
610 required:
611 - key
612 type: object
613 x-kubernetes-map-type: atomic
614 fieldRef:
615 description: 'Selects a field of the pod: supports metadata.name, metadata.'
616 properties:
617 apiVersion:
618 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
619 type: string
620 fieldPath:
621 description: Path of the field to select in the specified API version.
622 type: string
623 required:
624 - fieldPath
625 type: object
626 x-kubernetes-map-type: atomic
627 resourceFieldRef:
628 description: 'Selects a resource of the container: only resources limits and requests (limits.'
629 properties:
630 containerName:
631 description: 'Container name: required for volumes, optional for env vars'
632 type: string
633 divisor:
634 anyOf:
635 - type: integer
636 - type: string
637 description: Specifies the output format of the exposed resources, defaults to "1"
638 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
639 x-kubernetes-int-or-string: true
640 resource:
641 description: 'Required: resource to select'
642 type: string
643 required:
644 - resource
645 type: object
646 x-kubernetes-map-type: atomic
647 secretKeyRef:
648 description: Selects a key of a secret in the pod's namespace
649 properties:
650 key:
651 description: The key of the secret to select from. Must be a valid secret key.
652 type: string
653 name:
654 description: 'Name of the referent. More info: https://kubernetes.'
655 type: string
656 optional:
657 description: Specify whether the Secret or its key must be defined
658 type: boolean
659 required:
660 - key
661 type: object
662 x-kubernetes-map-type: atomic
663 type: object
664 required:
665 - name
666 type: object
667 type: array
668 envFrom:
669 description: List of sources to populate environment variables in the container.
670 items:
671 description: EnvFromSource represents the source of a set of ConfigMaps
672 properties:
673 configMapRef:
674 description: The ConfigMap to select from
675 properties:
676 name:
677 description: 'Name of the referent. More info: https://kubernetes.'
678 type: string
679 optional:
680 description: Specify whether the ConfigMap must be defined
681 type: boolean
682 type: object
683 x-kubernetes-map-type: atomic
684 prefix:
685 description: An optional identifier to prepend to each key in the ConfigMap.
686 type: string
687 secretRef:
688 description: The Secret to select from
689 properties:
690 name:
691 description: 'Name of the referent. More info: https://kubernetes.'
692 type: string
693 optional:
694 description: Specify whether the Secret must be defined
695 type: boolean
696 type: object
697 x-kubernetes-map-type: atomic
698 type: object
699 type: array
700 image:
701 description: 'Docker image name. More info: https://kubernetes.'
702 type: string
703 imagePullPolicy:
704 description: Image pull policy. One of Always, Never, IfNotPresent.
705 type: string
706 lifecycle:
707 description: Actions that the management system should take in response to container lifecycl
708 properties:
709 postStart:
710 description: PostStart is called immediately after a container is created.
711 properties:
712 exec:
713 description: Exec specifies the action to take.
714 properties:
715 command:
716 description: Command is the command line to execute inside the container, the working directo
717 items:
718 type: string
719 type: array
720 type: object
721 httpGet:
722 description: HTTPGet specifies the http request to perform.
723 properties:
724 host:
725 description: Host name to connect to, defaults to the pod IP.
726 type: string
727 httpHeaders:
728 description: Custom headers to set in the request. HTTP allows repeated headers.
729 items:
730 description: HTTPHeader describes a custom header to be used in HTTP probes
731 properties:
732 name:
733 description: The header field name
734 type: string
735 value:
736 description: The header field value
737 type: string
738 required:
739 - name
740 - value
741 type: object
742 type: array
743 path:
744 description: Path to access on the HTTP server.
745 type: string
746 port:
747 anyOf:
748 - type: integer
749 - type: string
750 description: Name or number of the port to access on the container.
751 x-kubernetes-int-or-string: true
752 scheme:
753 description: Scheme to use for connecting to the host. Defaults to HTTP.
754 type: string
755 required:
756 - port
757 type: object
758 tcpSocket:
759 description: Deprecated.
760 properties:
761 host:
762 description: 'Optional: Host name to connect to, defaults to the pod IP.'
763 type: string
764 port:
765 anyOf:
766 - type: integer
767 - type: string
768 description: Number or name of the port to access on the container.
769 x-kubernetes-int-or-string: true
770 required:
771 - port
772 type: object
773 type: object
774 preStop:
775 description: PreStop is called immediately before a container is terminated due to an API req
776 properties:
777 exec:
778 description: Exec specifies the action to take.
779 properties:
780 command:
781 description: Command is the command line to execute inside the container, the working directo
782 items:
783 type: string
784 type: array
785 type: object
786 httpGet:
787 description: HTTPGet specifies the http request to perform.
788 properties:
789 host:
790 description: Host name to connect to, defaults to the pod IP.
791 type: string
792 httpHeaders:
793 description: Custom headers to set in the request. HTTP allows repeated headers.
794 items:
795 description: HTTPHeader describes a custom header to be used in HTTP probes
796 properties:
797 name:
798 description: The header field name
799 type: string
800 value:
801 description: The header field value
802 type: string
803 required:
804 - name
805 - value
806 type: object
807 type: array
808 path:
809 description: Path to access on the HTTP server.
810 type: string
811 port:
812 anyOf:
813 - type: integer
814 - type: string
815 description: Name or number of the port to access on the container.
816 x-kubernetes-int-or-string: true
817 scheme:
818 description: Scheme to use for connecting to the host. Defaults to HTTP.
819 type: string
820 required:
821 - port
822 type: object
823 tcpSocket:
824 description: Deprecated.
825 properties:
826 host:
827 description: 'Optional: Host name to connect to, defaults to the pod IP.'
828 type: string
829 port:
830 anyOf:
831 - type: integer
832 - type: string
833 description: Number or name of the port to access on the container.
834 x-kubernetes-int-or-string: true
835 required:
836 - port
837 type: object
838 type: object
839 type: object
840 livenessProbe:
841 description: Periodic probe of container liveness.
842 properties:
843 exec:
844 description: Exec specifies the action to take.
845 properties:
846 command:
847 description: Command is the command line to execute inside the container, the working directo
848 items:
849 type: string
850 type: array
851 type: object
852 failureThreshold:
853 description: 'Minimum consecutive failures for the probe to be considered failed after having '
854 format: int32
855 type: integer
856 grpc:
857 description: GRPC specifies an action involving a GRPC port.
858 properties:
859 port:
860 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
861 format: int32
862 type: integer
863 service:
864 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
865 type: string
866 required:
867 - port
868 type: object
869 httpGet:
870 description: HTTPGet specifies the http request to perform.
871 properties:
872 host:
873 description: Host name to connect to, defaults to the pod IP.
874 type: string
875 httpHeaders:
876 description: Custom headers to set in the request. HTTP allows repeated headers.
877 items:
878 description: HTTPHeader describes a custom header to be used in HTTP probes
879 properties:
880 name:
881 description: The header field name
882 type: string
883 value:
884 description: The header field value
885 type: string
886 required:
887 - name
888 - value
889 type: object
890 type: array
891 path:
892 description: Path to access on the HTTP server.
893 type: string
894 port:
895 anyOf:
896 - type: integer
897 - type: string
898 description: Name or number of the port to access on the container.
899 x-kubernetes-int-or-string: true
900 scheme:
901 description: Scheme to use for connecting to the host. Defaults to HTTP.
902 type: string
903 required:
904 - port
905 type: object
906 initialDelaySeconds:
907 description: Number of seconds after the container has started before liveness probes are ini
908 format: int32
909 type: integer
910 periodSeconds:
911 description: How often (in seconds) to perform the probe. Default to 10 seconds.
912 format: int32
913 type: integer
914 successThreshold:
915 description: Minimum consecutive successes for the probe to be considered successful after ha
916 format: int32
917 type: integer
918 tcpSocket:
919 description: TCPSocket specifies an action involving a TCP port.
920 properties:
921 host:
922 description: 'Optional: Host name to connect to, defaults to the pod IP.'
923 type: string
924 port:
925 anyOf:
926 - type: integer
927 - type: string
928 description: Number or name of the port to access on the container.
929 x-kubernetes-int-or-string: true
930 required:
931 - port
932 type: object
933 terminationGracePeriodSeconds:
934 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
935 format: int64
936 type: integer
937 timeoutSeconds:
938 description: Number of seconds after which the probe times out. Defaults to 1 second.
939 format: int32
940 type: integer
941 type: object
942 name:
943 description: Name of the container specified as a DNS_LABEL.
944 type: string
945 ports:
946 description: List of ports to expose from the container.
947 items:
948 description: ContainerPort represents a network port in a single container.
949 properties:
950 containerPort:
951 description: Number of port to expose on the pod's IP address.
952 format: int32
953 type: integer
954 hostIP:
955 description: What host IP to bind the external port to.
956 type: string
957 hostPort:
958 description: Number of port to expose on the host.
959 format: int32
960 type: integer
961 name:
962 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
963 type: string
964 protocol:
965 default: TCP
966 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
967 type: string
968 required:
969 - containerPort
970 type: object
971 type: array
972 x-kubernetes-list-map-keys:
973 - containerPort
974 - protocol
975 x-kubernetes-list-type: map
976 readinessProbe:
977 description: Periodic probe of container service readiness.
978 properties:
979 exec:
980 description: Exec specifies the action to take.
981 properties:
982 command:
983 description: Command is the command line to execute inside the container, the working directo
984 items:
985 type: string
986 type: array
987 type: object
988 failureThreshold:
989 description: 'Minimum consecutive failures for the probe to be considered failed after having '
990 format: int32
991 type: integer
992 grpc:
993 description: GRPC specifies an action involving a GRPC port.
994 properties:
995 port:
996 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
997 format: int32
998 type: integer
999 service:
1000 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
1001 type: string
1002 required:
1003 - port
1004 type: object
1005 httpGet:
1006 description: HTTPGet specifies the http request to perform.
1007 properties:
1008 host:
1009 description: Host name to connect to, defaults to the pod IP.
1010 type: string
1011 httpHeaders:
1012 description: Custom headers to set in the request. HTTP allows repeated headers.
1013 items:
1014 description: HTTPHeader describes a custom header to be used in HTTP probes
1015 properties:
1016 name:
1017 description: The header field name
1018 type: string
1019 value:
1020 description: The header field value
1021 type: string
1022 required:
1023 - name
1024 - value
1025 type: object
1026 type: array
1027 path:
1028 description: Path to access on the HTTP server.
1029 type: string
1030 port:
1031 anyOf:
1032 - type: integer
1033 - type: string
1034 description: Name or number of the port to access on the container.
1035 x-kubernetes-int-or-string: true
1036 scheme:
1037 description: Scheme to use for connecting to the host. Defaults to HTTP.
1038 type: string
1039 required:
1040 - port
1041 type: object
1042 initialDelaySeconds:
1043 description: Number of seconds after the container has started before liveness probes are ini
1044 format: int32
1045 type: integer
1046 periodSeconds:
1047 description: How often (in seconds) to perform the probe. Default to 10 seconds.
1048 format: int32
1049 type: integer
1050 successThreshold:
1051 description: Minimum consecutive successes for the probe to be considered successful after ha
1052 format: int32
1053 type: integer
1054 tcpSocket:
1055 description: TCPSocket specifies an action involving a TCP port.
1056 properties:
1057 host:
1058 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1059 type: string
1060 port:
1061 anyOf:
1062 - type: integer
1063 - type: string
1064 description: Number or name of the port to access on the container.
1065 x-kubernetes-int-or-string: true
1066 required:
1067 - port
1068 type: object
1069 terminationGracePeriodSeconds:
1070 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
1071 format: int64
1072 type: integer
1073 timeoutSeconds:
1074 description: Number of seconds after which the probe times out. Defaults to 1 second.
1075 format: int32
1076 type: integer
1077 type: object
1078 resources:
1079 description: Compute Resources required by this container. Cannot be updated.
1080 properties:
1081 limits:
1082 additionalProperties:
1083 anyOf:
1084 - type: integer
1085 - type: string
1086 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1087 x-kubernetes-int-or-string: true
1088 description: Limits describes the maximum amount of compute resources allowed.
1089 type: object
1090 requests:
1091 additionalProperties:
1092 anyOf:
1093 - type: integer
1094 - type: string
1095 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1096 x-kubernetes-int-or-string: true
1097 description: Requests describes the minimum amount of compute resources required.
1098 type: object
1099 type: object
1100 securityContext:
1101 description: SecurityContext defines the security options the container should be run with.
1102 properties:
1103 allowPrivilegeEscalation:
1104 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
1105 type: boolean
1106 capabilities:
1107 description: The capabilities to add/drop when running containers.
1108 properties:
1109 add:
1110 description: Added capabilities
1111 items:
1112 description: Capability represent POSIX capabilities type
1113 type: string
1114 type: array
1115 drop:
1116 description: Removed capabilities
1117 items:
1118 description: Capability represent POSIX capabilities type
1119 type: string
1120 type: array
1121 type: object
1122 privileged:
1123 description: Run container in privileged mode.
1124 type: boolean
1125 procMount:
1126 description: procMount denotes the type of proc mount to use for the containers.
1127 type: string
1128 readOnlyRootFilesystem:
1129 description: Whether this container has a read-only root filesystem. Default is false.
1130 type: boolean
1131 runAsGroup:
1132 description: The GID to run the entrypoint of the container process.
1133 format: int64
1134 type: integer
1135 runAsNonRoot:
1136 description: Indicates that the container must run as a non-root user.
1137 type: boolean
1138 runAsUser:
1139 description: The UID to run the entrypoint of the container process.
1140 format: int64
1141 type: integer
1142 seLinuxOptions:
1143 description: The SELinux context to be applied to the container.
1144 properties:
1145 level:
1146 description: Level is SELinux level label that applies to the container.
1147 type: string
1148 role:
1149 description: Role is a SELinux role label that applies to the container.
1150 type: string
1151 type:
1152 description: Type is a SELinux type label that applies to the container.
1153 type: string
1154 user:
1155 description: User is a SELinux user label that applies to the container.
1156 type: string
1157 type: object
1158 seccompProfile:
1159 description: The seccomp options to use by this container.
1160 properties:
1161 localhostProfile:
1162 description: localhostProfile indicates a profile defined in a file on the node should be use
1163 type: string
1164 type:
1165 description: type indicates which kind of seccomp profile will be applied.
1166 type: string
1167 required:
1168 - type
1169 type: object
1170 windowsOptions:
1171 description: The Windows specific settings applied to all containers.
1172 properties:
1173 gmsaCredentialSpec:
1174 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
1175 type: string
1176 gmsaCredentialSpecName:
1177 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
1178 type: string
1179 hostProcess:
1180 description: HostProcess determines if a container should be run as a 'Host Process' containe
1181 type: boolean
1182 runAsUserName:
1183 description: The UserName in Windows to run the entrypoint of the container process.
1184 type: string
1185 type: object
1186 type: object
1187 startupProbe:
1188 description: StartupProbe indicates that the Pod has successfully initialized.
1189 properties:
1190 exec:
1191 description: Exec specifies the action to take.
1192 properties:
1193 command:
1194 description: Command is the command line to execute inside the container, the working directo
1195 items:
1196 type: string
1197 type: array
1198 type: object
1199 failureThreshold:
1200 description: 'Minimum consecutive failures for the probe to be considered failed after having '
1201 format: int32
1202 type: integer
1203 grpc:
1204 description: GRPC specifies an action involving a GRPC port.
1205 properties:
1206 port:
1207 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
1208 format: int32
1209 type: integer
1210 service:
1211 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
1212 type: string
1213 required:
1214 - port
1215 type: object
1216 httpGet:
1217 description: HTTPGet specifies the http request to perform.
1218 properties:
1219 host:
1220 description: Host name to connect to, defaults to the pod IP.
1221 type: string
1222 httpHeaders:
1223 description: Custom headers to set in the request. HTTP allows repeated headers.
1224 items:
1225 description: HTTPHeader describes a custom header to be used in HTTP probes
1226 properties:
1227 name:
1228 description: The header field name
1229 type: string
1230 value:
1231 description: The header field value
1232 type: string
1233 required:
1234 - name
1235 - value
1236 type: object
1237 type: array
1238 path:
1239 description: Path to access on the HTTP server.
1240 type: string
1241 port:
1242 anyOf:
1243 - type: integer
1244 - type: string
1245 description: Name or number of the port to access on the container.
1246 x-kubernetes-int-or-string: true
1247 scheme:
1248 description: Scheme to use for connecting to the host. Defaults to HTTP.
1249 type: string
1250 required:
1251 - port
1252 type: object
1253 initialDelaySeconds:
1254 description: Number of seconds after the container has started before liveness probes are ini
1255 format: int32
1256 type: integer
1257 periodSeconds:
1258 description: How often (in seconds) to perform the probe. Default to 10 seconds.
1259 format: int32
1260 type: integer
1261 successThreshold:
1262 description: Minimum consecutive successes for the probe to be considered successful after ha
1263 format: int32
1264 type: integer
1265 tcpSocket:
1266 description: TCPSocket specifies an action involving a TCP port.
1267 properties:
1268 host:
1269 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1270 type: string
1271 port:
1272 anyOf:
1273 - type: integer
1274 - type: string
1275 description: Number or name of the port to access on the container.
1276 x-kubernetes-int-or-string: true
1277 required:
1278 - port
1279 type: object
1280 terminationGracePeriodSeconds:
1281 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
1282 format: int64
1283 type: integer
1284 timeoutSeconds:
1285 description: Number of seconds after which the probe times out. Defaults to 1 second.
1286 format: int32
1287 type: integer
1288 type: object
1289 stdin:
1290 description: Whether this container should allocate a buffer for stdin in the container runti
1291 type: boolean
1292 stdinOnce:
1293 description: Whether the container runtime should close the stdin channel after it has been o
1294 type: boolean
1295 terminationMessagePath:
1296 description: 'Optional: Path at which the file to which the container''s termination message wi'
1297 type: string
1298 terminationMessagePolicy:
1299 description: Indicate how the termination message should be populated.
1300 type: string
1301 tty:
1302 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
1303 type: boolean
1304 volumeDevices:
1305 description: volumeDevices is the list of block devices to be used by the container.
1306 items:
1307 description: volumeDevice describes a mapping of a raw block device within a container.
1308 properties:
1309 devicePath:
1310 description: devicePath is the path inside of the container that the device will be mapped to
1311 type: string
1312 name:
1313 description: name must match the name of a persistentVolumeClaim in the pod
1314 type: string
1315 required:
1316 - devicePath
1317 - name
1318 type: object
1319 type: array
1320 volumeMounts:
1321 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
1322 items:
1323 description: VolumeMount describes a mounting of a Volume within a container.
1324 properties:
1325 mountPath:
1326 description: Path within the container at which the volume should be mounted.
1327 type: string
1328 mountPropagation:
1329 description: mountPropagation determines how mounts are propagated from the host to container
1330 type: string
1331 name:
1332 description: This must match the Name of a Volume.
1333 type: string
1334 readOnly:
1335 description: Mounted read-only if true, read-write otherwise (false or unspecified).
1336 type: boolean
1337 subPath:
1338 description: Path within the volume from which the container's volume should be mounted.
1339 type: string
1340 subPathExpr:
1341 description: Expanded path within the volume from which the container's volume should be moun
1342 type: string
1343 required:
1344 - mountPath
1345 - name
1346 type: object
1347 type: array
1348 workingDir:
1349 description: Container's working directory.
1350 type: string
1351 required:
1352 - name
1353 type: object
1354 type: array
1355 dnsConfig:
1356 description: Specifies the DNS parameters of a pod.
1357 properties:
1358 nameservers:
1359 description: A list of DNS name server IP addresses.
1360 items:
1361 type: string
1362 type: array
1363 options:
1364 description: A list of DNS resolver options.
1365 items:
1366 description: PodDNSConfigOption defines DNS resolver options of a pod.
1367 properties:
1368 name:
1369 description: Required.
1370 type: string
1371 value:
1372 type: string
1373 type: object
1374 type: array
1375 searches:
1376 description: A list of DNS search domains for host-name lookup.
1377 items:
1378 type: string
1379 type: array
1380 type: object
1381 dnsPolicy:
1382 description: Set DNS policy for the pod. Defaults to "ClusterFirst".
1383 type: string
1384 enableServiceLinks:
1385 description: EnableServiceLinks indicates whether information about services should be inject
1386 type: boolean
1387 ephemeralContainers:
1388 description: List of ephemeral containers run in this pod.
1389 items:
1390 description: An EphemeralContainer is a temporary container that you may add to an existing P
1391 properties:
1392 args:
1393 description: Arguments to the entrypoint.
1394 items:
1395 type: string
1396 type: array
1397 command:
1398 description: Entrypoint array. Not executed within a shell.
1399 items:
1400 type: string
1401 type: array
1402 env:
1403 description: List of environment variables to set in the container. Cannot be updated.
1404 items:
1405 description: EnvVar represents an environment variable present in a Container.
1406 properties:
1407 name:
1408 description: Name of the environment variable. Must be a C_IDENTIFIER.
1409 type: string
1410 value:
1411 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
1412 type: string
1413 valueFrom:
1414 description: Source for the environment variable's value.
1415 properties:
1416 configMapKeyRef:
1417 description: Selects a key of a ConfigMap.
1418 properties:
1419 key:
1420 description: The key to select.
1421 type: string
1422 name:
1423 description: 'Name of the referent. More info: https://kubernetes.'
1424 type: string
1425 optional:
1426 description: Specify whether the ConfigMap or its key must be defined
1427 type: boolean
1428 required:
1429 - key
1430 type: object
1431 x-kubernetes-map-type: atomic
1432 fieldRef:
1433 description: 'Selects a field of the pod: supports metadata.name, metadata.'
1434 properties:
1435 apiVersion:
1436 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
1437 type: string
1438 fieldPath:
1439 description: Path of the field to select in the specified API version.
1440 type: string
1441 required:
1442 - fieldPath
1443 type: object
1444 x-kubernetes-map-type: atomic
1445 resourceFieldRef:
1446 description: 'Selects a resource of the container: only resources limits and requests (limits.'
1447 properties:
1448 containerName:
1449 description: 'Container name: required for volumes, optional for env vars'
1450 type: string
1451 divisor:
1452 anyOf:
1453 - type: integer
1454 - type: string
1455 description: Specifies the output format of the exposed resources, defaults to "1"
1456 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1457 x-kubernetes-int-or-string: true
1458 resource:
1459 description: 'Required: resource to select'
1460 type: string
1461 required:
1462 - resource
1463 type: object
1464 x-kubernetes-map-type: atomic
1465 secretKeyRef:
1466 description: Selects a key of a secret in the pod's namespace
1467 properties:
1468 key:
1469 description: The key of the secret to select from. Must be a valid secret key.
1470 type: string
1471 name:
1472 description: 'Name of the referent. More info: https://kubernetes.'
1473 type: string
1474 optional:
1475 description: Specify whether the Secret or its key must be defined
1476 type: boolean
1477 required:
1478 - key
1479 type: object
1480 x-kubernetes-map-type: atomic
1481 type: object
1482 required:
1483 - name
1484 type: object
1485 type: array
1486 envFrom:
1487 description: List of sources to populate environment variables in the container.
1488 items:
1489 description: EnvFromSource represents the source of a set of ConfigMaps
1490 properties:
1491 configMapRef:
1492 description: The ConfigMap to select from
1493 properties:
1494 name:
1495 description: 'Name of the referent. More info: https://kubernetes.'
1496 type: string
1497 optional:
1498 description: Specify whether the ConfigMap must be defined
1499 type: boolean
1500 type: object
1501 x-kubernetes-map-type: atomic
1502 prefix:
1503 description: An optional identifier to prepend to each key in the ConfigMap.
1504 type: string
1505 secretRef:
1506 description: The Secret to select from
1507 properties:
1508 name:
1509 description: 'Name of the referent. More info: https://kubernetes.'
1510 type: string
1511 optional:
1512 description: Specify whether the Secret must be defined
1513 type: boolean
1514 type: object
1515 x-kubernetes-map-type: atomic
1516 type: object
1517 type: array
1518 image:
1519 description: 'Docker image name. More info: https://kubernetes.'
1520 type: string
1521 imagePullPolicy:
1522 description: Image pull policy. One of Always, Never, IfNotPresent.
1523 type: string
1524 lifecycle:
1525 description: Lifecycle is not allowed for ephemeral containers.
1526 properties:
1527 postStart:
1528 description: PostStart is called immediately after a container is created.
1529 properties:
1530 exec:
1531 description: Exec specifies the action to take.
1532 properties:
1533 command:
1534 description: Command is the command line to execute inside the container, the working directo
1535 items:
1536 type: string
1537 type: array
1538 type: object
1539 httpGet:
1540 description: HTTPGet specifies the http request to perform.
1541 properties:
1542 host:
1543 description: Host name to connect to, defaults to the pod IP.
1544 type: string
1545 httpHeaders:
1546 description: Custom headers to set in the request. HTTP allows repeated headers.
1547 items:
1548 description: HTTPHeader describes a custom header to be used in HTTP probes
1549 properties:
1550 name:
1551 description: The header field name
1552 type: string
1553 value:
1554 description: The header field value
1555 type: string
1556 required:
1557 - name
1558 - value
1559 type: object
1560 type: array
1561 path:
1562 description: Path to access on the HTTP server.
1563 type: string
1564 port:
1565 anyOf:
1566 - type: integer
1567 - type: string
1568 description: Name or number of the port to access on the container.
1569 x-kubernetes-int-or-string: true
1570 scheme:
1571 description: Scheme to use for connecting to the host. Defaults to HTTP.
1572 type: string
1573 required:
1574 - port
1575 type: object
1576 tcpSocket:
1577 description: Deprecated.
1578 properties:
1579 host:
1580 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1581 type: string
1582 port:
1583 anyOf:
1584 - type: integer
1585 - type: string
1586 description: Number or name of the port to access on the container.
1587 x-kubernetes-int-or-string: true
1588 required:
1589 - port
1590 type: object
1591 type: object
1592 preStop:
1593 description: PreStop is called immediately before a container is terminated due to an API req
1594 properties:
1595 exec:
1596 description: Exec specifies the action to take.
1597 properties:
1598 command:
1599 description: Command is the command line to execute inside the container, the working directo
1600 items:
1601 type: string
1602 type: array
1603 type: object
1604 httpGet:
1605 description: HTTPGet specifies the http request to perform.
1606 properties:
1607 host:
1608 description: Host name to connect to, defaults to the pod IP.
1609 type: string
1610 httpHeaders:
1611 description: Custom headers to set in the request. HTTP allows repeated headers.
1612 items:
1613 description: HTTPHeader describes a custom header to be used in HTTP probes
1614 properties:
1615 name:
1616 description: The header field name
1617 type: string
1618 value:
1619 description: The header field value
1620 type: string
1621 required:
1622 - name
1623 - value
1624 type: object
1625 type: array
1626 path:
1627 description: Path to access on the HTTP server.
1628 type: string
1629 port:
1630 anyOf:
1631 - type: integer
1632 - type: string
1633 description: Name or number of the port to access on the container.
1634 x-kubernetes-int-or-string: true
1635 scheme:
1636 description: Scheme to use for connecting to the host. Defaults to HTTP.
1637 type: string
1638 required:
1639 - port
1640 type: object
1641 tcpSocket:
1642 description: Deprecated.
1643 properties:
1644 host:
1645 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1646 type: string
1647 port:
1648 anyOf:
1649 - type: integer
1650 - type: string
1651 description: Number or name of the port to access on the container.
1652 x-kubernetes-int-or-string: true
1653 required:
1654 - port
1655 type: object
1656 type: object
1657 type: object
1658 livenessProbe:
1659 description: Probes are not allowed for ephemeral containers.
1660 properties:
1661 exec:
1662 description: Exec specifies the action to take.
1663 properties:
1664 command:
1665 description: Command is the command line to execute inside the container, the working directo
1666 items:
1667 type: string
1668 type: array
1669 type: object
1670 failureThreshold:
1671 description: 'Minimum consecutive failures for the probe to be considered failed after having '
1672 format: int32
1673 type: integer
1674 grpc:
1675 description: GRPC specifies an action involving a GRPC port.
1676 properties:
1677 port:
1678 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
1679 format: int32
1680 type: integer
1681 service:
1682 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
1683 type: string
1684 required:
1685 - port
1686 type: object
1687 httpGet:
1688 description: HTTPGet specifies the http request to perform.
1689 properties:
1690 host:
1691 description: Host name to connect to, defaults to the pod IP.
1692 type: string
1693 httpHeaders:
1694 description: Custom headers to set in the request. HTTP allows repeated headers.
1695 items:
1696 description: HTTPHeader describes a custom header to be used in HTTP probes
1697 properties:
1698 name:
1699 description: The header field name
1700 type: string
1701 value:
1702 description: The header field value
1703 type: string
1704 required:
1705 - name
1706 - value
1707 type: object
1708 type: array
1709 path:
1710 description: Path to access on the HTTP server.
1711 type: string
1712 port:
1713 anyOf:
1714 - type: integer
1715 - type: string
1716 description: Name or number of the port to access on the container.
1717 x-kubernetes-int-or-string: true
1718 scheme:
1719 description: Scheme to use for connecting to the host. Defaults to HTTP.
1720 type: string
1721 required:
1722 - port
1723 type: object
1724 initialDelaySeconds:
1725 description: Number of seconds after the container has started before liveness probes are ini
1726 format: int32
1727 type: integer
1728 periodSeconds:
1729 description: How often (in seconds) to perform the probe. Default to 10 seconds.
1730 format: int32
1731 type: integer
1732 successThreshold:
1733 description: Minimum consecutive successes for the probe to be considered successful after ha
1734 format: int32
1735 type: integer
1736 tcpSocket:
1737 description: TCPSocket specifies an action involving a TCP port.
1738 properties:
1739 host:
1740 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1741 type: string
1742 port:
1743 anyOf:
1744 - type: integer
1745 - type: string
1746 description: Number or name of the port to access on the container.
1747 x-kubernetes-int-or-string: true
1748 required:
1749 - port
1750 type: object
1751 terminationGracePeriodSeconds:
1752 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
1753 format: int64
1754 type: integer
1755 timeoutSeconds:
1756 description: Number of seconds after which the probe times out. Defaults to 1 second.
1757 format: int32
1758 type: integer
1759 type: object
1760 name:
1761 description: Name of the ephemeral container specified as a DNS_LABEL.
1762 type: string
1763 ports:
1764 description: Ports are not allowed for ephemeral containers.
1765 items:
1766 description: ContainerPort represents a network port in a single container.
1767 properties:
1768 containerPort:
1769 description: Number of port to expose on the pod's IP address.
1770 format: int32
1771 type: integer
1772 hostIP:
1773 description: What host IP to bind the external port to.
1774 type: string
1775 hostPort:
1776 description: Number of port to expose on the host.
1777 format: int32
1778 type: integer
1779 name:
1780 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
1781 type: string
1782 protocol:
1783 default: TCP
1784 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
1785 type: string
1786 required:
1787 - containerPort
1788 type: object
1789 type: array
1790 x-kubernetes-list-map-keys:
1791 - containerPort
1792 - protocol
1793 x-kubernetes-list-type: map
1794 readinessProbe:
1795 description: Probes are not allowed for ephemeral containers.
1796 properties:
1797 exec:
1798 description: Exec specifies the action to take.
1799 properties:
1800 command:
1801 description: Command is the command line to execute inside the container, the working directo
1802 items:
1803 type: string
1804 type: array
1805 type: object
1806 failureThreshold:
1807 description: 'Minimum consecutive failures for the probe to be considered failed after having '
1808 format: int32
1809 type: integer
1810 grpc:
1811 description: GRPC specifies an action involving a GRPC port.
1812 properties:
1813 port:
1814 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
1815 format: int32
1816 type: integer
1817 service:
1818 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
1819 type: string
1820 required:
1821 - port
1822 type: object
1823 httpGet:
1824 description: HTTPGet specifies the http request to perform.
1825 properties:
1826 host:
1827 description: Host name to connect to, defaults to the pod IP.
1828 type: string
1829 httpHeaders:
1830 description: Custom headers to set in the request. HTTP allows repeated headers.
1831 items:
1832 description: HTTPHeader describes a custom header to be used in HTTP probes
1833 properties:
1834 name:
1835 description: The header field name
1836 type: string
1837 value:
1838 description: The header field value
1839 type: string
1840 required:
1841 - name
1842 - value
1843 type: object
1844 type: array
1845 path:
1846 description: Path to access on the HTTP server.
1847 type: string
1848 port:
1849 anyOf:
1850 - type: integer
1851 - type: string
1852 description: Name or number of the port to access on the container.
1853 x-kubernetes-int-or-string: true
1854 scheme:
1855 description: Scheme to use for connecting to the host. Defaults to HTTP.
1856 type: string
1857 required:
1858 - port
1859 type: object
1860 initialDelaySeconds:
1861 description: Number of seconds after the container has started before liveness probes are ini
1862 format: int32
1863 type: integer
1864 periodSeconds:
1865 description: How often (in seconds) to perform the probe. Default to 10 seconds.
1866 format: int32
1867 type: integer
1868 successThreshold:
1869 description: Minimum consecutive successes for the probe to be considered successful after ha
1870 format: int32
1871 type: integer
1872 tcpSocket:
1873 description: TCPSocket specifies an action involving a TCP port.
1874 properties:
1875 host:
1876 description: 'Optional: Host name to connect to, defaults to the pod IP.'
1877 type: string
1878 port:
1879 anyOf:
1880 - type: integer
1881 - type: string
1882 description: Number or name of the port to access on the container.
1883 x-kubernetes-int-or-string: true
1884 required:
1885 - port
1886 type: object
1887 terminationGracePeriodSeconds:
1888 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
1889 format: int64
1890 type: integer
1891 timeoutSeconds:
1892 description: Number of seconds after which the probe times out. Defaults to 1 second.
1893 format: int32
1894 type: integer
1895 type: object
1896 resources:
1897 description: Resources are not allowed for ephemeral containers.
1898 properties:
1899 limits:
1900 additionalProperties:
1901 anyOf:
1902 - type: integer
1903 - type: string
1904 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1905 x-kubernetes-int-or-string: true
1906 description: Limits describes the maximum amount of compute resources allowed.
1907 type: object
1908 requests:
1909 additionalProperties:
1910 anyOf:
1911 - type: integer
1912 - type: string
1913 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1914 x-kubernetes-int-or-string: true
1915 description: Requests describes the minimum amount of compute resources required.
1916 type: object
1917 type: object
1918 securityContext:
1919 description: 'Optional: SecurityContext defines the security options the ephemeral container s'
1920 properties:
1921 allowPrivilegeEscalation:
1922 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
1923 type: boolean
1924 capabilities:
1925 description: The capabilities to add/drop when running containers.
1926 properties:
1927 add:
1928 description: Added capabilities
1929 items:
1930 description: Capability represent POSIX capabilities type
1931 type: string
1932 type: array
1933 drop:
1934 description: Removed capabilities
1935 items:
1936 description: Capability represent POSIX capabilities type
1937 type: string
1938 type: array
1939 type: object
1940 privileged:
1941 description: Run container in privileged mode.
1942 type: boolean
1943 procMount:
1944 description: procMount denotes the type of proc mount to use for the containers.
1945 type: string
1946 readOnlyRootFilesystem:
1947 description: Whether this container has a read-only root filesystem. Default is false.
1948 type: boolean
1949 runAsGroup:
1950 description: The GID to run the entrypoint of the container process.
1951 format: int64
1952 type: integer
1953 runAsNonRoot:
1954 description: Indicates that the container must run as a non-root user.
1955 type: boolean
1956 runAsUser:
1957 description: The UID to run the entrypoint of the container process.
1958 format: int64
1959 type: integer
1960 seLinuxOptions:
1961 description: The SELinux context to be applied to the container.
1962 properties:
1963 level:
1964 description: Level is SELinux level label that applies to the container.
1965 type: string
1966 role:
1967 description: Role is a SELinux role label that applies to the container.
1968 type: string
1969 type:
1970 description: Type is a SELinux type label that applies to the container.
1971 type: string
1972 user:
1973 description: User is a SELinux user label that applies to the container.
1974 type: string
1975 type: object
1976 seccompProfile:
1977 description: The seccomp options to use by this container.
1978 properties:
1979 localhostProfile:
1980 description: localhostProfile indicates a profile defined in a file on the node should be use
1981 type: string
1982 type:
1983 description: type indicates which kind of seccomp profile will be applied.
1984 type: string
1985 required:
1986 - type
1987 type: object
1988 windowsOptions:
1989 description: The Windows specific settings applied to all containers.
1990 properties:
1991 gmsaCredentialSpec:
1992 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
1993 type: string
1994 gmsaCredentialSpecName:
1995 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
1996 type: string
1997 hostProcess:
1998 description: HostProcess determines if a container should be run as a 'Host Process' containe
1999 type: boolean
2000 runAsUserName:
2001 description: The UserName in Windows to run the entrypoint of the container process.
2002 type: string
2003 type: object
2004 type: object
2005 startupProbe:
2006 description: Probes are not allowed for ephemeral containers.
2007 properties:
2008 exec:
2009 description: Exec specifies the action to take.
2010 properties:
2011 command:
2012 description: Command is the command line to execute inside the container, the working directo
2013 items:
2014 type: string
2015 type: array
2016 type: object
2017 failureThreshold:
2018 description: 'Minimum consecutive failures for the probe to be considered failed after having '
2019 format: int32
2020 type: integer
2021 grpc:
2022 description: GRPC specifies an action involving a GRPC port.
2023 properties:
2024 port:
2025 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
2026 format: int32
2027 type: integer
2028 service:
2029 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
2030 type: string
2031 required:
2032 - port
2033 type: object
2034 httpGet:
2035 description: HTTPGet specifies the http request to perform.
2036 properties:
2037 host:
2038 description: Host name to connect to, defaults to the pod IP.
2039 type: string
2040 httpHeaders:
2041 description: Custom headers to set in the request. HTTP allows repeated headers.
2042 items:
2043 description: HTTPHeader describes a custom header to be used in HTTP probes
2044 properties:
2045 name:
2046 description: The header field name
2047 type: string
2048 value:
2049 description: The header field value
2050 type: string
2051 required:
2052 - name
2053 - value
2054 type: object
2055 type: array
2056 path:
2057 description: Path to access on the HTTP server.
2058 type: string
2059 port:
2060 anyOf:
2061 - type: integer
2062 - type: string
2063 description: Name or number of the port to access on the container.
2064 x-kubernetes-int-or-string: true
2065 scheme:
2066 description: Scheme to use for connecting to the host. Defaults to HTTP.
2067 type: string
2068 required:
2069 - port
2070 type: object
2071 initialDelaySeconds:
2072 description: Number of seconds after the container has started before liveness probes are ini
2073 format: int32
2074 type: integer
2075 periodSeconds:
2076 description: How often (in seconds) to perform the probe. Default to 10 seconds.
2077 format: int32
2078 type: integer
2079 successThreshold:
2080 description: Minimum consecutive successes for the probe to be considered successful after ha
2081 format: int32
2082 type: integer
2083 tcpSocket:
2084 description: TCPSocket specifies an action involving a TCP port.
2085 properties:
2086 host:
2087 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2088 type: string
2089 port:
2090 anyOf:
2091 - type: integer
2092 - type: string
2093 description: Number or name of the port to access on the container.
2094 x-kubernetes-int-or-string: true
2095 required:
2096 - port
2097 type: object
2098 terminationGracePeriodSeconds:
2099 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
2100 format: int64
2101 type: integer
2102 timeoutSeconds:
2103 description: Number of seconds after which the probe times out. Defaults to 1 second.
2104 format: int32
2105 type: integer
2106 type: object
2107 stdin:
2108 description: Whether this container should allocate a buffer for stdin in the container runti
2109 type: boolean
2110 stdinOnce:
2111 description: Whether the container runtime should close the stdin channel after it has been o
2112 type: boolean
2113 targetContainerName:
2114 description: If set, the name of the container from PodSpec that this ephemeral container tar
2115 type: string
2116 terminationMessagePath:
2117 description: 'Optional: Path at which the file to which the container''s termination message wi'
2118 type: string
2119 terminationMessagePolicy:
2120 description: Indicate how the termination message should be populated.
2121 type: string
2122 tty:
2123 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
2124 type: boolean
2125 volumeDevices:
2126 description: volumeDevices is the list of block devices to be used by the container.
2127 items:
2128 description: volumeDevice describes a mapping of a raw block device within a container.
2129 properties:
2130 devicePath:
2131 description: devicePath is the path inside of the container that the device will be mapped to
2132 type: string
2133 name:
2134 description: name must match the name of a persistentVolumeClaim in the pod
2135 type: string
2136 required:
2137 - devicePath
2138 - name
2139 type: object
2140 type: array
2141 volumeMounts:
2142 description: Pod volumes to mount into the container's filesystem.
2143 items:
2144 description: VolumeMount describes a mounting of a Volume within a container.
2145 properties:
2146 mountPath:
2147 description: Path within the container at which the volume should be mounted.
2148 type: string
2149 mountPropagation:
2150 description: mountPropagation determines how mounts are propagated from the host to container
2151 type: string
2152 name:
2153 description: This must match the Name of a Volume.
2154 type: string
2155 readOnly:
2156 description: Mounted read-only if true, read-write otherwise (false or unspecified).
2157 type: boolean
2158 subPath:
2159 description: Path within the volume from which the container's volume should be mounted.
2160 type: string
2161 subPathExpr:
2162 description: Expanded path within the volume from which the container's volume should be moun
2163 type: string
2164 required:
2165 - mountPath
2166 - name
2167 type: object
2168 type: array
2169 workingDir:
2170 description: Container's working directory.
2171 type: string
2172 required:
2173 - name
2174 type: object
2175 type: array
2176 hostAliases:
2177 description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '
2178 items:
2179 description: HostAlias holds the mapping between IP and hostnames that will be injected as an
2180 properties:
2181 hostnames:
2182 description: Hostnames for the above IP address.
2183 items:
2184 type: string
2185 type: array
2186 ip:
2187 description: IP address of the host file entry.
2188 type: string
2189 type: object
2190 type: array
2191 hostIPC:
2192 description: 'Use the host''s ipc namespace. Optional: Default to false.'
2193 type: boolean
2194 hostNetwork:
2195 description: Host networking requested for this pod. Use the host's network namespace.
2196 type: boolean
2197 hostPID:
2198 description: 'Use the host''s pid namespace. Optional: Default to false.'
2199 type: boolean
2200 hostname:
2201 description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s
2202 type: string
2203 imagePullSecrets:
2204 description: ImagePullSecrets is an optional list of references to secrets in the same namesp
2205 items:
2206 description: LocalObjectReference contains enough information to let you locate the reference
2207 properties:
2208 name:
2209 description: 'Name of the referent. More info: https://kubernetes.'
2210 type: string
2211 type: object
2212 x-kubernetes-map-type: atomic
2213 type: array
2214 initContainers:
2215 description: List of initialization containers belonging to the pod.
2216 items:
2217 description: A single application container that you want to run within a pod.
2218 properties:
2219 args:
2220 description: Arguments to the entrypoint.
2221 items:
2222 type: string
2223 type: array
2224 command:
2225 description: Entrypoint array. Not executed within a shell.
2226 items:
2227 type: string
2228 type: array
2229 env:
2230 description: List of environment variables to set in the container. Cannot be updated.
2231 items:
2232 description: EnvVar represents an environment variable present in a Container.
2233 properties:
2234 name:
2235 description: Name of the environment variable. Must be a C_IDENTIFIER.
2236 type: string
2237 value:
2238 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
2239 type: string
2240 valueFrom:
2241 description: Source for the environment variable's value.
2242 properties:
2243 configMapKeyRef:
2244 description: Selects a key of a ConfigMap.
2245 properties:
2246 key:
2247 description: The key to select.
2248 type: string
2249 name:
2250 description: 'Name of the referent. More info: https://kubernetes.'
2251 type: string
2252 optional:
2253 description: Specify whether the ConfigMap or its key must be defined
2254 type: boolean
2255 required:
2256 - key
2257 type: object
2258 x-kubernetes-map-type: atomic
2259 fieldRef:
2260 description: 'Selects a field of the pod: supports metadata.name, metadata.'
2261 properties:
2262 apiVersion:
2263 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
2264 type: string
2265 fieldPath:
2266 description: Path of the field to select in the specified API version.
2267 type: string
2268 required:
2269 - fieldPath
2270 type: object
2271 x-kubernetes-map-type: atomic
2272 resourceFieldRef:
2273 description: 'Selects a resource of the container: only resources limits and requests (limits.'
2274 properties:
2275 containerName:
2276 description: 'Container name: required for volumes, optional for env vars'
2277 type: string
2278 divisor:
2279 anyOf:
2280 - type: integer
2281 - type: string
2282 description: Specifies the output format of the exposed resources, defaults to "1"
2283 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2284 x-kubernetes-int-or-string: true
2285 resource:
2286 description: 'Required: resource to select'
2287 type: string
2288 required:
2289 - resource
2290 type: object
2291 x-kubernetes-map-type: atomic
2292 secretKeyRef:
2293 description: Selects a key of a secret in the pod's namespace
2294 properties:
2295 key:
2296 description: The key of the secret to select from. Must be a valid secret key.
2297 type: string
2298 name:
2299 description: 'Name of the referent. More info: https://kubernetes.'
2300 type: string
2301 optional:
2302 description: Specify whether the Secret or its key must be defined
2303 type: boolean
2304 required:
2305 - key
2306 type: object
2307 x-kubernetes-map-type: atomic
2308 type: object
2309 required:
2310 - name
2311 type: object
2312 type: array
2313 envFrom:
2314 description: List of sources to populate environment variables in the container.
2315 items:
2316 description: EnvFromSource represents the source of a set of ConfigMaps
2317 properties:
2318 configMapRef:
2319 description: The ConfigMap to select from
2320 properties:
2321 name:
2322 description: 'Name of the referent. More info: https://kubernetes.'
2323 type: string
2324 optional:
2325 description: Specify whether the ConfigMap must be defined
2326 type: boolean
2327 type: object
2328 x-kubernetes-map-type: atomic
2329 prefix:
2330 description: An optional identifier to prepend to each key in the ConfigMap.
2331 type: string
2332 secretRef:
2333 description: The Secret to select from
2334 properties:
2335 name:
2336 description: 'Name of the referent. More info: https://kubernetes.'
2337 type: string
2338 optional:
2339 description: Specify whether the Secret must be defined
2340 type: boolean
2341 type: object
2342 x-kubernetes-map-type: atomic
2343 type: object
2344 type: array
2345 image:
2346 description: 'Docker image name. More info: https://kubernetes.'
2347 type: string
2348 imagePullPolicy:
2349 description: Image pull policy. One of Always, Never, IfNotPresent.
2350 type: string
2351 lifecycle:
2352 description: Actions that the management system should take in response to container lifecycl
2353 properties:
2354 postStart:
2355 description: PostStart is called immediately after a container is created.
2356 properties:
2357 exec:
2358 description: Exec specifies the action to take.
2359 properties:
2360 command:
2361 description: Command is the command line to execute inside the container, the working directo
2362 items:
2363 type: string
2364 type: array
2365 type: object
2366 httpGet:
2367 description: HTTPGet specifies the http request to perform.
2368 properties:
2369 host:
2370 description: Host name to connect to, defaults to the pod IP.
2371 type: string
2372 httpHeaders:
2373 description: Custom headers to set in the request. HTTP allows repeated headers.
2374 items:
2375 description: HTTPHeader describes a custom header to be used in HTTP probes
2376 properties:
2377 name:
2378 description: The header field name
2379 type: string
2380 value:
2381 description: The header field value
2382 type: string
2383 required:
2384 - name
2385 - value
2386 type: object
2387 type: array
2388 path:
2389 description: Path to access on the HTTP server.
2390 type: string
2391 port:
2392 anyOf:
2393 - type: integer
2394 - type: string
2395 description: Name or number of the port to access on the container.
2396 x-kubernetes-int-or-string: true
2397 scheme:
2398 description: Scheme to use for connecting to the host. Defaults to HTTP.
2399 type: string
2400 required:
2401 - port
2402 type: object
2403 tcpSocket:
2404 description: Deprecated.
2405 properties:
2406 host:
2407 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2408 type: string
2409 port:
2410 anyOf:
2411 - type: integer
2412 - type: string
2413 description: Number or name of the port to access on the container.
2414 x-kubernetes-int-or-string: true
2415 required:
2416 - port
2417 type: object
2418 type: object
2419 preStop:
2420 description: PreStop is called immediately before a container is terminated due to an API req
2421 properties:
2422 exec:
2423 description: Exec specifies the action to take.
2424 properties:
2425 command:
2426 description: Command is the command line to execute inside the container, the working directo
2427 items:
2428 type: string
2429 type: array
2430 type: object
2431 httpGet:
2432 description: HTTPGet specifies the http request to perform.
2433 properties:
2434 host:
2435 description: Host name to connect to, defaults to the pod IP.
2436 type: string
2437 httpHeaders:
2438 description: Custom headers to set in the request. HTTP allows repeated headers.
2439 items:
2440 description: HTTPHeader describes a custom header to be used in HTTP probes
2441 properties:
2442 name:
2443 description: The header field name
2444 type: string
2445 value:
2446 description: The header field value
2447 type: string
2448 required:
2449 - name
2450 - value
2451 type: object
2452 type: array
2453 path:
2454 description: Path to access on the HTTP server.
2455 type: string
2456 port:
2457 anyOf:
2458 - type: integer
2459 - type: string
2460 description: Name or number of the port to access on the container.
2461 x-kubernetes-int-or-string: true
2462 scheme:
2463 description: Scheme to use for connecting to the host. Defaults to HTTP.
2464 type: string
2465 required:
2466 - port
2467 type: object
2468 tcpSocket:
2469 description: Deprecated.
2470 properties:
2471 host:
2472 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2473 type: string
2474 port:
2475 anyOf:
2476 - type: integer
2477 - type: string
2478 description: Number or name of the port to access on the container.
2479 x-kubernetes-int-or-string: true
2480 required:
2481 - port
2482 type: object
2483 type: object
2484 type: object
2485 livenessProbe:
2486 description: Periodic probe of container liveness.
2487 properties:
2488 exec:
2489 description: Exec specifies the action to take.
2490 properties:
2491 command:
2492 description: Command is the command line to execute inside the container, the working directo
2493 items:
2494 type: string
2495 type: array
2496 type: object
2497 failureThreshold:
2498 description: 'Minimum consecutive failures for the probe to be considered failed after having '
2499 format: int32
2500 type: integer
2501 grpc:
2502 description: GRPC specifies an action involving a GRPC port.
2503 properties:
2504 port:
2505 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
2506 format: int32
2507 type: integer
2508 service:
2509 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
2510 type: string
2511 required:
2512 - port
2513 type: object
2514 httpGet:
2515 description: HTTPGet specifies the http request to perform.
2516 properties:
2517 host:
2518 description: Host name to connect to, defaults to the pod IP.
2519 type: string
2520 httpHeaders:
2521 description: Custom headers to set in the request. HTTP allows repeated headers.
2522 items:
2523 description: HTTPHeader describes a custom header to be used in HTTP probes
2524 properties:
2525 name:
2526 description: The header field name
2527 type: string
2528 value:
2529 description: The header field value
2530 type: string
2531 required:
2532 - name
2533 - value
2534 type: object
2535 type: array
2536 path:
2537 description: Path to access on the HTTP server.
2538 type: string
2539 port:
2540 anyOf:
2541 - type: integer
2542 - type: string
2543 description: Name or number of the port to access on the container.
2544 x-kubernetes-int-or-string: true
2545 scheme:
2546 description: Scheme to use for connecting to the host. Defaults to HTTP.
2547 type: string
2548 required:
2549 - port
2550 type: object
2551 initialDelaySeconds:
2552 description: Number of seconds after the container has started before liveness probes are ini
2553 format: int32
2554 type: integer
2555 periodSeconds:
2556 description: How often (in seconds) to perform the probe. Default to 10 seconds.
2557 format: int32
2558 type: integer
2559 successThreshold:
2560 description: Minimum consecutive successes for the probe to be considered successful after ha
2561 format: int32
2562 type: integer
2563 tcpSocket:
2564 description: TCPSocket specifies an action involving a TCP port.
2565 properties:
2566 host:
2567 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2568 type: string
2569 port:
2570 anyOf:
2571 - type: integer
2572 - type: string
2573 description: Number or name of the port to access on the container.
2574 x-kubernetes-int-or-string: true
2575 required:
2576 - port
2577 type: object
2578 terminationGracePeriodSeconds:
2579 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
2580 format: int64
2581 type: integer
2582 timeoutSeconds:
2583 description: Number of seconds after which the probe times out. Defaults to 1 second.
2584 format: int32
2585 type: integer
2586 type: object
2587 name:
2588 description: Name of the container specified as a DNS_LABEL.
2589 type: string
2590 ports:
2591 description: List of ports to expose from the container.
2592 items:
2593 description: ContainerPort represents a network port in a single container.
2594 properties:
2595 containerPort:
2596 description: Number of port to expose on the pod's IP address.
2597 format: int32
2598 type: integer
2599 hostIP:
2600 description: What host IP to bind the external port to.
2601 type: string
2602 hostPort:
2603 description: Number of port to expose on the host.
2604 format: int32
2605 type: integer
2606 name:
2607 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
2608 type: string
2609 protocol:
2610 default: TCP
2611 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
2612 type: string
2613 required:
2614 - containerPort
2615 type: object
2616 type: array
2617 x-kubernetes-list-map-keys:
2618 - containerPort
2619 - protocol
2620 x-kubernetes-list-type: map
2621 readinessProbe:
2622 description: Periodic probe of container service readiness.
2623 properties:
2624 exec:
2625 description: Exec specifies the action to take.
2626 properties:
2627 command:
2628 description: Command is the command line to execute inside the container, the working directo
2629 items:
2630 type: string
2631 type: array
2632 type: object
2633 failureThreshold:
2634 description: 'Minimum consecutive failures for the probe to be considered failed after having '
2635 format: int32
2636 type: integer
2637 grpc:
2638 description: GRPC specifies an action involving a GRPC port.
2639 properties:
2640 port:
2641 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
2642 format: int32
2643 type: integer
2644 service:
2645 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
2646 type: string
2647 required:
2648 - port
2649 type: object
2650 httpGet:
2651 description: HTTPGet specifies the http request to perform.
2652 properties:
2653 host:
2654 description: Host name to connect to, defaults to the pod IP.
2655 type: string
2656 httpHeaders:
2657 description: Custom headers to set in the request. HTTP allows repeated headers.
2658 items:
2659 description: HTTPHeader describes a custom header to be used in HTTP probes
2660 properties:
2661 name:
2662 description: The header field name
2663 type: string
2664 value:
2665 description: The header field value
2666 type: string
2667 required:
2668 - name
2669 - value
2670 type: object
2671 type: array
2672 path:
2673 description: Path to access on the HTTP server.
2674 type: string
2675 port:
2676 anyOf:
2677 - type: integer
2678 - type: string
2679 description: Name or number of the port to access on the container.
2680 x-kubernetes-int-or-string: true
2681 scheme:
2682 description: Scheme to use for connecting to the host. Defaults to HTTP.
2683 type: string
2684 required:
2685 - port
2686 type: object
2687 initialDelaySeconds:
2688 description: Number of seconds after the container has started before liveness probes are ini
2689 format: int32
2690 type: integer
2691 periodSeconds:
2692 description: How often (in seconds) to perform the probe. Default to 10 seconds.
2693 format: int32
2694 type: integer
2695 successThreshold:
2696 description: Minimum consecutive successes for the probe to be considered successful after ha
2697 format: int32
2698 type: integer
2699 tcpSocket:
2700 description: TCPSocket specifies an action involving a TCP port.
2701 properties:
2702 host:
2703 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2704 type: string
2705 port:
2706 anyOf:
2707 - type: integer
2708 - type: string
2709 description: Number or name of the port to access on the container.
2710 x-kubernetes-int-or-string: true
2711 required:
2712 - port
2713 type: object
2714 terminationGracePeriodSeconds:
2715 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
2716 format: int64
2717 type: integer
2718 timeoutSeconds:
2719 description: Number of seconds after which the probe times out. Defaults to 1 second.
2720 format: int32
2721 type: integer
2722 type: object
2723 resources:
2724 description: Compute Resources required by this container. Cannot be updated.
2725 properties:
2726 limits:
2727 additionalProperties:
2728 anyOf:
2729 - type: integer
2730 - type: string
2731 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2732 x-kubernetes-int-or-string: true
2733 description: Limits describes the maximum amount of compute resources allowed.
2734 type: object
2735 requests:
2736 additionalProperties:
2737 anyOf:
2738 - type: integer
2739 - type: string
2740 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2741 x-kubernetes-int-or-string: true
2742 description: Requests describes the minimum amount of compute resources required.
2743 type: object
2744 type: object
2745 securityContext:
2746 description: SecurityContext defines the security options the container should be run with.
2747 properties:
2748 allowPrivilegeEscalation:
2749 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
2750 type: boolean
2751 capabilities:
2752 description: The capabilities to add/drop when running containers.
2753 properties:
2754 add:
2755 description: Added capabilities
2756 items:
2757 description: Capability represent POSIX capabilities type
2758 type: string
2759 type: array
2760 drop:
2761 description: Removed capabilities
2762 items:
2763 description: Capability represent POSIX capabilities type
2764 type: string
2765 type: array
2766 type: object
2767 privileged:
2768 description: Run container in privileged mode.
2769 type: boolean
2770 procMount:
2771 description: procMount denotes the type of proc mount to use for the containers.
2772 type: string
2773 readOnlyRootFilesystem:
2774 description: Whether this container has a read-only root filesystem. Default is false.
2775 type: boolean
2776 runAsGroup:
2777 description: The GID to run the entrypoint of the container process.
2778 format: int64
2779 type: integer
2780 runAsNonRoot:
2781 description: Indicates that the container must run as a non-root user.
2782 type: boolean
2783 runAsUser:
2784 description: The UID to run the entrypoint of the container process.
2785 format: int64
2786 type: integer
2787 seLinuxOptions:
2788 description: The SELinux context to be applied to the container.
2789 properties:
2790 level:
2791 description: Level is SELinux level label that applies to the container.
2792 type: string
2793 role:
2794 description: Role is a SELinux role label that applies to the container.
2795 type: string
2796 type:
2797 description: Type is a SELinux type label that applies to the container.
2798 type: string
2799 user:
2800 description: User is a SELinux user label that applies to the container.
2801 type: string
2802 type: object
2803 seccompProfile:
2804 description: The seccomp options to use by this container.
2805 properties:
2806 localhostProfile:
2807 description: localhostProfile indicates a profile defined in a file on the node should be use
2808 type: string
2809 type:
2810 description: type indicates which kind of seccomp profile will be applied.
2811 type: string
2812 required:
2813 - type
2814 type: object
2815 windowsOptions:
2816 description: The Windows specific settings applied to all containers.
2817 properties:
2818 gmsaCredentialSpec:
2819 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
2820 type: string
2821 gmsaCredentialSpecName:
2822 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
2823 type: string
2824 hostProcess:
2825 description: HostProcess determines if a container should be run as a 'Host Process' containe
2826 type: boolean
2827 runAsUserName:
2828 description: The UserName in Windows to run the entrypoint of the container process.
2829 type: string
2830 type: object
2831 type: object
2832 startupProbe:
2833 description: StartupProbe indicates that the Pod has successfully initialized.
2834 properties:
2835 exec:
2836 description: Exec specifies the action to take.
2837 properties:
2838 command:
2839 description: Command is the command line to execute inside the container, the working directo
2840 items:
2841 type: string
2842 type: array
2843 type: object
2844 failureThreshold:
2845 description: 'Minimum consecutive failures for the probe to be considered failed after having '
2846 format: int32
2847 type: integer
2848 grpc:
2849 description: GRPC specifies an action involving a GRPC port.
2850 properties:
2851 port:
2852 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
2853 format: int32
2854 type: integer
2855 service:
2856 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
2857 type: string
2858 required:
2859 - port
2860 type: object
2861 httpGet:
2862 description: HTTPGet specifies the http request to perform.
2863 properties:
2864 host:
2865 description: Host name to connect to, defaults to the pod IP.
2866 type: string
2867 httpHeaders:
2868 description: Custom headers to set in the request. HTTP allows repeated headers.
2869 items:
2870 description: HTTPHeader describes a custom header to be used in HTTP probes
2871 properties:
2872 name:
2873 description: The header field name
2874 type: string
2875 value:
2876 description: The header field value
2877 type: string
2878 required:
2879 - name
2880 - value
2881 type: object
2882 type: array
2883 path:
2884 description: Path to access on the HTTP server.
2885 type: string
2886 port:
2887 anyOf:
2888 - type: integer
2889 - type: string
2890 description: Name or number of the port to access on the container.
2891 x-kubernetes-int-or-string: true
2892 scheme:
2893 description: Scheme to use for connecting to the host. Defaults to HTTP.
2894 type: string
2895 required:
2896 - port
2897 type: object
2898 initialDelaySeconds:
2899 description: Number of seconds after the container has started before liveness probes are ini
2900 format: int32
2901 type: integer
2902 periodSeconds:
2903 description: How often (in seconds) to perform the probe. Default to 10 seconds.
2904 format: int32
2905 type: integer
2906 successThreshold:
2907 description: Minimum consecutive successes for the probe to be considered successful after ha
2908 format: int32
2909 type: integer
2910 tcpSocket:
2911 description: TCPSocket specifies an action involving a TCP port.
2912 properties:
2913 host:
2914 description: 'Optional: Host name to connect to, defaults to the pod IP.'
2915 type: string
2916 port:
2917 anyOf:
2918 - type: integer
2919 - type: string
2920 description: Number or name of the port to access on the container.
2921 x-kubernetes-int-or-string: true
2922 required:
2923 - port
2924 type: object
2925 terminationGracePeriodSeconds:
2926 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
2927 format: int64
2928 type: integer
2929 timeoutSeconds:
2930 description: Number of seconds after which the probe times out. Defaults to 1 second.
2931 format: int32
2932 type: integer
2933 type: object
2934 stdin:
2935 description: Whether this container should allocate a buffer for stdin in the container runti
2936 type: boolean
2937 stdinOnce:
2938 description: Whether the container runtime should close the stdin channel after it has been o
2939 type: boolean
2940 terminationMessagePath:
2941 description: 'Optional: Path at which the file to which the container''s termination message wi'
2942 type: string
2943 terminationMessagePolicy:
2944 description: Indicate how the termination message should be populated.
2945 type: string
2946 tty:
2947 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
2948 type: boolean
2949 volumeDevices:
2950 description: volumeDevices is the list of block devices to be used by the container.
2951 items:
2952 description: volumeDevice describes a mapping of a raw block device within a container.
2953 properties:
2954 devicePath:
2955 description: devicePath is the path inside of the container that the device will be mapped to
2956 type: string
2957 name:
2958 description: name must match the name of a persistentVolumeClaim in the pod
2959 type: string
2960 required:
2961 - devicePath
2962 - name
2963 type: object
2964 type: array
2965 volumeMounts:
2966 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
2967 items:
2968 description: VolumeMount describes a mounting of a Volume within a container.
2969 properties:
2970 mountPath:
2971 description: Path within the container at which the volume should be mounted.
2972 type: string
2973 mountPropagation:
2974 description: mountPropagation determines how mounts are propagated from the host to container
2975 type: string
2976 name:
2977 description: This must match the Name of a Volume.
2978 type: string
2979 readOnly:
2980 description: Mounted read-only if true, read-write otherwise (false or unspecified).
2981 type: boolean
2982 subPath:
2983 description: Path within the volume from which the container's volume should be mounted.
2984 type: string
2985 subPathExpr:
2986 description: Expanded path within the volume from which the container's volume should be moun
2987 type: string
2988 required:
2989 - mountPath
2990 - name
2991 type: object
2992 type: array
2993 workingDir:
2994 description: Container's working directory.
2995 type: string
2996 required:
2997 - name
2998 type: object
2999 type: array
3000 nodeName:
3001 description: NodeName is a request to schedule this pod onto a specific node.
3002 type: string
3003 nodeSelector:
3004 additionalProperties:
3005 type: string
3006 description: NodeSelector is a selector which must be true for the pod to fit on a node.
3007 type: object
3008 x-kubernetes-map-type: atomic
3009 os:
3010 description: Specifies the OS of the containers in the pod.
3011 properties:
3012 name:
3013 description: Name is the name of the operating system.
3014 type: string
3015 required:
3016 - name
3017 type: object
3018 overhead:
3019 additionalProperties:
3020 anyOf:
3021 - type: integer
3022 - type: string
3023 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3024 x-kubernetes-int-or-string: true
3025 description: Overhead represents the resource overhead associated with running a pod for a gi
3026 type: object
3027 preemptionPolicy:
3028 description: PreemptionPolicy is the Policy for preempting pods with lower priority.
3029 type: string
3030 priority:
3031 description: The priority value.
3032 format: int32
3033 type: integer
3034 priorityClassName:
3035 description: If specified, indicates the pod's priority.
3036 type: string
3037 readinessGates:
3038 description: If specified, all readiness gates will be evaluated for pod readiness.
3039 items:
3040 description: PodReadinessGate contains the reference to a pod condition
3041 properties:
3042 conditionType:
3043 description: ConditionType refers to a condition in the pod's condition list with matching ty
3044 type: string
3045 required:
3046 - conditionType
3047 type: object
3048 type: array
3049 restartPolicy:
3050 description: Restart policy for all containers within the pod.
3051 type: string
3052 runtimeClassName:
3053 description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.
3054 type: string
3055 schedulerName:
3056 description: If specified, the pod will be dispatched by specified scheduler.
3057 type: string
3058 securityContext:
3059 description: SecurityContext holds pod-level security attributes and common container setting
3060 properties:
3061 fsGroup:
3062 description: A special supplemental group that applies to all containers in a pod.
3063 format: int64
3064 type: integer
3065 fsGroupChangePolicy:
3066 description: fsGroupChangePolicy defines behavior of changing ownership and permission of the
3067 type: string
3068 runAsGroup:
3069 description: The GID to run the entrypoint of the container process.
3070 format: int64
3071 type: integer
3072 runAsNonRoot:
3073 description: Indicates that the container must run as a non-root user.
3074 type: boolean
3075 runAsUser:
3076 description: The UID to run the entrypoint of the container process.
3077 format: int64
3078 type: integer
3079 seLinuxOptions:
3080 description: The SELinux context to be applied to all containers.
3081 properties:
3082 level:
3083 description: Level is SELinux level label that applies to the container.
3084 type: string
3085 role:
3086 description: Role is a SELinux role label that applies to the container.
3087 type: string
3088 type:
3089 description: Type is a SELinux type label that applies to the container.
3090 type: string
3091 user:
3092 description: User is a SELinux user label that applies to the container.
3093 type: string
3094 type: object
3095 seccompProfile:
3096 description: The seccomp options to use by the containers in this pod.
3097 properties:
3098 localhostProfile:
3099 description: localhostProfile indicates a profile defined in a file on the node should be use
3100 type: string
3101 type:
3102 description: type indicates which kind of seccomp profile will be applied.
3103 type: string
3104 required:
3105 - type
3106 type: object
3107 supplementalGroups:
3108 description: A list of groups applied to the first process run in each container, in addition
3109 items:
3110 format: int64
3111 type: integer
3112 type: array
3113 sysctls:
3114 description: Sysctls hold a list of namespaced sysctls used for the pod.
3115 items:
3116 description: Sysctl defines a kernel parameter to be set
3117 properties:
3118 name:
3119 description: Name of a property to set
3120 type: string
3121 value:
3122 description: Value of a property to set
3123 type: string
3124 required:
3125 - name
3126 - value
3127 type: object
3128 type: array
3129 windowsOptions:
3130 description: The Windows specific settings applied to all containers.
3131 properties:
3132 gmsaCredentialSpec:
3133 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
3134 type: string
3135 gmsaCredentialSpecName:
3136 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
3137 type: string
3138 hostProcess:
3139 description: HostProcess determines if a container should be run as a 'Host Process' containe
3140 type: boolean
3141 runAsUserName:
3142 description: The UserName in Windows to run the entrypoint of the container process.
3143 type: string
3144 type: object
3145 type: object
3146 serviceAccount:
3147 description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
3148 type: string
3149 serviceAccountName:
3150 description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.
3151 type: string
3152 setHostnameAsFQDN:
3153 description: If true the pod's hostname will be configured as the pod's FQDN, rather than the
3154 type: boolean
3155 shareProcessNamespace:
3156 description: Share a single process namespace between all of the containers in a pod.
3157 type: boolean
3158 subdomain:
3159 description: If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.
3160 type: string
3161 terminationGracePeriodSeconds:
3162 description: Optional duration in seconds the pod needs to terminate gracefully.
3163 format: int64
3164 type: integer
3165 tolerations:
3166 description: If specified, the pod's tolerations.
3167 items:
3168 description: The pod this Toleration is attached to tolerates any taint that matches the trip
3169 properties:
3170 effect:
3171 description: Effect indicates the taint effect to match. Empty means match all taint effects.
3172 type: string
3173 key:
3174 description: Key is the taint key that the toleration applies to.
3175 type: string
3176 operator:
3177 description: Operator represents a key's relationship to the value.
3178 type: string
3179 tolerationSeconds:
3180 description: TolerationSeconds represents the period of time the toleration (which must be of
3181 format: int64
3182 type: integer
3183 value:
3184 description: Value is the taint value the toleration matches to.
3185 type: string
3186 type: object
3187 type: array
3188 topologySpreadConstraints:
3189 description: TopologySpreadConstraints describes how a group of pods ought to spread across t
3190 items:
3191 description: TopologySpreadConstraint specifies how to spread matching pods among the given t
3192 properties:
3193 labelSelector:
3194 description: LabelSelector is used to find matching pods.
3195 properties:
3196 matchExpressions:
3197 description: matchExpressions is a list of label selector requirements.
3198 items:
3199 description: A label selector requirement is a selector that contains values, a key, and an o
3200 properties:
3201 key:
3202 description: key is the label key that the selector applies to.
3203 type: string
3204 operator:
3205 description: operator represents a key's relationship to a set of values.
3206 type: string
3207 values:
3208 description: values is an array of string values.
3209 items:
3210 type: string
3211 type: array
3212 required:
3213 - key
3214 - operator
3215 type: object
3216 type: array
3217 matchLabels:
3218 additionalProperties:
3219 type: string
3220 description: matchLabels is a map of {key,value} pairs.
3221 type: object
3222 type: object
3223 x-kubernetes-map-type: atomic
3224 maxSkew:
3225 description: MaxSkew describes the degree to which pods may be unevenly distributed.
3226 format: int32
3227 type: integer
3228 topologyKey:
3229 description: TopologyKey is the key of node labels.
3230 type: string
3231 whenUnsatisfiable:
3232 description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr
3233 type: string
3234 required:
3235 - maxSkew
3236 - topologyKey
3237 - whenUnsatisfiable
3238 type: object
3239 type: array
3240 x-kubernetes-list-map-keys:
3241 - topologyKey
3242 - whenUnsatisfiable
3243 x-kubernetes-list-type: map
3244 volumes:
3245 description: List of volumes that can be mounted by containers belonging to the pod.
3246 items:
3247 description: 'Volume represents a named volume in a pod that may be accessed by any container '
3248 properties:
3249 awsElasticBlockStore:
3250 description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel
3251 properties:
3252 fsType:
3253 description: Filesystem type of the volume that you want to mount.
3254 type: string
3255 partition:
3256 description: The partition in the volume that you want to mount.
3257 format: int32
3258 type: integer
3259 readOnly:
3260 description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
3261 type: boolean
3262 volumeID:
3263 description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
3264 type: string
3265 required:
3266 - volumeID
3267 type: object
3268 azureDisk:
3269 description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '
3270 properties:
3271 cachingMode:
3272 description: 'Host Caching mode: None, Read Only, Read Write.'
3273 type: string
3274 diskName:
3275 description: The Name of the data disk in the blob storage
3276 type: string
3277 diskURI:
3278 description: The URI the data disk in the blob storage
3279 type: string
3280 fsType:
3281 description: Filesystem type to mount.
3282 type: string
3283 kind:
3284 description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'
3285 type: string
3286 readOnly:
3287 description: Defaults to false (read/write).
3288 type: boolean
3289 required:
3290 - diskName
3291 - diskURI
3292 type: object
3293 azureFile:
3294 description: AzureFile represents an Azure File Service mount on the host and bind mount to t
3295 properties:
3296 readOnly:
3297 description: Defaults to false (read/write).
3298 type: boolean
3299 secretName:
3300 description: the name of secret that contains Azure Storage Account Name and Key
3301 type: string
3302 shareName:
3303 description: Share Name
3304 type: string
3305 required:
3306 - secretName
3307 - shareName
3308 type: object
3309 cephfs:
3310 description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
3311 properties:
3312 monitors:
3313 description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'
3314 items:
3315 type: string
3316 type: array
3317 path:
3318 description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
3319 type: string
3320 readOnly:
3321 description: 'Optional: Defaults to false (read/write).'
3322 type: boolean
3323 secretFile:
3324 description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'
3325 type: string
3326 secretRef:
3327 description: 'Optional: SecretRef is reference to the authentication secret for User, default '
3328 properties:
3329 name:
3330 description: 'Name of the referent. More info: https://kubernetes.'
3331 type: string
3332 type: object
3333 x-kubernetes-map-type: atomic
3334 user:
3335 description: 'Optional: User is the rados user name, default is admin More info: https://examp'
3336 type: string
3337 required:
3338 - monitors
3339 type: object
3340 cinder:
3341 description: Cinder represents a cinder volume attached and mounted on kubelets host machine.
3342 properties:
3343 fsType:
3344 description: Filesystem type to mount.
3345 type: string
3346 readOnly:
3347 description: 'Optional: Defaults to false (read/write).'
3348 type: boolean
3349 secretRef:
3350 description: 'Optional: points to a secret object containing parameters used to connect to Ope'
3351 properties:
3352 name:
3353 description: 'Name of the referent. More info: https://kubernetes.'
3354 type: string
3355 type: object
3356 x-kubernetes-map-type: atomic
3357 volumeID:
3358 description: 'volume id used to identify the volume in cinder. More info: https://examples.'
3359 type: string
3360 required:
3361 - volumeID
3362 type: object
3363 configMap:
3364 description: ConfigMap represents a configMap that should populate this volume
3365 properties:
3366 defaultMode:
3367 description: 'Optional: mode bits used to set permissions on created files by default.'
3368 format: int32
3369 type: integer
3370 items:
3371 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
3372 items:
3373 description: Maps a string key to a path within a volume.
3374 properties:
3375 key:
3376 description: The key to project.
3377 type: string
3378 mode:
3379 description: 'Optional: mode bits used to set permissions on this file.'
3380 format: int32
3381 type: integer
3382 path:
3383 description: The relative path of the file to map the key to. May not be an absolute path.
3384 type: string
3385 required:
3386 - key
3387 - path
3388 type: object
3389 type: array
3390 name:
3391 description: 'Name of the referent. More info: https://kubernetes.'
3392 type: string
3393 optional:
3394 description: Specify whether the ConfigMap or its keys must be defined
3395 type: boolean
3396 type: object
3397 x-kubernetes-map-type: atomic
3398 csi:
3399 description: CSI (Container Storage Interface) represents ephemeral storage that is handled b
3400 properties:
3401 driver:
3402 description: Driver is the name of the CSI driver that handles this volume.
3403 type: string
3404 fsType:
3405 description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
3406 type: string
3407 nodePublishSecretRef:
3408 description: NodePublishSecretRef is a reference to the secret object containing sensitive in
3409 properties:
3410 name:
3411 description: 'Name of the referent. More info: https://kubernetes.'
3412 type: string
3413 type: object
3414 x-kubernetes-map-type: atomic
3415 readOnly:
3416 description: Specifies a read-only configuration for the volume.
3417 type: boolean
3418 volumeAttributes:
3419 additionalProperties:
3420 type: string
3421 description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr
3422 type: object
3423 required:
3424 - driver
3425 type: object
3426 downwardAPI:
3427 description: DownwardAPI represents downward API about the pod that should populate this volu
3428 properties:
3429 defaultMode:
3430 description: 'Optional: mode bits to use on created files by default.'
3431 format: int32
3432 type: integer
3433 items:
3434 description: Items is a list of downward API volume file
3435 items:
3436 description: DownwardAPIVolumeFile represents information to create the file containing the p
3437 properties:
3438 fieldRef:
3439 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
3440 properties:
3441 apiVersion:
3442 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
3443 type: string
3444 fieldPath:
3445 description: Path of the field to select in the specified API version.
3446 type: string
3447 required:
3448 - fieldPath
3449 type: object
3450 x-kubernetes-map-type: atomic
3451 mode:
3452 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
3453 format: int32
3454 type: integer
3455 path:
3456 description: 'Required: Path is the relative path name of the file to be created.'
3457 type: string
3458 resourceFieldRef:
3459 description: 'Selects a resource of the container: only resources limits and requests (limits.'
3460 properties:
3461 containerName:
3462 description: 'Container name: required for volumes, optional for env vars'
3463 type: string
3464 divisor:
3465 anyOf:
3466 - type: integer
3467 - type: string
3468 description: Specifies the output format of the exposed resources, defaults to "1"
3469 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3470 x-kubernetes-int-or-string: true
3471 resource:
3472 description: 'Required: resource to select'
3473 type: string
3474 required:
3475 - resource
3476 type: object
3477 x-kubernetes-map-type: atomic
3478 required:
3479 - path
3480 type: object
3481 type: array
3482 type: object
3483 emptyDir:
3484 description: EmptyDir represents a temporary directory that shares a pod's lifetime.
3485 properties:
3486 medium:
3487 description: What type of storage medium should back this directory.
3488 type: string
3489 sizeLimit:
3490 anyOf:
3491 - type: integer
3492 - type: string
3493 description: Total amount of local storage required for this EmptyDir volume.
3494 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3495 x-kubernetes-int-or-string: true
3496 type: object
3497 ephemeral:
3498 description: Ephemeral represents a volume that is handled by a cluster storage driver.
3499 properties:
3500 volumeClaimTemplate:
3501 description: Will be used to create a stand-alone PVC to provision the volume.
3502 properties:
3503 metadata:
3504 description: May contain labels and annotations that will be copied into the PVC when creatin
3505 type: object
3506 spec:
3507 description: The specification for the PersistentVolumeClaim.
3508 properties:
3509 accessModes:
3510 description: AccessModes contains the desired access modes the volume should have.
3511 items:
3512 type: string
3513 type: array
3514 dataSource:
3515 description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'
3516 properties:
3517 apiGroup:
3518 description: APIGroup is the group for the resource being referenced.
3519 type: string
3520 kind:
3521 description: Kind is the type of resource being referenced
3522 type: string
3523 name:
3524 description: Name is the name of resource being referenced
3525 type: string
3526 required:
3527 - kind
3528 - name
3529 type: object
3530 x-kubernetes-map-type: atomic
3531 dataSourceRef:
3532 description: Specifies the object from which to populate the volume with data, if a non-empty
3533 properties:
3534 apiGroup:
3535 description: APIGroup is the group for the resource being referenced.
3536 type: string
3537 kind:
3538 description: Kind is the type of resource being referenced
3539 type: string
3540 name:
3541 description: Name is the name of resource being referenced
3542 type: string
3543 required:
3544 - kind
3545 - name
3546 type: object
3547 x-kubernetes-map-type: atomic
3548 resources:
3549 description: Resources represents the minimum resources the volume should have.
3550 properties:
3551 limits:
3552 additionalProperties:
3553 anyOf:
3554 - type: integer
3555 - type: string
3556 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3557 x-kubernetes-int-or-string: true
3558 description: Limits describes the maximum amount of compute resources allowed.
3559 type: object
3560 requests:
3561 additionalProperties:
3562 anyOf:
3563 - type: integer
3564 - type: string
3565 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3566 x-kubernetes-int-or-string: true
3567 description: Requests describes the minimum amount of compute resources required.
3568 type: object
3569 type: object
3570 selector:
3571 description: A label query over volumes to consider for binding.
3572 properties:
3573 matchExpressions:
3574 description: matchExpressions is a list of label selector requirements.
3575 items:
3576 description: A label selector requirement is a selector that contains values, a key, and an o
3577 properties:
3578 key:
3579 description: key is the label key that the selector applies to.
3580 type: string
3581 operator:
3582 description: operator represents a key's relationship to a set of values.
3583 type: string
3584 values:
3585 description: values is an array of string values.
3586 items:
3587 type: string
3588 type: array
3589 required:
3590 - key
3591 - operator
3592 type: object
3593 type: array
3594 matchLabels:
3595 additionalProperties:
3596 type: string
3597 description: matchLabels is a map of {key,value} pairs.
3598 type: object
3599 type: object
3600 x-kubernetes-map-type: atomic
3601 storageClassName:
3602 description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'
3603 type: string
3604 volumeMode:
3605 description: volumeMode defines what type of volume is required by the claim.
3606 type: string
3607 volumeName:
3608 description: VolumeName is the binding reference to the PersistentVolume backing this claim.
3609 type: string
3610 type: object
3611 required:
3612 - spec
3613 type: object
3614 type: object
3615 fc:
3616 description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach
3617 properties:
3618 fsType:
3619 description: Filesystem type to mount.
3620 type: string
3621 lun:
3622 description: 'Optional: FC target lun number'
3623 format: int32
3624 type: integer
3625 readOnly:
3626 description: 'Optional: Defaults to false (read/write).'
3627 type: boolean
3628 targetWWNs:
3629 description: 'Optional: FC target worldwide names (WWNs)'
3630 items:
3631 type: string
3632 type: array
3633 wwids:
3634 description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'
3635 items:
3636 type: string
3637 type: array
3638 type: object
3639 flexVolume:
3640 description: FlexVolume represents a generic volume resource that is provisioned/attached usi
3641 properties:
3642 driver:
3643 description: Driver is the name of the driver to use for this volume.
3644 type: string
3645 fsType:
3646 description: Filesystem type to mount.
3647 type: string
3648 options:
3649 additionalProperties:
3650 type: string
3651 description: 'Optional: Extra command options if any.'
3652 type: object
3653 readOnly:
3654 description: 'Optional: Defaults to false (read/write).'
3655 type: boolean
3656 secretRef:
3657 description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'
3658 properties:
3659 name:
3660 description: 'Name of the referent. More info: https://kubernetes.'
3661 type: string
3662 type: object
3663 x-kubernetes-map-type: atomic
3664 required:
3665 - driver
3666 type: object
3667 flocker:
3668 description: Flocker represents a Flocker volume attached to a kubelet's host machine.
3669 properties:
3670 datasetName:
3671 description: Name of the dataset stored as metadata -> name on the dataset for Flocker should
3672 type: string
3673 datasetUUID:
3674 description: UUID of the dataset. This is unique identifier of a Flocker dataset
3675 type: string
3676 type: object
3677 gcePersistentDisk:
3678 description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's
3679 properties:
3680 fsType:
3681 description: Filesystem type of the volume that you want to mount.
3682 type: string
3683 partition:
3684 description: The partition in the volume that you want to mount.
3685 format: int32
3686 type: integer
3687 pdName:
3688 description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.
3689 type: string
3690 readOnly:
3691 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
3692 type: boolean
3693 required:
3694 - pdName
3695 type: object
3696 gitRepo:
3697 description: GitRepo represents a git repository at a particular revision.
3698 properties:
3699 directory:
3700 description: Target directory name. Must not contain or start with '..'. If '.
3701 type: string
3702 repository:
3703 description: Repository URL
3704 type: string
3705 revision:
3706 description: Commit hash for the specified revision.
3707 type: string
3708 required:
3709 - repository
3710 type: object
3711 glusterfs:
3712 description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
3713 properties:
3714 endpoints:
3715 description: EndpointsName is the endpoint name that details Glusterfs topology.
3716 type: string
3717 path:
3718 description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'
3719 type: string
3720 readOnly:
3721 description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi
3722 type: boolean
3723 required:
3724 - endpoints
3725 - path
3726 type: object
3727 hostPath:
3728 description: HostPath represents a pre-existing file or directory on the host machine that is
3729 properties:
3730 path:
3731 description: Path of the directory on the host.
3732 type: string
3733 type:
3734 description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'
3735 type: string
3736 required:
3737 - path
3738 type: object
3739 iscsi:
3740 description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac
3741 properties:
3742 chapAuthDiscovery:
3743 description: whether support iSCSI Discovery CHAP authentication
3744 type: boolean
3745 chapAuthSession:
3746 description: whether support iSCSI Session CHAP authentication
3747 type: boolean
3748 fsType:
3749 description: Filesystem type of the volume that you want to mount.
3750 type: string
3751 initiatorName:
3752 description: Custom iSCSI Initiator Name.
3753 type: string
3754 iqn:
3755 description: Target iSCSI Qualified Name.
3756 type: string
3757 iscsiInterface:
3758 description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
3759 type: string
3760 lun:
3761 description: iSCSI Target Lun number.
3762 format: int32
3763 type: integer
3764 portals:
3765 description: iSCSI Target Portal List.
3766 items:
3767 type: string
3768 type: array
3769 readOnly:
3770 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
3771 type: boolean
3772 secretRef:
3773 description: CHAP Secret for iSCSI target and initiator authentication
3774 properties:
3775 name:
3776 description: 'Name of the referent. More info: https://kubernetes.'
3777 type: string
3778 type: object
3779 x-kubernetes-map-type: atomic
3780 targetPortal:
3781 description: iSCSI Target Portal.
3782 type: string
3783 required:
3784 - iqn
3785 - lun
3786 - targetPortal
3787 type: object
3788 name:
3789 description: Volume's name. Must be a DNS_LABEL and unique within the pod.
3790 type: string
3791 nfs:
3792 description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '
3793 properties:
3794 path:
3795 description: 'Path that is exported by the NFS server. More info: https://kubernetes.'
3796 type: string
3797 readOnly:
3798 description: ReadOnly here will force the NFS export to be mounted with read-only permissions
3799 type: boolean
3800 server:
3801 description: Server is the hostname or IP address of the NFS server.
3802 type: string
3803 required:
3804 - path
3805 - server
3806 type: object
3807 persistentVolumeClaim:
3808 description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl
3809 properties:
3810 claimName:
3811 description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po
3812 type: string
3813 readOnly:
3814 description: Will force the ReadOnly setting in VolumeMounts. Default false.
3815 type: boolean
3816 required:
3817 - claimName
3818 type: object
3819 photonPersistentDisk:
3820 description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '
3821 properties:
3822 fsType:
3823 description: Filesystem type to mount.
3824 type: string
3825 pdID:
3826 description: ID that identifies Photon Controller persistent disk
3827 type: string
3828 required:
3829 - pdID
3830 type: object
3831 portworxVolume:
3832 description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos
3833 properties:
3834 fsType:
3835 description: FSType represents the filesystem type to mount Must be a filesystem type support
3836 type: string
3837 readOnly:
3838 description: Defaults to false (read/write).
3839 type: boolean
3840 volumeID:
3841 description: VolumeID uniquely identifies a Portworx volume
3842 type: string
3843 required:
3844 - volumeID
3845 type: object
3846 projected:
3847 description: Items for all in one resources secrets, configmaps, and downward API
3848 properties:
3849 defaultMode:
3850 description: Mode bits used to set permissions on created files by default.
3851 format: int32
3852 type: integer
3853 sources:
3854 description: list of volume projections
3855 items:
3856 description: Projection that may be projected along with other supported volume types
3857 properties:
3858 configMap:
3859 description: information about the configMap data to project
3860 properties:
3861 items:
3862 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
3863 items:
3864 description: Maps a string key to a path within a volume.
3865 properties:
3866 key:
3867 description: The key to project.
3868 type: string
3869 mode:
3870 description: 'Optional: mode bits used to set permissions on this file.'
3871 format: int32
3872 type: integer
3873 path:
3874 description: The relative path of the file to map the key to. May not be an absolute path.
3875 type: string
3876 required:
3877 - key
3878 - path
3879 type: object
3880 type: array
3881 name:
3882 description: 'Name of the referent. More info: https://kubernetes.'
3883 type: string
3884 optional:
3885 description: Specify whether the ConfigMap or its keys must be defined
3886 type: boolean
3887 type: object
3888 x-kubernetes-map-type: atomic
3889 downwardAPI:
3890 description: information about the downwardAPI data to project
3891 properties:
3892 items:
3893 description: Items is a list of DownwardAPIVolume file
3894 items:
3895 description: DownwardAPIVolumeFile represents information to create the file containing the p
3896 properties:
3897 fieldRef:
3898 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
3899 properties:
3900 apiVersion:
3901 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
3902 type: string
3903 fieldPath:
3904 description: Path of the field to select in the specified API version.
3905 type: string
3906 required:
3907 - fieldPath
3908 type: object
3909 x-kubernetes-map-type: atomic
3910 mode:
3911 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
3912 format: int32
3913 type: integer
3914 path:
3915 description: 'Required: Path is the relative path name of the file to be created.'
3916 type: string
3917 resourceFieldRef:
3918 description: 'Selects a resource of the container: only resources limits and requests (limits.'
3919 properties:
3920 containerName:
3921 description: 'Container name: required for volumes, optional for env vars'
3922 type: string
3923 divisor:
3924 anyOf:
3925 - type: integer
3926 - type: string
3927 description: Specifies the output format of the exposed resources, defaults to "1"
3928 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3929 x-kubernetes-int-or-string: true
3930 resource:
3931 description: 'Required: resource to select'
3932 type: string
3933 required:
3934 - resource
3935 type: object
3936 x-kubernetes-map-type: atomic
3937 required:
3938 - path
3939 type: object
3940 type: array
3941 type: object
3942 secret:
3943 description: information about the secret data to project
3944 properties:
3945 items:
3946 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
3947 items:
3948 description: Maps a string key to a path within a volume.
3949 properties:
3950 key:
3951 description: The key to project.
3952 type: string
3953 mode:
3954 description: 'Optional: mode bits used to set permissions on this file.'
3955 format: int32
3956 type: integer
3957 path:
3958 description: The relative path of the file to map the key to. May not be an absolute path.
3959 type: string
3960 required:
3961 - key
3962 - path
3963 type: object
3964 type: array
3965 name:
3966 description: 'Name of the referent. More info: https://kubernetes.'
3967 type: string
3968 optional:
3969 description: Specify whether the Secret or its key must be defined
3970 type: boolean
3971 type: object
3972 x-kubernetes-map-type: atomic
3973 serviceAccountToken:
3974 description: information about the serviceAccountToken data to project
3975 properties:
3976 audience:
3977 description: Audience is the intended audience of the token.
3978 type: string
3979 expirationSeconds:
3980 description: ExpirationSeconds is the requested duration of validity of the service account t
3981 format: int64
3982 type: integer
3983 path:
3984 description: Path is the path relative to the mount point of the file to project the token in
3985 type: string
3986 required:
3987 - path
3988 type: object
3989 type: object
3990 type: array
3991 type: object
3992 quobyte:
3993 description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
3994 properties:
3995 group:
3996 description: Group to map volume access to Default is no group
3997 type: string
3998 readOnly:
3999 description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss
4000 type: boolean
4001 registry:
4002 description: 'Registry represents a single or multiple Quobyte Registry services specified as '
4003 type: string
4004 tenant:
4005 description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov
4006 type: string
4007 user:
4008 description: User to map volume access to Defaults to serivceaccount user
4009 type: string
4010 volume:
4011 description: Volume is a string that references an already created Quobyte volume by name.
4012 type: string
4013 required:
4014 - registry
4015 - volume
4016 type: object
4017 rbd:
4018 description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti
4019 properties:
4020 fsType:
4021 description: Filesystem type of the volume that you want to mount.
4022 type: string
4023 image:
4024 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'
4025 type: string
4026 keyring:
4027 description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.
4028 type: string
4029 monitors:
4030 description: 'A collection of Ceph monitors. More info: https://examples.k8s.'
4031 items:
4032 type: string
4033 type: array
4034 pool:
4035 description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'
4036 type: string
4037 readOnly:
4038 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
4039 type: boolean
4040 secretRef:
4041 description: SecretRef is name of the authentication secret for RBDUser.
4042 properties:
4043 name:
4044 description: 'Name of the referent. More info: https://kubernetes.'
4045 type: string
4046 type: object
4047 x-kubernetes-map-type: atomic
4048 user:
4049 description: 'The rados user name. Default is admin. More info: https://examples.k8s.'
4050 type: string
4051 required:
4052 - image
4053 - monitors
4054 type: object
4055 scaleIO:
4056 description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete
4057 properties:
4058 fsType:
4059 description: Filesystem type to mount.
4060 type: string
4061 gateway:
4062 description: The host address of the ScaleIO API Gateway.
4063 type: string
4064 protectionDomain:
4065 description: The name of the ScaleIO Protection Domain for the configured storage.
4066 type: string
4067 readOnly:
4068 description: Defaults to false (read/write).
4069 type: boolean
4070 secretRef:
4071 description: SecretRef references to the secret for ScaleIO user and other sensitive informat
4072 properties:
4073 name:
4074 description: 'Name of the referent. More info: https://kubernetes.'
4075 type: string
4076 type: object
4077 x-kubernetes-map-type: atomic
4078 sslEnabled:
4079 description: Flag to enable/disable SSL communication with Gateway, default false
4080 type: boolean
4081 storageMode:
4082 description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro
4083 type: string
4084 storagePool:
4085 description: The ScaleIO Storage Pool associated with the protection domain.
4086 type: string
4087 system:
4088 description: The name of the storage system as configured in ScaleIO.
4089 type: string
4090 volumeName:
4091 description: The name of a volume already created in the ScaleIO system that is associated wi
4092 type: string
4093 required:
4094 - gateway
4095 - secretRef
4096 - system
4097 type: object
4098 secret:
4099 description: Secret represents a secret that should populate this volume.
4100 properties:
4101 defaultMode:
4102 description: 'Optional: mode bits used to set permissions on created files by default.'
4103 format: int32
4104 type: integer
4105 items:
4106 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
4107 items:
4108 description: Maps a string key to a path within a volume.
4109 properties:
4110 key:
4111 description: The key to project.
4112 type: string
4113 mode:
4114 description: 'Optional: mode bits used to set permissions on this file.'
4115 format: int32
4116 type: integer
4117 path:
4118 description: The relative path of the file to map the key to. May not be an absolute path.
4119 type: string
4120 required:
4121 - key
4122 - path
4123 type: object
4124 type: array
4125 optional:
4126 description: Specify whether the Secret or its keys must be defined
4127 type: boolean
4128 secretName:
4129 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'
4130 type: string
4131 type: object
4132 storageos:
4133 description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes
4134 properties:
4135 fsType:
4136 description: Filesystem type to mount.
4137 type: string
4138 readOnly:
4139 description: Defaults to false (read/write).
4140 type: boolean
4141 secretRef:
4142 description: SecretRef specifies the secret to use for obtaining the StorageOS API credential
4143 properties:
4144 name:
4145 description: 'Name of the referent. More info: https://kubernetes.'
4146 type: string
4147 type: object
4148 x-kubernetes-map-type: atomic
4149 volumeName:
4150 description: VolumeName is the human-readable name of the StorageOS volume.
4151 type: string
4152 volumeNamespace:
4153 description: VolumeNamespace specifies the scope of the volume within StorageOS.
4154 type: string
4155 type: object
4156 vsphereVolume:
4157 description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '
4158 properties:
4159 fsType:
4160 description: Filesystem type to mount.
4161 type: string
4162 storagePolicyID:
4163 description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol
4164 type: string
4165 storagePolicyName:
4166 description: Storage Policy Based Management (SPBM) profile name.
4167 type: string
4168 volumePath:
4169 description: Path that identifies vSphere volume vmdk
4170 type: string
4171 required:
4172 - volumePath
4173 type: object
4174 required:
4175 - name
4176 type: object
4177 type: array
4178 required: null
4179 type: object
4180 torResources:
4181 description: Default resources for tor containers
4182 properties:
4183 limits:
4184 additionalProperties:
4185 anyOf:
4186 - type: integer
4187 - type: string
4188 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4189 x-kubernetes-int-or-string: true
4190 description: Limits describes the maximum amount of compute resources allowed.
4191 type: object
4192 requests:
4193 additionalProperties:
4194 anyOf:
4195 - type: integer
4196 - type: string
4197 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4198 x-kubernetes-int-or-string: true
4199 description: Requests describes the minimum amount of compute resources required.
4200 type: object
4201 type: object
4202 type: object
4203 privateKeySecret:
4204 description: SecretReference represents a Secret Reference.
4205 properties:
4206 key:
4207 type: string
4208 name:
4209 description: Name is unique within a namespace to reference a secret resource.
4210 type: string
4211 type: object
4212 serviceMonitor:
4213 default: false
4214 type: boolean
4215 template:
4216 properties:
4217 spec:
4218 description: OnionServiceSpec defines the desired state of OnionService.
4219 properties:
4220 authorizedClients:
4221 items:
4222 description: SecretReference represents a Secret Reference.
4223 properties:
4224 key:
4225 type: string
4226 name:
4227 description: Name is unique within a namespace to reference a secret resource.
4228 type: string
4229 type: object
4230 type: array
4231 extraConfig:
4232 type: string
4233 masterOnionAddress:
4234 type: string
4235 privateKeySecret:
4236 description: SecretReference represents a Secret Reference.
4237 properties:
4238 key:
4239 type: string
4240 name:
4241 description: Name is unique within a namespace to reference a secret resource.
4242 type: string
4243 type: object
4244 rules:
4245 items:
4246 properties:
4247 backend:
4248 description: Backend selector
4249 properties:
4250 resource:
4251 description: 'Resource is an ObjectRef to another Kubernetes resource in the namespace of the '
4252 properties:
4253 apiGroup:
4254 description: APIGroup is the group for the resource being referenced.
4255 type: string
4256 kind:
4257 description: Kind is the type of resource being referenced
4258 type: string
4259 name:
4260 description: Name is the name of resource being referenced
4261 type: string
4262 required:
4263 - kind
4264 - name
4265 type: object
4266 x-kubernetes-map-type: atomic
4267 service:
4268 description: Service references a Service as a Backend.
4269 properties:
4270 name:
4271 description: Name is the referenced service.
4272 type: string
4273 port:
4274 description: Port of the referenced service.
4275 properties:
4276 name:
4277 description: Name is the name of the port on the Service.
4278 type: string
4279 number:
4280 description: Number is the numerical port number (e.g. 80) on the Service.
4281 format: int32
4282 type: integer
4283 type: object
4284 required:
4285 - name
4286 type: object
4287 type: object
4288 port:
4289 description: Port publish as
4290 properties:
4291 name:
4292 description: Name is the name of the port on the Service.
4293 type: string
4294 number:
4295 description: Number is the numerical port number (e.g. 80) on the Service.
4296 format: int32
4297 type: integer
4298 type: object
4299 type: object
4300 type: array
4301 serviceMonitor:
4302 default: false
4303 type: boolean
4304 template:
4305 description: Template describes the pods that will be created.
4306 properties:
4307 metadata:
4308 description: Metadata of the pods created from this template.
4309 type: object
4310 resources:
4311 description: Default resources for containers
4312 properties:
4313 limits:
4314 additionalProperties:
4315 anyOf:
4316 - type: integer
4317 - type: string
4318 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4319 x-kubernetes-int-or-string: true
4320 description: Limits describes the maximum amount of compute resources allowed.
4321 type: object
4322 requests:
4323 additionalProperties:
4324 anyOf:
4325 - type: integer
4326 - type: string
4327 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4328 x-kubernetes-int-or-string: true
4329 description: Requests describes the minimum amount of compute resources required.
4330 type: object
4331 type: object
4332 spec:
4333 description: Spec defines the behavior of a pod.
4334 properties:
4335 activeDeadlineSeconds:
4336 description: Optional duration in seconds the pod may be active on the node relative to Start
4337 format: int64
4338 type: integer
4339 affinity:
4340 description: If specified, the pod's scheduling constraints
4341 properties:
4342 nodeAffinity:
4343 description: Describes node affinity scheduling rules for the pod.
4344 properties:
4345 preferredDuringSchedulingIgnoredDuringExecution:
4346 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
4347 items:
4348 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i
4349 properties:
4350 preference:
4351 description: A node selector term, associated with the corresponding weight.
4352 properties:
4353 matchExpressions:
4354 description: A list of node selector requirements by node's labels.
4355 items:
4356 description: A node selector requirement is a selector that contains values, a key, and an op
4357 properties:
4358 key:
4359 description: The label key that the selector applies to.
4360 type: string
4361 operator:
4362 description: Represents a key's relationship to a set of values.
4363 type: string
4364 values:
4365 description: An array of string values.
4366 items:
4367 type: string
4368 type: array
4369 required:
4370 - key
4371 - operator
4372 type: object
4373 type: array
4374 matchFields:
4375 description: A list of node selector requirements by node's fields.
4376 items:
4377 description: A node selector requirement is a selector that contains values, a key, and an op
4378 properties:
4379 key:
4380 description: The label key that the selector applies to.
4381 type: string
4382 operator:
4383 description: Represents a key's relationship to a set of values.
4384 type: string
4385 values:
4386 description: An array of string values.
4387 items:
4388 type: string
4389 type: array
4390 required:
4391 - key
4392 - operator
4393 type: object
4394 type: array
4395 type: object
4396 x-kubernetes-map-type: atomic
4397 weight:
4398 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range
4399 format: int32
4400 type: integer
4401 required:
4402 - preference
4403 - weight
4404 type: object
4405 type: array
4406 requiredDuringSchedulingIgnoredDuringExecution:
4407 description: If the affinity requirements specified by this field are not met at scheduling t
4408 properties:
4409 nodeSelectorTerms:
4410 description: Required. A list of node selector terms. The terms are ORed.
4411 items:
4412 description: A null or empty node selector term matches no objects.
4413 properties:
4414 matchExpressions:
4415 description: A list of node selector requirements by node's labels.
4416 items:
4417 description: A node selector requirement is a selector that contains values, a key, and an op
4418 properties:
4419 key:
4420 description: The label key that the selector applies to.
4421 type: string
4422 operator:
4423 description: Represents a key's relationship to a set of values.
4424 type: string
4425 values:
4426 description: An array of string values.
4427 items:
4428 type: string
4429 type: array
4430 required:
4431 - key
4432 - operator
4433 type: object
4434 type: array
4435 matchFields:
4436 description: A list of node selector requirements by node's fields.
4437 items:
4438 description: A node selector requirement is a selector that contains values, a key, and an op
4439 properties:
4440 key:
4441 description: The label key that the selector applies to.
4442 type: string
4443 operator:
4444 description: Represents a key's relationship to a set of values.
4445 type: string
4446 values:
4447 description: An array of string values.
4448 items:
4449 type: string
4450 type: array
4451 required:
4452 - key
4453 - operator
4454 type: object
4455 type: array
4456 type: object
4457 x-kubernetes-map-type: atomic
4458 type: array
4459 required:
4460 - nodeSelectorTerms
4461 type: object
4462 x-kubernetes-map-type: atomic
4463 type: object
4464 podAffinity:
4465 description: Describes pod affinity scheduling rules (e.g.
4466 properties:
4467 preferredDuringSchedulingIgnoredDuringExecution:
4468 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
4469 items:
4470 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
4471 properties:
4472 podAffinityTerm:
4473 description: Required. A pod affinity term, associated with the corresponding weight.
4474 properties:
4475 labelSelector:
4476 description: A label query over a set of resources, in this case pods.
4477 properties:
4478 matchExpressions:
4479 description: matchExpressions is a list of label selector requirements.
4480 items:
4481 description: A label selector requirement is a selector that contains values, a key, and an o
4482 properties:
4483 key:
4484 description: key is the label key that the selector applies to.
4485 type: string
4486 operator:
4487 description: operator represents a key's relationship to a set of values.
4488 type: string
4489 values:
4490 description: values is an array of string values.
4491 items:
4492 type: string
4493 type: array
4494 required:
4495 - key
4496 - operator
4497 type: object
4498 type: array
4499 matchLabels:
4500 additionalProperties:
4501 type: string
4502 description: matchLabels is a map of {key,value} pairs.
4503 type: object
4504 type: object
4505 x-kubernetes-map-type: atomic
4506 namespaceSelector:
4507 description: A label query over the set of namespaces that the term applies to.
4508 properties:
4509 matchExpressions:
4510 description: matchExpressions is a list of label selector requirements.
4511 items:
4512 description: A label selector requirement is a selector that contains values, a key, and an o
4513 properties:
4514 key:
4515 description: key is the label key that the selector applies to.
4516 type: string
4517 operator:
4518 description: operator represents a key's relationship to a set of values.
4519 type: string
4520 values:
4521 description: values is an array of string values.
4522 items:
4523 type: string
4524 type: array
4525 required:
4526 - key
4527 - operator
4528 type: object
4529 type: array
4530 matchLabels:
4531 additionalProperties:
4532 type: string
4533 description: matchLabels is a map of {key,value} pairs.
4534 type: object
4535 type: object
4536 x-kubernetes-map-type: atomic
4537 namespaces:
4538 description: namespaces specifies a static list of namespace names that the term applies to.
4539 items:
4540 type: string
4541 type: array
4542 topologyKey:
4543 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
4544 type: string
4545 required:
4546 - topologyKey
4547 type: object
4548 weight:
4549 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
4550 format: int32
4551 type: integer
4552 required:
4553 - podAffinityTerm
4554 - weight
4555 type: object
4556 type: array
4557 requiredDuringSchedulingIgnoredDuringExecution:
4558 description: If the affinity requirements specified by this field are not met at scheduling t
4559 items:
4560 description: Defines a set of pods (namely those matching the labelSelector relative to the g
4561 properties:
4562 labelSelector:
4563 description: A label query over a set of resources, in this case pods.
4564 properties:
4565 matchExpressions:
4566 description: matchExpressions is a list of label selector requirements.
4567 items:
4568 description: A label selector requirement is a selector that contains values, a key, and an o
4569 properties:
4570 key:
4571 description: key is the label key that the selector applies to.
4572 type: string
4573 operator:
4574 description: operator represents a key's relationship to a set of values.
4575 type: string
4576 values:
4577 description: values is an array of string values.
4578 items:
4579 type: string
4580 type: array
4581 required:
4582 - key
4583 - operator
4584 type: object
4585 type: array
4586 matchLabels:
4587 additionalProperties:
4588 type: string
4589 description: matchLabels is a map of {key,value} pairs.
4590 type: object
4591 type: object
4592 x-kubernetes-map-type: atomic
4593 namespaceSelector:
4594 description: A label query over the set of namespaces that the term applies to.
4595 properties:
4596 matchExpressions:
4597 description: matchExpressions is a list of label selector requirements.
4598 items:
4599 description: A label selector requirement is a selector that contains values, a key, and an o
4600 properties:
4601 key:
4602 description: key is the label key that the selector applies to.
4603 type: string
4604 operator:
4605 description: operator represents a key's relationship to a set of values.
4606 type: string
4607 values:
4608 description: values is an array of string values.
4609 items:
4610 type: string
4611 type: array
4612 required:
4613 - key
4614 - operator
4615 type: object
4616 type: array
4617 matchLabels:
4618 additionalProperties:
4619 type: string
4620 description: matchLabels is a map of {key,value} pairs.
4621 type: object
4622 type: object
4623 x-kubernetes-map-type: atomic
4624 namespaces:
4625 description: namespaces specifies a static list of namespace names that the term applies to.
4626 items:
4627 type: string
4628 type: array
4629 topologyKey:
4630 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
4631 type: string
4632 required:
4633 - topologyKey
4634 type: object
4635 type: array
4636 type: object
4637 podAntiAffinity:
4638 description: Describes pod anti-affinity scheduling rules (e.g.
4639 properties:
4640 preferredDuringSchedulingIgnoredDuringExecution:
4641 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini
4642 items:
4643 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
4644 properties:
4645 podAffinityTerm:
4646 description: Required. A pod affinity term, associated with the corresponding weight.
4647 properties:
4648 labelSelector:
4649 description: A label query over a set of resources, in this case pods.
4650 properties:
4651 matchExpressions:
4652 description: matchExpressions is a list of label selector requirements.
4653 items:
4654 description: A label selector requirement is a selector that contains values, a key, and an o
4655 properties:
4656 key:
4657 description: key is the label key that the selector applies to.
4658 type: string
4659 operator:
4660 description: operator represents a key's relationship to a set of values.
4661 type: string
4662 values:
4663 description: values is an array of string values.
4664 items:
4665 type: string
4666 type: array
4667 required:
4668 - key
4669 - operator
4670 type: object
4671 type: array
4672 matchLabels:
4673 additionalProperties:
4674 type: string
4675 description: matchLabels is a map of {key,value} pairs.
4676 type: object
4677 type: object
4678 x-kubernetes-map-type: atomic
4679 namespaceSelector:
4680 description: A label query over the set of namespaces that the term applies to.
4681 properties:
4682 matchExpressions:
4683 description: matchExpressions is a list of label selector requirements.
4684 items:
4685 description: A label selector requirement is a selector that contains values, a key, and an o
4686 properties:
4687 key:
4688 description: key is the label key that the selector applies to.
4689 type: string
4690 operator:
4691 description: operator represents a key's relationship to a set of values.
4692 type: string
4693 values:
4694 description: values is an array of string values.
4695 items:
4696 type: string
4697 type: array
4698 required:
4699 - key
4700 - operator
4701 type: object
4702 type: array
4703 matchLabels:
4704 additionalProperties:
4705 type: string
4706 description: matchLabels is a map of {key,value} pairs.
4707 type: object
4708 type: object
4709 x-kubernetes-map-type: atomic
4710 namespaces:
4711 description: namespaces specifies a static list of namespace names that the term applies to.
4712 items:
4713 type: string
4714 type: array
4715 topologyKey:
4716 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
4717 type: string
4718 required:
4719 - topologyKey
4720 type: object
4721 weight:
4722 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
4723 format: int32
4724 type: integer
4725 required:
4726 - podAffinityTerm
4727 - weight
4728 type: object
4729 type: array
4730 requiredDuringSchedulingIgnoredDuringExecution:
4731 description: If the anti-affinity requirements specified by this field are not met at schedul
4732 items:
4733 description: Defines a set of pods (namely those matching the labelSelector relative to the g
4734 properties:
4735 labelSelector:
4736 description: A label query over a set of resources, in this case pods.
4737 properties:
4738 matchExpressions:
4739 description: matchExpressions is a list of label selector requirements.
4740 items:
4741 description: A label selector requirement is a selector that contains values, a key, and an o
4742 properties:
4743 key:
4744 description: key is the label key that the selector applies to.
4745 type: string
4746 operator:
4747 description: operator represents a key's relationship to a set of values.
4748 type: string
4749 values:
4750 description: values is an array of string values.
4751 items:
4752 type: string
4753 type: array
4754 required:
4755 - key
4756 - operator
4757 type: object
4758 type: array
4759 matchLabels:
4760 additionalProperties:
4761 type: string
4762 description: matchLabels is a map of {key,value} pairs.
4763 type: object
4764 type: object
4765 x-kubernetes-map-type: atomic
4766 namespaceSelector:
4767 description: A label query over the set of namespaces that the term applies to.
4768 properties:
4769 matchExpressions:
4770 description: matchExpressions is a list of label selector requirements.
4771 items:
4772 description: A label selector requirement is a selector that contains values, a key, and an o
4773 properties:
4774 key:
4775 description: key is the label key that the selector applies to.
4776 type: string
4777 operator:
4778 description: operator represents a key's relationship to a set of values.
4779 type: string
4780 values:
4781 description: values is an array of string values.
4782 items:
4783 type: string
4784 type: array
4785 required:
4786 - key
4787 - operator
4788 type: object
4789 type: array
4790 matchLabels:
4791 additionalProperties:
4792 type: string
4793 description: matchLabels is a map of {key,value} pairs.
4794 type: object
4795 type: object
4796 x-kubernetes-map-type: atomic
4797 namespaces:
4798 description: namespaces specifies a static list of namespace names that the term applies to.
4799 items:
4800 type: string
4801 type: array
4802 topologyKey:
4803 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
4804 type: string
4805 required:
4806 - topologyKey
4807 type: object
4808 type: array
4809 type: object
4810 type: object
4811 automountServiceAccountToken:
4812 description: AutomountServiceAccountToken indicates whether a service account token should be
4813 type: boolean
4814 containers:
4815 description: List of containers belonging to the pod.
4816 items:
4817 description: A single application container that you want to run within a pod.
4818 properties:
4819 args:
4820 description: Arguments to the entrypoint.
4821 items:
4822 type: string
4823 type: array
4824 command:
4825 description: Entrypoint array. Not executed within a shell.
4826 items:
4827 type: string
4828 type: array
4829 env:
4830 description: List of environment variables to set in the container. Cannot be updated.
4831 items:
4832 description: EnvVar represents an environment variable present in a Container.
4833 properties:
4834 name:
4835 description: Name of the environment variable. Must be a C_IDENTIFIER.
4836 type: string
4837 value:
4838 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
4839 type: string
4840 valueFrom:
4841 description: Source for the environment variable's value.
4842 properties:
4843 configMapKeyRef:
4844 description: Selects a key of a ConfigMap.
4845 properties:
4846 key:
4847 description: The key to select.
4848 type: string
4849 name:
4850 description: 'Name of the referent. More info: https://kubernetes.'
4851 type: string
4852 optional:
4853 description: Specify whether the ConfigMap or its key must be defined
4854 type: boolean
4855 required:
4856 - key
4857 type: object
4858 x-kubernetes-map-type: atomic
4859 fieldRef:
4860 description: 'Selects a field of the pod: supports metadata.name, metadata.'
4861 properties:
4862 apiVersion:
4863 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
4864 type: string
4865 fieldPath:
4866 description: Path of the field to select in the specified API version.
4867 type: string
4868 required:
4869 - fieldPath
4870 type: object
4871 x-kubernetes-map-type: atomic
4872 resourceFieldRef:
4873 description: 'Selects a resource of the container: only resources limits and requests (limits.'
4874 properties:
4875 containerName:
4876 description: 'Container name: required for volumes, optional for env vars'
4877 type: string
4878 divisor:
4879 anyOf:
4880 - type: integer
4881 - type: string
4882 description: Specifies the output format of the exposed resources, defaults to "1"
4883 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4884 x-kubernetes-int-or-string: true
4885 resource:
4886 description: 'Required: resource to select'
4887 type: string
4888 required:
4889 - resource
4890 type: object
4891 x-kubernetes-map-type: atomic
4892 secretKeyRef:
4893 description: Selects a key of a secret in the pod's namespace
4894 properties:
4895 key:
4896 description: The key of the secret to select from. Must be a valid secret key.
4897 type: string
4898 name:
4899 description: 'Name of the referent. More info: https://kubernetes.'
4900 type: string
4901 optional:
4902 description: Specify whether the Secret or its key must be defined
4903 type: boolean
4904 required:
4905 - key
4906 type: object
4907 x-kubernetes-map-type: atomic
4908 type: object
4909 required:
4910 - name
4911 type: object
4912 type: array
4913 envFrom:
4914 description: List of sources to populate environment variables in the container.
4915 items:
4916 description: EnvFromSource represents the source of a set of ConfigMaps
4917 properties:
4918 configMapRef:
4919 description: The ConfigMap to select from
4920 properties:
4921 name:
4922 description: 'Name of the referent. More info: https://kubernetes.'
4923 type: string
4924 optional:
4925 description: Specify whether the ConfigMap must be defined
4926 type: boolean
4927 type: object
4928 x-kubernetes-map-type: atomic
4929 prefix:
4930 description: An optional identifier to prepend to each key in the ConfigMap.
4931 type: string
4932 secretRef:
4933 description: The Secret to select from
4934 properties:
4935 name:
4936 description: 'Name of the referent. More info: https://kubernetes.'
4937 type: string
4938 optional:
4939 description: Specify whether the Secret must be defined
4940 type: boolean
4941 type: object
4942 x-kubernetes-map-type: atomic
4943 type: object
4944 type: array
4945 image:
4946 description: 'Docker image name. More info: https://kubernetes.'
4947 type: string
4948 imagePullPolicy:
4949 description: Image pull policy. One of Always, Never, IfNotPresent.
4950 type: string
4951 lifecycle:
4952 description: Actions that the management system should take in response to container lifecycl
4953 properties:
4954 postStart:
4955 description: PostStart is called immediately after a container is created.
4956 properties:
4957 exec:
4958 description: Exec specifies the action to take.
4959 properties:
4960 command:
4961 description: Command is the command line to execute inside the container, the working directo
4962 items:
4963 type: string
4964 type: array
4965 type: object
4966 httpGet:
4967 description: HTTPGet specifies the http request to perform.
4968 properties:
4969 host:
4970 description: Host name to connect to, defaults to the pod IP.
4971 type: string
4972 httpHeaders:
4973 description: Custom headers to set in the request. HTTP allows repeated headers.
4974 items:
4975 description: HTTPHeader describes a custom header to be used in HTTP probes
4976 properties:
4977 name:
4978 description: The header field name
4979 type: string
4980 value:
4981 description: The header field value
4982 type: string
4983 required:
4984 - name
4985 - value
4986 type: object
4987 type: array
4988 path:
4989 description: Path to access on the HTTP server.
4990 type: string
4991 port:
4992 anyOf:
4993 - type: integer
4994 - type: string
4995 description: Name or number of the port to access on the container.
4996 x-kubernetes-int-or-string: true
4997 scheme:
4998 description: Scheme to use for connecting to the host. Defaults to HTTP.
4999 type: string
5000 required:
5001 - port
5002 type: object
5003 tcpSocket:
5004 description: Deprecated.
5005 properties:
5006 host:
5007 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5008 type: string
5009 port:
5010 anyOf:
5011 - type: integer
5012 - type: string
5013 description: Number or name of the port to access on the container.
5014 x-kubernetes-int-or-string: true
5015 required:
5016 - port
5017 type: object
5018 type: object
5019 preStop:
5020 description: PreStop is called immediately before a container is terminated due to an API req
5021 properties:
5022 exec:
5023 description: Exec specifies the action to take.
5024 properties:
5025 command:
5026 description: Command is the command line to execute inside the container, the working directo
5027 items:
5028 type: string
5029 type: array
5030 type: object
5031 httpGet:
5032 description: HTTPGet specifies the http request to perform.
5033 properties:
5034 host:
5035 description: Host name to connect to, defaults to the pod IP.
5036 type: string
5037 httpHeaders:
5038 description: Custom headers to set in the request. HTTP allows repeated headers.
5039 items:
5040 description: HTTPHeader describes a custom header to be used in HTTP probes
5041 properties:
5042 name:
5043 description: The header field name
5044 type: string
5045 value:
5046 description: The header field value
5047 type: string
5048 required:
5049 - name
5050 - value
5051 type: object
5052 type: array
5053 path:
5054 description: Path to access on the HTTP server.
5055 type: string
5056 port:
5057 anyOf:
5058 - type: integer
5059 - type: string
5060 description: Name or number of the port to access on the container.
5061 x-kubernetes-int-or-string: true
5062 scheme:
5063 description: Scheme to use for connecting to the host. Defaults to HTTP.
5064 type: string
5065 required:
5066 - port
5067 type: object
5068 tcpSocket:
5069 description: Deprecated.
5070 properties:
5071 host:
5072 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5073 type: string
5074 port:
5075 anyOf:
5076 - type: integer
5077 - type: string
5078 description: Number or name of the port to access on the container.
5079 x-kubernetes-int-or-string: true
5080 required:
5081 - port
5082 type: object
5083 type: object
5084 type: object
5085 livenessProbe:
5086 description: Periodic probe of container liveness.
5087 properties:
5088 exec:
5089 description: Exec specifies the action to take.
5090 properties:
5091 command:
5092 description: Command is the command line to execute inside the container, the working directo
5093 items:
5094 type: string
5095 type: array
5096 type: object
5097 failureThreshold:
5098 description: 'Minimum consecutive failures for the probe to be considered failed after having '
5099 format: int32
5100 type: integer
5101 grpc:
5102 description: GRPC specifies an action involving a GRPC port.
5103 properties:
5104 port:
5105 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
5106 format: int32
5107 type: integer
5108 service:
5109 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
5110 type: string
5111 required:
5112 - port
5113 type: object
5114 httpGet:
5115 description: HTTPGet specifies the http request to perform.
5116 properties:
5117 host:
5118 description: Host name to connect to, defaults to the pod IP.
5119 type: string
5120 httpHeaders:
5121 description: Custom headers to set in the request. HTTP allows repeated headers.
5122 items:
5123 description: HTTPHeader describes a custom header to be used in HTTP probes
5124 properties:
5125 name:
5126 description: The header field name
5127 type: string
5128 value:
5129 description: The header field value
5130 type: string
5131 required:
5132 - name
5133 - value
5134 type: object
5135 type: array
5136 path:
5137 description: Path to access on the HTTP server.
5138 type: string
5139 port:
5140 anyOf:
5141 - type: integer
5142 - type: string
5143 description: Name or number of the port to access on the container.
5144 x-kubernetes-int-or-string: true
5145 scheme:
5146 description: Scheme to use for connecting to the host. Defaults to HTTP.
5147 type: string
5148 required:
5149 - port
5150 type: object
5151 initialDelaySeconds:
5152 description: Number of seconds after the container has started before liveness probes are ini
5153 format: int32
5154 type: integer
5155 periodSeconds:
5156 description: How often (in seconds) to perform the probe. Default to 10 seconds.
5157 format: int32
5158 type: integer
5159 successThreshold:
5160 description: Minimum consecutive successes for the probe to be considered successful after ha
5161 format: int32
5162 type: integer
5163 tcpSocket:
5164 description: TCPSocket specifies an action involving a TCP port.
5165 properties:
5166 host:
5167 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5168 type: string
5169 port:
5170 anyOf:
5171 - type: integer
5172 - type: string
5173 description: Number or name of the port to access on the container.
5174 x-kubernetes-int-or-string: true
5175 required:
5176 - port
5177 type: object
5178 terminationGracePeriodSeconds:
5179 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
5180 format: int64
5181 type: integer
5182 timeoutSeconds:
5183 description: Number of seconds after which the probe times out. Defaults to 1 second.
5184 format: int32
5185 type: integer
5186 type: object
5187 name:
5188 description: Name of the container specified as a DNS_LABEL.
5189 type: string
5190 ports:
5191 description: List of ports to expose from the container.
5192 items:
5193 description: ContainerPort represents a network port in a single container.
5194 properties:
5195 containerPort:
5196 description: Number of port to expose on the pod's IP address.
5197 format: int32
5198 type: integer
5199 hostIP:
5200 description: What host IP to bind the external port to.
5201 type: string
5202 hostPort:
5203 description: Number of port to expose on the host.
5204 format: int32
5205 type: integer
5206 name:
5207 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
5208 type: string
5209 protocol:
5210 default: TCP
5211 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
5212 type: string
5213 required:
5214 - containerPort
5215 type: object
5216 type: array
5217 x-kubernetes-list-map-keys:
5218 - containerPort
5219 - protocol
5220 x-kubernetes-list-type: map
5221 readinessProbe:
5222 description: Periodic probe of container service readiness.
5223 properties:
5224 exec:
5225 description: Exec specifies the action to take.
5226 properties:
5227 command:
5228 description: Command is the command line to execute inside the container, the working directo
5229 items:
5230 type: string
5231 type: array
5232 type: object
5233 failureThreshold:
5234 description: 'Minimum consecutive failures for the probe to be considered failed after having '
5235 format: int32
5236 type: integer
5237 grpc:
5238 description: GRPC specifies an action involving a GRPC port.
5239 properties:
5240 port:
5241 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
5242 format: int32
5243 type: integer
5244 service:
5245 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
5246 type: string
5247 required:
5248 - port
5249 type: object
5250 httpGet:
5251 description: HTTPGet specifies the http request to perform.
5252 properties:
5253 host:
5254 description: Host name to connect to, defaults to the pod IP.
5255 type: string
5256 httpHeaders:
5257 description: Custom headers to set in the request. HTTP allows repeated headers.
5258 items:
5259 description: HTTPHeader describes a custom header to be used in HTTP probes
5260 properties:
5261 name:
5262 description: The header field name
5263 type: string
5264 value:
5265 description: The header field value
5266 type: string
5267 required:
5268 - name
5269 - value
5270 type: object
5271 type: array
5272 path:
5273 description: Path to access on the HTTP server.
5274 type: string
5275 port:
5276 anyOf:
5277 - type: integer
5278 - type: string
5279 description: Name or number of the port to access on the container.
5280 x-kubernetes-int-or-string: true
5281 scheme:
5282 description: Scheme to use for connecting to the host. Defaults to HTTP.
5283 type: string
5284 required:
5285 - port
5286 type: object
5287 initialDelaySeconds:
5288 description: Number of seconds after the container has started before liveness probes are ini
5289 format: int32
5290 type: integer
5291 periodSeconds:
5292 description: How often (in seconds) to perform the probe. Default to 10 seconds.
5293 format: int32
5294 type: integer
5295 successThreshold:
5296 description: Minimum consecutive successes for the probe to be considered successful after ha
5297 format: int32
5298 type: integer
5299 tcpSocket:
5300 description: TCPSocket specifies an action involving a TCP port.
5301 properties:
5302 host:
5303 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5304 type: string
5305 port:
5306 anyOf:
5307 - type: integer
5308 - type: string
5309 description: Number or name of the port to access on the container.
5310 x-kubernetes-int-or-string: true
5311 required:
5312 - port
5313 type: object
5314 terminationGracePeriodSeconds:
5315 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
5316 format: int64
5317 type: integer
5318 timeoutSeconds:
5319 description: Number of seconds after which the probe times out. Defaults to 1 second.
5320 format: int32
5321 type: integer
5322 type: object
5323 resources:
5324 description: Compute Resources required by this container. Cannot be updated.
5325 properties:
5326 limits:
5327 additionalProperties:
5328 anyOf:
5329 - type: integer
5330 - type: string
5331 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5332 x-kubernetes-int-or-string: true
5333 description: Limits describes the maximum amount of compute resources allowed.
5334 type: object
5335 requests:
5336 additionalProperties:
5337 anyOf:
5338 - type: integer
5339 - type: string
5340 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5341 x-kubernetes-int-or-string: true
5342 description: Requests describes the minimum amount of compute resources required.
5343 type: object
5344 type: object
5345 securityContext:
5346 description: SecurityContext defines the security options the container should be run with.
5347 properties:
5348 allowPrivilegeEscalation:
5349 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
5350 type: boolean
5351 capabilities:
5352 description: The capabilities to add/drop when running containers.
5353 properties:
5354 add:
5355 description: Added capabilities
5356 items:
5357 description: Capability represent POSIX capabilities type
5358 type: string
5359 type: array
5360 drop:
5361 description: Removed capabilities
5362 items:
5363 description: Capability represent POSIX capabilities type
5364 type: string
5365 type: array
5366 type: object
5367 privileged:
5368 description: Run container in privileged mode.
5369 type: boolean
5370 procMount:
5371 description: procMount denotes the type of proc mount to use for the containers.
5372 type: string
5373 readOnlyRootFilesystem:
5374 description: Whether this container has a read-only root filesystem. Default is false.
5375 type: boolean
5376 runAsGroup:
5377 description: The GID to run the entrypoint of the container process.
5378 format: int64
5379 type: integer
5380 runAsNonRoot:
5381 description: Indicates that the container must run as a non-root user.
5382 type: boolean
5383 runAsUser:
5384 description: The UID to run the entrypoint of the container process.
5385 format: int64
5386 type: integer
5387 seLinuxOptions:
5388 description: The SELinux context to be applied to the container.
5389 properties:
5390 level:
5391 description: Level is SELinux level label that applies to the container.
5392 type: string
5393 role:
5394 description: Role is a SELinux role label that applies to the container.
5395 type: string
5396 type:
5397 description: Type is a SELinux type label that applies to the container.
5398 type: string
5399 user:
5400 description: User is a SELinux user label that applies to the container.
5401 type: string
5402 type: object
5403 seccompProfile:
5404 description: The seccomp options to use by this container.
5405 properties:
5406 localhostProfile:
5407 description: localhostProfile indicates a profile defined in a file on the node should be use
5408 type: string
5409 type:
5410 description: type indicates which kind of seccomp profile will be applied.
5411 type: string
5412 required:
5413 - type
5414 type: object
5415 windowsOptions:
5416 description: The Windows specific settings applied to all containers.
5417 properties:
5418 gmsaCredentialSpec:
5419 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
5420 type: string
5421 gmsaCredentialSpecName:
5422 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
5423 type: string
5424 hostProcess:
5425 description: HostProcess determines if a container should be run as a 'Host Process' containe
5426 type: boolean
5427 runAsUserName:
5428 description: The UserName in Windows to run the entrypoint of the container process.
5429 type: string
5430 type: object
5431 type: object
5432 startupProbe:
5433 description: StartupProbe indicates that the Pod has successfully initialized.
5434 properties:
5435 exec:
5436 description: Exec specifies the action to take.
5437 properties:
5438 command:
5439 description: Command is the command line to execute inside the container, the working directo
5440 items:
5441 type: string
5442 type: array
5443 type: object
5444 failureThreshold:
5445 description: 'Minimum consecutive failures for the probe to be considered failed after having '
5446 format: int32
5447 type: integer
5448 grpc:
5449 description: GRPC specifies an action involving a GRPC port.
5450 properties:
5451 port:
5452 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
5453 format: int32
5454 type: integer
5455 service:
5456 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
5457 type: string
5458 required:
5459 - port
5460 type: object
5461 httpGet:
5462 description: HTTPGet specifies the http request to perform.
5463 properties:
5464 host:
5465 description: Host name to connect to, defaults to the pod IP.
5466 type: string
5467 httpHeaders:
5468 description: Custom headers to set in the request. HTTP allows repeated headers.
5469 items:
5470 description: HTTPHeader describes a custom header to be used in HTTP probes
5471 properties:
5472 name:
5473 description: The header field name
5474 type: string
5475 value:
5476 description: The header field value
5477 type: string
5478 required:
5479 - name
5480 - value
5481 type: object
5482 type: array
5483 path:
5484 description: Path to access on the HTTP server.
5485 type: string
5486 port:
5487 anyOf:
5488 - type: integer
5489 - type: string
5490 description: Name or number of the port to access on the container.
5491 x-kubernetes-int-or-string: true
5492 scheme:
5493 description: Scheme to use for connecting to the host. Defaults to HTTP.
5494 type: string
5495 required:
5496 - port
5497 type: object
5498 initialDelaySeconds:
5499 description: Number of seconds after the container has started before liveness probes are ini
5500 format: int32
5501 type: integer
5502 periodSeconds:
5503 description: How often (in seconds) to perform the probe. Default to 10 seconds.
5504 format: int32
5505 type: integer
5506 successThreshold:
5507 description: Minimum consecutive successes for the probe to be considered successful after ha
5508 format: int32
5509 type: integer
5510 tcpSocket:
5511 description: TCPSocket specifies an action involving a TCP port.
5512 properties:
5513 host:
5514 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5515 type: string
5516 port:
5517 anyOf:
5518 - type: integer
5519 - type: string
5520 description: Number or name of the port to access on the container.
5521 x-kubernetes-int-or-string: true
5522 required:
5523 - port
5524 type: object
5525 terminationGracePeriodSeconds:
5526 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
5527 format: int64
5528 type: integer
5529 timeoutSeconds:
5530 description: Number of seconds after which the probe times out. Defaults to 1 second.
5531 format: int32
5532 type: integer
5533 type: object
5534 stdin:
5535 description: Whether this container should allocate a buffer for stdin in the container runti
5536 type: boolean
5537 stdinOnce:
5538 description: Whether the container runtime should close the stdin channel after it has been o
5539 type: boolean
5540 terminationMessagePath:
5541 description: 'Optional: Path at which the file to which the container''s termination message wi'
5542 type: string
5543 terminationMessagePolicy:
5544 description: Indicate how the termination message should be populated.
5545 type: string
5546 tty:
5547 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
5548 type: boolean
5549 volumeDevices:
5550 description: volumeDevices is the list of block devices to be used by the container.
5551 items:
5552 description: volumeDevice describes a mapping of a raw block device within a container.
5553 properties:
5554 devicePath:
5555 description: devicePath is the path inside of the container that the device will be mapped to
5556 type: string
5557 name:
5558 description: name must match the name of a persistentVolumeClaim in the pod
5559 type: string
5560 required:
5561 - devicePath
5562 - name
5563 type: object
5564 type: array
5565 volumeMounts:
5566 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
5567 items:
5568 description: VolumeMount describes a mounting of a Volume within a container.
5569 properties:
5570 mountPath:
5571 description: Path within the container at which the volume should be mounted.
5572 type: string
5573 mountPropagation:
5574 description: mountPropagation determines how mounts are propagated from the host to container
5575 type: string
5576 name:
5577 description: This must match the Name of a Volume.
5578 type: string
5579 readOnly:
5580 description: Mounted read-only if true, read-write otherwise (false or unspecified).
5581 type: boolean
5582 subPath:
5583 description: Path within the volume from which the container's volume should be mounted.
5584 type: string
5585 subPathExpr:
5586 description: Expanded path within the volume from which the container's volume should be moun
5587 type: string
5588 required:
5589 - mountPath
5590 - name
5591 type: object
5592 type: array
5593 workingDir:
5594 description: Container's working directory.
5595 type: string
5596 required:
5597 - name
5598 type: object
5599 type: array
5600 dnsConfig:
5601 description: Specifies the DNS parameters of a pod.
5602 properties:
5603 nameservers:
5604 description: A list of DNS name server IP addresses.
5605 items:
5606 type: string
5607 type: array
5608 options:
5609 description: A list of DNS resolver options.
5610 items:
5611 description: PodDNSConfigOption defines DNS resolver options of a pod.
5612 properties:
5613 name:
5614 description: Required.
5615 type: string
5616 value:
5617 type: string
5618 type: object
5619 type: array
5620 searches:
5621 description: A list of DNS search domains for host-name lookup.
5622 items:
5623 type: string
5624 type: array
5625 type: object
5626 dnsPolicy:
5627 description: Set DNS policy for the pod. Defaults to "ClusterFirst".
5628 type: string
5629 enableServiceLinks:
5630 description: EnableServiceLinks indicates whether information about services should be inject
5631 type: boolean
5632 ephemeralContainers:
5633 description: List of ephemeral containers run in this pod.
5634 items:
5635 description: An EphemeralContainer is a temporary container that you may add to an existing P
5636 properties:
5637 args:
5638 description: Arguments to the entrypoint.
5639 items:
5640 type: string
5641 type: array
5642 command:
5643 description: Entrypoint array. Not executed within a shell.
5644 items:
5645 type: string
5646 type: array
5647 env:
5648 description: List of environment variables to set in the container. Cannot be updated.
5649 items:
5650 description: EnvVar represents an environment variable present in a Container.
5651 properties:
5652 name:
5653 description: Name of the environment variable. Must be a C_IDENTIFIER.
5654 type: string
5655 value:
5656 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
5657 type: string
5658 valueFrom:
5659 description: Source for the environment variable's value.
5660 properties:
5661 configMapKeyRef:
5662 description: Selects a key of a ConfigMap.
5663 properties:
5664 key:
5665 description: The key to select.
5666 type: string
5667 name:
5668 description: 'Name of the referent. More info: https://kubernetes.'
5669 type: string
5670 optional:
5671 description: Specify whether the ConfigMap or its key must be defined
5672 type: boolean
5673 required:
5674 - key
5675 type: object
5676 x-kubernetes-map-type: atomic
5677 fieldRef:
5678 description: 'Selects a field of the pod: supports metadata.name, metadata.'
5679 properties:
5680 apiVersion:
5681 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
5682 type: string
5683 fieldPath:
5684 description: Path of the field to select in the specified API version.
5685 type: string
5686 required:
5687 - fieldPath
5688 type: object
5689 x-kubernetes-map-type: atomic
5690 resourceFieldRef:
5691 description: 'Selects a resource of the container: only resources limits and requests (limits.'
5692 properties:
5693 containerName:
5694 description: 'Container name: required for volumes, optional for env vars'
5695 type: string
5696 divisor:
5697 anyOf:
5698 - type: integer
5699 - type: string
5700 description: Specifies the output format of the exposed resources, defaults to "1"
5701 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5702 x-kubernetes-int-or-string: true
5703 resource:
5704 description: 'Required: resource to select'
5705 type: string
5706 required:
5707 - resource
5708 type: object
5709 x-kubernetes-map-type: atomic
5710 secretKeyRef:
5711 description: Selects a key of a secret in the pod's namespace
5712 properties:
5713 key:
5714 description: The key of the secret to select from. Must be a valid secret key.
5715 type: string
5716 name:
5717 description: 'Name of the referent. More info: https://kubernetes.'
5718 type: string
5719 optional:
5720 description: Specify whether the Secret or its key must be defined
5721 type: boolean
5722 required:
5723 - key
5724 type: object
5725 x-kubernetes-map-type: atomic
5726 type: object
5727 required:
5728 - name
5729 type: object
5730 type: array
5731 envFrom:
5732 description: List of sources to populate environment variables in the container.
5733 items:
5734 description: EnvFromSource represents the source of a set of ConfigMaps
5735 properties:
5736 configMapRef:
5737 description: The ConfigMap to select from
5738 properties:
5739 name:
5740 description: 'Name of the referent. More info: https://kubernetes.'
5741 type: string
5742 optional:
5743 description: Specify whether the ConfigMap must be defined
5744 type: boolean
5745 type: object
5746 x-kubernetes-map-type: atomic
5747 prefix:
5748 description: An optional identifier to prepend to each key in the ConfigMap.
5749 type: string
5750 secretRef:
5751 description: The Secret to select from
5752 properties:
5753 name:
5754 description: 'Name of the referent. More info: https://kubernetes.'
5755 type: string
5756 optional:
5757 description: Specify whether the Secret must be defined
5758 type: boolean
5759 type: object
5760 x-kubernetes-map-type: atomic
5761 type: object
5762 type: array
5763 image:
5764 description: 'Docker image name. More info: https://kubernetes.'
5765 type: string
5766 imagePullPolicy:
5767 description: Image pull policy. One of Always, Never, IfNotPresent.
5768 type: string
5769 lifecycle:
5770 description: Lifecycle is not allowed for ephemeral containers.
5771 properties:
5772 postStart:
5773 description: PostStart is called immediately after a container is created.
5774 properties:
5775 exec:
5776 description: Exec specifies the action to take.
5777 properties:
5778 command:
5779 description: Command is the command line to execute inside the container, the working directo
5780 items:
5781 type: string
5782 type: array
5783 type: object
5784 httpGet:
5785 description: HTTPGet specifies the http request to perform.
5786 properties:
5787 host:
5788 description: Host name to connect to, defaults to the pod IP.
5789 type: string
5790 httpHeaders:
5791 description: Custom headers to set in the request. HTTP allows repeated headers.
5792 items:
5793 description: HTTPHeader describes a custom header to be used in HTTP probes
5794 properties:
5795 name:
5796 description: The header field name
5797 type: string
5798 value:
5799 description: The header field value
5800 type: string
5801 required:
5802 - name
5803 - value
5804 type: object
5805 type: array
5806 path:
5807 description: Path to access on the HTTP server.
5808 type: string
5809 port:
5810 anyOf:
5811 - type: integer
5812 - type: string
5813 description: Name or number of the port to access on the container.
5814 x-kubernetes-int-or-string: true
5815 scheme:
5816 description: Scheme to use for connecting to the host. Defaults to HTTP.
5817 type: string
5818 required:
5819 - port
5820 type: object
5821 tcpSocket:
5822 description: Deprecated.
5823 properties:
5824 host:
5825 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5826 type: string
5827 port:
5828 anyOf:
5829 - type: integer
5830 - type: string
5831 description: Number or name of the port to access on the container.
5832 x-kubernetes-int-or-string: true
5833 required:
5834 - port
5835 type: object
5836 type: object
5837 preStop:
5838 description: PreStop is called immediately before a container is terminated due to an API req
5839 properties:
5840 exec:
5841 description: Exec specifies the action to take.
5842 properties:
5843 command:
5844 description: Command is the command line to execute inside the container, the working directo
5845 items:
5846 type: string
5847 type: array
5848 type: object
5849 httpGet:
5850 description: HTTPGet specifies the http request to perform.
5851 properties:
5852 host:
5853 description: Host name to connect to, defaults to the pod IP.
5854 type: string
5855 httpHeaders:
5856 description: Custom headers to set in the request. HTTP allows repeated headers.
5857 items:
5858 description: HTTPHeader describes a custom header to be used in HTTP probes
5859 properties:
5860 name:
5861 description: The header field name
5862 type: string
5863 value:
5864 description: The header field value
5865 type: string
5866 required:
5867 - name
5868 - value
5869 type: object
5870 type: array
5871 path:
5872 description: Path to access on the HTTP server.
5873 type: string
5874 port:
5875 anyOf:
5876 - type: integer
5877 - type: string
5878 description: Name or number of the port to access on the container.
5879 x-kubernetes-int-or-string: true
5880 scheme:
5881 description: Scheme to use for connecting to the host. Defaults to HTTP.
5882 type: string
5883 required:
5884 - port
5885 type: object
5886 tcpSocket:
5887 description: Deprecated.
5888 properties:
5889 host:
5890 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5891 type: string
5892 port:
5893 anyOf:
5894 - type: integer
5895 - type: string
5896 description: Number or name of the port to access on the container.
5897 x-kubernetes-int-or-string: true
5898 required:
5899 - port
5900 type: object
5901 type: object
5902 type: object
5903 livenessProbe:
5904 description: Probes are not allowed for ephemeral containers.
5905 properties:
5906 exec:
5907 description: Exec specifies the action to take.
5908 properties:
5909 command:
5910 description: Command is the command line to execute inside the container, the working directo
5911 items:
5912 type: string
5913 type: array
5914 type: object
5915 failureThreshold:
5916 description: 'Minimum consecutive failures for the probe to be considered failed after having '
5917 format: int32
5918 type: integer
5919 grpc:
5920 description: GRPC specifies an action involving a GRPC port.
5921 properties:
5922 port:
5923 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
5924 format: int32
5925 type: integer
5926 service:
5927 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
5928 type: string
5929 required:
5930 - port
5931 type: object
5932 httpGet:
5933 description: HTTPGet specifies the http request to perform.
5934 properties:
5935 host:
5936 description: Host name to connect to, defaults to the pod IP.
5937 type: string
5938 httpHeaders:
5939 description: Custom headers to set in the request. HTTP allows repeated headers.
5940 items:
5941 description: HTTPHeader describes a custom header to be used in HTTP probes
5942 properties:
5943 name:
5944 description: The header field name
5945 type: string
5946 value:
5947 description: The header field value
5948 type: string
5949 required:
5950 - name
5951 - value
5952 type: object
5953 type: array
5954 path:
5955 description: Path to access on the HTTP server.
5956 type: string
5957 port:
5958 anyOf:
5959 - type: integer
5960 - type: string
5961 description: Name or number of the port to access on the container.
5962 x-kubernetes-int-or-string: true
5963 scheme:
5964 description: Scheme to use for connecting to the host. Defaults to HTTP.
5965 type: string
5966 required:
5967 - port
5968 type: object
5969 initialDelaySeconds:
5970 description: Number of seconds after the container has started before liveness probes are ini
5971 format: int32
5972 type: integer
5973 periodSeconds:
5974 description: How often (in seconds) to perform the probe. Default to 10 seconds.
5975 format: int32
5976 type: integer
5977 successThreshold:
5978 description: Minimum consecutive successes for the probe to be considered successful after ha
5979 format: int32
5980 type: integer
5981 tcpSocket:
5982 description: TCPSocket specifies an action involving a TCP port.
5983 properties:
5984 host:
5985 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5986 type: string
5987 port:
5988 anyOf:
5989 - type: integer
5990 - type: string
5991 description: Number or name of the port to access on the container.
5992 x-kubernetes-int-or-string: true
5993 required:
5994 - port
5995 type: object
5996 terminationGracePeriodSeconds:
5997 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
5998 format: int64
5999 type: integer
6000 timeoutSeconds:
6001 description: Number of seconds after which the probe times out. Defaults to 1 second.
6002 format: int32
6003 type: integer
6004 type: object
6005 name:
6006 description: Name of the ephemeral container specified as a DNS_LABEL.
6007 type: string
6008 ports:
6009 description: Ports are not allowed for ephemeral containers.
6010 items:
6011 description: ContainerPort represents a network port in a single container.
6012 properties:
6013 containerPort:
6014 description: Number of port to expose on the pod's IP address.
6015 format: int32
6016 type: integer
6017 hostIP:
6018 description: What host IP to bind the external port to.
6019 type: string
6020 hostPort:
6021 description: Number of port to expose on the host.
6022 format: int32
6023 type: integer
6024 name:
6025 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
6026 type: string
6027 protocol:
6028 default: TCP
6029 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
6030 type: string
6031 required:
6032 - containerPort
6033 type: object
6034 type: array
6035 x-kubernetes-list-map-keys:
6036 - containerPort
6037 - protocol
6038 x-kubernetes-list-type: map
6039 readinessProbe:
6040 description: Probes are not allowed for ephemeral containers.
6041 properties:
6042 exec:
6043 description: Exec specifies the action to take.
6044 properties:
6045 command:
6046 description: Command is the command line to execute inside the container, the working directo
6047 items:
6048 type: string
6049 type: array
6050 type: object
6051 failureThreshold:
6052 description: 'Minimum consecutive failures for the probe to be considered failed after having '
6053 format: int32
6054 type: integer
6055 grpc:
6056 description: GRPC specifies an action involving a GRPC port.
6057 properties:
6058 port:
6059 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
6060 format: int32
6061 type: integer
6062 service:
6063 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
6064 type: string
6065 required:
6066 - port
6067 type: object
6068 httpGet:
6069 description: HTTPGet specifies the http request to perform.
6070 properties:
6071 host:
6072 description: Host name to connect to, defaults to the pod IP.
6073 type: string
6074 httpHeaders:
6075 description: Custom headers to set in the request. HTTP allows repeated headers.
6076 items:
6077 description: HTTPHeader describes a custom header to be used in HTTP probes
6078 properties:
6079 name:
6080 description: The header field name
6081 type: string
6082 value:
6083 description: The header field value
6084 type: string
6085 required:
6086 - name
6087 - value
6088 type: object
6089 type: array
6090 path:
6091 description: Path to access on the HTTP server.
6092 type: string
6093 port:
6094 anyOf:
6095 - type: integer
6096 - type: string
6097 description: Name or number of the port to access on the container.
6098 x-kubernetes-int-or-string: true
6099 scheme:
6100 description: Scheme to use for connecting to the host. Defaults to HTTP.
6101 type: string
6102 required:
6103 - port
6104 type: object
6105 initialDelaySeconds:
6106 description: Number of seconds after the container has started before liveness probes are ini
6107 format: int32
6108 type: integer
6109 periodSeconds:
6110 description: How often (in seconds) to perform the probe. Default to 10 seconds.
6111 format: int32
6112 type: integer
6113 successThreshold:
6114 description: Minimum consecutive successes for the probe to be considered successful after ha
6115 format: int32
6116 type: integer
6117 tcpSocket:
6118 description: TCPSocket specifies an action involving a TCP port.
6119 properties:
6120 host:
6121 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6122 type: string
6123 port:
6124 anyOf:
6125 - type: integer
6126 - type: string
6127 description: Number or name of the port to access on the container.
6128 x-kubernetes-int-or-string: true
6129 required:
6130 - port
6131 type: object
6132 terminationGracePeriodSeconds:
6133 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
6134 format: int64
6135 type: integer
6136 timeoutSeconds:
6137 description: Number of seconds after which the probe times out. Defaults to 1 second.
6138 format: int32
6139 type: integer
6140 type: object
6141 resources:
6142 description: Resources are not allowed for ephemeral containers.
6143 properties:
6144 limits:
6145 additionalProperties:
6146 anyOf:
6147 - type: integer
6148 - type: string
6149 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6150 x-kubernetes-int-or-string: true
6151 description: Limits describes the maximum amount of compute resources allowed.
6152 type: object
6153 requests:
6154 additionalProperties:
6155 anyOf:
6156 - type: integer
6157 - type: string
6158 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6159 x-kubernetes-int-or-string: true
6160 description: Requests describes the minimum amount of compute resources required.
6161 type: object
6162 type: object
6163 securityContext:
6164 description: 'Optional: SecurityContext defines the security options the ephemeral container s'
6165 properties:
6166 allowPrivilegeEscalation:
6167 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
6168 type: boolean
6169 capabilities:
6170 description: The capabilities to add/drop when running containers.
6171 properties:
6172 add:
6173 description: Added capabilities
6174 items:
6175 description: Capability represent POSIX capabilities type
6176 type: string
6177 type: array
6178 drop:
6179 description: Removed capabilities
6180 items:
6181 description: Capability represent POSIX capabilities type
6182 type: string
6183 type: array
6184 type: object
6185 privileged:
6186 description: Run container in privileged mode.
6187 type: boolean
6188 procMount:
6189 description: procMount denotes the type of proc mount to use for the containers.
6190 type: string
6191 readOnlyRootFilesystem:
6192 description: Whether this container has a read-only root filesystem. Default is false.
6193 type: boolean
6194 runAsGroup:
6195 description: The GID to run the entrypoint of the container process.
6196 format: int64
6197 type: integer
6198 runAsNonRoot:
6199 description: Indicates that the container must run as a non-root user.
6200 type: boolean
6201 runAsUser:
6202 description: The UID to run the entrypoint of the container process.
6203 format: int64
6204 type: integer
6205 seLinuxOptions:
6206 description: The SELinux context to be applied to the container.
6207 properties:
6208 level:
6209 description: Level is SELinux level label that applies to the container.
6210 type: string
6211 role:
6212 description: Role is a SELinux role label that applies to the container.
6213 type: string
6214 type:
6215 description: Type is a SELinux type label that applies to the container.
6216 type: string
6217 user:
6218 description: User is a SELinux user label that applies to the container.
6219 type: string
6220 type: object
6221 seccompProfile:
6222 description: The seccomp options to use by this container.
6223 properties:
6224 localhostProfile:
6225 description: localhostProfile indicates a profile defined in a file on the node should be use
6226 type: string
6227 type:
6228 description: type indicates which kind of seccomp profile will be applied.
6229 type: string
6230 required:
6231 - type
6232 type: object
6233 windowsOptions:
6234 description: The Windows specific settings applied to all containers.
6235 properties:
6236 gmsaCredentialSpec:
6237 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
6238 type: string
6239 gmsaCredentialSpecName:
6240 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
6241 type: string
6242 hostProcess:
6243 description: HostProcess determines if a container should be run as a 'Host Process' containe
6244 type: boolean
6245 runAsUserName:
6246 description: The UserName in Windows to run the entrypoint of the container process.
6247 type: string
6248 type: object
6249 type: object
6250 startupProbe:
6251 description: Probes are not allowed for ephemeral containers.
6252 properties:
6253 exec:
6254 description: Exec specifies the action to take.
6255 properties:
6256 command:
6257 description: Command is the command line to execute inside the container, the working directo
6258 items:
6259 type: string
6260 type: array
6261 type: object
6262 failureThreshold:
6263 description: 'Minimum consecutive failures for the probe to be considered failed after having '
6264 format: int32
6265 type: integer
6266 grpc:
6267 description: GRPC specifies an action involving a GRPC port.
6268 properties:
6269 port:
6270 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
6271 format: int32
6272 type: integer
6273 service:
6274 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
6275 type: string
6276 required:
6277 - port
6278 type: object
6279 httpGet:
6280 description: HTTPGet specifies the http request to perform.
6281 properties:
6282 host:
6283 description: Host name to connect to, defaults to the pod IP.
6284 type: string
6285 httpHeaders:
6286 description: Custom headers to set in the request. HTTP allows repeated headers.
6287 items:
6288 description: HTTPHeader describes a custom header to be used in HTTP probes
6289 properties:
6290 name:
6291 description: The header field name
6292 type: string
6293 value:
6294 description: The header field value
6295 type: string
6296 required:
6297 - name
6298 - value
6299 type: object
6300 type: array
6301 path:
6302 description: Path to access on the HTTP server.
6303 type: string
6304 port:
6305 anyOf:
6306 - type: integer
6307 - type: string
6308 description: Name or number of the port to access on the container.
6309 x-kubernetes-int-or-string: true
6310 scheme:
6311 description: Scheme to use for connecting to the host. Defaults to HTTP.
6312 type: string
6313 required:
6314 - port
6315 type: object
6316 initialDelaySeconds:
6317 description: Number of seconds after the container has started before liveness probes are ini
6318 format: int32
6319 type: integer
6320 periodSeconds:
6321 description: How often (in seconds) to perform the probe. Default to 10 seconds.
6322 format: int32
6323 type: integer
6324 successThreshold:
6325 description: Minimum consecutive successes for the probe to be considered successful after ha
6326 format: int32
6327 type: integer
6328 tcpSocket:
6329 description: TCPSocket specifies an action involving a TCP port.
6330 properties:
6331 host:
6332 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6333 type: string
6334 port:
6335 anyOf:
6336 - type: integer
6337 - type: string
6338 description: Number or name of the port to access on the container.
6339 x-kubernetes-int-or-string: true
6340 required:
6341 - port
6342 type: object
6343 terminationGracePeriodSeconds:
6344 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
6345 format: int64
6346 type: integer
6347 timeoutSeconds:
6348 description: Number of seconds after which the probe times out. Defaults to 1 second.
6349 format: int32
6350 type: integer
6351 type: object
6352 stdin:
6353 description: Whether this container should allocate a buffer for stdin in the container runti
6354 type: boolean
6355 stdinOnce:
6356 description: Whether the container runtime should close the stdin channel after it has been o
6357 type: boolean
6358 targetContainerName:
6359 description: If set, the name of the container from PodSpec that this ephemeral container tar
6360 type: string
6361 terminationMessagePath:
6362 description: 'Optional: Path at which the file to which the container''s termination message wi'
6363 type: string
6364 terminationMessagePolicy:
6365 description: Indicate how the termination message should be populated.
6366 type: string
6367 tty:
6368 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
6369 type: boolean
6370 volumeDevices:
6371 description: volumeDevices is the list of block devices to be used by the container.
6372 items:
6373 description: volumeDevice describes a mapping of a raw block device within a container.
6374 properties:
6375 devicePath:
6376 description: devicePath is the path inside of the container that the device will be mapped to
6377 type: string
6378 name:
6379 description: name must match the name of a persistentVolumeClaim in the pod
6380 type: string
6381 required:
6382 - devicePath
6383 - name
6384 type: object
6385 type: array
6386 volumeMounts:
6387 description: Pod volumes to mount into the container's filesystem.
6388 items:
6389 description: VolumeMount describes a mounting of a Volume within a container.
6390 properties:
6391 mountPath:
6392 description: Path within the container at which the volume should be mounted.
6393 type: string
6394 mountPropagation:
6395 description: mountPropagation determines how mounts are propagated from the host to container
6396 type: string
6397 name:
6398 description: This must match the Name of a Volume.
6399 type: string
6400 readOnly:
6401 description: Mounted read-only if true, read-write otherwise (false or unspecified).
6402 type: boolean
6403 subPath:
6404 description: Path within the volume from which the container's volume should be mounted.
6405 type: string
6406 subPathExpr:
6407 description: Expanded path within the volume from which the container's volume should be moun
6408 type: string
6409 required:
6410 - mountPath
6411 - name
6412 type: object
6413 type: array
6414 workingDir:
6415 description: Container's working directory.
6416 type: string
6417 required:
6418 - name
6419 type: object
6420 type: array
6421 hostAliases:
6422 description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '
6423 items:
6424 description: HostAlias holds the mapping between IP and hostnames that will be injected as an
6425 properties:
6426 hostnames:
6427 description: Hostnames for the above IP address.
6428 items:
6429 type: string
6430 type: array
6431 ip:
6432 description: IP address of the host file entry.
6433 type: string
6434 type: object
6435 type: array
6436 hostIPC:
6437 description: 'Use the host''s ipc namespace. Optional: Default to false.'
6438 type: boolean
6439 hostNetwork:
6440 description: Host networking requested for this pod. Use the host's network namespace.
6441 type: boolean
6442 hostPID:
6443 description: 'Use the host''s pid namespace. Optional: Default to false.'
6444 type: boolean
6445 hostname:
6446 description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s
6447 type: string
6448 imagePullSecrets:
6449 description: ImagePullSecrets is an optional list of references to secrets in the same namesp
6450 items:
6451 description: LocalObjectReference contains enough information to let you locate the reference
6452 properties:
6453 name:
6454 description: 'Name of the referent. More info: https://kubernetes.'
6455 type: string
6456 type: object
6457 x-kubernetes-map-type: atomic
6458 type: array
6459 initContainers:
6460 description: List of initialization containers belonging to the pod.
6461 items:
6462 description: A single application container that you want to run within a pod.
6463 properties:
6464 args:
6465 description: Arguments to the entrypoint.
6466 items:
6467 type: string
6468 type: array
6469 command:
6470 description: Entrypoint array. Not executed within a shell.
6471 items:
6472 type: string
6473 type: array
6474 env:
6475 description: List of environment variables to set in the container. Cannot be updated.
6476 items:
6477 description: EnvVar represents an environment variable present in a Container.
6478 properties:
6479 name:
6480 description: Name of the environment variable. Must be a C_IDENTIFIER.
6481 type: string
6482 value:
6483 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
6484 type: string
6485 valueFrom:
6486 description: Source for the environment variable's value.
6487 properties:
6488 configMapKeyRef:
6489 description: Selects a key of a ConfigMap.
6490 properties:
6491 key:
6492 description: The key to select.
6493 type: string
6494 name:
6495 description: 'Name of the referent. More info: https://kubernetes.'
6496 type: string
6497 optional:
6498 description: Specify whether the ConfigMap or its key must be defined
6499 type: boolean
6500 required:
6501 - key
6502 type: object
6503 x-kubernetes-map-type: atomic
6504 fieldRef:
6505 description: 'Selects a field of the pod: supports metadata.name, metadata.'
6506 properties:
6507 apiVersion:
6508 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
6509 type: string
6510 fieldPath:
6511 description: Path of the field to select in the specified API version.
6512 type: string
6513 required:
6514 - fieldPath
6515 type: object
6516 x-kubernetes-map-type: atomic
6517 resourceFieldRef:
6518 description: 'Selects a resource of the container: only resources limits and requests (limits.'
6519 properties:
6520 containerName:
6521 description: 'Container name: required for volumes, optional for env vars'
6522 type: string
6523 divisor:
6524 anyOf:
6525 - type: integer
6526 - type: string
6527 description: Specifies the output format of the exposed resources, defaults to "1"
6528 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6529 x-kubernetes-int-or-string: true
6530 resource:
6531 description: 'Required: resource to select'
6532 type: string
6533 required:
6534 - resource
6535 type: object
6536 x-kubernetes-map-type: atomic
6537 secretKeyRef:
6538 description: Selects a key of a secret in the pod's namespace
6539 properties:
6540 key:
6541 description: The key of the secret to select from. Must be a valid secret key.
6542 type: string
6543 name:
6544 description: 'Name of the referent. More info: https://kubernetes.'
6545 type: string
6546 optional:
6547 description: Specify whether the Secret or its key must be defined
6548 type: boolean
6549 required:
6550 - key
6551 type: object
6552 x-kubernetes-map-type: atomic
6553 type: object
6554 required:
6555 - name
6556 type: object
6557 type: array
6558 envFrom:
6559 description: List of sources to populate environment variables in the container.
6560 items:
6561 description: EnvFromSource represents the source of a set of ConfigMaps
6562 properties:
6563 configMapRef:
6564 description: The ConfigMap to select from
6565 properties:
6566 name:
6567 description: 'Name of the referent. More info: https://kubernetes.'
6568 type: string
6569 optional:
6570 description: Specify whether the ConfigMap must be defined
6571 type: boolean
6572 type: object
6573 x-kubernetes-map-type: atomic
6574 prefix:
6575 description: An optional identifier to prepend to each key in the ConfigMap.
6576 type: string
6577 secretRef:
6578 description: The Secret to select from
6579 properties:
6580 name:
6581 description: 'Name of the referent. More info: https://kubernetes.'
6582 type: string
6583 optional:
6584 description: Specify whether the Secret must be defined
6585 type: boolean
6586 type: object
6587 x-kubernetes-map-type: atomic
6588 type: object
6589 type: array
6590 image:
6591 description: 'Docker image name. More info: https://kubernetes.'
6592 type: string
6593 imagePullPolicy:
6594 description: Image pull policy. One of Always, Never, IfNotPresent.
6595 type: string
6596 lifecycle:
6597 description: Actions that the management system should take in response to container lifecycl
6598 properties:
6599 postStart:
6600 description: PostStart is called immediately after a container is created.
6601 properties:
6602 exec:
6603 description: Exec specifies the action to take.
6604 properties:
6605 command:
6606 description: Command is the command line to execute inside the container, the working directo
6607 items:
6608 type: string
6609 type: array
6610 type: object
6611 httpGet:
6612 description: HTTPGet specifies the http request to perform.
6613 properties:
6614 host:
6615 description: Host name to connect to, defaults to the pod IP.
6616 type: string
6617 httpHeaders:
6618 description: Custom headers to set in the request. HTTP allows repeated headers.
6619 items:
6620 description: HTTPHeader describes a custom header to be used in HTTP probes
6621 properties:
6622 name:
6623 description: The header field name
6624 type: string
6625 value:
6626 description: The header field value
6627 type: string
6628 required:
6629 - name
6630 - value
6631 type: object
6632 type: array
6633 path:
6634 description: Path to access on the HTTP server.
6635 type: string
6636 port:
6637 anyOf:
6638 - type: integer
6639 - type: string
6640 description: Name or number of the port to access on the container.
6641 x-kubernetes-int-or-string: true
6642 scheme:
6643 description: Scheme to use for connecting to the host. Defaults to HTTP.
6644 type: string
6645 required:
6646 - port
6647 type: object
6648 tcpSocket:
6649 description: Deprecated.
6650 properties:
6651 host:
6652 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6653 type: string
6654 port:
6655 anyOf:
6656 - type: integer
6657 - type: string
6658 description: Number or name of the port to access on the container.
6659 x-kubernetes-int-or-string: true
6660 required:
6661 - port
6662 type: object
6663 type: object
6664 preStop:
6665 description: PreStop is called immediately before a container is terminated due to an API req
6666 properties:
6667 exec:
6668 description: Exec specifies the action to take.
6669 properties:
6670 command:
6671 description: Command is the command line to execute inside the container, the working directo
6672 items:
6673 type: string
6674 type: array
6675 type: object
6676 httpGet:
6677 description: HTTPGet specifies the http request to perform.
6678 properties:
6679 host:
6680 description: Host name to connect to, defaults to the pod IP.
6681 type: string
6682 httpHeaders:
6683 description: Custom headers to set in the request. HTTP allows repeated headers.
6684 items:
6685 description: HTTPHeader describes a custom header to be used in HTTP probes
6686 properties:
6687 name:
6688 description: The header field name
6689 type: string
6690 value:
6691 description: The header field value
6692 type: string
6693 required:
6694 - name
6695 - value
6696 type: object
6697 type: array
6698 path:
6699 description: Path to access on the HTTP server.
6700 type: string
6701 port:
6702 anyOf:
6703 - type: integer
6704 - type: string
6705 description: Name or number of the port to access on the container.
6706 x-kubernetes-int-or-string: true
6707 scheme:
6708 description: Scheme to use for connecting to the host. Defaults to HTTP.
6709 type: string
6710 required:
6711 - port
6712 type: object
6713 tcpSocket:
6714 description: Deprecated.
6715 properties:
6716 host:
6717 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6718 type: string
6719 port:
6720 anyOf:
6721 - type: integer
6722 - type: string
6723 description: Number or name of the port to access on the container.
6724 x-kubernetes-int-or-string: true
6725 required:
6726 - port
6727 type: object
6728 type: object
6729 type: object
6730 livenessProbe:
6731 description: Periodic probe of container liveness.
6732 properties:
6733 exec:
6734 description: Exec specifies the action to take.
6735 properties:
6736 command:
6737 description: Command is the command line to execute inside the container, the working directo
6738 items:
6739 type: string
6740 type: array
6741 type: object
6742 failureThreshold:
6743 description: 'Minimum consecutive failures for the probe to be considered failed after having '
6744 format: int32
6745 type: integer
6746 grpc:
6747 description: GRPC specifies an action involving a GRPC port.
6748 properties:
6749 port:
6750 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
6751 format: int32
6752 type: integer
6753 service:
6754 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
6755 type: string
6756 required:
6757 - port
6758 type: object
6759 httpGet:
6760 description: HTTPGet specifies the http request to perform.
6761 properties:
6762 host:
6763 description: Host name to connect to, defaults to the pod IP.
6764 type: string
6765 httpHeaders:
6766 description: Custom headers to set in the request. HTTP allows repeated headers.
6767 items:
6768 description: HTTPHeader describes a custom header to be used in HTTP probes
6769 properties:
6770 name:
6771 description: The header field name
6772 type: string
6773 value:
6774 description: The header field value
6775 type: string
6776 required:
6777 - name
6778 - value
6779 type: object
6780 type: array
6781 path:
6782 description: Path to access on the HTTP server.
6783 type: string
6784 port:
6785 anyOf:
6786 - type: integer
6787 - type: string
6788 description: Name or number of the port to access on the container.
6789 x-kubernetes-int-or-string: true
6790 scheme:
6791 description: Scheme to use for connecting to the host. Defaults to HTTP.
6792 type: string
6793 required:
6794 - port
6795 type: object
6796 initialDelaySeconds:
6797 description: Number of seconds after the container has started before liveness probes are ini
6798 format: int32
6799 type: integer
6800 periodSeconds:
6801 description: How often (in seconds) to perform the probe. Default to 10 seconds.
6802 format: int32
6803 type: integer
6804 successThreshold:
6805 description: Minimum consecutive successes for the probe to be considered successful after ha
6806 format: int32
6807 type: integer
6808 tcpSocket:
6809 description: TCPSocket specifies an action involving a TCP port.
6810 properties:
6811 host:
6812 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6813 type: string
6814 port:
6815 anyOf:
6816 - type: integer
6817 - type: string
6818 description: Number or name of the port to access on the container.
6819 x-kubernetes-int-or-string: true
6820 required:
6821 - port
6822 type: object
6823 terminationGracePeriodSeconds:
6824 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
6825 format: int64
6826 type: integer
6827 timeoutSeconds:
6828 description: Number of seconds after which the probe times out. Defaults to 1 second.
6829 format: int32
6830 type: integer
6831 type: object
6832 name:
6833 description: Name of the container specified as a DNS_LABEL.
6834 type: string
6835 ports:
6836 description: List of ports to expose from the container.
6837 items:
6838 description: ContainerPort represents a network port in a single container.
6839 properties:
6840 containerPort:
6841 description: Number of port to expose on the pod's IP address.
6842 format: int32
6843 type: integer
6844 hostIP:
6845 description: What host IP to bind the external port to.
6846 type: string
6847 hostPort:
6848 description: Number of port to expose on the host.
6849 format: int32
6850 type: integer
6851 name:
6852 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
6853 type: string
6854 protocol:
6855 default: TCP
6856 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
6857 type: string
6858 required:
6859 - containerPort
6860 type: object
6861 type: array
6862 x-kubernetes-list-map-keys:
6863 - containerPort
6864 - protocol
6865 x-kubernetes-list-type: map
6866 readinessProbe:
6867 description: Periodic probe of container service readiness.
6868 properties:
6869 exec:
6870 description: Exec specifies the action to take.
6871 properties:
6872 command:
6873 description: Command is the command line to execute inside the container, the working directo
6874 items:
6875 type: string
6876 type: array
6877 type: object
6878 failureThreshold:
6879 description: 'Minimum consecutive failures for the probe to be considered failed after having '
6880 format: int32
6881 type: integer
6882 grpc:
6883 description: GRPC specifies an action involving a GRPC port.
6884 properties:
6885 port:
6886 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
6887 format: int32
6888 type: integer
6889 service:
6890 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
6891 type: string
6892 required:
6893 - port
6894 type: object
6895 httpGet:
6896 description: HTTPGet specifies the http request to perform.
6897 properties:
6898 host:
6899 description: Host name to connect to, defaults to the pod IP.
6900 type: string
6901 httpHeaders:
6902 description: Custom headers to set in the request. HTTP allows repeated headers.
6903 items:
6904 description: HTTPHeader describes a custom header to be used in HTTP probes
6905 properties:
6906 name:
6907 description: The header field name
6908 type: string
6909 value:
6910 description: The header field value
6911 type: string
6912 required:
6913 - name
6914 - value
6915 type: object
6916 type: array
6917 path:
6918 description: Path to access on the HTTP server.
6919 type: string
6920 port:
6921 anyOf:
6922 - type: integer
6923 - type: string
6924 description: Name or number of the port to access on the container.
6925 x-kubernetes-int-or-string: true
6926 scheme:
6927 description: Scheme to use for connecting to the host. Defaults to HTTP.
6928 type: string
6929 required:
6930 - port
6931 type: object
6932 initialDelaySeconds:
6933 description: Number of seconds after the container has started before liveness probes are ini
6934 format: int32
6935 type: integer
6936 periodSeconds:
6937 description: How often (in seconds) to perform the probe. Default to 10 seconds.
6938 format: int32
6939 type: integer
6940 successThreshold:
6941 description: Minimum consecutive successes for the probe to be considered successful after ha
6942 format: int32
6943 type: integer
6944 tcpSocket:
6945 description: TCPSocket specifies an action involving a TCP port.
6946 properties:
6947 host:
6948 description: 'Optional: Host name to connect to, defaults to the pod IP.'
6949 type: string
6950 port:
6951 anyOf:
6952 - type: integer
6953 - type: string
6954 description: Number or name of the port to access on the container.
6955 x-kubernetes-int-or-string: true
6956 required:
6957 - port
6958 type: object
6959 terminationGracePeriodSeconds:
6960 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
6961 format: int64
6962 type: integer
6963 timeoutSeconds:
6964 description: Number of seconds after which the probe times out. Defaults to 1 second.
6965 format: int32
6966 type: integer
6967 type: object
6968 resources:
6969 description: Compute Resources required by this container. Cannot be updated.
6970 properties:
6971 limits:
6972 additionalProperties:
6973 anyOf:
6974 - type: integer
6975 - type: string
6976 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6977 x-kubernetes-int-or-string: true
6978 description: Limits describes the maximum amount of compute resources allowed.
6979 type: object
6980 requests:
6981 additionalProperties:
6982 anyOf:
6983 - type: integer
6984 - type: string
6985 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6986 x-kubernetes-int-or-string: true
6987 description: Requests describes the minimum amount of compute resources required.
6988 type: object
6989 type: object
6990 securityContext:
6991 description: SecurityContext defines the security options the container should be run with.
6992 properties:
6993 allowPrivilegeEscalation:
6994 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
6995 type: boolean
6996 capabilities:
6997 description: The capabilities to add/drop when running containers.
6998 properties:
6999 add:
7000 description: Added capabilities
7001 items:
7002 description: Capability represent POSIX capabilities type
7003 type: string
7004 type: array
7005 drop:
7006 description: Removed capabilities
7007 items:
7008 description: Capability represent POSIX capabilities type
7009 type: string
7010 type: array
7011 type: object
7012 privileged:
7013 description: Run container in privileged mode.
7014 type: boolean
7015 procMount:
7016 description: procMount denotes the type of proc mount to use for the containers.
7017 type: string
7018 readOnlyRootFilesystem:
7019 description: Whether this container has a read-only root filesystem. Default is false.
7020 type: boolean
7021 runAsGroup:
7022 description: The GID to run the entrypoint of the container process.
7023 format: int64
7024 type: integer
7025 runAsNonRoot:
7026 description: Indicates that the container must run as a non-root user.
7027 type: boolean
7028 runAsUser:
7029 description: The UID to run the entrypoint of the container process.
7030 format: int64
7031 type: integer
7032 seLinuxOptions:
7033 description: The SELinux context to be applied to the container.
7034 properties:
7035 level:
7036 description: Level is SELinux level label that applies to the container.
7037 type: string
7038 role:
7039 description: Role is a SELinux role label that applies to the container.
7040 type: string
7041 type:
7042 description: Type is a SELinux type label that applies to the container.
7043 type: string
7044 user:
7045 description: User is a SELinux user label that applies to the container.
7046 type: string
7047 type: object
7048 seccompProfile:
7049 description: The seccomp options to use by this container.
7050 properties:
7051 localhostProfile:
7052 description: localhostProfile indicates a profile defined in a file on the node should be use
7053 type: string
7054 type:
7055 description: type indicates which kind of seccomp profile will be applied.
7056 type: string
7057 required:
7058 - type
7059 type: object
7060 windowsOptions:
7061 description: The Windows specific settings applied to all containers.
7062 properties:
7063 gmsaCredentialSpec:
7064 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
7065 type: string
7066 gmsaCredentialSpecName:
7067 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
7068 type: string
7069 hostProcess:
7070 description: HostProcess determines if a container should be run as a 'Host Process' containe
7071 type: boolean
7072 runAsUserName:
7073 description: The UserName in Windows to run the entrypoint of the container process.
7074 type: string
7075 type: object
7076 type: object
7077 startupProbe:
7078 description: StartupProbe indicates that the Pod has successfully initialized.
7079 properties:
7080 exec:
7081 description: Exec specifies the action to take.
7082 properties:
7083 command:
7084 description: Command is the command line to execute inside the container, the working directo
7085 items:
7086 type: string
7087 type: array
7088 type: object
7089 failureThreshold:
7090 description: 'Minimum consecutive failures for the probe to be considered failed after having '
7091 format: int32
7092 type: integer
7093 grpc:
7094 description: GRPC specifies an action involving a GRPC port.
7095 properties:
7096 port:
7097 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
7098 format: int32
7099 type: integer
7100 service:
7101 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
7102 type: string
7103 required:
7104 - port
7105 type: object
7106 httpGet:
7107 description: HTTPGet specifies the http request to perform.
7108 properties:
7109 host:
7110 description: Host name to connect to, defaults to the pod IP.
7111 type: string
7112 httpHeaders:
7113 description: Custom headers to set in the request. HTTP allows repeated headers.
7114 items:
7115 description: HTTPHeader describes a custom header to be used in HTTP probes
7116 properties:
7117 name:
7118 description: The header field name
7119 type: string
7120 value:
7121 description: The header field value
7122 type: string
7123 required:
7124 - name
7125 - value
7126 type: object
7127 type: array
7128 path:
7129 description: Path to access on the HTTP server.
7130 type: string
7131 port:
7132 anyOf:
7133 - type: integer
7134 - type: string
7135 description: Name or number of the port to access on the container.
7136 x-kubernetes-int-or-string: true
7137 scheme:
7138 description: Scheme to use for connecting to the host. Defaults to HTTP.
7139 type: string
7140 required:
7141 - port
7142 type: object
7143 initialDelaySeconds:
7144 description: Number of seconds after the container has started before liveness probes are ini
7145 format: int32
7146 type: integer
7147 periodSeconds:
7148 description: How often (in seconds) to perform the probe. Default to 10 seconds.
7149 format: int32
7150 type: integer
7151 successThreshold:
7152 description: Minimum consecutive successes for the probe to be considered successful after ha
7153 format: int32
7154 type: integer
7155 tcpSocket:
7156 description: TCPSocket specifies an action involving a TCP port.
7157 properties:
7158 host:
7159 description: 'Optional: Host name to connect to, defaults to the pod IP.'
7160 type: string
7161 port:
7162 anyOf:
7163 - type: integer
7164 - type: string
7165 description: Number or name of the port to access on the container.
7166 x-kubernetes-int-or-string: true
7167 required:
7168 - port
7169 type: object
7170 terminationGracePeriodSeconds:
7171 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
7172 format: int64
7173 type: integer
7174 timeoutSeconds:
7175 description: Number of seconds after which the probe times out. Defaults to 1 second.
7176 format: int32
7177 type: integer
7178 type: object
7179 stdin:
7180 description: Whether this container should allocate a buffer for stdin in the container runti
7181 type: boolean
7182 stdinOnce:
7183 description: Whether the container runtime should close the stdin channel after it has been o
7184 type: boolean
7185 terminationMessagePath:
7186 description: 'Optional: Path at which the file to which the container''s termination message wi'
7187 type: string
7188 terminationMessagePolicy:
7189 description: Indicate how the termination message should be populated.
7190 type: string
7191 tty:
7192 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
7193 type: boolean
7194 volumeDevices:
7195 description: volumeDevices is the list of block devices to be used by the container.
7196 items:
7197 description: volumeDevice describes a mapping of a raw block device within a container.
7198 properties:
7199 devicePath:
7200 description: devicePath is the path inside of the container that the device will be mapped to
7201 type: string
7202 name:
7203 description: name must match the name of a persistentVolumeClaim in the pod
7204 type: string
7205 required:
7206 - devicePath
7207 - name
7208 type: object
7209 type: array
7210 volumeMounts:
7211 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
7212 items:
7213 description: VolumeMount describes a mounting of a Volume within a container.
7214 properties:
7215 mountPath:
7216 description: Path within the container at which the volume should be mounted.
7217 type: string
7218 mountPropagation:
7219 description: mountPropagation determines how mounts are propagated from the host to container
7220 type: string
7221 name:
7222 description: This must match the Name of a Volume.
7223 type: string
7224 readOnly:
7225 description: Mounted read-only if true, read-write otherwise (false or unspecified).
7226 type: boolean
7227 subPath:
7228 description: Path within the volume from which the container's volume should be mounted.
7229 type: string
7230 subPathExpr:
7231 description: Expanded path within the volume from which the container's volume should be moun
7232 type: string
7233 required:
7234 - mountPath
7235 - name
7236 type: object
7237 type: array
7238 workingDir:
7239 description: Container's working directory.
7240 type: string
7241 required:
7242 - name
7243 type: object
7244 type: array
7245 nodeName:
7246 description: NodeName is a request to schedule this pod onto a specific node.
7247 type: string
7248 nodeSelector:
7249 additionalProperties:
7250 type: string
7251 description: NodeSelector is a selector which must be true for the pod to fit on a node.
7252 type: object
7253 x-kubernetes-map-type: atomic
7254 os:
7255 description: Specifies the OS of the containers in the pod.
7256 properties:
7257 name:
7258 description: Name is the name of the operating system.
7259 type: string
7260 required:
7261 - name
7262 type: object
7263 overhead:
7264 additionalProperties:
7265 anyOf:
7266 - type: integer
7267 - type: string
7268 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7269 x-kubernetes-int-or-string: true
7270 description: Overhead represents the resource overhead associated with running a pod for a gi
7271 type: object
7272 preemptionPolicy:
7273 description: PreemptionPolicy is the Policy for preempting pods with lower priority.
7274 type: string
7275 priority:
7276 description: The priority value.
7277 format: int32
7278 type: integer
7279 priorityClassName:
7280 description: If specified, indicates the pod's priority.
7281 type: string
7282 readinessGates:
7283 description: If specified, all readiness gates will be evaluated for pod readiness.
7284 items:
7285 description: PodReadinessGate contains the reference to a pod condition
7286 properties:
7287 conditionType:
7288 description: ConditionType refers to a condition in the pod's condition list with matching ty
7289 type: string
7290 required:
7291 - conditionType
7292 type: object
7293 type: array
7294 restartPolicy:
7295 description: Restart policy for all containers within the pod.
7296 type: string
7297 runtimeClassName:
7298 description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.
7299 type: string
7300 schedulerName:
7301 description: If specified, the pod will be dispatched by specified scheduler.
7302 type: string
7303 securityContext:
7304 description: SecurityContext holds pod-level security attributes and common container setting
7305 properties:
7306 fsGroup:
7307 description: A special supplemental group that applies to all containers in a pod.
7308 format: int64
7309 type: integer
7310 fsGroupChangePolicy:
7311 description: fsGroupChangePolicy defines behavior of changing ownership and permission of the
7312 type: string
7313 runAsGroup:
7314 description: The GID to run the entrypoint of the container process.
7315 format: int64
7316 type: integer
7317 runAsNonRoot:
7318 description: Indicates that the container must run as a non-root user.
7319 type: boolean
7320 runAsUser:
7321 description: The UID to run the entrypoint of the container process.
7322 format: int64
7323 type: integer
7324 seLinuxOptions:
7325 description: The SELinux context to be applied to all containers.
7326 properties:
7327 level:
7328 description: Level is SELinux level label that applies to the container.
7329 type: string
7330 role:
7331 description: Role is a SELinux role label that applies to the container.
7332 type: string
7333 type:
7334 description: Type is a SELinux type label that applies to the container.
7335 type: string
7336 user:
7337 description: User is a SELinux user label that applies to the container.
7338 type: string
7339 type: object
7340 seccompProfile:
7341 description: The seccomp options to use by the containers in this pod.
7342 properties:
7343 localhostProfile:
7344 description: localhostProfile indicates a profile defined in a file on the node should be use
7345 type: string
7346 type:
7347 description: type indicates which kind of seccomp profile will be applied.
7348 type: string
7349 required:
7350 - type
7351 type: object
7352 supplementalGroups:
7353 description: A list of groups applied to the first process run in each container, in addition
7354 items:
7355 format: int64
7356 type: integer
7357 type: array
7358 sysctls:
7359 description: Sysctls hold a list of namespaced sysctls used for the pod.
7360 items:
7361 description: Sysctl defines a kernel parameter to be set
7362 properties:
7363 name:
7364 description: Name of a property to set
7365 type: string
7366 value:
7367 description: Value of a property to set
7368 type: string
7369 required:
7370 - name
7371 - value
7372 type: object
7373 type: array
7374 windowsOptions:
7375 description: The Windows specific settings applied to all containers.
7376 properties:
7377 gmsaCredentialSpec:
7378 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
7379 type: string
7380 gmsaCredentialSpecName:
7381 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
7382 type: string
7383 hostProcess:
7384 description: HostProcess determines if a container should be run as a 'Host Process' containe
7385 type: boolean
7386 runAsUserName:
7387 description: The UserName in Windows to run the entrypoint of the container process.
7388 type: string
7389 type: object
7390 type: object
7391 serviceAccount:
7392 description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
7393 type: string
7394 serviceAccountName:
7395 description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.
7396 type: string
7397 setHostnameAsFQDN:
7398 description: If true the pod's hostname will be configured as the pod's FQDN, rather than the
7399 type: boolean
7400 shareProcessNamespace:
7401 description: Share a single process namespace between all of the containers in a pod.
7402 type: boolean
7403 subdomain:
7404 description: If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.
7405 type: string
7406 terminationGracePeriodSeconds:
7407 description: Optional duration in seconds the pod needs to terminate gracefully.
7408 format: int64
7409 type: integer
7410 tolerations:
7411 description: If specified, the pod's tolerations.
7412 items:
7413 description: The pod this Toleration is attached to tolerates any taint that matches the trip
7414 properties:
7415 effect:
7416 description: Effect indicates the taint effect to match. Empty means match all taint effects.
7417 type: string
7418 key:
7419 description: Key is the taint key that the toleration applies to.
7420 type: string
7421 operator:
7422 description: Operator represents a key's relationship to the value.
7423 type: string
7424 tolerationSeconds:
7425 description: TolerationSeconds represents the period of time the toleration (which must be of
7426 format: int64
7427 type: integer
7428 value:
7429 description: Value is the taint value the toleration matches to.
7430 type: string
7431 type: object
7432 type: array
7433 topologySpreadConstraints:
7434 description: TopologySpreadConstraints describes how a group of pods ought to spread across t
7435 items:
7436 description: TopologySpreadConstraint specifies how to spread matching pods among the given t
7437 properties:
7438 labelSelector:
7439 description: LabelSelector is used to find matching pods.
7440 properties:
7441 matchExpressions:
7442 description: matchExpressions is a list of label selector requirements.
7443 items:
7444 description: A label selector requirement is a selector that contains values, a key, and an o
7445 properties:
7446 key:
7447 description: key is the label key that the selector applies to.
7448 type: string
7449 operator:
7450 description: operator represents a key's relationship to a set of values.
7451 type: string
7452 values:
7453 description: values is an array of string values.
7454 items:
7455 type: string
7456 type: array
7457 required:
7458 - key
7459 - operator
7460 type: object
7461 type: array
7462 matchLabels:
7463 additionalProperties:
7464 type: string
7465 description: matchLabels is a map of {key,value} pairs.
7466 type: object
7467 type: object
7468 x-kubernetes-map-type: atomic
7469 maxSkew:
7470 description: MaxSkew describes the degree to which pods may be unevenly distributed.
7471 format: int32
7472 type: integer
7473 topologyKey:
7474 description: TopologyKey is the key of node labels.
7475 type: string
7476 whenUnsatisfiable:
7477 description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr
7478 type: string
7479 required:
7480 - maxSkew
7481 - topologyKey
7482 - whenUnsatisfiable
7483 type: object
7484 type: array
7485 x-kubernetes-list-map-keys:
7486 - topologyKey
7487 - whenUnsatisfiable
7488 x-kubernetes-list-type: map
7489 volumes:
7490 description: List of volumes that can be mounted by containers belonging to the pod.
7491 items:
7492 description: 'Volume represents a named volume in a pod that may be accessed by any container '
7493 properties:
7494 awsElasticBlockStore:
7495 description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel
7496 properties:
7497 fsType:
7498 description: Filesystem type of the volume that you want to mount.
7499 type: string
7500 partition:
7501 description: The partition in the volume that you want to mount.
7502 format: int32
7503 type: integer
7504 readOnly:
7505 description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
7506 type: boolean
7507 volumeID:
7508 description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
7509 type: string
7510 required:
7511 - volumeID
7512 type: object
7513 azureDisk:
7514 description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '
7515 properties:
7516 cachingMode:
7517 description: 'Host Caching mode: None, Read Only, Read Write.'
7518 type: string
7519 diskName:
7520 description: The Name of the data disk in the blob storage
7521 type: string
7522 diskURI:
7523 description: The URI the data disk in the blob storage
7524 type: string
7525 fsType:
7526 description: Filesystem type to mount.
7527 type: string
7528 kind:
7529 description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'
7530 type: string
7531 readOnly:
7532 description: Defaults to false (read/write).
7533 type: boolean
7534 required:
7535 - diskName
7536 - diskURI
7537 type: object
7538 azureFile:
7539 description: AzureFile represents an Azure File Service mount on the host and bind mount to t
7540 properties:
7541 readOnly:
7542 description: Defaults to false (read/write).
7543 type: boolean
7544 secretName:
7545 description: the name of secret that contains Azure Storage Account Name and Key
7546 type: string
7547 shareName:
7548 description: Share Name
7549 type: string
7550 required:
7551 - secretName
7552 - shareName
7553 type: object
7554 cephfs:
7555 description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
7556 properties:
7557 monitors:
7558 description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'
7559 items:
7560 type: string
7561 type: array
7562 path:
7563 description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
7564 type: string
7565 readOnly:
7566 description: 'Optional: Defaults to false (read/write).'
7567 type: boolean
7568 secretFile:
7569 description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'
7570 type: string
7571 secretRef:
7572 description: 'Optional: SecretRef is reference to the authentication secret for User, default '
7573 properties:
7574 name:
7575 description: 'Name of the referent. More info: https://kubernetes.'
7576 type: string
7577 type: object
7578 x-kubernetes-map-type: atomic
7579 user:
7580 description: 'Optional: User is the rados user name, default is admin More info: https://examp'
7581 type: string
7582 required:
7583 - monitors
7584 type: object
7585 cinder:
7586 description: Cinder represents a cinder volume attached and mounted on kubelets host machine.
7587 properties:
7588 fsType:
7589 description: Filesystem type to mount.
7590 type: string
7591 readOnly:
7592 description: 'Optional: Defaults to false (read/write).'
7593 type: boolean
7594 secretRef:
7595 description: 'Optional: points to a secret object containing parameters used to connect to Ope'
7596 properties:
7597 name:
7598 description: 'Name of the referent. More info: https://kubernetes.'
7599 type: string
7600 type: object
7601 x-kubernetes-map-type: atomic
7602 volumeID:
7603 description: 'volume id used to identify the volume in cinder. More info: https://examples.'
7604 type: string
7605 required:
7606 - volumeID
7607 type: object
7608 configMap:
7609 description: ConfigMap represents a configMap that should populate this volume
7610 properties:
7611 defaultMode:
7612 description: 'Optional: mode bits used to set permissions on created files by default.'
7613 format: int32
7614 type: integer
7615 items:
7616 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
7617 items:
7618 description: Maps a string key to a path within a volume.
7619 properties:
7620 key:
7621 description: The key to project.
7622 type: string
7623 mode:
7624 description: 'Optional: mode bits used to set permissions on this file.'
7625 format: int32
7626 type: integer
7627 path:
7628 description: The relative path of the file to map the key to. May not be an absolute path.
7629 type: string
7630 required:
7631 - key
7632 - path
7633 type: object
7634 type: array
7635 name:
7636 description: 'Name of the referent. More info: https://kubernetes.'
7637 type: string
7638 optional:
7639 description: Specify whether the ConfigMap or its keys must be defined
7640 type: boolean
7641 type: object
7642 x-kubernetes-map-type: atomic
7643 csi:
7644 description: CSI (Container Storage Interface) represents ephemeral storage that is handled b
7645 properties:
7646 driver:
7647 description: Driver is the name of the CSI driver that handles this volume.
7648 type: string
7649 fsType:
7650 description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
7651 type: string
7652 nodePublishSecretRef:
7653 description: NodePublishSecretRef is a reference to the secret object containing sensitive in
7654 properties:
7655 name:
7656 description: 'Name of the referent. More info: https://kubernetes.'
7657 type: string
7658 type: object
7659 x-kubernetes-map-type: atomic
7660 readOnly:
7661 description: Specifies a read-only configuration for the volume.
7662 type: boolean
7663 volumeAttributes:
7664 additionalProperties:
7665 type: string
7666 description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr
7667 type: object
7668 required:
7669 - driver
7670 type: object
7671 downwardAPI:
7672 description: DownwardAPI represents downward API about the pod that should populate this volu
7673 properties:
7674 defaultMode:
7675 description: 'Optional: mode bits to use on created files by default.'
7676 format: int32
7677 type: integer
7678 items:
7679 description: Items is a list of downward API volume file
7680 items:
7681 description: DownwardAPIVolumeFile represents information to create the file containing the p
7682 properties:
7683 fieldRef:
7684 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
7685 properties:
7686 apiVersion:
7687 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
7688 type: string
7689 fieldPath:
7690 description: Path of the field to select in the specified API version.
7691 type: string
7692 required:
7693 - fieldPath
7694 type: object
7695 x-kubernetes-map-type: atomic
7696 mode:
7697 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
7698 format: int32
7699 type: integer
7700 path:
7701 description: 'Required: Path is the relative path name of the file to be created.'
7702 type: string
7703 resourceFieldRef:
7704 description: 'Selects a resource of the container: only resources limits and requests (limits.'
7705 properties:
7706 containerName:
7707 description: 'Container name: required for volumes, optional for env vars'
7708 type: string
7709 divisor:
7710 anyOf:
7711 - type: integer
7712 - type: string
7713 description: Specifies the output format of the exposed resources, defaults to "1"
7714 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7715 x-kubernetes-int-or-string: true
7716 resource:
7717 description: 'Required: resource to select'
7718 type: string
7719 required:
7720 - resource
7721 type: object
7722 x-kubernetes-map-type: atomic
7723 required:
7724 - path
7725 type: object
7726 type: array
7727 type: object
7728 emptyDir:
7729 description: EmptyDir represents a temporary directory that shares a pod's lifetime.
7730 properties:
7731 medium:
7732 description: What type of storage medium should back this directory.
7733 type: string
7734 sizeLimit:
7735 anyOf:
7736 - type: integer
7737 - type: string
7738 description: Total amount of local storage required for this EmptyDir volume.
7739 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7740 x-kubernetes-int-or-string: true
7741 type: object
7742 ephemeral:
7743 description: Ephemeral represents a volume that is handled by a cluster storage driver.
7744 properties:
7745 volumeClaimTemplate:
7746 description: Will be used to create a stand-alone PVC to provision the volume.
7747 properties:
7748 metadata:
7749 description: May contain labels and annotations that will be copied into the PVC when creatin
7750 type: object
7751 spec:
7752 description: The specification for the PersistentVolumeClaim.
7753 properties:
7754 accessModes:
7755 description: AccessModes contains the desired access modes the volume should have.
7756 items:
7757 type: string
7758 type: array
7759 dataSource:
7760 description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'
7761 properties:
7762 apiGroup:
7763 description: APIGroup is the group for the resource being referenced.
7764 type: string
7765 kind:
7766 description: Kind is the type of resource being referenced
7767 type: string
7768 name:
7769 description: Name is the name of resource being referenced
7770 type: string
7771 required:
7772 - kind
7773 - name
7774 type: object
7775 x-kubernetes-map-type: atomic
7776 dataSourceRef:
7777 description: Specifies the object from which to populate the volume with data, if a non-empty
7778 properties:
7779 apiGroup:
7780 description: APIGroup is the group for the resource being referenced.
7781 type: string
7782 kind:
7783 description: Kind is the type of resource being referenced
7784 type: string
7785 name:
7786 description: Name is the name of resource being referenced
7787 type: string
7788 required:
7789 - kind
7790 - name
7791 type: object
7792 x-kubernetes-map-type: atomic
7793 resources:
7794 description: Resources represents the minimum resources the volume should have.
7795 properties:
7796 limits:
7797 additionalProperties:
7798 anyOf:
7799 - type: integer
7800 - type: string
7801 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7802 x-kubernetes-int-or-string: true
7803 description: Limits describes the maximum amount of compute resources allowed.
7804 type: object
7805 requests:
7806 additionalProperties:
7807 anyOf:
7808 - type: integer
7809 - type: string
7810 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7811 x-kubernetes-int-or-string: true
7812 description: Requests describes the minimum amount of compute resources required.
7813 type: object
7814 type: object
7815 selector:
7816 description: A label query over volumes to consider for binding.
7817 properties:
7818 matchExpressions:
7819 description: matchExpressions is a list of label selector requirements.
7820 items:
7821 description: A label selector requirement is a selector that contains values, a key, and an o
7822 properties:
7823 key:
7824 description: key is the label key that the selector applies to.
7825 type: string
7826 operator:
7827 description: operator represents a key's relationship to a set of values.
7828 type: string
7829 values:
7830 description: values is an array of string values.
7831 items:
7832 type: string
7833 type: array
7834 required:
7835 - key
7836 - operator
7837 type: object
7838 type: array
7839 matchLabels:
7840 additionalProperties:
7841 type: string
7842 description: matchLabels is a map of {key,value} pairs.
7843 type: object
7844 type: object
7845 x-kubernetes-map-type: atomic
7846 storageClassName:
7847 description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'
7848 type: string
7849 volumeMode:
7850 description: volumeMode defines what type of volume is required by the claim.
7851 type: string
7852 volumeName:
7853 description: VolumeName is the binding reference to the PersistentVolume backing this claim.
7854 type: string
7855 type: object
7856 required:
7857 - spec
7858 type: object
7859 type: object
7860 fc:
7861 description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach
7862 properties:
7863 fsType:
7864 description: Filesystem type to mount.
7865 type: string
7866 lun:
7867 description: 'Optional: FC target lun number'
7868 format: int32
7869 type: integer
7870 readOnly:
7871 description: 'Optional: Defaults to false (read/write).'
7872 type: boolean
7873 targetWWNs:
7874 description: 'Optional: FC target worldwide names (WWNs)'
7875 items:
7876 type: string
7877 type: array
7878 wwids:
7879 description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'
7880 items:
7881 type: string
7882 type: array
7883 type: object
7884 flexVolume:
7885 description: FlexVolume represents a generic volume resource that is provisioned/attached usi
7886 properties:
7887 driver:
7888 description: Driver is the name of the driver to use for this volume.
7889 type: string
7890 fsType:
7891 description: Filesystem type to mount.
7892 type: string
7893 options:
7894 additionalProperties:
7895 type: string
7896 description: 'Optional: Extra command options if any.'
7897 type: object
7898 readOnly:
7899 description: 'Optional: Defaults to false (read/write).'
7900 type: boolean
7901 secretRef:
7902 description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'
7903 properties:
7904 name:
7905 description: 'Name of the referent. More info: https://kubernetes.'
7906 type: string
7907 type: object
7908 x-kubernetes-map-type: atomic
7909 required:
7910 - driver
7911 type: object
7912 flocker:
7913 description: Flocker represents a Flocker volume attached to a kubelet's host machine.
7914 properties:
7915 datasetName:
7916 description: Name of the dataset stored as metadata -> name on the dataset for Flocker should
7917 type: string
7918 datasetUUID:
7919 description: UUID of the dataset. This is unique identifier of a Flocker dataset
7920 type: string
7921 type: object
7922 gcePersistentDisk:
7923 description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's
7924 properties:
7925 fsType:
7926 description: Filesystem type of the volume that you want to mount.
7927 type: string
7928 partition:
7929 description: The partition in the volume that you want to mount.
7930 format: int32
7931 type: integer
7932 pdName:
7933 description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.
7934 type: string
7935 readOnly:
7936 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
7937 type: boolean
7938 required:
7939 - pdName
7940 type: object
7941 gitRepo:
7942 description: GitRepo represents a git repository at a particular revision.
7943 properties:
7944 directory:
7945 description: Target directory name. Must not contain or start with '..'. If '.
7946 type: string
7947 repository:
7948 description: Repository URL
7949 type: string
7950 revision:
7951 description: Commit hash for the specified revision.
7952 type: string
7953 required:
7954 - repository
7955 type: object
7956 glusterfs:
7957 description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
7958 properties:
7959 endpoints:
7960 description: EndpointsName is the endpoint name that details Glusterfs topology.
7961 type: string
7962 path:
7963 description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'
7964 type: string
7965 readOnly:
7966 description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi
7967 type: boolean
7968 required:
7969 - endpoints
7970 - path
7971 type: object
7972 hostPath:
7973 description: HostPath represents a pre-existing file or directory on the host machine that is
7974 properties:
7975 path:
7976 description: Path of the directory on the host.
7977 type: string
7978 type:
7979 description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'
7980 type: string
7981 required:
7982 - path
7983 type: object
7984 iscsi:
7985 description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac
7986 properties:
7987 chapAuthDiscovery:
7988 description: whether support iSCSI Discovery CHAP authentication
7989 type: boolean
7990 chapAuthSession:
7991 description: whether support iSCSI Session CHAP authentication
7992 type: boolean
7993 fsType:
7994 description: Filesystem type of the volume that you want to mount.
7995 type: string
7996 initiatorName:
7997 description: Custom iSCSI Initiator Name.
7998 type: string
7999 iqn:
8000 description: Target iSCSI Qualified Name.
8001 type: string
8002 iscsiInterface:
8003 description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
8004 type: string
8005 lun:
8006 description: iSCSI Target Lun number.
8007 format: int32
8008 type: integer
8009 portals:
8010 description: iSCSI Target Portal List.
8011 items:
8012 type: string
8013 type: array
8014 readOnly:
8015 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
8016 type: boolean
8017 secretRef:
8018 description: CHAP Secret for iSCSI target and initiator authentication
8019 properties:
8020 name:
8021 description: 'Name of the referent. More info: https://kubernetes.'
8022 type: string
8023 type: object
8024 x-kubernetes-map-type: atomic
8025 targetPortal:
8026 description: iSCSI Target Portal.
8027 type: string
8028 required:
8029 - iqn
8030 - lun
8031 - targetPortal
8032 type: object
8033 name:
8034 description: Volume's name. Must be a DNS_LABEL and unique within the pod.
8035 type: string
8036 nfs:
8037 description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '
8038 properties:
8039 path:
8040 description: 'Path that is exported by the NFS server. More info: https://kubernetes.'
8041 type: string
8042 readOnly:
8043 description: ReadOnly here will force the NFS export to be mounted with read-only permissions
8044 type: boolean
8045 server:
8046 description: Server is the hostname or IP address of the NFS server.
8047 type: string
8048 required:
8049 - path
8050 - server
8051 type: object
8052 persistentVolumeClaim:
8053 description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl
8054 properties:
8055 claimName:
8056 description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po
8057 type: string
8058 readOnly:
8059 description: Will force the ReadOnly setting in VolumeMounts. Default false.
8060 type: boolean
8061 required:
8062 - claimName
8063 type: object
8064 photonPersistentDisk:
8065 description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '
8066 properties:
8067 fsType:
8068 description: Filesystem type to mount.
8069 type: string
8070 pdID:
8071 description: ID that identifies Photon Controller persistent disk
8072 type: string
8073 required:
8074 - pdID
8075 type: object
8076 portworxVolume:
8077 description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos
8078 properties:
8079 fsType:
8080 description: FSType represents the filesystem type to mount Must be a filesystem type support
8081 type: string
8082 readOnly:
8083 description: Defaults to false (read/write).
8084 type: boolean
8085 volumeID:
8086 description: VolumeID uniquely identifies a Portworx volume
8087 type: string
8088 required:
8089 - volumeID
8090 type: object
8091 projected:
8092 description: Items for all in one resources secrets, configmaps, and downward API
8093 properties:
8094 defaultMode:
8095 description: Mode bits used to set permissions on created files by default.
8096 format: int32
8097 type: integer
8098 sources:
8099 description: list of volume projections
8100 items:
8101 description: Projection that may be projected along with other supported volume types
8102 properties:
8103 configMap:
8104 description: information about the configMap data to project
8105 properties:
8106 items:
8107 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
8108 items:
8109 description: Maps a string key to a path within a volume.
8110 properties:
8111 key:
8112 description: The key to project.
8113 type: string
8114 mode:
8115 description: 'Optional: mode bits used to set permissions on this file.'
8116 format: int32
8117 type: integer
8118 path:
8119 description: The relative path of the file to map the key to. May not be an absolute path.
8120 type: string
8121 required:
8122 - key
8123 - path
8124 type: object
8125 type: array
8126 name:
8127 description: 'Name of the referent. More info: https://kubernetes.'
8128 type: string
8129 optional:
8130 description: Specify whether the ConfigMap or its keys must be defined
8131 type: boolean
8132 type: object
8133 x-kubernetes-map-type: atomic
8134 downwardAPI:
8135 description: information about the downwardAPI data to project
8136 properties:
8137 items:
8138 description: Items is a list of DownwardAPIVolume file
8139 items:
8140 description: DownwardAPIVolumeFile represents information to create the file containing the p
8141 properties:
8142 fieldRef:
8143 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
8144 properties:
8145 apiVersion:
8146 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
8147 type: string
8148 fieldPath:
8149 description: Path of the field to select in the specified API version.
8150 type: string
8151 required:
8152 - fieldPath
8153 type: object
8154 x-kubernetes-map-type: atomic
8155 mode:
8156 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
8157 format: int32
8158 type: integer
8159 path:
8160 description: 'Required: Path is the relative path name of the file to be created.'
8161 type: string
8162 resourceFieldRef:
8163 description: 'Selects a resource of the container: only resources limits and requests (limits.'
8164 properties:
8165 containerName:
8166 description: 'Container name: required for volumes, optional for env vars'
8167 type: string
8168 divisor:
8169 anyOf:
8170 - type: integer
8171 - type: string
8172 description: Specifies the output format of the exposed resources, defaults to "1"
8173 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8174 x-kubernetes-int-or-string: true
8175 resource:
8176 description: 'Required: resource to select'
8177 type: string
8178 required:
8179 - resource
8180 type: object
8181 x-kubernetes-map-type: atomic
8182 required:
8183 - path
8184 type: object
8185 type: array
8186 type: object
8187 secret:
8188 description: information about the secret data to project
8189 properties:
8190 items:
8191 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
8192 items:
8193 description: Maps a string key to a path within a volume.
8194 properties:
8195 key:
8196 description: The key to project.
8197 type: string
8198 mode:
8199 description: 'Optional: mode bits used to set permissions on this file.'
8200 format: int32
8201 type: integer
8202 path:
8203 description: The relative path of the file to map the key to. May not be an absolute path.
8204 type: string
8205 required:
8206 - key
8207 - path
8208 type: object
8209 type: array
8210 name:
8211 description: 'Name of the referent. More info: https://kubernetes.'
8212 type: string
8213 optional:
8214 description: Specify whether the Secret or its key must be defined
8215 type: boolean
8216 type: object
8217 x-kubernetes-map-type: atomic
8218 serviceAccountToken:
8219 description: information about the serviceAccountToken data to project
8220 properties:
8221 audience:
8222 description: Audience is the intended audience of the token.
8223 type: string
8224 expirationSeconds:
8225 description: ExpirationSeconds is the requested duration of validity of the service account t
8226 format: int64
8227 type: integer
8228 path:
8229 description: Path is the path relative to the mount point of the file to project the token in
8230 type: string
8231 required:
8232 - path
8233 type: object
8234 type: object
8235 type: array
8236 type: object
8237 quobyte:
8238 description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
8239 properties:
8240 group:
8241 description: Group to map volume access to Default is no group
8242 type: string
8243 readOnly:
8244 description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss
8245 type: boolean
8246 registry:
8247 description: 'Registry represents a single or multiple Quobyte Registry services specified as '
8248 type: string
8249 tenant:
8250 description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov
8251 type: string
8252 user:
8253 description: User to map volume access to Defaults to serivceaccount user
8254 type: string
8255 volume:
8256 description: Volume is a string that references an already created Quobyte volume by name.
8257 type: string
8258 required:
8259 - registry
8260 - volume
8261 type: object
8262 rbd:
8263 description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti
8264 properties:
8265 fsType:
8266 description: Filesystem type of the volume that you want to mount.
8267 type: string
8268 image:
8269 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'
8270 type: string
8271 keyring:
8272 description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.
8273 type: string
8274 monitors:
8275 description: 'A collection of Ceph monitors. More info: https://examples.k8s.'
8276 items:
8277 type: string
8278 type: array
8279 pool:
8280 description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'
8281 type: string
8282 readOnly:
8283 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
8284 type: boolean
8285 secretRef:
8286 description: SecretRef is name of the authentication secret for RBDUser.
8287 properties:
8288 name:
8289 description: 'Name of the referent. More info: https://kubernetes.'
8290 type: string
8291 type: object
8292 x-kubernetes-map-type: atomic
8293 user:
8294 description: 'The rados user name. Default is admin. More info: https://examples.k8s.'
8295 type: string
8296 required:
8297 - image
8298 - monitors
8299 type: object
8300 scaleIO:
8301 description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete
8302 properties:
8303 fsType:
8304 description: Filesystem type to mount.
8305 type: string
8306 gateway:
8307 description: The host address of the ScaleIO API Gateway.
8308 type: string
8309 protectionDomain:
8310 description: The name of the ScaleIO Protection Domain for the configured storage.
8311 type: string
8312 readOnly:
8313 description: Defaults to false (read/write).
8314 type: boolean
8315 secretRef:
8316 description: SecretRef references to the secret for ScaleIO user and other sensitive informat
8317 properties:
8318 name:
8319 description: 'Name of the referent. More info: https://kubernetes.'
8320 type: string
8321 type: object
8322 x-kubernetes-map-type: atomic
8323 sslEnabled:
8324 description: Flag to enable/disable SSL communication with Gateway, default false
8325 type: boolean
8326 storageMode:
8327 description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro
8328 type: string
8329 storagePool:
8330 description: The ScaleIO Storage Pool associated with the protection domain.
8331 type: string
8332 system:
8333 description: The name of the storage system as configured in ScaleIO.
8334 type: string
8335 volumeName:
8336 description: The name of a volume already created in the ScaleIO system that is associated wi
8337 type: string
8338 required:
8339 - gateway
8340 - secretRef
8341 - system
8342 type: object
8343 secret:
8344 description: Secret represents a secret that should populate this volume.
8345 properties:
8346 defaultMode:
8347 description: 'Optional: mode bits used to set permissions on created files by default.'
8348 format: int32
8349 type: integer
8350 items:
8351 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
8352 items:
8353 description: Maps a string key to a path within a volume.
8354 properties:
8355 key:
8356 description: The key to project.
8357 type: string
8358 mode:
8359 description: 'Optional: mode bits used to set permissions on this file.'
8360 format: int32
8361 type: integer
8362 path:
8363 description: The relative path of the file to map the key to. May not be an absolute path.
8364 type: string
8365 required:
8366 - key
8367 - path
8368 type: object
8369 type: array
8370 optional:
8371 description: Specify whether the Secret or its keys must be defined
8372 type: boolean
8373 secretName:
8374 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'
8375 type: string
8376 type: object
8377 storageos:
8378 description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes
8379 properties:
8380 fsType:
8381 description: Filesystem type to mount.
8382 type: string
8383 readOnly:
8384 description: Defaults to false (read/write).
8385 type: boolean
8386 secretRef:
8387 description: SecretRef specifies the secret to use for obtaining the StorageOS API credential
8388 properties:
8389 name:
8390 description: 'Name of the referent. More info: https://kubernetes.'
8391 type: string
8392 type: object
8393 x-kubernetes-map-type: atomic
8394 volumeName:
8395 description: VolumeName is the human-readable name of the StorageOS volume.
8396 type: string
8397 volumeNamespace:
8398 description: VolumeNamespace specifies the scope of the volume within StorageOS.
8399 type: string
8400 type: object
8401 vsphereVolume:
8402 description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '
8403 properties:
8404 fsType:
8405 description: Filesystem type to mount.
8406 type: string
8407 storagePolicyID:
8408 description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol
8409 type: string
8410 storagePolicyName:
8411 description: Storage Policy Based Management (SPBM) profile name.
8412 type: string
8413 volumePath:
8414 description: Path that identifies vSphere volume vmdk
8415 type: string
8416 required:
8417 - volumePath
8418 type: object
8419 required:
8420 - name
8421 type: object
8422 type: array
8423 required: null
8424 type: object
8425 type: object
8426 version:
8427 default: 3
8428 enum:
8429 - 0
8430 - 2
8431 - 3
8432 format: int32
8433 type: integer
8434 type: object
8435 type: object
8436 version:
8437 default: 3
8438 enum:
8439 - 3
8440 format: int32
8441 type: integer
8442 required:
8443 - backends
8444 type: object
8445 status:
8446 description: OnionBalancedServiceStatus defines the observed state of OnionBalancedService.
8447 properties:
8448 backends:
8449 additionalProperties:
8450 description: OnionServiceStatus defines the observed state of OnionService.
8451 properties:
8452 hostname:
8453 type: string
8454 targetClusterIP:
8455 type: string
8456 type: object
8457 type: object
8458 hostname:
8459 type: string
8460 targetClusterIP:
8461 type: string
8462 type: object
8463 type: object
8464 served: true
8465 storage: true
8466 subresources:
8467 status: {}
8468---
8469apiVersion: apiextensions.k8s.io/v1
8470kind: CustomResourceDefinition
8471metadata:
8472 annotations:
8473 controller-gen.kubebuilder.io/version: v0.11.1
8474 creationTimestamp: null
8475 name: onionservices.tor.k8s.torproject.org
8476spec:
8477 group: tor.k8s.torproject.org
8478 names:
8479 kind: OnionService
8480 listKind: OnionServiceList
8481 plural: onionservices
8482 shortNames:
8483 - onion
8484 - os
8485 singular: onionservice
8486 scope: Namespaced
8487 versions:
8488 - additionalPrinterColumns:
8489 - jsonPath: .status.hostname
8490 name: Hostname
8491 type: string
8492 - jsonPath: .status.targetClusterIP
8493 name: TargetClusterIP
8494 type: string
8495 - jsonPath: .metadata.creationTimestamp
8496 name: Age
8497 type: date
8498 name: v1alpha1
8499 schema:
8500 openAPIV3Schema:
8501 description: OnionService is the Schema for the onionservices API.
8502 properties:
8503 apiVersion:
8504 description: APIVersion defines the versioned schema of this representation of an object.
8505 type: string
8506 kind:
8507 description: Kind is a string value representing the REST resource this object represents.
8508 type: string
8509 metadata:
8510 type: object
8511 spec:
8512 description: OnionServiceSpec defines the desired state of OnionService.
8513 properties:
8514 extraConfig:
8515 type: string
8516 ports:
8517 description: The list of ports that are exposed by this service.
8518 items:
8519 properties:
8520 name:
8521 description: Optional if only one ServicePort is defined on this service.
8522 type: string
8523 publicPort:
8524 description: The port that will be exposed by this service.
8525 format: int32
8526 type: integer
8527 targetPort:
8528 description: Number or name of the port to access on the pods targeted by the service.
8529 format: int32
8530 type: integer
8531 required:
8532 - publicPort
8533 type: object
8534 type: array
8535 privateKeySecret:
8536 description: SecretReference represents a Secret Reference.
8537 properties:
8538 key:
8539 type: string
8540 name:
8541 description: Name is unique within a namespace to reference a secret resource.
8542 type: string
8543 type: object
8544 selector:
8545 additionalProperties:
8546 type: string
8547 type: object
8548 version:
8549 enum:
8550 - 0
8551 - 2
8552 - 3
8553 format: int32
8554 type: integer
8555 required:
8556 - version
8557 type: object
8558 status:
8559 description: OnionServiceStatus defines the observed state of OnionService.
8560 properties:
8561 hostname:
8562 type: string
8563 targetClusterIP:
8564 type: string
8565 required:
8566 - hostname
8567 - targetClusterIP
8568 type: object
8569 type: object
8570 served: true
8571 storage: false
8572 subresources:
8573 status: {}
8574 - additionalPrinterColumns:
8575 - jsonPath: .status.hostname
8576 name: Hostname
8577 type: string
8578 - jsonPath: .metadata.creationTimestamp
8579 name: Age
8580 type: date
8581 name: v1alpha2
8582 schema:
8583 openAPIV3Schema:
8584 description: OnionService is the Schema for the onionservices API.
8585 properties:
8586 apiVersion:
8587 description: APIVersion defines the versioned schema of this representation of an object.
8588 type: string
8589 kind:
8590 description: Kind is a string value representing the REST resource this object represents.
8591 type: string
8592 metadata:
8593 type: object
8594 spec:
8595 description: OnionServiceSpec defines the desired state of OnionService.
8596 properties:
8597 authorizedClients:
8598 items:
8599 description: SecretReference represents a Secret Reference.
8600 properties:
8601 key:
8602 type: string
8603 name:
8604 description: Name is unique within a namespace to reference a secret resource.
8605 type: string
8606 type: object
8607 type: array
8608 extraConfig:
8609 type: string
8610 masterOnionAddress:
8611 type: string
8612 privateKeySecret:
8613 description: SecretReference represents a Secret Reference.
8614 properties:
8615 key:
8616 type: string
8617 name:
8618 description: Name is unique within a namespace to reference a secret resource.
8619 type: string
8620 type: object
8621 rules:
8622 items:
8623 properties:
8624 backend:
8625 description: Backend selector
8626 properties:
8627 resource:
8628 description: 'Resource is an ObjectRef to another Kubernetes resource in the namespace of the '
8629 properties:
8630 apiGroup:
8631 description: APIGroup is the group for the resource being referenced.
8632 type: string
8633 kind:
8634 description: Kind is the type of resource being referenced
8635 type: string
8636 name:
8637 description: Name is the name of resource being referenced
8638 type: string
8639 required:
8640 - kind
8641 - name
8642 type: object
8643 x-kubernetes-map-type: atomic
8644 service:
8645 description: Service references a Service as a Backend.
8646 properties:
8647 name:
8648 description: Name is the referenced service.
8649 type: string
8650 port:
8651 description: Port of the referenced service.
8652 properties:
8653 name:
8654 description: Name is the name of the port on the Service.
8655 type: string
8656 number:
8657 description: Number is the numerical port number (e.g. 80) on the Service.
8658 format: int32
8659 type: integer
8660 type: object
8661 required:
8662 - name
8663 type: object
8664 type: object
8665 port:
8666 description: Port publish as
8667 properties:
8668 name:
8669 description: Name is the name of the port on the Service.
8670 type: string
8671 number:
8672 description: Number is the numerical port number (e.g. 80) on the Service.
8673 format: int32
8674 type: integer
8675 type: object
8676 type: object
8677 type: array
8678 serviceMonitor:
8679 default: false
8680 type: boolean
8681 template:
8682 description: Template describes the pods that will be created.
8683 properties:
8684 metadata:
8685 description: Metadata of the pods created from this template.
8686 type: object
8687 resources:
8688 description: Default resources for containers
8689 properties:
8690 limits:
8691 additionalProperties:
8692 anyOf:
8693 - type: integer
8694 - type: string
8695 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8696 x-kubernetes-int-or-string: true
8697 description: Limits describes the maximum amount of compute resources allowed.
8698 type: object
8699 requests:
8700 additionalProperties:
8701 anyOf:
8702 - type: integer
8703 - type: string
8704 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8705 x-kubernetes-int-or-string: true
8706 description: Requests describes the minimum amount of compute resources required.
8707 type: object
8708 type: object
8709 spec:
8710 description: Spec defines the behavior of a pod.
8711 properties:
8712 activeDeadlineSeconds:
8713 description: Optional duration in seconds the pod may be active on the node relative to Start
8714 format: int64
8715 type: integer
8716 affinity:
8717 description: If specified, the pod's scheduling constraints
8718 properties:
8719 nodeAffinity:
8720 description: Describes node affinity scheduling rules for the pod.
8721 properties:
8722 preferredDuringSchedulingIgnoredDuringExecution:
8723 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
8724 items:
8725 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i
8726 properties:
8727 preference:
8728 description: A node selector term, associated with the corresponding weight.
8729 properties:
8730 matchExpressions:
8731 description: A list of node selector requirements by node's labels.
8732 items:
8733 description: A node selector requirement is a selector that contains values, a key, and an op
8734 properties:
8735 key:
8736 description: The label key that the selector applies to.
8737 type: string
8738 operator:
8739 description: Represents a key's relationship to a set of values.
8740 type: string
8741 values:
8742 description: An array of string values.
8743 items:
8744 type: string
8745 type: array
8746 required:
8747 - key
8748 - operator
8749 type: object
8750 type: array
8751 matchFields:
8752 description: A list of node selector requirements by node's fields.
8753 items:
8754 description: A node selector requirement is a selector that contains values, a key, and an op
8755 properties:
8756 key:
8757 description: The label key that the selector applies to.
8758 type: string
8759 operator:
8760 description: Represents a key's relationship to a set of values.
8761 type: string
8762 values:
8763 description: An array of string values.
8764 items:
8765 type: string
8766 type: array
8767 required:
8768 - key
8769 - operator
8770 type: object
8771 type: array
8772 type: object
8773 x-kubernetes-map-type: atomic
8774 weight:
8775 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range
8776 format: int32
8777 type: integer
8778 required:
8779 - preference
8780 - weight
8781 type: object
8782 type: array
8783 requiredDuringSchedulingIgnoredDuringExecution:
8784 description: If the affinity requirements specified by this field are not met at scheduling t
8785 properties:
8786 nodeSelectorTerms:
8787 description: Required. A list of node selector terms. The terms are ORed.
8788 items:
8789 description: A null or empty node selector term matches no objects.
8790 properties:
8791 matchExpressions:
8792 description: A list of node selector requirements by node's labels.
8793 items:
8794 description: A node selector requirement is a selector that contains values, a key, and an op
8795 properties:
8796 key:
8797 description: The label key that the selector applies to.
8798 type: string
8799 operator:
8800 description: Represents a key's relationship to a set of values.
8801 type: string
8802 values:
8803 description: An array of string values.
8804 items:
8805 type: string
8806 type: array
8807 required:
8808 - key
8809 - operator
8810 type: object
8811 type: array
8812 matchFields:
8813 description: A list of node selector requirements by node's fields.
8814 items:
8815 description: A node selector requirement is a selector that contains values, a key, and an op
8816 properties:
8817 key:
8818 description: The label key that the selector applies to.
8819 type: string
8820 operator:
8821 description: Represents a key's relationship to a set of values.
8822 type: string
8823 values:
8824 description: An array of string values.
8825 items:
8826 type: string
8827 type: array
8828 required:
8829 - key
8830 - operator
8831 type: object
8832 type: array
8833 type: object
8834 x-kubernetes-map-type: atomic
8835 type: array
8836 required:
8837 - nodeSelectorTerms
8838 type: object
8839 x-kubernetes-map-type: atomic
8840 type: object
8841 podAffinity:
8842 description: Describes pod affinity scheduling rules (e.g.
8843 properties:
8844 preferredDuringSchedulingIgnoredDuringExecution:
8845 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
8846 items:
8847 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
8848 properties:
8849 podAffinityTerm:
8850 description: Required. A pod affinity term, associated with the corresponding weight.
8851 properties:
8852 labelSelector:
8853 description: A label query over a set of resources, in this case pods.
8854 properties:
8855 matchExpressions:
8856 description: matchExpressions is a list of label selector requirements.
8857 items:
8858 description: A label selector requirement is a selector that contains values, a key, and an o
8859 properties:
8860 key:
8861 description: key is the label key that the selector applies to.
8862 type: string
8863 operator:
8864 description: operator represents a key's relationship to a set of values.
8865 type: string
8866 values:
8867 description: values is an array of string values.
8868 items:
8869 type: string
8870 type: array
8871 required:
8872 - key
8873 - operator
8874 type: object
8875 type: array
8876 matchLabels:
8877 additionalProperties:
8878 type: string
8879 description: matchLabels is a map of {key,value} pairs.
8880 type: object
8881 type: object
8882 x-kubernetes-map-type: atomic
8883 namespaceSelector:
8884 description: A label query over the set of namespaces that the term applies to.
8885 properties:
8886 matchExpressions:
8887 description: matchExpressions is a list of label selector requirements.
8888 items:
8889 description: A label selector requirement is a selector that contains values, a key, and an o
8890 properties:
8891 key:
8892 description: key is the label key that the selector applies to.
8893 type: string
8894 operator:
8895 description: operator represents a key's relationship to a set of values.
8896 type: string
8897 values:
8898 description: values is an array of string values.
8899 items:
8900 type: string
8901 type: array
8902 required:
8903 - key
8904 - operator
8905 type: object
8906 type: array
8907 matchLabels:
8908 additionalProperties:
8909 type: string
8910 description: matchLabels is a map of {key,value} pairs.
8911 type: object
8912 type: object
8913 x-kubernetes-map-type: atomic
8914 namespaces:
8915 description: namespaces specifies a static list of namespace names that the term applies to.
8916 items:
8917 type: string
8918 type: array
8919 topologyKey:
8920 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
8921 type: string
8922 required:
8923 - topologyKey
8924 type: object
8925 weight:
8926 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
8927 format: int32
8928 type: integer
8929 required:
8930 - podAffinityTerm
8931 - weight
8932 type: object
8933 type: array
8934 requiredDuringSchedulingIgnoredDuringExecution:
8935 description: If the affinity requirements specified by this field are not met at scheduling t
8936 items:
8937 description: Defines a set of pods (namely those matching the labelSelector relative to the g
8938 properties:
8939 labelSelector:
8940 description: A label query over a set of resources, in this case pods.
8941 properties:
8942 matchExpressions:
8943 description: matchExpressions is a list of label selector requirements.
8944 items:
8945 description: A label selector requirement is a selector that contains values, a key, and an o
8946 properties:
8947 key:
8948 description: key is the label key that the selector applies to.
8949 type: string
8950 operator:
8951 description: operator represents a key's relationship to a set of values.
8952 type: string
8953 values:
8954 description: values is an array of string values.
8955 items:
8956 type: string
8957 type: array
8958 required:
8959 - key
8960 - operator
8961 type: object
8962 type: array
8963 matchLabels:
8964 additionalProperties:
8965 type: string
8966 description: matchLabels is a map of {key,value} pairs.
8967 type: object
8968 type: object
8969 x-kubernetes-map-type: atomic
8970 namespaceSelector:
8971 description: A label query over the set of namespaces that the term applies to.
8972 properties:
8973 matchExpressions:
8974 description: matchExpressions is a list of label selector requirements.
8975 items:
8976 description: A label selector requirement is a selector that contains values, a key, and an o
8977 properties:
8978 key:
8979 description: key is the label key that the selector applies to.
8980 type: string
8981 operator:
8982 description: operator represents a key's relationship to a set of values.
8983 type: string
8984 values:
8985 description: values is an array of string values.
8986 items:
8987 type: string
8988 type: array
8989 required:
8990 - key
8991 - operator
8992 type: object
8993 type: array
8994 matchLabels:
8995 additionalProperties:
8996 type: string
8997 description: matchLabels is a map of {key,value} pairs.
8998 type: object
8999 type: object
9000 x-kubernetes-map-type: atomic
9001 namespaces:
9002 description: namespaces specifies a static list of namespace names that the term applies to.
9003 items:
9004 type: string
9005 type: array
9006 topologyKey:
9007 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
9008 type: string
9009 required:
9010 - topologyKey
9011 type: object
9012 type: array
9013 type: object
9014 podAntiAffinity:
9015 description: Describes pod anti-affinity scheduling rules (e.g.
9016 properties:
9017 preferredDuringSchedulingIgnoredDuringExecution:
9018 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini
9019 items:
9020 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
9021 properties:
9022 podAffinityTerm:
9023 description: Required. A pod affinity term, associated with the corresponding weight.
9024 properties:
9025 labelSelector:
9026 description: A label query over a set of resources, in this case pods.
9027 properties:
9028 matchExpressions:
9029 description: matchExpressions is a list of label selector requirements.
9030 items:
9031 description: A label selector requirement is a selector that contains values, a key, and an o
9032 properties:
9033 key:
9034 description: key is the label key that the selector applies to.
9035 type: string
9036 operator:
9037 description: operator represents a key's relationship to a set of values.
9038 type: string
9039 values:
9040 description: values is an array of string values.
9041 items:
9042 type: string
9043 type: array
9044 required:
9045 - key
9046 - operator
9047 type: object
9048 type: array
9049 matchLabels:
9050 additionalProperties:
9051 type: string
9052 description: matchLabels is a map of {key,value} pairs.
9053 type: object
9054 type: object
9055 x-kubernetes-map-type: atomic
9056 namespaceSelector:
9057 description: A label query over the set of namespaces that the term applies to.
9058 properties:
9059 matchExpressions:
9060 description: matchExpressions is a list of label selector requirements.
9061 items:
9062 description: A label selector requirement is a selector that contains values, a key, and an o
9063 properties:
9064 key:
9065 description: key is the label key that the selector applies to.
9066 type: string
9067 operator:
9068 description: operator represents a key's relationship to a set of values.
9069 type: string
9070 values:
9071 description: values is an array of string values.
9072 items:
9073 type: string
9074 type: array
9075 required:
9076 - key
9077 - operator
9078 type: object
9079 type: array
9080 matchLabels:
9081 additionalProperties:
9082 type: string
9083 description: matchLabels is a map of {key,value} pairs.
9084 type: object
9085 type: object
9086 x-kubernetes-map-type: atomic
9087 namespaces:
9088 description: namespaces specifies a static list of namespace names that the term applies to.
9089 items:
9090 type: string
9091 type: array
9092 topologyKey:
9093 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
9094 type: string
9095 required:
9096 - topologyKey
9097 type: object
9098 weight:
9099 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
9100 format: int32
9101 type: integer
9102 required:
9103 - podAffinityTerm
9104 - weight
9105 type: object
9106 type: array
9107 requiredDuringSchedulingIgnoredDuringExecution:
9108 description: If the anti-affinity requirements specified by this field are not met at schedul
9109 items:
9110 description: Defines a set of pods (namely those matching the labelSelector relative to the g
9111 properties:
9112 labelSelector:
9113 description: A label query over a set of resources, in this case pods.
9114 properties:
9115 matchExpressions:
9116 description: matchExpressions is a list of label selector requirements.
9117 items:
9118 description: A label selector requirement is a selector that contains values, a key, and an o
9119 properties:
9120 key:
9121 description: key is the label key that the selector applies to.
9122 type: string
9123 operator:
9124 description: operator represents a key's relationship to a set of values.
9125 type: string
9126 values:
9127 description: values is an array of string values.
9128 items:
9129 type: string
9130 type: array
9131 required:
9132 - key
9133 - operator
9134 type: object
9135 type: array
9136 matchLabels:
9137 additionalProperties:
9138 type: string
9139 description: matchLabels is a map of {key,value} pairs.
9140 type: object
9141 type: object
9142 x-kubernetes-map-type: atomic
9143 namespaceSelector:
9144 description: A label query over the set of namespaces that the term applies to.
9145 properties:
9146 matchExpressions:
9147 description: matchExpressions is a list of label selector requirements.
9148 items:
9149 description: A label selector requirement is a selector that contains values, a key, and an o
9150 properties:
9151 key:
9152 description: key is the label key that the selector applies to.
9153 type: string
9154 operator:
9155 description: operator represents a key's relationship to a set of values.
9156 type: string
9157 values:
9158 description: values is an array of string values.
9159 items:
9160 type: string
9161 type: array
9162 required:
9163 - key
9164 - operator
9165 type: object
9166 type: array
9167 matchLabels:
9168 additionalProperties:
9169 type: string
9170 description: matchLabels is a map of {key,value} pairs.
9171 type: object
9172 type: object
9173 x-kubernetes-map-type: atomic
9174 namespaces:
9175 description: namespaces specifies a static list of namespace names that the term applies to.
9176 items:
9177 type: string
9178 type: array
9179 topologyKey:
9180 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
9181 type: string
9182 required:
9183 - topologyKey
9184 type: object
9185 type: array
9186 type: object
9187 type: object
9188 automountServiceAccountToken:
9189 description: AutomountServiceAccountToken indicates whether a service account token should be
9190 type: boolean
9191 containers:
9192 description: List of containers belonging to the pod.
9193 items:
9194 description: A single application container that you want to run within a pod.
9195 properties:
9196 args:
9197 description: Arguments to the entrypoint.
9198 items:
9199 type: string
9200 type: array
9201 command:
9202 description: Entrypoint array. Not executed within a shell.
9203 items:
9204 type: string
9205 type: array
9206 env:
9207 description: List of environment variables to set in the container. Cannot be updated.
9208 items:
9209 description: EnvVar represents an environment variable present in a Container.
9210 properties:
9211 name:
9212 description: Name of the environment variable. Must be a C_IDENTIFIER.
9213 type: string
9214 value:
9215 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
9216 type: string
9217 valueFrom:
9218 description: Source for the environment variable's value.
9219 properties:
9220 configMapKeyRef:
9221 description: Selects a key of a ConfigMap.
9222 properties:
9223 key:
9224 description: The key to select.
9225 type: string
9226 name:
9227 description: 'Name of the referent. More info: https://kubernetes.'
9228 type: string
9229 optional:
9230 description: Specify whether the ConfigMap or its key must be defined
9231 type: boolean
9232 required:
9233 - key
9234 type: object
9235 x-kubernetes-map-type: atomic
9236 fieldRef:
9237 description: 'Selects a field of the pod: supports metadata.name, metadata.'
9238 properties:
9239 apiVersion:
9240 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
9241 type: string
9242 fieldPath:
9243 description: Path of the field to select in the specified API version.
9244 type: string
9245 required:
9246 - fieldPath
9247 type: object
9248 x-kubernetes-map-type: atomic
9249 resourceFieldRef:
9250 description: 'Selects a resource of the container: only resources limits and requests (limits.'
9251 properties:
9252 containerName:
9253 description: 'Container name: required for volumes, optional for env vars'
9254 type: string
9255 divisor:
9256 anyOf:
9257 - type: integer
9258 - type: string
9259 description: Specifies the output format of the exposed resources, defaults to "1"
9260 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9261 x-kubernetes-int-or-string: true
9262 resource:
9263 description: 'Required: resource to select'
9264 type: string
9265 required:
9266 - resource
9267 type: object
9268 x-kubernetes-map-type: atomic
9269 secretKeyRef:
9270 description: Selects a key of a secret in the pod's namespace
9271 properties:
9272 key:
9273 description: The key of the secret to select from. Must be a valid secret key.
9274 type: string
9275 name:
9276 description: 'Name of the referent. More info: https://kubernetes.'
9277 type: string
9278 optional:
9279 description: Specify whether the Secret or its key must be defined
9280 type: boolean
9281 required:
9282 - key
9283 type: object
9284 x-kubernetes-map-type: atomic
9285 type: object
9286 required:
9287 - name
9288 type: object
9289 type: array
9290 envFrom:
9291 description: List of sources to populate environment variables in the container.
9292 items:
9293 description: EnvFromSource represents the source of a set of ConfigMaps
9294 properties:
9295 configMapRef:
9296 description: The ConfigMap to select from
9297 properties:
9298 name:
9299 description: 'Name of the referent. More info: https://kubernetes.'
9300 type: string
9301 optional:
9302 description: Specify whether the ConfigMap must be defined
9303 type: boolean
9304 type: object
9305 x-kubernetes-map-type: atomic
9306 prefix:
9307 description: An optional identifier to prepend to each key in the ConfigMap.
9308 type: string
9309 secretRef:
9310 description: The Secret to select from
9311 properties:
9312 name:
9313 description: 'Name of the referent. More info: https://kubernetes.'
9314 type: string
9315 optional:
9316 description: Specify whether the Secret must be defined
9317 type: boolean
9318 type: object
9319 x-kubernetes-map-type: atomic
9320 type: object
9321 type: array
9322 image:
9323 description: 'Docker image name. More info: https://kubernetes.'
9324 type: string
9325 imagePullPolicy:
9326 description: Image pull policy. One of Always, Never, IfNotPresent.
9327 type: string
9328 lifecycle:
9329 description: Actions that the management system should take in response to container lifecycl
9330 properties:
9331 postStart:
9332 description: PostStart is called immediately after a container is created.
9333 properties:
9334 exec:
9335 description: Exec specifies the action to take.
9336 properties:
9337 command:
9338 description: Command is the command line to execute inside the container, the working directo
9339 items:
9340 type: string
9341 type: array
9342 type: object
9343 httpGet:
9344 description: HTTPGet specifies the http request to perform.
9345 properties:
9346 host:
9347 description: Host name to connect to, defaults to the pod IP.
9348 type: string
9349 httpHeaders:
9350 description: Custom headers to set in the request. HTTP allows repeated headers.
9351 items:
9352 description: HTTPHeader describes a custom header to be used in HTTP probes
9353 properties:
9354 name:
9355 description: The header field name
9356 type: string
9357 value:
9358 description: The header field value
9359 type: string
9360 required:
9361 - name
9362 - value
9363 type: object
9364 type: array
9365 path:
9366 description: Path to access on the HTTP server.
9367 type: string
9368 port:
9369 anyOf:
9370 - type: integer
9371 - type: string
9372 description: Name or number of the port to access on the container.
9373 x-kubernetes-int-or-string: true
9374 scheme:
9375 description: Scheme to use for connecting to the host. Defaults to HTTP.
9376 type: string
9377 required:
9378 - port
9379 type: object
9380 tcpSocket:
9381 description: Deprecated.
9382 properties:
9383 host:
9384 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9385 type: string
9386 port:
9387 anyOf:
9388 - type: integer
9389 - type: string
9390 description: Number or name of the port to access on the container.
9391 x-kubernetes-int-or-string: true
9392 required:
9393 - port
9394 type: object
9395 type: object
9396 preStop:
9397 description: PreStop is called immediately before a container is terminated due to an API req
9398 properties:
9399 exec:
9400 description: Exec specifies the action to take.
9401 properties:
9402 command:
9403 description: Command is the command line to execute inside the container, the working directo
9404 items:
9405 type: string
9406 type: array
9407 type: object
9408 httpGet:
9409 description: HTTPGet specifies the http request to perform.
9410 properties:
9411 host:
9412 description: Host name to connect to, defaults to the pod IP.
9413 type: string
9414 httpHeaders:
9415 description: Custom headers to set in the request. HTTP allows repeated headers.
9416 items:
9417 description: HTTPHeader describes a custom header to be used in HTTP probes
9418 properties:
9419 name:
9420 description: The header field name
9421 type: string
9422 value:
9423 description: The header field value
9424 type: string
9425 required:
9426 - name
9427 - value
9428 type: object
9429 type: array
9430 path:
9431 description: Path to access on the HTTP server.
9432 type: string
9433 port:
9434 anyOf:
9435 - type: integer
9436 - type: string
9437 description: Name or number of the port to access on the container.
9438 x-kubernetes-int-or-string: true
9439 scheme:
9440 description: Scheme to use for connecting to the host. Defaults to HTTP.
9441 type: string
9442 required:
9443 - port
9444 type: object
9445 tcpSocket:
9446 description: Deprecated.
9447 properties:
9448 host:
9449 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9450 type: string
9451 port:
9452 anyOf:
9453 - type: integer
9454 - type: string
9455 description: Number or name of the port to access on the container.
9456 x-kubernetes-int-or-string: true
9457 required:
9458 - port
9459 type: object
9460 type: object
9461 type: object
9462 livenessProbe:
9463 description: Periodic probe of container liveness.
9464 properties:
9465 exec:
9466 description: Exec specifies the action to take.
9467 properties:
9468 command:
9469 description: Command is the command line to execute inside the container, the working directo
9470 items:
9471 type: string
9472 type: array
9473 type: object
9474 failureThreshold:
9475 description: 'Minimum consecutive failures for the probe to be considered failed after having '
9476 format: int32
9477 type: integer
9478 grpc:
9479 description: GRPC specifies an action involving a GRPC port.
9480 properties:
9481 port:
9482 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9483 format: int32
9484 type: integer
9485 service:
9486 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
9487 type: string
9488 required:
9489 - port
9490 type: object
9491 httpGet:
9492 description: HTTPGet specifies the http request to perform.
9493 properties:
9494 host:
9495 description: Host name to connect to, defaults to the pod IP.
9496 type: string
9497 httpHeaders:
9498 description: Custom headers to set in the request. HTTP allows repeated headers.
9499 items:
9500 description: HTTPHeader describes a custom header to be used in HTTP probes
9501 properties:
9502 name:
9503 description: The header field name
9504 type: string
9505 value:
9506 description: The header field value
9507 type: string
9508 required:
9509 - name
9510 - value
9511 type: object
9512 type: array
9513 path:
9514 description: Path to access on the HTTP server.
9515 type: string
9516 port:
9517 anyOf:
9518 - type: integer
9519 - type: string
9520 description: Name or number of the port to access on the container.
9521 x-kubernetes-int-or-string: true
9522 scheme:
9523 description: Scheme to use for connecting to the host. Defaults to HTTP.
9524 type: string
9525 required:
9526 - port
9527 type: object
9528 initialDelaySeconds:
9529 description: Number of seconds after the container has started before liveness probes are ini
9530 format: int32
9531 type: integer
9532 periodSeconds:
9533 description: How often (in seconds) to perform the probe. Default to 10 seconds.
9534 format: int32
9535 type: integer
9536 successThreshold:
9537 description: Minimum consecutive successes for the probe to be considered successful after ha
9538 format: int32
9539 type: integer
9540 tcpSocket:
9541 description: TCPSocket specifies an action involving a TCP port.
9542 properties:
9543 host:
9544 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9545 type: string
9546 port:
9547 anyOf:
9548 - type: integer
9549 - type: string
9550 description: Number or name of the port to access on the container.
9551 x-kubernetes-int-or-string: true
9552 required:
9553 - port
9554 type: object
9555 terminationGracePeriodSeconds:
9556 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
9557 format: int64
9558 type: integer
9559 timeoutSeconds:
9560 description: Number of seconds after which the probe times out. Defaults to 1 second.
9561 format: int32
9562 type: integer
9563 type: object
9564 name:
9565 description: Name of the container specified as a DNS_LABEL.
9566 type: string
9567 ports:
9568 description: List of ports to expose from the container.
9569 items:
9570 description: ContainerPort represents a network port in a single container.
9571 properties:
9572 containerPort:
9573 description: Number of port to expose on the pod's IP address.
9574 format: int32
9575 type: integer
9576 hostIP:
9577 description: What host IP to bind the external port to.
9578 type: string
9579 hostPort:
9580 description: Number of port to expose on the host.
9581 format: int32
9582 type: integer
9583 name:
9584 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
9585 type: string
9586 protocol:
9587 default: TCP
9588 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
9589 type: string
9590 required:
9591 - containerPort
9592 type: object
9593 type: array
9594 x-kubernetes-list-map-keys:
9595 - containerPort
9596 - protocol
9597 x-kubernetes-list-type: map
9598 readinessProbe:
9599 description: Periodic probe of container service readiness.
9600 properties:
9601 exec:
9602 description: Exec specifies the action to take.
9603 properties:
9604 command:
9605 description: Command is the command line to execute inside the container, the working directo
9606 items:
9607 type: string
9608 type: array
9609 type: object
9610 failureThreshold:
9611 description: 'Minimum consecutive failures for the probe to be considered failed after having '
9612 format: int32
9613 type: integer
9614 grpc:
9615 description: GRPC specifies an action involving a GRPC port.
9616 properties:
9617 port:
9618 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9619 format: int32
9620 type: integer
9621 service:
9622 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
9623 type: string
9624 required:
9625 - port
9626 type: object
9627 httpGet:
9628 description: HTTPGet specifies the http request to perform.
9629 properties:
9630 host:
9631 description: Host name to connect to, defaults to the pod IP.
9632 type: string
9633 httpHeaders:
9634 description: Custom headers to set in the request. HTTP allows repeated headers.
9635 items:
9636 description: HTTPHeader describes a custom header to be used in HTTP probes
9637 properties:
9638 name:
9639 description: The header field name
9640 type: string
9641 value:
9642 description: The header field value
9643 type: string
9644 required:
9645 - name
9646 - value
9647 type: object
9648 type: array
9649 path:
9650 description: Path to access on the HTTP server.
9651 type: string
9652 port:
9653 anyOf:
9654 - type: integer
9655 - type: string
9656 description: Name or number of the port to access on the container.
9657 x-kubernetes-int-or-string: true
9658 scheme:
9659 description: Scheme to use for connecting to the host. Defaults to HTTP.
9660 type: string
9661 required:
9662 - port
9663 type: object
9664 initialDelaySeconds:
9665 description: Number of seconds after the container has started before liveness probes are ini
9666 format: int32
9667 type: integer
9668 periodSeconds:
9669 description: How often (in seconds) to perform the probe. Default to 10 seconds.
9670 format: int32
9671 type: integer
9672 successThreshold:
9673 description: Minimum consecutive successes for the probe to be considered successful after ha
9674 format: int32
9675 type: integer
9676 tcpSocket:
9677 description: TCPSocket specifies an action involving a TCP port.
9678 properties:
9679 host:
9680 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9681 type: string
9682 port:
9683 anyOf:
9684 - type: integer
9685 - type: string
9686 description: Number or name of the port to access on the container.
9687 x-kubernetes-int-or-string: true
9688 required:
9689 - port
9690 type: object
9691 terminationGracePeriodSeconds:
9692 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
9693 format: int64
9694 type: integer
9695 timeoutSeconds:
9696 description: Number of seconds after which the probe times out. Defaults to 1 second.
9697 format: int32
9698 type: integer
9699 type: object
9700 resources:
9701 description: Compute Resources required by this container. Cannot be updated.
9702 properties:
9703 limits:
9704 additionalProperties:
9705 anyOf:
9706 - type: integer
9707 - type: string
9708 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9709 x-kubernetes-int-or-string: true
9710 description: Limits describes the maximum amount of compute resources allowed.
9711 type: object
9712 requests:
9713 additionalProperties:
9714 anyOf:
9715 - type: integer
9716 - type: string
9717 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9718 x-kubernetes-int-or-string: true
9719 description: Requests describes the minimum amount of compute resources required.
9720 type: object
9721 type: object
9722 securityContext:
9723 description: SecurityContext defines the security options the container should be run with.
9724 properties:
9725 allowPrivilegeEscalation:
9726 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
9727 type: boolean
9728 capabilities:
9729 description: The capabilities to add/drop when running containers.
9730 properties:
9731 add:
9732 description: Added capabilities
9733 items:
9734 description: Capability represent POSIX capabilities type
9735 type: string
9736 type: array
9737 drop:
9738 description: Removed capabilities
9739 items:
9740 description: Capability represent POSIX capabilities type
9741 type: string
9742 type: array
9743 type: object
9744 privileged:
9745 description: Run container in privileged mode.
9746 type: boolean
9747 procMount:
9748 description: procMount denotes the type of proc mount to use for the containers.
9749 type: string
9750 readOnlyRootFilesystem:
9751 description: Whether this container has a read-only root filesystem. Default is false.
9752 type: boolean
9753 runAsGroup:
9754 description: The GID to run the entrypoint of the container process.
9755 format: int64
9756 type: integer
9757 runAsNonRoot:
9758 description: Indicates that the container must run as a non-root user.
9759 type: boolean
9760 runAsUser:
9761 description: The UID to run the entrypoint of the container process.
9762 format: int64
9763 type: integer
9764 seLinuxOptions:
9765 description: The SELinux context to be applied to the container.
9766 properties:
9767 level:
9768 description: Level is SELinux level label that applies to the container.
9769 type: string
9770 role:
9771 description: Role is a SELinux role label that applies to the container.
9772 type: string
9773 type:
9774 description: Type is a SELinux type label that applies to the container.
9775 type: string
9776 user:
9777 description: User is a SELinux user label that applies to the container.
9778 type: string
9779 type: object
9780 seccompProfile:
9781 description: The seccomp options to use by this container.
9782 properties:
9783 localhostProfile:
9784 description: localhostProfile indicates a profile defined in a file on the node should be use
9785 type: string
9786 type:
9787 description: type indicates which kind of seccomp profile will be applied.
9788 type: string
9789 required:
9790 - type
9791 type: object
9792 windowsOptions:
9793 description: The Windows specific settings applied to all containers.
9794 properties:
9795 gmsaCredentialSpec:
9796 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
9797 type: string
9798 gmsaCredentialSpecName:
9799 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
9800 type: string
9801 hostProcess:
9802 description: HostProcess determines if a container should be run as a 'Host Process' containe
9803 type: boolean
9804 runAsUserName:
9805 description: The UserName in Windows to run the entrypoint of the container process.
9806 type: string
9807 type: object
9808 type: object
9809 startupProbe:
9810 description: StartupProbe indicates that the Pod has successfully initialized.
9811 properties:
9812 exec:
9813 description: Exec specifies the action to take.
9814 properties:
9815 command:
9816 description: Command is the command line to execute inside the container, the working directo
9817 items:
9818 type: string
9819 type: array
9820 type: object
9821 failureThreshold:
9822 description: 'Minimum consecutive failures for the probe to be considered failed after having '
9823 format: int32
9824 type: integer
9825 grpc:
9826 description: GRPC specifies an action involving a GRPC port.
9827 properties:
9828 port:
9829 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9830 format: int32
9831 type: integer
9832 service:
9833 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
9834 type: string
9835 required:
9836 - port
9837 type: object
9838 httpGet:
9839 description: HTTPGet specifies the http request to perform.
9840 properties:
9841 host:
9842 description: Host name to connect to, defaults to the pod IP.
9843 type: string
9844 httpHeaders:
9845 description: Custom headers to set in the request. HTTP allows repeated headers.
9846 items:
9847 description: HTTPHeader describes a custom header to be used in HTTP probes
9848 properties:
9849 name:
9850 description: The header field name
9851 type: string
9852 value:
9853 description: The header field value
9854 type: string
9855 required:
9856 - name
9857 - value
9858 type: object
9859 type: array
9860 path:
9861 description: Path to access on the HTTP server.
9862 type: string
9863 port:
9864 anyOf:
9865 - type: integer
9866 - type: string
9867 description: Name or number of the port to access on the container.
9868 x-kubernetes-int-or-string: true
9869 scheme:
9870 description: Scheme to use for connecting to the host. Defaults to HTTP.
9871 type: string
9872 required:
9873 - port
9874 type: object
9875 initialDelaySeconds:
9876 description: Number of seconds after the container has started before liveness probes are ini
9877 format: int32
9878 type: integer
9879 periodSeconds:
9880 description: How often (in seconds) to perform the probe. Default to 10 seconds.
9881 format: int32
9882 type: integer
9883 successThreshold:
9884 description: Minimum consecutive successes for the probe to be considered successful after ha
9885 format: int32
9886 type: integer
9887 tcpSocket:
9888 description: TCPSocket specifies an action involving a TCP port.
9889 properties:
9890 host:
9891 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9892 type: string
9893 port:
9894 anyOf:
9895 - type: integer
9896 - type: string
9897 description: Number or name of the port to access on the container.
9898 x-kubernetes-int-or-string: true
9899 required:
9900 - port
9901 type: object
9902 terminationGracePeriodSeconds:
9903 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
9904 format: int64
9905 type: integer
9906 timeoutSeconds:
9907 description: Number of seconds after which the probe times out. Defaults to 1 second.
9908 format: int32
9909 type: integer
9910 type: object
9911 stdin:
9912 description: Whether this container should allocate a buffer for stdin in the container runti
9913 type: boolean
9914 stdinOnce:
9915 description: Whether the container runtime should close the stdin channel after it has been o
9916 type: boolean
9917 terminationMessagePath:
9918 description: 'Optional: Path at which the file to which the container''s termination message wi'
9919 type: string
9920 terminationMessagePolicy:
9921 description: Indicate how the termination message should be populated.
9922 type: string
9923 tty:
9924 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
9925 type: boolean
9926 volumeDevices:
9927 description: volumeDevices is the list of block devices to be used by the container.
9928 items:
9929 description: volumeDevice describes a mapping of a raw block device within a container.
9930 properties:
9931 devicePath:
9932 description: devicePath is the path inside of the container that the device will be mapped to
9933 type: string
9934 name:
9935 description: name must match the name of a persistentVolumeClaim in the pod
9936 type: string
9937 required:
9938 - devicePath
9939 - name
9940 type: object
9941 type: array
9942 volumeMounts:
9943 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
9944 items:
9945 description: VolumeMount describes a mounting of a Volume within a container.
9946 properties:
9947 mountPath:
9948 description: Path within the container at which the volume should be mounted.
9949 type: string
9950 mountPropagation:
9951 description: mountPropagation determines how mounts are propagated from the host to container
9952 type: string
9953 name:
9954 description: This must match the Name of a Volume.
9955 type: string
9956 readOnly:
9957 description: Mounted read-only if true, read-write otherwise (false or unspecified).
9958 type: boolean
9959 subPath:
9960 description: Path within the volume from which the container's volume should be mounted.
9961 type: string
9962 subPathExpr:
9963 description: Expanded path within the volume from which the container's volume should be moun
9964 type: string
9965 required:
9966 - mountPath
9967 - name
9968 type: object
9969 type: array
9970 workingDir:
9971 description: Container's working directory.
9972 type: string
9973 required:
9974 - name
9975 type: object
9976 type: array
9977 dnsConfig:
9978 description: Specifies the DNS parameters of a pod.
9979 properties:
9980 nameservers:
9981 description: A list of DNS name server IP addresses.
9982 items:
9983 type: string
9984 type: array
9985 options:
9986 description: A list of DNS resolver options.
9987 items:
9988 description: PodDNSConfigOption defines DNS resolver options of a pod.
9989 properties:
9990 name:
9991 description: Required.
9992 type: string
9993 value:
9994 type: string
9995 type: object
9996 type: array
9997 searches:
9998 description: A list of DNS search domains for host-name lookup.
9999 items:
10000 type: string
10001 type: array
10002 type: object
10003 dnsPolicy:
10004 description: Set DNS policy for the pod. Defaults to "ClusterFirst".
10005 type: string
10006 enableServiceLinks:
10007 description: EnableServiceLinks indicates whether information about services should be inject
10008 type: boolean
10009 ephemeralContainers:
10010 description: List of ephemeral containers run in this pod.
10011 items:
10012 description: An EphemeralContainer is a temporary container that you may add to an existing P
10013 properties:
10014 args:
10015 description: Arguments to the entrypoint.
10016 items:
10017 type: string
10018 type: array
10019 command:
10020 description: Entrypoint array. Not executed within a shell.
10021 items:
10022 type: string
10023 type: array
10024 env:
10025 description: List of environment variables to set in the container. Cannot be updated.
10026 items:
10027 description: EnvVar represents an environment variable present in a Container.
10028 properties:
10029 name:
10030 description: Name of the environment variable. Must be a C_IDENTIFIER.
10031 type: string
10032 value:
10033 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
10034 type: string
10035 valueFrom:
10036 description: Source for the environment variable's value.
10037 properties:
10038 configMapKeyRef:
10039 description: Selects a key of a ConfigMap.
10040 properties:
10041 key:
10042 description: The key to select.
10043 type: string
10044 name:
10045 description: 'Name of the referent. More info: https://kubernetes.'
10046 type: string
10047 optional:
10048 description: Specify whether the ConfigMap or its key must be defined
10049 type: boolean
10050 required:
10051 - key
10052 type: object
10053 x-kubernetes-map-type: atomic
10054 fieldRef:
10055 description: 'Selects a field of the pod: supports metadata.name, metadata.'
10056 properties:
10057 apiVersion:
10058 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
10059 type: string
10060 fieldPath:
10061 description: Path of the field to select in the specified API version.
10062 type: string
10063 required:
10064 - fieldPath
10065 type: object
10066 x-kubernetes-map-type: atomic
10067 resourceFieldRef:
10068 description: 'Selects a resource of the container: only resources limits and requests (limits.'
10069 properties:
10070 containerName:
10071 description: 'Container name: required for volumes, optional for env vars'
10072 type: string
10073 divisor:
10074 anyOf:
10075 - type: integer
10076 - type: string
10077 description: Specifies the output format of the exposed resources, defaults to "1"
10078 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10079 x-kubernetes-int-or-string: true
10080 resource:
10081 description: 'Required: resource to select'
10082 type: string
10083 required:
10084 - resource
10085 type: object
10086 x-kubernetes-map-type: atomic
10087 secretKeyRef:
10088 description: Selects a key of a secret in the pod's namespace
10089 properties:
10090 key:
10091 description: The key of the secret to select from. Must be a valid secret key.
10092 type: string
10093 name:
10094 description: 'Name of the referent. More info: https://kubernetes.'
10095 type: string
10096 optional:
10097 description: Specify whether the Secret or its key must be defined
10098 type: boolean
10099 required:
10100 - key
10101 type: object
10102 x-kubernetes-map-type: atomic
10103 type: object
10104 required:
10105 - name
10106 type: object
10107 type: array
10108 envFrom:
10109 description: List of sources to populate environment variables in the container.
10110 items:
10111 description: EnvFromSource represents the source of a set of ConfigMaps
10112 properties:
10113 configMapRef:
10114 description: The ConfigMap to select from
10115 properties:
10116 name:
10117 description: 'Name of the referent. More info: https://kubernetes.'
10118 type: string
10119 optional:
10120 description: Specify whether the ConfigMap must be defined
10121 type: boolean
10122 type: object
10123 x-kubernetes-map-type: atomic
10124 prefix:
10125 description: An optional identifier to prepend to each key in the ConfigMap.
10126 type: string
10127 secretRef:
10128 description: The Secret to select from
10129 properties:
10130 name:
10131 description: 'Name of the referent. More info: https://kubernetes.'
10132 type: string
10133 optional:
10134 description: Specify whether the Secret must be defined
10135 type: boolean
10136 type: object
10137 x-kubernetes-map-type: atomic
10138 type: object
10139 type: array
10140 image:
10141 description: 'Docker image name. More info: https://kubernetes.'
10142 type: string
10143 imagePullPolicy:
10144 description: Image pull policy. One of Always, Never, IfNotPresent.
10145 type: string
10146 lifecycle:
10147 description: Lifecycle is not allowed for ephemeral containers.
10148 properties:
10149 postStart:
10150 description: PostStart is called immediately after a container is created.
10151 properties:
10152 exec:
10153 description: Exec specifies the action to take.
10154 properties:
10155 command:
10156 description: Command is the command line to execute inside the container, the working directo
10157 items:
10158 type: string
10159 type: array
10160 type: object
10161 httpGet:
10162 description: HTTPGet specifies the http request to perform.
10163 properties:
10164 host:
10165 description: Host name to connect to, defaults to the pod IP.
10166 type: string
10167 httpHeaders:
10168 description: Custom headers to set in the request. HTTP allows repeated headers.
10169 items:
10170 description: HTTPHeader describes a custom header to be used in HTTP probes
10171 properties:
10172 name:
10173 description: The header field name
10174 type: string
10175 value:
10176 description: The header field value
10177 type: string
10178 required:
10179 - name
10180 - value
10181 type: object
10182 type: array
10183 path:
10184 description: Path to access on the HTTP server.
10185 type: string
10186 port:
10187 anyOf:
10188 - type: integer
10189 - type: string
10190 description: Name or number of the port to access on the container.
10191 x-kubernetes-int-or-string: true
10192 scheme:
10193 description: Scheme to use for connecting to the host. Defaults to HTTP.
10194 type: string
10195 required:
10196 - port
10197 type: object
10198 tcpSocket:
10199 description: Deprecated.
10200 properties:
10201 host:
10202 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10203 type: string
10204 port:
10205 anyOf:
10206 - type: integer
10207 - type: string
10208 description: Number or name of the port to access on the container.
10209 x-kubernetes-int-or-string: true
10210 required:
10211 - port
10212 type: object
10213 type: object
10214 preStop:
10215 description: PreStop is called immediately before a container is terminated due to an API req
10216 properties:
10217 exec:
10218 description: Exec specifies the action to take.
10219 properties:
10220 command:
10221 description: Command is the command line to execute inside the container, the working directo
10222 items:
10223 type: string
10224 type: array
10225 type: object
10226 httpGet:
10227 description: HTTPGet specifies the http request to perform.
10228 properties:
10229 host:
10230 description: Host name to connect to, defaults to the pod IP.
10231 type: string
10232 httpHeaders:
10233 description: Custom headers to set in the request. HTTP allows repeated headers.
10234 items:
10235 description: HTTPHeader describes a custom header to be used in HTTP probes
10236 properties:
10237 name:
10238 description: The header field name
10239 type: string
10240 value:
10241 description: The header field value
10242 type: string
10243 required:
10244 - name
10245 - value
10246 type: object
10247 type: array
10248 path:
10249 description: Path to access on the HTTP server.
10250 type: string
10251 port:
10252 anyOf:
10253 - type: integer
10254 - type: string
10255 description: Name or number of the port to access on the container.
10256 x-kubernetes-int-or-string: true
10257 scheme:
10258 description: Scheme to use for connecting to the host. Defaults to HTTP.
10259 type: string
10260 required:
10261 - port
10262 type: object
10263 tcpSocket:
10264 description: Deprecated.
10265 properties:
10266 host:
10267 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10268 type: string
10269 port:
10270 anyOf:
10271 - type: integer
10272 - type: string
10273 description: Number or name of the port to access on the container.
10274 x-kubernetes-int-or-string: true
10275 required:
10276 - port
10277 type: object
10278 type: object
10279 type: object
10280 livenessProbe:
10281 description: Probes are not allowed for ephemeral containers.
10282 properties:
10283 exec:
10284 description: Exec specifies the action to take.
10285 properties:
10286 command:
10287 description: Command is the command line to execute inside the container, the working directo
10288 items:
10289 type: string
10290 type: array
10291 type: object
10292 failureThreshold:
10293 description: 'Minimum consecutive failures for the probe to be considered failed after having '
10294 format: int32
10295 type: integer
10296 grpc:
10297 description: GRPC specifies an action involving a GRPC port.
10298 properties:
10299 port:
10300 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10301 format: int32
10302 type: integer
10303 service:
10304 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
10305 type: string
10306 required:
10307 - port
10308 type: object
10309 httpGet:
10310 description: HTTPGet specifies the http request to perform.
10311 properties:
10312 host:
10313 description: Host name to connect to, defaults to the pod IP.
10314 type: string
10315 httpHeaders:
10316 description: Custom headers to set in the request. HTTP allows repeated headers.
10317 items:
10318 description: HTTPHeader describes a custom header to be used in HTTP probes
10319 properties:
10320 name:
10321 description: The header field name
10322 type: string
10323 value:
10324 description: The header field value
10325 type: string
10326 required:
10327 - name
10328 - value
10329 type: object
10330 type: array
10331 path:
10332 description: Path to access on the HTTP server.
10333 type: string
10334 port:
10335 anyOf:
10336 - type: integer
10337 - type: string
10338 description: Name or number of the port to access on the container.
10339 x-kubernetes-int-or-string: true
10340 scheme:
10341 description: Scheme to use for connecting to the host. Defaults to HTTP.
10342 type: string
10343 required:
10344 - port
10345 type: object
10346 initialDelaySeconds:
10347 description: Number of seconds after the container has started before liveness probes are ini
10348 format: int32
10349 type: integer
10350 periodSeconds:
10351 description: How often (in seconds) to perform the probe. Default to 10 seconds.
10352 format: int32
10353 type: integer
10354 successThreshold:
10355 description: Minimum consecutive successes for the probe to be considered successful after ha
10356 format: int32
10357 type: integer
10358 tcpSocket:
10359 description: TCPSocket specifies an action involving a TCP port.
10360 properties:
10361 host:
10362 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10363 type: string
10364 port:
10365 anyOf:
10366 - type: integer
10367 - type: string
10368 description: Number or name of the port to access on the container.
10369 x-kubernetes-int-or-string: true
10370 required:
10371 - port
10372 type: object
10373 terminationGracePeriodSeconds:
10374 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
10375 format: int64
10376 type: integer
10377 timeoutSeconds:
10378 description: Number of seconds after which the probe times out. Defaults to 1 second.
10379 format: int32
10380 type: integer
10381 type: object
10382 name:
10383 description: Name of the ephemeral container specified as a DNS_LABEL.
10384 type: string
10385 ports:
10386 description: Ports are not allowed for ephemeral containers.
10387 items:
10388 description: ContainerPort represents a network port in a single container.
10389 properties:
10390 containerPort:
10391 description: Number of port to expose on the pod's IP address.
10392 format: int32
10393 type: integer
10394 hostIP:
10395 description: What host IP to bind the external port to.
10396 type: string
10397 hostPort:
10398 description: Number of port to expose on the host.
10399 format: int32
10400 type: integer
10401 name:
10402 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
10403 type: string
10404 protocol:
10405 default: TCP
10406 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
10407 type: string
10408 required:
10409 - containerPort
10410 type: object
10411 type: array
10412 x-kubernetes-list-map-keys:
10413 - containerPort
10414 - protocol
10415 x-kubernetes-list-type: map
10416 readinessProbe:
10417 description: Probes are not allowed for ephemeral containers.
10418 properties:
10419 exec:
10420 description: Exec specifies the action to take.
10421 properties:
10422 command:
10423 description: Command is the command line to execute inside the container, the working directo
10424 items:
10425 type: string
10426 type: array
10427 type: object
10428 failureThreshold:
10429 description: 'Minimum consecutive failures for the probe to be considered failed after having '
10430 format: int32
10431 type: integer
10432 grpc:
10433 description: GRPC specifies an action involving a GRPC port.
10434 properties:
10435 port:
10436 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10437 format: int32
10438 type: integer
10439 service:
10440 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
10441 type: string
10442 required:
10443 - port
10444 type: object
10445 httpGet:
10446 description: HTTPGet specifies the http request to perform.
10447 properties:
10448 host:
10449 description: Host name to connect to, defaults to the pod IP.
10450 type: string
10451 httpHeaders:
10452 description: Custom headers to set in the request. HTTP allows repeated headers.
10453 items:
10454 description: HTTPHeader describes a custom header to be used in HTTP probes
10455 properties:
10456 name:
10457 description: The header field name
10458 type: string
10459 value:
10460 description: The header field value
10461 type: string
10462 required:
10463 - name
10464 - value
10465 type: object
10466 type: array
10467 path:
10468 description: Path to access on the HTTP server.
10469 type: string
10470 port:
10471 anyOf:
10472 - type: integer
10473 - type: string
10474 description: Name or number of the port to access on the container.
10475 x-kubernetes-int-or-string: true
10476 scheme:
10477 description: Scheme to use for connecting to the host. Defaults to HTTP.
10478 type: string
10479 required:
10480 - port
10481 type: object
10482 initialDelaySeconds:
10483 description: Number of seconds after the container has started before liveness probes are ini
10484 format: int32
10485 type: integer
10486 periodSeconds:
10487 description: How often (in seconds) to perform the probe. Default to 10 seconds.
10488 format: int32
10489 type: integer
10490 successThreshold:
10491 description: Minimum consecutive successes for the probe to be considered successful after ha
10492 format: int32
10493 type: integer
10494 tcpSocket:
10495 description: TCPSocket specifies an action involving a TCP port.
10496 properties:
10497 host:
10498 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10499 type: string
10500 port:
10501 anyOf:
10502 - type: integer
10503 - type: string
10504 description: Number or name of the port to access on the container.
10505 x-kubernetes-int-or-string: true
10506 required:
10507 - port
10508 type: object
10509 terminationGracePeriodSeconds:
10510 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
10511 format: int64
10512 type: integer
10513 timeoutSeconds:
10514 description: Number of seconds after which the probe times out. Defaults to 1 second.
10515 format: int32
10516 type: integer
10517 type: object
10518 resources:
10519 description: Resources are not allowed for ephemeral containers.
10520 properties:
10521 limits:
10522 additionalProperties:
10523 anyOf:
10524 - type: integer
10525 - type: string
10526 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10527 x-kubernetes-int-or-string: true
10528 description: Limits describes the maximum amount of compute resources allowed.
10529 type: object
10530 requests:
10531 additionalProperties:
10532 anyOf:
10533 - type: integer
10534 - type: string
10535 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10536 x-kubernetes-int-or-string: true
10537 description: Requests describes the minimum amount of compute resources required.
10538 type: object
10539 type: object
10540 securityContext:
10541 description: 'Optional: SecurityContext defines the security options the ephemeral container s'
10542 properties:
10543 allowPrivilegeEscalation:
10544 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
10545 type: boolean
10546 capabilities:
10547 description: The capabilities to add/drop when running containers.
10548 properties:
10549 add:
10550 description: Added capabilities
10551 items:
10552 description: Capability represent POSIX capabilities type
10553 type: string
10554 type: array
10555 drop:
10556 description: Removed capabilities
10557 items:
10558 description: Capability represent POSIX capabilities type
10559 type: string
10560 type: array
10561 type: object
10562 privileged:
10563 description: Run container in privileged mode.
10564 type: boolean
10565 procMount:
10566 description: procMount denotes the type of proc mount to use for the containers.
10567 type: string
10568 readOnlyRootFilesystem:
10569 description: Whether this container has a read-only root filesystem. Default is false.
10570 type: boolean
10571 runAsGroup:
10572 description: The GID to run the entrypoint of the container process.
10573 format: int64
10574 type: integer
10575 runAsNonRoot:
10576 description: Indicates that the container must run as a non-root user.
10577 type: boolean
10578 runAsUser:
10579 description: The UID to run the entrypoint of the container process.
10580 format: int64
10581 type: integer
10582 seLinuxOptions:
10583 description: The SELinux context to be applied to the container.
10584 properties:
10585 level:
10586 description: Level is SELinux level label that applies to the container.
10587 type: string
10588 role:
10589 description: Role is a SELinux role label that applies to the container.
10590 type: string
10591 type:
10592 description: Type is a SELinux type label that applies to the container.
10593 type: string
10594 user:
10595 description: User is a SELinux user label that applies to the container.
10596 type: string
10597 type: object
10598 seccompProfile:
10599 description: The seccomp options to use by this container.
10600 properties:
10601 localhostProfile:
10602 description: localhostProfile indicates a profile defined in a file on the node should be use
10603 type: string
10604 type:
10605 description: type indicates which kind of seccomp profile will be applied.
10606 type: string
10607 required:
10608 - type
10609 type: object
10610 windowsOptions:
10611 description: The Windows specific settings applied to all containers.
10612 properties:
10613 gmsaCredentialSpec:
10614 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
10615 type: string
10616 gmsaCredentialSpecName:
10617 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
10618 type: string
10619 hostProcess:
10620 description: HostProcess determines if a container should be run as a 'Host Process' containe
10621 type: boolean
10622 runAsUserName:
10623 description: The UserName in Windows to run the entrypoint of the container process.
10624 type: string
10625 type: object
10626 type: object
10627 startupProbe:
10628 description: Probes are not allowed for ephemeral containers.
10629 properties:
10630 exec:
10631 description: Exec specifies the action to take.
10632 properties:
10633 command:
10634 description: Command is the command line to execute inside the container, the working directo
10635 items:
10636 type: string
10637 type: array
10638 type: object
10639 failureThreshold:
10640 description: 'Minimum consecutive failures for the probe to be considered failed after having '
10641 format: int32
10642 type: integer
10643 grpc:
10644 description: GRPC specifies an action involving a GRPC port.
10645 properties:
10646 port:
10647 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10648 format: int32
10649 type: integer
10650 service:
10651 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
10652 type: string
10653 required:
10654 - port
10655 type: object
10656 httpGet:
10657 description: HTTPGet specifies the http request to perform.
10658 properties:
10659 host:
10660 description: Host name to connect to, defaults to the pod IP.
10661 type: string
10662 httpHeaders:
10663 description: Custom headers to set in the request. HTTP allows repeated headers.
10664 items:
10665 description: HTTPHeader describes a custom header to be used in HTTP probes
10666 properties:
10667 name:
10668 description: The header field name
10669 type: string
10670 value:
10671 description: The header field value
10672 type: string
10673 required:
10674 - name
10675 - value
10676 type: object
10677 type: array
10678 path:
10679 description: Path to access on the HTTP server.
10680 type: string
10681 port:
10682 anyOf:
10683 - type: integer
10684 - type: string
10685 description: Name or number of the port to access on the container.
10686 x-kubernetes-int-or-string: true
10687 scheme:
10688 description: Scheme to use for connecting to the host. Defaults to HTTP.
10689 type: string
10690 required:
10691 - port
10692 type: object
10693 initialDelaySeconds:
10694 description: Number of seconds after the container has started before liveness probes are ini
10695 format: int32
10696 type: integer
10697 periodSeconds:
10698 description: How often (in seconds) to perform the probe. Default to 10 seconds.
10699 format: int32
10700 type: integer
10701 successThreshold:
10702 description: Minimum consecutive successes for the probe to be considered successful after ha
10703 format: int32
10704 type: integer
10705 tcpSocket:
10706 description: TCPSocket specifies an action involving a TCP port.
10707 properties:
10708 host:
10709 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10710 type: string
10711 port:
10712 anyOf:
10713 - type: integer
10714 - type: string
10715 description: Number or name of the port to access on the container.
10716 x-kubernetes-int-or-string: true
10717 required:
10718 - port
10719 type: object
10720 terminationGracePeriodSeconds:
10721 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
10722 format: int64
10723 type: integer
10724 timeoutSeconds:
10725 description: Number of seconds after which the probe times out. Defaults to 1 second.
10726 format: int32
10727 type: integer
10728 type: object
10729 stdin:
10730 description: Whether this container should allocate a buffer for stdin in the container runti
10731 type: boolean
10732 stdinOnce:
10733 description: Whether the container runtime should close the stdin channel after it has been o
10734 type: boolean
10735 targetContainerName:
10736 description: If set, the name of the container from PodSpec that this ephemeral container tar
10737 type: string
10738 terminationMessagePath:
10739 description: 'Optional: Path at which the file to which the container''s termination message wi'
10740 type: string
10741 terminationMessagePolicy:
10742 description: Indicate how the termination message should be populated.
10743 type: string
10744 tty:
10745 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
10746 type: boolean
10747 volumeDevices:
10748 description: volumeDevices is the list of block devices to be used by the container.
10749 items:
10750 description: volumeDevice describes a mapping of a raw block device within a container.
10751 properties:
10752 devicePath:
10753 description: devicePath is the path inside of the container that the device will be mapped to
10754 type: string
10755 name:
10756 description: name must match the name of a persistentVolumeClaim in the pod
10757 type: string
10758 required:
10759 - devicePath
10760 - name
10761 type: object
10762 type: array
10763 volumeMounts:
10764 description: Pod volumes to mount into the container's filesystem.
10765 items:
10766 description: VolumeMount describes a mounting of a Volume within a container.
10767 properties:
10768 mountPath:
10769 description: Path within the container at which the volume should be mounted.
10770 type: string
10771 mountPropagation:
10772 description: mountPropagation determines how mounts are propagated from the host to container
10773 type: string
10774 name:
10775 description: This must match the Name of a Volume.
10776 type: string
10777 readOnly:
10778 description: Mounted read-only if true, read-write otherwise (false or unspecified).
10779 type: boolean
10780 subPath:
10781 description: Path within the volume from which the container's volume should be mounted.
10782 type: string
10783 subPathExpr:
10784 description: Expanded path within the volume from which the container's volume should be moun
10785 type: string
10786 required:
10787 - mountPath
10788 - name
10789 type: object
10790 type: array
10791 workingDir:
10792 description: Container's working directory.
10793 type: string
10794 required:
10795 - name
10796 type: object
10797 type: array
10798 hostAliases:
10799 description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '
10800 items:
10801 description: HostAlias holds the mapping between IP and hostnames that will be injected as an
10802 properties:
10803 hostnames:
10804 description: Hostnames for the above IP address.
10805 items:
10806 type: string
10807 type: array
10808 ip:
10809 description: IP address of the host file entry.
10810 type: string
10811 type: object
10812 type: array
10813 hostIPC:
10814 description: 'Use the host''s ipc namespace. Optional: Default to false.'
10815 type: boolean
10816 hostNetwork:
10817 description: Host networking requested for this pod. Use the host's network namespace.
10818 type: boolean
10819 hostPID:
10820 description: 'Use the host''s pid namespace. Optional: Default to false.'
10821 type: boolean
10822 hostname:
10823 description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s
10824 type: string
10825 imagePullSecrets:
10826 description: ImagePullSecrets is an optional list of references to secrets in the same namesp
10827 items:
10828 description: LocalObjectReference contains enough information to let you locate the reference
10829 properties:
10830 name:
10831 description: 'Name of the referent. More info: https://kubernetes.'
10832 type: string
10833 type: object
10834 x-kubernetes-map-type: atomic
10835 type: array
10836 initContainers:
10837 description: List of initialization containers belonging to the pod.
10838 items:
10839 description: A single application container that you want to run within a pod.
10840 properties:
10841 args:
10842 description: Arguments to the entrypoint.
10843 items:
10844 type: string
10845 type: array
10846 command:
10847 description: Entrypoint array. Not executed within a shell.
10848 items:
10849 type: string
10850 type: array
10851 env:
10852 description: List of environment variables to set in the container. Cannot be updated.
10853 items:
10854 description: EnvVar represents an environment variable present in a Container.
10855 properties:
10856 name:
10857 description: Name of the environment variable. Must be a C_IDENTIFIER.
10858 type: string
10859 value:
10860 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
10861 type: string
10862 valueFrom:
10863 description: Source for the environment variable's value.
10864 properties:
10865 configMapKeyRef:
10866 description: Selects a key of a ConfigMap.
10867 properties:
10868 key:
10869 description: The key to select.
10870 type: string
10871 name:
10872 description: 'Name of the referent. More info: https://kubernetes.'
10873 type: string
10874 optional:
10875 description: Specify whether the ConfigMap or its key must be defined
10876 type: boolean
10877 required:
10878 - key
10879 type: object
10880 x-kubernetes-map-type: atomic
10881 fieldRef:
10882 description: 'Selects a field of the pod: supports metadata.name, metadata.'
10883 properties:
10884 apiVersion:
10885 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
10886 type: string
10887 fieldPath:
10888 description: Path of the field to select in the specified API version.
10889 type: string
10890 required:
10891 - fieldPath
10892 type: object
10893 x-kubernetes-map-type: atomic
10894 resourceFieldRef:
10895 description: 'Selects a resource of the container: only resources limits and requests (limits.'
10896 properties:
10897 containerName:
10898 description: 'Container name: required for volumes, optional for env vars'
10899 type: string
10900 divisor:
10901 anyOf:
10902 - type: integer
10903 - type: string
10904 description: Specifies the output format of the exposed resources, defaults to "1"
10905 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10906 x-kubernetes-int-or-string: true
10907 resource:
10908 description: 'Required: resource to select'
10909 type: string
10910 required:
10911 - resource
10912 type: object
10913 x-kubernetes-map-type: atomic
10914 secretKeyRef:
10915 description: Selects a key of a secret in the pod's namespace
10916 properties:
10917 key:
10918 description: The key of the secret to select from. Must be a valid secret key.
10919 type: string
10920 name:
10921 description: 'Name of the referent. More info: https://kubernetes.'
10922 type: string
10923 optional:
10924 description: Specify whether the Secret or its key must be defined
10925 type: boolean
10926 required:
10927 - key
10928 type: object
10929 x-kubernetes-map-type: atomic
10930 type: object
10931 required:
10932 - name
10933 type: object
10934 type: array
10935 envFrom:
10936 description: List of sources to populate environment variables in the container.
10937 items:
10938 description: EnvFromSource represents the source of a set of ConfigMaps
10939 properties:
10940 configMapRef:
10941 description: The ConfigMap to select from
10942 properties:
10943 name:
10944 description: 'Name of the referent. More info: https://kubernetes.'
10945 type: string
10946 optional:
10947 description: Specify whether the ConfigMap must be defined
10948 type: boolean
10949 type: object
10950 x-kubernetes-map-type: atomic
10951 prefix:
10952 description: An optional identifier to prepend to each key in the ConfigMap.
10953 type: string
10954 secretRef:
10955 description: The Secret to select from
10956 properties:
10957 name:
10958 description: 'Name of the referent. More info: https://kubernetes.'
10959 type: string
10960 optional:
10961 description: Specify whether the Secret must be defined
10962 type: boolean
10963 type: object
10964 x-kubernetes-map-type: atomic
10965 type: object
10966 type: array
10967 image:
10968 description: 'Docker image name. More info: https://kubernetes.'
10969 type: string
10970 imagePullPolicy:
10971 description: Image pull policy. One of Always, Never, IfNotPresent.
10972 type: string
10973 lifecycle:
10974 description: Actions that the management system should take in response to container lifecycl
10975 properties:
10976 postStart:
10977 description: PostStart is called immediately after a container is created.
10978 properties:
10979 exec:
10980 description: Exec specifies the action to take.
10981 properties:
10982 command:
10983 description: Command is the command line to execute inside the container, the working directo
10984 items:
10985 type: string
10986 type: array
10987 type: object
10988 httpGet:
10989 description: HTTPGet specifies the http request to perform.
10990 properties:
10991 host:
10992 description: Host name to connect to, defaults to the pod IP.
10993 type: string
10994 httpHeaders:
10995 description: Custom headers to set in the request. HTTP allows repeated headers.
10996 items:
10997 description: HTTPHeader describes a custom header to be used in HTTP probes
10998 properties:
10999 name:
11000 description: The header field name
11001 type: string
11002 value:
11003 description: The header field value
11004 type: string
11005 required:
11006 - name
11007 - value
11008 type: object
11009 type: array
11010 path:
11011 description: Path to access on the HTTP server.
11012 type: string
11013 port:
11014 anyOf:
11015 - type: integer
11016 - type: string
11017 description: Name or number of the port to access on the container.
11018 x-kubernetes-int-or-string: true
11019 scheme:
11020 description: Scheme to use for connecting to the host. Defaults to HTTP.
11021 type: string
11022 required:
11023 - port
11024 type: object
11025 tcpSocket:
11026 description: Deprecated.
11027 properties:
11028 host:
11029 description: 'Optional: Host name to connect to, defaults to the pod IP.'
11030 type: string
11031 port:
11032 anyOf:
11033 - type: integer
11034 - type: string
11035 description: Number or name of the port to access on the container.
11036 x-kubernetes-int-or-string: true
11037 required:
11038 - port
11039 type: object
11040 type: object
11041 preStop:
11042 description: PreStop is called immediately before a container is terminated due to an API req
11043 properties:
11044 exec:
11045 description: Exec specifies the action to take.
11046 properties:
11047 command:
11048 description: Command is the command line to execute inside the container, the working directo
11049 items:
11050 type: string
11051 type: array
11052 type: object
11053 httpGet:
11054 description: HTTPGet specifies the http request to perform.
11055 properties:
11056 host:
11057 description: Host name to connect to, defaults to the pod IP.
11058 type: string
11059 httpHeaders:
11060 description: Custom headers to set in the request. HTTP allows repeated headers.
11061 items:
11062 description: HTTPHeader describes a custom header to be used in HTTP probes
11063 properties:
11064 name:
11065 description: The header field name
11066 type: string
11067 value:
11068 description: The header field value
11069 type: string
11070 required:
11071 - name
11072 - value
11073 type: object
11074 type: array
11075 path:
11076 description: Path to access on the HTTP server.
11077 type: string
11078 port:
11079 anyOf:
11080 - type: integer
11081 - type: string
11082 description: Name or number of the port to access on the container.
11083 x-kubernetes-int-or-string: true
11084 scheme:
11085 description: Scheme to use for connecting to the host. Defaults to HTTP.
11086 type: string
11087 required:
11088 - port
11089 type: object
11090 tcpSocket:
11091 description: Deprecated.
11092 properties:
11093 host:
11094 description: 'Optional: Host name to connect to, defaults to the pod IP.'
11095 type: string
11096 port:
11097 anyOf:
11098 - type: integer
11099 - type: string
11100 description: Number or name of the port to access on the container.
11101 x-kubernetes-int-or-string: true
11102 required:
11103 - port
11104 type: object
11105 type: object
11106 type: object
11107 livenessProbe:
11108 description: Periodic probe of container liveness.
11109 properties:
11110 exec:
11111 description: Exec specifies the action to take.
11112 properties:
11113 command:
11114 description: Command is the command line to execute inside the container, the working directo
11115 items:
11116 type: string
11117 type: array
11118 type: object
11119 failureThreshold:
11120 description: 'Minimum consecutive failures for the probe to be considered failed after having '
11121 format: int32
11122 type: integer
11123 grpc:
11124 description: GRPC specifies an action involving a GRPC port.
11125 properties:
11126 port:
11127 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
11128 format: int32
11129 type: integer
11130 service:
11131 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
11132 type: string
11133 required:
11134 - port
11135 type: object
11136 httpGet:
11137 description: HTTPGet specifies the http request to perform.
11138 properties:
11139 host:
11140 description: Host name to connect to, defaults to the pod IP.
11141 type: string
11142 httpHeaders:
11143 description: Custom headers to set in the request. HTTP allows repeated headers.
11144 items:
11145 description: HTTPHeader describes a custom header to be used in HTTP probes
11146 properties:
11147 name:
11148 description: The header field name
11149 type: string
11150 value:
11151 description: The header field value
11152 type: string
11153 required:
11154 - name
11155 - value
11156 type: object
11157 type: array
11158 path:
11159 description: Path to access on the HTTP server.
11160 type: string
11161 port:
11162 anyOf:
11163 - type: integer
11164 - type: string
11165 description: Name or number of the port to access on the container.
11166 x-kubernetes-int-or-string: true
11167 scheme:
11168 description: Scheme to use for connecting to the host. Defaults to HTTP.
11169 type: string
11170 required:
11171 - port
11172 type: object
11173 initialDelaySeconds:
11174 description: Number of seconds after the container has started before liveness probes are ini
11175 format: int32
11176 type: integer
11177 periodSeconds:
11178 description: How often (in seconds) to perform the probe. Default to 10 seconds.
11179 format: int32
11180 type: integer
11181 successThreshold:
11182 description: Minimum consecutive successes for the probe to be considered successful after ha
11183 format: int32
11184 type: integer
11185 tcpSocket:
11186 description: TCPSocket specifies an action involving a TCP port.
11187 properties:
11188 host:
11189 description: 'Optional: Host name to connect to, defaults to the pod IP.'
11190 type: string
11191 port:
11192 anyOf:
11193 - type: integer
11194 - type: string
11195 description: Number or name of the port to access on the container.
11196 x-kubernetes-int-or-string: true
11197 required:
11198 - port
11199 type: object
11200 terminationGracePeriodSeconds:
11201 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
11202 format: int64
11203 type: integer
11204 timeoutSeconds:
11205 description: Number of seconds after which the probe times out. Defaults to 1 second.
11206 format: int32
11207 type: integer
11208 type: object
11209 name:
11210 description: Name of the container specified as a DNS_LABEL.
11211 type: string
11212 ports:
11213 description: List of ports to expose from the container.
11214 items:
11215 description: ContainerPort represents a network port in a single container.
11216 properties:
11217 containerPort:
11218 description: Number of port to expose on the pod's IP address.
11219 format: int32
11220 type: integer
11221 hostIP:
11222 description: What host IP to bind the external port to.
11223 type: string
11224 hostPort:
11225 description: Number of port to expose on the host.
11226 format: int32
11227 type: integer
11228 name:
11229 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
11230 type: string
11231 protocol:
11232 default: TCP
11233 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
11234 type: string
11235 required:
11236 - containerPort
11237 type: object
11238 type: array
11239 x-kubernetes-list-map-keys:
11240 - containerPort
11241 - protocol
11242 x-kubernetes-list-type: map
11243 readinessProbe:
11244 description: Periodic probe of container service readiness.
11245 properties:
11246 exec:
11247 description: Exec specifies the action to take.
11248 properties:
11249 command:
11250 description: Command is the command line to execute inside the container, the working directo
11251 items:
11252 type: string
11253 type: array
11254 type: object
11255 failureThreshold:
11256 description: 'Minimum consecutive failures for the probe to be considered failed after having '
11257 format: int32
11258 type: integer
11259 grpc:
11260 description: GRPC specifies an action involving a GRPC port.
11261 properties:
11262 port:
11263 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
11264 format: int32
11265 type: integer
11266 service:
11267 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
11268 type: string
11269 required:
11270 - port
11271 type: object
11272 httpGet:
11273 description: HTTPGet specifies the http request to perform.
11274 properties:
11275 host:
11276 description: Host name to connect to, defaults to the pod IP.
11277 type: string
11278 httpHeaders:
11279 description: Custom headers to set in the request. HTTP allows repeated headers.
11280 items:
11281 description: HTTPHeader describes a custom header to be used in HTTP probes
11282 properties:
11283 name:
11284 description: The header field name
11285 type: string
11286 value:
11287 description: The header field value
11288 type: string
11289 required:
11290 - name
11291 - value
11292 type: object
11293 type: array
11294 path:
11295 description: Path to access on the HTTP server.
11296 type: string
11297 port:
11298 anyOf:
11299 - type: integer
11300 - type: string
11301 description: Name or number of the port to access on the container.
11302 x-kubernetes-int-or-string: true
11303 scheme:
11304 description: Scheme to use for connecting to the host. Defaults to HTTP.
11305 type: string
11306 required:
11307 - port
11308 type: object
11309 initialDelaySeconds:
11310 description: Number of seconds after the container has started before liveness probes are ini
11311 format: int32
11312 type: integer
11313 periodSeconds:
11314 description: How often (in seconds) to perform the probe. Default to 10 seconds.
11315 format: int32
11316 type: integer
11317 successThreshold:
11318 description: Minimum consecutive successes for the probe to be considered successful after ha
11319 format: int32
11320 type: integer
11321 tcpSocket:
11322 description: TCPSocket specifies an action involving a TCP port.
11323 properties:
11324 host:
11325 description: 'Optional: Host name to connect to, defaults to the pod IP.'
11326 type: string
11327 port:
11328 anyOf:
11329 - type: integer
11330 - type: string
11331 description: Number or name of the port to access on the container.
11332 x-kubernetes-int-or-string: true
11333 required:
11334 - port
11335 type: object
11336 terminationGracePeriodSeconds:
11337 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
11338 format: int64
11339 type: integer
11340 timeoutSeconds:
11341 description: Number of seconds after which the probe times out. Defaults to 1 second.
11342 format: int32
11343 type: integer
11344 type: object
11345 resources:
11346 description: Compute Resources required by this container. Cannot be updated.
11347 properties:
11348 limits:
11349 additionalProperties:
11350 anyOf:
11351 - type: integer
11352 - type: string
11353 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
11354 x-kubernetes-int-or-string: true
11355 description: Limits describes the maximum amount of compute resources allowed.
11356 type: object
11357 requests:
11358 additionalProperties:
11359 anyOf:
11360 - type: integer
11361 - type: string
11362 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
11363 x-kubernetes-int-or-string: true
11364 description: Requests describes the minimum amount of compute resources required.
11365 type: object
11366 type: object
11367 securityContext:
11368 description: SecurityContext defines the security options the container should be run with.
11369 properties:
11370 allowPrivilegeEscalation:
11371 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
11372 type: boolean
11373 capabilities:
11374 description: The capabilities to add/drop when running containers.
11375 properties:
11376 add:
11377 description: Added capabilities
11378 items:
11379 description: Capability represent POSIX capabilities type
11380 type: string
11381 type: array
11382 drop:
11383 description: Removed capabilities
11384 items:
11385 description: Capability represent POSIX capabilities type
11386 type: string
11387 type: array
11388 type: object
11389 privileged:
11390 description: Run container in privileged mode.
11391 type: boolean
11392 procMount:
11393 description: procMount denotes the type of proc mount to use for the containers.
11394 type: string
11395 readOnlyRootFilesystem:
11396 description: Whether this container has a read-only root filesystem. Default is false.
11397 type: boolean
11398 runAsGroup:
11399 description: The GID to run the entrypoint of the container process.
11400 format: int64
11401 type: integer
11402 runAsNonRoot:
11403 description: Indicates that the container must run as a non-root user.
11404 type: boolean
11405 runAsUser:
11406 description: The UID to run the entrypoint of the container process.
11407 format: int64
11408 type: integer
11409 seLinuxOptions:
11410 description: The SELinux context to be applied to the container.
11411 properties:
11412 level:
11413 description: Level is SELinux level label that applies to the container.
11414 type: string
11415 role:
11416 description: Role is a SELinux role label that applies to the container.
11417 type: string
11418 type:
11419 description: Type is a SELinux type label that applies to the container.
11420 type: string
11421 user:
11422 description: User is a SELinux user label that applies to the container.
11423 type: string
11424 type: object
11425 seccompProfile:
11426 description: The seccomp options to use by this container.
11427 properties:
11428 localhostProfile:
11429 description: localhostProfile indicates a profile defined in a file on the node should be use
11430 type: string
11431 type:
11432 description: type indicates which kind of seccomp profile will be applied.
11433 type: string
11434 required:
11435 - type
11436 type: object
11437 windowsOptions:
11438 description: The Windows specific settings applied to all containers.
11439 properties:
11440 gmsaCredentialSpec:
11441 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
11442 type: string
11443 gmsaCredentialSpecName:
11444 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
11445 type: string
11446 hostProcess:
11447 description: HostProcess determines if a container should be run as a 'Host Process' containe
11448 type: boolean
11449 runAsUserName:
11450 description: The UserName in Windows to run the entrypoint of the container process.
11451 type: string
11452 type: object
11453 type: object
11454 startupProbe:
11455 description: StartupProbe indicates that the Pod has successfully initialized.
11456 properties:
11457 exec:
11458 description: Exec specifies the action to take.
11459 properties:
11460 command:
11461 description: Command is the command line to execute inside the container, the working directo
11462 items:
11463 type: string
11464 type: array
11465 type: object
11466 failureThreshold:
11467 description: 'Minimum consecutive failures for the probe to be considered failed after having '
11468 format: int32
11469 type: integer
11470 grpc:
11471 description: GRPC specifies an action involving a GRPC port.
11472 properties:
11473 port:
11474 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
11475 format: int32
11476 type: integer
11477 service:
11478 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
11479 type: string
11480 required:
11481 - port
11482 type: object
11483 httpGet:
11484 description: HTTPGet specifies the http request to perform.
11485 properties:
11486 host:
11487 description: Host name to connect to, defaults to the pod IP.
11488 type: string
11489 httpHeaders:
11490 description: Custom headers to set in the request. HTTP allows repeated headers.
11491 items:
11492 description: HTTPHeader describes a custom header to be used in HTTP probes
11493 properties:
11494 name:
11495 description: The header field name
11496 type: string
11497 value:
11498 description: The header field value
11499 type: string
11500 required:
11501 - name
11502 - value
11503 type: object
11504 type: array
11505 path:
11506 description: Path to access on the HTTP server.
11507 type: string
11508 port:
11509 anyOf:
11510 - type: integer
11511 - type: string
11512 description: Name or number of the port to access on the container.
11513 x-kubernetes-int-or-string: true
11514 scheme:
11515 description: Scheme to use for connecting to the host. Defaults to HTTP.
11516 type: string
11517 required:
11518 - port
11519 type: object
11520 initialDelaySeconds:
11521 description: Number of seconds after the container has started before liveness probes are ini
11522 format: int32
11523 type: integer
11524 periodSeconds:
11525 description: How often (in seconds) to perform the probe. Default to 10 seconds.
11526 format: int32
11527 type: integer
11528 successThreshold:
11529 description: Minimum consecutive successes for the probe to be considered successful after ha
11530 format: int32
11531 type: integer
11532 tcpSocket:
11533 description: TCPSocket specifies an action involving a TCP port.
11534 properties:
11535 host:
11536 description: 'Optional: Host name to connect to, defaults to the pod IP.'
11537 type: string
11538 port:
11539 anyOf:
11540 - type: integer
11541 - type: string
11542 description: Number or name of the port to access on the container.
11543 x-kubernetes-int-or-string: true
11544 required:
11545 - port
11546 type: object
11547 terminationGracePeriodSeconds:
11548 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
11549 format: int64
11550 type: integer
11551 timeoutSeconds:
11552 description: Number of seconds after which the probe times out. Defaults to 1 second.
11553 format: int32
11554 type: integer
11555 type: object
11556 stdin:
11557 description: Whether this container should allocate a buffer for stdin in the container runti
11558 type: boolean
11559 stdinOnce:
11560 description: Whether the container runtime should close the stdin channel after it has been o
11561 type: boolean
11562 terminationMessagePath:
11563 description: 'Optional: Path at which the file to which the container''s termination message wi'
11564 type: string
11565 terminationMessagePolicy:
11566 description: Indicate how the termination message should be populated.
11567 type: string
11568 tty:
11569 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
11570 type: boolean
11571 volumeDevices:
11572 description: volumeDevices is the list of block devices to be used by the container.
11573 items:
11574 description: volumeDevice describes a mapping of a raw block device within a container.
11575 properties:
11576 devicePath:
11577 description: devicePath is the path inside of the container that the device will be mapped to
11578 type: string
11579 name:
11580 description: name must match the name of a persistentVolumeClaim in the pod
11581 type: string
11582 required:
11583 - devicePath
11584 - name
11585 type: object
11586 type: array
11587 volumeMounts:
11588 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
11589 items:
11590 description: VolumeMount describes a mounting of a Volume within a container.
11591 properties:
11592 mountPath:
11593 description: Path within the container at which the volume should be mounted.
11594 type: string
11595 mountPropagation:
11596 description: mountPropagation determines how mounts are propagated from the host to container
11597 type: string
11598 name:
11599 description: This must match the Name of a Volume.
11600 type: string
11601 readOnly:
11602 description: Mounted read-only if true, read-write otherwise (false or unspecified).
11603 type: boolean
11604 subPath:
11605 description: Path within the volume from which the container's volume should be mounted.
11606 type: string
11607 subPathExpr:
11608 description: Expanded path within the volume from which the container's volume should be moun
11609 type: string
11610 required:
11611 - mountPath
11612 - name
11613 type: object
11614 type: array
11615 workingDir:
11616 description: Container's working directory.
11617 type: string
11618 required:
11619 - name
11620 type: object
11621 type: array
11622 nodeName:
11623 description: NodeName is a request to schedule this pod onto a specific node.
11624 type: string
11625 nodeSelector:
11626 additionalProperties:
11627 type: string
11628 description: NodeSelector is a selector which must be true for the pod to fit on a node.
11629 type: object
11630 x-kubernetes-map-type: atomic
11631 os:
11632 description: Specifies the OS of the containers in the pod.
11633 properties:
11634 name:
11635 description: Name is the name of the operating system.
11636 type: string
11637 required:
11638 - name
11639 type: object
11640 overhead:
11641 additionalProperties:
11642 anyOf:
11643 - type: integer
11644 - type: string
11645 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
11646 x-kubernetes-int-or-string: true
11647 description: Overhead represents the resource overhead associated with running a pod for a gi
11648 type: object
11649 preemptionPolicy:
11650 description: PreemptionPolicy is the Policy for preempting pods with lower priority.
11651 type: string
11652 priority:
11653 description: The priority value.
11654 format: int32
11655 type: integer
11656 priorityClassName:
11657 description: If specified, indicates the pod's priority.
11658 type: string
11659 readinessGates:
11660 description: If specified, all readiness gates will be evaluated for pod readiness.
11661 items:
11662 description: PodReadinessGate contains the reference to a pod condition
11663 properties:
11664 conditionType:
11665 description: ConditionType refers to a condition in the pod's condition list with matching ty
11666 type: string
11667 required:
11668 - conditionType
11669 type: object
11670 type: array
11671 restartPolicy:
11672 description: Restart policy for all containers within the pod.
11673 type: string
11674 runtimeClassName:
11675 description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.
11676 type: string
11677 schedulerName:
11678 description: If specified, the pod will be dispatched by specified scheduler.
11679 type: string
11680 securityContext:
11681 description: SecurityContext holds pod-level security attributes and common container setting
11682 properties:
11683 fsGroup:
11684 description: A special supplemental group that applies to all containers in a pod.
11685 format: int64
11686 type: integer
11687 fsGroupChangePolicy:
11688 description: fsGroupChangePolicy defines behavior of changing ownership and permission of the
11689 type: string
11690 runAsGroup:
11691 description: The GID to run the entrypoint of the container process.
11692 format: int64
11693 type: integer
11694 runAsNonRoot:
11695 description: Indicates that the container must run as a non-root user.
11696 type: boolean
11697 runAsUser:
11698 description: The UID to run the entrypoint of the container process.
11699 format: int64
11700 type: integer
11701 seLinuxOptions:
11702 description: The SELinux context to be applied to all containers.
11703 properties:
11704 level:
11705 description: Level is SELinux level label that applies to the container.
11706 type: string
11707 role:
11708 description: Role is a SELinux role label that applies to the container.
11709 type: string
11710 type:
11711 description: Type is a SELinux type label that applies to the container.
11712 type: string
11713 user:
11714 description: User is a SELinux user label that applies to the container.
11715 type: string
11716 type: object
11717 seccompProfile:
11718 description: The seccomp options to use by the containers in this pod.
11719 properties:
11720 localhostProfile:
11721 description: localhostProfile indicates a profile defined in a file on the node should be use
11722 type: string
11723 type:
11724 description: type indicates which kind of seccomp profile will be applied.
11725 type: string
11726 required:
11727 - type
11728 type: object
11729 supplementalGroups:
11730 description: A list of groups applied to the first process run in each container, in addition
11731 items:
11732 format: int64
11733 type: integer
11734 type: array
11735 sysctls:
11736 description: Sysctls hold a list of namespaced sysctls used for the pod.
11737 items:
11738 description: Sysctl defines a kernel parameter to be set
11739 properties:
11740 name:
11741 description: Name of a property to set
11742 type: string
11743 value:
11744 description: Value of a property to set
11745 type: string
11746 required:
11747 - name
11748 - value
11749 type: object
11750 type: array
11751 windowsOptions:
11752 description: The Windows specific settings applied to all containers.
11753 properties:
11754 gmsaCredentialSpec:
11755 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
11756 type: string
11757 gmsaCredentialSpecName:
11758 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
11759 type: string
11760 hostProcess:
11761 description: HostProcess determines if a container should be run as a 'Host Process' containe
11762 type: boolean
11763 runAsUserName:
11764 description: The UserName in Windows to run the entrypoint of the container process.
11765 type: string
11766 type: object
11767 type: object
11768 serviceAccount:
11769 description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
11770 type: string
11771 serviceAccountName:
11772 description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.
11773 type: string
11774 setHostnameAsFQDN:
11775 description: If true the pod's hostname will be configured as the pod's FQDN, rather than the
11776 type: boolean
11777 shareProcessNamespace:
11778 description: Share a single process namespace between all of the containers in a pod.
11779 type: boolean
11780 subdomain:
11781 description: If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.
11782 type: string
11783 terminationGracePeriodSeconds:
11784 description: Optional duration in seconds the pod needs to terminate gracefully.
11785 format: int64
11786 type: integer
11787 tolerations:
11788 description: If specified, the pod's tolerations.
11789 items:
11790 description: The pod this Toleration is attached to tolerates any taint that matches the trip
11791 properties:
11792 effect:
11793 description: Effect indicates the taint effect to match. Empty means match all taint effects.
11794 type: string
11795 key:
11796 description: Key is the taint key that the toleration applies to.
11797 type: string
11798 operator:
11799 description: Operator represents a key's relationship to the value.
11800 type: string
11801 tolerationSeconds:
11802 description: TolerationSeconds represents the period of time the toleration (which must be of
11803 format: int64
11804 type: integer
11805 value:
11806 description: Value is the taint value the toleration matches to.
11807 type: string
11808 type: object
11809 type: array
11810 topologySpreadConstraints:
11811 description: TopologySpreadConstraints describes how a group of pods ought to spread across t
11812 items:
11813 description: TopologySpreadConstraint specifies how to spread matching pods among the given t
11814 properties:
11815 labelSelector:
11816 description: LabelSelector is used to find matching pods.
11817 properties:
11818 matchExpressions:
11819 description: matchExpressions is a list of label selector requirements.
11820 items:
11821 description: A label selector requirement is a selector that contains values, a key, and an o
11822 properties:
11823 key:
11824 description: key is the label key that the selector applies to.
11825 type: string
11826 operator:
11827 description: operator represents a key's relationship to a set of values.
11828 type: string
11829 values:
11830 description: values is an array of string values.
11831 items:
11832 type: string
11833 type: array
11834 required:
11835 - key
11836 - operator
11837 type: object
11838 type: array
11839 matchLabels:
11840 additionalProperties:
11841 type: string
11842 description: matchLabels is a map of {key,value} pairs.
11843 type: object
11844 type: object
11845 x-kubernetes-map-type: atomic
11846 maxSkew:
11847 description: MaxSkew describes the degree to which pods may be unevenly distributed.
11848 format: int32
11849 type: integer
11850 topologyKey:
11851 description: TopologyKey is the key of node labels.
11852 type: string
11853 whenUnsatisfiable:
11854 description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr
11855 type: string
11856 required:
11857 - maxSkew
11858 - topologyKey
11859 - whenUnsatisfiable
11860 type: object
11861 type: array
11862 x-kubernetes-list-map-keys:
11863 - topologyKey
11864 - whenUnsatisfiable
11865 x-kubernetes-list-type: map
11866 volumes:
11867 description: List of volumes that can be mounted by containers belonging to the pod.
11868 items:
11869 description: 'Volume represents a named volume in a pod that may be accessed by any container '
11870 properties:
11871 awsElasticBlockStore:
11872 description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel
11873 properties:
11874 fsType:
11875 description: Filesystem type of the volume that you want to mount.
11876 type: string
11877 partition:
11878 description: The partition in the volume that you want to mount.
11879 format: int32
11880 type: integer
11881 readOnly:
11882 description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
11883 type: boolean
11884 volumeID:
11885 description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
11886 type: string
11887 required:
11888 - volumeID
11889 type: object
11890 azureDisk:
11891 description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '
11892 properties:
11893 cachingMode:
11894 description: 'Host Caching mode: None, Read Only, Read Write.'
11895 type: string
11896 diskName:
11897 description: The Name of the data disk in the blob storage
11898 type: string
11899 diskURI:
11900 description: The URI the data disk in the blob storage
11901 type: string
11902 fsType:
11903 description: Filesystem type to mount.
11904 type: string
11905 kind:
11906 description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'
11907 type: string
11908 readOnly:
11909 description: Defaults to false (read/write).
11910 type: boolean
11911 required:
11912 - diskName
11913 - diskURI
11914 type: object
11915 azureFile:
11916 description: AzureFile represents an Azure File Service mount on the host and bind mount to t
11917 properties:
11918 readOnly:
11919 description: Defaults to false (read/write).
11920 type: boolean
11921 secretName:
11922 description: the name of secret that contains Azure Storage Account Name and Key
11923 type: string
11924 shareName:
11925 description: Share Name
11926 type: string
11927 required:
11928 - secretName
11929 - shareName
11930 type: object
11931 cephfs:
11932 description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
11933 properties:
11934 monitors:
11935 description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'
11936 items:
11937 type: string
11938 type: array
11939 path:
11940 description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
11941 type: string
11942 readOnly:
11943 description: 'Optional: Defaults to false (read/write).'
11944 type: boolean
11945 secretFile:
11946 description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'
11947 type: string
11948 secretRef:
11949 description: 'Optional: SecretRef is reference to the authentication secret for User, default '
11950 properties:
11951 name:
11952 description: 'Name of the referent. More info: https://kubernetes.'
11953 type: string
11954 type: object
11955 x-kubernetes-map-type: atomic
11956 user:
11957 description: 'Optional: User is the rados user name, default is admin More info: https://examp'
11958 type: string
11959 required:
11960 - monitors
11961 type: object
11962 cinder:
11963 description: Cinder represents a cinder volume attached and mounted on kubelets host machine.
11964 properties:
11965 fsType:
11966 description: Filesystem type to mount.
11967 type: string
11968 readOnly:
11969 description: 'Optional: Defaults to false (read/write).'
11970 type: boolean
11971 secretRef:
11972 description: 'Optional: points to a secret object containing parameters used to connect to Ope'
11973 properties:
11974 name:
11975 description: 'Name of the referent. More info: https://kubernetes.'
11976 type: string
11977 type: object
11978 x-kubernetes-map-type: atomic
11979 volumeID:
11980 description: 'volume id used to identify the volume in cinder. More info: https://examples.'
11981 type: string
11982 required:
11983 - volumeID
11984 type: object
11985 configMap:
11986 description: ConfigMap represents a configMap that should populate this volume
11987 properties:
11988 defaultMode:
11989 description: 'Optional: mode bits used to set permissions on created files by default.'
11990 format: int32
11991 type: integer
11992 items:
11993 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
11994 items:
11995 description: Maps a string key to a path within a volume.
11996 properties:
11997 key:
11998 description: The key to project.
11999 type: string
12000 mode:
12001 description: 'Optional: mode bits used to set permissions on this file.'
12002 format: int32
12003 type: integer
12004 path:
12005 description: The relative path of the file to map the key to. May not be an absolute path.
12006 type: string
12007 required:
12008 - key
12009 - path
12010 type: object
12011 type: array
12012 name:
12013 description: 'Name of the referent. More info: https://kubernetes.'
12014 type: string
12015 optional:
12016 description: Specify whether the ConfigMap or its keys must be defined
12017 type: boolean
12018 type: object
12019 x-kubernetes-map-type: atomic
12020 csi:
12021 description: CSI (Container Storage Interface) represents ephemeral storage that is handled b
12022 properties:
12023 driver:
12024 description: Driver is the name of the CSI driver that handles this volume.
12025 type: string
12026 fsType:
12027 description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
12028 type: string
12029 nodePublishSecretRef:
12030 description: NodePublishSecretRef is a reference to the secret object containing sensitive in
12031 properties:
12032 name:
12033 description: 'Name of the referent. More info: https://kubernetes.'
12034 type: string
12035 type: object
12036 x-kubernetes-map-type: atomic
12037 readOnly:
12038 description: Specifies a read-only configuration for the volume.
12039 type: boolean
12040 volumeAttributes:
12041 additionalProperties:
12042 type: string
12043 description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr
12044 type: object
12045 required:
12046 - driver
12047 type: object
12048 downwardAPI:
12049 description: DownwardAPI represents downward API about the pod that should populate this volu
12050 properties:
12051 defaultMode:
12052 description: 'Optional: mode bits to use on created files by default.'
12053 format: int32
12054 type: integer
12055 items:
12056 description: Items is a list of downward API volume file
12057 items:
12058 description: DownwardAPIVolumeFile represents information to create the file containing the p
12059 properties:
12060 fieldRef:
12061 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
12062 properties:
12063 apiVersion:
12064 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
12065 type: string
12066 fieldPath:
12067 description: Path of the field to select in the specified API version.
12068 type: string
12069 required:
12070 - fieldPath
12071 type: object
12072 x-kubernetes-map-type: atomic
12073 mode:
12074 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
12075 format: int32
12076 type: integer
12077 path:
12078 description: 'Required: Path is the relative path name of the file to be created.'
12079 type: string
12080 resourceFieldRef:
12081 description: 'Selects a resource of the container: only resources limits and requests (limits.'
12082 properties:
12083 containerName:
12084 description: 'Container name: required for volumes, optional for env vars'
12085 type: string
12086 divisor:
12087 anyOf:
12088 - type: integer
12089 - type: string
12090 description: Specifies the output format of the exposed resources, defaults to "1"
12091 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12092 x-kubernetes-int-or-string: true
12093 resource:
12094 description: 'Required: resource to select'
12095 type: string
12096 required:
12097 - resource
12098 type: object
12099 x-kubernetes-map-type: atomic
12100 required:
12101 - path
12102 type: object
12103 type: array
12104 type: object
12105 emptyDir:
12106 description: EmptyDir represents a temporary directory that shares a pod's lifetime.
12107 properties:
12108 medium:
12109 description: What type of storage medium should back this directory.
12110 type: string
12111 sizeLimit:
12112 anyOf:
12113 - type: integer
12114 - type: string
12115 description: Total amount of local storage required for this EmptyDir volume.
12116 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12117 x-kubernetes-int-or-string: true
12118 type: object
12119 ephemeral:
12120 description: Ephemeral represents a volume that is handled by a cluster storage driver.
12121 properties:
12122 volumeClaimTemplate:
12123 description: Will be used to create a stand-alone PVC to provision the volume.
12124 properties:
12125 metadata:
12126 description: May contain labels and annotations that will be copied into the PVC when creatin
12127 type: object
12128 spec:
12129 description: The specification for the PersistentVolumeClaim.
12130 properties:
12131 accessModes:
12132 description: AccessModes contains the desired access modes the volume should have.
12133 items:
12134 type: string
12135 type: array
12136 dataSource:
12137 description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'
12138 properties:
12139 apiGroup:
12140 description: APIGroup is the group for the resource being referenced.
12141 type: string
12142 kind:
12143 description: Kind is the type of resource being referenced
12144 type: string
12145 name:
12146 description: Name is the name of resource being referenced
12147 type: string
12148 required:
12149 - kind
12150 - name
12151 type: object
12152 x-kubernetes-map-type: atomic
12153 dataSourceRef:
12154 description: Specifies the object from which to populate the volume with data, if a non-empty
12155 properties:
12156 apiGroup:
12157 description: APIGroup is the group for the resource being referenced.
12158 type: string
12159 kind:
12160 description: Kind is the type of resource being referenced
12161 type: string
12162 name:
12163 description: Name is the name of resource being referenced
12164 type: string
12165 required:
12166 - kind
12167 - name
12168 type: object
12169 x-kubernetes-map-type: atomic
12170 resources:
12171 description: Resources represents the minimum resources the volume should have.
12172 properties:
12173 limits:
12174 additionalProperties:
12175 anyOf:
12176 - type: integer
12177 - type: string
12178 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12179 x-kubernetes-int-or-string: true
12180 description: Limits describes the maximum amount of compute resources allowed.
12181 type: object
12182 requests:
12183 additionalProperties:
12184 anyOf:
12185 - type: integer
12186 - type: string
12187 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12188 x-kubernetes-int-or-string: true
12189 description: Requests describes the minimum amount of compute resources required.
12190 type: object
12191 type: object
12192 selector:
12193 description: A label query over volumes to consider for binding.
12194 properties:
12195 matchExpressions:
12196 description: matchExpressions is a list of label selector requirements.
12197 items:
12198 description: A label selector requirement is a selector that contains values, a key, and an o
12199 properties:
12200 key:
12201 description: key is the label key that the selector applies to.
12202 type: string
12203 operator:
12204 description: operator represents a key's relationship to a set of values.
12205 type: string
12206 values:
12207 description: values is an array of string values.
12208 items:
12209 type: string
12210 type: array
12211 required:
12212 - key
12213 - operator
12214 type: object
12215 type: array
12216 matchLabels:
12217 additionalProperties:
12218 type: string
12219 description: matchLabels is a map of {key,value} pairs.
12220 type: object
12221 type: object
12222 x-kubernetes-map-type: atomic
12223 storageClassName:
12224 description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'
12225 type: string
12226 volumeMode:
12227 description: volumeMode defines what type of volume is required by the claim.
12228 type: string
12229 volumeName:
12230 description: VolumeName is the binding reference to the PersistentVolume backing this claim.
12231 type: string
12232 type: object
12233 required:
12234 - spec
12235 type: object
12236 type: object
12237 fc:
12238 description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach
12239 properties:
12240 fsType:
12241 description: Filesystem type to mount.
12242 type: string
12243 lun:
12244 description: 'Optional: FC target lun number'
12245 format: int32
12246 type: integer
12247 readOnly:
12248 description: 'Optional: Defaults to false (read/write).'
12249 type: boolean
12250 targetWWNs:
12251 description: 'Optional: FC target worldwide names (WWNs)'
12252 items:
12253 type: string
12254 type: array
12255 wwids:
12256 description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'
12257 items:
12258 type: string
12259 type: array
12260 type: object
12261 flexVolume:
12262 description: FlexVolume represents a generic volume resource that is provisioned/attached usi
12263 properties:
12264 driver:
12265 description: Driver is the name of the driver to use for this volume.
12266 type: string
12267 fsType:
12268 description: Filesystem type to mount.
12269 type: string
12270 options:
12271 additionalProperties:
12272 type: string
12273 description: 'Optional: Extra command options if any.'
12274 type: object
12275 readOnly:
12276 description: 'Optional: Defaults to false (read/write).'
12277 type: boolean
12278 secretRef:
12279 description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'
12280 properties:
12281 name:
12282 description: 'Name of the referent. More info: https://kubernetes.'
12283 type: string
12284 type: object
12285 x-kubernetes-map-type: atomic
12286 required:
12287 - driver
12288 type: object
12289 flocker:
12290 description: Flocker represents a Flocker volume attached to a kubelet's host machine.
12291 properties:
12292 datasetName:
12293 description: Name of the dataset stored as metadata -> name on the dataset for Flocker should
12294 type: string
12295 datasetUUID:
12296 description: UUID of the dataset. This is unique identifier of a Flocker dataset
12297 type: string
12298 type: object
12299 gcePersistentDisk:
12300 description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's
12301 properties:
12302 fsType:
12303 description: Filesystem type of the volume that you want to mount.
12304 type: string
12305 partition:
12306 description: The partition in the volume that you want to mount.
12307 format: int32
12308 type: integer
12309 pdName:
12310 description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.
12311 type: string
12312 readOnly:
12313 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
12314 type: boolean
12315 required:
12316 - pdName
12317 type: object
12318 gitRepo:
12319 description: GitRepo represents a git repository at a particular revision.
12320 properties:
12321 directory:
12322 description: Target directory name. Must not contain or start with '..'. If '.
12323 type: string
12324 repository:
12325 description: Repository URL
12326 type: string
12327 revision:
12328 description: Commit hash for the specified revision.
12329 type: string
12330 required:
12331 - repository
12332 type: object
12333 glusterfs:
12334 description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
12335 properties:
12336 endpoints:
12337 description: EndpointsName is the endpoint name that details Glusterfs topology.
12338 type: string
12339 path:
12340 description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'
12341 type: string
12342 readOnly:
12343 description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi
12344 type: boolean
12345 required:
12346 - endpoints
12347 - path
12348 type: object
12349 hostPath:
12350 description: HostPath represents a pre-existing file or directory on the host machine that is
12351 properties:
12352 path:
12353 description: Path of the directory on the host.
12354 type: string
12355 type:
12356 description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'
12357 type: string
12358 required:
12359 - path
12360 type: object
12361 iscsi:
12362 description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac
12363 properties:
12364 chapAuthDiscovery:
12365 description: whether support iSCSI Discovery CHAP authentication
12366 type: boolean
12367 chapAuthSession:
12368 description: whether support iSCSI Session CHAP authentication
12369 type: boolean
12370 fsType:
12371 description: Filesystem type of the volume that you want to mount.
12372 type: string
12373 initiatorName:
12374 description: Custom iSCSI Initiator Name.
12375 type: string
12376 iqn:
12377 description: Target iSCSI Qualified Name.
12378 type: string
12379 iscsiInterface:
12380 description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
12381 type: string
12382 lun:
12383 description: iSCSI Target Lun number.
12384 format: int32
12385 type: integer
12386 portals:
12387 description: iSCSI Target Portal List.
12388 items:
12389 type: string
12390 type: array
12391 readOnly:
12392 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
12393 type: boolean
12394 secretRef:
12395 description: CHAP Secret for iSCSI target and initiator authentication
12396 properties:
12397 name:
12398 description: 'Name of the referent. More info: https://kubernetes.'
12399 type: string
12400 type: object
12401 x-kubernetes-map-type: atomic
12402 targetPortal:
12403 description: iSCSI Target Portal.
12404 type: string
12405 required:
12406 - iqn
12407 - lun
12408 - targetPortal
12409 type: object
12410 name:
12411 description: Volume's name. Must be a DNS_LABEL and unique within the pod.
12412 type: string
12413 nfs:
12414 description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '
12415 properties:
12416 path:
12417 description: 'Path that is exported by the NFS server. More info: https://kubernetes.'
12418 type: string
12419 readOnly:
12420 description: ReadOnly here will force the NFS export to be mounted with read-only permissions
12421 type: boolean
12422 server:
12423 description: Server is the hostname or IP address of the NFS server.
12424 type: string
12425 required:
12426 - path
12427 - server
12428 type: object
12429 persistentVolumeClaim:
12430 description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl
12431 properties:
12432 claimName:
12433 description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po
12434 type: string
12435 readOnly:
12436 description: Will force the ReadOnly setting in VolumeMounts. Default false.
12437 type: boolean
12438 required:
12439 - claimName
12440 type: object
12441 photonPersistentDisk:
12442 description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '
12443 properties:
12444 fsType:
12445 description: Filesystem type to mount.
12446 type: string
12447 pdID:
12448 description: ID that identifies Photon Controller persistent disk
12449 type: string
12450 required:
12451 - pdID
12452 type: object
12453 portworxVolume:
12454 description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos
12455 properties:
12456 fsType:
12457 description: FSType represents the filesystem type to mount Must be a filesystem type support
12458 type: string
12459 readOnly:
12460 description: Defaults to false (read/write).
12461 type: boolean
12462 volumeID:
12463 description: VolumeID uniquely identifies a Portworx volume
12464 type: string
12465 required:
12466 - volumeID
12467 type: object
12468 projected:
12469 description: Items for all in one resources secrets, configmaps, and downward API
12470 properties:
12471 defaultMode:
12472 description: Mode bits used to set permissions on created files by default.
12473 format: int32
12474 type: integer
12475 sources:
12476 description: list of volume projections
12477 items:
12478 description: Projection that may be projected along with other supported volume types
12479 properties:
12480 configMap:
12481 description: information about the configMap data to project
12482 properties:
12483 items:
12484 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
12485 items:
12486 description: Maps a string key to a path within a volume.
12487 properties:
12488 key:
12489 description: The key to project.
12490 type: string
12491 mode:
12492 description: 'Optional: mode bits used to set permissions on this file.'
12493 format: int32
12494 type: integer
12495 path:
12496 description: The relative path of the file to map the key to. May not be an absolute path.
12497 type: string
12498 required:
12499 - key
12500 - path
12501 type: object
12502 type: array
12503 name:
12504 description: 'Name of the referent. More info: https://kubernetes.'
12505 type: string
12506 optional:
12507 description: Specify whether the ConfigMap or its keys must be defined
12508 type: boolean
12509 type: object
12510 x-kubernetes-map-type: atomic
12511 downwardAPI:
12512 description: information about the downwardAPI data to project
12513 properties:
12514 items:
12515 description: Items is a list of DownwardAPIVolume file
12516 items:
12517 description: DownwardAPIVolumeFile represents information to create the file containing the p
12518 properties:
12519 fieldRef:
12520 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
12521 properties:
12522 apiVersion:
12523 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
12524 type: string
12525 fieldPath:
12526 description: Path of the field to select in the specified API version.
12527 type: string
12528 required:
12529 - fieldPath
12530 type: object
12531 x-kubernetes-map-type: atomic
12532 mode:
12533 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
12534 format: int32
12535 type: integer
12536 path:
12537 description: 'Required: Path is the relative path name of the file to be created.'
12538 type: string
12539 resourceFieldRef:
12540 description: 'Selects a resource of the container: only resources limits and requests (limits.'
12541 properties:
12542 containerName:
12543 description: 'Container name: required for volumes, optional for env vars'
12544 type: string
12545 divisor:
12546 anyOf:
12547 - type: integer
12548 - type: string
12549 description: Specifies the output format of the exposed resources, defaults to "1"
12550 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12551 x-kubernetes-int-or-string: true
12552 resource:
12553 description: 'Required: resource to select'
12554 type: string
12555 required:
12556 - resource
12557 type: object
12558 x-kubernetes-map-type: atomic
12559 required:
12560 - path
12561 type: object
12562 type: array
12563 type: object
12564 secret:
12565 description: information about the secret data to project
12566 properties:
12567 items:
12568 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
12569 items:
12570 description: Maps a string key to a path within a volume.
12571 properties:
12572 key:
12573 description: The key to project.
12574 type: string
12575 mode:
12576 description: 'Optional: mode bits used to set permissions on this file.'
12577 format: int32
12578 type: integer
12579 path:
12580 description: The relative path of the file to map the key to. May not be an absolute path.
12581 type: string
12582 required:
12583 - key
12584 - path
12585 type: object
12586 type: array
12587 name:
12588 description: 'Name of the referent. More info: https://kubernetes.'
12589 type: string
12590 optional:
12591 description: Specify whether the Secret or its key must be defined
12592 type: boolean
12593 type: object
12594 x-kubernetes-map-type: atomic
12595 serviceAccountToken:
12596 description: information about the serviceAccountToken data to project
12597 properties:
12598 audience:
12599 description: Audience is the intended audience of the token.
12600 type: string
12601 expirationSeconds:
12602 description: ExpirationSeconds is the requested duration of validity of the service account t
12603 format: int64
12604 type: integer
12605 path:
12606 description: Path is the path relative to the mount point of the file to project the token in
12607 type: string
12608 required:
12609 - path
12610 type: object
12611 type: object
12612 type: array
12613 type: object
12614 quobyte:
12615 description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
12616 properties:
12617 group:
12618 description: Group to map volume access to Default is no group
12619 type: string
12620 readOnly:
12621 description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss
12622 type: boolean
12623 registry:
12624 description: 'Registry represents a single or multiple Quobyte Registry services specified as '
12625 type: string
12626 tenant:
12627 description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov
12628 type: string
12629 user:
12630 description: User to map volume access to Defaults to serivceaccount user
12631 type: string
12632 volume:
12633 description: Volume is a string that references an already created Quobyte volume by name.
12634 type: string
12635 required:
12636 - registry
12637 - volume
12638 type: object
12639 rbd:
12640 description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti
12641 properties:
12642 fsType:
12643 description: Filesystem type of the volume that you want to mount.
12644 type: string
12645 image:
12646 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'
12647 type: string
12648 keyring:
12649 description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.
12650 type: string
12651 monitors:
12652 description: 'A collection of Ceph monitors. More info: https://examples.k8s.'
12653 items:
12654 type: string
12655 type: array
12656 pool:
12657 description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'
12658 type: string
12659 readOnly:
12660 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
12661 type: boolean
12662 secretRef:
12663 description: SecretRef is name of the authentication secret for RBDUser.
12664 properties:
12665 name:
12666 description: 'Name of the referent. More info: https://kubernetes.'
12667 type: string
12668 type: object
12669 x-kubernetes-map-type: atomic
12670 user:
12671 description: 'The rados user name. Default is admin. More info: https://examples.k8s.'
12672 type: string
12673 required:
12674 - image
12675 - monitors
12676 type: object
12677 scaleIO:
12678 description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete
12679 properties:
12680 fsType:
12681 description: Filesystem type to mount.
12682 type: string
12683 gateway:
12684 description: The host address of the ScaleIO API Gateway.
12685 type: string
12686 protectionDomain:
12687 description: The name of the ScaleIO Protection Domain for the configured storage.
12688 type: string
12689 readOnly:
12690 description: Defaults to false (read/write).
12691 type: boolean
12692 secretRef:
12693 description: SecretRef references to the secret for ScaleIO user and other sensitive informat
12694 properties:
12695 name:
12696 description: 'Name of the referent. More info: https://kubernetes.'
12697 type: string
12698 type: object
12699 x-kubernetes-map-type: atomic
12700 sslEnabled:
12701 description: Flag to enable/disable SSL communication with Gateway, default false
12702 type: boolean
12703 storageMode:
12704 description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro
12705 type: string
12706 storagePool:
12707 description: The ScaleIO Storage Pool associated with the protection domain.
12708 type: string
12709 system:
12710 description: The name of the storage system as configured in ScaleIO.
12711 type: string
12712 volumeName:
12713 description: The name of a volume already created in the ScaleIO system that is associated wi
12714 type: string
12715 required:
12716 - gateway
12717 - secretRef
12718 - system
12719 type: object
12720 secret:
12721 description: Secret represents a secret that should populate this volume.
12722 properties:
12723 defaultMode:
12724 description: 'Optional: mode bits used to set permissions on created files by default.'
12725 format: int32
12726 type: integer
12727 items:
12728 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
12729 items:
12730 description: Maps a string key to a path within a volume.
12731 properties:
12732 key:
12733 description: The key to project.
12734 type: string
12735 mode:
12736 description: 'Optional: mode bits used to set permissions on this file.'
12737 format: int32
12738 type: integer
12739 path:
12740 description: The relative path of the file to map the key to. May not be an absolute path.
12741 type: string
12742 required:
12743 - key
12744 - path
12745 type: object
12746 type: array
12747 optional:
12748 description: Specify whether the Secret or its keys must be defined
12749 type: boolean
12750 secretName:
12751 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'
12752 type: string
12753 type: object
12754 storageos:
12755 description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes
12756 properties:
12757 fsType:
12758 description: Filesystem type to mount.
12759 type: string
12760 readOnly:
12761 description: Defaults to false (read/write).
12762 type: boolean
12763 secretRef:
12764 description: SecretRef specifies the secret to use for obtaining the StorageOS API credential
12765 properties:
12766 name:
12767 description: 'Name of the referent. More info: https://kubernetes.'
12768 type: string
12769 type: object
12770 x-kubernetes-map-type: atomic
12771 volumeName:
12772 description: VolumeName is the human-readable name of the StorageOS volume.
12773 type: string
12774 volumeNamespace:
12775 description: VolumeNamespace specifies the scope of the volume within StorageOS.
12776 type: string
12777 type: object
12778 vsphereVolume:
12779 description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '
12780 properties:
12781 fsType:
12782 description: Filesystem type to mount.
12783 type: string
12784 storagePolicyID:
12785 description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol
12786 type: string
12787 storagePolicyName:
12788 description: Storage Policy Based Management (SPBM) profile name.
12789 type: string
12790 volumePath:
12791 description: Path that identifies vSphere volume vmdk
12792 type: string
12793 required:
12794 - volumePath
12795 type: object
12796 required:
12797 - name
12798 type: object
12799 type: array
12800 required: null
12801 type: object
12802 type: object
12803 version:
12804 default: 3
12805 enum:
12806 - 0
12807 - 2
12808 - 3
12809 format: int32
12810 type: integer
12811 type: object
12812 status:
12813 description: OnionServiceStatus defines the observed state of OnionService.
12814 properties:
12815 hostname:
12816 type: string
12817 targetClusterIP:
12818 type: string
12819 type: object
12820 type: object
12821 served: true
12822 storage: true
12823 subresources:
12824 status: {}
12825---
12826apiVersion: apiextensions.k8s.io/v1
12827kind: CustomResourceDefinition
12828metadata:
12829 annotations:
12830 controller-gen.kubebuilder.io/version: v0.7.0
12831 creationTimestamp: null
12832 name: projectconfigs.config.k8s.torproject.org
12833spec:
12834 group: config.k8s.torproject.org
12835 names:
12836 kind: ProjectConfig
12837 listKind: ProjectConfigList
12838 plural: projectconfigs
12839 singular: projectconfig
12840 scope: Namespaced
12841 versions:
12842 - name: v2
12843 schema:
12844 openAPIV3Schema:
12845 description: ProjectConfig is the Schema for the projectconfigs API
12846 properties:
12847 apiVersion:
12848 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
12849 type: string
12850 cacheNamespace:
12851 description: "CacheNamespace if specified restricts the manager's cache to watch objects in the desired namespace Defaults to all namespaces \n Note: If a namespace is specified, controllers can still Watch for a cluster-scoped resource (e.g Node). For namespaced resources the cache will only hold objects from the desired namespace."
12852 type: string
12853 controller:
12854 description: Controller contains global configuration options for controllers registered within this manager.
12855 properties:
12856 cacheSyncTimeout:
12857 description: CacheSyncTimeout refers to the time limit set to wait for syncing caches. Defaults to 2 minutes if not set.
12858 format: int64
12859 type: integer
12860 groupKindConcurrency:
12861 additionalProperties:
12862 type: integer
12863 description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation allowed for that controller. \n When a controller is registered within this manager using the builder utilities, users have to specify the type the controller reconciles in the For(...) call. If the object's kind passed matches one of the keys in this map, the concurrency for that controller is set to the number specified. \n The key is expected to be consistent in form with GroupKind.String(), e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`."
12864 type: object
12865 type: object
12866 gracefulShutDown:
12867 description: GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. To disable graceful shutdown, set to time.Duration(0) To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) The graceful shutdown is skipped for safety reasons in case the leader election lease is lost.
12868 type: string
12869 health:
12870 description: Health contains the controller health configuration
12871 properties:
12872 healthProbeBindAddress:
12873 description: HealthProbeBindAddress is the TCP address that the controller should bind to for serving health probes
12874 type: string
12875 livenessEndpointName:
12876 description: LivenessEndpointName, defaults to "healthz"
12877 type: string
12878 readinessEndpointName:
12879 description: ReadinessEndpointName, defaults to "readyz"
12880 type: string
12881 type: object
12882 kind:
12883 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
12884 type: string
12885 leaderElection:
12886 description: LeaderElection is the LeaderElection config to be used when configuring the manager.Manager leader election
12887 properties:
12888 leaderElect:
12889 description: leaderElect enables a leader election client to gain leadership before executing the main loop. Enable this when running replicated components for high availability.
12890 type: boolean
12891 leaseDuration:
12892 description: leaseDuration is the duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled.
12893 type: string
12894 renewDeadline:
12895 description: renewDeadline is the interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled.
12896 type: string
12897 resourceLock:
12898 description: resourceLock indicates the resource object type that will be used to lock during leader election cycles.
12899 type: string
12900 resourceName:
12901 description: resourceName indicates the name of resource object that will be used to lock during leader election cycles.
12902 type: string
12903 resourceNamespace:
12904 description: resourceName indicates the namespace of resource object that will be used to lock during leader election cycles.
12905 type: string
12906 retryPeriod:
12907 description: retryPeriod is the duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled.
12908 type: string
12909 required:
12910 - leaderElect
12911 - leaseDuration
12912 - renewDeadline
12913 - resourceLock
12914 - resourceName
12915 - resourceNamespace
12916 - retryPeriod
12917 type: object
12918 metrics:
12919 description: Metrics contains thw controller metrics configuration
12920 properties:
12921 bindAddress:
12922 description: BindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving.
12923 type: string
12924 type: object
12925 syncPeriod:
12926 description: SyncPeriod determines the minimum frequency at which watched resources are reconciled. A lower period will correct entropy more quickly, but reduce responsiveness to change if there are many watched resources. Change this value only if you know what you are doing. Defaults to 10 hours if unset. there will a 10 percent jitter between the SyncPeriod of all controllers so that all controllers will not send list requests simultaneously.
12927 type: string
12928 torDaemonManager:
12929 properties:
12930 image:
12931 default: quay.io/bugfest/tor-daemon-manager:latest
12932 type: string
12933 type: object
12934 torOnionbalanceManager:
12935 properties:
12936 image:
12937 default: quay.io/bugfest/tor-onionbalance-manager:latest
12938 type: string
12939 type: object
12940 webhook:
12941 description: Webhook contains the controllers webhook configuration
12942 properties:
12943 certDir:
12944 description: CertDir is the directory that contains the server key and certificate. if not set, webhook server would look up the server key and certificate in {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate must be named tls.key and tls.crt, respectively.
12945 type: string
12946 host:
12947 description: Host is the hostname that the webhook server binds to. It is used to set webhook.Server.Host.
12948 type: string
12949 port:
12950 description: Port is the port that the webhook server serves at. It is used to set webhook.Server.Port.
12951 type: integer
12952 type: object
12953 type: object
12954 served: true
12955 storage: true
12956status:
12957 acceptedNames:
12958 kind: ""
12959 plural: ""
12960 conditions: []
12961 storedVersions: []
12962---
12963apiVersion: apiextensions.k8s.io/v1
12964kind: CustomResourceDefinition
12965metadata:
12966 annotations:
12967 controller-gen.kubebuilder.io/version: v0.11.1
12968 creationTimestamp: null
12969 name: tors.tor.k8s.torproject.org
12970spec:
12971 group: tor.k8s.torproject.org
12972 names:
12973 kind: Tor
12974 listKind: TorList
12975 plural: tors
12976 shortNames:
12977 - tor
12978 singular: tor
12979 scope: Namespaced
12980 versions:
12981 - additionalPrinterColumns:
12982 - jsonPath: .metadata.creationTimestamp
12983 name: Age
12984 type: date
12985 name: v1alpha2
12986 schema:
12987 openAPIV3Schema:
12988 description: Tor is the Schema for the tor API.
12989 properties:
12990 apiVersion:
12991 description: APIVersion defines the versioned schema of this representation of an object.
12992 type: string
12993 kind:
12994 description: Kind is a string value representing the REST resource this object represents.
12995 type: string
12996 metadata:
12997 type: object
12998 spec:
12999 description: TorSpec defines the desired state of Tor.
13000 properties:
13001 client:
13002 description: Client type. Enabled by default if server options are not set.
13003 properties:
13004 dns:
13005 description: DNSPort [address:]port|auto [isolation flags]
13006 properties:
13007 address:
13008 default:
13009 - 0.0.0.0
13010 - '::'
13011 items:
13012 type: string
13013 type: array
13014 enable:
13015 type: boolean
13016 flags:
13017 items:
13018 type: string
13019 type: array
13020 policy:
13021 default:
13022 - accept 0.0.0.0/0
13023 - accept ::/0
13024 description: Policy [address:]port|unix:path|auto [flags]
13025 items:
13026 type: string
13027 type: array
13028 port:
13029 default: 0
13030 format: int32
13031 type: integer
13032 type: object
13033 httptunnel:
13034 description: HTTPTunnelPort [address:]port|auto [isolation flags]
13035 properties:
13036 address:
13037 default:
13038 - 0.0.0.0
13039 - '::'
13040 items:
13041 type: string
13042 type: array
13043 enable:
13044 type: boolean
13045 flags:
13046 items:
13047 type: string
13048 type: array
13049 policy:
13050 default:
13051 - accept 0.0.0.0/0
13052 - accept ::/0
13053 description: Policy [address:]port|unix:path|auto [flags]
13054 items:
13055 type: string
13056 type: array
13057 port:
13058 default: 0
13059 format: int32
13060 type: integer
13061 type: object
13062 natd:
13063 description: NATDPort [address:]port|auto [isolation flags]
13064 properties:
13065 address:
13066 default:
13067 - 0.0.0.0
13068 - '::'
13069 items:
13070 type: string
13071 type: array
13072 enable:
13073 type: boolean
13074 flags:
13075 items:
13076 type: string
13077 type: array
13078 policy:
13079 default:
13080 - accept 0.0.0.0/0
13081 - accept ::/0
13082 description: Policy [address:]port|unix:path|auto [flags]
13083 items:
13084 type: string
13085 type: array
13086 port:
13087 default: 0
13088 format: int32
13089 type: integer
13090 type: object
13091 socks:
13092 description: SocksPort [address:]port|unix:path|auto [flags] [isolation flags]
13093 properties:
13094 address:
13095 default:
13096 - 0.0.0.0
13097 - '::'
13098 items:
13099 type: string
13100 type: array
13101 enable:
13102 type: boolean
13103 flags:
13104 items:
13105 type: string
13106 type: array
13107 policy:
13108 default:
13109 - accept 0.0.0.0/0
13110 - accept ::/0
13111 description: Policy [address:]port|unix:path|auto [flags]
13112 items:
13113 type: string
13114 type: array
13115 port:
13116 default: 0
13117 format: int32
13118 type: integer
13119 type: object
13120 trans:
13121 description: TransPort [address:]port|auto [isolation flags]
13122 properties:
13123 address:
13124 default:
13125 - 0.0.0.0
13126 - '::'
13127 items:
13128 type: string
13129 type: array
13130 enable:
13131 type: boolean
13132 flags:
13133 items:
13134 type: string
13135 type: array
13136 policy:
13137 default:
13138 - accept 0.0.0.0/0
13139 - accept ::/0
13140 description: Policy [address:]port|unix:path|auto [flags]
13141 items:
13142 type: string
13143 type: array
13144 port:
13145 default: 0
13146 format: int32
13147 type: integer
13148 type: object
13149 transproxytype:
13150 description: TransProxyType default|TPROXY|ipfw|pf-divert
13151 type: string
13152 type: object
13153 config:
13154 description: 'Custom/advanced options. Tor latest man page (asciidoc): https://gitlab.'
13155 type: string
13156 configMapKeyRef:
13157 description: Custom/advanced options read from a ConfigMaps.
13158 items:
13159 description: Selects a key from a ConfigMap.
13160 properties:
13161 key:
13162 description: The key to select.
13163 type: string
13164 name:
13165 description: 'Name of the referent. More info: https://kubernetes.'
13166 type: string
13167 optional:
13168 description: Specify whether the ConfigMap or its key must be defined
13169 type: boolean
13170 required:
13171 - key
13172 type: object
13173 x-kubernetes-map-type: atomic
13174 type: array
13175 control:
13176 description: Control. Enabled by default.
13177 properties:
13178 address:
13179 default:
13180 - 0.0.0.0
13181 - '::'
13182 items:
13183 type: string
13184 type: array
13185 enable:
13186 type: boolean
13187 flags:
13188 items:
13189 type: string
13190 type: array
13191 policy:
13192 default:
13193 - accept 0.0.0.0/0
13194 - accept ::/0
13195 description: Policy [address:]port|unix:path|auto [flags]
13196 items:
13197 type: string
13198 type: array
13199 port:
13200 default: 0
13201 format: int32
13202 type: integer
13203 secret:
13204 description: Allowed control passwords as string
13205 items:
13206 type: string
13207 type: array
13208 secretRef:
13209 description: Allowed Control passwords as Secret object references Reference to a key of a se
13210 items:
13211 description: SecretKeySelector selects a key of a Secret.
13212 properties:
13213 key:
13214 description: The key of the secret to select from. Must be a valid secret key.
13215 type: string
13216 name:
13217 description: 'Name of the referent. More info: https://kubernetes.'
13218 type: string
13219 optional:
13220 description: Specify whether the Secret or its key must be defined
13221 type: boolean
13222 required:
13223 - key
13224 type: object
13225 x-kubernetes-map-type: atomic
13226 type: array
13227 type: object
13228 extraArgs:
13229 description: Extra arguments to pass Tor's executable
13230 items:
13231 type: string
13232 type: array
13233 metrics:
13234 description: Metrics. Enabled by default.
13235 properties:
13236 address:
13237 default:
13238 - 0.0.0.0
13239 - '::'
13240 items:
13241 type: string
13242 type: array
13243 enable:
13244 type: boolean
13245 flags:
13246 items:
13247 type: string
13248 type: array
13249 policy:
13250 default:
13251 - accept 0.0.0.0/0
13252 - accept ::/0
13253 description: Policy [address:]port|unix:path|auto [flags]
13254 items:
13255 type: string
13256 type: array
13257 port:
13258 default: 0
13259 format: int32
13260 type: integer
13261 type: object
13262 replicas:
13263 default: 1
13264 description: Replicas.
13265 format: int32
13266 type: integer
13267 server:
13268 description: Server (ORPort)
13269 properties:
13270 address:
13271 default:
13272 - 0.0.0.0
13273 - '::'
13274 items:
13275 type: string
13276 type: array
13277 enable:
13278 type: boolean
13279 flags:
13280 items:
13281 type: string
13282 type: array
13283 policy:
13284 default:
13285 - accept 0.0.0.0/0
13286 - accept ::/0
13287 description: Policy [address:]port|unix:path|auto [flags]
13288 items:
13289 type: string
13290 type: array
13291 port:
13292 default: 0
13293 format: int32
13294 type: integer
13295 type: object
13296 serviceMonitor:
13297 default: false
13298 description: Create service monitor.
13299 type: boolean
13300 template:
13301 description: Template describes the pods that will be created.
13302 properties:
13303 metadata:
13304 description: Metadata of the pods created from this template.
13305 type: object
13306 resources:
13307 description: Default resources for containers
13308 properties:
13309 limits:
13310 additionalProperties:
13311 anyOf:
13312 - type: integer
13313 - type: string
13314 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13315 x-kubernetes-int-or-string: true
13316 description: Limits describes the maximum amount of compute resources allowed.
13317 type: object
13318 requests:
13319 additionalProperties:
13320 anyOf:
13321 - type: integer
13322 - type: string
13323 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13324 x-kubernetes-int-or-string: true
13325 description: Requests describes the minimum amount of compute resources required.
13326 type: object
13327 type: object
13328 spec:
13329 description: Spec defines the behavior of a pod.
13330 properties:
13331 activeDeadlineSeconds:
13332 description: Optional duration in seconds the pod may be active on the node relative to Start
13333 format: int64
13334 type: integer
13335 affinity:
13336 description: If specified, the pod's scheduling constraints
13337 properties:
13338 nodeAffinity:
13339 description: Describes node affinity scheduling rules for the pod.
13340 properties:
13341 preferredDuringSchedulingIgnoredDuringExecution:
13342 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
13343 items:
13344 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i
13345 properties:
13346 preference:
13347 description: A node selector term, associated with the corresponding weight.
13348 properties:
13349 matchExpressions:
13350 description: A list of node selector requirements by node's labels.
13351 items:
13352 description: A node selector requirement is a selector that contains values, a key, and an op
13353 properties:
13354 key:
13355 description: The label key that the selector applies to.
13356 type: string
13357 operator:
13358 description: Represents a key's relationship to a set of values.
13359 type: string
13360 values:
13361 description: An array of string values.
13362 items:
13363 type: string
13364 type: array
13365 required:
13366 - key
13367 - operator
13368 type: object
13369 type: array
13370 matchFields:
13371 description: A list of node selector requirements by node's fields.
13372 items:
13373 description: A node selector requirement is a selector that contains values, a key, and an op
13374 properties:
13375 key:
13376 description: The label key that the selector applies to.
13377 type: string
13378 operator:
13379 description: Represents a key's relationship to a set of values.
13380 type: string
13381 values:
13382 description: An array of string values.
13383 items:
13384 type: string
13385 type: array
13386 required:
13387 - key
13388 - operator
13389 type: object
13390 type: array
13391 type: object
13392 x-kubernetes-map-type: atomic
13393 weight:
13394 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range
13395 format: int32
13396 type: integer
13397 required:
13398 - preference
13399 - weight
13400 type: object
13401 type: array
13402 requiredDuringSchedulingIgnoredDuringExecution:
13403 description: If the affinity requirements specified by this field are not met at scheduling t
13404 properties:
13405 nodeSelectorTerms:
13406 description: Required. A list of node selector terms. The terms are ORed.
13407 items:
13408 description: A null or empty node selector term matches no objects.
13409 properties:
13410 matchExpressions:
13411 description: A list of node selector requirements by node's labels.
13412 items:
13413 description: A node selector requirement is a selector that contains values, a key, and an op
13414 properties:
13415 key:
13416 description: The label key that the selector applies to.
13417 type: string
13418 operator:
13419 description: Represents a key's relationship to a set of values.
13420 type: string
13421 values:
13422 description: An array of string values.
13423 items:
13424 type: string
13425 type: array
13426 required:
13427 - key
13428 - operator
13429 type: object
13430 type: array
13431 matchFields:
13432 description: A list of node selector requirements by node's fields.
13433 items:
13434 description: A node selector requirement is a selector that contains values, a key, and an op
13435 properties:
13436 key:
13437 description: The label key that the selector applies to.
13438 type: string
13439 operator:
13440 description: Represents a key's relationship to a set of values.
13441 type: string
13442 values:
13443 description: An array of string values.
13444 items:
13445 type: string
13446 type: array
13447 required:
13448 - key
13449 - operator
13450 type: object
13451 type: array
13452 type: object
13453 x-kubernetes-map-type: atomic
13454 type: array
13455 required:
13456 - nodeSelectorTerms
13457 type: object
13458 x-kubernetes-map-type: atomic
13459 type: object
13460 podAffinity:
13461 description: Describes pod affinity scheduling rules (e.g.
13462 properties:
13463 preferredDuringSchedulingIgnoredDuringExecution:
13464 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity ex
13465 items:
13466 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
13467 properties:
13468 podAffinityTerm:
13469 description: Required. A pod affinity term, associated with the corresponding weight.
13470 properties:
13471 labelSelector:
13472 description: A label query over a set of resources, in this case pods.
13473 properties:
13474 matchExpressions:
13475 description: matchExpressions is a list of label selector requirements.
13476 items:
13477 description: A label selector requirement is a selector that contains values, a key, and an o
13478 properties:
13479 key:
13480 description: key is the label key that the selector applies to.
13481 type: string
13482 operator:
13483 description: operator represents a key's relationship to a set of values.
13484 type: string
13485 values:
13486 description: values is an array of string values.
13487 items:
13488 type: string
13489 type: array
13490 required:
13491 - key
13492 - operator
13493 type: object
13494 type: array
13495 matchLabels:
13496 additionalProperties:
13497 type: string
13498 description: matchLabels is a map of {key,value} pairs.
13499 type: object
13500 type: object
13501 x-kubernetes-map-type: atomic
13502 namespaceSelector:
13503 description: A label query over the set of namespaces that the term applies to.
13504 properties:
13505 matchExpressions:
13506 description: matchExpressions is a list of label selector requirements.
13507 items:
13508 description: A label selector requirement is a selector that contains values, a key, and an o
13509 properties:
13510 key:
13511 description: key is the label key that the selector applies to.
13512 type: string
13513 operator:
13514 description: operator represents a key's relationship to a set of values.
13515 type: string
13516 values:
13517 description: values is an array of string values.
13518 items:
13519 type: string
13520 type: array
13521 required:
13522 - key
13523 - operator
13524 type: object
13525 type: array
13526 matchLabels:
13527 additionalProperties:
13528 type: string
13529 description: matchLabels is a map of {key,value} pairs.
13530 type: object
13531 type: object
13532 x-kubernetes-map-type: atomic
13533 namespaces:
13534 description: namespaces specifies a static list of namespace names that the term applies to.
13535 items:
13536 type: string
13537 type: array
13538 topologyKey:
13539 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
13540 type: string
13541 required:
13542 - topologyKey
13543 type: object
13544 weight:
13545 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
13546 format: int32
13547 type: integer
13548 required:
13549 - podAffinityTerm
13550 - weight
13551 type: object
13552 type: array
13553 requiredDuringSchedulingIgnoredDuringExecution:
13554 description: If the affinity requirements specified by this field are not met at scheduling t
13555 items:
13556 description: Defines a set of pods (namely those matching the labelSelector relative to the g
13557 properties:
13558 labelSelector:
13559 description: A label query over a set of resources, in this case pods.
13560 properties:
13561 matchExpressions:
13562 description: matchExpressions is a list of label selector requirements.
13563 items:
13564 description: A label selector requirement is a selector that contains values, a key, and an o
13565 properties:
13566 key:
13567 description: key is the label key that the selector applies to.
13568 type: string
13569 operator:
13570 description: operator represents a key's relationship to a set of values.
13571 type: string
13572 values:
13573 description: values is an array of string values.
13574 items:
13575 type: string
13576 type: array
13577 required:
13578 - key
13579 - operator
13580 type: object
13581 type: array
13582 matchLabels:
13583 additionalProperties:
13584 type: string
13585 description: matchLabels is a map of {key,value} pairs.
13586 type: object
13587 type: object
13588 x-kubernetes-map-type: atomic
13589 namespaceSelector:
13590 description: A label query over the set of namespaces that the term applies to.
13591 properties:
13592 matchExpressions:
13593 description: matchExpressions is a list of label selector requirements.
13594 items:
13595 description: A label selector requirement is a selector that contains values, a key, and an o
13596 properties:
13597 key:
13598 description: key is the label key that the selector applies to.
13599 type: string
13600 operator:
13601 description: operator represents a key's relationship to a set of values.
13602 type: string
13603 values:
13604 description: values is an array of string values.
13605 items:
13606 type: string
13607 type: array
13608 required:
13609 - key
13610 - operator
13611 type: object
13612 type: array
13613 matchLabels:
13614 additionalProperties:
13615 type: string
13616 description: matchLabels is a map of {key,value} pairs.
13617 type: object
13618 type: object
13619 x-kubernetes-map-type: atomic
13620 namespaces:
13621 description: namespaces specifies a static list of namespace names that the term applies to.
13622 items:
13623 type: string
13624 type: array
13625 topologyKey:
13626 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
13627 type: string
13628 required:
13629 - topologyKey
13630 type: object
13631 type: array
13632 type: object
13633 podAntiAffinity:
13634 description: Describes pod anti-affinity scheduling rules (e.g.
13635 properties:
13636 preferredDuringSchedulingIgnoredDuringExecution:
13637 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affini
13638 items:
13639 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-n
13640 properties:
13641 podAffinityTerm:
13642 description: Required. A pod affinity term, associated with the corresponding weight.
13643 properties:
13644 labelSelector:
13645 description: A label query over a set of resources, in this case pods.
13646 properties:
13647 matchExpressions:
13648 description: matchExpressions is a list of label selector requirements.
13649 items:
13650 description: A label selector requirement is a selector that contains values, a key, and an o
13651 properties:
13652 key:
13653 description: key is the label key that the selector applies to.
13654 type: string
13655 operator:
13656 description: operator represents a key's relationship to a set of values.
13657 type: string
13658 values:
13659 description: values is an array of string values.
13660 items:
13661 type: string
13662 type: array
13663 required:
13664 - key
13665 - operator
13666 type: object
13667 type: array
13668 matchLabels:
13669 additionalProperties:
13670 type: string
13671 description: matchLabels is a map of {key,value} pairs.
13672 type: object
13673 type: object
13674 x-kubernetes-map-type: atomic
13675 namespaceSelector:
13676 description: A label query over the set of namespaces that the term applies to.
13677 properties:
13678 matchExpressions:
13679 description: matchExpressions is a list of label selector requirements.
13680 items:
13681 description: A label selector requirement is a selector that contains values, a key, and an o
13682 properties:
13683 key:
13684 description: key is the label key that the selector applies to.
13685 type: string
13686 operator:
13687 description: operator represents a key's relationship to a set of values.
13688 type: string
13689 values:
13690 description: values is an array of string values.
13691 items:
13692 type: string
13693 type: array
13694 required:
13695 - key
13696 - operator
13697 type: object
13698 type: array
13699 matchLabels:
13700 additionalProperties:
13701 type: string
13702 description: matchLabels is a map of {key,value} pairs.
13703 type: object
13704 type: object
13705 x-kubernetes-map-type: atomic
13706 namespaces:
13707 description: namespaces specifies a static list of namespace names that the term applies to.
13708 items:
13709 type: string
13710 type: array
13711 topologyKey:
13712 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
13713 type: string
13714 required:
13715 - topologyKey
13716 type: object
13717 weight:
13718 description: 'weight associated with matching the corresponding podAffinityTerm, in the range '
13719 format: int32
13720 type: integer
13721 required:
13722 - podAffinityTerm
13723 - weight
13724 type: object
13725 type: array
13726 requiredDuringSchedulingIgnoredDuringExecution:
13727 description: If the anti-affinity requirements specified by this field are not met at schedul
13728 items:
13729 description: Defines a set of pods (namely those matching the labelSelector relative to the g
13730 properties:
13731 labelSelector:
13732 description: A label query over a set of resources, in this case pods.
13733 properties:
13734 matchExpressions:
13735 description: matchExpressions is a list of label selector requirements.
13736 items:
13737 description: A label selector requirement is a selector that contains values, a key, and an o
13738 properties:
13739 key:
13740 description: key is the label key that the selector applies to.
13741 type: string
13742 operator:
13743 description: operator represents a key's relationship to a set of values.
13744 type: string
13745 values:
13746 description: values is an array of string values.
13747 items:
13748 type: string
13749 type: array
13750 required:
13751 - key
13752 - operator
13753 type: object
13754 type: array
13755 matchLabels:
13756 additionalProperties:
13757 type: string
13758 description: matchLabels is a map of {key,value} pairs.
13759 type: object
13760 type: object
13761 x-kubernetes-map-type: atomic
13762 namespaceSelector:
13763 description: A label query over the set of namespaces that the term applies to.
13764 properties:
13765 matchExpressions:
13766 description: matchExpressions is a list of label selector requirements.
13767 items:
13768 description: A label selector requirement is a selector that contains values, a key, and an o
13769 properties:
13770 key:
13771 description: key is the label key that the selector applies to.
13772 type: string
13773 operator:
13774 description: operator represents a key's relationship to a set of values.
13775 type: string
13776 values:
13777 description: values is an array of string values.
13778 items:
13779 type: string
13780 type: array
13781 required:
13782 - key
13783 - operator
13784 type: object
13785 type: array
13786 matchLabels:
13787 additionalProperties:
13788 type: string
13789 description: matchLabels is a map of {key,value} pairs.
13790 type: object
13791 type: object
13792 x-kubernetes-map-type: atomic
13793 namespaces:
13794 description: namespaces specifies a static list of namespace names that the term applies to.
13795 items:
13796 type: string
13797 type: array
13798 topologyKey:
13799 description: 'This pod should be co-located (affinity) or not co-located (anti-affinity) with '
13800 type: string
13801 required:
13802 - topologyKey
13803 type: object
13804 type: array
13805 type: object
13806 type: object
13807 automountServiceAccountToken:
13808 description: AutomountServiceAccountToken indicates whether a service account token should be
13809 type: boolean
13810 containers:
13811 description: List of containers belonging to the pod.
13812 items:
13813 description: A single application container that you want to run within a pod.
13814 properties:
13815 args:
13816 description: Arguments to the entrypoint.
13817 items:
13818 type: string
13819 type: array
13820 command:
13821 description: Entrypoint array. Not executed within a shell.
13822 items:
13823 type: string
13824 type: array
13825 env:
13826 description: List of environment variables to set in the container. Cannot be updated.
13827 items:
13828 description: EnvVar represents an environment variable present in a Container.
13829 properties:
13830 name:
13831 description: Name of the environment variable. Must be a C_IDENTIFIER.
13832 type: string
13833 value:
13834 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
13835 type: string
13836 valueFrom:
13837 description: Source for the environment variable's value.
13838 properties:
13839 configMapKeyRef:
13840 description: Selects a key of a ConfigMap.
13841 properties:
13842 key:
13843 description: The key to select.
13844 type: string
13845 name:
13846 description: 'Name of the referent. More info: https://kubernetes.'
13847 type: string
13848 optional:
13849 description: Specify whether the ConfigMap or its key must be defined
13850 type: boolean
13851 required:
13852 - key
13853 type: object
13854 x-kubernetes-map-type: atomic
13855 fieldRef:
13856 description: 'Selects a field of the pod: supports metadata.name, metadata.'
13857 properties:
13858 apiVersion:
13859 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
13860 type: string
13861 fieldPath:
13862 description: Path of the field to select in the specified API version.
13863 type: string
13864 required:
13865 - fieldPath
13866 type: object
13867 x-kubernetes-map-type: atomic
13868 resourceFieldRef:
13869 description: 'Selects a resource of the container: only resources limits and requests (limits.'
13870 properties:
13871 containerName:
13872 description: 'Container name: required for volumes, optional for env vars'
13873 type: string
13874 divisor:
13875 anyOf:
13876 - type: integer
13877 - type: string
13878 description: Specifies the output format of the exposed resources, defaults to "1"
13879 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13880 x-kubernetes-int-or-string: true
13881 resource:
13882 description: 'Required: resource to select'
13883 type: string
13884 required:
13885 - resource
13886 type: object
13887 x-kubernetes-map-type: atomic
13888 secretKeyRef:
13889 description: Selects a key of a secret in the pod's namespace
13890 properties:
13891 key:
13892 description: The key of the secret to select from. Must be a valid secret key.
13893 type: string
13894 name:
13895 description: 'Name of the referent. More info: https://kubernetes.'
13896 type: string
13897 optional:
13898 description: Specify whether the Secret or its key must be defined
13899 type: boolean
13900 required:
13901 - key
13902 type: object
13903 x-kubernetes-map-type: atomic
13904 type: object
13905 required:
13906 - name
13907 type: object
13908 type: array
13909 envFrom:
13910 description: List of sources to populate environment variables in the container.
13911 items:
13912 description: EnvFromSource represents the source of a set of ConfigMaps
13913 properties:
13914 configMapRef:
13915 description: The ConfigMap to select from
13916 properties:
13917 name:
13918 description: 'Name of the referent. More info: https://kubernetes.'
13919 type: string
13920 optional:
13921 description: Specify whether the ConfigMap must be defined
13922 type: boolean
13923 type: object
13924 x-kubernetes-map-type: atomic
13925 prefix:
13926 description: An optional identifier to prepend to each key in the ConfigMap.
13927 type: string
13928 secretRef:
13929 description: The Secret to select from
13930 properties:
13931 name:
13932 description: 'Name of the referent. More info: https://kubernetes.'
13933 type: string
13934 optional:
13935 description: Specify whether the Secret must be defined
13936 type: boolean
13937 type: object
13938 x-kubernetes-map-type: atomic
13939 type: object
13940 type: array
13941 image:
13942 description: 'Docker image name. More info: https://kubernetes.'
13943 type: string
13944 imagePullPolicy:
13945 description: Image pull policy. One of Always, Never, IfNotPresent.
13946 type: string
13947 lifecycle:
13948 description: Actions that the management system should take in response to container lifecycl
13949 properties:
13950 postStart:
13951 description: PostStart is called immediately after a container is created.
13952 properties:
13953 exec:
13954 description: Exec specifies the action to take.
13955 properties:
13956 command:
13957 description: Command is the command line to execute inside the container, the working directo
13958 items:
13959 type: string
13960 type: array
13961 type: object
13962 httpGet:
13963 description: HTTPGet specifies the http request to perform.
13964 properties:
13965 host:
13966 description: Host name to connect to, defaults to the pod IP.
13967 type: string
13968 httpHeaders:
13969 description: Custom headers to set in the request. HTTP allows repeated headers.
13970 items:
13971 description: HTTPHeader describes a custom header to be used in HTTP probes
13972 properties:
13973 name:
13974 description: The header field name
13975 type: string
13976 value:
13977 description: The header field value
13978 type: string
13979 required:
13980 - name
13981 - value
13982 type: object
13983 type: array
13984 path:
13985 description: Path to access on the HTTP server.
13986 type: string
13987 port:
13988 anyOf:
13989 - type: integer
13990 - type: string
13991 description: Name or number of the port to access on the container.
13992 x-kubernetes-int-or-string: true
13993 scheme:
13994 description: Scheme to use for connecting to the host. Defaults to HTTP.
13995 type: string
13996 required:
13997 - port
13998 type: object
13999 tcpSocket:
14000 description: Deprecated.
14001 properties:
14002 host:
14003 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14004 type: string
14005 port:
14006 anyOf:
14007 - type: integer
14008 - type: string
14009 description: Number or name of the port to access on the container.
14010 x-kubernetes-int-or-string: true
14011 required:
14012 - port
14013 type: object
14014 type: object
14015 preStop:
14016 description: PreStop is called immediately before a container is terminated due to an API req
14017 properties:
14018 exec:
14019 description: Exec specifies the action to take.
14020 properties:
14021 command:
14022 description: Command is the command line to execute inside the container, the working directo
14023 items:
14024 type: string
14025 type: array
14026 type: object
14027 httpGet:
14028 description: HTTPGet specifies the http request to perform.
14029 properties:
14030 host:
14031 description: Host name to connect to, defaults to the pod IP.
14032 type: string
14033 httpHeaders:
14034 description: Custom headers to set in the request. HTTP allows repeated headers.
14035 items:
14036 description: HTTPHeader describes a custom header to be used in HTTP probes
14037 properties:
14038 name:
14039 description: The header field name
14040 type: string
14041 value:
14042 description: The header field value
14043 type: string
14044 required:
14045 - name
14046 - value
14047 type: object
14048 type: array
14049 path:
14050 description: Path to access on the HTTP server.
14051 type: string
14052 port:
14053 anyOf:
14054 - type: integer
14055 - type: string
14056 description: Name or number of the port to access on the container.
14057 x-kubernetes-int-or-string: true
14058 scheme:
14059 description: Scheme to use for connecting to the host. Defaults to HTTP.
14060 type: string
14061 required:
14062 - port
14063 type: object
14064 tcpSocket:
14065 description: Deprecated.
14066 properties:
14067 host:
14068 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14069 type: string
14070 port:
14071 anyOf:
14072 - type: integer
14073 - type: string
14074 description: Number or name of the port to access on the container.
14075 x-kubernetes-int-or-string: true
14076 required:
14077 - port
14078 type: object
14079 type: object
14080 type: object
14081 livenessProbe:
14082 description: Periodic probe of container liveness.
14083 properties:
14084 exec:
14085 description: Exec specifies the action to take.
14086 properties:
14087 command:
14088 description: Command is the command line to execute inside the container, the working directo
14089 items:
14090 type: string
14091 type: array
14092 type: object
14093 failureThreshold:
14094 description: 'Minimum consecutive failures for the probe to be considered failed after having '
14095 format: int32
14096 type: integer
14097 grpc:
14098 description: GRPC specifies an action involving a GRPC port.
14099 properties:
14100 port:
14101 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
14102 format: int32
14103 type: integer
14104 service:
14105 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
14106 type: string
14107 required:
14108 - port
14109 type: object
14110 httpGet:
14111 description: HTTPGet specifies the http request to perform.
14112 properties:
14113 host:
14114 description: Host name to connect to, defaults to the pod IP.
14115 type: string
14116 httpHeaders:
14117 description: Custom headers to set in the request. HTTP allows repeated headers.
14118 items:
14119 description: HTTPHeader describes a custom header to be used in HTTP probes
14120 properties:
14121 name:
14122 description: The header field name
14123 type: string
14124 value:
14125 description: The header field value
14126 type: string
14127 required:
14128 - name
14129 - value
14130 type: object
14131 type: array
14132 path:
14133 description: Path to access on the HTTP server.
14134 type: string
14135 port:
14136 anyOf:
14137 - type: integer
14138 - type: string
14139 description: Name or number of the port to access on the container.
14140 x-kubernetes-int-or-string: true
14141 scheme:
14142 description: Scheme to use for connecting to the host. Defaults to HTTP.
14143 type: string
14144 required:
14145 - port
14146 type: object
14147 initialDelaySeconds:
14148 description: Number of seconds after the container has started before liveness probes are ini
14149 format: int32
14150 type: integer
14151 periodSeconds:
14152 description: How often (in seconds) to perform the probe. Default to 10 seconds.
14153 format: int32
14154 type: integer
14155 successThreshold:
14156 description: Minimum consecutive successes for the probe to be considered successful after ha
14157 format: int32
14158 type: integer
14159 tcpSocket:
14160 description: TCPSocket specifies an action involving a TCP port.
14161 properties:
14162 host:
14163 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14164 type: string
14165 port:
14166 anyOf:
14167 - type: integer
14168 - type: string
14169 description: Number or name of the port to access on the container.
14170 x-kubernetes-int-or-string: true
14171 required:
14172 - port
14173 type: object
14174 terminationGracePeriodSeconds:
14175 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
14176 format: int64
14177 type: integer
14178 timeoutSeconds:
14179 description: Number of seconds after which the probe times out. Defaults to 1 second.
14180 format: int32
14181 type: integer
14182 type: object
14183 name:
14184 description: Name of the container specified as a DNS_LABEL.
14185 type: string
14186 ports:
14187 description: List of ports to expose from the container.
14188 items:
14189 description: ContainerPort represents a network port in a single container.
14190 properties:
14191 containerPort:
14192 description: Number of port to expose on the pod's IP address.
14193 format: int32
14194 type: integer
14195 hostIP:
14196 description: What host IP to bind the external port to.
14197 type: string
14198 hostPort:
14199 description: Number of port to expose on the host.
14200 format: int32
14201 type: integer
14202 name:
14203 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
14204 type: string
14205 protocol:
14206 default: TCP
14207 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
14208 type: string
14209 required:
14210 - containerPort
14211 type: object
14212 type: array
14213 x-kubernetes-list-map-keys:
14214 - containerPort
14215 - protocol
14216 x-kubernetes-list-type: map
14217 readinessProbe:
14218 description: Periodic probe of container service readiness.
14219 properties:
14220 exec:
14221 description: Exec specifies the action to take.
14222 properties:
14223 command:
14224 description: Command is the command line to execute inside the container, the working directo
14225 items:
14226 type: string
14227 type: array
14228 type: object
14229 failureThreshold:
14230 description: 'Minimum consecutive failures for the probe to be considered failed after having '
14231 format: int32
14232 type: integer
14233 grpc:
14234 description: GRPC specifies an action involving a GRPC port.
14235 properties:
14236 port:
14237 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
14238 format: int32
14239 type: integer
14240 service:
14241 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
14242 type: string
14243 required:
14244 - port
14245 type: object
14246 httpGet:
14247 description: HTTPGet specifies the http request to perform.
14248 properties:
14249 host:
14250 description: Host name to connect to, defaults to the pod IP.
14251 type: string
14252 httpHeaders:
14253 description: Custom headers to set in the request. HTTP allows repeated headers.
14254 items:
14255 description: HTTPHeader describes a custom header to be used in HTTP probes
14256 properties:
14257 name:
14258 description: The header field name
14259 type: string
14260 value:
14261 description: The header field value
14262 type: string
14263 required:
14264 - name
14265 - value
14266 type: object
14267 type: array
14268 path:
14269 description: Path to access on the HTTP server.
14270 type: string
14271 port:
14272 anyOf:
14273 - type: integer
14274 - type: string
14275 description: Name or number of the port to access on the container.
14276 x-kubernetes-int-or-string: true
14277 scheme:
14278 description: Scheme to use for connecting to the host. Defaults to HTTP.
14279 type: string
14280 required:
14281 - port
14282 type: object
14283 initialDelaySeconds:
14284 description: Number of seconds after the container has started before liveness probes are ini
14285 format: int32
14286 type: integer
14287 periodSeconds:
14288 description: How often (in seconds) to perform the probe. Default to 10 seconds.
14289 format: int32
14290 type: integer
14291 successThreshold:
14292 description: Minimum consecutive successes for the probe to be considered successful after ha
14293 format: int32
14294 type: integer
14295 tcpSocket:
14296 description: TCPSocket specifies an action involving a TCP port.
14297 properties:
14298 host:
14299 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14300 type: string
14301 port:
14302 anyOf:
14303 - type: integer
14304 - type: string
14305 description: Number or name of the port to access on the container.
14306 x-kubernetes-int-or-string: true
14307 required:
14308 - port
14309 type: object
14310 terminationGracePeriodSeconds:
14311 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
14312 format: int64
14313 type: integer
14314 timeoutSeconds:
14315 description: Number of seconds after which the probe times out. Defaults to 1 second.
14316 format: int32
14317 type: integer
14318 type: object
14319 resources:
14320 description: Compute Resources required by this container. Cannot be updated.
14321 properties:
14322 limits:
14323 additionalProperties:
14324 anyOf:
14325 - type: integer
14326 - type: string
14327 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14328 x-kubernetes-int-or-string: true
14329 description: Limits describes the maximum amount of compute resources allowed.
14330 type: object
14331 requests:
14332 additionalProperties:
14333 anyOf:
14334 - type: integer
14335 - type: string
14336 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14337 x-kubernetes-int-or-string: true
14338 description: Requests describes the minimum amount of compute resources required.
14339 type: object
14340 type: object
14341 securityContext:
14342 description: SecurityContext defines the security options the container should be run with.
14343 properties:
14344 allowPrivilegeEscalation:
14345 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
14346 type: boolean
14347 capabilities:
14348 description: The capabilities to add/drop when running containers.
14349 properties:
14350 add:
14351 description: Added capabilities
14352 items:
14353 description: Capability represent POSIX capabilities type
14354 type: string
14355 type: array
14356 drop:
14357 description: Removed capabilities
14358 items:
14359 description: Capability represent POSIX capabilities type
14360 type: string
14361 type: array
14362 type: object
14363 privileged:
14364 description: Run container in privileged mode.
14365 type: boolean
14366 procMount:
14367 description: procMount denotes the type of proc mount to use for the containers.
14368 type: string
14369 readOnlyRootFilesystem:
14370 description: Whether this container has a read-only root filesystem. Default is false.
14371 type: boolean
14372 runAsGroup:
14373 description: The GID to run the entrypoint of the container process.
14374 format: int64
14375 type: integer
14376 runAsNonRoot:
14377 description: Indicates that the container must run as a non-root user.
14378 type: boolean
14379 runAsUser:
14380 description: The UID to run the entrypoint of the container process.
14381 format: int64
14382 type: integer
14383 seLinuxOptions:
14384 description: The SELinux context to be applied to the container.
14385 properties:
14386 level:
14387 description: Level is SELinux level label that applies to the container.
14388 type: string
14389 role:
14390 description: Role is a SELinux role label that applies to the container.
14391 type: string
14392 type:
14393 description: Type is a SELinux type label that applies to the container.
14394 type: string
14395 user:
14396 description: User is a SELinux user label that applies to the container.
14397 type: string
14398 type: object
14399 seccompProfile:
14400 description: The seccomp options to use by this container.
14401 properties:
14402 localhostProfile:
14403 description: localhostProfile indicates a profile defined in a file on the node should be use
14404 type: string
14405 type:
14406 description: type indicates which kind of seccomp profile will be applied.
14407 type: string
14408 required:
14409 - type
14410 type: object
14411 windowsOptions:
14412 description: The Windows specific settings applied to all containers.
14413 properties:
14414 gmsaCredentialSpec:
14415 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
14416 type: string
14417 gmsaCredentialSpecName:
14418 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
14419 type: string
14420 hostProcess:
14421 description: HostProcess determines if a container should be run as a 'Host Process' containe
14422 type: boolean
14423 runAsUserName:
14424 description: The UserName in Windows to run the entrypoint of the container process.
14425 type: string
14426 type: object
14427 type: object
14428 startupProbe:
14429 description: StartupProbe indicates that the Pod has successfully initialized.
14430 properties:
14431 exec:
14432 description: Exec specifies the action to take.
14433 properties:
14434 command:
14435 description: Command is the command line to execute inside the container, the working directo
14436 items:
14437 type: string
14438 type: array
14439 type: object
14440 failureThreshold:
14441 description: 'Minimum consecutive failures for the probe to be considered failed after having '
14442 format: int32
14443 type: integer
14444 grpc:
14445 description: GRPC specifies an action involving a GRPC port.
14446 properties:
14447 port:
14448 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
14449 format: int32
14450 type: integer
14451 service:
14452 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
14453 type: string
14454 required:
14455 - port
14456 type: object
14457 httpGet:
14458 description: HTTPGet specifies the http request to perform.
14459 properties:
14460 host:
14461 description: Host name to connect to, defaults to the pod IP.
14462 type: string
14463 httpHeaders:
14464 description: Custom headers to set in the request. HTTP allows repeated headers.
14465 items:
14466 description: HTTPHeader describes a custom header to be used in HTTP probes
14467 properties:
14468 name:
14469 description: The header field name
14470 type: string
14471 value:
14472 description: The header field value
14473 type: string
14474 required:
14475 - name
14476 - value
14477 type: object
14478 type: array
14479 path:
14480 description: Path to access on the HTTP server.
14481 type: string
14482 port:
14483 anyOf:
14484 - type: integer
14485 - type: string
14486 description: Name or number of the port to access on the container.
14487 x-kubernetes-int-or-string: true
14488 scheme:
14489 description: Scheme to use for connecting to the host. Defaults to HTTP.
14490 type: string
14491 required:
14492 - port
14493 type: object
14494 initialDelaySeconds:
14495 description: Number of seconds after the container has started before liveness probes are ini
14496 format: int32
14497 type: integer
14498 periodSeconds:
14499 description: How often (in seconds) to perform the probe. Default to 10 seconds.
14500 format: int32
14501 type: integer
14502 successThreshold:
14503 description: Minimum consecutive successes for the probe to be considered successful after ha
14504 format: int32
14505 type: integer
14506 tcpSocket:
14507 description: TCPSocket specifies an action involving a TCP port.
14508 properties:
14509 host:
14510 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14511 type: string
14512 port:
14513 anyOf:
14514 - type: integer
14515 - type: string
14516 description: Number or name of the port to access on the container.
14517 x-kubernetes-int-or-string: true
14518 required:
14519 - port
14520 type: object
14521 terminationGracePeriodSeconds:
14522 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
14523 format: int64
14524 type: integer
14525 timeoutSeconds:
14526 description: Number of seconds after which the probe times out. Defaults to 1 second.
14527 format: int32
14528 type: integer
14529 type: object
14530 stdin:
14531 description: Whether this container should allocate a buffer for stdin in the container runti
14532 type: boolean
14533 stdinOnce:
14534 description: Whether the container runtime should close the stdin channel after it has been o
14535 type: boolean
14536 terminationMessagePath:
14537 description: 'Optional: Path at which the file to which the container''s termination message wi'
14538 type: string
14539 terminationMessagePolicy:
14540 description: Indicate how the termination message should be populated.
14541 type: string
14542 tty:
14543 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
14544 type: boolean
14545 volumeDevices:
14546 description: volumeDevices is the list of block devices to be used by the container.
14547 items:
14548 description: volumeDevice describes a mapping of a raw block device within a container.
14549 properties:
14550 devicePath:
14551 description: devicePath is the path inside of the container that the device will be mapped to
14552 type: string
14553 name:
14554 description: name must match the name of a persistentVolumeClaim in the pod
14555 type: string
14556 required:
14557 - devicePath
14558 - name
14559 type: object
14560 type: array
14561 volumeMounts:
14562 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
14563 items:
14564 description: VolumeMount describes a mounting of a Volume within a container.
14565 properties:
14566 mountPath:
14567 description: Path within the container at which the volume should be mounted.
14568 type: string
14569 mountPropagation:
14570 description: mountPropagation determines how mounts are propagated from the host to container
14571 type: string
14572 name:
14573 description: This must match the Name of a Volume.
14574 type: string
14575 readOnly:
14576 description: Mounted read-only if true, read-write otherwise (false or unspecified).
14577 type: boolean
14578 subPath:
14579 description: Path within the volume from which the container's volume should be mounted.
14580 type: string
14581 subPathExpr:
14582 description: Expanded path within the volume from which the container's volume should be moun
14583 type: string
14584 required:
14585 - mountPath
14586 - name
14587 type: object
14588 type: array
14589 workingDir:
14590 description: Container's working directory.
14591 type: string
14592 required:
14593 - name
14594 type: object
14595 type: array
14596 dnsConfig:
14597 description: Specifies the DNS parameters of a pod.
14598 properties:
14599 nameservers:
14600 description: A list of DNS name server IP addresses.
14601 items:
14602 type: string
14603 type: array
14604 options:
14605 description: A list of DNS resolver options.
14606 items:
14607 description: PodDNSConfigOption defines DNS resolver options of a pod.
14608 properties:
14609 name:
14610 description: Required.
14611 type: string
14612 value:
14613 type: string
14614 type: object
14615 type: array
14616 searches:
14617 description: A list of DNS search domains for host-name lookup.
14618 items:
14619 type: string
14620 type: array
14621 type: object
14622 dnsPolicy:
14623 description: Set DNS policy for the pod. Defaults to "ClusterFirst".
14624 type: string
14625 enableServiceLinks:
14626 description: EnableServiceLinks indicates whether information about services should be inject
14627 type: boolean
14628 ephemeralContainers:
14629 description: List of ephemeral containers run in this pod.
14630 items:
14631 description: An EphemeralContainer is a temporary container that you may add to an existing P
14632 properties:
14633 args:
14634 description: Arguments to the entrypoint.
14635 items:
14636 type: string
14637 type: array
14638 command:
14639 description: Entrypoint array. Not executed within a shell.
14640 items:
14641 type: string
14642 type: array
14643 env:
14644 description: List of environment variables to set in the container. Cannot be updated.
14645 items:
14646 description: EnvVar represents an environment variable present in a Container.
14647 properties:
14648 name:
14649 description: Name of the environment variable. Must be a C_IDENTIFIER.
14650 type: string
14651 value:
14652 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
14653 type: string
14654 valueFrom:
14655 description: Source for the environment variable's value.
14656 properties:
14657 configMapKeyRef:
14658 description: Selects a key of a ConfigMap.
14659 properties:
14660 key:
14661 description: The key to select.
14662 type: string
14663 name:
14664 description: 'Name of the referent. More info: https://kubernetes.'
14665 type: string
14666 optional:
14667 description: Specify whether the ConfigMap or its key must be defined
14668 type: boolean
14669 required:
14670 - key
14671 type: object
14672 x-kubernetes-map-type: atomic
14673 fieldRef:
14674 description: 'Selects a field of the pod: supports metadata.name, metadata.'
14675 properties:
14676 apiVersion:
14677 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
14678 type: string
14679 fieldPath:
14680 description: Path of the field to select in the specified API version.
14681 type: string
14682 required:
14683 - fieldPath
14684 type: object
14685 x-kubernetes-map-type: atomic
14686 resourceFieldRef:
14687 description: 'Selects a resource of the container: only resources limits and requests (limits.'
14688 properties:
14689 containerName:
14690 description: 'Container name: required for volumes, optional for env vars'
14691 type: string
14692 divisor:
14693 anyOf:
14694 - type: integer
14695 - type: string
14696 description: Specifies the output format of the exposed resources, defaults to "1"
14697 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14698 x-kubernetes-int-or-string: true
14699 resource:
14700 description: 'Required: resource to select'
14701 type: string
14702 required:
14703 - resource
14704 type: object
14705 x-kubernetes-map-type: atomic
14706 secretKeyRef:
14707 description: Selects a key of a secret in the pod's namespace
14708 properties:
14709 key:
14710 description: The key of the secret to select from. Must be a valid secret key.
14711 type: string
14712 name:
14713 description: 'Name of the referent. More info: https://kubernetes.'
14714 type: string
14715 optional:
14716 description: Specify whether the Secret or its key must be defined
14717 type: boolean
14718 required:
14719 - key
14720 type: object
14721 x-kubernetes-map-type: atomic
14722 type: object
14723 required:
14724 - name
14725 type: object
14726 type: array
14727 envFrom:
14728 description: List of sources to populate environment variables in the container.
14729 items:
14730 description: EnvFromSource represents the source of a set of ConfigMaps
14731 properties:
14732 configMapRef:
14733 description: The ConfigMap to select from
14734 properties:
14735 name:
14736 description: 'Name of the referent. More info: https://kubernetes.'
14737 type: string
14738 optional:
14739 description: Specify whether the ConfigMap must be defined
14740 type: boolean
14741 type: object
14742 x-kubernetes-map-type: atomic
14743 prefix:
14744 description: An optional identifier to prepend to each key in the ConfigMap.
14745 type: string
14746 secretRef:
14747 description: The Secret to select from
14748 properties:
14749 name:
14750 description: 'Name of the referent. More info: https://kubernetes.'
14751 type: string
14752 optional:
14753 description: Specify whether the Secret must be defined
14754 type: boolean
14755 type: object
14756 x-kubernetes-map-type: atomic
14757 type: object
14758 type: array
14759 image:
14760 description: 'Docker image name. More info: https://kubernetes.'
14761 type: string
14762 imagePullPolicy:
14763 description: Image pull policy. One of Always, Never, IfNotPresent.
14764 type: string
14765 lifecycle:
14766 description: Lifecycle is not allowed for ephemeral containers.
14767 properties:
14768 postStart:
14769 description: PostStart is called immediately after a container is created.
14770 properties:
14771 exec:
14772 description: Exec specifies the action to take.
14773 properties:
14774 command:
14775 description: Command is the command line to execute inside the container, the working directo
14776 items:
14777 type: string
14778 type: array
14779 type: object
14780 httpGet:
14781 description: HTTPGet specifies the http request to perform.
14782 properties:
14783 host:
14784 description: Host name to connect to, defaults to the pod IP.
14785 type: string
14786 httpHeaders:
14787 description: Custom headers to set in the request. HTTP allows repeated headers.
14788 items:
14789 description: HTTPHeader describes a custom header to be used in HTTP probes
14790 properties:
14791 name:
14792 description: The header field name
14793 type: string
14794 value:
14795 description: The header field value
14796 type: string
14797 required:
14798 - name
14799 - value
14800 type: object
14801 type: array
14802 path:
14803 description: Path to access on the HTTP server.
14804 type: string
14805 port:
14806 anyOf:
14807 - type: integer
14808 - type: string
14809 description: Name or number of the port to access on the container.
14810 x-kubernetes-int-or-string: true
14811 scheme:
14812 description: Scheme to use for connecting to the host. Defaults to HTTP.
14813 type: string
14814 required:
14815 - port
14816 type: object
14817 tcpSocket:
14818 description: Deprecated.
14819 properties:
14820 host:
14821 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14822 type: string
14823 port:
14824 anyOf:
14825 - type: integer
14826 - type: string
14827 description: Number or name of the port to access on the container.
14828 x-kubernetes-int-or-string: true
14829 required:
14830 - port
14831 type: object
14832 type: object
14833 preStop:
14834 description: PreStop is called immediately before a container is terminated due to an API req
14835 properties:
14836 exec:
14837 description: Exec specifies the action to take.
14838 properties:
14839 command:
14840 description: Command is the command line to execute inside the container, the working directo
14841 items:
14842 type: string
14843 type: array
14844 type: object
14845 httpGet:
14846 description: HTTPGet specifies the http request to perform.
14847 properties:
14848 host:
14849 description: Host name to connect to, defaults to the pod IP.
14850 type: string
14851 httpHeaders:
14852 description: Custom headers to set in the request. HTTP allows repeated headers.
14853 items:
14854 description: HTTPHeader describes a custom header to be used in HTTP probes
14855 properties:
14856 name:
14857 description: The header field name
14858 type: string
14859 value:
14860 description: The header field value
14861 type: string
14862 required:
14863 - name
14864 - value
14865 type: object
14866 type: array
14867 path:
14868 description: Path to access on the HTTP server.
14869 type: string
14870 port:
14871 anyOf:
14872 - type: integer
14873 - type: string
14874 description: Name or number of the port to access on the container.
14875 x-kubernetes-int-or-string: true
14876 scheme:
14877 description: Scheme to use for connecting to the host. Defaults to HTTP.
14878 type: string
14879 required:
14880 - port
14881 type: object
14882 tcpSocket:
14883 description: Deprecated.
14884 properties:
14885 host:
14886 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14887 type: string
14888 port:
14889 anyOf:
14890 - type: integer
14891 - type: string
14892 description: Number or name of the port to access on the container.
14893 x-kubernetes-int-or-string: true
14894 required:
14895 - port
14896 type: object
14897 type: object
14898 type: object
14899 livenessProbe:
14900 description: Probes are not allowed for ephemeral containers.
14901 properties:
14902 exec:
14903 description: Exec specifies the action to take.
14904 properties:
14905 command:
14906 description: Command is the command line to execute inside the container, the working directo
14907 items:
14908 type: string
14909 type: array
14910 type: object
14911 failureThreshold:
14912 description: 'Minimum consecutive failures for the probe to be considered failed after having '
14913 format: int32
14914 type: integer
14915 grpc:
14916 description: GRPC specifies an action involving a GRPC port.
14917 properties:
14918 port:
14919 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
14920 format: int32
14921 type: integer
14922 service:
14923 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
14924 type: string
14925 required:
14926 - port
14927 type: object
14928 httpGet:
14929 description: HTTPGet specifies the http request to perform.
14930 properties:
14931 host:
14932 description: Host name to connect to, defaults to the pod IP.
14933 type: string
14934 httpHeaders:
14935 description: Custom headers to set in the request. HTTP allows repeated headers.
14936 items:
14937 description: HTTPHeader describes a custom header to be used in HTTP probes
14938 properties:
14939 name:
14940 description: The header field name
14941 type: string
14942 value:
14943 description: The header field value
14944 type: string
14945 required:
14946 - name
14947 - value
14948 type: object
14949 type: array
14950 path:
14951 description: Path to access on the HTTP server.
14952 type: string
14953 port:
14954 anyOf:
14955 - type: integer
14956 - type: string
14957 description: Name or number of the port to access on the container.
14958 x-kubernetes-int-or-string: true
14959 scheme:
14960 description: Scheme to use for connecting to the host. Defaults to HTTP.
14961 type: string
14962 required:
14963 - port
14964 type: object
14965 initialDelaySeconds:
14966 description: Number of seconds after the container has started before liveness probes are ini
14967 format: int32
14968 type: integer
14969 periodSeconds:
14970 description: How often (in seconds) to perform the probe. Default to 10 seconds.
14971 format: int32
14972 type: integer
14973 successThreshold:
14974 description: Minimum consecutive successes for the probe to be considered successful after ha
14975 format: int32
14976 type: integer
14977 tcpSocket:
14978 description: TCPSocket specifies an action involving a TCP port.
14979 properties:
14980 host:
14981 description: 'Optional: Host name to connect to, defaults to the pod IP.'
14982 type: string
14983 port:
14984 anyOf:
14985 - type: integer
14986 - type: string
14987 description: Number or name of the port to access on the container.
14988 x-kubernetes-int-or-string: true
14989 required:
14990 - port
14991 type: object
14992 terminationGracePeriodSeconds:
14993 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
14994 format: int64
14995 type: integer
14996 timeoutSeconds:
14997 description: Number of seconds after which the probe times out. Defaults to 1 second.
14998 format: int32
14999 type: integer
15000 type: object
15001 name:
15002 description: Name of the ephemeral container specified as a DNS_LABEL.
15003 type: string
15004 ports:
15005 description: Ports are not allowed for ephemeral containers.
15006 items:
15007 description: ContainerPort represents a network port in a single container.
15008 properties:
15009 containerPort:
15010 description: Number of port to expose on the pod's IP address.
15011 format: int32
15012 type: integer
15013 hostIP:
15014 description: What host IP to bind the external port to.
15015 type: string
15016 hostPort:
15017 description: Number of port to expose on the host.
15018 format: int32
15019 type: integer
15020 name:
15021 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
15022 type: string
15023 protocol:
15024 default: TCP
15025 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
15026 type: string
15027 required:
15028 - containerPort
15029 type: object
15030 type: array
15031 x-kubernetes-list-map-keys:
15032 - containerPort
15033 - protocol
15034 x-kubernetes-list-type: map
15035 readinessProbe:
15036 description: Probes are not allowed for ephemeral containers.
15037 properties:
15038 exec:
15039 description: Exec specifies the action to take.
15040 properties:
15041 command:
15042 description: Command is the command line to execute inside the container, the working directo
15043 items:
15044 type: string
15045 type: array
15046 type: object
15047 failureThreshold:
15048 description: 'Minimum consecutive failures for the probe to be considered failed after having '
15049 format: int32
15050 type: integer
15051 grpc:
15052 description: GRPC specifies an action involving a GRPC port.
15053 properties:
15054 port:
15055 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15056 format: int32
15057 type: integer
15058 service:
15059 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
15060 type: string
15061 required:
15062 - port
15063 type: object
15064 httpGet:
15065 description: HTTPGet specifies the http request to perform.
15066 properties:
15067 host:
15068 description: Host name to connect to, defaults to the pod IP.
15069 type: string
15070 httpHeaders:
15071 description: Custom headers to set in the request. HTTP allows repeated headers.
15072 items:
15073 description: HTTPHeader describes a custom header to be used in HTTP probes
15074 properties:
15075 name:
15076 description: The header field name
15077 type: string
15078 value:
15079 description: The header field value
15080 type: string
15081 required:
15082 - name
15083 - value
15084 type: object
15085 type: array
15086 path:
15087 description: Path to access on the HTTP server.
15088 type: string
15089 port:
15090 anyOf:
15091 - type: integer
15092 - type: string
15093 description: Name or number of the port to access on the container.
15094 x-kubernetes-int-or-string: true
15095 scheme:
15096 description: Scheme to use for connecting to the host. Defaults to HTTP.
15097 type: string
15098 required:
15099 - port
15100 type: object
15101 initialDelaySeconds:
15102 description: Number of seconds after the container has started before liveness probes are ini
15103 format: int32
15104 type: integer
15105 periodSeconds:
15106 description: How often (in seconds) to perform the probe. Default to 10 seconds.
15107 format: int32
15108 type: integer
15109 successThreshold:
15110 description: Minimum consecutive successes for the probe to be considered successful after ha
15111 format: int32
15112 type: integer
15113 tcpSocket:
15114 description: TCPSocket specifies an action involving a TCP port.
15115 properties:
15116 host:
15117 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15118 type: string
15119 port:
15120 anyOf:
15121 - type: integer
15122 - type: string
15123 description: Number or name of the port to access on the container.
15124 x-kubernetes-int-or-string: true
15125 required:
15126 - port
15127 type: object
15128 terminationGracePeriodSeconds:
15129 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
15130 format: int64
15131 type: integer
15132 timeoutSeconds:
15133 description: Number of seconds after which the probe times out. Defaults to 1 second.
15134 format: int32
15135 type: integer
15136 type: object
15137 resources:
15138 description: Resources are not allowed for ephemeral containers.
15139 properties:
15140 limits:
15141 additionalProperties:
15142 anyOf:
15143 - type: integer
15144 - type: string
15145 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15146 x-kubernetes-int-or-string: true
15147 description: Limits describes the maximum amount of compute resources allowed.
15148 type: object
15149 requests:
15150 additionalProperties:
15151 anyOf:
15152 - type: integer
15153 - type: string
15154 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15155 x-kubernetes-int-or-string: true
15156 description: Requests describes the minimum amount of compute resources required.
15157 type: object
15158 type: object
15159 securityContext:
15160 description: 'Optional: SecurityContext defines the security options the ephemeral container s'
15161 properties:
15162 allowPrivilegeEscalation:
15163 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
15164 type: boolean
15165 capabilities:
15166 description: The capabilities to add/drop when running containers.
15167 properties:
15168 add:
15169 description: Added capabilities
15170 items:
15171 description: Capability represent POSIX capabilities type
15172 type: string
15173 type: array
15174 drop:
15175 description: Removed capabilities
15176 items:
15177 description: Capability represent POSIX capabilities type
15178 type: string
15179 type: array
15180 type: object
15181 privileged:
15182 description: Run container in privileged mode.
15183 type: boolean
15184 procMount:
15185 description: procMount denotes the type of proc mount to use for the containers.
15186 type: string
15187 readOnlyRootFilesystem:
15188 description: Whether this container has a read-only root filesystem. Default is false.
15189 type: boolean
15190 runAsGroup:
15191 description: The GID to run the entrypoint of the container process.
15192 format: int64
15193 type: integer
15194 runAsNonRoot:
15195 description: Indicates that the container must run as a non-root user.
15196 type: boolean
15197 runAsUser:
15198 description: The UID to run the entrypoint of the container process.
15199 format: int64
15200 type: integer
15201 seLinuxOptions:
15202 description: The SELinux context to be applied to the container.
15203 properties:
15204 level:
15205 description: Level is SELinux level label that applies to the container.
15206 type: string
15207 role:
15208 description: Role is a SELinux role label that applies to the container.
15209 type: string
15210 type:
15211 description: Type is a SELinux type label that applies to the container.
15212 type: string
15213 user:
15214 description: User is a SELinux user label that applies to the container.
15215 type: string
15216 type: object
15217 seccompProfile:
15218 description: The seccomp options to use by this container.
15219 properties:
15220 localhostProfile:
15221 description: localhostProfile indicates a profile defined in a file on the node should be use
15222 type: string
15223 type:
15224 description: type indicates which kind of seccomp profile will be applied.
15225 type: string
15226 required:
15227 - type
15228 type: object
15229 windowsOptions:
15230 description: The Windows specific settings applied to all containers.
15231 properties:
15232 gmsaCredentialSpec:
15233 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
15234 type: string
15235 gmsaCredentialSpecName:
15236 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
15237 type: string
15238 hostProcess:
15239 description: HostProcess determines if a container should be run as a 'Host Process' containe
15240 type: boolean
15241 runAsUserName:
15242 description: The UserName in Windows to run the entrypoint of the container process.
15243 type: string
15244 type: object
15245 type: object
15246 startupProbe:
15247 description: Probes are not allowed for ephemeral containers.
15248 properties:
15249 exec:
15250 description: Exec specifies the action to take.
15251 properties:
15252 command:
15253 description: Command is the command line to execute inside the container, the working directo
15254 items:
15255 type: string
15256 type: array
15257 type: object
15258 failureThreshold:
15259 description: 'Minimum consecutive failures for the probe to be considered failed after having '
15260 format: int32
15261 type: integer
15262 grpc:
15263 description: GRPC specifies an action involving a GRPC port.
15264 properties:
15265 port:
15266 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15267 format: int32
15268 type: integer
15269 service:
15270 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
15271 type: string
15272 required:
15273 - port
15274 type: object
15275 httpGet:
15276 description: HTTPGet specifies the http request to perform.
15277 properties:
15278 host:
15279 description: Host name to connect to, defaults to the pod IP.
15280 type: string
15281 httpHeaders:
15282 description: Custom headers to set in the request. HTTP allows repeated headers.
15283 items:
15284 description: HTTPHeader describes a custom header to be used in HTTP probes
15285 properties:
15286 name:
15287 description: The header field name
15288 type: string
15289 value:
15290 description: The header field value
15291 type: string
15292 required:
15293 - name
15294 - value
15295 type: object
15296 type: array
15297 path:
15298 description: Path to access on the HTTP server.
15299 type: string
15300 port:
15301 anyOf:
15302 - type: integer
15303 - type: string
15304 description: Name or number of the port to access on the container.
15305 x-kubernetes-int-or-string: true
15306 scheme:
15307 description: Scheme to use for connecting to the host. Defaults to HTTP.
15308 type: string
15309 required:
15310 - port
15311 type: object
15312 initialDelaySeconds:
15313 description: Number of seconds after the container has started before liveness probes are ini
15314 format: int32
15315 type: integer
15316 periodSeconds:
15317 description: How often (in seconds) to perform the probe. Default to 10 seconds.
15318 format: int32
15319 type: integer
15320 successThreshold:
15321 description: Minimum consecutive successes for the probe to be considered successful after ha
15322 format: int32
15323 type: integer
15324 tcpSocket:
15325 description: TCPSocket specifies an action involving a TCP port.
15326 properties:
15327 host:
15328 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15329 type: string
15330 port:
15331 anyOf:
15332 - type: integer
15333 - type: string
15334 description: Number or name of the port to access on the container.
15335 x-kubernetes-int-or-string: true
15336 required:
15337 - port
15338 type: object
15339 terminationGracePeriodSeconds:
15340 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
15341 format: int64
15342 type: integer
15343 timeoutSeconds:
15344 description: Number of seconds after which the probe times out. Defaults to 1 second.
15345 format: int32
15346 type: integer
15347 type: object
15348 stdin:
15349 description: Whether this container should allocate a buffer for stdin in the container runti
15350 type: boolean
15351 stdinOnce:
15352 description: Whether the container runtime should close the stdin channel after it has been o
15353 type: boolean
15354 targetContainerName:
15355 description: If set, the name of the container from PodSpec that this ephemeral container tar
15356 type: string
15357 terminationMessagePath:
15358 description: 'Optional: Path at which the file to which the container''s termination message wi'
15359 type: string
15360 terminationMessagePolicy:
15361 description: Indicate how the termination message should be populated.
15362 type: string
15363 tty:
15364 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
15365 type: boolean
15366 volumeDevices:
15367 description: volumeDevices is the list of block devices to be used by the container.
15368 items:
15369 description: volumeDevice describes a mapping of a raw block device within a container.
15370 properties:
15371 devicePath:
15372 description: devicePath is the path inside of the container that the device will be mapped to
15373 type: string
15374 name:
15375 description: name must match the name of a persistentVolumeClaim in the pod
15376 type: string
15377 required:
15378 - devicePath
15379 - name
15380 type: object
15381 type: array
15382 volumeMounts:
15383 description: Pod volumes to mount into the container's filesystem.
15384 items:
15385 description: VolumeMount describes a mounting of a Volume within a container.
15386 properties:
15387 mountPath:
15388 description: Path within the container at which the volume should be mounted.
15389 type: string
15390 mountPropagation:
15391 description: mountPropagation determines how mounts are propagated from the host to container
15392 type: string
15393 name:
15394 description: This must match the Name of a Volume.
15395 type: string
15396 readOnly:
15397 description: Mounted read-only if true, read-write otherwise (false or unspecified).
15398 type: boolean
15399 subPath:
15400 description: Path within the volume from which the container's volume should be mounted.
15401 type: string
15402 subPathExpr:
15403 description: Expanded path within the volume from which the container's volume should be moun
15404 type: string
15405 required:
15406 - mountPath
15407 - name
15408 type: object
15409 type: array
15410 workingDir:
15411 description: Container's working directory.
15412 type: string
15413 required:
15414 - name
15415 type: object
15416 type: array
15417 hostAliases:
15418 description: 'HostAliases is an optional list of hosts and IPs that will be injected into the '
15419 items:
15420 description: HostAlias holds the mapping between IP and hostnames that will be injected as an
15421 properties:
15422 hostnames:
15423 description: Hostnames for the above IP address.
15424 items:
15425 type: string
15426 type: array
15427 ip:
15428 description: IP address of the host file entry.
15429 type: string
15430 type: object
15431 type: array
15432 hostIPC:
15433 description: 'Use the host''s ipc namespace. Optional: Default to false.'
15434 type: boolean
15435 hostNetwork:
15436 description: Host networking requested for this pod. Use the host's network namespace.
15437 type: boolean
15438 hostPID:
15439 description: 'Use the host''s pid namespace. Optional: Default to false.'
15440 type: boolean
15441 hostname:
15442 description: Specifies the hostname of the Pod If not specified, the pod's hostname will be s
15443 type: string
15444 imagePullSecrets:
15445 description: ImagePullSecrets is an optional list of references to secrets in the same namesp
15446 items:
15447 description: LocalObjectReference contains enough information to let you locate the reference
15448 properties:
15449 name:
15450 description: 'Name of the referent. More info: https://kubernetes.'
15451 type: string
15452 type: object
15453 x-kubernetes-map-type: atomic
15454 type: array
15455 initContainers:
15456 description: List of initialization containers belonging to the pod.
15457 items:
15458 description: A single application container that you want to run within a pod.
15459 properties:
15460 args:
15461 description: Arguments to the entrypoint.
15462 items:
15463 type: string
15464 type: array
15465 command:
15466 description: Entrypoint array. Not executed within a shell.
15467 items:
15468 type: string
15469 type: array
15470 env:
15471 description: List of environment variables to set in the container. Cannot be updated.
15472 items:
15473 description: EnvVar represents an environment variable present in a Container.
15474 properties:
15475 name:
15476 description: Name of the environment variable. Must be a C_IDENTIFIER.
15477 type: string
15478 value:
15479 description: Variable references $(VAR_NAME) are expanded using the previously defined enviro
15480 type: string
15481 valueFrom:
15482 description: Source for the environment variable's value.
15483 properties:
15484 configMapKeyRef:
15485 description: Selects a key of a ConfigMap.
15486 properties:
15487 key:
15488 description: The key to select.
15489 type: string
15490 name:
15491 description: 'Name of the referent. More info: https://kubernetes.'
15492 type: string
15493 optional:
15494 description: Specify whether the ConfigMap or its key must be defined
15495 type: boolean
15496 required:
15497 - key
15498 type: object
15499 x-kubernetes-map-type: atomic
15500 fieldRef:
15501 description: 'Selects a field of the pod: supports metadata.name, metadata.'
15502 properties:
15503 apiVersion:
15504 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
15505 type: string
15506 fieldPath:
15507 description: Path of the field to select in the specified API version.
15508 type: string
15509 required:
15510 - fieldPath
15511 type: object
15512 x-kubernetes-map-type: atomic
15513 resourceFieldRef:
15514 description: 'Selects a resource of the container: only resources limits and requests (limits.'
15515 properties:
15516 containerName:
15517 description: 'Container name: required for volumes, optional for env vars'
15518 type: string
15519 divisor:
15520 anyOf:
15521 - type: integer
15522 - type: string
15523 description: Specifies the output format of the exposed resources, defaults to "1"
15524 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15525 x-kubernetes-int-or-string: true
15526 resource:
15527 description: 'Required: resource to select'
15528 type: string
15529 required:
15530 - resource
15531 type: object
15532 x-kubernetes-map-type: atomic
15533 secretKeyRef:
15534 description: Selects a key of a secret in the pod's namespace
15535 properties:
15536 key:
15537 description: The key of the secret to select from. Must be a valid secret key.
15538 type: string
15539 name:
15540 description: 'Name of the referent. More info: https://kubernetes.'
15541 type: string
15542 optional:
15543 description: Specify whether the Secret or its key must be defined
15544 type: boolean
15545 required:
15546 - key
15547 type: object
15548 x-kubernetes-map-type: atomic
15549 type: object
15550 required:
15551 - name
15552 type: object
15553 type: array
15554 envFrom:
15555 description: List of sources to populate environment variables in the container.
15556 items:
15557 description: EnvFromSource represents the source of a set of ConfigMaps
15558 properties:
15559 configMapRef:
15560 description: The ConfigMap to select from
15561 properties:
15562 name:
15563 description: 'Name of the referent. More info: https://kubernetes.'
15564 type: string
15565 optional:
15566 description: Specify whether the ConfigMap must be defined
15567 type: boolean
15568 type: object
15569 x-kubernetes-map-type: atomic
15570 prefix:
15571 description: An optional identifier to prepend to each key in the ConfigMap.
15572 type: string
15573 secretRef:
15574 description: The Secret to select from
15575 properties:
15576 name:
15577 description: 'Name of the referent. More info: https://kubernetes.'
15578 type: string
15579 optional:
15580 description: Specify whether the Secret must be defined
15581 type: boolean
15582 type: object
15583 x-kubernetes-map-type: atomic
15584 type: object
15585 type: array
15586 image:
15587 description: 'Docker image name. More info: https://kubernetes.'
15588 type: string
15589 imagePullPolicy:
15590 description: Image pull policy. One of Always, Never, IfNotPresent.
15591 type: string
15592 lifecycle:
15593 description: Actions that the management system should take in response to container lifecycl
15594 properties:
15595 postStart:
15596 description: PostStart is called immediately after a container is created.
15597 properties:
15598 exec:
15599 description: Exec specifies the action to take.
15600 properties:
15601 command:
15602 description: Command is the command line to execute inside the container, the working directo
15603 items:
15604 type: string
15605 type: array
15606 type: object
15607 httpGet:
15608 description: HTTPGet specifies the http request to perform.
15609 properties:
15610 host:
15611 description: Host name to connect to, defaults to the pod IP.
15612 type: string
15613 httpHeaders:
15614 description: Custom headers to set in the request. HTTP allows repeated headers.
15615 items:
15616 description: HTTPHeader describes a custom header to be used in HTTP probes
15617 properties:
15618 name:
15619 description: The header field name
15620 type: string
15621 value:
15622 description: The header field value
15623 type: string
15624 required:
15625 - name
15626 - value
15627 type: object
15628 type: array
15629 path:
15630 description: Path to access on the HTTP server.
15631 type: string
15632 port:
15633 anyOf:
15634 - type: integer
15635 - type: string
15636 description: Name or number of the port to access on the container.
15637 x-kubernetes-int-or-string: true
15638 scheme:
15639 description: Scheme to use for connecting to the host. Defaults to HTTP.
15640 type: string
15641 required:
15642 - port
15643 type: object
15644 tcpSocket:
15645 description: Deprecated.
15646 properties:
15647 host:
15648 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15649 type: string
15650 port:
15651 anyOf:
15652 - type: integer
15653 - type: string
15654 description: Number or name of the port to access on the container.
15655 x-kubernetes-int-or-string: true
15656 required:
15657 - port
15658 type: object
15659 type: object
15660 preStop:
15661 description: PreStop is called immediately before a container is terminated due to an API req
15662 properties:
15663 exec:
15664 description: Exec specifies the action to take.
15665 properties:
15666 command:
15667 description: Command is the command line to execute inside the container, the working directo
15668 items:
15669 type: string
15670 type: array
15671 type: object
15672 httpGet:
15673 description: HTTPGet specifies the http request to perform.
15674 properties:
15675 host:
15676 description: Host name to connect to, defaults to the pod IP.
15677 type: string
15678 httpHeaders:
15679 description: Custom headers to set in the request. HTTP allows repeated headers.
15680 items:
15681 description: HTTPHeader describes a custom header to be used in HTTP probes
15682 properties:
15683 name:
15684 description: The header field name
15685 type: string
15686 value:
15687 description: The header field value
15688 type: string
15689 required:
15690 - name
15691 - value
15692 type: object
15693 type: array
15694 path:
15695 description: Path to access on the HTTP server.
15696 type: string
15697 port:
15698 anyOf:
15699 - type: integer
15700 - type: string
15701 description: Name or number of the port to access on the container.
15702 x-kubernetes-int-or-string: true
15703 scheme:
15704 description: Scheme to use for connecting to the host. Defaults to HTTP.
15705 type: string
15706 required:
15707 - port
15708 type: object
15709 tcpSocket:
15710 description: Deprecated.
15711 properties:
15712 host:
15713 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15714 type: string
15715 port:
15716 anyOf:
15717 - type: integer
15718 - type: string
15719 description: Number or name of the port to access on the container.
15720 x-kubernetes-int-or-string: true
15721 required:
15722 - port
15723 type: object
15724 type: object
15725 type: object
15726 livenessProbe:
15727 description: Periodic probe of container liveness.
15728 properties:
15729 exec:
15730 description: Exec specifies the action to take.
15731 properties:
15732 command:
15733 description: Command is the command line to execute inside the container, the working directo
15734 items:
15735 type: string
15736 type: array
15737 type: object
15738 failureThreshold:
15739 description: 'Minimum consecutive failures for the probe to be considered failed after having '
15740 format: int32
15741 type: integer
15742 grpc:
15743 description: GRPC specifies an action involving a GRPC port.
15744 properties:
15745 port:
15746 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15747 format: int32
15748 type: integer
15749 service:
15750 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
15751 type: string
15752 required:
15753 - port
15754 type: object
15755 httpGet:
15756 description: HTTPGet specifies the http request to perform.
15757 properties:
15758 host:
15759 description: Host name to connect to, defaults to the pod IP.
15760 type: string
15761 httpHeaders:
15762 description: Custom headers to set in the request. HTTP allows repeated headers.
15763 items:
15764 description: HTTPHeader describes a custom header to be used in HTTP probes
15765 properties:
15766 name:
15767 description: The header field name
15768 type: string
15769 value:
15770 description: The header field value
15771 type: string
15772 required:
15773 - name
15774 - value
15775 type: object
15776 type: array
15777 path:
15778 description: Path to access on the HTTP server.
15779 type: string
15780 port:
15781 anyOf:
15782 - type: integer
15783 - type: string
15784 description: Name or number of the port to access on the container.
15785 x-kubernetes-int-or-string: true
15786 scheme:
15787 description: Scheme to use for connecting to the host. Defaults to HTTP.
15788 type: string
15789 required:
15790 - port
15791 type: object
15792 initialDelaySeconds:
15793 description: Number of seconds after the container has started before liveness probes are ini
15794 format: int32
15795 type: integer
15796 periodSeconds:
15797 description: How often (in seconds) to perform the probe. Default to 10 seconds.
15798 format: int32
15799 type: integer
15800 successThreshold:
15801 description: Minimum consecutive successes for the probe to be considered successful after ha
15802 format: int32
15803 type: integer
15804 tcpSocket:
15805 description: TCPSocket specifies an action involving a TCP port.
15806 properties:
15807 host:
15808 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15809 type: string
15810 port:
15811 anyOf:
15812 - type: integer
15813 - type: string
15814 description: Number or name of the port to access on the container.
15815 x-kubernetes-int-or-string: true
15816 required:
15817 - port
15818 type: object
15819 terminationGracePeriodSeconds:
15820 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
15821 format: int64
15822 type: integer
15823 timeoutSeconds:
15824 description: Number of seconds after which the probe times out. Defaults to 1 second.
15825 format: int32
15826 type: integer
15827 type: object
15828 name:
15829 description: Name of the container specified as a DNS_LABEL.
15830 type: string
15831 ports:
15832 description: List of ports to expose from the container.
15833 items:
15834 description: ContainerPort represents a network port in a single container.
15835 properties:
15836 containerPort:
15837 description: Number of port to expose on the pod's IP address.
15838 format: int32
15839 type: integer
15840 hostIP:
15841 description: What host IP to bind the external port to.
15842 type: string
15843 hostPort:
15844 description: Number of port to expose on the host.
15845 format: int32
15846 type: integer
15847 name:
15848 description: If specified, this must be an IANA_SVC_NAME and unique within the pod.
15849 type: string
15850 protocol:
15851 default: TCP
15852 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
15853 type: string
15854 required:
15855 - containerPort
15856 type: object
15857 type: array
15858 x-kubernetes-list-map-keys:
15859 - containerPort
15860 - protocol
15861 x-kubernetes-list-type: map
15862 readinessProbe:
15863 description: Periodic probe of container service readiness.
15864 properties:
15865 exec:
15866 description: Exec specifies the action to take.
15867 properties:
15868 command:
15869 description: Command is the command line to execute inside the container, the working directo
15870 items:
15871 type: string
15872 type: array
15873 type: object
15874 failureThreshold:
15875 description: 'Minimum consecutive failures for the probe to be considered failed after having '
15876 format: int32
15877 type: integer
15878 grpc:
15879 description: GRPC specifies an action involving a GRPC port.
15880 properties:
15881 port:
15882 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15883 format: int32
15884 type: integer
15885 service:
15886 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
15887 type: string
15888 required:
15889 - port
15890 type: object
15891 httpGet:
15892 description: HTTPGet specifies the http request to perform.
15893 properties:
15894 host:
15895 description: Host name to connect to, defaults to the pod IP.
15896 type: string
15897 httpHeaders:
15898 description: Custom headers to set in the request. HTTP allows repeated headers.
15899 items:
15900 description: HTTPHeader describes a custom header to be used in HTTP probes
15901 properties:
15902 name:
15903 description: The header field name
15904 type: string
15905 value:
15906 description: The header field value
15907 type: string
15908 required:
15909 - name
15910 - value
15911 type: object
15912 type: array
15913 path:
15914 description: Path to access on the HTTP server.
15915 type: string
15916 port:
15917 anyOf:
15918 - type: integer
15919 - type: string
15920 description: Name or number of the port to access on the container.
15921 x-kubernetes-int-or-string: true
15922 scheme:
15923 description: Scheme to use for connecting to the host. Defaults to HTTP.
15924 type: string
15925 required:
15926 - port
15927 type: object
15928 initialDelaySeconds:
15929 description: Number of seconds after the container has started before liveness probes are ini
15930 format: int32
15931 type: integer
15932 periodSeconds:
15933 description: How often (in seconds) to perform the probe. Default to 10 seconds.
15934 format: int32
15935 type: integer
15936 successThreshold:
15937 description: Minimum consecutive successes for the probe to be considered successful after ha
15938 format: int32
15939 type: integer
15940 tcpSocket:
15941 description: TCPSocket specifies an action involving a TCP port.
15942 properties:
15943 host:
15944 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15945 type: string
15946 port:
15947 anyOf:
15948 - type: integer
15949 - type: string
15950 description: Number or name of the port to access on the container.
15951 x-kubernetes-int-or-string: true
15952 required:
15953 - port
15954 type: object
15955 terminationGracePeriodSeconds:
15956 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
15957 format: int64
15958 type: integer
15959 timeoutSeconds:
15960 description: Number of seconds after which the probe times out. Defaults to 1 second.
15961 format: int32
15962 type: integer
15963 type: object
15964 resources:
15965 description: Compute Resources required by this container. Cannot be updated.
15966 properties:
15967 limits:
15968 additionalProperties:
15969 anyOf:
15970 - type: integer
15971 - type: string
15972 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15973 x-kubernetes-int-or-string: true
15974 description: Limits describes the maximum amount of compute resources allowed.
15975 type: object
15976 requests:
15977 additionalProperties:
15978 anyOf:
15979 - type: integer
15980 - type: string
15981 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15982 x-kubernetes-int-or-string: true
15983 description: Requests describes the minimum amount of compute resources required.
15984 type: object
15985 type: object
15986 securityContext:
15987 description: SecurityContext defines the security options the container should be run with.
15988 properties:
15989 allowPrivilegeEscalation:
15990 description: AllowPrivilegeEscalation controls whether a process can gain more privileges tha
15991 type: boolean
15992 capabilities:
15993 description: The capabilities to add/drop when running containers.
15994 properties:
15995 add:
15996 description: Added capabilities
15997 items:
15998 description: Capability represent POSIX capabilities type
15999 type: string
16000 type: array
16001 drop:
16002 description: Removed capabilities
16003 items:
16004 description: Capability represent POSIX capabilities type
16005 type: string
16006 type: array
16007 type: object
16008 privileged:
16009 description: Run container in privileged mode.
16010 type: boolean
16011 procMount:
16012 description: procMount denotes the type of proc mount to use for the containers.
16013 type: string
16014 readOnlyRootFilesystem:
16015 description: Whether this container has a read-only root filesystem. Default is false.
16016 type: boolean
16017 runAsGroup:
16018 description: The GID to run the entrypoint of the container process.
16019 format: int64
16020 type: integer
16021 runAsNonRoot:
16022 description: Indicates that the container must run as a non-root user.
16023 type: boolean
16024 runAsUser:
16025 description: The UID to run the entrypoint of the container process.
16026 format: int64
16027 type: integer
16028 seLinuxOptions:
16029 description: The SELinux context to be applied to the container.
16030 properties:
16031 level:
16032 description: Level is SELinux level label that applies to the container.
16033 type: string
16034 role:
16035 description: Role is a SELinux role label that applies to the container.
16036 type: string
16037 type:
16038 description: Type is a SELinux type label that applies to the container.
16039 type: string
16040 user:
16041 description: User is a SELinux user label that applies to the container.
16042 type: string
16043 type: object
16044 seccompProfile:
16045 description: The seccomp options to use by this container.
16046 properties:
16047 localhostProfile:
16048 description: localhostProfile indicates a profile defined in a file on the node should be use
16049 type: string
16050 type:
16051 description: type indicates which kind of seccomp profile will be applied.
16052 type: string
16053 required:
16054 - type
16055 type: object
16056 windowsOptions:
16057 description: The Windows specific settings applied to all containers.
16058 properties:
16059 gmsaCredentialSpec:
16060 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
16061 type: string
16062 gmsaCredentialSpecName:
16063 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
16064 type: string
16065 hostProcess:
16066 description: HostProcess determines if a container should be run as a 'Host Process' containe
16067 type: boolean
16068 runAsUserName:
16069 description: The UserName in Windows to run the entrypoint of the container process.
16070 type: string
16071 type: object
16072 type: object
16073 startupProbe:
16074 description: StartupProbe indicates that the Pod has successfully initialized.
16075 properties:
16076 exec:
16077 description: Exec specifies the action to take.
16078 properties:
16079 command:
16080 description: Command is the command line to execute inside the container, the working directo
16081 items:
16082 type: string
16083 type: array
16084 type: object
16085 failureThreshold:
16086 description: 'Minimum consecutive failures for the probe to be considered failed after having '
16087 format: int32
16088 type: integer
16089 grpc:
16090 description: GRPC specifies an action involving a GRPC port.
16091 properties:
16092 port:
16093 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
16094 format: int32
16095 type: integer
16096 service:
16097 description: 'Service is the name of the service to place in the gRPC HealthCheckRequest (see '
16098 type: string
16099 required:
16100 - port
16101 type: object
16102 httpGet:
16103 description: HTTPGet specifies the http request to perform.
16104 properties:
16105 host:
16106 description: Host name to connect to, defaults to the pod IP.
16107 type: string
16108 httpHeaders:
16109 description: Custom headers to set in the request. HTTP allows repeated headers.
16110 items:
16111 description: HTTPHeader describes a custom header to be used in HTTP probes
16112 properties:
16113 name:
16114 description: The header field name
16115 type: string
16116 value:
16117 description: The header field value
16118 type: string
16119 required:
16120 - name
16121 - value
16122 type: object
16123 type: array
16124 path:
16125 description: Path to access on the HTTP server.
16126 type: string
16127 port:
16128 anyOf:
16129 - type: integer
16130 - type: string
16131 description: Name or number of the port to access on the container.
16132 x-kubernetes-int-or-string: true
16133 scheme:
16134 description: Scheme to use for connecting to the host. Defaults to HTTP.
16135 type: string
16136 required:
16137 - port
16138 type: object
16139 initialDelaySeconds:
16140 description: Number of seconds after the container has started before liveness probes are ini
16141 format: int32
16142 type: integer
16143 periodSeconds:
16144 description: How often (in seconds) to perform the probe. Default to 10 seconds.
16145 format: int32
16146 type: integer
16147 successThreshold:
16148 description: Minimum consecutive successes for the probe to be considered successful after ha
16149 format: int32
16150 type: integer
16151 tcpSocket:
16152 description: TCPSocket specifies an action involving a TCP port.
16153 properties:
16154 host:
16155 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16156 type: string
16157 port:
16158 anyOf:
16159 - type: integer
16160 - type: string
16161 description: Number or name of the port to access on the container.
16162 x-kubernetes-int-or-string: true
16163 required:
16164 - port
16165 type: object
16166 terminationGracePeriodSeconds:
16167 description: Optional duration in seconds the pod needs to terminate gracefully upon probe fa
16168 format: int64
16169 type: integer
16170 timeoutSeconds:
16171 description: Number of seconds after which the probe times out. Defaults to 1 second.
16172 format: int32
16173 type: integer
16174 type: object
16175 stdin:
16176 description: Whether this container should allocate a buffer for stdin in the container runti
16177 type: boolean
16178 stdinOnce:
16179 description: Whether the container runtime should close the stdin channel after it has been o
16180 type: boolean
16181 terminationMessagePath:
16182 description: 'Optional: Path at which the file to which the container''s termination message wi'
16183 type: string
16184 terminationMessagePolicy:
16185 description: Indicate how the termination message should be populated.
16186 type: string
16187 tty:
16188 description: Whether this container should allocate a TTY for itself, also requires 'stdin' t
16189 type: boolean
16190 volumeDevices:
16191 description: volumeDevices is the list of block devices to be used by the container.
16192 items:
16193 description: volumeDevice describes a mapping of a raw block device within a container.
16194 properties:
16195 devicePath:
16196 description: devicePath is the path inside of the container that the device will be mapped to
16197 type: string
16198 name:
16199 description: name must match the name of a persistentVolumeClaim in the pod
16200 type: string
16201 required:
16202 - devicePath
16203 - name
16204 type: object
16205 type: array
16206 volumeMounts:
16207 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
16208 items:
16209 description: VolumeMount describes a mounting of a Volume within a container.
16210 properties:
16211 mountPath:
16212 description: Path within the container at which the volume should be mounted.
16213 type: string
16214 mountPropagation:
16215 description: mountPropagation determines how mounts are propagated from the host to container
16216 type: string
16217 name:
16218 description: This must match the Name of a Volume.
16219 type: string
16220 readOnly:
16221 description: Mounted read-only if true, read-write otherwise (false or unspecified).
16222 type: boolean
16223 subPath:
16224 description: Path within the volume from which the container's volume should be mounted.
16225 type: string
16226 subPathExpr:
16227 description: Expanded path within the volume from which the container's volume should be moun
16228 type: string
16229 required:
16230 - mountPath
16231 - name
16232 type: object
16233 type: array
16234 workingDir:
16235 description: Container's working directory.
16236 type: string
16237 required:
16238 - name
16239 type: object
16240 type: array
16241 nodeName:
16242 description: NodeName is a request to schedule this pod onto a specific node.
16243 type: string
16244 nodeSelector:
16245 additionalProperties:
16246 type: string
16247 description: NodeSelector is a selector which must be true for the pod to fit on a node.
16248 type: object
16249 x-kubernetes-map-type: atomic
16250 os:
16251 description: Specifies the OS of the containers in the pod.
16252 properties:
16253 name:
16254 description: Name is the name of the operating system.
16255 type: string
16256 required:
16257 - name
16258 type: object
16259 overhead:
16260 additionalProperties:
16261 anyOf:
16262 - type: integer
16263 - type: string
16264 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16265 x-kubernetes-int-or-string: true
16266 description: Overhead represents the resource overhead associated with running a pod for a gi
16267 type: object
16268 preemptionPolicy:
16269 description: PreemptionPolicy is the Policy for preempting pods with lower priority.
16270 type: string
16271 priority:
16272 description: The priority value.
16273 format: int32
16274 type: integer
16275 priorityClassName:
16276 description: If specified, indicates the pod's priority.
16277 type: string
16278 readinessGates:
16279 description: If specified, all readiness gates will be evaluated for pod readiness.
16280 items:
16281 description: PodReadinessGate contains the reference to a pod condition
16282 properties:
16283 conditionType:
16284 description: ConditionType refers to a condition in the pod's condition list with matching ty
16285 type: string
16286 required:
16287 - conditionType
16288 type: object
16289 type: array
16290 restartPolicy:
16291 description: Restart policy for all containers within the pod.
16292 type: string
16293 runtimeClassName:
16294 description: RuntimeClassName refers to a RuntimeClass object in the node.k8s.
16295 type: string
16296 schedulerName:
16297 description: If specified, the pod will be dispatched by specified scheduler.
16298 type: string
16299 securityContext:
16300 description: SecurityContext holds pod-level security attributes and common container setting
16301 properties:
16302 fsGroup:
16303 description: A special supplemental group that applies to all containers in a pod.
16304 format: int64
16305 type: integer
16306 fsGroupChangePolicy:
16307 description: fsGroupChangePolicy defines behavior of changing ownership and permission of the
16308 type: string
16309 runAsGroup:
16310 description: The GID to run the entrypoint of the container process.
16311 format: int64
16312 type: integer
16313 runAsNonRoot:
16314 description: Indicates that the container must run as a non-root user.
16315 type: boolean
16316 runAsUser:
16317 description: The UID to run the entrypoint of the container process.
16318 format: int64
16319 type: integer
16320 seLinuxOptions:
16321 description: The SELinux context to be applied to all containers.
16322 properties:
16323 level:
16324 description: Level is SELinux level label that applies to the container.
16325 type: string
16326 role:
16327 description: Role is a SELinux role label that applies to the container.
16328 type: string
16329 type:
16330 description: Type is a SELinux type label that applies to the container.
16331 type: string
16332 user:
16333 description: User is a SELinux user label that applies to the container.
16334 type: string
16335 type: object
16336 seccompProfile:
16337 description: The seccomp options to use by the containers in this pod.
16338 properties:
16339 localhostProfile:
16340 description: localhostProfile indicates a profile defined in a file on the node should be use
16341 type: string
16342 type:
16343 description: type indicates which kind of seccomp profile will be applied.
16344 type: string
16345 required:
16346 - type
16347 type: object
16348 supplementalGroups:
16349 description: A list of groups applied to the first process run in each container, in addition
16350 items:
16351 format: int64
16352 type: integer
16353 type: array
16354 sysctls:
16355 description: Sysctls hold a list of namespaced sysctls used for the pod.
16356 items:
16357 description: Sysctl defines a kernel parameter to be set
16358 properties:
16359 name:
16360 description: Name of a property to set
16361 type: string
16362 value:
16363 description: Value of a property to set
16364 type: string
16365 required:
16366 - name
16367 - value
16368 type: object
16369 type: array
16370 windowsOptions:
16371 description: The Windows specific settings applied to all containers.
16372 properties:
16373 gmsaCredentialSpec:
16374 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.
16375 type: string
16376 gmsaCredentialSpecName:
16377 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
16378 type: string
16379 hostProcess:
16380 description: HostProcess determines if a container should be run as a 'Host Process' containe
16381 type: boolean
16382 runAsUserName:
16383 description: The UserName in Windows to run the entrypoint of the container process.
16384 type: string
16385 type: object
16386 type: object
16387 serviceAccount:
16388 description: DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
16389 type: string
16390 serviceAccountName:
16391 description: ServiceAccountName is the name of the ServiceAccount to use to run this pod.
16392 type: string
16393 setHostnameAsFQDN:
16394 description: If true the pod's hostname will be configured as the pod's FQDN, rather than the
16395 type: boolean
16396 shareProcessNamespace:
16397 description: Share a single process namespace between all of the containers in a pod.
16398 type: boolean
16399 subdomain:
16400 description: If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.
16401 type: string
16402 terminationGracePeriodSeconds:
16403 description: Optional duration in seconds the pod needs to terminate gracefully.
16404 format: int64
16405 type: integer
16406 tolerations:
16407 description: If specified, the pod's tolerations.
16408 items:
16409 description: The pod this Toleration is attached to tolerates any taint that matches the trip
16410 properties:
16411 effect:
16412 description: Effect indicates the taint effect to match. Empty means match all taint effects.
16413 type: string
16414 key:
16415 description: Key is the taint key that the toleration applies to.
16416 type: string
16417 operator:
16418 description: Operator represents a key's relationship to the value.
16419 type: string
16420 tolerationSeconds:
16421 description: TolerationSeconds represents the period of time the toleration (which must be of
16422 format: int64
16423 type: integer
16424 value:
16425 description: Value is the taint value the toleration matches to.
16426 type: string
16427 type: object
16428 type: array
16429 topologySpreadConstraints:
16430 description: TopologySpreadConstraints describes how a group of pods ought to spread across t
16431 items:
16432 description: TopologySpreadConstraint specifies how to spread matching pods among the given t
16433 properties:
16434 labelSelector:
16435 description: LabelSelector is used to find matching pods.
16436 properties:
16437 matchExpressions:
16438 description: matchExpressions is a list of label selector requirements.
16439 items:
16440 description: A label selector requirement is a selector that contains values, a key, and an o
16441 properties:
16442 key:
16443 description: key is the label key that the selector applies to.
16444 type: string
16445 operator:
16446 description: operator represents a key's relationship to a set of values.
16447 type: string
16448 values:
16449 description: values is an array of string values.
16450 items:
16451 type: string
16452 type: array
16453 required:
16454 - key
16455 - operator
16456 type: object
16457 type: array
16458 matchLabels:
16459 additionalProperties:
16460 type: string
16461 description: matchLabels is a map of {key,value} pairs.
16462 type: object
16463 type: object
16464 x-kubernetes-map-type: atomic
16465 maxSkew:
16466 description: MaxSkew describes the degree to which pods may be unevenly distributed.
16467 format: int32
16468 type: integer
16469 topologyKey:
16470 description: TopologyKey is the key of node labels.
16471 type: string
16472 whenUnsatisfiable:
16473 description: WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spr
16474 type: string
16475 required:
16476 - maxSkew
16477 - topologyKey
16478 - whenUnsatisfiable
16479 type: object
16480 type: array
16481 x-kubernetes-list-map-keys:
16482 - topologyKey
16483 - whenUnsatisfiable
16484 x-kubernetes-list-type: map
16485 volumes:
16486 description: List of volumes that can be mounted by containers belonging to the pod.
16487 items:
16488 description: 'Volume represents a named volume in a pod that may be accessed by any container '
16489 properties:
16490 awsElasticBlockStore:
16491 description: AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubel
16492 properties:
16493 fsType:
16494 description: Filesystem type of the volume that you want to mount.
16495 type: string
16496 partition:
16497 description: The partition in the volume that you want to mount.
16498 format: int32
16499 type: integer
16500 readOnly:
16501 description: Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
16502 type: boolean
16503 volumeID:
16504 description: Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
16505 type: string
16506 required:
16507 - volumeID
16508 type: object
16509 azureDisk:
16510 description: 'AzureDisk represents an Azure Data Disk mount on the host and bind mount to the '
16511 properties:
16512 cachingMode:
16513 description: 'Host Caching mode: None, Read Only, Read Write.'
16514 type: string
16515 diskName:
16516 description: The Name of the data disk in the blob storage
16517 type: string
16518 diskURI:
16519 description: The URI the data disk in the blob storage
16520 type: string
16521 fsType:
16522 description: Filesystem type to mount.
16523 type: string
16524 kind:
16525 description: 'Expected values Shared: multiple blob disks per storage account Dedicated: sing'
16526 type: string
16527 readOnly:
16528 description: Defaults to false (read/write).
16529 type: boolean
16530 required:
16531 - diskName
16532 - diskURI
16533 type: object
16534 azureFile:
16535 description: AzureFile represents an Azure File Service mount on the host and bind mount to t
16536 properties:
16537 readOnly:
16538 description: Defaults to false (read/write).
16539 type: boolean
16540 secretName:
16541 description: the name of secret that contains Azure Storage Account Name and Key
16542 type: string
16543 shareName:
16544 description: Share Name
16545 type: string
16546 required:
16547 - secretName
16548 - shareName
16549 type: object
16550 cephfs:
16551 description: CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
16552 properties:
16553 monitors:
16554 description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.'
16555 items:
16556 type: string
16557 type: array
16558 path:
16559 description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
16560 type: string
16561 readOnly:
16562 description: 'Optional: Defaults to false (read/write).'
16563 type: boolean
16564 secretFile:
16565 description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user'
16566 type: string
16567 secretRef:
16568 description: 'Optional: SecretRef is reference to the authentication secret for User, default '
16569 properties:
16570 name:
16571 description: 'Name of the referent. More info: https://kubernetes.'
16572 type: string
16573 type: object
16574 x-kubernetes-map-type: atomic
16575 user:
16576 description: 'Optional: User is the rados user name, default is admin More info: https://examp'
16577 type: string
16578 required:
16579 - monitors
16580 type: object
16581 cinder:
16582 description: Cinder represents a cinder volume attached and mounted on kubelets host machine.
16583 properties:
16584 fsType:
16585 description: Filesystem type to mount.
16586 type: string
16587 readOnly:
16588 description: 'Optional: Defaults to false (read/write).'
16589 type: boolean
16590 secretRef:
16591 description: 'Optional: points to a secret object containing parameters used to connect to Ope'
16592 properties:
16593 name:
16594 description: 'Name of the referent. More info: https://kubernetes.'
16595 type: string
16596 type: object
16597 x-kubernetes-map-type: atomic
16598 volumeID:
16599 description: 'volume id used to identify the volume in cinder. More info: https://examples.'
16600 type: string
16601 required:
16602 - volumeID
16603 type: object
16604 configMap:
16605 description: ConfigMap represents a configMap that should populate this volume
16606 properties:
16607 defaultMode:
16608 description: 'Optional: mode bits used to set permissions on created files by default.'
16609 format: int32
16610 type: integer
16611 items:
16612 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
16613 items:
16614 description: Maps a string key to a path within a volume.
16615 properties:
16616 key:
16617 description: The key to project.
16618 type: string
16619 mode:
16620 description: 'Optional: mode bits used to set permissions on this file.'
16621 format: int32
16622 type: integer
16623 path:
16624 description: The relative path of the file to map the key to. May not be an absolute path.
16625 type: string
16626 required:
16627 - key
16628 - path
16629 type: object
16630 type: array
16631 name:
16632 description: 'Name of the referent. More info: https://kubernetes.'
16633 type: string
16634 optional:
16635 description: Specify whether the ConfigMap or its keys must be defined
16636 type: boolean
16637 type: object
16638 x-kubernetes-map-type: atomic
16639 csi:
16640 description: CSI (Container Storage Interface) represents ephemeral storage that is handled b
16641 properties:
16642 driver:
16643 description: Driver is the name of the CSI driver that handles this volume.
16644 type: string
16645 fsType:
16646 description: Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
16647 type: string
16648 nodePublishSecretRef:
16649 description: NodePublishSecretRef is a reference to the secret object containing sensitive in
16650 properties:
16651 name:
16652 description: 'Name of the referent. More info: https://kubernetes.'
16653 type: string
16654 type: object
16655 x-kubernetes-map-type: atomic
16656 readOnly:
16657 description: Specifies a read-only configuration for the volume.
16658 type: boolean
16659 volumeAttributes:
16660 additionalProperties:
16661 type: string
16662 description: VolumeAttributes stores driver-specific properties that are passed to the CSI dr
16663 type: object
16664 required:
16665 - driver
16666 type: object
16667 downwardAPI:
16668 description: DownwardAPI represents downward API about the pod that should populate this volu
16669 properties:
16670 defaultMode:
16671 description: 'Optional: mode bits to use on created files by default.'
16672 format: int32
16673 type: integer
16674 items:
16675 description: Items is a list of downward API volume file
16676 items:
16677 description: DownwardAPIVolumeFile represents information to create the file containing the p
16678 properties:
16679 fieldRef:
16680 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
16681 properties:
16682 apiVersion:
16683 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
16684 type: string
16685 fieldPath:
16686 description: Path of the field to select in the specified API version.
16687 type: string
16688 required:
16689 - fieldPath
16690 type: object
16691 x-kubernetes-map-type: atomic
16692 mode:
16693 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
16694 format: int32
16695 type: integer
16696 path:
16697 description: 'Required: Path is the relative path name of the file to be created.'
16698 type: string
16699 resourceFieldRef:
16700 description: 'Selects a resource of the container: only resources limits and requests (limits.'
16701 properties:
16702 containerName:
16703 description: 'Container name: required for volumes, optional for env vars'
16704 type: string
16705 divisor:
16706 anyOf:
16707 - type: integer
16708 - type: string
16709 description: Specifies the output format of the exposed resources, defaults to "1"
16710 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16711 x-kubernetes-int-or-string: true
16712 resource:
16713 description: 'Required: resource to select'
16714 type: string
16715 required:
16716 - resource
16717 type: object
16718 x-kubernetes-map-type: atomic
16719 required:
16720 - path
16721 type: object
16722 type: array
16723 type: object
16724 emptyDir:
16725 description: EmptyDir represents a temporary directory that shares a pod's lifetime.
16726 properties:
16727 medium:
16728 description: What type of storage medium should back this directory.
16729 type: string
16730 sizeLimit:
16731 anyOf:
16732 - type: integer
16733 - type: string
16734 description: Total amount of local storage required for this EmptyDir volume.
16735 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16736 x-kubernetes-int-or-string: true
16737 type: object
16738 ephemeral:
16739 description: Ephemeral represents a volume that is handled by a cluster storage driver.
16740 properties:
16741 volumeClaimTemplate:
16742 description: Will be used to create a stand-alone PVC to provision the volume.
16743 properties:
16744 metadata:
16745 description: May contain labels and annotations that will be copied into the PVC when creatin
16746 type: object
16747 spec:
16748 description: The specification for the PersistentVolumeClaim.
16749 properties:
16750 accessModes:
16751 description: AccessModes contains the desired access modes the volume should have.
16752 items:
16753 type: string
16754 type: array
16755 dataSource:
16756 description: 'This field can be used to specify either: * An existing VolumeSnapshot object (s'
16757 properties:
16758 apiGroup:
16759 description: APIGroup is the group for the resource being referenced.
16760 type: string
16761 kind:
16762 description: Kind is the type of resource being referenced
16763 type: string
16764 name:
16765 description: Name is the name of resource being referenced
16766 type: string
16767 required:
16768 - kind
16769 - name
16770 type: object
16771 x-kubernetes-map-type: atomic
16772 dataSourceRef:
16773 description: Specifies the object from which to populate the volume with data, if a non-empty
16774 properties:
16775 apiGroup:
16776 description: APIGroup is the group for the resource being referenced.
16777 type: string
16778 kind:
16779 description: Kind is the type of resource being referenced
16780 type: string
16781 name:
16782 description: Name is the name of resource being referenced
16783 type: string
16784 required:
16785 - kind
16786 - name
16787 type: object
16788 x-kubernetes-map-type: atomic
16789 resources:
16790 description: Resources represents the minimum resources the volume should have.
16791 properties:
16792 limits:
16793 additionalProperties:
16794 anyOf:
16795 - type: integer
16796 - type: string
16797 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16798 x-kubernetes-int-or-string: true
16799 description: Limits describes the maximum amount of compute resources allowed.
16800 type: object
16801 requests:
16802 additionalProperties:
16803 anyOf:
16804 - type: integer
16805 - type: string
16806 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16807 x-kubernetes-int-or-string: true
16808 description: Requests describes the minimum amount of compute resources required.
16809 type: object
16810 type: object
16811 selector:
16812 description: A label query over volumes to consider for binding.
16813 properties:
16814 matchExpressions:
16815 description: matchExpressions is a list of label selector requirements.
16816 items:
16817 description: A label selector requirement is a selector that contains values, a key, and an o
16818 properties:
16819 key:
16820 description: key is the label key that the selector applies to.
16821 type: string
16822 operator:
16823 description: operator represents a key's relationship to a set of values.
16824 type: string
16825 values:
16826 description: values is an array of string values.
16827 items:
16828 type: string
16829 type: array
16830 required:
16831 - key
16832 - operator
16833 type: object
16834 type: array
16835 matchLabels:
16836 additionalProperties:
16837 type: string
16838 description: matchLabels is a map of {key,value} pairs.
16839 type: object
16840 type: object
16841 x-kubernetes-map-type: atomic
16842 storageClassName:
16843 description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.'
16844 type: string
16845 volumeMode:
16846 description: volumeMode defines what type of volume is required by the claim.
16847 type: string
16848 volumeName:
16849 description: VolumeName is the binding reference to the PersistentVolume backing this claim.
16850 type: string
16851 type: object
16852 required:
16853 - spec
16854 type: object
16855 type: object
16856 fc:
16857 description: FC represents a Fibre Channel resource that is attached to a kubelet's host mach
16858 properties:
16859 fsType:
16860 description: Filesystem type to mount.
16861 type: string
16862 lun:
16863 description: 'Optional: FC target lun number'
16864 format: int32
16865 type: integer
16866 readOnly:
16867 description: 'Optional: Defaults to false (read/write).'
16868 type: boolean
16869 targetWWNs:
16870 description: 'Optional: FC target worldwide names (WWNs)'
16871 items:
16872 type: string
16873 type: array
16874 wwids:
16875 description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination o'
16876 items:
16877 type: string
16878 type: array
16879 type: object
16880 flexVolume:
16881 description: FlexVolume represents a generic volume resource that is provisioned/attached usi
16882 properties:
16883 driver:
16884 description: Driver is the name of the driver to use for this volume.
16885 type: string
16886 fsType:
16887 description: Filesystem type to mount.
16888 type: string
16889 options:
16890 additionalProperties:
16891 type: string
16892 description: 'Optional: Extra command options if any.'
16893 type: object
16894 readOnly:
16895 description: 'Optional: Defaults to false (read/write).'
16896 type: boolean
16897 secretRef:
16898 description: 'Optional: SecretRef is reference to the secret object containing sensitive infor'
16899 properties:
16900 name:
16901 description: 'Name of the referent. More info: https://kubernetes.'
16902 type: string
16903 type: object
16904 x-kubernetes-map-type: atomic
16905 required:
16906 - driver
16907 type: object
16908 flocker:
16909 description: Flocker represents a Flocker volume attached to a kubelet's host machine.
16910 properties:
16911 datasetName:
16912 description: Name of the dataset stored as metadata -> name on the dataset for Flocker should
16913 type: string
16914 datasetUUID:
16915 description: UUID of the dataset. This is unique identifier of a Flocker dataset
16916 type: string
16917 type: object
16918 gcePersistentDisk:
16919 description: GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's
16920 properties:
16921 fsType:
16922 description: Filesystem type of the volume that you want to mount.
16923 type: string
16924 partition:
16925 description: The partition in the volume that you want to mount.
16926 format: int32
16927 type: integer
16928 pdName:
16929 description: Unique name of the PD resource in GCE. Used to identify the disk in GCE.
16930 type: string
16931 readOnly:
16932 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
16933 type: boolean
16934 required:
16935 - pdName
16936 type: object
16937 gitRepo:
16938 description: GitRepo represents a git repository at a particular revision.
16939 properties:
16940 directory:
16941 description: Target directory name. Must not contain or start with '..'. If '.
16942 type: string
16943 repository:
16944 description: Repository URL
16945 type: string
16946 revision:
16947 description: Commit hash for the specified revision.
16948 type: string
16949 required:
16950 - repository
16951 type: object
16952 glusterfs:
16953 description: Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
16954 properties:
16955 endpoints:
16956 description: EndpointsName is the endpoint name that details Glusterfs topology.
16957 type: string
16958 path:
16959 description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.'
16960 type: string
16961 readOnly:
16962 description: ReadOnly here will force the Glusterfs volume to be mounted with read-only permi
16963 type: boolean
16964 required:
16965 - endpoints
16966 - path
16967 type: object
16968 hostPath:
16969 description: HostPath represents a pre-existing file or directory on the host machine that is
16970 properties:
16971 path:
16972 description: Path of the directory on the host.
16973 type: string
16974 type:
16975 description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.'
16976 type: string
16977 required:
16978 - path
16979 type: object
16980 iscsi:
16981 description: ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host mac
16982 properties:
16983 chapAuthDiscovery:
16984 description: whether support iSCSI Discovery CHAP authentication
16985 type: boolean
16986 chapAuthSession:
16987 description: whether support iSCSI Session CHAP authentication
16988 type: boolean
16989 fsType:
16990 description: Filesystem type of the volume that you want to mount.
16991 type: string
16992 initiatorName:
16993 description: Custom iSCSI Initiator Name.
16994 type: string
16995 iqn:
16996 description: Target iSCSI Qualified Name.
16997 type: string
16998 iscsiInterface:
16999 description: iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
17000 type: string
17001 lun:
17002 description: iSCSI Target Lun number.
17003 format: int32
17004 type: integer
17005 portals:
17006 description: iSCSI Target Portal List.
17007 items:
17008 type: string
17009 type: array
17010 readOnly:
17011 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
17012 type: boolean
17013 secretRef:
17014 description: CHAP Secret for iSCSI target and initiator authentication
17015 properties:
17016 name:
17017 description: 'Name of the referent. More info: https://kubernetes.'
17018 type: string
17019 type: object
17020 x-kubernetes-map-type: atomic
17021 targetPortal:
17022 description: iSCSI Target Portal.
17023 type: string
17024 required:
17025 - iqn
17026 - lun
17027 - targetPortal
17028 type: object
17029 name:
17030 description: Volume's name. Must be a DNS_LABEL and unique within the pod.
17031 type: string
17032 nfs:
17033 description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: '
17034 properties:
17035 path:
17036 description: 'Path that is exported by the NFS server. More info: https://kubernetes.'
17037 type: string
17038 readOnly:
17039 description: ReadOnly here will force the NFS export to be mounted with read-only permissions
17040 type: boolean
17041 server:
17042 description: Server is the hostname or IP address of the NFS server.
17043 type: string
17044 required:
17045 - path
17046 - server
17047 type: object
17048 persistentVolumeClaim:
17049 description: PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeCl
17050 properties:
17051 claimName:
17052 description: ClaimName is the name of a PersistentVolumeClaim in the same namespace as the po
17053 type: string
17054 readOnly:
17055 description: Will force the ReadOnly setting in VolumeMounts. Default false.
17056 type: boolean
17057 required:
17058 - claimName
17059 type: object
17060 photonPersistentDisk:
17061 description: 'PhotonPersistentDisk represents a PhotonController persistent disk attached and '
17062 properties:
17063 fsType:
17064 description: Filesystem type to mount.
17065 type: string
17066 pdID:
17067 description: ID that identifies Photon Controller persistent disk
17068 type: string
17069 required:
17070 - pdID
17071 type: object
17072 portworxVolume:
17073 description: PortworxVolume represents a portworx volume attached and mounted on kubelets hos
17074 properties:
17075 fsType:
17076 description: FSType represents the filesystem type to mount Must be a filesystem type support
17077 type: string
17078 readOnly:
17079 description: Defaults to false (read/write).
17080 type: boolean
17081 volumeID:
17082 description: VolumeID uniquely identifies a Portworx volume
17083 type: string
17084 required:
17085 - volumeID
17086 type: object
17087 projected:
17088 description: Items for all in one resources secrets, configmaps, and downward API
17089 properties:
17090 defaultMode:
17091 description: Mode bits used to set permissions on created files by default.
17092 format: int32
17093 type: integer
17094 sources:
17095 description: list of volume projections
17096 items:
17097 description: Projection that may be projected along with other supported volume types
17098 properties:
17099 configMap:
17100 description: information about the configMap data to project
17101 properties:
17102 items:
17103 description: If unspecified, each key-value pair in the Data field of the referenced ConfigMa
17104 items:
17105 description: Maps a string key to a path within a volume.
17106 properties:
17107 key:
17108 description: The key to project.
17109 type: string
17110 mode:
17111 description: 'Optional: mode bits used to set permissions on this file.'
17112 format: int32
17113 type: integer
17114 path:
17115 description: The relative path of the file to map the key to. May not be an absolute path.
17116 type: string
17117 required:
17118 - key
17119 - path
17120 type: object
17121 type: array
17122 name:
17123 description: 'Name of the referent. More info: https://kubernetes.'
17124 type: string
17125 optional:
17126 description: Specify whether the ConfigMap or its keys must be defined
17127 type: boolean
17128 type: object
17129 x-kubernetes-map-type: atomic
17130 downwardAPI:
17131 description: information about the downwardAPI data to project
17132 properties:
17133 items:
17134 description: Items is a list of DownwardAPIVolume file
17135 items:
17136 description: DownwardAPIVolumeFile represents information to create the file containing the p
17137 properties:
17138 fieldRef:
17139 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespa'
17140 properties:
17141 apiVersion:
17142 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
17143 type: string
17144 fieldPath:
17145 description: Path of the field to select in the specified API version.
17146 type: string
17147 required:
17148 - fieldPath
17149 type: object
17150 x-kubernetes-map-type: atomic
17151 mode:
17152 description: 'Optional: mode bits used to set permissions on this file, must be an octal value'
17153 format: int32
17154 type: integer
17155 path:
17156 description: 'Required: Path is the relative path name of the file to be created.'
17157 type: string
17158 resourceFieldRef:
17159 description: 'Selects a resource of the container: only resources limits and requests (limits.'
17160 properties:
17161 containerName:
17162 description: 'Container name: required for volumes, optional for env vars'
17163 type: string
17164 divisor:
17165 anyOf:
17166 - type: integer
17167 - type: string
17168 description: Specifies the output format of the exposed resources, defaults to "1"
17169 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17170 x-kubernetes-int-or-string: true
17171 resource:
17172 description: 'Required: resource to select'
17173 type: string
17174 required:
17175 - resource
17176 type: object
17177 x-kubernetes-map-type: atomic
17178 required:
17179 - path
17180 type: object
17181 type: array
17182 type: object
17183 secret:
17184 description: information about the secret data to project
17185 properties:
17186 items:
17187 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
17188 items:
17189 description: Maps a string key to a path within a volume.
17190 properties:
17191 key:
17192 description: The key to project.
17193 type: string
17194 mode:
17195 description: 'Optional: mode bits used to set permissions on this file.'
17196 format: int32
17197 type: integer
17198 path:
17199 description: The relative path of the file to map the key to. May not be an absolute path.
17200 type: string
17201 required:
17202 - key
17203 - path
17204 type: object
17205 type: array
17206 name:
17207 description: 'Name of the referent. More info: https://kubernetes.'
17208 type: string
17209 optional:
17210 description: Specify whether the Secret or its key must be defined
17211 type: boolean
17212 type: object
17213 x-kubernetes-map-type: atomic
17214 serviceAccountToken:
17215 description: information about the serviceAccountToken data to project
17216 properties:
17217 audience:
17218 description: Audience is the intended audience of the token.
17219 type: string
17220 expirationSeconds:
17221 description: ExpirationSeconds is the requested duration of validity of the service account t
17222 format: int64
17223 type: integer
17224 path:
17225 description: Path is the path relative to the mount point of the file to project the token in
17226 type: string
17227 required:
17228 - path
17229 type: object
17230 type: object
17231 type: array
17232 type: object
17233 quobyte:
17234 description: Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
17235 properties:
17236 group:
17237 description: Group to map volume access to Default is no group
17238 type: string
17239 readOnly:
17240 description: ReadOnly here will force the Quobyte volume to be mounted with read-only permiss
17241 type: boolean
17242 registry:
17243 description: 'Registry represents a single or multiple Quobyte Registry services specified as '
17244 type: string
17245 tenant:
17246 description: Tenant owning the given Quobyte volume in the Backend Used with dynamically prov
17247 type: string
17248 user:
17249 description: User to map volume access to Defaults to serivceaccount user
17250 type: string
17251 volume:
17252 description: Volume is a string that references an already created Quobyte volume by name.
17253 type: string
17254 required:
17255 - registry
17256 - volume
17257 type: object
17258 rbd:
17259 description: RBD represents a Rados Block Device mount on the host that shares a pod's lifeti
17260 properties:
17261 fsType:
17262 description: Filesystem type of the volume that you want to mount.
17263 type: string
17264 image:
17265 description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.'
17266 type: string
17267 keyring:
17268 description: Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring.
17269 type: string
17270 monitors:
17271 description: 'A collection of Ceph monitors. More info: https://examples.k8s.'
17272 items:
17273 type: string
17274 type: array
17275 pool:
17276 description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.'
17277 type: string
17278 readOnly:
17279 description: ReadOnly here will force the ReadOnly setting in VolumeMounts.
17280 type: boolean
17281 secretRef:
17282 description: SecretRef is name of the authentication secret for RBDUser.
17283 properties:
17284 name:
17285 description: 'Name of the referent. More info: https://kubernetes.'
17286 type: string
17287 type: object
17288 x-kubernetes-map-type: atomic
17289 user:
17290 description: 'The rados user name. Default is admin. More info: https://examples.k8s.'
17291 type: string
17292 required:
17293 - image
17294 - monitors
17295 type: object
17296 scaleIO:
17297 description: ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernete
17298 properties:
17299 fsType:
17300 description: Filesystem type to mount.
17301 type: string
17302 gateway:
17303 description: The host address of the ScaleIO API Gateway.
17304 type: string
17305 protectionDomain:
17306 description: The name of the ScaleIO Protection Domain for the configured storage.
17307 type: string
17308 readOnly:
17309 description: Defaults to false (read/write).
17310 type: boolean
17311 secretRef:
17312 description: SecretRef references to the secret for ScaleIO user and other sensitive informat
17313 properties:
17314 name:
17315 description: 'Name of the referent. More info: https://kubernetes.'
17316 type: string
17317 type: object
17318 x-kubernetes-map-type: atomic
17319 sslEnabled:
17320 description: Flag to enable/disable SSL communication with Gateway, default false
17321 type: boolean
17322 storageMode:
17323 description: Indicates whether the storage for a volume should be ThickProvisioned or ThinPro
17324 type: string
17325 storagePool:
17326 description: The ScaleIO Storage Pool associated with the protection domain.
17327 type: string
17328 system:
17329 description: The name of the storage system as configured in ScaleIO.
17330 type: string
17331 volumeName:
17332 description: The name of a volume already created in the ScaleIO system that is associated wi
17333 type: string
17334 required:
17335 - gateway
17336 - secretRef
17337 - system
17338 type: object
17339 secret:
17340 description: Secret represents a secret that should populate this volume.
17341 properties:
17342 defaultMode:
17343 description: 'Optional: mode bits used to set permissions on created files by default.'
17344 format: int32
17345 type: integer
17346 items:
17347 description: If unspecified, each key-value pair in the Data field of the referenced Secret w
17348 items:
17349 description: Maps a string key to a path within a volume.
17350 properties:
17351 key:
17352 description: The key to project.
17353 type: string
17354 mode:
17355 description: 'Optional: mode bits used to set permissions on this file.'
17356 format: int32
17357 type: integer
17358 path:
17359 description: The relative path of the file to map the key to. May not be an absolute path.
17360 type: string
17361 required:
17362 - key
17363 - path
17364 type: object
17365 type: array
17366 optional:
17367 description: Specify whether the Secret or its keys must be defined
17368 type: boolean
17369 secretName:
17370 description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.'
17371 type: string
17372 type: object
17373 storageos:
17374 description: StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes
17375 properties:
17376 fsType:
17377 description: Filesystem type to mount.
17378 type: string
17379 readOnly:
17380 description: Defaults to false (read/write).
17381 type: boolean
17382 secretRef:
17383 description: SecretRef specifies the secret to use for obtaining the StorageOS API credential
17384 properties:
17385 name:
17386 description: 'Name of the referent. More info: https://kubernetes.'
17387 type: string
17388 type: object
17389 x-kubernetes-map-type: atomic
17390 volumeName:
17391 description: VolumeName is the human-readable name of the StorageOS volume.
17392 type: string
17393 volumeNamespace:
17394 description: VolumeNamespace specifies the scope of the volume within StorageOS.
17395 type: string
17396 type: object
17397 vsphereVolume:
17398 description: 'VsphereVolume represents a vSphere volume attached and mounted on kubelets host '
17399 properties:
17400 fsType:
17401 description: Filesystem type to mount.
17402 type: string
17403 storagePolicyID:
17404 description: Storage Policy Based Management (SPBM) profile ID associated with the StoragePol
17405 type: string
17406 storagePolicyName:
17407 description: Storage Policy Based Management (SPBM) profile name.
17408 type: string
17409 volumePath:
17410 description: Path that identifies vSphere volume vmdk
17411 type: string
17412 required:
17413 - volumePath
17414 type: object
17415 required:
17416 - name
17417 type: object
17418 type: array
17419 required: null
17420 type: object
17421 type: object
17422 type: object
17423 status:
17424 description: TorStatus defines the observed state of Tor.
17425 properties:
17426 config:
17427 description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run'
17428 type: string
17429 type: object
17430 type: object
17431 served: true
17432 storage: true
17433 subresources:
17434 status: {}
17435---
17436apiVersion: v1
17437kind: ServiceAccount
17438metadata:
17439 name: tor-controller-controller-manager
17440 namespace: tor-controller-system
17441---
17442apiVersion: rbac.authorization.k8s.io/v1
17443kind: Role
17444metadata:
17445 name: tor-controller-leader-election-role
17446 namespace: tor-controller-system
17447rules:
17448- apiGroups:
17449 - ""
17450 resources:
17451 - configmaps
17452 verbs:
17453 - get
17454 - list
17455 - watch
17456 - create
17457 - update
17458 - patch
17459 - delete
17460- apiGroups:
17461 - coordination.k8s.io
17462 resources:
17463 - leases
17464 verbs:
17465 - get
17466 - list
17467 - watch
17468 - create
17469 - update
17470 - patch
17471 - delete
17472- apiGroups:
17473 - ""
17474 resources:
17475 - events
17476 verbs:
17477 - create
17478 - patch
17479---
17480apiVersion: rbac.authorization.k8s.io/v1
17481kind: ClusterRole
17482metadata:
17483 creationTimestamp: null
17484 name: tor-controller-manager-role
17485rules:
17486- apiGroups:
17487 - ""
17488 resources:
17489 - configmaps
17490 verbs:
17491 - create
17492 - delete
17493 - get
17494 - list
17495 - patch
17496 - update
17497 - watch
17498- apiGroups:
17499 - ""
17500 resources:
17501 - events
17502 verbs:
17503 - create
17504 - patch
17505 - update
17506- apiGroups:
17507 - ""
17508 resources:
17509 - secrets
17510 verbs:
17511 - create
17512 - delete
17513 - get
17514 - list
17515 - patch
17516 - update
17517 - watch
17518- apiGroups:
17519 - ""
17520 resources:
17521 - serviceaccounts
17522 verbs:
17523 - create
17524 - delete
17525 - get
17526 - list
17527 - patch
17528 - update
17529 - watch
17530- apiGroups:
17531 - ""
17532 resources:
17533 - services
17534 verbs:
17535 - create
17536 - delete
17537 - get
17538 - list
17539 - patch
17540 - update
17541 - watch
17542- apiGroups:
17543 - apiextensions.k8s.io
17544 resources:
17545 - customresourcedefinitions
17546 verbs:
17547 - get
17548 - list
17549 - watch
17550- apiGroups:
17551 - apps
17552 resources:
17553 - deployments
17554 verbs:
17555 - create
17556 - delete
17557 - get
17558 - list
17559 - patch
17560 - update
17561 - watch
17562- apiGroups:
17563 - monitoring.coreos.com
17564 resources:
17565 - servicemonitors
17566 verbs:
17567 - create
17568 - delete
17569 - get
17570 - list
17571 - patch
17572 - update
17573 - watch
17574- apiGroups:
17575 - rbac.authorization.k8s.io
17576 resources:
17577 - rolebindings
17578 verbs:
17579 - create
17580 - delete
17581 - get
17582 - list
17583 - patch
17584 - update
17585 - watch
17586- apiGroups:
17587 - rbac.authorization.k8s.io
17588 resources:
17589 - roles
17590 verbs:
17591 - create
17592 - delete
17593 - get
17594 - list
17595 - patch
17596 - update
17597 - watch
17598- apiGroups:
17599 - tor.k8s.torproject.org
17600 resources:
17601 - onionbalancedservices
17602 verbs:
17603 - create
17604 - delete
17605 - get
17606 - list
17607 - patch
17608 - update
17609 - watch
17610- apiGroups:
17611 - tor.k8s.torproject.org
17612 resources:
17613 - onionbalancedservices/finalizers
17614 verbs:
17615 - update
17616- apiGroups:
17617 - tor.k8s.torproject.org
17618 resources:
17619 - onionbalancedservices/status
17620 verbs:
17621 - get
17622 - patch
17623 - update
17624- apiGroups:
17625 - tor.k8s.torproject.org
17626 resources:
17627 - onionservices
17628 verbs:
17629 - create
17630 - delete
17631 - get
17632 - list
17633 - patch
17634 - update
17635 - watch
17636- apiGroups:
17637 - tor.k8s.torproject.org
17638 resources:
17639 - onionservices/finalizers
17640 verbs:
17641 - update
17642- apiGroups:
17643 - tor.k8s.torproject.org
17644 resources:
17645 - onionservices/status
17646 verbs:
17647 - get
17648 - patch
17649 - update
17650- apiGroups:
17651 - tor.k8s.torproject.org
17652 resources:
17653 - tors
17654 verbs:
17655 - create
17656 - delete
17657 - get
17658 - list
17659 - patch
17660 - update
17661 - watch
17662- apiGroups:
17663 - tor.k8s.torproject.org
17664 resources:
17665 - tors/finalizers
17666 verbs:
17667 - update
17668- apiGroups:
17669 - tor.k8s.torproject.org
17670 resources:
17671 - tors/status
17672 verbs:
17673 - get
17674 - patch
17675 - update
17676---
17677apiVersion: rbac.authorization.k8s.io/v1
17678kind: ClusterRole
17679metadata:
17680 name: tor-controller-metrics-reader
17681rules:
17682- nonResourceURLs:
17683 - /metrics
17684 verbs:
17685 - get
17686---
17687apiVersion: rbac.authorization.k8s.io/v1
17688kind: ClusterRole
17689metadata:
17690 name: tor-controller-proxy-role
17691rules:
17692- apiGroups:
17693 - authentication.k8s.io
17694 resources:
17695 - tokenreviews
17696 verbs:
17697 - create
17698- apiGroups:
17699 - authorization.k8s.io
17700 resources:
17701 - subjectaccessreviews
17702 verbs:
17703 - create
17704---
17705apiVersion: rbac.authorization.k8s.io/v1
17706kind: RoleBinding
17707metadata:
17708 name: tor-controller-leader-election-rolebinding
17709 namespace: tor-controller-system
17710roleRef:
17711 apiGroup: rbac.authorization.k8s.io
17712 kind: Role
17713 name: tor-controller-leader-election-role
17714subjects:
17715- kind: ServiceAccount
17716 name: tor-controller-controller-manager
17717 namespace: tor-controller-system
17718---
17719apiVersion: rbac.authorization.k8s.io/v1
17720kind: ClusterRoleBinding
17721metadata:
17722 name: tor-controller-manager-rolebinding
17723roleRef:
17724 apiGroup: rbac.authorization.k8s.io
17725 kind: ClusterRole
17726 name: tor-controller-manager-role
17727subjects:
17728- kind: ServiceAccount
17729 name: tor-controller-controller-manager
17730 namespace: tor-controller-system
17731---
17732apiVersion: rbac.authorization.k8s.io/v1
17733kind: ClusterRoleBinding
17734metadata:
17735 name: tor-controller-proxy-rolebinding
17736roleRef:
17737 apiGroup: rbac.authorization.k8s.io
17738 kind: ClusterRole
17739 name: tor-controller-proxy-role
17740subjects:
17741- kind: ServiceAccount
17742 name: tor-controller-controller-manager
17743 namespace: tor-controller-system
17744---
17745apiVersion: v1
17746data:
17747 controller_manager_config.yaml: |
17748 apiVersion: config.k8s.torproject.org/v2
17749 kind: ProjectConfig
17750 meta:
17751 name: tor-controller-config
17752 health:
17753 healthProbeBindAddress: :8081
17754 metrics:
17755 bindAddress: 127.0.0.1:8080
17756 webhook:
17757 port: 9443
17758 leaderElection:
17759 leaderElect: true
17760 resourceName: 59806307.k8s.torproject.org
17761 torDaemon:
17762 image: quay.io/bugfest/tor-daemon:latest
17763 torDaemonManager:
17764 image: quay.io/bugfest/tor-daemon-manager:latest
17765 torOnionbalanceManager:
17766 image: quay.io/bugfest/tor-onionbalance-manager:latest
17767kind: ConfigMap
17768metadata:
17769 name: tor-controller-manager-config
17770 namespace: tor-controller-system
17771---
17772apiVersion: v1
17773kind: Service
17774metadata:
17775 labels:
17776 control-plane: controller-manager
17777 name: tor-controller-controller-manager-metrics-service
17778 namespace: tor-controller-system
17779spec:
17780 ports:
17781 - name: https
17782 port: 8443
17783 protocol: TCP
17784 targetPort: https
17785 selector:
17786 control-plane: controller-manager
17787---
17788apiVersion: apps/v1
17789kind: Deployment
17790metadata:
17791 labels:
17792 control-plane: controller-manager
17793 name: tor-controller-controller-manager
17794 namespace: tor-controller-system
17795spec:
17796 replicas: 1
17797 selector:
17798 matchLabels:
17799 control-plane: controller-manager
17800 template:
17801 metadata:
17802 annotations:
17803 kubectl.kubernetes.io/default-container: manager
17804 labels:
17805 control-plane: controller-manager
17806 spec:
17807 containers:
17808 - args:
17809 - --config=/controller_manager_config.yaml
17810 command:
17811 - /app/manager
17812 image: quay.io/bugfest/tor-controller:latest
17813 imagePullPolicy: Always
17814 livenessProbe:
17815 httpGet:
17816 path: /healthz
17817 port: 8081
17818 initialDelaySeconds: 15
17819 periodSeconds: 20
17820 name: manager
17821 readinessProbe:
17822 httpGet:
17823 path: /readyz
17824 port: 8081
17825 initialDelaySeconds: 5
17826 periodSeconds: 10
17827 resources:
17828 limits:
17829 cpu: 500m
17830 memory: 128Mi
17831 requests:
17832 cpu: 10m
17833 memory: 64Mi
17834 securityContext:
17835 allowPrivilegeEscalation: false
17836 volumeMounts:
17837 - mountPath: /controller_manager_config.yaml
17838 name: manager-config
17839 subPath: controller_manager_config.yaml
17840 - args:
17841 - --secure-listen-address=0.0.0.0:8443
17842 - --upstream=http://127.0.0.1:8080/
17843 - --logtostderr=true
17844 - --v=10
17845 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
17846 name: kube-rbac-proxy
17847 ports:
17848 - containerPort: 8443
17849 name: https
17850 protocol: TCP
17851 securityContext:
17852 runAsNonRoot: true
17853 serviceAccountName: tor-controller-controller-manager
17854 terminationGracePeriodSeconds: 10
17855 volumes:
17856 - configMap:
17857 name: tor-controller-manager-config
17858 name: manager-config